Embed Size (px)
Citation preview
A Feature-Based Analysis & Comparison of IT Automation
Tools: Comparing Kaseya to Windows
Server 2003
Developed By: Timothy Cruz & Flavio Suguimitzu
Advisor : Dr. S. Masoud SadjadiSchool of Computing and Information Sciences
Florida International University
http://www.cs.fiu.edu/~sadjadi/
(305)348-1835
Agenda
Introduction
Comparison & Discussion
Glossary
Acknowledgements
References
Overview
Microsoft’s Windows Server 2003 (W2K3) is the sole foundation of every business cyber-infrastructure.
W2K3 has become the industry standard server platform that even Kaseya requires it in order to be used effectively.
The power that can be harnessed by a system administrator is without a doubt worth its price per license
Background
Windows Server 2003 was released on April 24, 2003
Developed and Supported by MicrosoftMicrosoft was established on April 4, 1975 Holds 91.58% of the operating system market share
Microsoft developed and maintains multiple websites to educate and certify individualsMSDNTechNetMicrosoft Learning
Grouping Managed Devices
Microsoft’s Windows Server 2003 uses Active Directory to facilitate the management of grouped devices.
Anything that AD tracks is considered an object which can constitute a user, resource, system, or service that is managed by Active Directory.
Therefore containers can also be used to group like objects together, such as a set of printers, or a set of users for a specific domain.
Functional Coverage
• Architecture
• Auditing and asset management
• Remote control
• Agent procedures
• Monitoring
• Patch management
• Backup and disaster recovery
• Endpoint security
• User state management
• Help desk
• Reporting
• System/user/admin management
1.1 Architecture
The Windows Server 2003 solution is based on an agent-less architecture.
Workstations need to be configured manually in order to be interconnected to the Domain Controller.
A VPN would be required in order for a workstation to communicate to a remote Domain Controller.
1.2 Auditing & Asset managementWindows Server 2003 audits through Group Policy
Auditing is accomplished by tracking user profile and actionsAccount Logon Events and ManagementDirectory Services AccessLogon EventsObject AccessPolicy ChangePrivilege UseProcess TrackingSystem Events
1.2 Auditing & Asset managementHardware and Third-Party Software can not be
audited
Kaseya’s Audit module is able to accomplish more when compared to Windows Server 2003
1.3 Remote Control
Windows Server 2003 comes with built-in remote control and remote assistance technology. Requires more configuration than Kaseya’s Remote
Control module.
Kaseya provides a wider variety of tools to interact with the remote workstation.FTP and view processes remotely. remote connection to workstations that do not have
an agent installed by means of reverse connection. resetting user login passwords and being able to
chat with the Users and interact with them
1.4 Automation
Windows Server 2003 can be completely automated through the use of scripts: Visual Basic Script (.vbs extension) Windows PowerShell
In Kaseya, they use a module called Agent Procedures
Discuss the strength, level of sophistication, and ease of use for the supported automation in this solution.
Use the Kaseya Agent Procedure module as a reference.
1.4 Automation
PowerShell is the most sophisticated out of all three because it is built on the .NET framework. Script with .NET API Incorporate Unix/Linux based shells commands such
as the pipeline “ | “
Kaseya’s Agent Procedures on the other hand, does allow basic commands such as the “If-Then-Else” and the use of variables and 64-bit commands.
1.4 Automation
Agent Procedures can interact with the .NET framework for scripting if it calls on pre-written scripts, however neither PowerShell or VBS can call on Agent Proecdures therefore limiting the automation only to its own language.
1.5 Monitoring
Event Viewer is Windows Server 2003 monitoring solution.
Event Viewer can only monitor faults or warnings.
Five base categories:SystemSecurityApplicationSetupForwarded Events
1.5 Monitoring
Can setup custom logs
Unable to create alarms
1.6 Patch Management
Patch Management is done through Windows Server Update Service (WSUS)
WSUS acts like the central server.Updates can be saved on the WSUS server then
distributed across the network to save bandwidth.
Can only be incorporated on Windows-based machines
Very detailed patch management reporting service
WSUS contains very similar features to Kaseya’s Patch Management
1.7 Backup & Disaster Recovery
In Windows Server 2003, the Backup Utility (BU) software is only limited to the local machine.
Not automated like Kaseya’s BUDR module.Kaseya’s BUDR can initiate backup of workstations
and have these images saved on the Kaseya server. the ability to conduct universal restores.
This feature allows any system administrator to restore systems with “dissimilar hardware or even virtual machines, eliminating the procurement and interoperability factors when trying to get the business back up and running quickly.”
1.7 Backup & Disaster Recovery
While Windows Server 2003 BU does not have this aspect embedded in the utility, Windows Server 2003 along with Scheduled Tasks, another utility built in Windows Server, can be used to schedule such tasks.
Windows Server 2003 does not come with any utility that will replicate BUDR’s universal restore, unless third-party software is implemented such as Acronis Backup & Recovery 10 Advanced Server Virtual Edition.
1.8 Endpoint Security
Windows Server 2003 has no integrated Antivirus like KESA separate third party suite would be required.
Windows Server 2003, Active Directory can setup users with a “limited users” account. “the limited account is intended for someone who
should be prohibited from changing most computer settings and deleting important files. They generally cannot install software.” (Microsoft)
1.8 Endpoint Security
While the disadvantages for limited accounts equate to nuisances on part of both administrator and the end-user trying to install a legitimate program.
It is the best defense any computer has to avoid executing malware.
1.9 User State Management
Well developed within Windows Server 2003.
No centralized program for User State Management
Done through multiple programs and consoles:Group PolicyPrint ManagementMap Network Drive Wizard
Roaming User Policies is a strong tool used for Desktop Migration
Can not manage power management policies.
1.10 Help Desk
Kaseya’s Help Desk is a module that allows service representatives to help agent-installed workstations. This includes tracking and managing incidents, problems, and service requests. As well as an integrated ticketing system and a searchable integrated Knowledge Base and Known Error database
Windows Server 2003 is more of an Operating System and not an IT Automation solution.
1.11 Reporting
No native reporting system
No way to obtain report-like information from one centralized program.
Event Viewer can do a small amount of reporting.
Kaseya’s Info Center trumps Windows Server 2003 on reporting.
1.12 System/User/Admin Management
System/User/Admin Management is a strong point within Windows Server 2003.
Active Directory is a popular and powerful tool that allows administrators to manage Systems, Users, and Administrators.
Can put user accounts into groups for easier implementation of security policies.
Somewhat difficult to implement, easier to maintain
Kaseya’s System/User/Admin management is easier to deploy and maintain, but not as powerful.
1.13 Usability
Windows 2003’s utilities and programs are not web based. Alternative to be able to access the server would be
via a remote connection.
In order to configure it correctly, the system administrator would need to be knowledgeable on many topics. Active Directory VBS or PowerShell And many more…
1.13 Usability
These different utilities and programs only focus on accomplishing specific tasks, and they are integrated into a single domain.
Unlike Kaseya’s web-based portal that allows a single administrator to control multiple locations from a single website.
If a system administrator were to control multiple locations, they would need to remotely log into each domain controller.
No synergy!
1.14 Reliability
Reliable but not the best solution out there.
Second worst in downtime(8.90 hours) when compared to other popular server OS solutions.Downtime was contributed to security issues
Windows still retains the majority of the market share.
Generally speaking, IT administrators are looking at other IT automation solutions.
1.15 Performance
Very Good Performance
Performance is dependent on the Windows Server 2003 edition and the environmentEach edition is tailored for the general environment
needs
Performance is vastly dependent on the hardware.Windows Server 2003 allocates a specified portion of
the RAM and CPU for it’s own use.
1.16 Supportability
Since Windows Server 2003 is not an IT Automation solution and there is no help desk software integrated in Windows 2003, there is no supportability at all.
The system administrator can see what caused the error by viewing Event Logs
Unless third party software is used to integrate a support desk, using Windows 2003 alone can not fulfill this task.
Agenda
Introduction
Comparison & Discussion
Glossary
Acknowledgements
References
2. Comparison and Discussion
Overall Kaseya’s versatility surpasses that of Windows Server 2003 when it comes to automation.
Both work together flawlessly together.
Windows Server 2003 however does not need Kaseya in order to operate as a stand-alone solution.
Kaseya was designed as an IT Automation solution; whereas Windows Server 2003 was engineered as a server operating system. Kaseya’s user-friendly GUI and seamless integration of their multiple modules ranks them high as an IT Automation solution.
2.1 Evaluating and Discussing
1ArchitectureRating: 3
Required more configuration than Kaseya per workstation and the web-less interface makes it difficult to administrate over remote locations.
2Audit & Asset MgtRating: 3
Able to audit user profiles and trends; however, lacks the ability to audit hardware and third-party software.
3Remote ControlRating: 3
Connecting to remote locations requires NAT routing to be implemented.
4AutomationRating: 4
VBS and PowerShell scripting is sophisticated; however, unless used with another utility, it’s only limited to the local machine.
5MonitoringRating: 2
Inability to monitor multiple computers from the server without the use of third-party tools.
6Patch MgtRating: 4
Very strong patch management utilities within WSUS and the ability to allocate updates to a test group.
7Backup & Disaster RecoveryRating: 3
Simple interface and straightforward backup capabilities, but no simple interface to configure all workstation’s backups from a single interface.
8Endpoint SecurityRating: 3
Limited Users template is the best line of defense, but needs to rely on third party antivirus software.
9User State MgtRating: 3
Group Policy is a powerful tool that allows administrators to create roaming profiles and security policies on each user account.
10HelpdeskRating: 1
Because there is no help desk utility unless a third party program is implemented
11ReportingRating: 1
Universal reporting is almost nonexistent and hard to obtain reports over multiple consoles and applications.
12SystemRating: 4
Active Directory very strong and versatile tool to manage users and system policies.
13UsabilityRating: 2
Strong learning curve and time consuming configuration required for an infrastructure to run correctly.
14ReliabilityRating: 3
Decently reliable; however, average downtime makes it somewhat unattractive.
15PerformanceRating: 4
Strong performance, depending on the edition and hardware.
16SupportabilityRating: 1
No help desk.
2.2 Rating Results Explanation/Discussion
Kaseya Your Assigned Solution1 Architecture 5 32 Audit & Asset Mgt 4 33 Remote Control 5 34 Automation 4 45 Monitoring 3 26 Patch Mgt 5 47 Backup & Disaster Recovery 5 38 Endpoint Security 5 39 User State Mgt 4 3
10 HelpDesk 4 111 Reporting 5 112 System 5 413 Usability 5 214 Reliability 3 315 Performance 3 416 Supportability 5 1
Total 70 44
3. Glossary
Active Directory (AD) - Active directory is a network service that acts as a directory structure. It is used on Microsoft Windows based servers to store information and data about networks, domains and users.
Backup Utility (BU) - Backup Utility is Microsoft's solution for backup and recovery. It is strictly limited to the local machine and is unable to backup or recover computers remotely.
Event Viewer (EV) - Event Viewer is Microsoft's solution in letting administrators and users view the event logs of local or remote machines.
Group Policy (GP) - Group Policy is a set of rules that allows the administrator to restrict, or give, certain amount of control to users and computers on a network.
Map Network Drive Wizard - Map Network Drive Wizard is a utility that allows users to connect and configure hard drive access through the network.
3. Glossary
Microsoft Developer Network (MSDN) - The Microsoft Developer Network is Microsoft's service that allows it to inform, train, and supply tools to developers on all Microsoft products.
PowerShell - PowerShell is an extensible command-line scripting language.
Print Management - Print Management is Microsoft's solution to manage and deploy network printers.
Remote Desktop Connection (RDP) - Remote Desktop Connection is a Windows based tool that allows users to connect to applications and date on a remote computer.
TechNet - TechNet is Microsoft's program and resource used to provide technical information, news, and events to IT professionals.
Virtual Private Network (VPN) - Virtual Private Networks are computer networks that remotely connects to another underlying computer network as if it was physically connected to it.
3. Glossary
Virtual System Administrator (VSA) - Kaseya's Virtual System Administrator is their remote web-based environment that helps users to administrate, diagnose, repair, monitor, and update computers that are linked to Kaseya's agent technology.
Visual Basic Scripting (VBS) - Visual Basic Scripting is a Windows based scripting language. It originated as a limited variation of Microsoft's Visual Basic programming language.
Windows Server Update Service (WSUS) - Windows Server Update Service allows administrators to maintain and deploy Microsoft hot fixes and updates, released through Automatic Update, to computers in a corporate environment.
4. Acknowledgements
Special thanks to Student MSDN and Kaseya for their support in providing software for this research and demo purposes.
5. References Bilic, Nino. "System Event Viewer Tips." Microsoft TechNet: Resources for IT Professionals. Web. 26 Apr. 2010.
<http://technet.microsoft.com/en-us/library/aa996105%28EXCHG.65%29.aspx>.
Bilic, Nino. "System Event Viewer Tips." Microsoft TechNet: Resources for IT Professionals. Web. 26 Apr. 2010. <http://technet.microsoft.com/en-us/library/aa996105%28EXCHG.65%29.aspx>.
"Chapter 1: Windows 2003 Basics." Web. <http://media.wiley.com/product_data/excerpt/51/07645492/0764549251.pdf>.
Edwards, Mark J. "Windows Server: The New King of Downtime." Windows IT Pro - The Leading Independent Community for IT Pros. Web. 26 Apr. 2010. <http://www.windowsitpro.com/article/interoperability/windows-server-the-new-king-of-downtime.aspx>.
Gafvert, Kristofer. "Backup Windows Server 2003." FAQ and Articles for Windows Server 2003, C#, SQL Server. Web. 26 Apr. 2010. <http://www.ilopia.com/Articles/WindowsServer2003/Backup.aspx>.
Huggins, Diana. "SolutionBase: Creating a Windows Server 2003 Audit Policy." TechRepublic Articles. Web. 26 Apr. 2010. <http://articles.techrepublic.com.com/5100-22_11-6028421.html>.
Microsoft. "Introduction to Group Policy in Windows Server 2003." Web. Apr. 2003. <http://download.microsoft.com/download/0/0/4/0044470e-5f3a-4569-9255-91f932e4da3b/gpintro.doc>.
Microsoft. "MSFT Annual Report 2009." Microsoft Corporation. Web. 26 Apr. 2010. <http://www.microsoft.com/msft/reports/ar09/10k_fh_fin.html>.
5. References Microsoft. "Types of User Accounts." Microsoft Corporation. Web. 26 Apr. 2010.
<http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ua_c_account_types.mspx?mfr=true>.
Microsoft. "Windows Products and Technologies History: Windows Server Timeline." Microsoft Corporation. Web. 26 Apr. 2010. <http://www.microsoft.com/windows/WinHistorySrvrGraphic.mspx>.
Microsoft. "Windows Server Update Services Home." Microsoft TechNet: Resources for IT Professionals. Web. 26 Apr. 2010. <http://technet.microsoft.com/en-us/wsus/default.aspx>.
NetMarketShare. "Operating System Market Share." Market Share for Browsers, Operating Systems and Search Engines. Web. 26 Apr. 2010. <http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=8>.
