Skip navigation
All Places > News at Snow > Blog
1 2 3 Previous Next

News at Snow

64 posts
su.kent

Snow Beta Testing

Posted by su.kent Employee Jun 12, 2018

We are pleased to announce a new beta testing space on Snow Globe. Here, all customer members will be able to see new product features ahead of launch. You are invited to provide ideas and feedback to shape and improve our future solutions.

 

Each beta test will have an exclusive collaboration space where you can comment and share your ideas with our Snow experts and development team, as well as see how your peers are contributing to Snow’s future product plans.

 

Bookmark this page and sign up to see which product features are currently being tested now.

 

Insight and analytics into more than 1,000 SaaS applications now possible

 

Stockholm, April 23, 2018Snow Software, the global leader in Software Asset Management (SAM) and Cloud Spend Management solutions, today announced the launch of Snow for Cloud and enhancements in Snow’s Oracle Management Option and Snow for ITSM.

 

Snow for Cloud

 

Snow for Cloud provides IT leaders with the next evolution of transparent, actionable views  of their Software as a Service (SaaS) environment so they can easily assess and manage cloud usage and spend. It provides them insight to discover, make an inventory of and track consumption of more than 1,000 SaaS applications.

 

This deep analytical insight enables IT leaders to quickly and accurately identify overspend from duplicate, unused or underutilized SaaS subscriptions. Snow for Cloud also automates manual access requests and provisioning processes that are often costly and inefficient.

 

"Many organizations have gone beyond cloud-first and are now cloud only. Cloud computing has become the new normal." said Peter Björkman, CTO at Snow Software. "Business units can now deploy SaaS solutions without the involvement of IT. This leaves IT without visibility or control of their SaaS environment and uncertainty as to what is being used, where and by whom. This is creating a Disruption Gap, a gulf between what IT understands about technology usage and what is actually occurring.”

 

Björkman adds, “Snow empowers IT leaders to identify wasted cloud spend, optimize SaaS applications and accurately manage cloud costs. This insight enables them to become enablers of business goals and the go-to for digital transformation initiatives, essential if they are to succeed in the digital era.”

 

Snow Oracle Management Option and Snow for IT Service Management (ITSM)

 

Snow also announces enhancements to Snow’s Oracle Management Option and Snow for ITSM. Oracle Management Option provides CIOs and IT leaders with a complete overview of Oracle databases deployed in their environments. With visibility into data risk, IT leaders have a greater understanding of what platform Oracle is deployed into, whether physical or virtualized, or in a SaaS or IaaS environment.

Snow for ITSM supports a number of ITSM platforms with up-to-date asset information, software and users, improving CMDB data accuracy. Snow’s automatic identification and normalization of software and consolidation from multiple data sources will improve the efficiency of Help Desk operations.

 

Peter Björkman concluded, “The Software Asset Management market is evolving, which we feel is indicated by Gartner's inaugural 2018 Magic Quadrant for Software Asset Management Tools[1] where Snow Software was positioned in the leaders quadrant. From our perspective, by addressing the complexities of cloud asset management, with support across more applications than anyone else, Snow Software continues to demonstrate why it is leading the SAM industry today.”

 

For more information on Snow for Cloud, visit: https://www.snowsoftware.com/int/products/snow-cloud-discovery

 

[1] Gartner. Magic Quadrant for Software Asset Management Tools. Authors: Roger Williams | April Adams | Matt Corsi, 16 April 2018.

 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

 

When it comes to SaaS offerings like Microsoft Office 365, the focus for SAM managers is no longer the legal aspect of software compliance; because, assuming users don’t loan out their credentials, consumption is compliant out-of-the-box. So what function does the compliance calculation in Snow License Manager serve in a SaaS world? The answer is internal auditing and tracking. Organizations still need to prove that consumption of an application within their estate is covered by a subscription. In this post, I aim to explain how the concepts of coverage and compliance are calculated for SaaS applications.

 

Since Microsoft Office 365 functionality was introduced in Snow License Manager, a lack of automated intelligence in the system resulted in bizarre coverage and compliance figures for applications included in a subscription. In Snow License Manager 8.3, we have added new functionality that automatically correlates applications installed or used on a machine with its Office 365 subscription, enabling coverage and compliance to be calculated correctly – providing SAM managers with a way to easily filter out users who are properly covered and focus on the edge cases instead.

 

Figure 1 shows an enterprise’s consumption of Microsoft Office 365 ProPlus, which is offered as a standalone subscription with OneDrive, and as part of an E1 or E3 subscription.

 

The numbers in Figure 1 indicate that 167 users in the organization are consuming Microsoft Office 365 ProPlus. As this is a subscription-based application, no licenses have been purchased, and so the number of licenses shows as zero. With a requirement of one subscription per named user, the license requirement is 167. The coverage figure shows that the organization has purchased 135 subscriptions that include ProPlus – such as the ProPlus subscription, and E1 and E3 subscriptions. Compliance shows at -32, indicating that 32 users are either not linked or are consuming ProPlus using another organization’s credentials – a scenario which may arise when sub-contractors and consultants are connected to the enterprise network.

 

Figure 1: Compliance calculation and purchases for Office 365 ProPlus using subscription coverage

 

So, what’s the point? Well, in the previous version of Snow License Manager – coverage figures were zero and compliance would show as -167, because the intelligence wasn’t in place. In this version, we have added the intelligence that enables SLM to determine if the installed version of ProPlus on a computer is covered by just by the primary user’s subscription. So, how does SLM calculate the figures for coverage and compliance?

 

Calculating coverage

For each installation of ProPlus, SLM first determines the named user, which can be the primary user (and/or all users) of the computer where the application is installed. It then correlates the user with the information retrieved from the Microsoft Office Portal. If the user has been assigned with a subscription that includes ProPlus, coverage is incremented. Note that users with more than one subscription covering ProPlus will only count as one in the coverage calculation, and users need to be linked to enable the correlation. For more information about linking users, see my previous post: what is user linking for Office-365 and how to manually link users in SLM.

 

Calculating compliance

When coverage has been calculated, compliance is calculated as the license requirement minus coverage.

This new functionality provides the correct information regarding the coverage and compliance of Office 365 applications, enabling SAM managers to track how applications are being covered for internal governance and auditing of software. The concept of coverage is applicable to all Office 365 subscriptions and applications, including browser-based cloud applications like Office Online and its components – PowerBI and Dynamics 365.

Evaluation in Inaugural Magic Quadrant for Software Asset Management Tools is Based on Completeness of Vision and Ability to Execute


Stockholm, SWEDEN – April 17, 2018
 – Snow Software (Snow), the global leader in Software Asset Management (SAM) and Cloud Spend Management solutions, today announced it has been positioned by Gartner, Inc. in the Leaders quadrant of the Magic Quadrant for Software Asset Management Tools[1].

 

After Gartner conducted a company and product evaluation of Snow’s SAM solution, Snow Software was named a Leader in the Magic Quadrant, positioned furthest to the right for completeness in vision and highest for ability to execute.  

 

“To us, Snow’s leadership position affirms our strategy of creating innovative solutions and being relentlessly customer-focused,” said Axel Kling, CEO of Snow Software. “We continue to innovate at an aggressive pace and will shortly announce new versions of products that will further address the future needs of SAM buyers.”

 

“As the industry moves from traditional IT-driven technology purchases to business-driven ones we are continually interpreting organizations' SAM needs to maintain our market leading position,” said Peter Björkman, CTO of Snow Software. “We believe this accolade from Gartner continues to recognize Snow for our leadership and excellence. In our view, with early recognition of the market demand for cloud support, Snow is ensuring our customers can achieve their cloud and digital transformation initiatives.”

 

Many of the world’s most recognized brands rely on Snow to manage and optimize their technology spend and consumption, including Atos, Arla, Bank of Ireland, Bridgestone, Canon, Komatsu, Saab, Scandic and Thrifty.

 

As of April 16, 2018, on Gartner Peer Insights, Snow Software has an overall rating of 4.4 out of 5 in the Software Asset Management Tools market based on 98 ratings.

 

[1] Gartner, “Magic Quadrant for Software Asset Management Tools” by Roger Williams, April Adams, Matt Corsi, April 16, 2018.

 

 Gartner Disclaimers 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

Gartner Peer Insights reviews constitute the subjective opinions of individual end-users based on their own experiences, and do not represent the views of Gartner or its affiliates.

SAM managers, especially in large organizations, need to co-ordinate with other functions, such as the IT services desk to make changes to the IT environment. In smaller companies the IT and SAM manager is often one and the same. Whatever scenario applies, getting things done requires handovers and interactions with different systems and portals, which can be time-consuming and of course costly to the business. Add in the constant threat of security breaches and evolving regulations like GDPR, making changes to the IT environment is not always a straightforward process.  

 

The Snow License Manager (SLM) team have been looking at how we can ease this pain point, by enabling the SAM manager to carry out some basic ‘IT tasks’ directly from the SLM interface. Naturally, it’s not that simple, we’re not talking about plugging SLM into the heart of your IT system. We’ve been looking at a long-term approach, how to connect portals and systems and enable secure service-chaining through workflow orchestration and automation.  

 

So, to start with, the team decided to address the two most common admin activities related to Microsoft Office 365: adding users to and removing them from a subscription plan. 

Before I get into the details of how we have implemented this functionality. I first want to address the security issue.  

Rather than plugging SLM directly into the IT environment we have chosen to use Snow Automation Platform, which already includes the functionality to add and remove users, but more importantly, has been constructed to uphold IT security policies. 

 

If you are already using Snow Automation Platform, you’ll be familiar with the concept of Automation Books – a prepackaged PowerShell script that carries out a specific IT function. The Automation Book – Office 365 Automation – has been created to add/remove users to an Office 365 subscription plan. By allowing Snow Automation Platform to carry out these functions, risk is lowered as SAM managers don’t need to be provided with access to the Office 365 portal. And the entry barrier is lowered by removing the need for the SAM manager to understand yet another system. 

 

So, once Snow Automation Platform is configured, a more-options icon will be visible on the context menu of a subscription plan – shown in Figure 1.  

Figure 1: Context menu subscription plan – Add/Remove users option. 

 

I’m not going to walk through the low-level steps of the process in this post, there’s a good description in section 11.1.3.1 – Add subscription plan – on page 96 of the User Guide: SLM Web User Interface - Update revision 8.3.  What I believe is more interesting is how we’ve put this functionality together and how you can use it to optimize your estate. 

 

Use case

Say, for example, you have a bunch of users on E3 subscriptions who are not using the installed version of the ProPlus applications (Word, Excel, PowerPoint, etc.), and you want to move them to them to the cheaper E1 subscription. Use the new functionality in Snow License Manager to create requests to add these users to an E1 subscription, and at the same time, add requests to remove the users from their E3 subscriptions. Push the Request button and the system takes care of the rest. 

So how does it work?

Figure 2: Data flow 

 

Once you have made add/remove requests in SLM, these requests are stored in a local queue. The workflow engine of Snow Automation Platform polls the API endpoint of Snow License Manager every 30 minutes (configurable).  

On each API call, Snow Automation Platform retrieves new items from the add/remove requests queue and updates the status of requests it has already processed to completed. Snow Automation Platform handles all new requests by sending the appropriate add/remove instructions to the Microsoft Office portal, which in turn updates user subscriptions accordingly.   

 

The next time the Microsoft Office 365 SIM connector reports in, Snow License Manager confirms that completed requests have been carried out before removing them from the queue. 

Should anything go wrong when Snow Automation Platform tries to take the action requested, the error message will be shown in SLM. 

 

Communication is triggered from Automation Platform to Snow License Manager to support customers who are being hosted on a partner platform, where Snow Automation Platform is on-premise and Snow License Manager is hosted. 

I know some customers have been waiting for Snow License Manager to start moving in this direction. Our beta tests indicate that this is a highly useful feature in certain scenarios, and so I’d really like to get feedback from you, if you think you will use it, and are we thinking along the right lines?

Please leave a comment. 

Snow Support is Changing - with the new Support Portal you are able to receive support specifically tailored to your needs whenever you want it.

 

From the portal, you can raise new support cases, review cases from across your organization and access the Knowledge Base where you can find support articles, product documentation and helpful videos.

 

Behind the portal are new ways of working to make customer service and support more efficient and deliver quicker results. Jonas Dahlberg, Head of Customer Support, Technical Excellence, says: “We’ve made changes based on customer feedback and our own observations to build a better user experience.”

Snow Support Portal home page

Highlights

  • Easy Access to Knowledge
    The Knowledge Base is filled with articles that our support team has established through the Knowledge-Centered Services (KCS) methodology. Tom Boyle (Tom.Boyle2), Global Support Knowledge Manager: “The Knowledge Base will grow as we write articles that directly tackle the cases received in Support so that our customers get the answers they need as quickly as possible. And it’s the result of incredible teamwork: when you’re looking at an article you aren’t just getting the insight of one individual. Each article has been worked on and added to by Snow’s top technical experts with the information written in digestible bites.”
  • Simplicity in logging/closing tickets
    New tickets will simply start as an unassigned case. Jonas says: “Our customers just want support. It doesn’t make sense to have different ticket types or classifications.”
    When Support offers a solution to a case support requesters will see a status “resolution proposed” rather than “pending resolved”, and the support requester will be the one to select “Accept Solution” or “Reopen ticket” from the portal.
  • Improved search
    The search filter now allows for faster and more relevant searches.
  • Preventive analytics
    Support is capturing the root cause and complexity rating when closing a case, giving us more data on the issues you face leading to further preventive initiatives.

 

Keep an eye out on the portal for communication about upcoming functionality and take advantage of the Knowledge Base as it continues to evolve and grow.

 

If you face any issues or have further requests for the portal, please raise a case with Support.

 

Please watch the video below for a quick navigational guide that will highlight some key features of the portal.

Snow Globe is an open community for SAM professionals from across the globe, designed to build new relationships and stimulate conversation amongst the professional community. 

 

Occasionally we need your help to make sure we all continue to enjoy connecting with new people and asking questions of each other. That’s why we ask for your feedback, especially if you see something that doesn’t appear quite right on Snow Globe such as a profile, author or content that makes you question the authenticity. 

 

If you come across a post or answers to questions which are not SAM related or a profile that doesn’t fit with the expectations of a member of a SAM community then we’d like to know. 

 

Our Snow Globe Community team recommend using the “report abuse” function which can be found in the dropdown menu from the “actions” button, so if you see a post which breaks the rules e.g. promoting software or services or not talking about SAM, the community Manager will be alerted automatically.

 

This is the code of conduct which helps define what constitutes ‘abuse’. For example, promotional advertising is abuse of the rules of the community https://community.snowsoftware.com/docs/DOC-1112-snow-globe-code-of-conduct

 

Although this may seem to be a reactive method of monitoring content it ensures we take a community led approach and is therefore encouraged as a positive action for our community. 

 

Will Micro Focus play to its strengths and increase audit activity to get revenues back on track? Read more

Why are we metering windows application usage? The primary focus is to measure the usage of desktop applications. If a user is using Microsoft Office 2016 Excel and then locks the computer, we know that the application will not be used until the computer is unlocked again. Since we are not interested in the time that we know Microsoft Office 2016 Excel is not used, we disregard that time. The main drawback with this approach is that we will not measure scheduled tasks and other background processes, such as anti-virus software, as used during the time that the computer is locked, although these processes might be executing in the background. 

 

To deliver this information, our agent gathers the necessary raw data. To enable Snow License Manager to calculate a combined duration of use for an application, the agent subscribes to start and stop events in the operating system, collecting the open and close timestamps for running applications. Deeper analysis of the user’s activity within a running process is not collected. So, a user can open Adobe Photoshop, for example, without doing anything within the application – the start and stop timestamps will be gathered by the agent anyway. However, the times that a computer is locked, in sleep mode, or hibernating are not included in the usage calculation.

The Snow License Manager web interface is currently the place where metering information is shown and below are three examples of what it can look like:

(The green boxes have been added to highlight where the metering details are shown)

We are looking at Jimmy Hill’s computer, COMPUTER01583.

By clicking the small arrow next to "Microsoft Office 2016 Excel", we expand this product to see the usage details:

Name, the name of the user that was using the application.

Last used, the date and time of the last known usage of the application, using the date/time settings (time zone, etc.) of the local computer.

Run, a "Snow interpretation" of how many times the application has been run. I will explain further down what we mean by Application usage (the "run count").

Total time (days:hh:mm), the total duration that the application has been run. This time does not include time when the screen is locked, in sleep mode, or hibernated. Multiple instances of the same application are disregarded. For example, if a user has 10 windows of Microsoft Word open for an hour, the total time is 1 hour, not 10 hours.

(The green boxes have been added to highlight where the metering details are shown)

We are looking at the specific application " Microsoft Office 2016 Excel " and the computers that have this application installed, with the following information from metering:

Last usedthe date and time of the last known usage of the application, using the date/time settings (time zone, etc.) of the local computer.

Runa "Snow interpretation" of how many times the application has been run. I will explain further down what I mean by "Snow interpretation".

Per run (hh:mm), the average time per run. For example, the average time per run is 44 min if the total time is 22 hours and the application has been run 30 times.

(The green boxes have been added to highlight where the metering details are shown)

We are looking at the "Application per user" report with report criteria Application like Microsoft Office 2016 Excel, via the Column selector we removed the columns Organisation and Application manufacturer and we added the columns Per day (hh:mm) and Total time (days:hh:mm): 

First usedthe date and time of the First known usage of the application, using the date/time settings (time zone, etc.) of the local computer.

Last usedthe date and time of the last known usage of the application, using the date/time settings (time zone, etc.) of the local computer.

Runhow many times the application has been run. I will explain further down what we mean by Application usage (the "run count").

Per run (hh:mm), the average time per run. For example, the average time per run is 44 min if the total time is 22 hours and the application has been run 30 times.

Per day (hh:mm), the average time per day. 

Total time (days:hh:mm), the total duration that the application has been run. This time does not include time when the screen is locked, in sleep mode, or hibernated. Multiple instances of the same application are disregarded. For example, if a user has 10 windows of Microsoft Word open for an hour, the total time is 1 hour, not 10 hours.

 

Application usage (the "run count") is calculated as follows:

  • The agent will check for events every 5 seconds (default value). Use the wmi.poll_interval setting in the agent configuration file to change the interval; 5 seconds is minimum and 120 seconds is maximum.
  • The agent increases the run count of an application only when it gets notified of a start event. If an application is started before the agent is running, that application will get a run count of "0".
  • When a scan is performed and the inventory result file is created, the run count will be set to "1" if the run counts reported from the agent sum up to "0".
  • When multiple instances of the same application are started, the agent counts all individual run starts during that session. However, the total duration will be counted from when the first instance is started until the last instance is closed.
  • A scheduled scan will contain all metering information that has been gathered since the last scheduled scan. A scheduled scan will clear all temporary metering files stored on disk, and new ones will be created after the scan with a run count of "0".
  • A manual scan will contain all metering information that has been created since the last scheduled scan. During the manual scan, the metering files stored on disk will be deleted, but their content is kept in memory. After the manual scan, the agent will recreate all metering files as they were before the scan.
  • At midnight local time, the agent will finalize the metering files for the currently running processes with an end time of 23.59.59. New metering files will be created with a start time of 00.00.00 on the next day

 

The primary focus of metering is desktop applications.

Metering of usage is performed whenever a Windows process is running. Processes are measured whether the application is open on the desktop or running in the background The following meta data is uniquely gathered per process:

  • File name
  • if the process is local
  • if the process is virtual
  • virtual app package name
  • username
  • date
  • File version info
  • usage data type (web, RDP, or VDI).

 

Criteria for showing application metering.

The criteria for the inventory client/agent to be able to track and display metering is that the application itself is recognized using a main executable file and the executable needs to create a service upon start, so that the client/agent can meter a start- and stop time of that application.

Keep in mind is that the client/agent might sometimes not pick up applications that are automatically started when booting the system if the application, and then also the service, is started BEFORE the inventory client/agent is, then the client/agent will not be able to get the start time of the service, which is criteria for it to be able to display metering data.

Harri Carroll (harri.carroll) and I recently visited the London School of Economics when the SAM team presented to the wider IT department about how they’ve been able to make savings and ensure license compliance with Snow.

 

Floriana Molone – whom we must first congratulate on recently winning a prestigious Women in IT Award for Future CIO of the Year values the end to end visibility she gets with Snow: “Up until we deployed Snow, we couldn’t track how many licenses we actually purchased for a specific area of the business. Now, we can clearly see who's got what and if it's utilized. Now we can look to redeploy licenses that were purchased for software that’s unused rather than buying license after license.

 

She adds, “We go into Snow, see how many are currently being used, and for whatever is not used, we can look to redeploy those licenses rather than buying new ones. We can also look at being smarter with our budgets and assess whether we should have enterprise agreements or buy licenses individually.

 

“If you don't have a solution like Snow, you won't be able to have the end-to-end visibility. You might lose track and keep buying, even when you have licenses available across the School. For us at the LSE we are talking about 24 departments plus research centers plus professional services divisions, so it’s a lot of businesses using licenses, and we have to be smart at spending the money we've been given.”

 

Chris Andrews (ChrisAndrews) and James Harvey (JHarvey) of LSE are at the coalface of managing licenses every day. They were recently approached by a vendor who was concerned about a particular area of compliance which they were able to quickly deflect, as James says: “After we mentioned we had Snow the conversation took a different route. The situation was quickly resolved, by generating a particular report that we shared with the vendor where they could see were in compliance.”

 

Chris adds, “Using Snow, we’ve been able to calculate risk avoidance of £300,000 (US $416,000). Also, we can now look at doing drastic cost-saving exercises because we can see exactly what's being used and what's not being used. We can enforce our policies and our procedures about making sure that people install the right versions of the license that we've bought. Previously we had a lot of different versions, incorrect installs, and incorrect and unauthorized upgrades not to mention the shelfware we had with Microsoft and Adobe, all of which [thanks to Snow] we’ve been able to monitor and make changes to ensure software compliance and optimize our estate making significant savings along the way.”

Snow Software Guest Blogger Abhinav Mittal advises how to quickly identify which vendors you should concentrate your efforts on first when it comes to #SAM. This is an approach which Abhinav has found useful in dealing with the overwhelming number of software applications discovered during a SAM implementation.

 

Read the full blog here.

Alastair Pooley to lead global IT strategic and operational planning

London, UK. February 15, 2018: Snow Software (Snow), the global leader in Software Asset Management (SAM) and Cloud Spend Management solutions today announced the appointment of Alastair Pooley as Chief Information Officer reporting to Ulf Kasshag, Chief Financial Officer.

Pooley will drive the company’s strategic direction and future growth and lead all aspects of the company’s IT development, ensuring that Snow’s information systems deliver efficiency and enable the company through adoption of cutting edge technology.

He will provide the strategy, direction, architecture, standards, guidelines and planning for information systems and technology for Snow Software globally, to ensure efficient and secure operations.

Pooley joins Snow after five years at multinational security company Sophos, where he was Vice President responsible for Global IT infrastructure, providing service to 3300 staff globally and live services to over 100 million endpoints.

Announcing the appointment, Kasshag said, “We are delighted to welcome Alastair to Snow. His skill in delivering strategic direction and his extensive senior management experience will be pivotal as we continue to deliver innovative solutions and services for our customers and partners.”

Pooley comments, “Being a customer of Snow at Sophos, I knew it was the market leader and its reputation within the industry is second to none. I couldn’t resist the opportunity to work in a company with such a spirit of collaboration and innovation, and the technical knowledge to back it up. My priority will be accelerating the company’s IT development, ensuring Snow’s information systems provide the foundation for it to maintain its position at the cutting edge of Software Asset Management innovation.”

In a previous post, Raging with the Machine, I talked about the benefits organizations gain through automating processes: doing things better, doing more things and containing costs through continual optimization. In this post, I dig deeper into ‘the doing things better’ part, and specifically how IaaS automation can be designed to systematically uphold security measures.

 

IT EXPERTISE IS CRUCIAL

When a provider puts a service into operation, be it a car-rental facility, mobile-phone repair, or a digital streaming capability, the processes to build and provision the hardware to support the service, and the security measures needed to protect the service, are crucial elements of the overall solution. Building and maintaining the underlying architecture for consumer-facing services requires investment in terms of time, IT expertise and security knowledge. For many providers, Infrastructure-as-a-Service (IaaS) is an ideal hosting solution, as it relieves many architecture headaches; such as aging hardware, the cost of idle machinery and the lack of storage and processing flexibility to cope with peaks in demand.

 

In my opinion, the challenge IaaS presents is not running a service, but developing it. By providing the means to spin up diverse types of machines, IaaS enables concepts and code to be tested in a way that isn’t economically feasible with on-premise solutions – which in turn enables the organization to develop more interesting, revenue-generating services.

 

For live services, reliability, availability, performance, security and user experience are crucial success factors. In contrast, during development, the need for infrastructure is temporary and success is measured in the ability to deliver and test an outcome rapidly.

 

To ensure that devices are correctly provisioned, protecting from the cost and security risks associated with zombie VMs and incorrectly provisioned devices, most organizations entrust the responsibility for IaaS to their IT department, or to a couple of expert individuals. Unfortunately, this approach tends to be costly and inflexible. It is a sure-fire way of promoting shadow IT and one of the root causes of the ever-widening Disruption Gap. Service desks tend to be busy ensuring operations and often lack the bandwidth to deliver specialized infrastructure services.

 

What’s needed is a secure way to enable development teams to spin up and decommission VMs as and when they need them. But this is not as simple as it might seem. Creating a virtual machine, even via the portal of a top cloud service provider, is a multi-step complex process that requires expertise and detailed information to complete correctly.

 

For example, the process to spin up a virtual machine using the official AWS guide to Launch a Windows Virtual Machine is described in five steps. Counting the sub-steps, there are 16 decision-making points in total – each one with the potential to expose your system if you lack access to the right information.

 

Figure 1, illustrates the process to create a VM. I’d like to stress that the complexity is in no way specific to Amazon Web Services (AWS), or any other cloud services provider, building an IT infrastructure requires expertise.

 

Figure 1: Walking through the steps to create a virtual machine

 

So, let’s take a closer look at some of those decisions. For me, one of most annoying aspects of this type of decision-making is that there are no rules, answers are often empirical. Which communication protocol, for example, should you choose for your VM? TCP or UDP? Well, it depends. For example, if you are testing a streaming service and you are not concerned with losing a bit of data here and there, but you are concerned with latency, you’ll probably want to go with UDP. However, if the purpose of the virtual machine is to gather user input, then the more data-reliable TCP protocol might be the best option. But, if you are just testing a piece of software, it probably doesn’t matter what communication protocol you choose.

 

Moving on. What instance type should you choose? Again, it depends. But for this decision alone, there are almost 70 options to choose from. 

 

And whatever instance type you choose in turn impacts your choice for storage. What type of storage does your virtual machine require and what can the instance type support? Again, it depends on what you are trying to do, SSD is probably the right choice if your application is input/output heavy, or you may need file-system type storage if you want to share information among virtual machines.

 

And the process continues until you’ve completed all the decision points.

 

Snow Automation Platform together with the Automation Books for AWS, Azure, and Google Compute Engine (GCE) provide a systematic approach to program the information required at each decision point into a workflow. Workflows can be made available directly to the business teams that need access to infrastructure, and multiple workflows can be configured to cater for different scenarios, such as: basic test, high-performance demos, training and large storage.

 

POSITIVE BENEFITS

But there’s more to be gained from such a systematic approach than freeing up IT resources, ensuring security protocols are upheld and empowering users.

 

To spin up a machine in a cloud environment, users need some sort of admin credentials. When VMs are instead spun up by a machine rather than an individual, the need to provide individuals with superuser credentials disappears – this information is handled programmatically. An extra check for improved security.

 

To ensure that the right people in the organization have access to the infrastructure service, role-based control can be implemented, with business users (rather than IT) approving access for newcomers. Role-based access has the double effect of enabling users while ensuring that unauthorized personnel are kept out. An additional check for security, plus one for flexibility and one for cost control.

 

With a systematic approach to spinning up VMs, automatic logging plays a key role in security and cost management. Automatic logging can track who, when, and for how long resources are being created. Logging may not sound that innovative, but without it there is no means to control your environment.

 

Imagine, for example, a large VM is running in your estate, costing you a lot of money. Without a log you have no idea who is responsible for it. If the VM is incorrectly configured according to your security protocol, it needs to be updated without impacting business operations. Automatic logging provides instant access to the information needed to take the next step. An extra check for security and one for cost control.

 

For demo/ event scenarios, VMs may need to be spun up with specialized images. Again, a template can be created once and used by multiple sales personnel who need to focus on demonstrating product capability and not the technical aspects of how to manage VM deployment. An extra check for security, one for compliance, and one for revenue generation. 

 

Sometimes, customers will allow developers to use their environment data to recreate a bug or test performance issues. It is vital to protect such customer data with appropriate security measures – not least for relationship management but also for GDPR compliance. A secure, customer-data template VM could be created to cover this use case. An extra check for security and one for compliance. 

 

If you are worried about an attack on your system, revealing programmatically-entered access codes; each workflow can be created with a different system account, so that even if one part of the system is attacked, exposure to your entire cloud infrastructure will not happen.

Several weeks ago I was in discussion with the CIO of one of our customers. Some of his comments made me think. He said to me, “I don’t know where the value is in SAM and the Snow toolset. Whenever I ask my SAM team (and they are an experienced team) a question they can’t give me a straight answer.”

 

Unfortunately, the second part of that statement is one that is all too familiar. Regardless whether your organisation has had a SAM function for 1 year or 5 years it crops up time and time again. So why is that?

 

Suppose the CIO asks the SAM team the following seemingly straight forward question; “What is my financial risk exposure for vendor X?”.  The CIO is expecting a black or white answer. However, for the SAM team answering this simple question it means a lot of other questions need to be asked first and lots of data needs to come together.

 

Questions like:

What products make up the vendor’s portfolio?

Which of these products are installed on our network?

Who is using these products?

Where are they using them from?

Are they full-time employees or contractors?

Do we have visibility of the whole of the network?

How are these products procured?

How are these products packaged?

Do we have a contract?

What are we entitled to use?

What is the entitlement for each product?

What is the compliance metric for each of these products?

Are there maintenance contracts?

Are the software costs OPEX or CAPEX?

Is the CIO expecting to see purchase cost or running cost?

Does the CIO need to see potential audit fine cost?

Do we need to split the risk across the organisation?

What does the organisation look like from an IT or business perspective?

 

This is to name but a few of the possible questions!

 

A lot of these questions can be automated and answered by toolsets, however only if the data is accurate. We have all heard of People, Process and Technology. One can’t do without the others. Very true, however I would like to see Data broken out of the Technology piece. If the underlying data is not accurate or incomplete then the People Process and Technology will inevitably fail. The old adage of you don’t know what you don’t know comes to mind.

 

I notice that more and more of our customers are starting to use SAM data in different parts of their organisations to answer non-SAM related questions. This means augmenting automatically discovered information with additional metadata from other systems, of course this augmented data needs to be accurate as well so identifying the ‘golden’ source of truth is crucial.

 

The other lesson we can learn from the above questions relates to transparency and clarity. Make sure you have a clear communication plan in place and you know what it is the CIO is actually asking for. What is he/she expecting to see? Have a clear understanding of what is cost to them? If your system is set up to produce apples but your CIO is expecting pears, then you will never satisfy the CIO.

 

Ultimately, the CIO and any other functions in the business that are consuming your data are your customers and customer satisfaction is based on knowing and fulfilling their expectations.

In Snow License Manager 8.1.0., we released a new pane that shows what Snow refers to as user activity for Microsoft Office 365 subscription plans. Given the customer feedback we have received, it seems we may have over complicated the way we presented this information, so in the upcoming release of Snow License Manager – version 8.2.5 – we have updated the pane so that it provides clear starting points for license reharvesting and subscription plan optimization. This post explains the changes we have made, and how to best use the information provided.

 

As I mentioned in a previous post Understanding the Office 365 user activity view, the purpose of the user activity view is to identify opportunities for harvesting and optimizing Microsoft Office 365 subscriptions based on the usage information provided by the Office portal for your organization – and that still holds. But, we hope that both the information we have chosen to present and the way it is displayed in the updated version will help you to identify cost saving opportunities more readily.

 

One of the first changes we made was to the data shown under total users, which as you might expect reflects the total number of unique users assigned with an Office-365 subscription – not the total number of subscriptions.

 

Changes in terminology

Figure 2: Microsoft Office 365 – Total users for E3 plan

 

The biggest change, however, is to our terminology, which we have been able to improve by digging deeper into the information provided by the Microsoft portal. We have categorized users into either: no activity or active within the last n number of days, where n = 7, 30, 90, 180, or 365. The definition of no activity remains the same, meaning that a license has been assigned to a user who has never opened any of the applications included in their subscription plan. Note that users that are not linked will show up in a separate list.

 

We have also modified the definition of activity to mean use of any application within the user’s subscription plan.

The number of days parameter is based on the most recent import of Microsoft Office 365 data. Users shown as active in the last 7 days, means users that have opened at least one of the applications included in their subscription within the 7 days prior to the most recent import. To ensure this information is clear, the timestamp of the most recent data import is shown in the bottom right-hand corner of the main Microsoft Office 365 menu.

 

What counts as activity?

Figure 3: Microsoft Office 365 – Application Usage

 

Activity depends on the applications included in the subscription plan. For example, E3 includes Skype for Business, Exchange Online, and the ProPlus Suite, which includes installed versions of Word, Excel, PowerPoint, Outlook, OneDrive for Business, OneNote, Publisher (PC only), and Access (PC only). So, those users assigned to an E3 plan, who open any of these applications within the last 7 days (of the most recent data import) will count as active.

 

Total users - All users

As shown in Figure 1, we have simplified the total users overview tab so that it provides a visual summary of Microsoft Office plans showing the name of the Microsoft Office-365 subscription purchased, how many users have been assigned a license, and a bar-graph representing the activity of these users, grouped into last 7, 30, 90, 180, and 365 days, as well as no activity (shown in gray).

Figure 4:  Activity bar graph

 

The purpose of this view is to highlight potential starting points for subscription reharvesting and optimization. A well-optimized estate will show most users as active within the last 7-30 days (indicated by the first two bars of the graph – reading left-to-right).

 

For most volume licensing agreements, a subscription can be reharvested (assigned to another user) after 90 days of assigning it, although there are some exceptions to this rule-of-thumb. The other bars of the activity graph show the potential for reharvesting.  

 

For subscription plans where activity data is either not available or doesn’t make sense, the Activity column shows Not Applicable N/A. Primarily, this applies to subscriptions that do not include the applications for which usage information is available, such as EMS E3. Exchange online archive can be added to an E3, and PSTN calling, for example, currently tracking information is unavailable.

 

To reduce the amount of information, content can be filtered on the Active last column. For example, to identify candidates for reharvesting, filtering on More than 365 days ago will show the users that have not used their subscription in over a year.

 

Total users - Not linked users

For Snow License Manager (SLM) to show information about subscription assignments, what plan users are on, and how much they have used their Office-365 applications, a connection needs to be made between a user’s identity in Office-365 and in SLM. This connection cannot always be made automatically by SLM because of the way the systems involved identify users.

 

When the connection cannot be made automatically, the user shows up in SLM in the Not linked users list. More details are available in one of my previous posts: What is user linking for Office-365 and how to manually link users in SLM.

We have also added links to linked users, so that when you have identified a user who may be a candidate for subscription harvesting or optimization, you can click the link directly to the view for that user, where you can investigate further. As indicated in Figure 2, linked users are identified by their domain\username pair which has the visual appearance of a weblink.

 

Try it out

To summarize, I would advise you to first ensure that your users are linked, and then just play around with the information, filter it, and get a feeling for user activity and the potential candidates for rehavesting. Start with some of the obvious users, like those who are showing no activity and those who haven’t been active for more than a year. I’d love to hear what you have to say about the new presentation, so please leave a comment below.