Time For An Office Move?
With Microsoft Office 365 you can simplify your IT with always-up-to-date Office tools and services. Get the latest version of Office integrated with business email, file sharing and web conferencing. Deliver best-in-class productivity tools with the IT control you need.
Bytes Cloud Services For Microsoft Office 365
If you would like detailed, expert advice about how to begin your migration to Office 365, our Cloud Services Team can assist. We can work with you to tailor the right approach for your business, giving complete visibility throughout the project to ensure it comes in on time, on budget and exceeds your expectations.
Bytes can help to: DEFINE:
Understand your business goals and timeframes, taking into account any technology constraints and your overall cloud strategy.
DESIGN:
Through commercial and technology workshops we can produce the cost benefit analysis together with the design and implementation plans.
DELIVER:
Together with our best of breed partners we can assist or take full control of the deployment and migration, licensing and training requirements, keeping a close eye on the TCO
MANAGE:
Once the project is complete we can support your end users, manage vendor relations and help you build on your cloud investment for a successful future.
To speak to one of our Cloud specialists, contact us on: e: tellmemore@bytes.co.uk t: 01372 418500 w: bytes.co.uk
welcome to bytes 2014
Welcome to the latest edition of the Bytes Magazine! If you source software or get involved in software licensing agreements, or are concerned about managing your increasingly large software assets then read on!! We want to help you make great purchasing decisions and we want your organisation to do great business. Your success as an organisation is very important to us and we want to help in any small way we can. This magazine has been put together by Bytes staff and great people from some of the best software publishers and IT distribution businesses in the world. Every day, your organisation is faced with the onward march of new challenges. Digitalisation of business, cloud computing, social & business media and world full of Apps means constant change. Therefore you need responsive suppliers, you need agile and flexible solutions and most of all you need a supplier who can provide a “can do” attitude and work with you to make your job easier. That’s the philosophy of Bytes and has been since 1982 when the business was founded. The exceptional Bytes culture has been recognised in several quarters – in 2013 we became Microsoft’s Number 1 UK Reseller, we won several prestigious industry awards (see back page) and in our customer satisfaction survey, a staggering 97% of respondents said they would recommend Bytes and 93% rated our service as excellent or good. By the end of March we will be operating out of our new state of the art premises having worked from the same old, ex toy factory for the last 25 years!! This change is exciting and it represents a dynamic new, positive shift in the way Bytes will be here to serve you. We will have bigger premises, more staff, better systems and greater capability to provide you with a great service.
Neil Mandi
I look forward to you visiting us and seeing how we do business.
Neil Murphy Managing Director
Mandi Nicholson Sales Director
contact us Bytes Software Services, Bytes House, Randalls Way, Leatherhead, Surrey, KT22 7TW phone - 01372 418500
www.bytes.co.uk | 03
contents cover story p20 Business Reimagined
Microsoft’s Chief Envisioning Officer’s view of the future...
p22 The Latest Cloud Solutions from Microsoft, Mimecast, CheckPoint, F5 and VMware
licensing p08 MPSA
All you need to know about the Microsoft Products and Services Agreement (MPSA)
storage p32 All-flash Enterprise Array
All-flash enterprise storage for less from Pure Storage
p34 Are you Azure?
Key points about Azure and how it can be used to benefit your business
p36 Tape Has Never Been Part of the EVault Backup Strategy An overview of cloud/hybrid backup
p10 Server & Cloud Enrollment
p38 Go & Backup in Minutes
p12 BYOD
p40 What is Flexpod Datacenter With Microsoft Private
Detail on SCE, how it works and how it benefits customers A look at BYOD considerations from a Microsoft licensing perspective
p14 Microsoft Licensing Changes
Our team of Microsoft experts outline key licensing updates and changes
virtualisation p26 Virtual Vision
Covering the latest trends in virtualisation
p28 Fastest Path to Mobile Productivity An overview of Citrix XenMobile for mobile freedom with enterprise security
p30 vCloud from VMware
A look at this secure IAAS from VMware
The top 20 reasons to use Symantec NetBackup 5230 Appliance Cloud? How NetApp for Microsoft Private Cloud can deliver more efficient IT services and applications
p42 EV.cloud Archiving and eDiscovery All your FAQ’s answered
security p46 XP is Dead – Long Live Windows XP What the XP end of life means in practice
p48 The BYOD Debate
Is BYOD like taking your boss home with you?
p50 RSA Authentication Manager 8.1 Has Arrived
Mobile and remote access – how to ensure you’re protected
p52 A Sand Trap for Malware
A look at threat emulation by a Check Point expert
p54 Next Generation Data Center Security
Core design strategies for data center security
p56 Enhance Microsoft Office 365 with Mimecast
How to enhance functionality and extend the capability of Office 365
p58 Unified Threat Management
Sophos UTM – your best alternative to Forefront TMG
04 |
applications & document solutions news bytes
p60 Adobe Creative Cloud
An overview of Creative Cloud for teams
p62 Your Oracle Licensing & Infrastructure Solution
p06
p64 10 Great Tips for Your Workday
p17 Bytes Portal
How Cintra and Bytes can help you to get the best from your Oracle investment Use Adobe Acrobat XI Pro to make your life easier
p66 To Outsource or Not to Outsource
The argument for outsourcing certain business processes
our partner ecosystem p68 More Haste Less Speed
An Office 365 case study from Dot Net Solutions
p70 The Clinical Desktop Solution OCSL introduces acceSSOnce
p71 Communication Matters, Collaboration Counts An insight into collaboration from InterCall
p72 Powerful Simple Self-service Business Intelligence
News Bytes
A selection of the latest news from vendors All your software estate available in one place
p44 News, Views, Events and
Webinars Recent and forthcoming Bytes events and venues
p77 Bytes Software & Licensing Services
p78 Bytes SAM Services p79 Bytes learning Services
regular bytes
SQL Business Intelligence from Northdoor
p73 Meet The Manufacturers
case studies
p74 In The Hotseat
p18 Increasing Staff Productivity Through
Cloud-based Services How Bytes helped Newham Council reduce costs with effective licensing solutions
p80 What Our Customers Say
Just some of the customers who would endorse the great Bytes service
Meet our manufacturers at upcoming events in 2014
An interview with Jon Cook of Citrix
p76 Try Before You Buy
Take the opportunity to trial before you make that important purchase
p82 Vendor & Industry Awards p83 Our Vendor Accreditations
www.bytes.co.uk | 05
news
bytes Catch up on all the latest news from the IT world from new product launches, latest software and licensing updates to business acquisitions. Vmware buys AirWatch Cloud software maker VMware has announced its intent to acquire AirWatch, a mobile device management and security provider for enterprises. VMware has agreed to pay $1.17 billion in cash and another $365 million in installment payments and unvested stock options. The acquisition will give VMware, which sells virtualisation software, one of the most highly regarded enterprise mobility solutions. Mobile device management is an increasingly hot sector as more smartphones and tablets show up inside the enterprise, creating more opportunities for compliance breaches and another avenue for cyber attacks. “The acquisition of AirWatch extends VMware’s proposition from datacentre to device, and strongly positions us for the Mobile-Cloud era,” wrote Sanjay Poonen, general manager of end-user computing at VMware. The AirWatch buy brings VMware into line with Citrix, which has a well regarded mobility solution in addition to its desktop virtualisation offerings. AirWatch, MobileIron, and Citrix are the highest-rated companies on Gartner’s “magic quadrant” for mobile device management. For VMware, which is majority-owned by storage giant EMC, AirWatch is its second billion-dollar acquisition in the last 18 months. In late 2012, it bought Nicira, a software-defined networking company. The AirWatch acquisition is expected to close late in the first quarter, according to a statement from VMware. AirWatch raised $225 million in funding last year from Insight Venture Partners and Accel Partners.
06 |
Bytes Software Services have moved to a new HQ, double the size, in Leatherhead, Surrey We take with us many fond memories from the last 32 years, where from humble beginnings we have become the largest Microsoft reseller in the country. Looking forward, our new state-of-the-art premises give our 200 staff a greatly improved working environment and enables us to expand to meet the increasing software needs of our customers. With extra space, this month also sees the first group intake of our Bytes Academy with new starters embarking on a meticulous training programme that aims to ensure we maintain the high levels of satisfaction we strive for here at Bytes – our recent survey revealed that 97% of customers would recommend us. We’ll be inviting you to join us in our new offices for seminars and technology updates and look forward to seeing you then, however, in the meantime our doors are open for a coffee and a catch up with your account manager – just give us a call. Our regional offices in Manchester, York and Cork are not moving. Symantec Titled a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms Gartner Inc. has once again positioned Symantec as a Leader in the Magic Quadrant for Endpoint Protection Platforms (EPP) – a position Symantec has held for a 12-year span. A Symantec spokesperson commented “We believe this leadership position in the 2014 Magic Quadrant report, published January 8th, 2014, and Symantec’s recent positive vendor rating by Gartner are indications of a strong product offering that performs well in detection, protection and performance.”
According to the new Magic Quadrant report, which positions vendors based on their ability to execute and completeness of vision, “protection from common malware, as well as more advanced persistent threats, is the top critical consideration for EPP buyers.” The report also states that the rise of targeted attacks is “shredding what is left of the antimalware markets stubborn insistence in reactive protection techniques,” and highlights the need for EPP solutions to be “more proactive and focus on the entire security lifecycle” to be successful in the future. Citrix Acquires Framehawk Citrix Systems has acquired Framehawk for an undisclosed sum, and will use the company’s technology to improve the performance of virtual desktops and applications over wireless networks. With the increased adoption of tablets and smartphones in businesses, performance becomes an issue over Wi-Fi and cellular networks where access may be erratic or poor due to congestion, high packet loss and or high latency, according to Citrix. To alleviate such problems, Framehawk’s technology will be combined with Citrix HDX in the XenApp and XenDesktop products. Citrix has yet to provide any details on when that work will be finished. Bytes wins the triple at Xerox Annual Awards Ceremony Bytes Document Solutions (BDS) is delighted to announce that they have won no less than THREE awards at the prestigious 2013 Xerox awards. BDS has picked up the gong for Solutions Partner of the Year, Production Partner of the Year and Systems Integration Partner of the Year. This is a ringing endorsement of the partnership between BDS and Xerox.
Darren Spence, Bytes Managing Director, says: “The team at Bytes have worked extremely hard over the past year to ensure we continue to put customers first in everything we do. Our proposition has continued to evolve and improve and our attention to detail and customer satisfaction remains a focal point for the Executive team. We have a clear five year plan which is built around having sustainable customers, so picking up these awards means a lot to us and makes the hard work worth it.” Oracle Introduces Mobile Security Suite Oracle has introduced Oracle Mobile Security Suite, enabling organisations to safely provide access to sensitive enterprise applications and data on users’ preferred mobile devices. The new suite along with Oracle’s existing Identity and Access solutions deliver an integrated platform from which organisations can manage access to all applications from all devices – including laptops, desktops and mobile devices. Unlike the device-centric approaches taken by today’s mobile device management solutions that can create a separate security silo requiring expensive integration with identity solutions, Oracle Mobile Security Suite takes an application and user-centric approach which allows IT to more efficiently and securely administer and manage access.Oracle Mobile Security Suite provides a secure workspace that allows companies to separate and protect enterprise apps and data and enforce policy while preserving privacy of users’ personal applications and content on the same device. In addition to separation of personal and corporate information, the workspace provides a complete mobile application solution including single sign-on, per application network tunneling, encryption for stored data, native integration with Microsoft Active Directory for shared-drive access, a corporate application catalog and a wrapping tool to include bespoke or COTS applications into the workspace.
As part of the Oracle Mobile Platform, Oracle Mobile Security Suite is integrated out of the box with Oracle’s Mobile Suite for application development, integration and deployment, in addition to being available standalone. Bytes SP are Finalist for “Best Security Company” - SC Awards Europe Bytes Security Partnerships are delighted that their quality of support, service and business performance over the past 12 months has been recognised at the highest level by being placed on the shortlist for “Best Security Company” at the SC Awards Europe 2014. The company has been named as a finalist in this coveted new category at the awards, which are widely recognised as the most prestigious in the information security industry. The SC Awards Ceremony is the security industry’s premier awards evening; accolades recognise the ingenuity and exceptional achievements within information security over the past twelve months. The glamorous ceremony will take place on Tuesday 29th April 2014 at Grosvenor House on Park Lane, London and the Bytes team have their fingers crossed for a great result – though are delighted just to be named a finalist in this highly contested category. Bytes Wins Again – Enterprise Reseller of the Year For the third year in a row Bytes is delighted to be named ‘Enterprise Reseller of the Year’ at this year’s CRN Awards, in association with Computer Reseller News. Comedian Omid Djalili presented Bytes with the prestigious award in front of over 1,700 guests at Battersea Park Events Arena in London. Bytes Group Managing Director Neil Murphy commented, “We are delighted to receive this prestigious award from CRN. As ever, we have our employees’ enthusiasm, hard work and dedication to customer satisfaction to thank for our success. We pride ourselves on having the best
team in the business and this award is one more example of the industry recognising the brilliance of that team!” This comes straight off the back of being awarded a Highly Commended recognition from the UK IT Industry Awards supported by BCS the Chartered Institute for IT and Computing magazine. Check Point Introduces Software-defined Protection Security Architecture Check Point has introduced Software-defined Protection (SDP), a revolutionary security architecture that can protect organisations in today’s fast-evolving IT and threat landscape. Software-defined Protection effectively protects against new and emerging threats, through a design that is modular, agile and secure. SDP is a three-layer security architecture with enforcement, control and management layers. • Enforcement layer segments networks to stop attacks spreading and allows only authorised traffic to flow. This includes security appliances, gateways, endpoint software, and mobile device apps • Control layer is based on Check Point’s Software Blade concept to deliver appropriate security (IPS, App Control, ID awareness, DLP etc) at each enforcement point. It also includes threat prevention information from multiple sources (CERTs, malware research, sandboxing, etc), which is used to generate real-time security protections and policies for distribution through the cloud • Management layer governs policies and protections, and the overall security infrastructure This decouples the control layer from the enforcement layer, enabling robust and highly-reliable enforcement points that obtain real-time protection updates from the software-based control layer. SDP converts threat intelligence into immediate protections and is managed by a modular and open management structure.
www.bytes.co.uk | 07
licensing
focuson In December Microsoft released the first phase of its Next Generation Volume Licensing initiative, the Microsoft Products and Services Agreement (MPSA). Today, the new agreement supports a customer’s choice to purchase Microsoft on-premises software and online services through an agreement structure similar to Select Plus.
John Gorton Microsoft Licensing Lead, Bytes
Transformation of Microsoft Volume Licensing As we move through 2014 we will start to see enhancements to the agreement with the addition of Software Assurance and Enterprise Agreement type enrolments.. The agreement offers some major benefits such as simplified terms, the ability to purchase both on-premises licenses and online services, the ability to have multiple partners, and a new licence management portal (Microsoft Volume Licensing Center) but customers should be aware that the MPSA isn’t yet available for academic and government sectors. In addition, Software Assurance under MPSA wont be available until later this year. My advice to customers looking to purchase online services or on-premises licenses without Software Assurance through a new agreement is to strongly consider the MPSA. Existing Select Plus customers purchasing licenses with Software Assurance should continue to purchase through their existing agreements until such a time where Software Assurance is made available through MPSA. Customers will also need to consider licence management as previous Select Plus purchases, (which are visible via the Microsoft Volume Licensing Service Center), will not be visible within the new Microsoft Volume Licensing Center.
Microsoft Products and Services Agreement
The next generation of Volume Licensing initiative is an end to end transformation of Volume Licensing that delivers an improved agreement structure, a more flexible and easy purchasing platform, and new systems and tools for all organisations that want to purchase Microsoft products and services. Each of these enhancements are designed to streamline how you license Microsoft products and services while providing greater value from your organisational assets, more purchasing flexibility so you can get and distribute the technology and services you need more easily, and simplified asset management so you can dedicate resources to greater business needs.
08 |
Microsoft Products and Services Agreement The MPSA is the foundational agreement that consolidates all applicable terms and conditions that are found in the current Microsoft Business and Services Agreement and Select Plus Agreement and the Microsoft Online Services purchasing terms and conditions. Features include: • A single agreement that provides integrated purchasing for on-premises and Online Services, offering a single way to acquire your license and software asset portfolio. • Agreement supports multiple organisational types, enabling all lines of business to purchase through the same agreement structure for improved tracking and management of assets. • The MPSA is a perpetual contract and the master agreement does not expire. Easily Manage Your Assets with Purchasing Accounts A Purchasing Account is any unit within your organisation that needs the ability to independently purchase on-premises software and Online Services in any configuration. Each Purchasing Account is associated to your organisation’s MPSA, through the legal entity that is registering the accounts, to facilitate more accurate license management and tracking of your entire portfolio. The Purchasing Account structure is flexible and empowers you to define and redefine your organisation’s purchasing structure as your organisation changes. These accounts can be at the organisation level, affiliate level, or department level, or for a subset of personnel, depending on how you want to structure purchasing for your organisation. You will also be able to mix organisation types, with commercial, academic, and government1 Purchasing Accounts associated to the same MPSA.
MPSA
All product and Online Services purchases under all Purchasing Accounts are associated to your MPSA and are automatically consolidated to receive the best volume discount based on the purchase volume, per pool and account, across your entire organisation. The Agreement Administrator For each MPSA, one Purchasing Account is designated as an Agreement Administrator. The Agreement Administrator account: • Is provided a full asset view across all accounts. • Is notified when a Purchasing Account is associated to an MPSA. • Has the right to terminate the association of any Accounts to the MPSA. • Has the right to terminate the MPSA itself. The Agreement Administrator account is provided with the ability to access the licensing portal to view all registered accounts and purchases associated to their legal entity, giving you another view into your organisation’s purchases. New and Improved Systems and Tools In addition to the investments in optimising Microsoft’s licensing, new systems and tools have been created to help simplify management of all your Microsoft assets. The new Microsoft Volume Licensing Center has an intuitive, easy to use interface so you can view and manage your products and services assets across your entire organisation, quickly and accurately.
Improved Agreement Structure
Flexible and Easy Purchasing
New Systems and Tools
Enhanced self-service, online tools give you better management capabilities by making it easier for you to access all the information you need about your agreement through a single online portal which: • Requires only a single sign-on when using a managed organisational account to track, manage, and report on all your Microsoft assets quickly and accurately. • Provides a clear view of your portfolio of Microsoft assets. • Enables you to self-provision Online Services for your organisation so you can get the solution you need when you need it. The Microsoft Volume Licensing Center uses an organisational account to manage assets. Organisational accounts are linked to the organisation rather than the individual. This puts you in control of who can access the Microsoft tools (such as the MVLC and the Microsoft Online Subscription Portal) and Online Services (such as Office 365, Microsoft Dynamics CRM Online, and Windows Intune). You set-up your users’ accounts and assign them roles, which determines the tools, functionality, and services they can access.
The new Microsoft Volume Licensing Center simplifies managing your licensing assets with the following benefits: • Single system for managing assets. • Self-service agreement and account management. • Self-provision Online Services. • Streamlined software and product keys download capability. • Single sign-on when using a managed organisational account across asset management tools: Microsoft Online Services Portal and Microsoft Volume Licensing Center.
further info...
on MPSA, contact your Bytes account manager on 01372 418500.
www.bytes.co.uk | 09
licensing
focuson The Server and Cloud Enrollment (SCE) is a new enrollment under the Microsoft Enterprise Agreement. The SCE provides a new option for highly committed customers that enables them to standardise broadly on one or more key Server and Cloud technologies from Microsoft.
How the SCE Benefits Customers Cloud Enabled Gain the flexibility to move to the cloud as needed and grow organically without losing the value built in existing deployments.
Standardised & Simplified Ensure adoption of the latest technologies while simplifying deployment and license management.
Cost Savings & Benefits Get the best pricing, discounts and added benefits designed to support Server and Cloud technologies.
10 |
To enroll in an SCE, customers make an enterprise-wide commitment to one or more components. This means committing to full Software Assurance coverage across the installed base of an SCE component and in the case of System Center, committing to full System Center coverage on their Windows Server installed base through the Core Infrastructure Suites (CIS). In return for an enterprise-wide commitment, the SCE provides customers a range of benefits, including new cloud-optimised licensing options, simplified license management and the best pricing and terms. Cloud-Enabled SCE offers Microsoft’s lowest Windows Azure pricing, application License Mobility to the cloud, and new benefits for using System Center to manage Azure resources. Customers also get a new, subscription-based option, offering more flexibility when retiring workloads, consolidating, or migrating to the cloud.
Server & Cloud Enrollment
Standardised & Simplified With access to the latest technologies and benefits for all deployments, SCE customers can take advantage of simplified licensing through a standardised set of SKUs. In addition, when committing to CIS in SCE, customers gain a standardised management platform across on-premises and Azure environments. Cost Savings & Benefits The SCE provides Microsoft’s best pricing and benefits for Server & Cloud products, including discounts on new licenses, Software Assurance and Azure. Eligible customers may also qualify for premium benefits like Unlimited Support.
Key Benefits include: • 15% discount for new license and Software Assurance purchases • 5% discount on Software Assurance renewals • Management of Windows Azure resources with System Center is included for CIS commitments* • Best terms, conditions and predictability for SCE products • New subscription option available • Full Software Assurance benefits for all deployed licenses including new version rights • Unlimited Problem Resolution Support for qualifying customers. *Some limitations apply
How it Works The Server and Cloud Enrollment offers four components: Core Infrastructure, Application Platform, Developer Platform, and Windows Azure. Customers can choose any of these components individually or group them as needed. When choosing any of the first three components, customers will also have access to Windows Azure at the best pricing available.
Core Infrastructure
Application Platform
Developer Platform
Core Infrastructure
Products CIS SKUs (Windows Server + System Center)
Products SQL Server
Products Visual Studio Ultimate and Premium
Products All Windows Azure Cloud Services
Requirements Full SA coverage
Available automatically or can be licensed standalone
Requirements CIS coverage for all Windows Servers
Requirements Full SA coverage
+ Access to Windows Azure BizTalk Server and SharePoint Server can also be ordered as part of the Application Platform component.
How to get started The Server and Cloud Enrollment is a 3-year commitment made under a Microsoft Enterprise Agreement (EA). Customers gain not only SCE-specific benefits, but unique EA benefits including volume discounts and the most flexible and predictable terms available with any Microsoft Volume Licensing program. An SCE can be purchased at any time, although the expiration of an existing EA or SA commitment is a great time to evaluate whether SCE is the right vehicle for your server and cloud needs. Contact your Bytes account manager, to get started today.
need more...
details about SCE, Windows Server and System Center 2012 R2s, please speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 11
licensing
focuson As businesses start to permit their users to Bring Their Own Devices onto the corporate network, there are a number of Microsoft licensing considerations dependent on the type of service the organisation wants to allow its users access to.
Dave Page Senior Account Manager, Bytes
A Microsoft Licensing Perspective on BYOD An organisation’s “BYOD journey” usually begins with allowing users access to e-mail over their non-corporately owned device. The extension to this is for businesses to offer users access to corporate applications from their own devices. This staged approach to offering users IT as a service usually culminates in providing users access to a rich and familiar client Operating System Environment from whichever device they choose to login via. After deciding the level of functionality their users require, organisations then need to consider their users’ primary work device and whether, as a progression of the organisation’s BYOD policy, users will not necessarily have a corporately owned primary device. It may be that users will have to provide their own device whilst the organisation merely provides a virtual desktop image.
Key considerations to a staged approach: • Does the organisation have the correct Microsoft Client Access Licenses [CAL’s] to allow users access to Microsoft Exchange, SharePoint, Windows and SQL Servers from multiple devices? • Microsoft applications are licensed per device; therefore, in order to present these applications to other devices; do the applications have Roaming Usage Rights that come with active Software Assurance? • The Desktop Operating System is likely to be an OEM Operating System (ie lives and dies with the device it was pre-installed on) therefore, in order to present an OS instance to other devices; does the OEM have Virtual Desktop Access rights as part of Software Assurance or something called a VDA Subscription?
12 |
• Finally, important for Enterprise Agreement customers, will the users have a dedicated primary corporately owned device and will the user be bringing their own device onto the corporate network and using it as a primary work device? Client Access Licenses Client Access Licenses [CAL’s] are required should a user or device need to connect into a Windows Server, Exchange Server, SharePoint Server, Lync Server or SQL Server (amongst others). The business can select either a per User or a per Device CAL; the former being selected when users have multiple devices and the latter for when numerous users access a single device (Thin Client, Call Centre workers etc.). In order to effectively plan for a Bring Your Own Device scenario, it’s important that an organisation selects “Per User” CAL’s allowing the user to access the servers from his primary network device and also any device they choose to bring onto the premises or access externally by other methods. User CAL’s increased in price by 15% on the 1st December 2012 (This excludes Government Organisations). This made them 15% more expensive than their Device CAL counterparts. If an organisation has an Enterprise Wide Agreement (EA, EAS, OVS) then it is possible to switch from Device to User CAL’s upon renewal. If any per Device CAL’s had been purchased on an ad-hoc agreement without SA then unfortunately these would need to be re-purchased or “topped up” to cover the extra BYO Devices under a Per User CAL. Remote Desktop Services CAL’s An organisation needs to consider the Remote Desktop Services CAL, on top of the normal set of User CAL’s for Exchange, SharePoint, Lync etc., if it is delivering
BYOD
A Microsoft Licensing Perspective
applications to users Windows Remote Desktop Services (or presenting applications via such products as Citrix XenApp/XenDesktop). As with the above, User CAL’s should be selected for the BYOD model. The RDS CAL gives the rights to App-V for RDS (streams applications to RDS/Citrix whilst the user is connected to the network only) and also the rights to deliver a generic Windows Server OS “Skin” to devices that would benefit from accessing their applications in this way. Office and other Microsoft Application Licensing An organisation needs to consider how Office is licensed across the estate, should it be allowing users to either install Office natively on their own devices or will it be allowing users to access their Office applications over application presentation technologies (i.e. Remote Desktop Services, XenApp etc.). The key point to remember is that Office, as with all Microsoft applications (excluding Office 365), is licensed on a per device basis. Therefore if a user’s primary corporately owned device runs Office, the user’s cannot simply access this application remotely from any other non-corporately owned device without considering the licensing implications for the new device they’re accessing it from. For the most part, giving Office Roaming Usage Rights by having Software Assurance attached to the desktop application will give users the ability to access their Office applications remotely whilst outside of the corporate premises on non-corporately owned devices. If the organisation requires staff to install Office locally to a non-corporately owned device, it should either utilise the Home Use Program (A benefit of Office licenses, that are purchased with Software Assurance, which allows the primary user of the Office license to purchase a copy of Office to be installed on a home/personal device for £8.95) or purchase an Office Work at Home License under either a Select Plus or Open License Agreement. An alternative to the traditional per device licensing model is available through Office 365. With Office 365 customers subscribe to use an application on a per user basis, with rights to use on up to five concurrent devices. Applications currently available through Office 365 on a subscription basis include: • Office 365 ProPlus • Visio Pro for Office 365 • Project Pro for Office 365 Windows Operating System Licensing An organisation needs to consider the Operating System licensing when offering a truly agile working experience to their user base; allowing their users to access the same desktop OS from whichever device they require at any time. This is over and above using the Remote Desktop Services CAL “Server Skin” option to deliver a fully customisable desktop experience potentially through Citrix XenDesktop or VMWare View. The three sides of this are:
i) A User has a corporately owned fat client device with a Qualifying OEM Operating System – The OEM OS on this device lives and dies with the device it’s installed on. Therefore, to give the right to access a Virtual Desktop OS from the primary device or from multiple non-corporately owned devices outside the corporate network, the organisation would need to purchase the Windows Upgrade with Software Assurance. ii) A User does not have a corporately owned device and is bringing their own – The user requires an OS instance to be available to them, via a Virtual Desktop Solution. In this instance they would purchase the Virtual Desktop Access Subscription for the device. iii) A User uses a Thin Client whilst in the office and their own device when roaming. – As in (ii) above the user would need to purchase the Virtual Desktop Access Subscription. Office 365 Office 365, and its intrinsic “Per User” licensing model, often means it’s worthy of further consideration in these BYOD scenarios. A key point is that the 365 packages do not obligate an organisation to move to Microsoft Online Service offerings and they can be utilised to continue to give users access to on premise services in the same manner as the traditional aforementioned CAL suites. For example the Microsoft Office 365 E3 package, licensed as a per user per month Subscription, gives the user the rights to install Office Professional Plus on up to five devices (one of which can be a Terminal Server/Citrix Server) aswell as the rights to access on premise Exchange, SharePoint and Lync Servers to an Enterprise CAL Level (Exchange Standard +Enterprise CAL, Lync Standard + Enterprise CAL and SharePoint Standard + Enterprise CAL on-premise rights). This E3 license would not cover the rights to access the Windows Servers these server applications sit upon however it would cover many of the services users demand when connecting via their own devices. Therefore in summary, the 365 packages can be seen more as a facilitating BYOD licensing method rather than a natural pre-cursor to moving to Cloud Services although they will permit this Cloud migration should it be deemed right for the business. Organisations’ individual Bring Your Own Device policies often mean that a tailored approach to Microsoft Licensing Agreements is the best route forward. Hopefully this article has given an insight into the licensing considerations that you may encounter when planning your own BYOD strategy.
need more...
information or advice on planning your BYOD strategy please speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 13
licensing
focuson Our team of Microsoft Licensing Specialists continually review the Microsoft Product List and Product Use Rights to ensure we fully understand any changes to licensing rules and assess the impact these will have on our customers and advise a course of action accordingly. Below are some of the more recent changes:
Forefront UAG discontinued In addition to the change to the Forefront product roadmap announced by Microsoft in September 2012, which saw the discontinuation of future releases of some key Forefront-branded solutions including TMG, Microsoft has since announced the discontinuation of Forefront Unified Access Gateway (UAG). Some of the remote access and secure application publishing capabilities found within UAG are now available through Windows Server 2012 R2, these include DirectAccess deployment and policy management and a new Web Application Proxy service. Customers will be granted a Windows Server 2012 Standard server license for each UAG server license with active Software Assurance to allow them to make the transition. For customers who wish to continue using Forefront UAG, Microsoft will provide maintenance and support through the standard Microsoft support lifecycle. Mainstream support
14 |
will continue through 14th April 2015, and extended support will continue through 14th April 2020. Customers with active Software Assurance on UAG 1st December 2013 may also add new UAG server instances, users, and devices without any requirement to order additional licenses.
RDS CALs allows access to remote desktop services hosted in Azure or third party datacentres
?
Windows Server 2012 R2 released
The Windows Server 2012 R2 product follows the same model as its 2012 predecessor in that Datacenter and Standard editions are technically identical and are only differentiated by virtualisation rights, two virtual instances for Standard and unlimited virtual instances for Datacenter edition. There is no new version of the Windows Server Client Access Licence so users licensed to access Windows Server 2012 can use the same CALs on both Server 2012 and Server 2012 R2. With the release of 2012 R2 there was a price increase of circa 28% for the Datacenter edition which customers who purchase Software Assurance on their licenses will need to factor in when renewing.
Along with the release of Windows Server 2012 R2 Microsoft also made a change to the Product Use Rights for Remote Desktop Services CALs. Customers with Software Assurance (SA) will be able to leverage their existing RDS CALs with license mobility to apply to either an onpremises Remote Desktop Services installation or a deployment of Remote Desktop Services on Windows Azure or a third party datacentre. This new RDS licensing right allows customers to use their existing investment for licensing RDS on Windows W indows Azure rather than having to purchase p urchase separate RDS Subscriber Access A ccess Licenses (SALs) through the Microsoft M icrosoft Services Provider Licensing Agreement A greement (SPLA). Customers purchasing p urchasing new Windows Remote Desktop D esktop Services CALs can expect to pay 20% more than the previous version.
Other Recent Changes
?
Office 365 mailbox sizes increased
For no additional cost users’ mailbox sizes in Exchange Online and Office 365 have doubled in size from 25GB to 50GB, Kiosk mailboxes have also doubled from 1GB to 2GB. In addition, Shared mailboxes have gone from 5GB to 10GB, and Resource mailboxes from 250MB to 10GB! When you combine this with the recently announced storage upgrades for SkyDrive Pro this means every Office 365 user has access to over 80 GB of storage available to them.
TechNet discontinued Microsoft has retired the TechNet Subscriptions service, TechNet Subscriptions are no longer available for purchase through the TechNet Subscriptions website or Volume Licensing. Microsoft will continue to honour all existing TechNet Subscriptions. Subscribers with active accounts may continue to access program benefits until their current subscription period concludes. Eligible customers with active accounts as of 1st September 2013 will receive a free, one-time, 90-day subscription extension to access product downloads and program benefits.
Yammer enterprise with Office 365 and external networks Yammer ammer Enterprise is now included with all Office 365 Enterprise plans. As part of this update, all existing Office 365 Enterprise plan customers will receive licenses for Yammer Enterprise (see Yammer Plans & Pricing for additional information). In addition, Microsoft updated the way they license external users. Prior to the acquisition, Yammer enabled external collaboration with dedicated online workspaces called External Networks. Starting today, Office 365 Enterprise
customers are no longer required to purchase Yammer Enterprise licenses for external users within their external networks. This simple licensing change significantly reduces the friction in cross-org collaboration and will enable end users to work with customers and partners without having to worry about additional costs.
The Windows 8.1 Enterprise Upgrade This is now available as a standalone SKU in the Open and Select Volume Licensing programs. What is changing: Windows Pro Upgrade: The Windows Pro Upgrade remains available as a License only, without Software Assurance (SA). Windows Enterprise Upgrade: The Windows Enterprise Upgrade is offered as of March 1, 2014 and allows customers with a qualifying OS to upgrade to Windows Enterprise with or without purchasing SA. Software Assurance: Except as stated below, SA may only be purchased for a Windows Enterprise Upgrade license. • Select Plus, Open Value, and Open License Programs: Customers may continue to acquire SA for new devices purchased through June 30, 2014 with OEM or FPP licenses for Windows 8.1 or 8 Pro or Windows 7 Professional within 90 days of purchase. For example: If you purchase a new device with Windows 8.1 Pro on June 6th, 2014, you can attach Windows SA to the device without buying the underlying Enterprise upgrade license until September 4th, 2014.
?
• Renewals: Customers who bought SA for Windows Pro may renew SA on their covered devices without buying a Windows Enterprise Upgrade license. • Purchasing Windows Upgrade + SA: Any customer in a volume licensing program that requires SA and who previously purchased Windows Pro Upgrade + SA may continue to purchase Pro Upgrade + SA until the end of their enrollment or agreement. Upon entering a new enrollment or agreement the customer will purchase Enterprise Upgrade + SA. What is not changing: • Qualifying Operating System requirements • Windows licensing use rights • Windows product features, media and bits • SA Benefits like New Version Rights, MDOP access, Virtualisation, other SA entitlements • Pricing • The price of Enterprise Upgrade + SA will be the same as what Pro Upgrade + SA was before March 2014. • Windows Pro Upgrade remains available without Windows SA at the same price if you want to version upgrade (example Windows 7 Professional to Windows 8.1 Pro).
for all your...
licensing needs, speak to your Bytes account manager on 01372 418500
www.bytes.co.uk | 15
Bytes portal
portal
The Bytes Portal brings together all elements of your software estate into one system. It enables you to manage and track the entire life cycle of your software assets from point of purchase to decommission. It has a unique and customisable intelligence, as well as real data/views that will help simplify the administration of your global software licensing estate. Below are some of the key functions of the Portal: On line Ordering The Bytes Portal gives you direct access to your current agreement information and pricing tailored to your specific contract parameters. Our product search facility helps you quickly find the items you need and create quotations, email these quotations to other people in your organisation and easily convert them to orders. The Portal offers customisable views and access rights so that components, for example the ability to place orders, can be included or excluded for specific users. Manage Contracts and Renewals The Portal offers a full contract management system which you can use to manage all the contracts and software licenses in your estate. You can upload your own data and documentation for any type of contract across your organisation. The Portal flags contracts and licenses at 90, 60 and 30 days prior to renewal or expiry and can be configured to send reminder emails at these intervals. Discover and Manage Assets The Bytes asset management service provides you with the ability to actively manage your organisation’s software license and compliance positions.
Emma Magalhaes Bytes Portal Manager
I find the Bytes Portal extremely easy to use, I mainly create orders or convert quotes to an order and the process is faultless. When I request a quote for software the response is very quick and orders are always processed straightaway. I wish all portals were the same! Gayle Core - Specsavers This modular service is designed to deliver cost reductions by rationalising support and maintenance contracts and ensure cost avoidance through license re-harvesting and contract renewal management. Manage Learning Our online learning portal offers services ranging from simple online booking of a wide range of popular training courses from many training providers, to bespoke solutions developed for your organisation. You can publish and manage your own in house training programs and curriculums and monitor course registration, budget approval and attendance. Service Desk The Portal service desk helps you manage all of your communications with
Bytes sales, technical and administration teams. It enables you to log and monitor requests online which go directly to the relevant personal with Bytes. The Service Desk can be used as an auditable way of tracking how Bytes and your organisation are interacting and how we are delivering against Service Level Agreements (SLA’s) and response times. Portal Development Services Our Portal development services enable secure seamless communication and navigation between your own back office systems and the Bytes Portal. Our in-house team have the skills to develop and support solutions to integrate with your systems.
learn more...
about the Bytes Portal or to set up a user account, please speak to your Bytes account manager who will arrange this for you.
www.bytes.co.uk | 17
case study
casestudy Increasing staff productivity through cloud-based services, whilst applying
cost reducing
licensing solutions. Richard Read Senior Account Manager, Bytes
18 |
London Borough of Newham delivers high-quality public services to around 300,000 people living east of the City of London. The council wanted to support staff working remotely and make efficiency savings by developing systems using cloud-based services. The 2012 Olympic Games presented an opportunity to use Microsoft cloud technology to give secure remote access to information for 1,400 employees. Home working resulted in staff becoming more productive, paving the way for further cloud services. The Challenge Three years ago, London Borough of Newham embarked on a project to share IT and support services with neighbouring Havering Borough Council, aiming to save ÂŁ11 million by 2015. Driving down costs and increasing efficiency are challenges shared by all local authorities in the U.K., and Newham aimed to do this through its focus on citizencentric services. In order to continue to provide a quality service to their citizens and employees, Newham identified the need to upgrade to the latest generation of software and applications in the cloud. In terms of innovation, Newham has made a substantial commitment to remote working, online self-services for citizens, shared services, and collective procurement - all
John Friend Assistant Head of ICT, London Borough of Newham
with the aim of doing more with less. This strategy proved particularly successful during the 2012 Olympic Games, when home working relieved pressure on services and staff were more productive. These innovations, including the shared infrastructure with Havering Council and a self-service portal for citizens, have created a strong argument for developing cloud-based systems. The Council’s CIO has predicted that within five years most of Newham’s IT services will be cloud-based, which will involve close collaboration with Bytes and Microsoft. The Solution Over the past four years, Bytes has worked in partnership with London Borough of Newham advising them on the best licensing solutions enabling them to meet their business needs. With cost efficiencies at the centre, Bytes worked with Newham to build a business case for licensing their entire desktop infrastructure, as well as providing innovative solutions for MS Dynamics CRM, SharePoint, SQL and Biztalk. More recently, this relationship has extended to both Newham and Havering councils on licensing a joint datacentre solution. Newham is now using the Microsoft private cloud solution to deliver further savings and efficiencies, while at the same time taking advantage of its existing Microsoft-based estate. Cloud-optimised IT provided by Microsoft supports the mobile and flexible work style first adopted by the council in 2012 for the Olympics. It avoided the need to procure more expensive products from third parties. In 2012, the council scaled up its remote access capability to 1,400 concurrent users and tested it before the Olympics using the Microsoft private cloud. By upgrading to Windows Server 2012 and Microsoft System Center 2012, Newham delivered a flexible, cost-effective, cloud-based infrastructure using its existing technology. Andrew Woodgate, Principal System Support Analyst, London Borough of Newham, says: “The Service Manager component of System Center 2012 has replaced the thirdparty software supporting our help desk, realising substantial savings. We’re also using other components; Operations Manager for monitoring,
Throughout our time working with Bytes, Newham has developed an excellent working relationship specifically around their licensing expertise, vendor & product knowledge. Bytes have helped us gain significant savings in license costs, whilst ensuring that we remain compliant with any future risks minimised. Configuration Manager for the desktop management, and the Orchestrator component for automating tasks previously conducted manually.” Newham is taking full advantage of virtualisation and automation with System Center and Windows Server, including the Hyper-V Replica feature in Windows Server 2012 for disaster recovery. Woodgate says: “We use the Hyper-V virtualisation software included in Windows Server 2012 to improve efficiency and disaster recovery. And, with System Center 2012, Newham can integrate a wide range of technologies into a coherent private cloud and manage it from a single place.” Windows Server 2012 offers Newham and Havering councils a complete virtualisation platform. It delivers a fully isolated multitenant environment with tools that can ensure service-level agreements are met, monitor resource use for reporting, and support self-service delivery. Its highly scalable environment offers connectivity to cloud services using a common identity and management framework. Licensing Cost Saving Benefits Bytes has ensured that London Borough of Newham has the most cost efficient licensing solution in place that meets their current and future plans, whilst remaining compliant with their Microsoft usage. The recommended ECI Subscription Licensing route meant that Newham were able to avoid upfront Year 1 costs of £224,000 and receive an overall 3 year cost saving of £132,000. These solutions will also give Newham the flexibility to move services to the Cloud and drive further cost efficiencies through the implementation of this technology.
customer profile Company: London Borough of Newham Industry: Public Sector Country: UK Employees: 5,000 Bytes Solutions Provided: Software Asset Management Services Microsoft System Center 2012 Windows Server 2012 Enrolment for Application Platform - MS Dynamics CRM Enrolment for Application Platform - SharePoint - BizTalk - SQL Enrolment for Core Infrastructure - Core Infrastructure Suite Datacentre Edition - Window Server DataCentre - System Centre Suite DataCentre Key Benefits: • Immediate & long-term cost savings with predictable license cost going forward • Platform standardisation across the desktop & datacentre • Flexible & scalable deployment whether on premise or via the Cloud • Simplified license management through vendor consolidation • Reduction of upfront year 1 costs of £224,000 • Overall 3 year savings of £132,000
BYTES TV hear what our customers think about us www.bytes.co.uk/bytestv
www.bytes.co.uk | 19
cloud
Our Cloud Now seminar at the Kensington Roof
the
Gardens, London was a great opportunity for many of our customers to hear from industry presenters and speak directly to key software vendors during
nowseminar
our speed dating on the hot issues surrounding cloud and hybrid cloud.
Why. How. Who.
20 |
It’s Time to Reimagine the Way We Work
Technology is here to empower people. But that doesn’t work if human structures, habits or fears constrain them. If businesses won’t let their employees be free, they’ll be doing the 21st Century equivalent of trotting in front of a car waving a length of scarlet cotton. Dave Coplin Chief Envisioning Officer, Microsoft
In many ways it seems that we are all living the technology dream. The advent of the internet, then the web and the ever faster evolution of services and devices have transformed the way people live their lives. The technologists among us would say that now the ever accelerating trends of mobile, cloud, big data and social are transforming the IT landscape. Which means that we live in a period where technology is all around us, where it has become a natural, normal part of our everyday lives. But over the past few years a nagging sense of doubt has grown up about how true this utopian vision of technology as the ultimate liberator for the workplace is. Some wonder whether the very thing that was supposed to set us free might not have instead ensnared us without truly adding the value it so richly promised. Employees are disengaged as never before. In surveys only a third say they are actively engaged in their work. We have lost sight of the fact that we are all, for the most part, professional, independent creative beings, employed by our organisations to help them achieve great outcomes. There are several aspects of knowledge work that seem broken. Open plan offices suck at creativity, workers struggle under the weight of communications burdened by an inability to use the new tools effectively. We are stuck in old ways of managing, communicating and collaborating. We measure success by process not by outcome. It is time to harness the power of collaboration and flexible working to rethink the way we work
towards a better, more agile, more creative working environment. I think the modern workplace has simply become the culmination of our past experiences, where the place, people and processes are no longer optimised to how we live our lives now either at work or even at play. The massive risk here is that in a world defined by its processes and not its outcomes, working smarter is not an option and the only feasible other alternative is simply to work harder. We need to take a more flexible approach to both the workplace and the work we do; one that provides us both the physical and cognitive space to harness the incredible power, insight and experience we offer, but focused not on the individual processes but instead on the overall outcomes our organisations are seeking to achieve. In my book I examine the trends of flexible working and social business and how employees and managers need to change the way they operate to take advantage of them. Have you heard of the red flag laws of the late 19th Century? Did you know that for 30 years in Victorian England, someone was legally obliged to walk in front of any moving car with a red flag? It seems ridiculous now that you would want to restrict a vehicle to the walking pace of a man. But when the
red flag laws were passed in Great Britain (and similar laws were also passed in the US), legislators were thinking about the present and not about the possibilities of the future. These measures were later reduced but only effectively repealed in 1896. I always remember the red flag laws when I hear talk of fears about the internet, social networking and the negative effects of the advance of technology. The arrogance of the present is a sort of constraining fear. It says that we’ve got everything that we need. Anything extra is dangerous. Or could be. We have to get past this and indulge in a little bit of imagination. What could happen if we did measure by outcomes, if we did empower people to be thoughtful about where they work? If we did stop worrying about processes and looked a bit more at our goals? My key message is empowerment. Technology is here to empower people. But that doesn’t work if human structures, habits or fears constrain them. If businesses won’t let their employees be free, they’ll be doing the 21st Century equivalent of trotting in front of a car waving a length of scarlet cotton. And their competitors in the fast lane will wave to them as they pass.
We have 50 copies of Business Reimagined to give away for FREE, simply email us your name and address and we’ll pop it in the post. tellmemore@bytes.co.uk
cont... cont. www.bytes.co.uk | 21
cloud
Here’s what’s happening in the cloud now with a selection of our Microsoft Office 365 Office on the go
Your business to go with Office 365. Why not consider using Office 365 through your Windows Phone, to access all your latest documents from home or on the move? The latest version of Office suite as a subscription allows per user licensing across 5 PC/Mac and 5 mobile devices. Always have the latest versions of Word, Excel, PowerPoint, Outlook, OneNote, Publisher, and Access for your Phone, PC or Mac.
SharePoint Online
Document sharing and management in the cloud with internal and external sites for working together on projects. Online and offline access to your documents and build your company public website with easy-to-use templates.
Exchange Online
Hosted business class email and shared calendar with 50 GB of storage space per user. Use your own domain name to send emails and protect against spam with premium spam and malware protection.
Lync Online
Multiparty HD video conferencing with real-time note taking and document sharing. Have instant messaging and presence across firewalls.
Windows Azure Never wait for servers
Use what you already know
Develop amazing apps
Integrate onpremises apps and data
Instantly provision Windows and Linux Virtual Machines, applications, and infrastructure within Microsoft-managed data centers around the world.
Develop great Azure solutions using .NET, Java, PHP, Node.js, Python, or Ruby. Integrated Visual Studio tooling enables you to develop, debug and iterate apps fast.
Save money and be agile
Per-minute billing and built-in auto scaling enable you to pay only for the infrastructure you really need and spin up/down resources automatically based on actual usage.
22 |
Multiparty HD video conferencing with real-time note taking and document sharing. Have instant messaging and presence across firewalls.
Securely manage cloud resources and enable your users to access apps using their existing corporate credentials with Active Directory.
strategic partners: UEM for Microsoft Office 365 A fully integrated, cloud based email security, continuity and archiving solution that delivers enhanced functionality and extends the capability of Microsoft Office 365 and Microsoft Exchange Online. Mimecast UEM for Microsoft Office 365 has been customised especially for cloud-to-cloud integration. It is designed to augment Office 365 with additional layers of functionality to ensure the exacting standards of administrators and end-users are met. We provide a rich set of email gateway and security features, and an independent immutable archive that is backed by a 100% availability SLA. Importantly, the archive is the only repository that provides you with a single view of all data in your business – internal and external to Office 365.
Key Features • All the features and benefits of Mimecast’s products • Enables Exchange coexistence with on-premise and Office 365 • Highly secure and resilient offsite email storage • Independent perpetual email archiving for Office 365 • Adding a 100% service availability SLA on top of Office 365 • Enhanced e-discovery and compliance archive tools • Enhanced email security gateway features; DLP & encryption • Message Action controls for end users via Outlook integration • Disclaimer management and corporate email branding • Email continuity for Outlook and Smartphone users.
Added value to Microsoft Office 365 • Mimecast’s DLP, email encryption, content and policy control • Large attachment management and document conversion • User-invoked message actions for enhanced security and gateway feature control • User and administrator searching of live and historical email across all devices • A single source archive of across all email and data platforms, whether on-premise or in the cloud • Folder replication to Mimecast archive.
Key Features •Simplify provisioning and consolidate management - reduce provisioning time from weeks to minutes using an integrated provider portal through which you can manage devices, tenants, connectors, and applications, and offer tenants a self-serve provisioning portal to manage ADC services
• Integrate flexibly - use cloud connectors to connect with thirdparty orchestration tools • Enable cloud bursting - extend to the public cloud infrastructure using the BIG-IQ Cloud REST API • Gain cloud visibility - get a view into application health with health status visibility across private, public, and hybrid clouds.
Big-IQ Cloud F5® BIG-IQ™ Cloud automates and orchestrates the deployment of F5 BIG-IP® devices across traditional and cloud infrastructures. BIG-IQ Cloud supports dynamic provisioning of devices in VMware, Amazon, and OpenStack cloud environments.* A key component in the F5 Synthesis™ architecture, BIG-IQ enables organisations to seamlessly provision, manage, and scale a rich set of application services irrespective of form factor (hardware, software, cloud) or deployment model (on-premises, private/public cloud, hybrid). BIG-IQ also supports integration with other ecosystem participants such as public cloud providers and orchestration engines through cloud connectors and through a comprehensive set of open APIs. Complementing the orchestration capability of BIG-IQ is a multi-tenant approach to management. This allows organisations to move closer to IT as a Service without concern that it might affect the stability or security of the services fabric.
BIG-IQ Cloud enables integrated management of the application network services required to deliver applications in the cloud.
cont... www.bytes.co.uk | 23
cloud
Private Cloud Emulation Appliances ThreatCloud Emulation prevents infections from undiscovered exploits, zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network. Check Point ThreatCloud Emulation reports to the ThreatCloud™ service and automatically shares the newly identified threat information with other Check Point customers. Traditional solutions have focused on detection, providing notifications after a threat has breached the network. With Check Point ThreatCloud Emulation, new threats are blocked and infection does not occur.
Private Cloud Emulation Appliances
Customers may choose the ThreatCloud Emulation Service or, if they prefer to not use cloud applications due to regulatory or privacy concerns, two appliance options are available to choose from, with overall performance supporting organisations up to 3,000 users on the TE250 Appliance and above 3,000 users on the TE1000 Appliance. Key Features • I dentify new malware hidden in Adobe PDF, MS Office Word, PowerPoint, Excel and Zip* files •A bility to send EXE files to the public cloud Threat Emulation Service*
•S upported topologies: Private Emulation cloud for an existing Gateway, Inline, Message Transfer Agent (MTA), Mirror/TAP •R ecommended for 1M file-scans per month (performance varies). Key Benefits: revent new and unknown attacks •P in business documents and executable* files •R educes costs by leveraging existing security infrastructure •M aximise protection through unified management, monitoring and reporting •Z ero false-positives means you can secure the network without stopping the flow of business •n crease security with automatic sharing of new attack information with ThreatCloud.
Connected Cloud® MobileIron® Connected Cloud® is a cloud-based Mobile IT service that secures and manages mobile apps, docs, and devices. It is the SaaS version of the market leading MobileIron VSP on-premise solution. The Connected Cloud service is a comprehensive mobile solution that also provides deep integration with enterprise IT infrastructure. The service scales to thousands of users and devices, offers superior availability, and is certified against the most rigorous standards for data and operations security. Enterprise Integration Organisations can deploy Connected Cloud with zero footprint. However, Connected Cloud also provides a hybrid solution with enterprise integration. The MobileIron Enterprise Connector provides real-time connectivity to backend AD/LDAP
24 |
directory services for proper user authentication and integration with groups, OUs, and users already set up in the corporate directory. In addition, MobileIron Sentry can be used with Connected Cloud to provide email access control for Microsoft Exchange, Microsoft Office 365, and Lotus Notes. Key Benefits: •P rovides full mobile device management, mobile app management, and mobile content management capabilities
• I ntegrates easily with on-premise enterprise services, such as AD/ LDAP directory services and enterprise email •L everages the most trusted Mobile IT cloud service, with SOC 2 Type 2 audit, TRUSTe Privacy Seal, EU Safe Harbor, and operational transparency.
vCloud Suite or vCloud Hybrid Service VMware offers two options for transforming the data center into a cloud environment that implements the software-defined data center (SDDC) architecture: 1. Packaged software that customers deploy on premises 2. Public infrastructure as a service based on VMware SDDC technologies and operated by VMware vCloud® Hybrid Service™ With these two options, VMware is offering a true hybrid cloud platform where organisations can seamlessly extend the SDDC with a common management, orchestration, networking and security model across on-premises and off-premises environments. Building on the foundation of VMware vSphere® virtualisation, VMware offers two choices to transform the data center into a dynamic
cloud environment. You can build a private cloud infrastructure with VMware vCloud® Suite or rent a public or hybrid cloud service with VMware vCloud Hybrid Service. Both cloud solutions are built on the same software-defined data center architecture, which expands the cost and operational benefits of server virtualisation to all the data center infrastructure: compute, network, security, storage and management. And together, you can have a hybrid cloud platform where you have the agility and convenience of public cloud with the freedom and confidence to run any applications onsite, offsite or both. Key Features • Automated provisioning and deployment – Assemble new applications from reusable components, and deploy them in minutes instead of weeks.
• Automated operations management – Efficiently run your cloud with purpose-built tools to optimise performance, ensure security and rectify potential problems before users ever see them. • Availability, disaster recovery and compliance – Deliver demanding SLAs, protect your data and verify conformance with policies and regulations. • Visibility into IT costs – Intelligently plan capacity, optimise resource allocation and evolve to a complete IT chargeback model. • Full extensibility – Customise your environment, integrate third-party solutions and interoperate with VMware-based public cloud services
vCloud Suite The First Step to a Software-Defined Data Center Achitecture Management and Automation vCloud Automation Center
vCenter Operations Management Suite
IT Business Management Suite
Storage and Availability
Compute
Network and Security vCloud Networking and Security
vCenter Site Recovery manager vSphere Virtual SAN
NSX
call us today...
to discuss your cloud strategy. Whether it’s Microsoft, security, or virtualisation and storage we can help. Visit www.bytes.co.uk/contact to select the right team.
www.bytes.co.uk | 25
virtualisation
virtual Our Virtualisation expert, Matt Gallick takes a look at Automation and what you should know.
Self password reset Automation is the key to productivity, agility and cost reduction. Automation comes in many different forms and can be completely customised to your business needs and requirements. Whether you are looking at simple tasks such as self password reset or the full automation of on-boarding & off-boarding users, there is a tool set and a solution available to assist.
As with automation, self password reset is a very simple task and there are many tools that can help you achieve it, whether you look at a single point solution or as a capability of a larger scale self service automation solution. The reason I start with self password reset is that it is almost always the number one request that Bytes see on the list of most logged tickets within our customers’ service desks. If you do not already have a solution in place I’d absolutely recommend speaking to your IT team or helpdesk and request a report of the number of password reset requests they have dealt with in the last twelve months. Automation at this level is a no brainer.
On-boarding and offboarding users On-boarding and off-boarding users is fast becoming one of the most talked about topics in meetings that Bytes attend and there are 2 main reasons for this. The first is the obvious part; on-boarding and off-boarding users can be a very long and drawn out process which can involve many departments, depending
26 |
on the size of the company. There is a great number of tasks that need completing; from creation of active directory accounts & mailboxes, to adding people to the correct email distribution groups, and even ordering of the hardware they may need i.e. PC’s, laptops and mobile phones. By using an automation tool here you can cut the amount of time it takes to provision a user and also heavily reduce the amount of manual intervention needed, thus freeing up time for your IT team so that they can focus on projects that deliver business value. The same can also work in reverse, so when someone leaves you can de-commission their accounts, forward their email to their manager and possibly even re-allocate their hardware to a pool to await re-assignment. The second part of this is around security and compliance. As mentioned briefly in part one, when people leave you need to decommission their accounts to make sure they no longer have access to your systems. When this is done manually it can often take time and things can be missed. Forwarding on their email to their manager makes sure that any future correspondences are not missed as it may be coming
Automation is the key to productivity, agility and cost reductions from an active client. Removing logins for all your systems makes sure that ex-employees can no longer view any of your company data whether from an in house application or SAAS application such as SalesForce.com. This is also relevant when people move from one department to another or even change roles within the same department. Making sure people have access to all the systems and information they need for their current role is extremely important, as is taking away any access they should no longer have. Whether intentional or not, the majority of data breaches come from inside the organisation and making sure people only have the correct access minimises the risks of a data breach. Well designed and automated systems can assists with all of this.
Automating repetitive and manual tasks using run-books There are many tasks that IT admins repeat over and over, they are usually relatively simple tasks but often time consuming. An example of this could be the deploying of an application on a server. For this process, you generally need to install an O/S and patch it to the level you require, install the application and also patch that to the version you require. This is all very basic and can be built into a run book where the admin’s task can just become as simple as entering the
needed quantity and clicking create. Many man hours can be saved using this method and it can be applied to almost any task that an IT admin undertakes.
End user self service With end users used to the App Store type experience from the likes of Apple and Google, they come to expect this fast and automated experience in the office. This is often easier than it initially seems and there are lots of major vendors investing in this space to make is possible for you to easily build your own IT store or link self service into systems that you have such as your intranet. Companies should definitely look at this as an IT store as opposed to an App Store, as in a business environment the needs are far wider than just applications. When looking at applications, you can set simple authorisation structures into the process. This may look at active directory to see if the application being requested is instantly available to the job role of the person requesting it and if you have a valid license available. If both of these check out then it can auto provision the application.
If the application sits outside the parameters of the job role it can send a request to a designated person for authorisation or denial before the application is deployed. If there is a license required to deploy the application it could then send a request to a purchasing system, purchasing team or whatever mechanism you have in place to purchase software. On top of the ability to do application requests, you could also use the portal to allow people to request other services. Examples of this are users being: added to a printer, an email group, changing personal information in their signature or re-setting their password. The Bytes Virtualisation and Management Team is engaging on a rapidly increasing number of projects in this space and would relish the chance to work with any customers on assessing the viability of automation solutions within their business.
interested?...
Please get in touch if you need more detail, you can contact us on vteam@bytes.co.uk or via your Bytes account manager on 01372 418500. Please follow us on @Bytes_vTeam
www.bytes.co.uk | 27
XenMobile
virtualisation
Fastest path to mobile productivity
A complete solution to manage and secure apps, data and devices combined with businessclass productivity apps.
Mobility is a top priority for organisations. Why? Because more employees than ever before are demanding access to the apps and data that will make them productive on-the-go.
28 |
XenMobile
Mobile freedom - with enterprisegrade security Citrix XenMobile is a comprehensive solution to manage mobile devices, apps, and data. Users have single click access to all of their mobile, SaaS and Windows apps from a unified corporate app store, including seamlessly-integrated email, browser, data sharing and support apps. In addition, XenMobile securely delivers Worx Mobile Apps, mobile apps built for businesses using the Worx App SDK and found through the Worx App Gallery. Configure, secure, provision and support mobile devices with MDM XenMobile delivers enterprise grade MDM with role-based management, configuration, security and support for corporate and employee-owned devices. Users enroll their devices, enabling IT to provision policies and apps to those devices automatically, blacklist or whitelist apps, detect and protect against jailbroken devices, troubleshoot device and app issues, and wipe or selectively wipe a device that is lost, stolen or out of compliance.
Mobile app management with the largest ecosystem of apps built for business XenMobile securely delivers Worx Mobile Apps, the industry’s largest collection of apps built for business.
Developers leverage the Worx App SDK, a simple and powerful SDK that provides critical enterprise features into any app. The SDK leverages Citrix MDX app container technology to add features like data encryption, password authentication, secure lock and wipe, inter-app policies and micro VPNs to mobile apps. It comes with a library that can be embedded into any app with a single line of code. Business-class email, browser and document sharing apps With XenMobile, IT can deliver Citrix-developed apps that are built for business. The apps are fully containerised on the mobile device, separate from personal apps, for secure productivity. These apps include WorxMail for secure email, calendar and contact access, WorxWeb for a secure internet and Intranet access and ShareFile for secure enterprise file synchronisation and sharing. Unified corporate app store XenMobile includes a unified corporate app store that provides a single place for users to access all of their apps – mobile, web, SaaS and Windows – on any device.
Multi-factor single sign-on XenMobile makes it easy for IT to manage user access and radically simplify the user experience. Through the unified corporate app store, users are given secure multi-factor single sign-on across their mobile, web and Windows apps ensuring that they don’t need to remember yet-anotherpassword
key benefits • Give users device and app choice while ensuring compliance • Deliver business class productivity apps that users love and IT embraces • Enable business by allowing simple, scalable and anywhere access to apps • Provide advanced app and data controls to keep users happy while assuring content.
learn more...
about XenMobile for mobile freedom with enterprise security by contacting your Bytes account manager on 01372 418500.
www.bytes.co.uk | 29
virtualisation
vCloud Hybrid Service
VMware FROM
Dedicated Cloud & Virtual Private Cloud
What Is VMware vCloud Hybrid Service? vCloud Hybrid Service is a secure infrastructure-as-aservice, cloud owned and operated by VMware, built on the trusted foundation of vSphere. The service supports existing workloads and new application development, giving IT administrators and architects a common platform for seamlessly extending existing data centers to the cloud by leveraging the same tools and processes used today. VMware vCloud Hybrid Service
At a Glance VMware vCloud® Hybrid Service™ is a secure, dedicated hybrid cloud service operated by VMware, built on the trusted foundation of VMware vSphere®. The service supports existing workloads and third-party applications as well as new application development, giving IT a common platform for seamlessly extending its data center to the cloud.
Customer Components vCloud Hybrid Service integrates with existing vSphere and vCloud Suite environments
30 |
vCloud Hybrid Service is available in two service types - Dedicated Cloud and Virtual Private Cloud and includes five primary service components: • Compute (vCPU and vRAM) • Storage • Internet bandwidth • Public IP addresses • Production support
High-Performance and Reliable Cloud with the Security and Compliance Your IT Environment Requires You get the same level of security, reliability and performance from vCloud Hybrid Service that you get from your current VMware infrastructure. Critical applications can deliver the performance you need. You can allocate and provision resources where you need them, and you can leverage your existing IT policies to meet security, compliance and control requirements. Comprehensive Ecosystem and Best-in-Class Service You have access to a broad and deep ecosystem of technology, consulting and service partners. No matter where your applications are running or how much help you need to get to the cloud, you can leverage the VMware ecosystem to get there.
How Does vCloud Hybrid Service Get You to the Cloud Faster? vCloud Hybrid Service is not just compatible with your current IT investment; it is the same platform you run internally. Broadest OS and Application Support - The Fastest Path to the Cloud vCloud Hybrid Service supports the thousands of applications and dozens of operating systems that are certified to run on vSphere, so you can run your applications in the cloud with no changes required.
Seamless Network Integration - Extend Beyond Your Current Data Center vCloud Hybrid Service is built on a seamless virtualised network that is quickly customisable to support your application and security needs. You can stretch your Layer 2 and Layer 3 networks seamlessly from your data center to vCloud Hybrid Service without the need for manual configuration changes. Network virtualisation enables you to configure your firewalls and network as if they were in your own data center so that you can replicate the network your applications need to operate. The service provides common identity and access management across your onsite and offsite cloud locations. Reliability and Manageability - Driving Down Your Risk and Cost of Ownership Built on vSphere, vCloud Hybrid Service also includes for no additional fee the automated replication, monitoring and high availability of your applications, so you don’t have to rewrite or rearchitect existing applications to ensure their availability.
Dedicated Cloud
Virtual Private Cloud
Compute
120 GB vRAM 30 GHz vCPU Single tenant
20 GB vRAM 5 GHz vCPU (burst to 10 GHz) Multitenant
Storage
6TB primary storage
2TB primary storage
Internet Bandwidth
50 Mbps Bandwidth
10 Mbps Bandwidth
Public IP Addresses
Individually purchasable
Individually purchasable
Production Support
24 hours/day 7 days/week 365 days/year
24 hours/day 7 days/week 365 days/year
Subscription Terms
12 month 24 month 36 month
3 month 12 month
How To Buy vCloud Hybrid Service offers a termbased subscription service available in two service types Dedicated Cloud and Virtual Private Cloud - which are expandable to meet your capacity needs as they grow and evolve.
find out more... about vCloud Hybrid Service by contacting your Bytes account manager on 01372 418500.
www.bytes.co.uk | 31
storage
the
all-fl ash enterprise array
Pure Storage delivers all-flash enterprise storage for less than the cost of spinning disk.
Accelerate Your Virtualisation Journey: • Virtualise Tier 1 IO-hungry databases and applications • Reduce power consumption by 80% • Increase VM consolidation rates, reducing servers.
Turbo-Charge Database Performance: • Speed transactions by 3-10x with consistent low-latency storage IO • Enable online data analytics across wide datasets • Mix production, analytics, test/dev and backup workloads without fear.
Deliver the Ultimate VDI Experience: • Beat the performance of dedicated laptops with SSDs • Scale from pilot > 1,000s of users • Deliver all-flash VDI for less than $100/desktop.
32 |
The FlashArray is powered by the Purity Operating Environment, storage software designed for 100% flash:
300 Series
400 Series
Performance
• Up to 200,000 4K IOPS • Up to 1.5 Gb/s bandwidth <1ms average latency
Capacity
• 5 – 50+ TBs effective capacity* • 5 – 120+ TBs effective capacity* • 2.75 – 11TB raw capacity • 2.75 – 35TB raw capacity Always-on global inline deduplication, compression, pattern removal and thin provisioning
Host Connectivity
• Up to 8 active/active host IO ports • 8Gb/s Fibre Channel or 10Gb/s Ethernet
Size & Power
• 2U per controller, 2U per storage shelf • 400 – 450 Watts per controller, 200 – 220 Watts per shelf
Resiliency
• Active/Active high availability via InfiniBand-clustered controllers • Dual-parity global RAID-3D™ protection against drive failure • Multi-layer checksums and data integrity fabric • 100% encryption of data-at-rest with no key mgmt • Hot-swap controllers, drives, fans, power supplies, and NV-RAM
Flash Management
• Global flash wear leveling and deletion management • FlashCare™ MLC flash performance management and life extension • 5-year available warranty against flash wear/failure
• Up to 400,000 8K IOPS • Up to 5 Gb/s bandwidth <1ms average latency
www.bytes.co.uk | 33
storage
Windows Azure is an open and flexible cloud platform that enables you to quickly build, deploy, scale and manage applications across a global network of Microsoft datacenters. You can build applications using multiple languages,
Azure ? you should be. tools and frameworks.
are you
KEY USE CASES Web applications Build anything from lightweight web sites to multi-tier cloud services that scale up as your trac grows. Cloud storage Rely on geo-redundant cloud storage for back up, archiving, and disaster recovery. Big Data & HPC Get actionable insights from your data by taking advantage of a fully compatible enterprise-ready Hadoop service. Mobile Accelerate your mobile app development by using a backend hosted in Windows Azure. Scale instantly as your install base grows. Media Create, manage and distribute media in the cloud - everything from encoding to content protection to streaming and analytics support.
34 |
Flexible application model Windows Azure provides a rich set of application services, including SDKs, caching, messaging and identity. You can write applications in .NET, PHP, Java, node.js, Python, Ruby, or using open REST protocols. This is all part of our promise to let you build using any language, tool or framework. Always on, always here Build resilient applications with automatic OS and service patching, built in network load balancing and geo-redundant storage. We also proudly deliver a 99.95% monthly SLA. You can rely on our decades of experience in datacenter operations and trust that everything we offer is backed by industry certifications for security and compliance. Datacenter without boundaries We make it easy for you to integrate your on-premises IT environment with the public cloud. Migrate your virtual machines to Windows Azure without the need to convert them to a different format. Use the robust messaging and networking capabilities in Windows Azure to deliver hybrid solutions, and then manage your hybrid applications from a single console with System Center. Global reach With datacenters around the globe, a massive investment in datacenter innovation and a worldwide Content Delivery Network, you can build applications that provide the best experience for your users wherever they are.
COMPUTE Cloud services Use Cloud Services to quickly deploy and manage multi-tier applications and let Windows Azure handle details like provisioning, load balancing, and health monitoring for continuous availability.
CLOUD SERVICES
VIRTUAL MACHINES
Virtual machines Deploy and manage your own virtual servers in the cloud. You can choose Windows or Linux as the OS, pick an image from the gallery to start a VM or bring your own VM and run it on Windows Azure.
MOBILE SERVICES
Mobile services Accelerate mobile app development by letting Windows Azure handle backend tasks like authenticating users and sending push notifications. Supports popular platforms like iOS and Windows Phone 8. Web sites Get started with Web Sites for free, then scale as you go. Launch a simple site based on frameworks like WordPress, Joomla and Drupal with just a few clicks.
DATA SERVICES
APP SERVICES
NETWORKING
Storage Storage services provide multiple options for securely managing data and are accessible via REST APIs. Use Blobs to store up to 100 TB of unstructured text or binary data (video, audio and images). Use Tables for NoSQL unstructured data, and Queues for reliable, persistent messaging between applications.
Caching Caching helps applications scale and be more responsive under load by keeping data closer to application logic.
Virtual network Provision and manage virtual private networks (VPNs) in Windows Azure and securely link these with your onpremises IT infrastructure.
SQL database A full featured relational databaseas-a-service based on SQL Server technologies that offers high-level of interoperability and availability. SQL reporting Build reporting capabilities into your Windows Azure applications without the need to maintain your own reporting infrastructure. HDInsight Based on Apache Hadoop, HDInsight reduces the complexity of working with big data through integration with familiar tools like Microsoft Office and System Center.
Service bus Enables loosely-coupled communication between any applications - whether on-premises or cloud - for improved scale and resiliency. Windows Azure active directory Windows Azure Active Directory is a modern, REST-based cloud service that provides identity management and access control capabilities for applications. Media services Allows you to build end-to-end workflows for the creation, management, and distribution of media in Windows Azure that have the flexibility, scalability, and reliability necessary to serve a global audience.
Connect Quickly and easily create a secure IP-level connection between Windows Azure services and your on-premises resources such as database servers. Traffic manager Load balance incoming traffic across multiple services running in the same or different datacenters to ensure high performance, availability and resiliency. Content delivery network Improve your applicationâ&#x20AC;&#x2122;s performance by caching content at the location closest to your customers so that you can provide them with the best possible experience.
need help...
with Integrated Cloud Storage solutions, please contact your Bytes Account Manager or the Bytes Cloud team on 01372 418500.
www.bytes.co.uk | 35
storage
TAPE has never been part of the
BACKUP STRATEGY
You may already be aware that EVault is a part of the world-leading storage company, Seagate, and that it is a vendor of disk, hybrid and cloud backup and recovery solutions.
36 |
What you might not know is that EVault has never been, unlike other long-standing vendors, in the tape backup and recovery space. EVault has never sold tape-centric backup solutions and was established with disk and remote backup in mind. As a result, it has been able to address and perfect all of the key attributes of an enterprise class recovery solution without concerning itself with the manual and mechanical processes that tape based backups depend on. Tape is weak The business world has used tape to backup its business data for decades, and most companies over 15 years of age will have relied on it at some stage. But in that time those companies will also have become frustrated by its slow backup and recovery speeds, spending hundreds, if not thousands of pounds on manually transporting tapes off-site for storage, and may have faced the consequences of data loss from damaged or misplaced tapes.
EVault’s founders recognised the weaknesses of tape and predicted that savvy business managers would eventually look for a cost-effective, reliable and flexible alternative. Since cloud backup and hybrid backup options have emerged, the company has seen its prediction come true. Yet some companies are hesitant to make the switch. Let’s debunk some of the myths. Security Most businesses are rightly concerned about the security of their data. By backing up to tape they know where it is stored and feel in control of data access. When handing data over to a service provider there are natural concerns: Who will see it? Where is it going? How do we know it’s secure? Let’s set the record straight. By using the cloud or a hybrid solution for data backup, your data is more secure than if you rely on tape. For a start, minimal risk of data being physically stolen or damaged by natural disaster given the redundant copies automatically created and no one will be able to access or read your business data. EVault encrypts the data (using the
National Institute of Standards and Technology (NIST) 128-bit or 256bit Advanced Encryption Standard (AES) before it leaves the server. The data remains encrypted while being transferred over a secure internet connection and while at rest in toptier rated UK and European data centres. Only the chosen few within your business have access to the decryption key, not even EVault. The default creation of remote backup copies also fully addresses regulatory and compliance needs around the off siting of backup data – without any of the aggravation, risk and cost of physically moving it. Practicality Cloud based solutions of all types gain their efficiencies through size, shared resources and flexibility to scale (up or down) on demand. So in the context of backup it makes sense to utilise these attributes to reduce, or even remove the capital cost of tape libraries and physical media. But how to move such huge quantities of data during backup, and more importantly how to recover it quickly and efficiently? Backup speeds and efficiencies that outstrip the performance of tape based systems, yet still achieve a full backup every time, are achieved by only moving data once, rather than again and again (as with tape). Recovery is equally slick as the system initiates the retrieval of data from the fastest location automatically, whether from a local device or appliance, remote disaster recovery site or service provider, within seconds. Should the worst happen and a major incident occur, EVault offers 4-, 24and 48-hour disaster recovery options, restoring entire data centres in the cloud so users can remotely access server data and applications via a virtual platform; thereby minimising downtime. This option obviously also works well during planned maintenance and upgrades.
Key benefits of cloud/hybrid backup • Enterprise-grade backup solutions • Affordable for any sized business. • Flexibility allowing for true business continuity • Rapid, reliable recovery • Unbeatable high-grade security
Key issues with tape backup • Tape has major weaknesses • Slow backup and recovery speeds • Manual offsite transport • Increased cost of data transport, storage and hardware purchase • Risk of physical damage or loss
Windows Azure and EVault Businesses have trusted EVault with their data for 17 years, it’s one of the reasons EVault is a Microsoft Gold Application Development Partner. It’s a title that signals how closely EVault works with Microsoft to ensure that its data protection solutions are optimised for Microsoft Windows, Windows Azure, Exchange, SQL Server, SharePoint, and other Microsoft platforms. Both EVault Endpoint Protection and server-based backup are available on the Azure platform, helping users maintain control of their data while reducing infrastructure costs by taking advantage of Microsoft cloud services. In short, businesses can leverage any existing investment in Windows Azure to backup and protect their servers and endpoint devices (laptops, desktops) from data loss. And they can relax, forgetting any concerns they have about security or practicality, knowing that their infrastructure will be managed by experts, 24 hours per day, throughout the year. This is in addition to having access to EVault Express Recovery Appliance, providing rapid onsite data recovery as needed.
further info...
on EVault and other storage solutions contact your Bytes account manager on 01372 418500.
www.bytes.co.uk | 37
GO & storage
backup in minutes
Symantec NetBackup™ 5230 Appliance
A single-vendor, enterprise backup appliance that is ready to backup in minutes. Symantec NetBackup™ 5230 Appliance is an enterprise backup appliance with expandable storage and intelligent end-to-end deduplication for physical and virtual environments. Only Symantec appliances deduplicate on both the client and target side. Equipped with Symantec™ V-Ray technology, it provides unique visibility into virtual environments that speeds recovery and reduces storage costs. Content-aware deduplication reduces the size of backups so you can store more data cost effectively and replicate faster.
38 |
O
Symantec NetBackup™ 5230 Appliance The Top 20 reasons to use this 3rd generation backup appliance from the market leading Net Backup family. Suitable for any environment - Starting at 4TB and expandable up to 76TB usable capacity, NetBackup 5230 is ideal for both remote offices and enterprise data centers. ultiple functional roles - NetBackup 5230 can M be deployed as master server, media server with built-in deduplication, or both for a NetBackup domain. Fits into existing NetBackup environments - Easily expand or refresh existing NetBackup environments without disrupting operations. Ultimate virtual machine protection - Built-in support for VMware® vSphere™ and Microsoft Hyper-V®, no proxy servers required. Wide Area Network (WAN) optimisation - Up to 10x faster transfer rate for backups to cloud and replicating off-site.
Symantec™ Critical System Protection Protects against zero-day attacks and malicious insider threats. Heterogeneous cloud gateway - Serves as a gateway unit for sending backups to supported cloud storage vendors. Secures in-flight and at-rest backup data Encryption may be configured for source and target deduplication. Tape support - Write to tape for long-term data retention. I ndustry leading NetBackup software - The NetBackup 5200 series appliances come pre-installed with NetBackup 7.6 to provide a complete and integrated backup and deduplication solution.
etBackup Accelerator - Delivers traditional, full N backups at the speed of incremental backups.
Technical specifications
NetBackup 5230 Storage shelf
Usable storage capacity (TB)
4
24 or 36
imple and fast snapshot replication - Accelerate S snapshot replication management and granular file level recovery from any replicated snapshot image.
Storage shelves (max)
2
NA
Maximum capacity (TB)
NA
76TB
1 Gb Ethernet ports
4
NA
10 Gb Ethernet ports
up to 4
NA
Improve resource utilisation -Decrease backup storage up to 50 times and bandwidth consumption up to 99%.
8 Gb Fibre Channel ports
up to 10
NA
Dimensions H x W x D (inches)
3.5 x 19.2 x 30.1 5.1 x 17.6 x 22.1
Flexible deduplication options - Deduplication at source or target; inline or post-process.
Maximum weight (lb)
52.0
71.7
Typical power consumption (watts)
< 415
<271
perational simplicity - Power up and walk through O the installation wizard to start backing up in minutes.
Dynamic storage - Usable capacity can be any combination of up to 64TB deduplication pool, or 76TB Advanced Disk pool (non-deduplicated storage). Storage Area Network (SAN) client support - High-speed streaming through Fibre Channel to NetBackup 5230. imple front-end TB licensing - Pay once for S deduplication and replicate securely to any number of targets. Built-in replication - Policy based replication powered by Symantec™ OpenStorage. Auto Image Replication (AIR) - Replicate backup images to a remote NetBackup domain for electronic vaulting and disaster recovery readiness.
Maximum power consumption 750 (watts)
580
AC voltage range (Volts)
100 to 127 200 to 240
100 to 127 200 to 240
AC frequency range (Hz)
47 to 63
47 to 63
Ampere ratings (A)
7 (100V to 127V) 7 (100V to 127V), 3.5 (200V to 240V) 3.5 (200V to 240V)
Mean time to repair (hours)
<1
<1
further info...
on the NetBackupTM 5230 Appliance or Symantec in general please contact your Bytes account manager on 01372 418500.
www.bytes.co.uk | 39
storage
?
what is FLEXPOD FlexPod Datacenter with Microsoft Private Cloud A Microsoft Private Cloud Fast Track Reference Implementation
DATACENTER
with Microsoft Private Cloud? FlexPod® Datacenter with Microsoft® Private Cloud is a reference implementation validated with Microsoft Private Cloud Fast Track that combines Cisco® and NetApp® technology, including compute, network, storage, and value-added software components, with Microsoft software and consolidated guidance. Says Brian Hillger, director of Server and Tools Marketing at Microsoft.
Key Features Increase Agility
Respond faster at reduced cost to changing business needs with nondisruptive operations.
Improve Efficiency
Automate management tasks using Microsoft System Center 2012 integrated with NetApp data management software and Cisco UCS® Manager and UCS PowerTool, a comprehensive infrastructure management offering.
Utilise Proven Platform
The proven combination of NetApp and Cisco technology solutions and expertise helps you jump-start your Microsoft private cloud deployment.
“The Microsoft Private Cloud Fast Track architecture is a proven approach for deploying the Microsoft Cloud Platform on premises, and the award-winning FlexPod Datacenter platform is validated for both SAN and NAS storage approaches. Built on Windows Server 2012 with Hyper-V and System Center 2012, the Cisco and NetApp FlexPod Datacenter solution simplifies private cloud deployment for customers, with the goal of dramatic reduction of infrastructure and application deployment time from days to hours.” The latest reference architecture is built on Windows Server® 2012 with Hyper-V® and Microsoft System Center. Microsoft private cloud
40 |
?
offerings can help customers and service providers build dedicated infrastructureas-a-service (IaaS) environments that transform the way they deliver IT services. Specifically, Microsoft Private Cloud Fast Track solutions provide a streamlined approach to delivering scalable, preconfigured, and validated infrastructure platforms for on-premises private cloud implementations. With local control
over data and operations, IT can dynamically pool, allocate, secure, and manage resources for agile IaaS. Likewise, business units can deploy line-of-business applications with speed and consistency using selfprovisioning (and decommissioning) and automated data center services in a virtualised environment.
of TechEd North America award winner for Systems Management and Operations. When your organisation builds a private cloud with FlexPod, Windows Server 2012, and System Center 2012, it can deliver IT services and applications more efficiently and cost effectively.
FlexPod with Microsoft Private Cloud was named the 2013 Best
Private Cloud Fast Track reference architecture. The FlexPod Datacenter with Microsoft Private Cloud architecture is preengineered, tested, and optimised for virtualisation. It supports the operating system, virtualisation (compute, storage, and networking), and management capabilities offered by Windows Server 2012 with Hyper-V, and System Center 2012 Microsoft System Center 2012 SP1: Organisations can realise the benefits of cloud computing by providing a common toolset for the management of physical and virtual resources and cloud-hosted apps, whether they are deployed in public, private or partnerhosted cloud environments. Compute: The server fabric consists of similarly configured, swappable server blades that can be replaced for upgrades, repair and capacity changes. Automated load balancing limits service interruption.
Compute
Network
Storage
Network: Networking is virtualised, consolidated and automated. It supports advanced multitenant isolation and connectivity to public clouds, allowing organisations to take full advantage of hybrid IT.
Windows Server 2012 Hyper-V: Customers can take advantage of the cost savings of virtualisation through the massive scale capabilities of Windows Server 2012 Hyper-V. They also can make optimal use of server hardware investments by consolidating multiple server roles as separate virtual machines. Storage: Storage Spaces provides a complete storage virtualisation solution. It supports aggregation and elastic capacity expansion, building virtual disks from storage pools of capacity and thin provisioning with full TRIM support. Other storage deployments also can be validated for Private Cloud Fast Track reference architectures, according to customer requirements.
learn more...
about NetApp for Microsoft Private Cloud by contacting your Bytes account manager on 01372 418500.
www.bytes.co.uk | 41
storage
FAQ EV.cloud Archiving and eDiscovery As more and more of our customers are adopting
Enterprise Vault.cloud, we ask our very own Matt Compton to answer the questions that you need to know when evaluating this increasing popular cloud-based archiving service from Symantec. Matt Compton Storage & Security Lead
1. What is Symantec Enterprise Vault.cloud? It’s a cloud-based archiving solution that enables companies to address the challenges of mailbox storage management, compliance and email discovery with a cloud-based service. Requiring no additional hardware or software purchases, this lowmaintenance solution offers automatic updates, unlimited archiving and retention in secure datacenters, all for a flat and predictable monthly service fee. 2. What is the difference between Symantec Enterprise Vault and Enterprise Vault.cloud? The main difference is the deployment model. Symantec Enterprise Vault is an on-premise product, where as Symantec Enterprise Vault.cloud is delivered via the cloud. 3. What solutions does Enterprise Vault.cloud include? • Enterprise Vault Personal.cloud: Standalone mailbox management that provides end user access to the archive • Enterprise Vault Discovery.cloud: Standalone eDiscovery service that enables multi-mailbox search and helps enforce retention policies.
42 |
4. What size of organisation is Symantec Enterprise Vault.cloud suitable for? It’s suitable for organisations of all sizes from small to midsize businesses and up to large enterprises. 5. Which email platform does Symantec Enterprise Vault.cloud support? Microsoft Exchange Server (both server and hosted), Microsoft Office 365 and Lotus Domino. 6. Can I move from Enterprise Vault (on-premise) to Enterprise Vault.cloud? Yes, you can perform the ingestion of PST files into the cloud-based archive. 7. Can EV.cloud categorise emails for ease of management and searching? Yes, emails can be ‘tagged’ with a keyword or number(s). Messages can be added or removed from a tag easily. Tags can be easily viewed through Enterprise Vault Discovery. cloud and Enterprise Vault Personal. cloud. 8. Can the service create privilege logs? Enterprise Vault Discovery.cloud provides the ability to “Tag” emails as privileged.
Q
9. Does Symantec Enterprise Vault.cloud provide the ability to mark documents with usercreated tags? Yes, Enterprise Vault.cloud allows users to create tags and mark documents based on the classification. 10. Can Symantec Enterprise Vault.cloud keep emails indefinitely for those on litigation hold? Yes, Enterprise Vault.cloud can preserve emails indefinitely by simply applying a legal hold or setting a retention policy. 11. When viewing an archived email, is it easy to follow? Will the email thread be preserved? Yes, all messages and attachments are forensically archived in their native format and no data or content is removed at any time. 12. Does the service offer the ability to refine the search results within the existing search to narrow down data? Yes, Enterprise Vault Discovery.cloud has the ability to cull down data via its search-within-search functionality. In addition, administrators and end users can use Enterprise Vault.cloud’s search filters to quickly narrow down search results. 13. Does the service provide the ability to view and produce full audit trail of all searches, reviews and productions? Yes, the service can produce a full audit trail of all searches, reviews, productions, administration and setting changes.
18. Can you report on violation of access? Yes, all permissions are logged within the administrative console and Enterprise Vault Discovery.cloud. Any change to the roles within the archive and access to data is audited and can be tracked.
14. How easily can I give a user access to another user’s mailbox? Administrators can easily delegate mailbox access through the secure cloud portal. This can be achieved within a few minutes. 15. Can the service export messages in PST format? Yes, Enterprise Vault Discovery.cloud allows you to export emails in PST and PST with EDRM (aka EDRM XML). 16. How does an administrator manage the service? Administrators can manage all accounts through a secure cloud portal. In addition, the Symantec Active Directory sync tool, CloudLink, enables administrators to quickly create, configure and push out web folders to all end users at once. 17. Can you report on metadata information on email in the archive and domain and / or user-level statistics (litigation hold lists, attachment numbers / sizes)? Yes, the service can report on metadata information in the archive and also provides user-level statistics for matters on legal hold (including messages that are put aside for legal purposes).
19. Does EV.cloud automatically store a second copy of my data or do I have to select which messages are archived? Yes, EV.cloud captures a copy of messages into the archive via journaling. Administrators can choose to only journal some mailboxes – or only journal messages based on their direction – outbound or inbound only. 20. Which languages does Symantec EV.cloud support? Symantec EV.cloud administration management console is provided in English only. The end user interface or Personal Archive supports English, Japanese, French, Italian, German, Spanish, Simplified Chinese and Traditional Chinese. Customer helpdesk support is delivered in English only. 21. Does Symantec.cloud offer Email Continuity service? Yes, Email Continuity service is available as an option in Enterprise Vault.cloud services. Symantec Email Continuity.cloud provides an affordable standby email system that delivers virtually uninterrupted access to email in the event of a mail server outage.
find out...
more about adopting EV.cloud please speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 43
BYTES hold over 75 Technical and Sales Accreditations for Symantec
events
We have had a full calendar of events and webinars across the Bytes Group recently
views events
with more planned. We’ve brought news and information on all aspects of Software Licensing, IT Security, Software Asset Management and
Documents Re-imagined Andaz Hotel, London, November Microsoft Roadmap – 2014 & Beyond Malmaison Hotel, Manchester, February Cardinal Place, London, March
Managed Print Services. Where possible we host our events in landmark buildings so that we can add an extra dimension of interest to our guests. Venues include BAFTA, Mercedes Benz World and Microsoft’s Cardinal Place, London. Industry experts from many of our leading vendors as well as our own Bytes specialists deliver informative presentations on a broad range of topics to ensure you are kept up to date with all the Sarah Folley important industry Marketing Executive, developments. Bytes A small selection of some of our events is listed opposite. Please visit the events page of our website www.bytes.co.uk/events regularly for news of forthcoming events.
Creative Consolidation Conference BAFTA, Piccadilly, March Extreme Security Workshop Snozone and Airkix, April The Compliance Open The Belfry, Warwickshire, June Cloud and Mobility Summit Southbank Centre & London Eye, London, July
and webinars Get up to speed on the latest technology with Bytes webinars over 50 free to watch webinars available now - visit: www. bytes.co.uk/webinars
if you...
would like to view the slides from any of our seminars or webinars, please visit: www.bytes.co.uk/resources and then select the ‘seminar’ or ‘webinar’ tab depending on the content you require.
44 |
STAGE ONE: RECON
STOP THREATS STAGE TWO: LURE
ACROSS
STAGE THREE: REDIRECT
THE
STAGE FIVE: DROPPER FILE
KILL CHAIN STAGE SIX: CALL HOME STAGE SEVEN: DATA THEFT
STAGE FOUR: EXPLOIT KIT
security
XP
IS DEAD
Long Live
Windows XP Viewpoint by:David Rawle CTO, Bytes Security Partnerships
On April the 8th 2014 Microsoft will bring support for Windows XP to an end for the vast majority of consumers and businesses. Although support will be available for a fee from Microsoft for certain customers the vast majority of Windows XP machines will be “on their own” from that date forwards.
What does this mean in practice? The implications for businesses and consumers are serious and hard hitting for a large number of reasons. Currently it is estimated that as many as nearly 29% of PC’s running Microsoft operating systems are using Windows XP. That is 29% of PC’s that, if you believe the hype, are vulnerable to “zero day” threats from the 8th of April 2014 onwards. There are some commentators out there that believe that Windows XP going out of support will make no fundamental difference provided that users follow standard best practices and have up to date anti-virus tools installed. While this may be good enough for consumers, it is not good enough for businesses. The strange element of this situation is that it seems to be an almost exclusively Microsoft issue. 59% of
46 |
Although most people in business would rejoice if they could migrate their estates from Windows XP to Windows 7, the simple fact is that many businesses simply cannot migrate at this time. Thankfully tools and products do exist to be able to mitigate this risk and make the on-going use of Windows XP possible in the short term.
• IPS to stop signature based network attacks coming in, • Anti-Virus to stop known viruses in files coming in, • Anti-Bot to stop outbound connections from infected machines leaving the network. The final piece of the protection puzzle is Check Point’s new Threat Emulation solution, which offers proactive protection from zero-day threats.
Mac users run an OS X version from 2012 or later, whereas just 11% of Windows users do. That’s what Microsoft and its PC partners are desperate to change. Impact for enterprise For businesses it isn’t just about the end-user experience, security and migration work. In many instances it is simply about having business critical applications, whether purchasing, sales ordering or logistics, that will not run on anything newer than Windows XP. Even in a business like our own we have a CRM application fundamental to our business that will not run in Windows 7 or 8. Here at Bytes SP we have a migration plan to move forward onto Windows 7 and we will run our CRM system on Citrix in the short term, but it is less than ideal. We are a business with 30-40 Laptops to accommodate so this is possible; if we had hundreds or
thousands of machines then such a workaround simply wouldn’t be an option. So what are the options to protect businesses stuck on XP? One option that businesses have is to introduce layered security in front of their Windows XP estates. Vendors such as Check Point and FireEye have solutions that can emulate the code that would otherwise be run on unpatched Windows XP machines and ensure that there are no threats that would otherwise be able to run and compromise a business network. In the case of Check Point they offer a multi-layered solution that is composed of the following tiers:
What is Threat Emulation? Threat Emulation is a tool that can be either deployed in the cloud or on-premise with a dedicated appliance. Threat Emulation executes documents that are most commonly found carrying zero-day exploits in a true sandbox environment. By executing these documents before they are run on the end-user machine it is possible to almost guarantee that nothing malicious will find its way down to the end-user machine. To view our on demand “XP is Dead, Long Live Windows XP” webcast which explores the problem in more detail and demonstrates Threat Emulation on live data visit www.bytes.co.uk/windows -xp-webinar or scan the code to the right.
stuck on XP...
To speak to a security expert at Bytes SP regarding your options for protecting legacy XP estates or to see Check Point Threat Emulation in action call our team on 0845 075 0560 or email securitysales@bytes.co.uk
www.bytes.co.uk | 47
security
The BYOD debate is one that divides many in the IT industry.
The BYOD Debate
Some think it’s hyped up, while others believe it is one of the biggest challenges facing the enterprise today.
IS BYOD like taking your boss home with you? Nathan Pearce Marketing Architecture - Cloud/SDN F5 Networks
48 |
Nathan Pearce, who leads the Cloud/ SDN Marketing Architecture Group at F5, highlights the importance of companies understanding and embracing this trend sooner rather than later. “Bring Your Own Device (BYOD) is a trend that shows no sign of slowing. That means it’s vital for businesses to ensure that smart devices, as well as the network they run on, are secure. As any IT security manager would tell you, the risk of data loss, network intrusion or breaches increases with every endpoint added to the network. So with more members of staff connecting to the network with more gadgets than ever before, there are many times more user end-points than we had even only four or five years ago.” The benefits of letting employees bring their own devices to work are clear and well documented, about 60% of us do already (Ovum, November 2012) and Intel recently reported that its BYOD programme has saved it around 57 minutes in productivity per employee every day – adding up to an
Bring Your Own Device (BYOD) is a trend that shows no sign of slowing. That means it’s vital for businesses to ensure that smart devices, as well as the network they run on, are secure. As any IT security manager would tell you, the risk of data loss, network intrusion or breaches increases with every endpoint added to the network.
astonishing 5 million hours across the business over the course of a year. “Workers have often reported that they are happier working longer hours with BYOD, possibly because their device is one they are happy to use and they can do tasks like managing emails in their own time. Workers are also able to do non-work tasks on the same device, making their lives easier. That last point, however, is the down side from an IT department’s point of view. Allowing devices that are not fully controlled by IT to connect to the corporate network opens the business up to all sorts of potential issues from a security standpoint as well as potentially flooding corporate networks with non-business traffic, which could affect network access for other employees trying to make use of network resources to get on with their jobs. If an approach which looks to secure devices at the application level is adopted it is much more convenient for all involved: the IT department is then in charge of which business apps are downloaded and can deal with updating and with removing all trace of sensitive data if the worker leaves the organisation – without so much as touching the personal applications and data on the device.”
Joakim Sundberg, Security Solution Architect at F5 furthers this, “IT wants to remain in control. That means IT has to move from provisioning devices (which workers don’t really want to use anyway) to provisioning applications instead. Letting workers use their own device means IT just has to control the applications, access policies and data flow, just as it does away from the mobile side of things.” There is no doubt that it is a fine balancing act - making sure workers can access the data they need to do their jobs while ensuring appropriate levels of authentication are in place to protect all that sensitive data. Once businesses have a full understanding of what types of devices are being used, what data needs to be accessed and where it is being accessed from, a fully robust set of access management policies can be put in place. This will mean employees can do their work from the device they want to, safe in the knowledge that their personal data will remain private, and the business knows its sensitive information is also secure. With mobile phones, tablets and laptops increasingly reflecting our lifestyles and storing photographs, personal
emails and data, this approach should also ensure that employees don’t feel as though, by agreeing to business policies for their device management, they’re also letting their boss snoop around their lives outside of the working environment.” Mobile application management allows a business to encourage staff to bring their own devices as they please and ensures that they are all compliant with IT guidelines and policies. This helps the IT department know that all connected devices are as secure as can be, while users are at liberty to use whatever apps they please on their own devices without worrying that they will be clamped down on as security risks by over-zealous security managers.” By making it easy to deploy and easy to use, mobile application management becomes a much more effective approach than locking down personal devices according to corporate needs.
find out more... To discuss BYOD or F5, speak to a security expert at Bytes on 0845 075 0560 or email securitysales@bytes.co.uk
www.bytes.co.uk | 49
security
RSA Authentication Manager 8.1
Mobile and remote access…users bringing their own device… virtualisation… IT-as-a-Service. Do you see these trends as business opportunities – or merely more vulnerable platforms to protect from hackers and threats?
However your business needs to operate and grow, it shouldn’t be a lack of secure authentication that leaves you exposed or unwilling to invest in new business opportunities. Deploying advanced authentication technology can attract substantial savings whilst enabling business productivity. Risk-Based Authentication is the lowest cost
authentication method since SMS text. Intelligent, on-the-fly profiling of access attempts not only reduces per user costs versus traditional hardware authenticators by up to 40%; it is also designed to support the deployment of up to 10,000 users in an hour.. The Strength of RSA SecurID Authentication combined with the convenience and flexibility of RiskBased Authentication. Security is a constantly evolving challenge for organisations that are managing shrinking IT budgets while, at the same time, needing to expand security to a larger population of users. This is compounded by users accessing sensitive data using unmanaged mobile devices via uncontrolled access points such as web portals. Organisations face the challenge of implementing strong authentication to combat these expanding challenges. RSA Authentication Manager 8.1 delivers the world class strength of RSA SecurID Authentication technology and now also offers a risk engine to meet the challenges and needs of today’s organisations. RSA Authentication Manager is designed to verify authentication requests and centrally administer user authentication policies for access to enterprise networks.
At a Glance: RSA Authentication Manager – • Delivers Flexibility and Convenience by offering Risk-Based Authentication • Lowers Total Cost of Ownership • Maximises the Potential of your Virtual Environment www.emc.com/am8
RSA Web Threat Detection
RSA Web Threat Detection is an innovative and highly effective online threat detection software solution. Web Threat Detection helps website owners distinguish legitimate users from criminal or disruptive users in real time. It does this by using web session intelligence to identify anomalous behavior indicative of fraud or misuse. Web Threat Detection keeps pace with an evolving threat landscape by building dynamic profiles of how users actually interact with your website – unexpected or atypical behavior is marked for further investigation. The rules engine allows you to respond to different levels and types of threats. Web Threat Detection protects over $200 billion in transactions annually, 320 million online accounts and 40% of North American banking traffic. It also handles over 15 billion web requests daily. http://uk.emc.com/security/ rsa-web-threat-detection.htm
find out more...
speak to a security expert at Bytes about RSA Authentication Manager and Web Threat Detection: securitysales@bytes. co.uk or call 0845 075 0560.
50 |
security
A SAND TRAP FOR
MALWARE
Keith Bird UK MD, Check Point
Threat emulation is a key new technique for preventing zero-day and targeted attacks. Keith Bird, UK MD of Check Point explains how this method delivers unmatched protection against both unknown and known threats. The phrase ‘know your enemy as well as you know yourself’ is often quoted in IT security. But with the sheer number and complexity of cyber attacks, getting to know the enemy is a huge task. Adversaries line up daily, using a bewildering array of malware threats to try to disrupt operations or stealthily siphon confidential data. And organisations remain vulnerable to zero-day attacks given the volume of new malware that can hide in plain sight in innocuous-looking files. So, although we may not know everything about every enemy, new security technology can reveal vital intelligence that can be used to identify and nullify new risks that arise every day. Cybercrime has become big business, and as in any other business sector, criminals want to boost revenues and grow market share. To increase the likelihood of success, they target hundreds, even thousands of companies. In 2012 an average of 70,000 to 100,000 new malware samples were created and distributed daily – over 10 times more per day than in 2011 and over 100 times more than in 2006. Check Point’s 2013 Security Report found that 63% of organizations were infected with bots, and more than half were being infected with new malware at least once a day. Keeping pace with this massive growth is proving impossible for conventional anti-malware approaches.
Hiding in plain sight Stealthy malware, the attack technique most commonly used, is difficult to detect and is designed to operate below the radar of IT teams. The code for a majority of these new malware types is concealed in common file formats that we all use for business – emails and their attachments, including Word documents, PDFs, Excel spreadsheets and so on. Hacker toolkits can obscure these executable scripts in order to disguise their malicious actions, which may mean changing the registry on a user’s computer or downloading an executable file which can then infect the network.
52 |
Even though layered defences using IPS and IDS can help to block some malware actions, these approaches do not stop infections from reaching the network and spreading across it. New exploits, or even variants of known exploits, have no existing signatures that conventional defences can detect. While antivirus, anti-spyware and similar security solutions are useful for ‘clean-up duty’ in the aftermath of an attack, they are often ineffective as a defence against new attacks. However, just as a country’s border controls will use a range of techniques to observe people entering the country to identify those who pose a threat, new security techniques have made it possible to scrutinise the emails, files and data that enter a network via emails or as web downloads, in real time. Malicious files can then be isolated on the gateway at the network edge, or in the cloud according to the organisation’s choice, so that infection does not occur in the first place – providing an external layer of protection against attacks, without impacting the flow of business.
A line in the sand This isolation and evaluation process is done using a technique called threat emulation. Rather like a border control’s X-ray scanners, the technique makes it possible to look inside suspect files arriving at the gateway – either as email attachments or as downloads from the web – and to inspect their contents in a quarantined area known as a ‘sandbox.’ This self-contained, virtualized version of a computer environment acts as a safe area for running various applications that may be risky or destructive. In the sandbox’s virtual environment, the file is opened and monitored for any unusual behavior in real time, such as attempts to make abnormal registry changes or network connections. If the file’s behavior is found to be suspicious or malicious, it is blocked and quarantined, preventing any possible infection before it can reach the network and
cause damage. At this point, further actions can be taken to identify and classify the new threat in order to make subsequent identification easier. Let’s take a closer look at how threat emulation identifies new types of malware and attacks that do not have signatures, and how it can help to stop these new, stealthy attacks.
Building the sandbox The threat emulation engine and sandbox is run by a hypervisor, which in turn runs multiple simultaneous environments for file simulation: Windows XP, 7, and 8; Office 2003, 2007, and 2010; and Adobe 9 environments, plus virtualized instances of the most commonly used Office applications such as Word, Excel, PowerPoint and others. As the overwhelming majority of modern malware uses social engineering to trick users into clicking plausiblelooking attachments or file downloads, inspecting files that use these popular environments and applications offers the best chance of preventing infections.
What if, following detection and blocking of a file by emulation, organisations were able to share information about the new threat to help others avoid infection too? environment is not immune to sandbox technology. This malware attempts to camouflage its actions or act in a benign way while in the environment in order to avoid detection. However, the ‘cloaking’ activity actually helps to identify the file’s malicious intent in that the attempt at disguise can be monitored by the threat emulation engine and logged as a suspicious file activity.
Selecting files that are deemed suspicious and needing inspection – i.e., the route into the sandbox – happens inline, either at the organisation’s security gateways or in the cloud, using an agent alongside the organisation’s mail server. File selection can even be done with encrypted traffic delivered into the organization over SSL and TLS tunnels, which would otherwise bypass many industry standard security implementations.
This entire process takes place transparently for the majority of files – meaning that even in the rare event that a file is inspected and proven ‘clean’, the intended recipient of the file will not notice any pause in email services.
The selection process is done using a combination of heuristics and other analysis methods. For example, if instances of the same file have already been cached at the gateway or by the email agent, the system considers that the file may be part of a mass phishing attempt to multiple employees. This approach optimises and accelerates analysis by choosing only suspicious files for deeper inspection. When files are selected, they are then uploaded to the sandbox containing the emulation engine, which runs either on the security gateway or in the cloud.
What if, following detection and blocking of a file by emulation, organisations were able to share information about the new threat to help others avoid infection too? After all, the new threat has been fingerprinted and a signature developed for it, meaning that wider infections can be prevented.
Threat detection Files uploaded to the threat emulation engine are copied and launched in the multiple virtual OS and application environments. They are then subjected to a five-stage inspection process by the engine: 1. If the file crashes the virtualized instance of the program, or attempts to unpack and substitute a different document, it is flagged as malicious. Also, if the file attempts to call .dll or .exe files, this signals abnormal, potentially malicious behavior. 2. The virtual registry is checked for any attempted changes by the file – a hallmark of malware and an action that an ordinary document should never attempt. 3. File systems and processes are checked for any attempted changes made by the file – as noted above, an ordinary document should not attempt to make changes 4. The engine checks for any attempts to communicate via the web – for example, to contact a command and control centre or download a malicious payload. 5. Finally, the engine logs and generates a report on all activity done by the file, including multiple screenshots of the sandbox environment – and also creates a ‘fingerprint’ for the file that can be used to quickly identify subsequent detections. Malicious files detected by the engine are quarantined so that they do not reach the user and cannot infect the trusted network. Even malware code that has been developed to detect when it is being executed within a virtualized
Information about detected file activity is then available to the IT team in a detailed threat report.
Spreading the word
This is the principle behind Check Point’s ThreatCloud service, which helps to spread the knowledge acquired about a new enemy. In much the same way that global health organisations collaborate to fight emerging diseases and develop vaccines and other treatments, ThreatCloud’s collaborative approach closes the time window between the discovery of a new attack and the ability to defend against it. Once a new threat has been fingerprinted, details of it (including key descriptors such as the IP address, URL or DNS) are uploaded to ThreatCloud and automatically shared with subscribers worldwide. For example, if a new threat is being used as a targeted attack on a bank in Hong Kong and is identified by threat emulation, the new signature can be applied to gateways globally in minutes. By vaccinating organisations against the attack before the infection can spread, threat emulation reduces the chances of an outbreak becoming an epidemic, improving security for all. So, even with cybercriminals targeting hundreds or thousands of companies, threat emulation can play a key role in protecting organisations against new malware strains and zero-day attacks. Using threat emulation to ‘know your enemy’ could become one of the strongest methods for securing organisations’ networks, creating a new first line of defense against malware.
contact...
the BSP team with any Check Point related enquiries or for information around supporting Check Point Products on: securitysales@bytes.co.uk or call 0845 075 0560.
www.bytes.co.uk | 53
security
54 |
7
7
Core Design Strategies for Next-Generation Data Center
SECURITY 1. Build on established industry standards - In particular, both the National Institute of Standards and Technology (NIST) and the Federal Enterprise Architecture (FEA) provide an invaluable library of successful design solutions and architectural best practices.
2. Deploy security technologies in depth - Deploying multiple security technologies in layers throughout the environment is a far more reliable and effective strategy than pinning your hopes on an impenetrable perimeteror an impregnable endpoint. If a targeted, persistent attack makes it past a firewall you’ll want additional lines of defense embedded throughout your network, on your systems, and around your data. 3. Embed global intelligence, security visibility, central management, and interoperability among security solutions - All the elements of your security architecture must be able to communicate, interoperate, and collaborate in a single seamless monitoring and response fabric. Everything must be visible and manageable from a single control point, and a global source of reputation-based threat information should be incorporated to enable fast, accurate attack detection in the absence of an established signature. 4. Make it all modular - The only way to keep the total footprint small is if core technologies are modular, extensible, and easily upgradeable, particularly your agent software. New
functionality should plug and play efficiently with existing controls for optimum flexibility and scalability. 5. Plan for the inevitable resource constraints - Budget and headcount limits are a fact of life. Choose security solutions that add economy and operational efficiencies to your environment. A central management console and modular framework aren’t frills - they’re survival essentials.
6. Design for proactive compliance - As more sensitive and proprietary information accumulates in enterprise environments, more organisations become subject to a wider array of regulatory mandates. Be sure that every security technology you deploy supports all the monitoring and reporting requirements of the mandates you’ll be held to. It’s far simpler and more reliable to build in compliance at the design stage than to layer it on piecemeal down the road. Security services must be on demand and flexible. Be sure that your compliance strategy can be streamlined proactively in real time by automatically evaluating the countermeasures currently deployed in your environment and assessing potential enhancements. Your risk profile and score should be automatically tuned based on asset criticality, current threat data, system state data - vulnerability, configuration,
patch level, and application inventory - with all this information easily accessible through a single dashboard. 7. Plan to prevent data loss - When developing your security program, consider how you discover, monitor, and capture sensitive data, and how you prevent that data from escaping. You’ll need a unified data loss prevention (DLP) policy for both networks and hosts, and an automated data classification process with flexible policy development that lets you capture, classify, and store data reliably in real time with historical reporting and searching.
The McAfee Layered Security Model mobile and remote access protection security access protection client access protection infrastructure protection computing process & virtualisation protection storage control protection
find out more... speak to a security expert at Bytes about McAfee on: 01372 418500.
www.bytes.co.uk | 55
security
enhan
functionality and extend the capability of Office 365 with Mimecast
A fully integrated, cloud based email security, continuity and archiving solution that delivers enhanced functionality and extends the capability of Microsoft OfďŹ ce 365 and Microsoft Exchange Online.
56 |
ce
Mimecast UEM for Microsoft Office 365 has been customised especially for cloud-to-cloud integration. It is designed to augment Office 365 with additional layers of functionality to ensure the exacting standards of administrators and end-users are met. We provide a rich set of email gateway and security features, and an independent immutable archive that is backed by a 100% availability SLA. Importantly, the archive is the only repository that provides you with a single view of all data in your business – internal and external to Office 365.
Key Features - All the features and benefits of Mimecast’s products - Enables Exchange coexistence with on-premise and Office 365 - Highly secure and resilient offsite email storage - Independent perpetual email archiving for Office 365 - Adding a 100% service availability SLA on top of Office 365 - Enhanced ediscovery and compliance archive tools - Enhanced email security gateway features; DLP & encryption - Message Action controls for end users via Outlook integration - Disclaimer management and corporate email branding - Email continuity for Outlook and Smartphone users. Added value to Microsoft Office 365 - Mimecast’s DLP, email encryption, content and policy control - Large attachment management and document conversion - User-invoked message actions for enhanced security and gateway feature control - User and administrator searching of live and historical email across all devices - A single source archive across all email and data platforms, whether on-premise or in the cloud - Folder replication to Mimecast archive.
How it Works Simple to deploy, simple to manage, enhanced Office 365 - Switch corporate MX records to point to Mimecast, which then delivers to Office 365 - Route all outbound traffic from Office 365 through the Mimecast platform - Securely connect Mimecast to your Active Directory for user authentication - Inbound and outbound email is automatically retained in the archive - Use Microsoft Office 365 journaling to securely transfer all email to the Mimecast archive (all plans) - Enabling Exchange Co-existence with Exchange on-premise and Office 365 to smooth cloud migrations and manage users - Spam and malware is automatically removed by Mimecast’s multiple layers of protection - Administrator defi ned email content policies are applied - Access all email management functionality from a single administration console. Outlook email continuity and personal archive access - Mimecast Outlook client application optionally installed - End users can search their Mimecast personal archive directly from Microsoft Outlook
- If Office 365 or Exchange is offline, the Mimecast Outlook client automatically sends and receives email via the Mimecast service - Once Outlook has reconnected to Office 365 or Exchange, the Mimecast Outlook client automatically synchronises with Exchange and removes duplicate messages. BlackBerry email continuity - Mimecast provides archive search apps for Windows Phone, Android, iPhone and BlackBerry smartphones - Users simply download the relevant mobile app to view and search their Mimecast archive - Deploy BlackBerry smartphone app via BlackBerry Enterprise Server (BES) - During BlackBerry email outages, simply activate the BlackBerry continuity service in the Mimecast administration console - The BlackBerry smartphone connects directly to Mimecast to send and receive email - When servers are back online, administrator de-activates BlackBerry continuity service. Web-based email continuity - Simply inform users of the Mimecast Personal Portal URL - Users have secure access to live and historical email, and calendar information from any web browser.
awarded...
a coveted Microsoft Innovative ‘Customer Advocacy Partner of the Year’ award from Microsoft. For more information please call your Bytes account manager on 01372 418500.
www.bytes.co.uk | 57
security
SOPHOS UTM Your Best Alternative to Forefront TMG
TMG has provided a broad set of features widely adopted by many Microsoft partners and might otherwise be sorely missed without an adequate replacement. Sophos UTM lets you easily replace TMG, providing a simple way to keep your network and users secure. Sophos UTM’s technologies are tightly integrated—working better together. And, most importantly, it’s easier to manage than any other UTM product on the market.
58 |
Unified Threat Management Simplify Licensing and Deployment
You’ll find that Sophos UTM is unique in the security industry. It offers the broadest range of deployment options available. You can select from a range of purpose-built security appliances. Or you can deploy Sophos UTM on your own hardware—such as the server you were using for Microsoft TMG itself.
Hardware A full range of hardware appliance models are available to fit any business, with all features available in all models.
Virtual Sophos UTM’s run in Microsoft Hyper-V, KVM, VMware and Citrix virtual environments allowing you to get the most out of your virtualisation investment.
Secure Firewall, Intuitive Management
As you’ve probably discovered with TMG, over time you can easily end up with thousands of rules that make it difficult to audit your configuration and secure your system. Sophos UTM eliminates the clutter easily and elegantly. It takes advantage of a central object model that lets you make changes across the entire installation with simple edits.
High Performance, Advanced Protection
Sophos UTM lets you apply much more granular permissions than TMG ever could. For instance, you can: • Monitor and control web applications in real time. Making configuration changes and blocking or shaping traffic on the fly, using detailed patterns. For example, deny Facebook chat while still allowing Facebook wall posts, or limit all YouTube traffic. • Manage access to websites. With over 100 categories to choose from, maximise productivity and control access to inappropriate websites. • Enforce the safe-search features of major search engines. Without changing anything on your client browsers.
Advanced VPN for Easy Remote Access
You can easily set up site-tosite connections using traditional IPSec, or with an SSL-based tunnel engine that works in environments which block IPSec. Going further, our unique Layer-2 VPN tightly binds your offices together and allows for communication of services like DHCP - which is simply not possible with TMG.
Software The Sophos UTM is also available asa software appliance that can easily install on the server you’re using for TMG today, saving you from any additional hardware investment.
Cloud-based Appliances Using Amazon Virtual Private Cloud (VPC), you can run the appliance in the cloud. Or, you can use the Amazon VPC connector on the appliance at your office for secure and robust access to your Amazon hosted resources.
Web Application Firewall and Robust Reverse-Proxy
Sophos UTM is a replacement for TMG’s reverse proxy, allowing you to wrap your web server applications in layers of security to protect them against hackers and threats.
Complete On-Box Reporting and Dynamic Monitoring
Sophos’ integrated on-box reporting and dynamic monitoring is a key strength. Our UTM’s built-in reporting means you’ll know exactly what’s happening on the network.
Key Capabilities Compared TMG
UTM
ADDS EVEN MORE...
Hyper-V Support Firewall (stateful packet filtering) IPS Exchange anti-spam, anti-malware Redundancy Logging/Reporting Client VPNs (PPTP/L2TP) Site-to-Site VPNs (IPSEC) URL Filtering Content Scanning Malware Scanning HTTPS Scanning User Authentication Reverse Proxy Reverse Proxy SSL Offloading Reverse Proxy Authentication
✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓
More deployment choices (HW, SW, VM, Cloud) Advanced Routing, Country Blocking 11,000 IPS attack patterns – Live Protection User Portal Quarantine, Email encryption WAN redundancy & load balancing Customisable reports, Drill-down, and more Added flexibility (SSL, HTML5) Broader VPN Support, Amazon VPC, RED Reputation filtering, Customizable categories Real-time App Control Dual Engine, Backed by Sophos Labs HTTPS Scanning in Transparent Mode Added flexibility, Transparent Mode WAF with server hardening Included feature of WAF Coming in UTM v9.2
www.bytes.co.uk | 59
applications
Adobe® Creative Cloud for Teams
YOU’RE ALL ON
the same team Welcome to Creative Cloud for teams. Keep your team on the same page with the entire collection of Creative Cloud desktop apps, services, and business features. Share files, capture feedback, and keep track of versions - all in one place.
start creating that way Creative Cloud for teams offers two plans - complete and single-app. Opt for a complete plan that includes all Creative Cloud desktop apps and services, or a single-app plan that gives you access to one Creative Cloud app (such as Adobe Photoshop CC or Illustrator CC) and select services. With both plans, you can maximise your budget and leverage centralised administrative tools that make it easy for IT to purchase, deploy, and manage Creative Cloud along with meeting the changing needs of your team.With both plans, you can maximise your budget and
Luke Kiernan Adobe Sales, Bytes
leverage centralised administrative tools that make it easy for IT to purchase, deploy, and manage Creative Cloud along with meeting the changing needs of your team. All the tools you love. Totally re-imagined. Get all-new desktop versions of your favorite creative tools and services. Immediate access to new features and updates. And that’s just the beginning. Because now, your favorite applications, including Photoshop CC, have been rebuilt to support a seamless creative process. With Creative Cloud for teams, everything you need to create intuitively and collaboratively is included.
LIMITEDOFFER For a limited time, Adobe are offering Creative Cloud for teams for only £362.04 per user, per year for complete & £171.48 per user, per year for single app, with the same discounted price locked in for the second year. Check with your Bytes account manager to see if you qualify.
Simplified license management. Creative Cloud for teams makes it fast, simple, and affordable to add or reassign licenses and manage all complete and single-app seats together under one membership agreement. So you can scale with your workload while keeping everyone in sync. Plus use administrative tools to centrally deploy, and simplify how you manage creative tools across your organisation.
Expert training and support. Sharpen your skills and master new tools with a growing library of exclusive video tutorials from experts at Adobe and leading partner companies. The Creative Cloud for teams complete plan includes exclusive expert support each member of your team gets two one-on-one sessions with an Adobe product expert per year. Lower costs. You get the entire collection of Creative Cloud tools or a single application of your choice, plus all feature updates at no additional cost. Hassle-free compliance. Your teams have immediate access to creative tools and can maximise their productivity at home and at work by being able to install their software on two machines. At the same time, reduce the risk of compliance and maintain complete IT control.
DESIGN TOOLS WEB TOOLS
One-stop publishing. With the Creative Cloud for teams complete plan, creating is just the beginning because your membership includes everything you need to publish your work in immersive and engaging new ways. You can build and publish websites, mobile sites, iPad apps, and other content for any medium or device.
USE
Centralised administration and deployment
Easily add, track, and reassign both complete and single-app seats of Creative Cloud for teams across your organisation through the intuitive Admin Console.
O
Storage
Get 100GB of file storage with the Creative Cloud for teams complete plan or get 20GB with the single-app plan.
O
Expert support
The Creative Cloud for teams complete plan includes exclusive access to Adobe’s product experts - two one-on-one sessions per user every year.
O
CS6 Design and Web Premium
CS6 Design Standard
CS6 CS6 Production Master Premium Collection
CREATIVE CLOUD APPLICATIONS
VIDEO AND AUDIO TOOLS
Connect your work and your creative community. With Behance® now integrated with Creative Cloud, you can find inspiration, showcase your work, get feedback, and gain global exposure for your portfolio.
Creative Cloud for teams
PRODUCT
CREATIVE CLOUD FOR TEAMS EXCLUSIVE FEATURES
CREATIVE CLOUD
Cloud storage. You get 100GB with the Creative Cloud for teams complete plan and 20GB with the single-app plan. Upload new versions of your work, maintain past versions, and post comments and feedback.
There’s always something new in Creative Cloud for teams.
Photoshop
Image editing and compositing.
Illustrator
Vector graphics and illustration.
InDesign
Page design, layout, and publishing.
Acrobat XI Pro*
Create, edit, and sign PDF documents and forms.
Dreamweaver
Websites, app design, and coding.
O
X
Flash Professional
Rich interactive content across varied platforms and devices.
O
X
Flash Builder Premium*
Applications for Android,™ BlackBerry , and iOS using a single codebase.
X
Fireworks*
Prototype websites and applications, and optimise web graphics.
X
Adobe Premiere Pro
Video production and editing.
After Effects
Cinematic visual effects and motion graphics.
Adobe Audition
Audio for broadcast, video, and film.
SpeedGrade
Manipulate light and color in video footage.
Prelude
O
X
STD
X
X
O
X
X
X
X
O
X
X
X
O
®
X X
X X
X
X
O
X
X
O
X
X
O
X
X
O
X
X
Import and logging of video from any video format.
O
X
X
Lightroom*
Organise, edit, and produce digital photography.
X
Bridge
Design and publish HTML websites without writing code
O
X
X
Adobe Muse
Design and publish HTML websites without writing code
O
Edge Tools & Services
Optimise the look and performance of websites.
O
Behance
Showcase and discover creative work.
O
Other services (such as Business Catalyst)*
Online services for file sharing, collaboration, and publishing apps and websites.
O
File sharing
Share just the files you want in the cloud.
O
New features & upgrades as soon as they are available * Not available as a single app
X
X
O O Newest CC version
X Previous CS6 version
further info...
contact your Bytes account manager on 01372 418500 or Luke Kiernan at adobesales@bytes.co.uk @Bytes_adobe
www.bytes.co.uk | 61
applications
Your complete Licensing&Infrastructure
SOLUTION Through our longstanding partnership with Cintra and Oracle we provide customers with innovative and compliant infrastructure solutions that lower IT costs whilst delivering a high quality of service to IT departments and business users. Backed by a broad range of Oracle database and business intelligence 12c features, editions and licensing options, Cintra Bytes offers customers extensive Oracle specialisation, a proven implementation methodology, and hundreds of successful Oracle implementations that anticipate every “what if?” imaginable and delivers the next generation of database architectures. A well planned and executed Oracle 12c implementation results in a database infrastructure that is highly available, scaleable and recoverable. By deploying Oracle Database 12c as a data management foundation, organisations will deliver more information with higher quality of service, minimise the risk of unplanned downtime and make more efficient use of their IT budgets. In addition, Oracle 12c implementation can: • Significantly reduce your server costs • Significantly reduce your storage requirements • Significantly improve your mission critical systems performance • Double your DBA productivity • Eliminate your idle redundancy in the data centre • Simplify your overall IT software portfolio.
Cintra Bytes Offers: • End to end Enterprise Architecture services to define server, OS and storage infrastructure for rock solid 24x7 availability, recoverability and performance of database and business intelligence systems. • In-depth knowledge and understanding of your specific logistical, technical and financial challenges. • Extensive expertise for best practices-based design, documentation and implementation for rapid, cost effective and lower risk implementations. • Wide-ranging tools and accelerators based on hundreds of previous implementations. • Remote DBA services that deliver the value of a team of senior level Oracle and SQL Server DBAs at a lower cost than one full time employee. • A comprehensive review of license entitlements and support contracts, allowing re-purpose of underused licenses and prevention of unnecessary ad hoc purchases or support payments.
Watch our Oracle 12c webinar – join over 1,300 others, simply type into YouTube “The New Oracle 12c Database”
62 |
Is your Oracle Estate
?
optimised WELL managed
&
Through our partnership with Cintra, a global leader in Oracle technologies, we help organisations stay licensed correctly and make the most of their Oracle investments. Our specialist knowledge of Oracle’s technologies and complex licensing policies helps our customers take a strategic approach to managing and fully utilising their Oracle estate. Why not take advantage of our Genesis Service Overview Genesis will assess and enable existing hardware and software assets ensuring they are aligned to strategic business objectives, both current and future. It will leverage an expert understanding of Oracle licensing, support policies, and discount thresholds to minimise the total cost of ownership associated with your Oracle investment. The Genesis Assessment Service is based on the following phases : Discovery • Architecture discovery of the current application and infrastructure model of hardware and software assets across customer’s Oracle estate. • Results documented using Cintra’s Catalyst software (measurement tool), showing Oracle related software, servers and storage for all production, standby, test, development and disaster recovery environments. • Considerations made for physical, clustered, and virtual servers and of the technology components in-use. Analysis and Critique • Cintra Architecture team will prepare a view of systems in the form of architecture diagrams and an inventory of the hardware and software assets captured and assessed. • Oracle assets documented and described in enterprise capability terms i.e. a description of what capability is on offer against each of the assets and whether it is in production or pre-production.
• Applications and workflow overviews will support the technical information gathered to ensure that a view of systems and relationships is documented. • Service profile of Oracle assets in terms of the service levels underpinning the asset through Oracle or an Oracle partner. • Provide a view on the commercial profile of the Oracle assets in terms of the license configuration associated with the products. Technical and Commercial Recommendations • Recommend areas of the current architecture that can be optimised and identify areas that may warrant further investigation to address inefficiencies. • Detailed view on the untapped potential of the assets and their extensibility to meet future strategic needs. • Deliver a Technology and product roadmap to complement existing infrastructure and strategic business needs, with a focus on complementary product sets which Oracle offer that are typically used alongside customers existing assets. • Documented service recommendations to support deployment of shelf-ware and optimise use of assets.
• Commercial recommendations to reduce costs by simplification of license and contract administration, leveraging our understanding of Oracle’s business practices to ensure that the most cost effective commercial agreements are in place. Deliverables • Architecture Discovery Diagram • Detailed management report which documents analysis and recommendations • Supporting business case for crystallisation or extension of any strategic license frameworks • Option to consider annual architectural discovery to identify inefficiencies, opportunities for technology consolidation and areas for optimisation
Prerequisites Controlled access to the architectures being assessed. Service is relevant to customers who have a single active annual Oracle support renewal or to those with a Strategic License Framework i.e. Unlimited License or Pool of Funds Agreement.
initial discussion... Book an initial discussion by emailing our Oracle team at oracle.team@bytes.co.uk or call your Bytes account manager on 01372 418500
www.bytes.co.uk | 63
applications
Adobe Acrobat XI Pro
10 Great tips
for your workday
1. Create PDF files with 100% Adobe quality Generate original Adobe PDF documents with reference quality. The structure and integrity of the originals remain fully intact. Adobe PDF files can be created from Microsoft® Office with just one click – and that includes the conversion of e-mails in Outlook into PDF files. Your advantage: low error ratio thanks to 100% Adobe PDF.
2. Easily export PDF files into Office formats Creating PDF files from Microsoft Office is easy. And it’s just as easy to export Word, Excel and PowerPoint files back from Acrobat, and then edit them as you see fit. Your advantage: you can use content from PDF files right away with no complications.
3. Edit text and images directly At last you can edit text and images directly in PDF files just like you can with other documents. Intelligent tools ensure that the original layout and formatting are retained. Your advantage: you don’t need the original to make alterations.
4. Permanently remove confidential information Permanently delete information – in specific text or illustrations – which is not intended for publication. Your advantage: sensitive information is deleted with 100% certainty. 5. Convert scanned content reliably Paper documents are easy to scan and convert into Adobe PDF files. Thanks to enhanced optical character recognition, content is converted into searchable text and can be exported into Microsoft Word or Excel. Your advantage: quick transfer of content from paper documents.
64 |
8. Archive emails as PDF files Individual emails and entire email folders from Outlook and Lotus Notes, together with their attachments, can be converted into searchable PDF files. Entire email correspondence sequences with all their associated project documents can be archived as PDF documents and handed over smoothly to other colleagues as required. Your advantage: easy archiving of all your e-mail correspondence including all relevant information and attachments. 9. Automate recurring tasks Automate time-consuming and constantly recurring tasks using the Action Wizard. The standardised workflows are easy to manage, execute and deliver. They can be applied to one or more Adobe PDF files simultaneously. Your advantage: you can deal with routine procedures in a single step. 6. Create interactive PDF and HTML forms With the help of the integrated Adobe FormsCentral Desktop, you can create individual forms from scratch with just a few clicks or use ready-made professional templates to design them. As these can be saved as writeable PDF files or exported as web forms – a web browser and an internet connection are all that’s required to fill them out. Your advantage: it’s easy to create professional surveys of all kinds. *HTML forms can only be used with the optional fee-based service Adobe FormCentral
7. Speed up document reviews Streamline your internal communication with Acrobat’s commenting tools. All the people involved can see the comments made by others. This eliminates uncertainties and makes additional phone calls and meetings unnecessary, speeding up document reviews as a result. Your advantage: review and approval processes are far more effective.
10. Review web pages easily, view them offline, and archive them Web pages can be converted into PDF documents, saved and archived using Acrobat – with all their links and subpages preserved. As PDF files, web pages can be altered quite simply during the creation phase by using Acrobat’s commenting functions. They can also be created directly from Internet Explorer or Firefox. Your advantage: up-to-the-minute content can be archived simply, and online projects can be reviewed far more easily than before.
further info... on Adobe Acrobat XI Pro contact your Bytes account manager on 01372 418500.
www.bytes.co.uk | 65
BYTES has won 3 Adobe Channel Partner Awards in the last 2 years
document solutions
tooutsource OR NOT TO outsource Darren Spence Managing Director, Bytes Document Solutions
Organisations are forever looking at ways to cut their operating costs. For some, the answer is to outsource an entire business function, such as IT (IT Outsourcing), or HR (HR Outsourcing) to a specialist organisation, thereby transferring the risk, cost and efficiency challenge to someone else. Outsourcing an entire function (aka Business Function Outsourcing - BFO) requires months of careful planning and negotiation to ensure that both the customer and the supplier fully understand and contractually agree on what is expected. For many organisations, BFO is considered too risky or too complex to implement. As such, rather than choose to outsource an entire business function, most choose instead to outsource a specific Business Process, ie Business Process Outsourcing (BPO), such as their Payroll processing, statement processing, or the Accounts Receivable process. Whilst BFO and BPO can deliver tangible cost savings with wider business benefits such as the transfer of risk, their effectiveness as a long term cost-down solution will depend entirely on the efficiency of the outsourcing provider or the contractual agreement entered into as BFO and BPO can be delivered entirely as a manual service. Indeed, there is often no stipulation that technology needs to be used to underpin or transform the function or processes being
66 |
outsourced. Providing the outsourcing supplier meets the targets agreed to, they can, within reason, do as they wish and deliver the service however they wish. Customers need to consider that if technology is not used to underpin or transform the way the service is provided, the quality of the service will over time be compromised as lowercost labour solutions will be sought. The only sure way to realise long term cost efficiency gains is to introduce fit-for-purpose technology solutions that are capable of transforming predominantly manual-based processes to mainly automated ones. With this in mind, organisations looking for efficiency gains should first consider whether they have the internal skills and resources necessary to transform their current processes as they may not need to outsource. If they do have the necessary internal resources they’ll invariably still need to partner with a specialist Business Technology organisation, such as Bytes Document Solutions, but the process of finding and appointing a business technology partner is far less time consuming than finding the right outsourcing partner.
If outsourcing is still the preferred option, organisations need to have a very clear idea of how their chosen outsourcing provider is going to transition and then transform the service. They need to stipulate that any outsourced service provision must be service-led and technology driven. A service-led approach without the incorporation of a technology component will only deliver efficiency gains for the first one to two years. If you’re looking for ways to improve the efficiency of your organisation or department contact one of our Document Solutions experts. We have proven turnkey technology solutions which can transform the Accounts Payable; Accounts Receivable; HR; Sales Order Processing; and Contract Management processes. We also have 20 years’ experience of Managed Print Services so we can help you save money on the provision and management of your printer/copier fleet too. Bytes Document Solutions: Helping you print for less, and print less.
to learn more...
about how an effective “Managed Print Service” PLUS a “Business Document Automation” solution can help your organisation, contact your Bytes account manager or contact Bytes Document Solutions on 01293 543434.
partners
more
haste less speed To help our customers fully utilise the technology locked in their software licensing agreements, we have developed our Partner Eco-System - designed to complete the legwork of short-listing high quality, suitably accredited suppliers from someone you trust. From Cloud and Virtualisation strategies through to the implementation of Microsoft SharePoint, Unified Communications, Security and Data BackUp services, we’ve found and recruited System Integrators and IT Solution Providers that share our standards and complement our software services. We call it our Partner Eco-System. Maggie Perry Microsoft & Partner Business Manager, Bytes
Today with a plethora of successful deployments and even more satisfied customers under our belts, Bytes is building a strong reputation as an organisation that can not only bring sense, clarity and cost control to software licensing but also excellence in the delivery of solutions that will drive true benefit to Customers. If you’d like to know more about how our Partner Eco-System can help you unlock the true value in your licensing agreements, please read the following four articles written by our Partners or ask your Account Manager for more information about the spectrum of technologies that we can deliver and the Partners we engage with.
As cloud technologies mature, fewer and fewer projects experience the false starts and growing pains familiar to early adopters. Instead, quietly growing confidence in the market has reintroduced agile deployment and timeto-value as a core concept driving adoption. Raised expectations For Cloud projects to be viable today they must demonstrably outperform legacy systems almost immediately upon completion. For years the products and services sold under the Cloud banner promised quick wins - instantly identifiable benefits and significantly reduced management complexity. Now customers expect providers to deliver on that. Consequently Cloud projects today are less exploratory and more transactional. The sheen is off. Never mind the technical achievement - what does the solution actually do for the business? It’s no longer enough to simply stand up an environment. Projects must integrate seamlessly with existing
68 |
systems and processes (which themselves might need adapting) to be deemed successful. Such was the case during a recent project between Bytes, Dot Net and a major international airport.
The value of urgency After some internal reorganisation, the airport identified 4,000 operational staff with no access to critical IT functions such as email. As such, the business had no effective method of communicating important information to 4,000 employees, ranging from security guards to car park attendants to baggage handlers. Historically, the airport relied on paperbased processes to disseminate information within this group - a mixture of physical correspondence to home addresses and on-site notice boards. This was not just costly, it made the distribution of critical information, such as updated health and safety policies, incredibly hard to measure, raising potential legal and regulatory implications. The upshot was an urgent need to bring 4,000 new users online quickly, non-disruptively and cost-effectively. Bytes were immediately able to offer a compelling business case (and price point) with Office 365 by leveraging the airport’s existing Enterprise Agreement with Microsoft to reduce licensing costs.
Identifying the real project
Rapid reporting
Of course, creating 4,000 mailboxes for an Office 365 (O365) environment was the relatively simple part. The new mailboxes would be deployed in a parallel domain to the airport’s current email systems, negating any potential migration complications.
Regardless of the licensing economies or speed of deployment, a project like this lives or dies by utilisation rates. Given O365’s strong mobile compatibility, the airport elected to roll out the mailboxes via a BYOD initiative in order to save costs and encourage adoption.
The real project was to populate those mailboxes with accurate user information with no source data outside of a poorly maintained HR spreadsheet. In the early days of cloud, this kind of obstacle might’ve produced significant delays, if not derailed the project altogether. Today, it’s an opportunity for service providers differentiate themselves. Collaborating with Dot Net, the airport set about first cleaning the already sparse data, and then extrapolating from it to establish user information (such as first name, last name, terminal number, and user group) for each mailbox. Once the discovery exercise was complete (and O365 licenses assigned to prospective users), Dot Net began the change management phase of project. This necessitated the authoring of high-level support documentation to encourage utilisation and the training of support desk staff to ensure the airport’s internal resources could sustain the solution upon completion.
After completing thorough connectivity testing on every brand and model of smartphone and tablet available, the airport sent out one final paper-based notification, informing the 4,000 of their new email addresses, temporary passwords and access instructions. Current uptake estimates stand at an impressive 70%. Equally importantly however, the remaining unused licenses have been recalled and redeployed elsewhere in the business, further increasing cost efficiencies. All in all, the project took six weeks from initial proposals to the final go live date. The days of the floundering cloud deployment are over. Customers are raising their expectations to include in-depth, collaborative problem solving within the remit of Cloud projects, and agile providers that can balance complexity with speed are likely to remain the preferred choice.
find out...
To find out more about Office 365 or how Bytes and Dot Net Solutions can help you to implement it please speak to your Bytes account manager 01372 418500.
www.bytes.co.uk | 69
partners
clinical the
DESKTOP SOLUTION As we start 2014, it’s a time of change in the NHS. With the publication of
reports like Caldicott and what feels like almost daily news items around NHS Trusts failing to meet Government set guidelines, our national healthcare provider is under more pressure than ever to deliver more with less. OCSL have been working closely with Healthcare Organisations & NHS Trusts over the past 18 months to understand their needs and create what could make a measureable difference to the daily working life of clinical teams to directly benefit the patients they serve. The result is that we’ve successfully brought to market a revolutionary clinical desktop solution called acceSSOnce. Background: Over the past 5 years there has been a significant increase in expectation for clinical staff to log in to various clinical applications to capture real time data. Projects like EpR, ePrescribing and e-observations, along with massive increases in Emergency Department admissions are all driving this. No longer just the responsibility of the admin assistant, clinical staff could be expected to log into at least 8-10 core clinical applications throughout their shifts, each requiring different user credentials. What’s the Solution? acceSSOnce will manage secure identity for systems while maintaining ease of access. Clinical context supports application integration of clinical workflow providing a seamless process. The system is easy to use and enables staff to access information quickly. Saving clinicians approximately 30-45 minutes each per day. The virtual desktop loads almost instantly for users, reducing the time spent logging in, which immediately showed a benefit in a Trust where clinicians no longer have to arrive at clinic 10 minutes early to get online. A tap and go feature either using proximity cards or smart cards gives the ability to quickly move users’ sessions between devices with ease, which enables utilisation of time either in clinic or theatre sessions.
70 |
Another example of where this has benefitted is on a busy ward - there is limited access to workstations to view or report on clinical information, and with all Trusts transforming to “paper light” by 2018 there is a need to provide an alternative solution to access patient histories and blood results by the bed side. Mobile device management gives the clinical staff the ability to roam from their consulting rooms to ward rounds, transferring their active session from desktop to mobile device. Context management via PASID or NHS numbers manipulates screens to improve patient workflows between applications and reduces the amount of user errors. What’s behind it? acceSSOnce supplies a smooth migration path to Microsoft Windows 7 and beyond, while leveraging the Microsoft Server 2012 Hyper V and System Centre 2012 platforms, to give a dynamic and fully integrated management stack. The solution has been hailed by one customer at Luton & Dunstable NHS as “Delivering 21st century healthcare” Whilst Government requirements will undoubtedly continue to increase, the Trusts using the acceSSOnce solution are delivering a best of breed technology service to the organisation, allowing them to improve the way patient care is delivered to the community. To view our seminar and watch a video of acceSSOnce in action at Luton & Dunstable NHS, visit http://www.youtube.com/watch?v=9Kw25F1Ylig
more info...
on OCSL or acceSSOnce, speak to your Bytes account manager on 01372 418500
FACT Humans are social animals, we need to interact
and exchange. Being able to communicate is what connects individuals and builds relationships, and the best bit is that we normally do it without even thinking about it.
matters counts Communication Collaboration
If people are an organisation’s biggest asset, then the power of speech is what makes them so valuable. Speaking and listening skills are often taken for granted and not given the recognition they deserve. A good conversation is unique in its ability to provide immediate feedback and clarify what others are saying, eliminating the potential for mis-understanding. We all know it’s not just what you say, it’s how you say it. How many times have you read an email and not known how to interpret it or what the sender really means? Whilst non-verbal communication informs your audience in face to face meetings, for remote conversations, tone of voice is a vital and unique feature which cannot be replicated by any other form of communication. Or perhaps you are stuck in one of those endless email chains that goes back and forth and you are just not getting your point across or understanding what is being asked? A quick conversation with the right people often resolves the issue. But talking is only part of the puzzle, when you need to deliver results, collaboration takes a conversation to the next level. Defined as ‘The action of working with someone to produce something’, collaboration needs people, but today’s technology means you no longer have to be in the same room, in the same country or even using the same technology to collaborate and share. Successful collaboration makes people more productive and businesses more efficient. Adding a virtual element improves accessibility (24/7, anywhere, any device), efficiency, engagement and even work / life balance. From simple audio or web conference calls and Instant Messaging, to desktop video and fully immersive room systems you can collaborate globally with just a click. Need a quick answer to a quick question? Microsoft Lync real-time presence information allows you to see if a colleague is available online and enhanced Instant Messaging (IM) connects you efficiently and effectively.
If the quick answer isn’t quite that quick, you can instantly transfer documents, speak via VoIP voice or share your screen all from the same application. Audio and web conferencing is the easy way for a number of people to communicate and share thoughts and ideas, documents and content. With industry leading browser based access, VoIP and mobile options it has never been easier to start, join or manage your meeting. For the ultimate collaboration experience, you need a fully interactive, immersive meeting where participants are virtually ‘in the room’. With the SMART Room System for Microsoft Lync you can connect with a single tap, view participants in High Definition video, present and share in real-time, and write or draw on an interactive whiteboard. In fact the only thing you can’t share in a SMART Room System meeting is the coffee and biscuits!.
find out...
more about InterCall or Lync, speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 71
partners
POWERFUL
simple self-service,
Business Intelligence for all your users too good Power BI is a set of tools and services that allow you to discover, manipulate, visualise and share your business data and relevant external data, in order to gain insights and better manage your business. With Power BI, widespread adoption of BI throughout your business is possible. The capabilities are accessed and delivered through Microsoft Excel and a web-portal, which users are familiar with.
You are not restricted by where the data you want to access resides, and the Power BI capabilities can be used in the office on a PC, or on the move with tablets and smart phones. This gives users an access-anywhere, intuitive, self-service BI capability, while IT retains control. Outlined below are some of the capabilities included in Power BI, and how it can enable your business to gain new and better insights. • Power Query – easily discover and connect to data from company and public data sources. Use a search function in Excel to look for the data that you’re interested in, select it, and it’s imported. • Power Pivot – create a sophisticated Data Model directly in Excel. This is for Excel power users (you don’t have to be a developer!) and allows you to define custom measures and mash-up data from multiple sources.
to be true
• Power View – create reports and analytical views with interactive data visualisations. This also includes the ability to display how your chosen data changes over time – so for example you might be charting sales data for different product lines, and use animation to show how these evolve over a chosen time period.
• share business data centrally and securely, • track performance targets and trends, • combine data from multiple sources and visualise it to gain insights, • provide self-service tools to allow users to find answers to ad-hoc queries.
• Power Map – explore and navigate geospatial data on a 3D map experience in Excel. This is a very powerful capability – any data set that includes geographic locations can be plotted onto a map. You can then also show how this changes over time. See the picture for an example of what Power Map can do – all it takes to create these plots are a few clicks of the mouse, which any user can do.
One of the key deliverables is a whole business dashboard that can be viewed and interacted with on a tablet. These capabilities will give their business tremendous real time visibility of what is happening internally and externally, and allow them to make more timely and better informed decisions to drive revenue.
• Power BI sites – publish the reports, views and dashboards you’ve created to your Power BI sites and share them with your colleagues, allowing everyone to view and interact with them. • Power BI Q&A – this is an amazing capability that allows you to ask questions of your data in plain English. It answers your question as you are typing, and also suggests questions – very similar to using a search engine for the web. If, for example, you wanted to know “Revenue by customer segment in London in January 2014”, you would simply type this in, and the data would automatically be presented as an interactive chart or graph. Northdoor are currently working with one of our clients, a motor insurer, to implement a BI capability across their business using Power BI. Their objectives from the project are to:
find out...
Microsoft’s Power BI offering may not be the right choice for every business, but it will be for many, and we would certainly recommend that it is one of the options that you consider. Microsoft are innovating heavily in this space, and are increasing the cadence of their product releases, with a cloudfirst approach. So in other words all the new capabilities will come to the cloud first, and if you consume them in this way, you don’t have to worry about upgrading your infrastructure to take advantage of them. About Northdoor Northdoor is a long-established mid-market systems integrator and consultancy, with expertise across the full Microsoft enterprise technology stack. Holding several Microsoft Gold Competencies, including one for Business Intelligence, Northdoor provides end-to-end business solutions built on SQL Server 2012, ranging from consultancy and design through to implementation and support.
more about how Northdoor can assist with your business requirements, speak to your Bytes account manager on 01372 418500.
72 |
meet the
manufacturers We’ve listed a small selection of some of the events being run or attended by our manufacturers in 2014. These events offer a perfect opportunity to meet the experts and also to network and swap ideas with peers. If you would like details of any other manufacturer events not listed here, please speak to your Bytes account manager who will be happy to assist you.
Citrix Synergy 2014: Los Angeles 6th – 8th May 2014 The conference will present the latest solutions for mobile work styles and cloud services. Synergy will showcase the newest mobility, virtualisation, cloud, networking, and collaboration technologies from Citrix and other leading IT companies. Synergy is renowned for insights into macro IT trends, professional networking and intensive technical training - all presented in a community-focused atmosphere. This three-day event provides unmatched value to IT professionals at all levels, from executives to administrators.
Vision 2014: Las Vegas 5 - 8th May 2014 This event offers hands-on labs, technical breakouts, in-depth training, and one-on-one time with Symantec engineers and product experts. You’ll leave the event with the knowledge, relationships, and inspiration you need to solve tough new IT challenges, squeeze even more value from your Symantec investment, and move your IT organisation toward a successful, productive future.
To find out more about the Los Angeles event: www.citrix. com/events/citrix-synergy-los-angeles-2014.html
VMworld 2014: San Francisco, 24th – 28th August 2014, Barcelona 14 – 16th October 2014 Learn about the latest virtualisation technologies and strategies which can help your organisation realise its vision for a cloud computing approach to IT. In VMware’s words: “Don’t miss VMworld 2014 - where IT and business professionals learn how to navigate the daunting world of cloud computing. Not only does it demand a new level of innovation and performance, it requires the confidence to push system and software delivery to the next level. Get the tools and training you need to master this new landscape, with the speed, security and control you’ve come to expect. We are ready. The technology is here. And the partners are in place. Move with the boldness of the industry that never sleeps - go with the power of VMware at your side.”
Oracle OpenWorld 2014: San Francisco, 28th September – 2nd October 2014 You’re sure to discover new ways to optimise your systems, new solutions that will help you take your business to the next level, and new practices that will make you more successful in your job and in your industry. To find out more: www.oracle.com/openworld/index.html
IP Expo: 8th – 9th October 2014, ExCel, London IP Expo is the biggest end-to-end IT infrastructure event in the UK. It receives visitors from both the private and public sectors and due to the quality of the keynote speakers and exhibitors, it’s of particular interest to those at board level, and those involved in IT strategy, management, implementation and infrastructure. For 2014 the event moves to ExCel London which hosted the Olympic and Paralympic events in 2012 with 1.3 million visitors. For more information visit: www.ipexpo.co.uk/Exhibitors
For information on this event: www.symantec.com/vision/
To pre-register interest: www.vmworld.com/community/ conference/pre-reg
CPX 2014: Washington DC 8th – 9th May, Barcelona 20th – 21st May 2014 Check Point Experience is Check Point’s annual conference to bring together customers, partners and industry leaders to discuss the latest technologies and solutions surrounding the hottest topics in Internet security. To find out more visit: www.checkpoint.com/experience/ 2014/washingtondc/faq.html
InfoSecurity 2014: Earls Court London, 29th April – 1st May 2014 Infosecurity Europe is the only European event that enables industry professionals to gather vital information about the latest trends and developments in IT security, exchange ideas and shop for products and services to create security solutions. Bringing together hundreds of providers (about 350 exhibitors) showcasing the latest product and service solutions in the ever-changing IT security arena, Infosecurity Europe provides a leading platform for organisations to address constantly evolving security issues.
IBM in the UK hosts a comprehensive range of events, fairs, exhibitions, seminars and conferences. Aimed at all IT professionals, including developers, their ‘IT Solution’ events provide information on current hot IT topics and full IT solutions, including software, hardware and services. For more information visit: www.ibm.com/events/uk/en/
For full details: www.infosec.co.uk/
www.bytes.co.uk | 73
interview
in the
hotseat Jon Cook
Citrix National Sales Manager In this feature we interview a senior figure from the world of IT. We ask them a bit about their view of technology from their perspective, but mostly we like to be nosey and find out about the person behind the job title! As a child what did you want to be when you grew up? I come from a services family so I always wanted to join the RAF to be a pilot. Sadly (at least for me) the Berlin wall came down, the cold war ended and the RAF had too many pilots so they stopped recruiting for a few years and I had to think again.
much that week as his dry cleaning bill was taken off my wages, it was nice wine too!
What was your first job? My first job was as a waiter. In my first week I managed to drop a tray of open wine bottles into the lap of one of the customers. I didn’t earn
In a nutshell what does your current job entail? I run a team of end-user sales people selling into corporate and public sector customers across the UK. Citrix is very much a ‘channel-based’ business so we work very closely with our reseller and distribution partners to meet the needs of our customers.
74 |
What was your first job in IT & in what year? My first job in IT was as an account manager for Learning Tree International, selling technical training and consultancy services in 1996. Technology was booming and nobody understood it or knew what to do, so we sold a lot of Windows NT Administration courses. What is your current job title? National Sales Manager, Field Sales.
What do you think was the single biggest & most beneficial influence on IT in the last 20 years and why? Clichéd as it sounds, the internet has fundamentally changed all areas of our lives – work and personal. For businesses, the emergence of cloud services, coupled with smartphones and tablets, has transformed the way we work. And for consumers, the ability to shop from anywhere, stream TV and video services and communicate anytime, anywhere have all been made possible by the web. Even ten years ago, who’d have thought it possible to order your groceries via your mobile phone, on a train? What do you think will be the next ‘big thing’ in IT & why? From a Citrix perspective, as we continue to see emergence of the mobile enterprise, the next big thing in IT will be all about apps – not desktops - and making those apps
available anywhere. For the thousands of Windows applications in corporate circulation today, the ability to host and deliver apps without leaving a trace of data behind will become more critical to enterprise mobility strategy. With the emergence of apps also comes mobile app proliferation and confusion, as IT managers figure out how best to create enterpriseclass applications to meet employee demands. From a personal perspective, I think the internet of things is likely to further evolve life as we know it – the emergence of “smart” products - from toothbrushes to fridges - to create a hyper-connected environment that can anticipate your every need. What piece of technology could you not live without & why? My iPhone – I’ve had one since they first came out and I still love it now. The great thing about it is that it delivers useful stuff for both work and non-work. It’s my life… in a sleek, well designed 12cm x 6cm box. Other IT companies are now trying to look at the implications of this merging of work and personal for their own products. If you could have lunch with three famous people past or present who would you choose & why? Stephen Fry – he’s a massive intellect and technophile with a wonderfully eccentric outlook on the world. Eddie Izzard – he’s entertaining and whimsical. Thomas Jefferson – I expect that someone whose talents extend from inventing the swivel chair to being the 3rd US President has some interesting perspectives. What was the last book you read and what did you think of it? Bomber Boys by Patrick Bishop. My father was a navigator during WW2 in the Pathfinder Force flying in Lancaster bombers. This book gave a great insight to the kinds of things he had to deal with, aged 19. What is your favourite TV Programme? We’re currently hooked on Nordic noire crime drama, “The Bridge” in my house so I’ll say that.
What are your hobbies? Rugby has been my passion, but these days that means touch rugby. I also enjoy a sedate weekly game of 5-a-side football and coach the local kids team. Do you have a favourite saying or motto, if so what is it? I’m an advocate for more ‘charm’ in the world, so I think it would be “You catch more bees with honey, than you do with vinegar.” What is your favourite biscuit & why? Chocolate digestive – dunkable and it’s got chocolate! If you were asking the questions for this piece, what single question would you ask? If I were an animal – what would I be?? ....and what is your answer to the above question? The butterfly that my wife found in our kitchen over Christmas and kept alive with sugar water seemed to have a pretty good existence… If you could trade places with any other person for a week, famous or not famous, living or dead, real or fictional - with whom would it be and why? Jonny Wilkinson – Rugby World Cup Final week in 2003. After the kick that made us the world champions, he was the Colossus of the rugby world and marked the beginning of a decade of some great sporting successes for the country. If you were given a month off and the money for the fares and accommodation, where in the world would you go and why? I’d go sailing around the Caribbean. I’ve not seen much of that part of the world, nor have I done much sailing but it looks great and I think I’d like it.
What would be your 8 ‘desert island discs’? (and which *ONE track would you choose if only allowed one) 1. Video Cor Meum* – quite simply the most beautiful song I’ve ever heard, a massive contrast with the film “Hannibal” from whose soundtrack it came. 2. Love Will Tear Us Apart – Joy Division. Reminds me of school. 3. Requiem – Mozart. My wife likes Mozart and has played this in the car so much that my children now know it off by heart. Reminds me of long journeys. 4. Teardrop – Massive Attack. Off the ground-breaking Mezzanine album that came out around the time I met my (now) wife. 5. Night Time – The XX. Eerie, mucky music. 6. Barra Barra – Rachid Taha. Alright so he’s Algerian and this song has been heavily westernised but there’s something about it that reminds me of living in the Middle East as a child. 7. Tessellate – Alt J. 8. Come as You Are – Nirvana … Because people my age like these guys. What and where is your favourite restaurant? Taste of the World, Reston, Viginia. A truly non-descript, badly decorated Thai restaurant sitting on a dull, faceless business park in suburban Washington DC near the airport. All made up for by the best Satay Chicken I’ve ever had. I used to eat there at least twice a week when I was living and working in the US.
What is your greatest achievement? I think becoming a parent has put all other achievements in the shade for me.
www.bytes.co.uk | 75
regular
tryBefore YOUbuy Offers a broad range of products on a trial basis, to view the current selection visit: www.adobe.com/uk/downloads/
For a 30 day evaluation of Becrypt software, register your interest here: www.becrypt.com/evaluation-request
A comprehensive Trial centre, providing downloads of many Citrix products: www.citrix.com/site/SS/downloads/index.asp
Offers various free trials on its site located at www.checkpoint.com/products/trials/index.html
Download a free 30 day trail of Good for Enterprise at: www1.good.com/resources/trygood
Kaspersky offers 30 day trials for several of its products across the small office, business and corporate spectrum. www.kaspersky.co.uk/trials
Try LANDeskâ&#x20AC;&#x2122;s top selling products before you buy them or read what analysts have to say about LANDesk. http://www.landesk.com/downloads/
Trial versions of McAfee SaaS Endpoint Protection Suite & McAfee SaaS Total Protection + several others are available at: www.mcafee.com/us/downloads/downloads.aspx
Software vendors offer a huge range of products and solutions on a try before you buy basis, below is a small selection of some of the most popular:
A broad range of Oracle products available for educational and trial purposes are available free of charge at: www.oracle.com/technetwork/indexes/ downloads/index.html â&#x20AC;ŚIf you already have a commercial license you should use the Oracle Software Delivery Cloud located here: https://edelivery.oracle.com/
To try RSA secureID for free visit: www.emc.com/security/index.htm
Put Sophos products to the test at: www.sophos.com/en-us/products/free-trials.aspx
Offers a comprehensive range of trialware on its site: www.symantec.com/en/uk/business/products/ downloads/index.jsp
A good selection of Trend Micro products available to download here: http://downloadcenter.trendmicro.com/index. php?regs=uk
Offers a free download of Veeam ONE for VMware and Hyper V at: www.veeam.com/vmware-esx-reporter-free.html
Download and evaluate VMware Desktop and Datacenter products from: www.vmware.com/tryvmware/
Live and video online demos + evaluation products available at: www.websense.com/content/evaluations.aspx To trial a broad selection of Microsoft software and service packs visit: www.microsoft.com/downloads/en/default.aspx
76 |
BYTES SOFTWARE & LICENSING SERVICES UK and Global Software Licensing Experts “Bytes have helped Tesco make significant savings by effective and intelligent management of our licensing entitlements. They manage our global requirements, are able to keep us abreast of new and relevant licensing changes and apply these to our requirements ensuring we are always licensed in the best way possible”. Head of Tesco Group IT Procurement
Bytes Software Licensing Services With over 600 different vendors to choose from, and with over 20 years’ experience providing software solutions to businesses, Bytes is perfectly positioned to meet your software licensing needs. Amongst other benefits, Bytes utilise their purchasing power and strong relationships with software vendors to negotiate the best possible rates, whether it’s volume licensing or specialist software. But we’re not simply about maximising your procurement budget. All of our team are experts in software licensing which enables us to provide you a truly focussed level of software licensing knowledge and support. We provide information about current software enhancements and other announcements as they happen and can recommend the solutions from established and emerging technology vendors. But of course, the key benefit to you is how much we can save you. By analysing and assessing your current software usage (see our TLC offer below) we can re-shape your license model to fit prevalent vendor discounting offers, and by using our intimate knowledge of vendor license agreements we can maximise the right deal for all parties. Imagine a situation in which your software requirements are accurately predicted both
now and years into the future. Bytes can make this a reality by analysing your IT infrastructure and comparing it to growing trends in the market, allowing us to recommend licensing agreements that are both cost-efficient and flexible enough to grow with your business. Bytes International Licensing International companies with a global software requirement will benefit from our specialist knowledge of international licensing. We are highly experienced in handling the myriad of different approaches to managing ICT systems internationally, helping you to overcome the technological and cultural barriers to local adoption. In order to gain you the best price possible, we can also use the foreign exchange markets to purchase the software in the most cost-effective currency. The Bytes Portal Everything comes together through the Bytes Portal, including: The Service Desk – a quick and easy communication channel into Bytes. Online Ordering – purchasing your software has never been easier, and the flexible system is entirely tailored towards your company’s needs. Contract and Maintenance Management – existing licences are tracked with a traffic light system and warnings issued when the licence renewal dates are approaching. During each stage of the process the system feeds back information, which we can use to negotiate favourable rates for software renewals.
Mandi Nicholson Bytes Sales Director
learn more...
about Bytes Software & Licensing Services and SAM services, please speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 77
BYTES SAM SERVICES Software Asset Management isn’t just about compliance, it’s importance in large corporations for increasing performance and profits is becoming clear. Software Asset Management has been a necessary consideration for large companies for the past ten years, and Bytes have been at the forefront of this industry since day one. Many companies claim to offer SAM, but very few prioritise it as a core service. We are a Microsoft Gold Partner for SAM and were instrumental in establishing the ISO19770 standard in 2007. For companies that are using, or looking to use a Software Asset Management company, Bytes have three packages that will ensure your company is maximising the efficiency of its software estate. Taking one package does not restrict you from utilising parts of another; in fact many of our clients will later pick and choose various products from within another service range because either their internal structure changes, or because they find they waste less time, resources and money by outsourcing some of their SAM requirements to us. 1. A Software License Review (SLR): The first package is a full software asset audit, which gives companies a clear picture of their current software portfolio status and a definitive account of software users. We can utilise your existing SAM software, such as Altiris, SCCM, LANdesk, to name but a few, or we can use our own system to conduct the review. Fundamentally this package is designed for customers that need to inventory their software assets either for compliancy reasons, or to ensure they are making full use of their software investment. In both instances it is imperative that a completely accurate picture is generated from the audit, and Bytes will provide you with exactly that.
78 |
2. Asset Management Platform (AMP): For a continual overview of your software portfolio, we can supply and implement one of the world’s most respected SAM platforms – Snow License Manager. Snow License Manager is fully ISO 19770 and ITIL compliant and comes highly recommend by us. This package principally involves supplying and implementing the software; however, we can also provide both technical support and assistance with system controls and data entry. 3. The Bytes Asset Management Service (AMS): For those who do not have the time or resources to manage their software portfolio, Bytes offer a fully managed SAM solution. From initial audit and installation of an Asset Management Platform, we can take total control over usage, licenses, vendor audits, procurement and end-of-life software. To augment this service we have created a bespoke online resource that allows you to monitor and control your software estate in real time. The Bytes Portal is easy to use, extremely practical and very cost-effective.
Chris Hibbert Bytes SAM General Manager
“ Throughout the SAM process, Bytes demonstrated a tremendous level of knowledge and provided us with an extraordinary service. They’ve proved their value to the firm and have earned their place as one of our trusted business partners”. IT Manager, Martineau Johnson
BYTES LEARNING SERVICES Finding the right training course for you and your organisation just got easier! In 2010 Bytes organised 2,786 courses across 400 companies, in both the UK and internationally. Our independent position, coupled with our extensive knowledge and close relationships with all major vendors, means that we can source the highest standard of courses covering all forms of software learning, management and personal development. We can cater for all requirements and budgets, utilising our buying power to offer our customers the best rates. Our Learning Solutions team was established in 2000 and continues to grow as the importance of software and management learning becomes recognised. Our experience, systems and partners, means that whatever the course you’re looking for, we’re confident we can find it for you in less time and at lower cost.
The range of training courses offered: • Vendor specific courses including Microsoft, Oracle, Unix, VMware, Adobe, Citrix, Symantec, Cisco, Juniper, Novell, IBM, Lotus and many more. • Management & Personal Development. • Information Technology Areas including Virtualisation, Infrastructure, Networking, IT security, PC Maintenance, Software Licensing. • Data & Telecommunications. • Project, Programme & Service Management including Prince2 and ITIL. • Desktop Applications from Adobe, Lotus, Microsoft to bespoke.
“Bytes Software Services were able to provide us with a flexible approach in providing a team of high quality and appropriately qualified trainers to deliver training in a number of our offices. They quickly understood our requirements and provided us with a robust and well supported solution.” Director of ISS, Linklaters
Bytes offer a range of learning services to meet our customer specific requirements:
Bespoke training
If you need something that’s not ‘off the shelf’, let us know what you are looking for and we can put together a training solution to fit. Whether it’s a mix of technologies and vendors or the need for tailored on-site or off-site courses we can help. eLearning The most cost and time effective method of on-line training available. Whether it’s standalone or as part of a blended training solution, eLearning courses can provide the most flexible solution. All our eLearning courses are provided by our training solutions partner, Arc IT Training.
Bytes Licensing Academy
We offer two courses: ‘Licensing Essentials’ and ‘SAM Best Practice’. The Bytes Licensing Academy has been developed for our customers to help understand the complexities of software licensing and software asset management. These half day courses - vendor-specific or generic - are run by Bytes and they are for both the novice and experienced. Rachel Gill Learning Solutions Operations Manager
Training Budget Services To help our customers maximise their training budgets, we offer a range of services designed to fit a variety of budgets and payment systems. Prepayment discounting and price freezing along with prepayment budget management are some of the payment methods offered.
learn more...
about Bytes Learning Services, please speak to your Bytes account manager on 01372 418500.
www.bytes.co.uk | 79
survey
% 97 would Recommend
BYTES 93% rate the service Good or Excellent.
Bytes have helped Tesco make significant savings by effective and intelligent management of our licensing entitlements. Their knowledge and ability to answer queries and sort problems accurately and quickly has made us more efficient and able to turn projects around at a pace that aligns with our business needs. Head Of Global Procurement Tesco
Bytes has helped us rationalise and optimise our Microsoft Licensing. They have proved invaluable in supporting us in ensuring consistency and compliance in a very complex estate. Bytes are a trusted source of licensing advice, demonstrating a superior understanding of our business. IT Manager Balfour Beatty
IT Manager De Montfort University
Software Asset Management audits are usually very painful, labour intensive and time consuming exercises, but this time round it was as painless as it could possibly be. Itâ&#x20AC;&#x2122;s the people who are experts in their field, but they also care about their clients sufficiently to get to know them and their infrastructure. Head of IT Kingsley Knapley
The Bytes team remained by our side throughout the whole process, providing extensive expert assistance. Their knowledge of Oracle systems ensured we got the right solution, at the most economically advantageous value for Electricity North West. IS Supplier Manager Electricity North West
80 |
Bytes SP focus on strong and proactive account management, provide excellent support and are therefore a partner we can work with long term. The rollout and on-going support we receive is first class.
Bytes have given us a fantastic service over many years. Our account manager understands our industry and our organisation well, so is able to offer products and services which meet our requirements and provide best value for the organisation. It feels like Bytes work with us as partners. Information Management Directorate Barnet and Chase Farm Hospitals
Bytes Software Services were able to provide us with a flexible approach in providing a team of high quality and appropriately qualified trainers to deliver training in a number of our offices. They quickly understood our requirements and provided us with a robust and well supported solution. Director of ISS Linklaters
I would absolutely recommend Bytes as a partner for anyone. Our Bytes Account Manager was amazingly helpful, he showed us all the options, we really felt like we got a sense of partnership from him. He was helping us, for our own purposes and not necessarily for Bytes’ own increased sales.. Head of IT Top Right Group Plc
Right from the pre-sales stage, Bytes has consistently shown incredible customer engagement and proactive support. Having been with a competing LAR for the previous decade, the move to Bytes was, and continues to be, incredibly refreshing.
Bytes SP meet Britannia’s needs as they have provided us with a support offering that has meant upfront cost savings to the business and our members. Security Policy Manager Britannia
Support Analyst Arcadia Group Ltd
Bytes were able to design, configure and successfully implement a robust solution that now meets all of Mott MacDonald’s infrastructure management requirements. Bytes’ technical expertise is coupled with robust project management to ensure successful delivery within very tight timescales and within a fixed budget. Global Asset Manager Mott MacDonald
Bytes SP have enabled our in-house teams to effectively run security solutions for 9 years. They have found us the best technologies Europe wide for our business, educated our teams on making the most of these, and provided first class on-going support. European IT Manager, P & O Ferrymasters
The RFU have been in partnership with Bytes for the last 7 years. Bytes has been at the forefront of getting an understanding of how we work as business, how we can leverage costs and reduce expense. Head of IT Rugby Football Union
ICT Manager Bullock Construction Ltd
Customer satisfaction extends beyond purchase and Bytes have always been prompt and courteous whenever I’ve needed their help, even when it’s been an issue of my own making. Their services and support are beyond valuable. IT Services UH Bristol NHS Trust
We have used Bytes Document Solutions to help implement a Follow Me printing system. Very helpful enabling us to save paper, toner and the number of printer we have in the business.
Bytes have been exceptional in their approach to deliver outcomes. They translated our complex licensing requirements and turned them into business solutions and have now become a value and trusted partner going forward. Deputy Head of IT Tube Lines
Without the skills and professional approach displayed by the Bytes team, the minefield that is Oracle, could not have been negotiated by us alone. What Bytes promised was delivered and working with them as a team and partnership was a pleasure. Other organisations could learn much from the Bytes approach. I will always recommend Bytes to any of my colleagues and my wider network. Manager, IT Service Delivery Allianz Insurance Plc
www.bytes.co.uk | 81
awards
&
Key achievements
accred
A small selection of some of the awards we have
awards won recently:
A small selection of some of the awards we have won recently: • CRN Enterprise Reseller of the Year 2013 – Winner
• Microscope Aces, SME Reseller of the Year 2013 – Winner • Microscope Aces, Innovative Reseller of the Year 2013 - Winner
CRN Enterprise Reseller of the Year 2013 Winner
• UK IT Industry Awards 2013 – Highly Commended • Xerox - Solutions Partner of the Year 2013 - Winner - Production Partner of the Year 2013 - Winner - Systems Integration Partner of the Year 2013 - Winner Our vendor team is made up of a number of specialists who are dedicated to specific vendors and technology areas. Acting as an overlay to the sales teams, they ensure that our customers receive the best advice on the solutions available and negotiate hard with vendors in order to receive the most competitive cost.
Bytes are one of our most proactive and dynamic partners and work with us and our mutual clients to deliver very high levels of service. They have continually demonstrated a first class knowledge of the products and solutions to the clients with the customer’s business priorities at the forefront of their minds
Microscope Innovative Reseller of the Year 2013 Winner
UK IT Industry Awards 2013 Highly Commended
Security Partnerships has long been a key partner for Check Point, and the acquisition by Bytes Technology Group will further strengthen our relationship. The company adds real value in the solutions it delivers to customers, using Check Point technology to simplify complex security challenges. Terry Greer-King, UK Managing Director, Check Point
Jeremy Keefe, Director ERM Sales and Marketing UK, Citrix
Adam Thornton Vendor Solutions Director, Bytes
82 |
accreditations
itations
Xerox have been working with Bytes for 30 years. As our longest serving and largest partner across Europe and Africa they are always professional, dedicated and offer exceptional service, with customer satisfaction their number one priority. Mark Duffelen Director & General Manager, UK Channels Group, Xerox
Strategic Partnerships Platinum Partner
Platinum Partner
Gold Solution Advisor
Gold Certified Partner (Volume Licensing & SAM)
Gold Partner
Platinum Partner
Affiliate Elite Partner
Platinum Partner
Authorised Partner
Premier Partner
Platinum Partner
Premier Partner
Strong Relationships Enterprise Partner
Gold Partner
Gold Partner
Authorised Partner
Partner
Premier Partner
Premier Partner
Gold Partner
Silver Partner
Solution Provider
Partner
Registered Partner
Platinum Partner
Silver Partner
Silver Partner
VAR Partner
Silver Business Partner
Business Partner
Silver Partner
Authorised Partner
Certified Partner
Expert Solutions Provider
Gold Partner
Premier Partner
Business Partner
Platinum Partner
Approved Corporate Reseller
Gold Partner
Red Hat Ready
Gold Partner
Gold Partner
Gold Partner
Premier Partner
Gold Partner
Gold Partner
Gold Partner
Gold Partner
Silver Partner
Silver Partner
Gold Partner
Gold Partner
Accredited Partner
www.bytes.co.uk | 83