Interview: Selecting a Tool for Automating SAM across 20K Desktops
I recently had the pleasure of chatting with a Virtual User Group member who is in the process of selecting a SAM tool.
What advice would you offer this organization based on our conversation? Please add your feedback to the comments below.
~
Q. Could you explain your current situation? Why the current interest in SAM Tools?
Our company has just been acquired by another company. After reviewing our operations the company that acquired us decided that they like the way we do SAM.
They like the way we operate, we have centralized SAM, we’re locked down, we distribute software in a managed way, we control our licenses and control our costs. There are two of us doing SAM for a 4,000 seat estate manually.
The trouble is that our SAM practice is not currently scalable. We have SAM under control but it is completely manual, if we are to scale our SAM operation to incorporate our new parent company and subsidiaries we have to automate.
The new parent company is fairly good at software distribution, but the issue is they don’t claw anything back once it’s distributed. There are twenty subsidiaries within our new company, so our current challenge is to go to each one of these entities and find out what they have. We’re in the market for a good discovery tool. We then need to find out what proof of entitlement they have so we’re also in the market for a good record keeping tool. From this baseline, we then need to novate and renegotiate contracts as we move forward, identify overlaps and efficiencies.
So our current task is to automate our current SAM operation – and then scale it across the 20 operating units.
So what is in place at the moment? You mention that it is a manual process – Is it a matter of crunching Excel sheets or do you have any form of technology in place?
We used to have a database via MainControl (*) which came through our infrastructure company but were forced to convert this into a spreadsheet when the contract expired. Our license management repository is manually recorded in a system called Microsoft OneNote. This is a free form database of license information which we use with templates. Over time it has developed into our software licensing bible. It includes who we buy from, how it is deployed, where we store it, what the contract terms are etc. It is very much a manual system but it works.
We don’t meter our software. The SAM policies and procedures are nailed down. My boss says ‘You’ve got the foundation there already – don’t go changing things’.
(*) NB: MainControl – bought by MRO, who were subsequently bought by IBM in 2006.
For OneNote – Why fix it? It if it working for you and it’s well honed – why not leave it alone?
Because we won’t be able to scale it up when we become 20,000 desktops! I don’t plan to change OneNote, I find it too useful, but the issue I have with it is that I am not able to share the information stored within it with the rest of the business.
We don’t want to duplicate effort every time we buy software by logging something with OneNote, then letting the deployment guys know, then letting the help desk know, then updating our license spreadsheet – we want one central system that people can access.
My fear is that there might not be something out there and I might be asking too much on my wish list!
So you have mentioned looking for a good discovery tool, a SAM record keeping tool and something to manage software going forward. Of those three components – is there anything in house that you can use for this?
We’ve got SCCM for deployment, everything is scripted and I’m confident we have deployment covered. Altiris is used in the new company which bought us and will likely be replaced by SCCM as the tool of choice. We also discovered some legacy Express Metrix licenses in the new company, which may be reinstated to current rather than parked up, and may be the basis of a license management tool, but we haven’t done too much work on what this can provide for us yet.
You’ve mentioned a few technologies so far – who else have you seen? what technologies have you been impressed with?
We’ve had all the selling, as soon as you contact a company, you get their product rammed down your throat.
We were quite impressed with Tivoli (BigFix as was). I wasn’t so impressed by the reporting side but from a discovery perspective they seem to be quite impressive. That is until they sent the quote – which blew me out of the water!
We’ve had a couple of demonstrations from Snow Software, but I’ve never been its convinced that its the tool for us. Snow are very hard on the sales front, nearly as pushy as the Tivoli rep.
Are you doing this all via a LAR? (*)
Snow Software came to us via a LAR – and this is one of the issues I had with it. It was almost too close a relationship and the LAR was pushing the sale of Snow like it was the end of the world. The LAR also did not offer us anything else to compare it with. It felt like it was kerching for them but not necessarily good for us.
Through our infrastructure provider we’re looking to appoint a new LAR, and through that negotiation ask them what tools they will be able to provide to enable SAM. We’ll use this as leverage when changing LAR. I’m not sure that this is the best approach to take but it’s definitely a cost effective one.
(*) Microsoft Large Account Reseller.
So you’re saying the LAR would throw in a tool as part of the deal?
Thats what being mooted as a possibility. We’ll try to use the change in LAR as a way to generate an aggressive discount on a SAM tool.We also tried to get the Asset Intelligence part of SCCM to work as part of our automated discovery trials but failed dismally. We found it a nightmare trying to get it to work. This was on the recommendation of our Microsoft Rep, but I guess he has no other choice than to recommend Microsoft. After SCCM failed we bought a cheap and cheerful tool called Lansweeper to help with our discovery on a more automated basis.
How are you going to select a SAM Tool?
I find it difficult going on the internet and coming back with a meaningful list of 4 or 5 tools to review. I get bogged down with everyone saying try this one or try that one and get bogged down with all the dross.What we intend to do is draw up a shortlist and then give each company a sample set of data and see what they come up with.Part of it will be dependent on price too. SAM is always sold as a return on investment but in the short term it’s spend, spend, spend!
You have to factor in the tools, the people and it is difficult to come up with a solid justification.
What advice would you offer this organization based on our conversation? Please add your feedback to the comments below.
- Tags: discovery tools · microsoft onenote · SAM · SAM Tools · Software Licensing
About Martin Thompson
Martin is also the founder of ITAM Forum, a not-for-profit trade body for the ITAM industry created to raise the profile of the profession and bring an organisational certification to market. On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.
Prior to founding the ITAM Review in 2008 Martin worked for Centennial Software (Ivanti), Silicon Graphics, CA Technologies and Computer 2000 (Tech Data).
When not working, Martin likes to Ski, Hike, Motorbike and spend time with his young family.
Connect with Martin on LinkedIn.
It is worth having a look to see if other SAM tool licenses exist within other subsidiaries in addition to those mentioned – even if you have no intention of using them. These could be key to your negotiation. Many vendors offer a ‘competitive upgrade’ whereby they might offer, say 25%, of the cost of the tool because it is a swap-out. More aggressive vendors might offer a SAM tool across all the subsidiaries for the cost of the maintenance alone because they so keen to displace their competitors.
Also think about the future and what might happen 18 months down the line. You are at a strong point of leverage – you could try asking for additional licenses, say 25K licenses instead of 20K to future-proof your installation. They can only say no!
Perhaps more importantly – use your negotiation to ask for help with professional services and ongoing maintenance. As I’m sure you are aware from your previous experiences, SAM tools are not like a firewall that you plugin and forget about. They need resource to implement and maintain. Perhaps ask for some health checks, help with data cleansing or license true ups as part of the deal. These resources will be very valuable down the line compared to a few pennies here and there on the price of a SAM tool license.
I’m not anti-LAR at all, they have some great expertise and resources to share with you. But (with fear of stating the bleeding obvious) make sure you go into any agreement with a LAR with your eyes wide open (see Profit motives article below). Specifically, what happens if you move to another LAR, who is doing what? who owns the licenses, who is responsible for ongoing maintenance etc.
See https://marketplace.itassetmanagement.net/2009/02/05/article-profit-motives-in-software-asset-management/
Your approach on tool selection is a great one – based on proof. Make sure you understand what they have done to massage the raw output to gain the results they have.
For your size organization also make sure reporting can automatically reflect your organizational structure without loads of excel crunching. Your subsidiary in Chicago might not want to see the assets for the subsidiary in New York.
With multiple costs centres it is also useful to have a dual view of compliance. A few tools offer this. This is whereby you can view your compliance position internally, ‘Paris is compliant, London is not’, or an external view; ‘we are compliant for Adobe’. Similarly some tools have the ability to auto-allocate license pools based on conditions and update cost centres accordingly (we were under licensed in New York so we pulled down surplus licenses from Chicago).
Good luck – let me know how you get on.
Before selecting ANY tool I’d suggest that the criteria for the SAM programme and the complexity of the environment be understood.
SAM criteria generally relate to reducing cost (do not overspend, re-use licenses where possible) and reducing risk (ensure compliance so that in the event of a vendor audit unbudgeted expenditure doesn’t happen).
To achieve these goals you need to understand where you spend most money. For most companies, over 70% of software spend is on server software from IBM, Oracle, Microsoft, etc (as opposed to desktop spend).
In a company with 20,000 desktops, there are likely to be 2,000+ servers…
If you spend most money on servers, and get reviewed for compliance by server technology vendors – focus on the server area. This in turn will focus your tools.
You will need to select inventory tools which can provide the type of data you need to handle IBM, Oracle, etc. and a contract management system and license management systems which can handle the complexity of the contracts and concepts you need to balance.
Regards,
JK
I can empathize with the comments on how the existing LAR was pushing a preferred SAM tool so much that it turned them away. It’s commonplace for any enterprise of that size to look at three solutions regardless of what the LAR’s offering may be.
To their advantage, they’ll save a lot of time in choosing a proper solution. SAM in any capacity using Microsoft is not practical and automated enough. As an inventory and discovery baseline, there are many critical data points left out when you rely on SCCM.
Next, I agree that a concise list of key objectives, reporting scenarios and success factors should be lined up and provided to the vendors. In short, these requirements should address discovery and inventory depth, product architecture, 3rd party import-export abilities, methods of data and usage collection, flexibility and general characteristics of basic and advanced reporting capabilities, pricing and most importantly consulting framework. The largest vendors in this area will offer solutions that require a heavy amount of consulting to get the solution running as desired, so don’t overlook this important area, framing out what it takes to get from “out-of-the-box” to “deployed-and-well-oiled”. In contrast, the authentic SAM solution providers will have tools that more quickly adapt to a 20k seat enterprise customer.
Beware of the “Sucker-Punch” Audit:
Perhaps the most important point of advice I would give, is to avoid inviting solution providers who are actively auditing their customers for software compliance. These are typically the large sw-hw vendors offering IT hardware, datacenter & desktop software solutions, IT Lifecycle Management and now recently…a SAM solution. I am talking about the bigger name vendors who offer all of those things. It is probable, that once they find out you’re interested in acquiring new SAM solution you’ll be on their watch list. If your final decision leads to them loosing the award, it’s also very likely that you’ll be audited within the next 6 months. Why come back to audit you? Because they can. Approach the “authentic” and trustworthy ITAM/SAM solution providers and you’ll end up with a safe and level playing field.
You definitely need to go back to basics and really understand your requirements.
You need to do a thorough requirements analysis. If you don’t have the skills in house, then you may want to invest in some consultancy. You may be surprised what skills you have in house – talk to one of your business analysts to get started.
Bear in mind that when you have 20K seats you will probably want to consider leveraging IT Service Management activities such as patch management and build management, software deployment etc which use closely related technologies. Patch management and software deployment are much easier when your hardware inventory is accurate, while SAM really benefits from knowing the detail of what was deployed when and where to ensure compliance.
Don’t expect a tool to do everything you need it to do, particularly license management. I would suggest that an organisation your size needs a solid ‘device management tool’ to do discovery, patch management, build management and software deployment. You then put in a specialist license management tool on top, preferably linked to your ERP system so you can link machines to people and see at glance what software was purchased when. Later on, you can start building up the business case for a metering tool to allow you to reuse desktop licenses more effectively.
On the server side, you may find that you need another tool again. A standard discovery tool doesn’t cut the mustard for servers, as Jason mentions.
But the tools you need are already likely to in the organisation, or there are other folk out there who would love to deploy them so they can use them too. Your configuration / change management / infrastructure managers need to know what is installed, where and how it is used so they can keep things running, and this is exactly the information you need to manage your licenses, so there are almost certainly synergies there!
Once you understand your requirements, you need to do a ‘Request for Proposal’ (RFP), which is basically a tender document. The RFP gurus are based in your procurement department – not the people who manage the day to day transactions, but the people who negotiate agreements with your major vendors. If you locate a person who negotiates with Microsoft, Oracle or IBM that’s a good start!
Your procurement specialist will help you identify a list of potential vendors. They will probably talk to one of the big IT Consultancies as a start eg Gartner or Forrester. I would suggest sending it to perhaps 5 or 6 tool vendors, and then when you get the proposals back, shortlist two or three to bring them in for a discussion. Then you will go through a process of refining your requirements, deciding what you actually want to purchase (one or more tools), how you will deploy them etc.
Then you narrow it down to one vendor, you negotiate the deal, and then implement, which is when the fun really starts!
So, that’s the process, here are my tips:
1. You can’t do this alone, but there WILL be specialists in your organisation who can help you. Find them!!
2. This is massive. Where is your funding coming from? I suspect you need to put together a formal project, particularly because choosing a tool is the easy part. Implementing a tool, and getting the organisation to change so it uses it properly is the hard part, and where most companies fail (and then they blame the tool, they decide the need another one and the whole sorry process starts again).
3. Don’t try to do it at once. When you are setting up the project, one of the things that will be decided is the scope. It is perfectly OK to decide you’re just going to focus on desktops, as long as everyone is aware that servers need managing too, and should probably be another project!
4.If you can’t pull everyone together eg patch management, build management, software deployment, config management etc, then give up and focus on a SAM cheap and cheerful SAM solution. There are plenty out there, as you know. But all the steps I outlined above still apply, even though the whole project will be smaller.Give yourself a time frame eg 3 months, to try and understand the big picture and gauge the appetite for change. If you reach the deadline, then at least you can console yourself and say ‘at least I tried’, have demonstrated to management that you’re not silo’d, and probably made some useful contacts along the way!
I hope this is helpful. Happy to discuss your more particular issues on the VUG, if you want.
I agree with Kylie about the Tender process, but I would add another step before you get into the negotiating.
Narrow it down to a shortlist, and then request an evaluation from each of your shortlisted candidates to allow you to see how the tools would work within your organisation. I would imagine the tool providers would be willing to give you more than the bog standard “25 user license” to try out. You are looking at big numbers in terms of your investment in these tools, so the tool providers should be willing to come to the party to show you how their tool would work on the scale that you are operating within. In fact, you could even detail within your RFP that it’s a requirement for you to be able to properly evaluate a tool within your own environment.
The reality is that lots of tools look glossy and fancy and wonderful when they are being shown to you in a sales demo – the data is perfect, the reports come out exactly as expected etc etc. You really need to see how it works in your own organisation – especially when you are talking the type of numbers you are.
Hope this helps! 🙂
Hi
Just wanted to add an update to the original article. Thank you to those who posted, and the advice was well received and much appreciated. Best part of 9 months later, having employed an outsourced management company to plan the SAM Solution, scope our requirements and deliverables, and work through implementation, we’ve now chosen (snip) XXXX (/snip) as our solution for the automated toolset for licence management.
Guess we should have taken the LAR advice after all! But the knowledge we have gained along the way about our current processes, procedures and business requirements as part of our project plus what we want as output from the SAM Solution has been invaluable and essential to the final success of this project.
The work involved in understanding the requirements of our new business was actually far greater than I had anticipated, but by putting into chunks made it easier to deal with. All our paperwork has been written to the ISO standards, so hopefully we have a best practice solution and the toolset will back this up. However, as Kylie says, the actual getting to this point is the “easy” part, adoption of the SAM methodology within the new company is going to be a change of mind set within the users and organisation and won’t be quite so straightforward.
Once we’d narrowed down the available toolsets as our criteria, we further evaluated five, and then did a proof of concept in house with a shortlist of two companies using our data, and retained a licence for a further week to work with the software to ensure we’d captured all the requirements on our list and could proceed with a business case. Although this was done quickly, the corridors of business are sometimes slow, so the approval process took some months.
However, putting that frustration aside, we’re now just at the point of installation, so look forward to the next chapter of the SAM Solution, though this topic has now reached a satisfactory conclusion.
Regards
Stella