Microsoft System Center Essentials

Last week, I spent some time looking at Microsoft System Center Essentials in response to a client inquiry. For a quick over view, see the presentation above.

Overview

First, “SCE” is the abbreviation for System Center Essentials. SCE is Microsoft’s mid-market offering for IT management. They seem to pronounce it “ski,” drawing out the “i” a little bit.

While I didn’t get a chance to run it myself, if you’re primarily
concerned about managing Windows based IT for 500 devices or less, what I saw seemed impressive and up to snuff for my expectations of ease of use and setup (with an exception below). Your entry fee will be $2,000 unless you get a deal from Microsoft, and you need to keep in mind that the fancy provisioning only works with Windows-based machines, though you can deploy non-Microsoft software as long as the OS is Windows.

SCE is brand new and has only been out for a tad over a month. That said, according to Microsoft it’s been downloaded 22,000 times since May 1st, 2007 (you get a 90 day free evaluation).

I won’t get into what I’d call the Microsoft IT management philosophy and view of the world. But I’ve written that up several times while at MMS’s and TechEd’s, most recently at MMS 2007.

Mid-market Targeted

For you ESM types out there, the key thing is keeping in mind that SCE is for “mid-market needs.” As such, there’s not really any “enterprisey” IT management features — not even a bundled help desk like the small-market targeted Spiceworks. On the topic of a helpdesk: SCE has been out a scant few months: we can’t be asking for everything in a 1.0 version.

More importantly, there are hard limits on the number of machines that can be monitored by SCE: a maximum of 30 “servers,” 500 “clients,” and 50 “network devices.” Servers are Windows Server installs, while clients are other Window installs. Network devices are SNMP-enabled, well, devices. Also, those are the maximum limits, the $2,000 sticker price includes 10 servers and 50 clients.

All that said, when it comes to red light/green light monitoring and even event management, there seemed to be good coverage. More importantly when compared to other platforms, SCE offers many ways to actually “manage” your IT, for example re-starting services and performing other “actions” in response to IT failure.

Installing and Requirements

I didn’t get the chance to actually run it because it required either Windows Small Business Server or plain old Windows Server. Even if I had one of those, since I probably wouldn’t have an ActiveDirectory setup on my network, I wouldn’t been able to do much with it.

In comparison to other IT management platforms this up-front requirement is annoying, but par for course in Microsoft-land. The “oath”, if you will, from the Microsoft management folks is that Windows will always come first and be best managed by Microsoft. Little wonder, then, that the SCE requires what a Microsoft ideal IT setup: Windows Server, using ActiveDirectory to keep track of everything.

Assuming you have the right Windows, the claim is that you’ll be up and running in less than an hour. The installs Wizard has you enter some basic config and security info for getting to ActiveDirectory. SCE does auto-discovery (via ActiveDirectory, not sure about network scanning) and Management Packs (see below) come with default thresholds set so you’re monitoring for problems right away. Once discovery is done, you can go through some Wizards post install to setup provisioning (see below).

TechNet lists more detailed requirements.

Coverage

The first question I always have for IT management platforms is what their “coverage” is. That is, what’s the laundry list of things the platform monitors and manages?

In Microsoft IT management land, a unit of “stuff covered” is called a “Management Pack.” For example, you could have a “Windows Terminal Services Management Pack” that monitors the state of Terminal Services (can users access it? and fast enough?); contains “tasks” to help sys admins diagnose, fix, and/or restart Terminal Service instances in trouble; and, of course, reports to tell you the historic uptime and other info for Terminal Services.

You can think, as I do, of Management Packs as “plugins.” They’re the way Microsoft management platforms are extended, working with SCE and it’s big brother (or sister?), System Center Operations Manager (neé MOM).

SCE ships with several Management Packs out-of-the-box. These Management Packs are for many of the recent Windows versions, software like Exchange and ActiveDirectory, but also things like SharePoint, SQL Server, IIS, DPM, and CRM. See my attached mind map notes for a more detailed listing.

“Template” Management Packs

Additionally, there’s Management Packs for port pinging, SNMP network devices (with things like in/out packets), OLE DB monitoring, and a synthetic web transaction monitor. SCE calls these “templates” and they’re custom built in the authoring section of the GUI.

This last batch of Management Packs are presented to the user in the Authoring section of SCE where they, essentially, build custom management packs naming, versioning, and describing them. Not having played around with the product myself, I’m not quite sure why this last batch are given their own section to build “custom Management Packs” instead of just being settings (like the port number to check) on a “generic Management Pack.” For a user, it doesn’t really matter: it’s just an IT management dork curiosity.

Worth noting is the web transaction monitor, which lets you “train” a path in a web applications (buying a book, logging in, etc.). SCE then runs that transaction, alerting when something goes wrong. Having worked on web transaction monitors in the past, the only thing to watch out for here is highly custom of “weird” web pages. In general, SCE or non-SCE, with web transaction monitors, the more non-standard your HTML, JavaScript, & co. use is, the higher the chance you won’t be able to train a web page.

Additional Management Packs

If you don’t like the out-of-the-box coverage, you can get Management Packs. There’s actually quite a lot of Management Packs available from Microsoft and third-parties. My understanding is that SCE will work with any Management Pack from MOM 2005 and up, so you’ve got the 2005 series and
the “2007” series, totaling 243 Management Packs at my last count. The Microsoft Management Packs are free, while the 3rd party ones usually cost.

Provisioning

As Microsoft sees it — and Ovum has backed up for them — the primary thing people are concerned about in SCE’s market is provisioning software: installing it and applying updates. Monitoring and managing IT is a close second, but the real opportunity for SCE is nailing provisioning.

Provisioning here means installing software on a machine remotely and automatically: instead of visiting 100 machines to install office, you could tell SCE to do it for you, saving the need for “the install intern.”

SCE divides provisioning into installing the software (under the Software tab) and updating that software (under the Updates) tab. There’s a configurable work-flow for installing and updating to certain groups of machines at scheduled times and, of course, a window to check on the installs and updates. Also, there’re reports for checking update compliance. That is, “these machines need to be updated” and (I believe) “these machines have non-compliant software on them.”

From what I saw, the provisioning functionality did look useful. I’m sure the idea of being able to install across 100’s of client machines instead of visiting each is appealing. More importantly for heterogeneousness (in Windows-land at least) you can install anything that has an msi or exe.

Asset Management

Closely related, if not just a different face of, provisioning is asset management. For an IT management platform, asset management means simply cataloging the hardware and software on the network. With reports, then, you can do things as mentioned above such as find non-compliant assets (usually software downloaded by users instead of installed by IT staff).

From what I can tell, SCE primarily draws it’s asset discovery (automatically finding all of your IT assets) through ActiveDirectory and the add/remote programs registry in Windows. I assume with SNMP it can discover and catalog network devices, but you quickly get into a gray area when it comes to non-Windows based IT. Again, this may not be a problem if you’re an all Windows shop (or just care about managing Windows). Also, I’m not sure of the effect that 3rd party Management Packs have on asset discovery.

Interface

SCE’s interface is a GUI done in the System Center Outlook-influenced style:

In summary, each section does:

• Computers – navigate a tree of assets (computers, network devices, web transactions, etc.), see details, run tasks, and cross launch in context related stuff.
• Monitoring – view alerts, execute tasks, drill down on parameters.
• Updates – get, approve, and schedule patches from Microsoft & others.
• Software – deploy new software, e.g., Office.
• Reporting
• Administration – keep track of and install Management Packs and setup other “config” stuff.
• Authoring – build from “templates” as described above.

The distinction between “Computers” and “Monitoring” seems to be the way the data is arranged:

The Computers view displays the usual tree based view of computers, network devices, and others where you can drill down into each down to the level of parameters, seeing detail screens for each device. There’s also a network topology view.

(See also this sceeenshot.)

The Monitoring section “begins” with the type of monitoring concept you’re looking at (like alerts or “servers”) and then shows you the exact devices relevant to those types. So, you might select “Clients” and then drill down to relevant alerts and other grouped state (like storage) for each Windows-based client machine.

Pricing

As mentioned above, the pricing is $2,000. This gets you a baseline of monitoring 10 servers, 50 clients, and network devices (I believe these are free and count against clients re: maxing out the limits). You can, of course, buy licenses (perpetual instead of yearly subscriptions, if I understand correctly) for more: $100 per server and $20 for each client (in batches of 5). More than likely, you can swing a volume discount. And, this is all sticker price of course.

The distinction between client and server is a little weird to me. But, it’s probably based on the amount of support needed to give servers where there’s more stuff going on than clients. That said, I think a more simplified scheme would be helpful. If anything, it’d help Microsoft get around people using “client” boxes as “server” boxes, which I’ve certainly done myself and seen other do: Microsoft software is usually the only software that cares what type (Server or Client) the OS is, so you can run most non-Microsoft software that you’d call a “server” on Client machines.

As a comparison, check out my post of Systems Management 2.0 pricing from this March.

In the (near) future, SCE will ship for “free” with Windows SMB Server and another Windows Server version (didn’t catch the name of it, “Cougar,” the “2008” version of Windows SMB). Also of note is that scaling up beyond 200 devices requires you to upgrade the bundled SQL Server Express to SQL Server (you’re supposed to get a discount). As mentioned at the top, there’s a 90 day free evaluation.

And, check out the SCE buying page for the original details.

Odds & Ends

• Currently, there’s no way to integrate with 3rd party applications. For example, sending out SNMP traps/notifications is often a way to integrate events with other platforms and reporting tools. Since SCE is backed by SQL Server, you could conceivably data-mine from the DB, but I don’t get the feeling that that’s officially supported.
• SCE sends out notifications to the standard set of devices: pagers, SMS, and email.
• Part of Microsoft’s overall IT management philosophy is to include (expert) “Knowledge” with each Management Pack. This “knowledge” assists you in diagnosing and fixing problems. In the best case, the knowledge will have embedded “tasks” to actually execute some of that advice. Users can add knowledge when authoring Management Packs as well.
• There are screencasts embedded in the help for the product, a smart move I don’t see many people getting hip to.
• According to the SCE wiki, SCE stores only 4 40 days of historic data.
• Microsoft is quite “hip” when it comes to documenting SCE on the public web: there’s a wiki, screencasts, and an SCE team blog (and another blog by “Casey, a Program Manager at Microsoft”). And while I couldn’t play the recorded screencast/preso (due to it being in WMV or EXE, why not something more standard like MP3 or at least Flash?), the overview webcast on SCE was quite informative.
• You can use SCE along with System Center Remote Operations Manager do branch, MSP, or “remote” monitoring over the Internet. Ops Mgr acts as a central hub, you deploy SCE instances behind fire-walls, do some VPN rigging, and then from that central Ops Mgr install you can manage the remote networks. There’s, of course, more details available and a whole blog! Update: Microsoft’s Robb Mapp adds: “This is purely a MSP play under SPLA and not designed for branch management, Essentials is a single server solution.”

My Take

Not having run SCE myself, my sense is that if you’re a shop with under 500 devices to manage and you’re really just concerned with Microsoft based devices (along with generic-ish network devices), SCE is worth checking out. It does, of course, cost money, starting at $2,000, but it’s quite feature packed for an “entry level” management platform.

The primary thing it’s missing is a service desk. While that may seem like an enterprisey thing, Spiceworks has shown that even a very simple service desk is extremely helpful for admins. Microsoft has a general service desk in development, and perhaps we’ll see an Essentials version.

The 4 day limit on historic data seems less than ideal as well.

And, of course, having to care about know about the middle-ware and OS running your IT management platform is annoying. The System Center line has a heritage of the “back end” stuff like databases leaking to the top. That might be more of a Microsoft culture than anything else, but I prefer self contained and tightly sealed platforms: part of what you’re paying for is not having to worry about what database you’re running or which OS you’re on.

The reliance on ActiveDirectory is another ding, though related to SCE’s over-all Windowsness. I’ve long been a bit suspicious of the advisability of this “Windows first” approach that System Center takes, and this is a symptom of it. IT management isn’t about brand building and allegiance, it’s about taking care of all the muck and mess that goes on behind the scenes. To me, any limitation of what can be managed and how it can be managed is a big negative for an IT management platform, no matter which market is targeted.

That said, the idea is that Management Packs from Microsoft or third parties can take care of that heterogeneity. Indeed, the use of Management Packs is a nice part of SCE. IT management platforms out-side of the enterprise are often not very extensible via “plugins,” so it’s great that SCE uses Management Packs: and just special SCE ones, but any post MOM-2005 one.

Looking forward, what I’d like to see is SCE getting more involved in both deploying as and managing SaaS:

• IT Management for SaaS – Due to the good enough nature of SaaS now-a-days (whether true or just perception) and the cheap pricing, I see the mid-market as using SaaS as lot more than the enterprise market. Thus, the IT department will be expected to take care of those SaaS services just as they would any IT service. The web transactions are a nice start, but it’d be great to see things like “SalesForce” and “GMail/GDocs” Management Packs. Simply keeping reports for uptime on those would be helpful.
• IT management as SaaS – I’m of course a nut for using SaaS to deliver IT management and I think the install/deployment options along with handing off scaling hassle to Microsoft would be appealing to SCE customers. (Recently shut-down Klir is in the area, so there’s a freshly available talent pool ;&gt)

Along those SaaS lines, I suspect some integration with AssetMetrix would be helpful; that sort of “connected service” could also be an entry into collaborative IT management which more and more vendors are talking about.

Below are my notes and a little presentation on the topic:

Update: I made some edits today to correct the 4->40 days worth of historic data, fill in “Cougar” as the other server SCE will ship with, and add in a note about the availability for Remote Ops Mgr. Thanks Rene and Robb Mapp for the corrections/updates.

Disclaimer: Microsoft is a client, as is Spiceworks.

Technorati Tags: essentials, itmanagement, microsoft, mindmaps, sce, smb, systemcenter