Recently AppSense released the latest iteration of their management suite of tools. it is now at version 8, the suite has come a long way in those intervening years, growing from a single application to a very functional Server Based computing and Desktop management product.
This post concerns Environment Manager 8.0
The idea behind AppSense Environment Manager is relatively simple and that is that the majority of issues caused on User Desktops can be directly attributed to profile issues. In a virtualised desktop environment, the user environment management represents a fundamental change in the way the corporate desktop are constructed, delivered and managed.
Traditionally Corporate IT department utilised Roaming Profiles, however in these days of multiple End-user devices the limitations of this type of profile has become apparent, for example, last save wins, and profile conflicts, Bloating. Environment Manager addresses these issues by decoupling the user from the machine and independently managing and applying the User personality to a computer or device as required. This is done without scripting, GPO’s or Profiles.
AppSense have two flavours of EM: EM for Virtual Desktop and EM for Terminal Services. for the purposes of this post I will treat them as one as in reality the difference it licensing, the feature set is the same.
We already know that Desktop virtualisation enables hosting of individual desktops inside virtual machines running in data centres. Our users access their desktops remotely from a PC or a thin client. By running desktops within a data centre, companies have central control of their operating systems and application sets.
Thereby enabling administrators to enforce policy, define personalisation settings and manage user profile data across thousands of virtual desktops, it can be seen that a successful desktop virtualisation program reduces the high cost of ownership and security risks of physical PCs, enables a tangible reduction in desktop management through a standardisation and optimisation of the storage and infrastructure required.
However these benefits can only be realised if the end-user accepts their environment – users will accept nothing less than the physical PC experience they have been used to.
This is where EM comes in, as already alluded to the user component of a desktop is decoupled from the operating system and applications, managed independently and applied into a desktop as needed without scripting, group policies or use of cumbersome user profiles, this is regardless of how the desktop is being delivered, Blade PC, Virtualised Desktop or Physical Device.
It is this application of user personality which enables a pooled or standardised desktop to be tailored and personalised to each and every individual user, further this ensures optimal quality of service due to not having unwieldy Roaming profiles. and as a result of this user adoption and satisfaction is increased as User logon times are reduced and profile stability is increased, the final benefit is a reduction of IT administration costs, and more hair for your admins. 😀
So what is “User Personality”
AppSense dub the resulting partitioned environment “User personality” this is a combination of corporate policy and user personalisation; this is effectively User profiles on steroids or a Hybrid Profile, the concept of a Hybrid profile will be discussed later.
User personality is separated into two components; Policy and Personalisation.
Policy this is used to set up and maintain a user desktop session. it is concerned with compliance to corporate standards by controlling application access, locking down or removing unnecessary operating system components and or application functions, Policy can even self heal essential files, folders, processes, services and registry settings.
This is a combination of a Mandatory profile (I affectionately call mine Mandy) and a set of actions that occur as a result of certain contitions, triggers or Actions.
Personalisation is obviously any chanage to the norm. and constitutes any changes users make to their desktop. traditionally, user profile changes are stored in roaming or local profiles which were often subject to bloating size increases which in turn lead to profile corruption and slow logon times. By utilising environment manager only the changes are stored not the whole profile.
Now we know What is is, What can it Do for me?
For any software to be useful it has to solve a business need. EM solves serveral needs, the issue of Profile Bloat, Logon Speeds and profile stability. further it give the following benefits.
User Profile Migration – with EM You can quickly and easily migrate user profile data between desktops. a user can be migrated from PC or server based computing environment to virtual desktop and visa-versa without having to re-create any personalisation settings. Profile data can also be migrated between operating systems (Windows Based only) and application versions rapidly decreaseing desktop upgrade project timescales.
Personalisation Streaming -EM only sends the infomation the is needed to fulfil the users needs at the point in time it effectively streams portions of the user profile in response to user actions. Policy and personalisation can be applied to the environment as applications and operating system features are used for example, app A requries a mapped drive this will be attached and detached on application startup and shutdown.
A ‘virtual personalisation cache’ is located within the logged on user session that stores changes to an existing profile. These changes are saved locally during the session and synchronised to the central store at application shut down or session logoff. This means the any application personalisation settings can then be shared across open concurrent sessions, independent of application delivery mechanism.
Application-Level Personalisation – Personalisation settings are also capable of being managed and streamed at the application level, again reducing profile size and enabling the independent management of user profile data on a per application basis. this means that applications can now be upgraded or swapped out with no impact to the user experience as the application profile data is stored withing the personalisation database.
Personalisation Rollback – Now this one is a killer capability, One of the most common and time consuming tasks for first line IT support is resolving profile related support cases. When a corruption of a users profile occurs, the user is unable to work effectively and will often complain that ‘it worked yesterday’. Incorrect, damaged or corrupt profiles are typically dealt with by resetting the profile back to default and having the user rebuild their personalisation settings from scratch, not a effective way of dealing with the issue, This often results in an upset user or worse the posibility of a loss of data . Reduced support costs and time to repair damaged profiles can be realised by taking scheduled snapshots of the profile.this means that a profile can be rolled back to “yesterday” and if required, the ‘rolling back’ can even be done on a per application basis.
Offline Mode – OK but what about your Road Warriors, well both policy and personalisation data is accessible to the user in a disconnected state. For example, if a user accesses their desktop and applications via server based computing or a virtual desktop when connected, at work, but uses a notebook when travelling, all desktop and application level personalisation settings will available locally when the user is off-line (assuming that the Correct agents have been installed and a sync has been done). The user now has a fully portable personality, which is re-synchronised with the latest settings when the user comes back online.
Personalisation Analysis -A rich and interactive set of reports and graphs provides visibility into personalisation activity across the server based computing and virtual desktop environment. Based on an individual user, group or application, personalisation analysis can identify trends in profile use and potential bottlenecks, enabling extraneous data to be omitted from the user profile where necessary
Self Healing – this is the ability to automatically self heal files, registry items, services and processes, in real-time, to prevent user introduced changes or actions from compromising system integrity.
Triggers, Conditions and Actions – Define events that are used to implement business policies. Actions can be triggered to apply under different scenarios including startup, shutdown, logon, logoff, process start, process stop. Additionally, conditions can be applied which enable actions to be executed based on who, where from or how a user is connecting to the endpoint or application. Conditions include Directory Membership, User, Computer, Session and Client based rules. Actions resulting from these triggers and conditions include file, folder, registry, ADM, drive and printer mappings. By easily manipulating these triggers, conditions and actions an administrator can quickly implement business policies which can be shared and utilised across operating system boundaries and different application delivery mechanisms.
How does it work?
There are several components here,
Management Console – The Management Console provides an interface to the Management Server and the other components of the Management Centre allowing you to control deployment groups, users, event data and alerts, configurations and packages, registered computers and reports.
Management Server – The Management Server manages communications with a Microsoft SQL Server database for data access and storage, providing security control, communications for managing network discovery services and software deployment to managed computers, resource management and enterprise auditing.
Database – The Management Centre relies on the availability on the network of a Microsoft SQL Server for the storage and retrieval of AppSense software agents, configuration packages, license packages, and event and alert data.
The Microsoft SQL Server database is administered by the Management Server and can be installed locally on the Management Centre host computer or on a separate computer.
CCA on Managed Computers – The Client Communications Agent (CCA) is installed on managed computers to manage communications between the product agents and the AppSense Management Centre. The CCA can be deployed using the CCA Deployment Tool, by downloading and installing the Agent on the managed computer from the Management Server website or using your third-party deployment mechanism.
Console – The console is an administrative tool to create and manage configurations. The Agent resides on the controlled computers and can receive configurations from the AppSense Management Centre or third-party deployment system to manage the machine and user environment. The console also provides a live connection to the Personalisation database.
Personalisation Server – The Personalisation Server runs as a website, using IIS on either Windows Server 2003 or Windows Server 2008. Client machines connect through HTTP/HTTPS handlers, and the console uses WCF Services.
The Personalisation Server acts as a broker between the client and database, providing a secure channel to read and write the Personalisation data. It is designed to support thousands of users simultaneously and multiple Personalisation Servers can be configured in parallel to use a single database.
Policy Configuration – Policy Configuration enables the administrator to configure both default and enforced corporate policies that can be applied to either the computer or user under a number of different scenarios.
A three-tier architecture is utilised consisting of the following basic components:
Tier 1 – Environment Manager Agent – Installed on each managed endpoint, responsible for ensuring user Personalisation data is saved and restored on demand and also ensures policy configuration settings are applied when required.
Tier 2 – Personalisation Server – An IIS web server is responsible for synchronising user Personalisation settings between the SQL database and the Environment Manager Agent when the user logs on or off or when an application is started or stopped.
Tier 3 – SQL Database – Holds information related to Personalisation sites and servers, users and groups, applications, endpoint configuration data and user Personalisation data
Here is a link to a very good video about EM it is version 7 and it does go on about XenDesktop 😉 well you cant have it all.
I hope that this has been a reasonable introduction to EM. I appreciate it is just showing its benefits and to some may appear like a commercial. However, there are truly, very few down sides of the product. with their new licensing structure, it is cheaper and is also easier to implement than Res, Version 8 is a quantum leap in terms of usability, it is a lot more flexible than any of the previous versions. it is a ronseal product – it does what it says on the tin.