Category Archives: Use Case

How Can IT Teams Catch Incompatibilities Before Systems Are at Risk?

Millions of PCs currently running Windows 10 will lose feature support in 2018 due to incompatible drivers according to ZDNet. The issue affects systems with certain Intel Atom Clover Trail processors that were designed to run Windows 8 or 8.1, but were offered free OS upgrades as part of Microsoft’s Windows 10 push. The support loss is due to incompatibility with the Windows 10 Creators Update and the devices in question will not receive further Windows 10 updates from Microsoft as of the time of this writing. [Update: As reported by The Verge, Microsoft has said that the devices will continue to receive security patches through 2023, but will not be included in feature updates.]

The affected PCs are consumer-level devices and enterprises are therefore unlikely to be impacted by this loss. However, there is no guarantee that other devices won’t lose support due to similar circumstances in the future. The ZDNet article cites Microsoft’s device support policy for Windows 10 that contains a footnote stating, in part, “Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacking current drivers, or otherwise outside of the Original Equipment Manufacturer’s (‘OEM’) support period.”

Determining the hardware specifications of a system is easy on the individual level, but how can companies ensure that their employees aren’t at risk of continuing to run unsupported hardware now or with future Windows 10 updates?

A workspace analytics solution, such as Lakeside Software’s SysTrack, collects and analyzes data about systems and user behavior that fast-tracks the discovery process. With this functionality, IT can easily answer questions such as whether any of the unsupported Intel Atom processors are running on their Windows 10 systems.

SysTrack view of Intel processors on different systems in an environment

As we’ve seen with recent ransomware outbreaks, running an unsupported version of an OS puts systems at greater risk of attack. Upgrading incompatible hardware in your environment before it loses support will likely be a critical part of Windows 10 management strategies moving forward.

Assess Your Environment’s Compatibility with Windows 10

Using SysTrack to Resolve User Issues with SaaS

Cloud services have fundamentally shifted the landscape for the average consumer of IT resources, and too often this leaves the support organization stuck as the discoverer of the root cause of issues that span the endpoint, the network, and the supporting service providers. Our own organization is in a similar situation, having adopted Office 365 services for all users. However, because we’re consumers of our own dog food (figuratively—I only have a guinea pig), we’ve got the ability to pinpoint the real source of user-impacting problems. As an example, we recently had a user experience trouble with making and receiving calls with Skype for Business.

Our investigation starts at the point of interaction for the user. In Resolve, we’ve got the ability to look up the user in question and immediately start reviewing the context surrounding their performance issue.

The RAG analysis provided in the overview indicates a handful of issues, but nothing directly related to Skype performance on the client itself. Further, there’s nothing impacting the network for the user or their NIC. That means we need to dig in a little deeper. This leads us to the Black Box area, which allows us to focus on the particulars of what was happening when the user had their issue.

Selecting the time interval where they first started having an issue we notice something interesting: the Skype for Business app (lync.exe) shows essentially no network traffic. Kind of a curious turn of events, and it’s something we wanted to investigate further. Luckily, we’ve been doing some internal auditing work with service status reporting from Office 365.

Here we find the cause: A/V components of Skype for Business were degraded for that user in the time interval where he was having the problem. A little bit of patience and some conversations with the Skype Online team had the service back up and running shortly. In fact, you can see the normal call traffic resume in the Black Box record above, and there you have it.

With SysTrack, we could find that the underlying cause for this specific user’s problem was not related to a client problem, a local network problem, or any service centrally provided by IT. Instead, there was a temporary service degradation that was resolved in short order. As essential software moves to the cloud, it is increasingly important to have the ability to gain detailed insights at the endpoint in order to identify whether the root cause of an issue can be traced back to the service provider.

We Know You Don’t WannaCry

By now you likely know that WannaCry is a malicious widely distributed ransomware variant that is wreaking havoc over enterprise IT. The most important thing to know is that Microsoft has issued patches for nearly every flavor of the Windows operating system (including Windows XP) to prevent any further attacks.

Since AV (even next-gen AV) and other security tools have not been very effective at mitigating the WannaCry threat, our advice to our customers is to ensure you have a complete inventory of every Windows instance and its respective patch level. This will enable you to identify which Windows instances in your environment are still vulnerable so you could focus your energies on finding and patching them.

To help you accomplish this, we’re offering Lakeside customers several complimentary dashboards that can help you identify Windows instances that are at risk of being infected by WannaCry or other security threats:

  • Security Patch Details: We’ve developed a new kit, Patch Summary Kit, that provides details on security patches based on operating system. It also provides details for a specific patch if you know the patch’s KB or definition. The details include if the security patch was installed in a system and which patch it was. This kit provides clear and precise data to help users remain safe.
  • Risk Score: SysTrack provides a risk score in Risk Visualizer. The risk score is an uncapped integer that takes into account all potential ways a system may be vulnerable. Risk Visualizer allows you to view the risk scores of all systems in your environment to easily identify systems of concern. A higher risk score implies that your system is at greater risk of attack.

You can use the table below in conjunction with the Patch Summary kit to check whether a security patch has been applied to systems with the corresponding OS. An example of this feature is shown in a screenshot taken of the kit.

Operating System (Version Number) Security Patch KB
Windows XP KB4012598
Windows Vista KB4012598
Windows Server 2008 KB4012598
Windows 7 KB4012212
Windows Server 2008 R2 KB4012212
Windows 8 KB4012598
Windows 8.1 KB4012213
Windows Server 2012 KB4012214
Windows Server 2012 R2 KB4012213
Windows 10 (1511) KB4013198
Windows 10 (1607) KB4012606
Windows Server 2016 KB4013429

Our goal at Lakeside is to help keep our customers’ end users productive. We hope that by providing these risk management and compliance dashboards, we can help IT departments continue to improve organizational digital experience.

SysTrack Use Case: What’s Impacting My System?

One of SysTrack’s many uses includes providing insight on negative sources of impact in an end user’s environment. Specifically, it can be used by an IT administrator to find out what the source of issues are that cause user experience problems. This helps the IT organization find underlying causes for common user complaints like “my system is running slow” or “I just can’t open my email!”

Because there are numerous reasons a system could be having issues, it can be difficult for an IT administrator to know where to start. Let’s take a concrete example with a user that calls into the help desk with a generic complaint.

The IT administrator receives a complaint from a user who says his system is running too slow. The administrator begins by targeting the user’s system in SysTrack Resolve. They start searching for the user in the General: Change Focus tab and selecting the appropriate system. The user can potentially have multiple systems, however, the online system is most relevant because it’s the system they are currently using. The administrator continues on to Analytics Overview, where they notice some applications and events in critical state. However, due to the immense amount of time that has passed since they were stated as critical, they can be reasonably ignored for this situation. The administrator decides to check the health of the system under the Health tab of Resolve because it will provide a summary on any source of impact on the system. They notice the Total Impact graph (displayed below) in the summary section highlighting how many minutes of impact each category has on this system.

The administrator takes note that the network category has the highest total impact on the system but they decide to continue to look at the Quality Trend graph. It displays the quality of the environment per day compared with the average quality. This allows them to be able to see how the system was performing for the end user compared to how it performs on most days. They notice that it begins to go towards a downward trend on the day that the user started to notice the poor performance.

The administrator notices that the network seems to have the highest total impact overall, but decides to check out the daily impact chart to see the day that the user started noticing a slower performance. As displayed below, the administrator notices that the day the user started noticing a poor performance shows a high network impact and continues to show a high network impact.

The administrator now knows the source of what is causing the largest impact in the user’s system and can use that knowledge to fix the decreasing quality of the user’s system and the environment overall. They continue further into Resolve’s Black Box and looks closer at the network system data. They choose to switch the filter in the System Data panel from System to Network since this is the category they are most concerned with (displayed below). This reveals further details on the network interface cards such as a high retransmit rate resulting in the large network impact.

The IT administrator discovered the source of the impact for that specific user, but is wondering if other users are also having this same problem. They dive into Visualizer Enterprise and look at the health for the overall environment. The health appears to have good user experience across the board and the administrator concludes that this situation was only applicable to that one user. Finding the largest source of impact for an environment is just one of SysTrack’s many uses to promote a successful environment.

The SysTrack Software Analytics Kit: Software Dependencies

A key component of observing software assets is understanding software dependencies. To address this, we here at Lakeside have developed the SysTrack Software Asset Analytics kit. A portion of this kit is entirely centered around discovering and monitoring software dependencies within an environment to meet the needs of the IT professional. These dependencies provide insight into the requirements needed for the proper functionality of software and identifying answers to important questions that IT might have such as “are all my software packages being used?” or “what are the connections required for my applications?”. The driving force behind understanding dependencies is the promotion of innovation for software package delivery and thus a more positive end user experience.

Dependencies allow for the ability to observe what the applications that make up a software package require to function every day.  Requirements for software can vary, but the core attributes to monitor are application connections, required systems components, compatibility, and application usage. The ability to identify required connections and system components is vital due to potential system restrictions such as unusable ports or unsupportable system

Let’s say an IT administrator, Joe, is analyzing software packages that he provides and is wondering how to make it more optimal for him and end users by trimming deadweight from his packages to reduce install and delivery size, limit the chance of errant components interfering with one another, and streamlining application connections. The perfect place for him to start would be our Software Dependencies Summary dashboard. He notices in the Software Summary panel that there is a software package installed in most systems but only used by half of the systems it’s installed on. It is also clearly highlighted in a graph next to the given data and displayed below.

 

By diving into one of the detailed dashboards provided by our Software Asset Analytics Kit, he can easily search for the package and see additional details including the number of associated applications, how many of those applications require connections, and where those connections are going. He goes further down the dashboard and takes note of which systems are using the software and even the last time it was used. With this information, he can conclude that only certain groups within the company need to have that software. As he continues to follow the flow of the dashboard, he notices that only some of the applications within the package are being used and many of the system components required by the unused applications are unnecessary. He can use this information to optimize the software package and only include the necessary applications and components. The image below shows how easy it is for Joe to view this information and thus reach his conclusions.

Finally, he ensures that the applications that do require connections are using approved correct ports to guarantee the security of the environment and potentially simplify network traffic. Through proper use of this dashboard, Joe could easily navigate the pertinent data and know what to trim from the software package and how to limit its delivery to only the groups that required it. He even confirmed that the software package would only make connections through approved network ports.

Dependencies is just one of the three key categories when observing software assets. We will continue to expand on the other two categories, Usage and Performance, with examples taken directly from the SysTrack Software Asset Analytics Kit to show the importance and practicality of monitoring this data for maintaining a successful environment.

SysTrack Use Case: Investigating Problem Applications with SysTrack

One of the goals at Lakeside is to make IT systems as transparent as possible so as to reveal the problem areas in the environment that most need to be addressed in order to improve the end-user experience. Some of the most frequent culprits impacting end-user experience are applications with excessive and unexpected resource consumption or continual faults, errors, and hangs. Fortunately, SysTrack provides several tools and various methods with which these problem applications can be addressed. I’ll be giving a quick walkthrough of these, covering the cases in which the problem application is unknown and needs to be identified and then moving into how to go about monitoring a known problem application more closely. In no way will the list of methods I provide be exhaustive but they can serve as a strong starting point.

Let’s begin with the first case, the unknown application that is potentially tanking performance and productivity and just being a general pain for end-users. Assume for a moment that there have been reports of impacted performance on several systems in the environment and a handful of rather unhelpful support tickets have been generated. “My Outlook is slow, my internet is taking forever, my BLANK keeps crashing.” You have a – hopefully short – list of users, systems, and the times at which they were experiencing difficulty; but where do you start the search? The first tool to utilize when given such a specific location and timeframe is SysTrack Resolve. Launch Resolve and change focus to select a system to observe, then navigate to the Overview section to see a list of all recent impacts on end-user experience discovered by SysTrack.

ProblemAppUseCase1

This will provide some context as to with which areas a system may be struggling. If there are a large number of reported application errors or consumption related events visible here, then it should prove much simpler to identify the source of these in the next step due to their frequency. Once we’ve had that cursory look next we’ll dive into the black box and select a timeframe during which users have reported problems with the system. Highlight an area of the chart with high or unexpected resource consumption by clicking there and the applications panel will display the resource consumption of each application that was running at that point in time.

ProblemAppUseCase2

By observing the applications at that given point in time it’s possible to find applications that are impacting the end-user by correlating the system performance with the application’s consumption and begin to address the possible causes. Once some of these problem applications have been found and triaged it may become apparent that several of them should be monitored more closely to limit or prevent future impact. That’s where the next set of tools come in, the ability to create and report on custom alarms. Within SysTrack Deploy, the SysTrack deployment tool, under Alarms and Configuration > Scripting and Response Time it’s possible to create custom SQL scripts for a system configuration that run against the child database at set intervals of time, compare their results to a threshold, and generate custom alarms that make their way up to the master.

ProblemAppUseCase3

Say for example that one of the problem applications in your environment has excessive application load times that are indicative of a poor end-user experience and you need to know when they happen. A series of custom alarms could be implemented that that run every 10 minutes and report the maximum application load time for the past 10 minutes, filtered to only include the problem application. If the returned value is greater than 10 seconds or 20 seconds then a Yellow or Red alarm is generated respectively. Alternatively, the script itself could contain the thresholds and return a count of the number of applications that exceed said threshold in an alarm. Combining these custom alarms in an environment would provide much needed data that allows IT personnel to quickly locate periods of time when the target application was “acting up” and also gauge how common and frequent this behavior is.

Once this monitoring data has been generated you then need a way to readily access it. Since the alarms themselves are already custom, I find that it works best to rely on another custom tool, the SysTrack Dashboard Builder, to filter out unwanted alarms and focus on just the ones we want. Use a simple drag-and-drop interface and a little SQL knowhow to filter the results and you can get an excellent look at the data you want.

ProblemAppUseCase4

There’s no way of knowing exactly which pieces of information will be important for every given application, but with the robustness and flexibility provided by SysTrack it’s possible to identify what you need to know and put systems in place to monitor it.  By familiarizing yourself with your environments problem applications at present you can keep them from being the problem applications of the future.

 

Focus on Personas

One area of particular strength in SysTrack’s suite of value added functions is its ability to provide automated EUC Persona insight, aka “End User Segmentation”.  In their research note, “Segment Users by Workspace to Allocate Physical Devices, Digital Tools, Support and Services,” Gartner analyst Federica Troni states:

IT leaders responsible for end-user computing are challenged with determining the right set of tools to maximize user productivity and engagement without duplicating costs and capabilities.

Such a framework helps IT leaders determine the right choices to accommodate diverse user requirements.

Lakeside’s approach to end user segmentation is consistent with and supportive of the process advocated by Gartner.  The granular End User Computing (EUC) data collected, aggregated, and visualized by SysTrack is exactly the kind of data needed to identify user groups within an enterprise who have common device, application, service, connectivity, and support needs.  No longer must IT rely on outdated questionnaires, anecdotal input, and/or educated guesses.  Using real EUC data, collected from actual systems, with real users; the results are accurate, fast, and non-controversial. Thus “data driven” vs “instinct and intuitive” based decisions can drive EUC provisioning, access, and support choices.

This data driven methodology for Persona discovery can pay big dividends.  Proper matches between end users, the devices, applications, and services they use, typically result in:

    • Productivity improvements – Having the “right tool for the job” is an age old adage and is as important in IT as in any other form of work.
      • An over/under provisioned workstation represents waste. Either too much was spent on an over provisioned system or an end user of an under provisioned system can’t effectively do their job.
      • Mismatched application suites to job requirements represent waste. Providing more applications than end users need results in unused licenses, increased support costs, increased workload demands, and an increased risk of application or system conflicts.  Failing to provide appropriate applications to do the job, results in lower end user output.
      • Mobile and BYOD (Bring Your Own Device) initiatives require proper orchestration. Opening an enterprises’ infrastructure to any/all devices the EUC community chooses to use can be a security risk, support nightmare, and connectivity challenge.  A better approach is to understand the work behaviour of all end users and identify where mobile and BYOD adoption is appropriate.

 

  • Asset optimization – Rather than a “one size fits all’ approach, a proper understanding of the personas within an enterprise can lead to the distribution of end user devices which are appropriate for the job.

In a recent SysTrack assessment at a large auto manufacturer it was determined only 10% of the enterprises’ 25,000 laptops were observed to have been moved from their office location.   This while the average cost of a laptop was $150 more than a desktop and the average failure rate on the laptops were about 10% higher.

In another assessment it was observed that more than 80% of the enterprises’ users were not taking advantage of several of the applications within a suite of applications.  A lower license cost was negotiated with the application suite’s manufacturer based on the historical SysTrack data, this resulted in over $15M in savings for the company.

  • Service Desk Support Optimization – By reviewing “day in the life” data for various personas, an enterprises’ service desk resources can be staffed with appropriate skill sets for the times when needed. Frequently, a “one size fits all” service desk with 7 x 24 coverage is provided for the entire EUC community.  One recent study revealed a client had fewer than 5% of their EUC users accessing any resources after 8pm on Fridays and before 6am on Mondays.  The decision was made to curtail the service desk staffing on weekends and increasing the coverage during normal business hours, resulting in significant cost savings and improved EUC satisfaction, as the response time was improved during the time the service was actually needed.
  • EUC on-boarding optimization – Proper persona and job role identification, documentation, and definitions, provide a very efficient method for on-boarding new employees or changing employee job assignments. An enterprise with fully defined personas and job roles can quickly assign the proper resources (end user device, applications, services, connectivity, etc.) based on the job description of the end user at any point in time.

One customer reported the on-boarding time for new employees was reduced from 8 days to 1 day by properly identifying the various personas and job roles within the organization and automating the on-boarding process to take advantage of the persona insights.

  • Cloud Affinity – Significant savings are being realized by enterprises through adoption of “Cloud” services. SysTrack can identify which enterprise workloads are suited for “The Cloud” and who among the end users are ready to utilize cloud based services.

 

 

SysTrack Use Case: Windows 10 Migration

In June we launched a new blog series called “SysTrack Use Case.” The first post in this brand new series explored how SysTrack could help with investigating user reports of a faulting or crashing application. Each post in the ongoing series will discuss a new use case to help provide a wider perspective on the different IT projects and challenges that can be addressed with SysTrack. The follow up to the first post comes at the same time that Lakeside has released new content around the Windows 10 launch, and that gives us the perfect opportunity to explore the best way to consume that content and get the most of SysTrack before and after your Windows 10 migration. We’ve released several blog posts in the past few weeks dealing with Windows 10, so here we’ll try to take a succinct look at the basic phases of a migration and how SysTrack can help with each.

Going into a large migration project without properly developing a plan first is a recipe for disaster.  Any IT administrator will tell you the same. That’s why gathering data about the environment is so crucial; simply estimating the resources needed or the readiness of the environment for a migration won’t work. You need objective analysis. With Windows 10 hitting the market we wanted to help our customers prepare for the upgrade. A good place to start is understanding the value of Windows 10 and how it could help your organization. We recently released a whitepaper that discusses, in detail, the benefits an upgrade to Windows 10 can provide. Having a solid understanding of why the upgrade is a smart decision can start the whole project off on a good note.

The whitepaper serves as a nice initial approach, but where SysTrack really helps out is with providing data-driven insight. The Windows 10 Assessment Report, part of our MarketPlace program, is a great tool for the initial steps of sizing out the project and gathering data about the environment. MarketPlace reports are accessed through Virtual Machine Planner. You’ll just need to create and run a simple model of the environment and SysTrack will feed data gathered for the model into the Windows 10 Assessment Report. The great thing about this report is that you can go back to it after improvements, updates, or changes have been made in the environment and rerun it with SysTrack’s most up-to-date data to see the results of your changes. Maybe an initial run of the report shows Windows XP systems with a low health score, and that leads you to investigate those systems with Site Visualizer and you discovere the cause of the low health score is insufficient memory resources, for example. After implementing a fix to that problem you can execute the report again to get an updated look on your Windows 10 readiness status.

After the migration is completed you’ll want to continue monitoring the systems that received the new OS to make sure they aren’t experiencing any new problems. A great way to do this is to track the health of those systems over time. Create a SysTrack group of Windows 10 systems and use Enterprise Visualizer to graph the health over time, this is a perfect way to visualize the experience of those systems from before the OS upgrade to after the upgrade.

Health Trend

Another great steady-state tool to use is the Resolve Comparative Analytics function. This allows you to compare a selected system to other individual systems, a group of systems, and all systems. You might want to compare the Windows 10 group to systems that have yet to be upgraded, or a system of interest with Windows 10 to the rest of the group to identify if an issue is due to the upgrade itself.

Comp Analytics

From gathering your thoughts about the migration, to preparing for it, to implementing it, and finally, to validating it in the steady-state, SysTrack has the data you’ll need. If your organization is considering Windows 10 make sure to take advantage of data-driven analysis to make better decisions throughout the project that will simplify the task, save time, and minimize the risk.

SysTrack Use Case: Troubleshooting Application Faults

Troubleshooting IT issues can be an extensive and strenuous process. If you’re administering a large environment the process can quickly become overwhelming. You might start by asking all kinds of questions – is it an isolated issue? How long has this been going on? How is this impacting the users? Are users affected who may never report this problem to the helpdesk? Asking questions is great, but if you don’t have the insight to get to the answers you’ll find yourself running in circles more often than not. Luckily, SysTrack continuously monitors your environment and pays close attention to the user experience so you can get issues resolved before they have negative impacts on productivity and, ultimately, the bottom line.

Let’s take a common example to explore this a little more: A user is reporting that a particular application is unresponsive or crashing. The ticket makes its way to your desk with little helpful information. Maybe they reported a few instances with some vague descriptions of when it happened. Normally this would send you down the rabbit hole to interview the user and start running in those circles we mentioned, but here’s where SysTrack can help you avoid all that and use data to help you understand and resolve the issue.

A good place to start would be Site Visualizer. Just jump into the Observations area and open the Application Faults dataset to get a quick overview of what’s going on with the app. You’ll quickly see the number of faults this app has experienced, the number of affected systems, and when it first and last occurred. Right away you have some idea of how widespread the issue is and how long it’s been occurring.

AppFaults

Starting at a high-level overview like this can point you in the right direction for where to turn to next. If the app is only faulting on a single system you can probably assume the issue is system related and not app related and you may wish to simply reinstall the application on the affected system. But if it’s affecting a large portion of the user base then you know the app is part of the problem. A quick right-click on the number of affected systems and then choosing Show Details will show you each system that’s been affected. Maybe they’re all part of the same group that received a software patch right around the time the app started faulting, or maybe they’re the only users with that app installed. Now you can work with the application vendor or your development team in the case of a homegrown application to help resolve this problem. Having easy access to this type of data dramatically reduces the time and effort it would have taken to answer these questions.

To dig a bit deeper into the issue you could target a particular user’s systems with Resolve. Open the Faults tool and you’ll be able to see details about the fault occurrences for the app in question, how it stacks up against the enterprise as a whole, and time-correlated information so you know exactly when each fault occurred.

ResolveFaults

At this point you know how widespread the problem is, each and every system that’s been affected, and even the exact time of each individual occurrence. Once you’ve got all of this data you’re much better prepared to implement a solution.

To bring all of this back to the user experience you can even monitor the health of a system over time. Fix the case of the faulting app and see how the user’s health score has changed after the fix. This will give you a good idea of how their experience is going as well as if you’ve corrected the issue, and if there’s cause for concern due to some other problems. Avoiding that rabbit hole has never been easier.