How many software products are licensed in your organization? Hundreds? Thousands? How do you track your deployments against your license entitlements? How effective is it? Or do you do it manually? Have you ever been audited and been in the position of being overdeployed? Did you ever wonder if you might be underdeployed for certain products … and therefore spending money for licenses that aren’t even being used?
These are all scenarios where IBM’s BigFix solution can help. BigFix is a core part of the IBM Cybersecurity portfolio, part of the “IBM Immune System”. While BigFix provides a wonderfully effective patch management solution for endpoints, it also provides the ability to track software license deployment for over 40,000 products within its “Inventory” component. IBM BigFix Inventory can significantly reduce the time needed to gather a comprehensive software asset inventory for license reconciliation or compliance purposes. It provides the ability for customers to perform more effective planning, budgeting and vendor license compliance.
One of the first things you will notice about IBM BigFix Inventory is a comprehensive and easy-to-use graphical Overview Dashboard, from which you can assess the overall inventory status of your network. That inventory, by the way, includes hardware as well as software. As with other BigFix components, it supports 90+ OS platform variants including Windows and *Nix.
The overview dashboard provides the capability to drill-down into an aggregate software inventory report where deployed quantities are listed by publisher. Click on a publisher (Microsoft, for example) and one can drill-down further into a report that lists all deployed software products for that publisher. Columns are easily customizable and include such information as Computer Count, Total Runs, Last Used (last date/time used), Total Maintenance Cost, and Contracts (license entitlements). The ability to compare entitled vs. deployed on a single report is valuable and brings some automation to what could otherwise be a manual process.
How does BigFix Inventory accomplish this? A “scanner” is deployed and responsible for scanning each endpoint periodically (a CPU threshold can be set if desired). The scanner searches the endpoint for different types of software installation signatures including files, registry entries, and Common Inventory Technology (CIT) XML. If found, the scanner reports back to the BigFix Inventory server that the product is installed on that endpoint.
For those who use IBM software, the dashboard also has a PVU Subcapacity overview widget, which shows the five products with the highest PVU consumption rate. Click on “See all PVU Subcapacity products”, and you can drill-down further. Software utilization is also reported. Metrics such as IBM PVU, RVU … and Microsoft Physical/Virtual Core/Physical Processor as well as Oracle Processor Core … are all supported.
The Inventory Exploration widget presents the top five publishers with the largest number of entitlements defined. One can drill-down from this widget to see the detailed Software Inventory report. Another widget on the overview dashboard provides the ability to drill-down into a list of individual software products deployed by hostname.
Reports can also be filtered by any column, so if one wishes to see (for example) all Microsoft Software that was last used within the past 6 months across all endpoints, this is simple to accomplish. All reports are exportable to CSV or PDF format, and they can be scheduled and sent to individuals via a mail server.
Additional reports are provided that detail hardware inventory. They include hostname, ip address, number of cores, physical vs. virtual, processor type, etc. If you are using IBM software, current IBM PVU Per Core values are shown for each physical endpoint on the report. Again, column values are customizable and the report is filterable.
I hope you enjoyed this quick “fly-by” of the IBM BigFix Inventory component. IBM BigFix Inventory provides a nice, handy way to track your hardware and software product deployment, software deployment against entitlement, and software utilization. It can reduce costs through automation of a process that is often done manually, and can not only help you achieve compliance and avoid “uncomfortable” audit moments … it can potentially save money from discovery of underdeployments.