Date post: | 27-Jul-2015 |
Category: |
Documents |
Upload: | peter-grant |
View: | 225 times |
Download: | 0 times |
Tideway Systems Inc., 2008 Page 1 of 16
Software Identification Reports and Outputs
Version No 1.0
Tideway Systems Inc., 2008 Page 2 of 16
1. Contents 1. Contents ............................................................................................................................ 2
2. Preface............................................................................................................................... 3
2.1. Purpose........................................................................................................................... 3
2.2. Document History ........................................................................................................... 3
3. Software Licensing Considerations ............................................................................... 4
4. How does Tideway Foundation help? ............................................................................ 5
4.1. Tideway Knowledge Update (TKU) ................................................................................ 5
5. Example Output ................................................................................................................ 7
5.1. Software identification..................................................................................................... 7
5.2. Management Dashboard ................................................................................................ 8
5.2.1. Breakdown by Product Category............................................................................. 9
5.2.2. Software Products by Vendor................................................................................ 10
5.2.3. Breakdown by Database Technology.................................................................... 11
5.3. Oracle Examples........................................................................................................... 12
5.4. Provenance................................................................................................................... 14
5.4.1. Example 1: Oracle Version.................................................................................... 14
5.4.2. Example 2: MS SQL Editions ................................................................................ 15
Tideway Systems Inc., 2008 Page 3 of 16
2. Preface
2.1. Purpose
This document describes the outputs from tideway Foundation which are typically used in
Software License Asset Management (SLAM) activities. All standard reports within Foundation
export as CSV by default. Additionally, a set of generic export adapters and data mapping sets
allow the export of any data to CSV and RDBMS.
2.2. Document History
Date Version Details
12th Jan 2009 0.1 Initial Draft
12th Jan 2009 1.0 Final Draft. M.Wallenstein
Tideway Systems Inc., 2008 Page 4 of 16
3. Software Licensing Considerations Software licensing is becoming an increasingly complex and expensive area for all businesses.
In the current economic climate software vendors are auditing their customers in order to bolster
their revenues.
Most companies do not have an accurate understanding of what is deployed leading to several
issues:
• Risk of under licensing
o Risk of litigation when the software vendor exercises its right to audit at any
given time
• Over licensing
o Paying for more than you’re using
• Unauthorised software deployed into the environment, which can introduce risk to the
business applications it is supporting
• Software deployed on redundant servers – paying for what you are not using
The difficulty of software licensing is exasperated by increasingly complex licensing models.
Forrester research shows that 58% of infrastructure software licensing is based on Hardware
specification; i.e. Per CPU, per server, per core. So now you must now how much software is
deployed and be able to relate it back to the infrastructure it is running on.
Current licence management tools have great difficulty resolving these issues and are normally
vendor specific solutions. This is due to the following reasons:
• There is no standard for software deployment
o Installed via OS package manager
o Compiled by hand on the target server
o Binaries copied by hand to set of servers
o Distributed by software deployment mechanism
o Shared file systems
• No standard for software versioning
o Registry keys
o Binary fingerprinting
o Path to binary
o Configuration file
Tideway Systems Inc., 2008 Page 5 of 16
4. How does Tideway Foundation help? Through regular agent less discovery of the IT estate, Tideway Foundation is able to keep track
of what software is deployed and being used. Tideway’s Reasoning Engine and Pattern
language allow flexibility and sophistication in the techniques used to identify and version
software. Tideway’s unique Provenance allows full traceability of the source of the data; vital for
proving the data is correct.
4.1. Tideway Knowledge Update (TKU)
TKU content comprises patterns that easily detect simple or complex software and business
applications distributed across platforms. The service currently boasts over 3000 patterns that
identify software processes and sub-processes, providing an unmatched level of granularity to
ensure maximum completeness. TKU covers multiple product types, including:
• End-user applications (SAP, Documentum, Fidessa, Murex) and enterprise portals
(BEA, Vignette)
• Middleware and databases (Oracle, Sybase, DB2, Weblogic, Websphere, MQ Series,
Rendezvous)
• Infrastructure, cluster and availability software (Veritas Cluster Server, HP
ServiceGuard)
• Virtualization platforms (VMWare, Sun Solaris Containers).
TKU’s monthly updates rapidly track vendor product releases and evolving customer
requirements. The service also maintains patterns based on contributions from publishers and
product experts in customer organizations and covers a broad range of deployment patterns
that normally elude accurate identification by other software recognition techniques.
TKU identifies configuration issues, software with known vulnerabilities and costly software that
has reached end-of-life, and is designed to meet four key criteria for data quality:
• Coverage – the cross-platform service covers all of the leading products that underpin
business applications as identified by industry analyst groups.
• Completeness – TKU employs multiple techniques to capture deep version information,
configuration data, and license details, identifying instances of products and mapping
them to the supporting infrastructure.
• Accuracy – With Tideway’s unique data provenance, users have a definitive chain of
evidence on the origin of each configuration item (CI) and attribute.
Tideway Systems Inc., 2008 Page 6 of 16
• Currency – Monthly TKU releases ensure that the latest vendor products and upgrades
are identified and customer requirements are met in a timely fashion.
Many environments have bespoke in-house developed software, or heavily customised off the
shelf software. The ability for customers and Tideway Professional Services to create patterns
that identify their unique software is a key benefit.
Tideway Systems Inc., 2008 Page 7 of 16
5. Example Output Foundation supplies various ways to report and consume the discovered data. These include:
• Management Dashboards
o Graphs and pie charts
o Tabular reports
• Out of the box reports for software vendors and products
• Custom report capability
• Export Capability to CSV and RDMS
5.1. Software identification
Foundation identifies:
• Software that is installed by the standard package manager for a platform: ‘Packages’
• Software that is seen running and triggers Tideway patterns: ‘Software Instances’
• Logical groupings of deployed software that provide Business Services: ‘Business
Applications’ (these are normally unique to an environment and built through a modelling process)
A complete list of deployed software packages can easily be reported, filtered and exported:
Tideway Systems Inc., 2008 Page 8 of 16
Drill through to a package to see where it is deployed:
5.2. Management Dashboard
The Licence Optimization dashboard provides instant visibility of software vendors, products
and versions deployed in the estate. This is software that is identified using patterns.
Tideway Systems Inc., 2008 Page 9 of 16
5.2.1. Breakdown by Product Category
This breakdown allows the user to identify large installations of software by category.
From here the user can drill through to tabular reports; such as “Application Deployment
Software”:
This view lists all software instances and versions, which can subsequently be exported to CSV.
Tideway Systems Inc., 2008 Page 10 of 16
5.2.2. Software Products by Vendor
The user can now drill through to the detail of software deployed by vendor. If I am currently
being audited by Microsoft I can quickly drill through to all Microsoft products:
Additionally the tabular report can be filtered by product:
Tideway Systems Inc., 2008 Page 11 of 16
5.2.3. Breakdown by Database Technology
This report specifically looks at deployed database technology and versions.
The coloured bars within a database technology represent different deployed versions of the
software. The user can hover the mouse pointer over the bars to reveal information regarding
version and count of the instances.
Specific graphs are available for each technology; for example Oracle:
Tideway Systems Inc., 2008 Page 12 of 16
5.3. Oracle Examples
In the previous section we saw a breakdown by Oracle Database Server versions. This product
is usually licensed by CPU or Core, or by users configured.
For cores Foundation can help identify:
• Total number of cores available to the system
o either the total cores in the physical host (including soft partitions like regular
Solaris zones)
o or the hard-limited total cores available to the container (for recognised hard
containers only)
• With customisation to Tideway patterns the discount factor for multi-core systems can
also be included in reports
o 0.75 for dual core CPUs
o 0.5 for quad core or higher CPUs
Version 7.2 of Tideway Foundation allows dynamic querying of RDMS. This allows any data in
table space to be extracted from databases and included in the discovery results. This data
could include users configured, products and add-ons installed.
Two reports are generally used for Oracle Database Server license reporting:
Oracle Host Report
This report shows a list of the servers running Oracle with the following details on each row:
• Host: the name of the host
• Usage: a user-imported field with usage information (e.g. PROD, DEV, TEST)
• Oracle Instance Count: the number of SIDs in this OSI
• Processor Count: the number of CPUs available to the OSI
• Processor Type: the type of CPUs in the system, used to verify the next value
• Cores Per Processor: the number of cores in each CPU
• Core Count: the number of cores in total available to the OSI
• Oracle License Factor: the discount factor, either 1.0, 0.75 or 0.5, populated by pattern
• Oracle License Requirement: the core count multiplied by the license factor
Tideway Systems Inc., 2008 Page 13 of 16
And:
Oracle Instance Report
• Instance: the SID of the Oracle instance
• Product Version: the Oracle version being used
• Host: the host name of the OSI on which this instance was found running
• Usage: a user-imported field with usage information (e.g. PROD, DEV, TEST)
• Processor Count: the number of CPUs available to the OS
• Processor Type: the type of CPUs in the system, used to verify the next value
• Cores Per Processor: the number of cores in each CPU
• Core Count: the number of cores in total available to the OSI
Example Outputs:
Tideway Systems Inc., 2008 Page 14 of 16
5.4. Provenance
Foundation identifies and versions running software. In auditing scenarios it is also important to
be able to demonstrate why the data you are using is accurate and up to date. The provenance
feature provides full traceability of all of the data captured by Foundation.
We will look at two examples; software versions and software editions.
5.4.1. Example 1: Oracle Version
Here is an Oracle Database Server instance, identified by its SID:
We can see that the full version is 9.2.0.1. We can trace the source of this data by clicking the
Provenance button; we can see that the data was captured through a discovery method:
“DiscoveredCommandResult”.
Tideway Systems Inc., 2008 Page 15 of 16
Clicking through the link reveals the source of the data:
Here we can see the command that was executed on the target Host to retrieve the version.
Additionally we have a link to the Discovery Access which gives us the timestamp when this
data was captured.
5.4.2. Example 2: MS SQL Editions
Here is a MS SQL instance that has been discovered:
As well as the full version we have also captured the Edition of this software. We can trace the
source of this data by clicking the Provenance button; we can see that the data was captured
through a discovery method: “DiscoveredRegistryValue”
Tideway Systems Inc., 2008 Page 16 of 16
Clicking through the link reveals the source of the data:
Here we can see the Registry key that was queried on the target Host to retrieve the Edition.
Additionally we have a link to the Discovery Access which gives us the timestamp when this
data was captured.