Application-Deployment Tools

Look at the packaging, distribution, and management features of 5 products

Two of the most complex and costly challenges facing today's IT departments are deploying and managing desktop applications over distributed networks. Organizations struggle through a new application rollout, only to be blindsided by the all-consuming task of maintaining and supporting the application after deployment. Indeed, the rapid adoption of distributed computing has overwhelmed many IT departments that don't possess the staffing or tools required to support the needs of their increasingly complex and dispersed clients.

This dilemma has prompted industrywide analysis of the costs of owning and supporting PCs. The terms total cost of ownership (TCO) and Return on Investment (ROI) are now familiar to managers, who are still shocked that the cumulative annual cost for a single PC can be thousands of dollars beyond its initial purchase price. Because managing desktop applications directly or indirectly makes up a significant portion of that annual expense, many organizations are keenly interested in tools that streamline and centralize application deployment and management.

Many IT shops—weary of numerous, disparate management utilities that are rarely interoperable and that fragment the skills of IT staffs—have been attracted to large framework solutions from vendors such as Computer Associates (CA), Tivoli Systems, and BMC Software. Other shops are finding that framework solutions can be too expensive or complex or that they compromise on important features available in smaller, best-of-breed products.

My original goal was to review products that perform all aspects of application deployment and management. Thus, I tried to weed out single-purpose products such as cloning or packaging tools. I also excluded products such as framework solutions and Microsoft Systems Management Server (SMS) whose functionality extends into asset management and Help desk support. I quickly discovered, however, that the lines separating product categories have blurred and many products are extending their capabilities. For example, Lanovation's PictureTaker had been strictly a packager, but the recent 4.0 release includes deployment capabilities. Symantec purchased 20/20 Software's AutoInstall to add packaging and deployment capabilities to the recent version of Symantec's cloning utility, Norton Ghost 6.5 Enterprise Edition. (For a review of AutoInstall, see "AutoInstall 1.17," December 1999. For a comparative review of cloning utilities, see Ed Roth, "Disk-Imaging Solutions," May 2001.) Several of the products I acquired for this feature have some functionality that extends beyond application deployment and management. I mention the additional features in the course of this review.

For this feature, I chose five products as a representative sample of the technology and methods available from more than a dozen vendors that provide application deployment and management solutions. (Table 1, page 70, lists eight products not included in this review.) I ran the chosen five products in the Windows 2000 Magazine Lab and assessed their features. I start with a brief introduction to each product, then delve more deeply into a comparison of all the products' packaging, distribution, and management features.

Castanet 4.6
Marimba's Castanet 4.6 is a client/server-based application deployment and management product designed for large enterprises. Until recently, Marimba sold Castanet as a family of separately licensed suites. Now, Marimba bundles the Infrastructure, Management, and Production suites together to let you package, deliver, and update applications. The separately licensed Subscription Suite lets you implement policies. The Inventory Suite, also licensed separately, lets you collect hardware and software inventory details in an Oracle, Sybase, or Microsoft SQL Server database.

Castanet is a robust, multifaceted solution whose price tag is markedly higher than that of the other solutions I looked at. However, Castanet might be worth every penny for an organization that can exploit the full breadth of its functionality.

Castanet terminology follows a television theme. A Castanet deployment consists of a server component called a Transmitter, which uses HTTP to communicate with clients called Tuners. These components work together to deploy, update, and manage applications. Castanet identifies each application as a separate Channel. Figure 1 shows Castanet's Transmitter Administrator with the Channels this Transmitter provides.

For deployments in distributed environments, Castanet provides Repeaters and Proxies as remote distribution points for the source packages. Repeaters are intelligent distribution points ideally suited for unreliable or intermittent WAN links. Proxies are simple caching servers that act as dispersed distribution points and let you isolate network traffic. Castanet Mirrors act as redundant Transmitters for failover and load balancing in large environments. You administer Castanet through a proprietary Java-based console. You can deploy this console on any Tuner to provide multiple points of administration. Figure 2 shows a sample Castanet deployment with the various components.

Castanet 4.6
Contact: Marimba * 650-930-5500 or 888-800-5444
Price: Pricing starts at $30,000 for Infrastructure, Management, and Production suite functionality for 150 seats. Subscription and Inventory suite functionalities are licensed separately.

Altiris eXpress 5.0
Altiris eXpress 5.0 is a suite of products that not only covers application deployment and management but also provides PC migration and cloning capabilities. (To see how Altiris eXpress products fared in recent comparisons to similar products, see "Disk Imaging Solutions" and Joshua Orrison, "Good Migrations," InstantDoc ID 20393.) If you need all the functionality that the eXpress suite provides, you can get a lot of bang for your buck, given that pricing starts at $50 per seat.

eXpress's simple architecture consists of eXpress servers and clients. Earlier versions of eXpress products lacked scalability, but eXpress 5.0 lets you use multiple eXpress servers to help distribute network loads. You can store eXpress Remote Installation Packages (RIPs) on the eXpress server itself, or you can designate standard file servers as RIP distribution points. Because eXpress creates RIPs in a self-executing format, you can simply give clients access to the RIPs to let them install applications manually.

eXpress offers full-featured packaging and distribution capabilities and is well suited for small and midsized environments. You can configure the suite to work in larger environments as well, though central management would be more difficult. eXpress clients also gather registry-based hardware and software inventory data and pass it to an eXpress server that stores it in a SQL Server 7.0 database. The database is also a repository for data about managed computers and scheduled events.

eXpress components use standard TCP ports to communicate with one another. Although an eXpress server can work as a relay between clients and a file server that stores RIPs, an eXpress server often points the clients directly to the RIP share on the file server. Figure 3 shows a typical eXpress deployment, in which clients download packages directly from an eXpress server or from a file server, depending on their physical location. eXpress clients use standard drive mappings or Uniform Naming Convention (UNC) pathnames to locate RIP shares. You can administer an eXpress server locally through its proprietary console or on remote machines. To remotely manage an eXpress server, you must install the console on it and you must have access to its shared program directory.

Altiris eXpress 5.0
Contact: Altiris * 801-226-8500 or 888-252-5551
Price: $50 per seat for 10 to 99 seats;volume discounts available

netDeploy Global 5.5 (beta)
Open Software Associates' (OSA's) netDeploy Global 5.5 product line consists of the Enterprise Edition, Business Edition, and netDeploy Global for Microsoft SMS. I looked at a beta of the new 5.5 Enterprise Edition. For the level of functionality it provides, netDeploy Global is moderately priced; it could provide a substantial ROI for an organization that requires Active Directory (AD) functionality.

netDeploy Global is the only product I tested that's designed specifically for use with AD. As you'd imagine, AD is a requirement for installing this product. If you haven't yet migrated to AD, OSA recommends setting up AD on a server specifically to manage netDeploy Global. If you take this approach, plan your AD implementation carefully. This server will likely be the seed of your future AD infrastructure. If it turns out to be a bad seed, you'll need to reinstall netDeploy Global into the production AD environment you eventually settle on.

netDeploy Global is based on a client/server architecture that includes a Warehouse that stores application packages and management data, intelligent distribution servers that relay packages to dispersed locations, and deployment locations that can reside on the distribution servers or on generic file servers. Figure 4 shows a typical netDeploy Global installation.

Win2K machines that use the netDeploy Global client receive their management deployment rules as part of typical AD Group Policy updates. For Windows NT 4.0 machines, which can't communicate directly with AD, the netDeploy Global Warehouse interprets Group Policies, writes the results to an XML file, and distributes the file to clients through the same channels it uses for package distribution. Like Castanet, netDeploy Global uses HTTP as its primary communications protocol. Thus, netDeploy Global easily integrates into environments that are already using Web protocols.

You administer netDeploy Global through a custom Microsoft Management Console (MMC) snap-in called the Deployment Policy Editor (DPE). Thus, you can administer netDeploy Global from any MMC console as long as you install the snap-in components locally or make the snap-in available through AD.

netDeploy Global 5.5 (beta)
Contact: Open Software Associates * 603-886-4330 or
Price: $100 per seat; volume discounts available

TS.Ready 4.0 (beta)
Tally Systems, traditionally known for its asset-management tools, recently signed an OEM agreement with SWAN International to use SWAN's application deployment and management tool, Vision64. Tally Systems then combined the functionality of Vision64 with its own asset-management features to create TS.Ready. I tested a late beta of version 4.0, which should be available by the time you read this article. TS.Ready is priced comparably to netDeploy Global and should also provide a good ROI. Additionally, TS.Ready is better suited than netDeploy Global to non-AD environments.

TS.Ready uses a client/server architecture to deploy and manage applications for large enterprises. Like the other vendors, Tally Systems sells its product on a per-seat basis, and your license entitles you to deploy whatever server-side infrastructure your environment requires. TS.Ready also includes the inventory client from TS.Census, Tally Systems' asset-management product, which performs a detailed hardware and software inventory and fully integrates into TS.Ready.

A typical installation of TS.Ready is relatively simple, consisting of a Master Server and clients. In larger environments, you can employ Intermediate servers as intelligent distribution points for application packages, as Figure 5 shows. The Master Server uses a proprietary database to store inventory, package, schedule, and policy data. TS.Ready will also support an Oracle database if you want to be able to access the collected data through a standard ODBC link. All of the TS.Ready components use standard TCP ports to communicate. You can locally or remotely administer the TS.Ready Master Server with a Web browser that supports JavaScript 1.2 or later. TS.Ready also provides a remote control tool that lets you control TS.Ready clients from a remote location.

TS.Ready 4.0 (beta)
Contact: Tally Systems * 603-643-1300 or 800-262-3877
Price: $110 per seat for 1000 seats; volume
discounts available

VERITAS Software's VERITAS WinINSTALL 7.0 is primarily dedicated to packaging and distribution, without several of the features that the other products include, such as inventory collection and remote control. This product is the least expensive of those I tested, yet it can package applications in either native WinINSTALL format or Windows Installer (.msi) format. WinINSTALL also provides wrapper functionality for .msi packages, although its installation engine doesn't directly support transform or patch application. (A transform, or .mst file, simply records the differences between two .msi packages, one of which is usually the vendor-supplied original and the other a copy that you've customized. When you deploy the .msi package, you direct Windows Installer to use the transform to modify the actions programmed into the .msi file.)

Although WinINSTALL relies to some extent on a server for certain core files and application packages, it's primarily a client-centric application that uses an interactive or service-based Installer on each client to launch the installation of a package from a file server. Thus, the WinINSTALL client's primary communication is with a shared directory that contains a list-file of applications that should be installed and the packages for those applications. Figure 6, page 62, shows that clients communicate directly with the share point assigned to them rather than with an active, centralized master server. When the client detects a change in the list-file, it triggers an installation event, which launches the WinINSTALL Installer. The only other code WinINSTALL needs is 23 Installer files that typically reside on a server with the application package to be deployed but that could as easily reside on a CD-ROM.

Each client's registry stores records of the packages installed and their status. To enable centralized collection of that data, WinINSTALL provides database logging to a Microsoft Access or SQL Server 7.0 database if you install the appropriate ODBC driver on each client. WinINSTALL provides an ODBC client package as part of its base program. To help you access the centralized data, WinINSTALL includes Crystal Decisions' Crystal Reports along with a dozen predefined reports.

You administer WinINSTALL through the proprietary VERITAS Desktop Management Suite (DMS) console, which you can use to edit package details, run reports, and set schedules. You can install the console on more than one machine, but those machines should be in the same Win2K or NT 4.0 domain as the share on which the source and Installer files reside.

Contact: VERITAS Software * 650-335-8000 or
Price: $295 for 10 seats; volume discounts available

Defining the Challenges
Although each organization is unique, most of us encounter some common challenges in our attempts to simplify and automate the deployment and management of our corporate applications. The tasks don't necessarily fall neatly into categories, but for the sake of organization, I've collected them into the following three groups:

  • Packaging—This preliminary step captures an application's content and configurations in a compact, uniform, and deployable format. The challenges in this category revolve around the variety of applications and their native installation formats. Some applications are developed inhouse, others use a variety of proprietary installation engines, and most new applications are in Windows Installer format. (For more information about Windows Installer, see the sidebar "Application Packaging and Windows Installer," page 64.) Packaging utilities face additional challenges in deploying applications to dissimilar OSs. Finally, packaging utilities must make provisions for packaging updates and patches as well as uninstalling applications or rolling back changes.
  • Distribution—After an application is in its proper format, it's ready for distribution. The ideal method for delivering and installing an application depends on your network's logical and physical structure. This group of tasks encompasses a web of interrelated variables, including scalability and bandwidth management. Mobile clients present a unique set of application-distribution challenges because of their intermittent and often slow connections.
  • Management—One thing administrators don't want is an application deployment solution so complex that it becomes a bigger headache than the original problem. For that reason, the way a tool handles initial deployment, logging and reporting, and inventory tracking is important.

Packaging is a crucial first step for any application-deployment tool. At a minimum, a packager should let you build a package manually, repackage an installation from a different installer format, and customize a package as necessary for your target clients. A packager should also provide a wrapper for Windows Installer packages that preserves, if not enhances, Windows Installer functionality. All the packaging tools I review in this article meet those four basic requirements.

The more flexibility a packager offers in these areas, the more powerful it is. The complexity of your environment determines the level of flexibility you require in a packager. For example, if your environment is standardized on similar hardware and software and you need to deploy only a few mainstream applications, you might not need the same flexibility as someone who deploys complex, specialized applications that require customizations and unique handling before, during, and after the installation routine.

Each tool provides "snapshot" technology that lets you capture the changes that an application's native installer makes to a computer during its installation routine. The list of changes typically becomes the basis for an executable routine that emulates all details of the captured installation process. The combination of the application's source files and the executable routine, often compressed into a single file, is known as the package.

The products differed little in their approach to snapshots. The rules for creating snapshots seem to be universal: Use a clean machine with nothing but the base OS installed. Don't perform any other tasks on the PC during the snapshot process. And use the same OS on the snapshot machine as you use on the target installation machines. I usually followed these rules as I packaged applications such as Adobe Acrobat, WinZip Computing's WinZip, and various other shareware applications, and I had no problems. I also created a few packages from scratch by manually installing application files, registering DLLs, and creating registry changes. Each product did a good job of tracking the changes and compiling them into the product's format. When looking at the finished packages, however, I saw distinct differences in their construction, most of which were directly related to the product's particular distribution philosophy.

The packages that Castanet and netDeploy Global produce are very similar. Castanet's Application Packager creates an XML-based description (.mrb) file called a manifest that details the aspects of the application from its component files to its dependencies and installation requirements. netDeploy Global's Packer also uses XML for its netDeploy Global catalog (.ndc) files. Both products use the XML format files as an integral part of their packages, which is significant because Castanet and netDeploy Global use HTTP to transport these and other XML-based files to their clients, thus letting both products integrate into existing Web infrastructures.

Castanet and netDeploy Global also both use Message Digest 5 (MD5) checksums to identify the source files that an application comprises. When you apply the MD5 algorithm to the variable-length binary data in each of the various files that make up an application, the output is a unique 128-bit digital signature, or Message Digest, for each file. This signature lets Castanet and netDeploy Global perform highly accurate assessments of the authenticity and integrity of each file in a package. The products can immediately detect any alteration or corruption of a file from the time it's packaged to the time it's finally delivered to the client. At any point in the installation process, the products can quickly compare the digital signature of the original file with that of a successor file to determine whether the files are the same. Windows Installer's file verification isn't as sophisticated, and its self-healing capabilities apply to .msi packages only. Castanet and netDeploy Global extend self-healing to every product they install.

Castanet, in particular, exploits MD5 signatures as a way to update or patch files at the byte level rather than sending entire files across the network to target clients (i.e., Tuners). Tuners calculate the byte-level differences between two versions of a file and request only the changed bytes from the Transmitter. After the bytes arrive at a Tuner, it incorporates the changes and updates the original file on its hard disk. For locked files, the Tuner copies the original, updates the copy with the byte-level changes, then overwrites the original on reboot. The savings in network bandwidth can be appreciable for small changes to large files, and the process doesn't generate any more processor overhead for the client than an ordinary file overwrite does.

TS.Ready uses cyclical redundancy checks (CRCs) to ensure the integrity of its package files. Like MD5, CRCs perform swift analyses of an application's state. When a file is corrupted or missing, the client can request a replacement from a designated location to repair the application. Also like MD5, CRCs allow for version rollbacks, as well as incremental patches and upgrades that let you send and install only changed files rather than the entire application.

WinINSTALL's packaging utility has some unique features that have definite value in some environments. In addition to possessing a flexible interface for editing packages after you've created them, WinINSTALL lets you convert a WinINSTALL Installer package to .msi format. You might find the latter feature useful, for example, in an AD environment in which you use Group Policy to deploy software to your Win2K clients but still need a reliable deployment tool for your older Windows clients. The WinINSTALL Program Launcher (WIPL) lets you advertise applications similarly to the way you can in an AD environment. From WinINSTALL's administrative console, you can assign an application to users, and the product delivers an application icon to their desktop. A user double-clicks the icon to launch WIPL and install the package.

eXpress's packaging features are simple yet flexible. You can customize an installation, but the resulting package is a single executable file. Thus, you can deploy the package in any fashion you choose (e.g., post it in a shared directory, send it in an email attachment, make it available on an FTP site, put it on a 3.5" disk or CD-ROM) and—if administrative permissions aren't required—on clients that don't have eXpress client software. Having only one executable file per application is particularly useful because such a setup lets you create a CD-ROM with a collection of applications as part of a road-warrior emergency kit for mobile users. The only drawback to the eXpress packaging process is the inability to change the install path after you create a package—eXpress doesn't let you use environment variables instead of a fixed path statement. Moreover, although eXpress provides the option to create an uninstall routine for every install package, I couldn't locate a rollback function for failed installs.

The packaging function encompasses not only creating packages but also installing them. I found that the five products I tested had varying levels of functionality in the installation area, though they all could get the job done. Because I chose to deploy the 500MB Microsoft Office 2000 Professional as my test application, the challenge for the products revolved more around deploying such a large application than around creating a package for it. I was impressed that netDeploy Global's use of gzip compression algorithms reduced the Office 2000 package to 319MB.

eXpress offers a basic approach to an .msi installation: You use the administrative console to create an event that copies the .msi file to the client and locally executes msiexec.exe with your desired command-line parameters. Aside from the benefit of scheduling, eXpress offers little more than AD does in assigning software. WinINSTALL's solution was similar except that it could exploit the Windows Installer APIs and provide a success or failure entry to the event log.

The other three products offer more built-in features that deal with .msi packages, such as the ability to designate transforms and the ability to add paths for the .msi source files so that repair and install-on-demand features work regardless of the client location. Castanet and netDeploy Global also let you specify what to install on the client and whether the client should retain what you install. In the case of Office 2000, I could choose to download the .msi package only, the .msi file and all the source files, or the .msi file and only the necessary files. If hard-disk space isn't a concern, you could retain the source files on the client and specify that directory as the source file path. With an application's source files locally available, a disconnected client could install-on-demand or self-repair the application.

Bandwidth management and scalability are chief among the concerns of most administrators. In the Lab, I was able to see how the five products handled these challenges.

WinINSTALL offers no formal means of bandwidth management. One possible way to introduce some form of control is to employ the WinINSTALL Intranet Installer, which lets clients download packages from a Web server. Then, you can use Microsoft IIS to set a maximum bandwidth for the Web site that contains the links to the installation packages.

eXpress offers a reverse bandwidth control. If you set this option on a client, the client won't perform a task unless a certain amount of bandwidth is available. This useful feature prevents clients from attempting installations when they're on very slow links, but it doesn't let you control network bandwidth usage.

The other three products' bandwidth control is more sophisticated. TS.Ready and netDeploy Global offer similar capabilities: You can set a maximum bandwidth for each hour of the day for each client. TS.Ready's interface for setting bandwidth controls, which Figure 7 shows, is cumbersome, forcing you to work with each time slot individually. netDeploy Global's snap-in interface is easier to use. Both products also let you set a bandwidth limit for the replication traffic that occurs between the main server and the distribution points. In the Lab, I tested this functionality across a 56KB link between two network segments. The bandwidth used remained within the parameters I set. In fact, both products dynamically adjusted to the total bandwidth I allowed them.

Castanet gives you some level of bandwidth control at each Castanet component. On the Tuner, you can set a bandwidth threshold as a percentage of the available bandwidth or at a fixed data rate. If you choose the percentage setting, however, the Tuner can't dynamically adjust to fluctuations in available bandwidth—it maintains the rate set at the beginning of the communication session. You have similar bandwidth control at the Transmitters, Proxies, and Repeaters. Because Transmitters can get heavily loaded, Castanet provides an additional option of setting comprehensive bandwidth throttling on these machines. This feature can reduce overall available bandwidth by 10 to 30 percent, helping to control network traffic as well as a Transmitter's overall CPU utilization.

Although actively controlling bandwidth is useful, reducing the amount of data that the servers and clients need to exchange is equally important. All the products use data compression, but they differ in their ability to work with the package at the source-file level rather than only at the package level. If a product compresses an application's source files individually rather than all together, the product can download only necessary files. All the products except eXpress, with its single executable, support working with individual files to some extent. eXpress does let you create an event that installs an .msi package from a remote share so that you can selectively install files to the extent that the package allows.

TS.Ready, netDeploy Global, and Castanet all use a similar method to ensure that they download only necessary files during update and patch installation. TS.Ready checks the individual files of an application against a coherency database. netDeploy Global and Castanet check files against an Open Software Description (OSD) file. (OSD, a standard for describing the details of application packages to be distributed over the Web, has been submitted to the World Wide Web Consortium—W3C—as an open standard, but its status is stalled.) The virtue of the OSD format is that OSD files are relatively small but contain enough detail to let products that use the format assess the state of any application they install. As I mentioned earlier, Castanet checks files at the byte level and updates only changed bytes (rather than entire changed files).

Multicasting, which transmits to multiple targets at once to make efficient use of network bandwidth, is widely used in cloning products, but none of the products I tested exploit it for application deployment. In my test network, traffic on my switched 100Mbps network segments slowed to a crawl when I deployed Office 2000 to more than seven clients at the same time. Although I was sending the clients identical data, each client had its own unicast session. A multicast session would have generated much less traffic. I asked each of the five vendors about multicast technology, and several hinted at developments in that area. The folks at Tally Systems said that the 4.0 release of TS.Ready, which should be available by the time you read this, would support multicasting.

Scalability directly affects bandwidth usage. A product that scales well spreads the workload evenly as an organization expands; the product should also continue to be manageable. Although I couldn't simulate the large, dispersed environments that IT departments routinely wrestle with, I added a couple of subnets with slow links on my test network and deployed Office 2000 to the clients on the subnets. I found that all five products had scalability features that I could exploit in my test environment, but some of the products scaled better than others.

The architecture diagrams in Figures 2 through 6 give you an idea of how each product scales. To control network load, especially across slower links, each product has a method for creating and maintaining distribution points that keeps the packages close to the end users who need them. Keeping the distribution points current is the main scalability challenge in a large and dispersed environment.

In such an environment, the three-tier solutions that Castanet and netDeploy Global offer provide the greatest amount of scalability with the least hassle. TS.Ready is also well suited to a large, dispersed environment, thanks to its intelligent bandwidth management. WinINSTALL and eXpress also provide scalable architectures, but using them in very large environments could quickly become challenging, especially in a locked-down environment in which users are strictly dependent on the IT staff to maintain and deploy applications in a timely fashion. Nevertheless, the WinINSTALL or eXpress architecture would be ideal in many environments.

The special needs of mobile users are also a big concern for many organizations in which telecommuters are swelling the ranks of the more traditional mobile workforce. Keeping applications up-to-date on intermittently connected laptops is a major challenge. The products that offer granular bandwidth control are well suited to getting moderate-sized packages out to mobile users without disrupting the users' usual communications, but large applications still pose a problem. Storing large packages on a CD-ROM so that users can update as they have time is a reasonable answer in many instances. eXpress and WinINSTALL are both well suited to this approach because their package format is relatively uncomplicated and in most cases doesn't require an installed client.

You can configure two of the other three products to load packages from a CD-ROM, but the configuration might be more complicated than eXpress's configuration. Castanet's channels work nicely on a CD-ROM, whether the end user chooses an application from the Tuner menu or the Tuner periodically checks the CD-ROM for updates. (The latter case assumes that an administrator periodically issues the user an up-to-date CD-ROM and that the user leaves this CD-ROM in the drive or is prompted to insert it.) netDeploy Global also extends its source locations to include a CD-ROM. TS.Ready didn't have CD-ROM functionality at the time of my tests, but the Tally Systems engineers informed me that it would be available in the 4.0 release.

Transacted downloading is another helpful technology for mobile users. When this functionality is combined with bandwidth control, mobile users can continue to work online uninterrupted while a package trickles out to their laptops. When they disconnect, the download pauses at a checkpoint. The next time they connect, the download resumes where it left off. This resumption is known as a checkpoint restart. In this fashion, large packages can be distributed to mobile clients over a number of days and be launched when the distribution is finally completed. All the products I tested except WinINSTALL support checkpoint restarts.

One of the first steps in deploying any application-deployment product is rolling out the client software to your workstations. This situation raises the old chicken-and-egg dilemma—you need a deployment tool to deploy your deployment tool. eXpress and WinINSTALL both come with the ability to deploy their Win32 clients. The eXpress Remote Client Installer is a good tool for configuring and deploying the eXpress client. The tool is simple to use and, like the NT Service Center in WinINSTALL, which Figure 8 shows, relies on the Microsoft browse list to locate potential targets. Castanet provides a bootstrap program that you can access from a Web page to download the Tuner to clients, and you can use an AD Group Policy to install the netDeploy Global client .msi package. For TS.Ready, you must rely on the creative methods you've used in the past to roll out software.

Good reporting tools can make an administrator's job much easier. For application deployment and management, you need two types of information stored in an open format: accurate inventory and detailed logging.

Hardware and software inventory collection is typically associated with asset management, but an inventory also has great value to administrators who must assess needs and plan rollouts (not to mention the inventory's value to Help desk staff). If an application-deployment product's collection tools are good enough, you might be able to leverage them for asset-management functions.

All the clients I tested, with the exception of WinINSTALL's, perform some sort of regular inventory collection. Common sources for harvesting software and hardware data are the client's registry, its BIOS, and the file-version resource data from the executables on the hard disk. The four products that collect inventory information let you store the results in an open database that you can run reports against.

netDeploy Global uses a SQL Server 7.0 database out of the box and provides several preconfigured reports to aid your searches. Castanet supports Oracle, Sybase, or SQL Server 7.0 out of the box, has a built-in Inventory Manager channel that you can use to browse the database, and provides Crystal Reports as a built-in reporting tool. eXpress also supports SQL Server 7.0 and provides an inventory GUI; you can right-click on a machine icon and choose Properties to browse the inventory of an individual client. TS.Ready uses its well-developed TS.Census client to collect hardware and software information from client machines. The client gathers inventory data collected from the same sources as the others, plus Desktop Management Interface (DMI) information. TS.Ready is unique in that it uses proprietary fingerprint files that Tally Systems updates monthly. These fingerprint files act as filters on the front end of inventory collection that use unique criteria to accurately identify files. The result is an impressive report, which I found more accurate and readable than the sketchy version-resource data that executable files provide.

All the products I tested regularly collect logging information from their clients. WinINSTALL tracks installation in the registry and uploads the tracking information to the database along with event log data. eXpress has options for storing detailed log information on each client and tracks less detailed information in its server database. netDeploy Global and Castanet log data in XML format and pass it to a server, which interprets it and adds it to a database. TS.Ready uses standard log files and, like most of the other products, offers multiple logging levels to control the data flow.

Ultimately, you must develop your own reports to gather the information most pertinent to your organization. With the exception of WinINSTALL, which doesn't collect inventory data, each product gathers inventory and logs events in its own way. All the products provide decent diagnostic information that's crucial for determining the status of your application-deployment efforts.

The Bottom Line
The good news for organizations looking for an application deployment and management solution is that the glaring needs in this sector have spawned a variety of solutions from numerous vendors. All of the products I looked at have particular strengths that lend themselves to different environments.

Castanet has many features that make it well suited for a dispersed enterprise environment. Castanet's multi-tier architecture offers several choices for bandwidth-controlled package distribution to remote locations. The software's ability to transmit only the changed bytes of files is unique and enhances the product's ability to reduce network bandwidth consumption. Castanet supports several UNIX platforms along with its Windows offerings, so it can work in heterogeneous environments. Because Castanet uses standard Web protocols to communicate between its servers and clients, it integrates into existing network infrastructures with few modifications. On the downside, Castanet is expensive compared with the other products that I examined. For organizations that require all of Castanet's functionality, however, the ROI might justify the price.

After using eXpress for a few weeks in the Lab, I considered it a good tool for small and midsized organizations with Windows platforms. Although eXpress lets you deploy multiple eXpress servers that help it scale, its use of standard TCP ports and lack of bandwidth control could make management and replication more difficult than the other products do across a widely dispersed enterprise. Nonetheless, eXpress has many attributes that make it a good value. eXpress installation packages are simple, self-executing files that are easy to create and highly portable. Thus, administrators don't necessarily have to worry about client software as long as they can get packages to the client. Although eXpress doesn't have some of the advanced features of higher-end products, at $50 per seat, it's an economical option for organizations that don't require a lot of bells and whistles and that can use the cloning and desktop-migration utilities that the eXpress suite includes.

If you're currently using AD or plan to migrate to AD in the near future, I recommend that you take a hard look at netDeploy Global. NetDeploy Global uses Web protocols, supports a wide range of client platforms, and is highly scalable. Thus, it's well suited for large organizations that have committed to AD. Because netDeploy Global leverages AD for much of its functionality, you can use Group Policy to control and administer the software. This AD-centric approach can centralize and streamline your administrative processes. A bonus is that netDeploy Global starts at a competitive $100 per seat. Unfortunately, netDeploy Global doesn't have the same appeal for organizations that don't intend to migrate to AD.

TS.Ready is also well suited for large environments because of its scalable architecture. At $110 per seat, this product is in the middle of the pack in terms of cost and could be the right choice for organizations that need scalability, bandwidth control, and multiple-platform support. With its advanced inventory solution and remote control capabilities, TS.Ready could serve as a Help desk solution for some organizations. However, because TS.Ready uses standard TCP ports for communication, deploying it in a large, dispersed environment requires additional planning and configuration.

At $29 per seat, WinINSTALL comes in as the lowest-cost solution of the five I looked at. As such, it's very competitive for small-to-midsized installations and might even suit the needs of some large organizations, if their administrators don't mind tweaking it a bit. WinINSTALL's architecture is simple, but it could get unwieldy in large, dispersed environments. One of WinINSTALL's main attributes, however, is that it's easy to use. This product would be particularly well suited for organizations that have a fairly savvy user base that can initiate events or respond appropriately to options. Because WinINSTALL doesn't include any built-in bandwidth control, administrators will need to do some extra work to accommodate mobile users.

The challenge in choosing the right application-deployment solution for your environment lies in thoroughly assessing your needs, then finding the product best able to meet those needs. Although the five products I assessed are only a sample of the available solutions, you can use the same criteria I used to judge how other products measure up. Functionality, usability, scalability, and cost are usually the primary considerations, but your checklist should reflect the requirements of your unique environment.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.