?The user-friendly tool for cost-effective and legitimate software asset management.?
For the development and long-term sustenance of effective software management IPR-Insights suggests using a license-audit and registry system.
The SAM-Insights system
Computers and software are essential tools for companies. Their procurement, maintenance, and development are important budget items, and they also influence the efficiency of the employees, their work, and, eventually, the performance of the organization as a whole.
The sheer value of software-related spending alone makes Software Asset Management a strategic area, while regulatory and legal compliance are also paramount for today?s enterprises.
True management of software assets requires up-to-date information on actual software usage, and accurate supporting documentation including license agreements, related invoices, as well as standards for software asset accounting and procurement. Regulatory and licensing compliance result from the successful practice of the above areas, leading to risk-free operation of the company.
As software are developed to be more and more user-friendly, they also become increasingly complex. This, combined with the extreme speed of new software developments, also makes record-keeping of software and hardware products more and more challenging.
Efficient software asset management requires, above all, the knowledge of the types and quantities of software used at the company by vendor, product, version, et cetera. This detailed installation data is the foundation for both screenings against existing software licenses to review compliance and to identify unwanted software usage for IT security.
These results serve as the foundation for attaining and compliance. Maintaining it requires further regular audits to be performed from time to time. Our license audit and software registry system supports this activity.
A typical asset inventory solution is designed to keep track of traditional hardware assets (e.g. computer hardware components), and not to record and apply intangible rights to use, like software licenses. A software license is, in fact, the permission by the copyright owner (the manufacturer of the software) enabling the user to use their software product (the intellectual property), under the terms and conditions set forth in the applicable agreement.
Owing to the vastly different requirements of users and applicability of software, even one particular piece of software can be obtained in various licensing models so that users may choose the model that best fits their preferences. It is also possible to obtain the right to use future versions (upgrades). A further challenge in administration and correct application of use rights for previous versions (downgrades) or, in case of some products, lesser editions of the same product.
The SAM-Insights software asset management system was created by our dedicated professionals with many years of experience in the field of software licensing and software asset management audits. Our product is unique on the market in its ability to address the complexity of licensing, making it easy for our customers to both collect software and hardware data from workstations and servers and to administer and automatically assign licenses in enterprise environments.
SAM-Insights Core System
SAM-Insights is a modular system and its modules support various segments of software asset management. (Some modules provide functionalities covered by the SAM-Insights license, but implemented only upon request and for an additional fee.)
SAM-Insights Additional Modules
There are also optional modules available for an additional charge. These modules provide extra functionality for the SAM-Insights system:
- Advanced Central Data Collector (ACDC)
- Breach Mail (BMail)
- Metering Mail (MMail) ? under development
- SAM-Insights Software Request Module
- Software Catalog (SWCat)
- ORCA for SAM-Insights (Oracle Compliance Analyzer)
For more information please download THE SAM-INSIGHTS PRODUCT SHEET!
Non-scannable licensing data
From software asset management and licensing point of view, not only complex server environments, complicated infrastructure, or parallel application of cloud and traditional solutions may be challenging, but often, defining the license need of the apparently easier client-side products, too. Compliance of non-installation based usage requires particular attention when exact definition of software usage requires getting several data that cannot be determined by scanning workstations and servers. These cases may include:
- metrics of products with non-installation based licensing (e.g. number of users),
- the list of activated modules of a product (e.g. Oracle Database options), moreover
- server accesses without installed components (e.g. Microsoft Core CAL).
Often, it is not clear what type of data we need – that is, who or ‘what’ is a user from licensing point of view! Regular registry and update of usage data can also be difficult. The exact license need can only be defined in the possession of all product licensing information, upon thorough study and understanding of EULA, and analysis of usage data.
These cases share the trait that data can be obtained from a certain source, but the methods are individual, and earlier could be done only manually. With the help of a proper SAM application collecting and recording data can be automated, eliminating the need for human intervention.
New ACDC Module with Unique Functionality
ACDC, the Advanced Central Data Collector module of SAM-Insights performs the automated collection of these type of data, and automatically records them in the database of SAM-Insights, where the core system can register and handle them as Non-Installation Based Usage (NIBU). ACDC makes data collection and regular update automated, substituting manual work, and human intervention. By means of ACDC, professionals, and application owners responsible for regular inspection of software usage can focus on the optimization of their license-stock instead of data collection.
The key components of ACDC the DCPs (Data Collector Plugins). All of them query certain data from certain system. DCPs encompass the unique logic needed for the non-uniform queries from individual systems.
You can find the current list of available DCPs at the end of this document. The list is expanding, so automated query of an increasing number of systems are available. We also develop new DCPs upon individual client requests, so that the assessment of their critical, or even custom developed systems can be quickly automated.
Query Engine is responsible for the control of DCPs that is, querying data from external systems. Evaluation Engine receives and processes data provided by DCPs, then stores them as NIBU data of the relevant SAM-Insights sub-system.
Data collected by ACDC system can be displayed on a web interface (Data Viewer), and even modified with appropriate permissions (Data Editor).
The operation of DCPs requires the availability of the data source, and the proper permission granted. Its parameters can be set through the web interface (DCP Config), and also, each DCPs can be configured here (DCP Admin).
For further information, and the list of current and scheduled data collector plugins (DCPs), ase download the product sheet of ACDC module.
Breach Mail (BMail)
BMail application checks prohibited software usage, and sends notifications via email messages. SAM-Insights report generator provides data source, and the layout of the documents is editable by a fully equipped third party editor based on html language and css descriptors.
Levels of notification can be adjusted to three levels (user, manager1, manager2) of software usage breach.
Metering Mail (MMail)
Software usage monitoring is one of the key features of SAM-Insights. This service is able to monitor actual software usage (as opposed to installed products) and collect such data from computers. The service can be run in the background to ensure undisturbed work.
The MMail module can send notifications regarding the frequency of software usage measured on certain clients, and installations identified as not in use. Thus, removal of unnecessary applications from reported clients can be regularly considered.
(SAM-Insights MMail module is in development phase.)
SAM-Insights Software Request Module
By the optional web-based Self Service software request module, users can raise software request tickets using the local intranet. The ticket passes through a specified workflow path, which may include the user’s manager, the security officer, and the dedicated SAM personnel as well.
Upon approval of the request, license dedication is made in the SAM-Insights database between the requested software’s license, and the user.
The application checks the number of free licenses, the company’s software allowance list (whether the given software is supported, tolerated or forbidden at the company), and even may start the installation.
Software Catalog (SWCat)
The SAM-Insights Software Catalog module gives the means to assign corporate level classification to certain software versions.
This classification may include categorization (forbidden and approved software version) or other specifications (e.g. operational ones). The goal of categorization is implementing operational and security aspects in software usage, and homogenizing the software park by unified version usage.
Prior to launching the Software Catalog, classification categories should be defined, and descriptions of categorization principles attached.
A szoftverkatalógus bevezetését megelőzően ki kell dolgozni a minősítési kategóriákat, és azokhoz olyan leírást kell fűzni, ami a kategorizálás egységes elveit bemutatja.
Specialties of Oracle audits
The audit of Oracle Database products is different from that of software products identified upon installation files: first, license need is not solely defined by installed functions, but internal configurations, and hardware environment are also calculated. Moreover, they are typically used in a Linux or UNIX environment.
The intensive audit activity of Oracle, and – based on most users’ opinion – its opaque license terms carry considerable financial risk in case of non-compliant usage. At the same time, Oracle licenses may make up a significant part of software assets in a corporate environment, so there is a significant demand for supporting and automating software asset management tasks.
ORCA for SAM-Insights tool
The ORCA tool was configured and developed based on the specialties described above and is offered from 30-50 Oracle DB servers as an individual solution or integrated with SAM-Insights Core System.
ORCA for SAM-Insights provides a solution for the unique specialties of the vendor’s Database products and facilitates the contractual identification of usage.
Oracle audit process
After defining the scopes of audit, data collection is carried out by scripts. Automatic evaluation of script-outputs shows which components of the certain product are switched on and in use.
Based on the extracted usage and hardware data, and also upon mapping the virtualization environment, the system defines usage to be licensed.
The tool supports processing license needs and per server usage data extracted from Oracle audits, and based on them, determining compliance. It assists in creating a clear view of Oracle Database usage, and preparing plans for license optimization and reducing under licensing.
As an independent tool
In ORCA for SAM-Insights as an independent tool (not integrated with SAM-Insights core system,) data extracted during data collection are available in the form of reports. Comparing them with licenses, and preparing the optimal license assignment is the task of the licensing consultant.
For this purpose on demand, SAM-Insights core system is available in the form of a project license, too.
As a SAM-Insights module
The tool integrated with SAM-Insights core system transfers license need detected and per server usage data through an interface to the core system, where results are registered.
Due to the specific licensing rules of Oracle, licenses purchased usually are subject to different rules. Therefore, comparing usage and licenses remains a consultant job.
In compliance statements, commonly used improper method is the full application of current rules on the environment. The contractual method we apply is more accurate and may result in a more favorable compliance state.
Results of the audit
ORCA for SAM-Insights makes software usage visible. As a result:
- operators will be aware of usage to be licensed related to their databases,
- license manager will see license need based on usage,
- relying on the results, IT management will get the opportunity of managing Oracle license assets instead of following pure risk-averse strategy.
Based on the accurate information, and with the help of our consultants, audit risks and the ways to settle them by licensing methods can be discovered. Audit data provides a basis to begin license optimization based on usage and infrastructure, in order to decrease operational and investment costs.
FOR MORE INFORMATION PLEASE DOWNLOAD THE ORCA PRODUCT SHEET!