Dell KACE K2000 Series Deployment Appliance Architecture

Harnessing the power of the appliance to revolutionize systems deployment

Table of Contents
Table of Contents ...................................................................................................................................... 2 1.0 Introduction ......................................................................................................................................... 3 2.0 Integrated Through and Through .................................................................................................... 3 2.1 A Strong Foundation: The Platform Layer ..................................................................................4 2.2 Built-in Reliability: The Management Services Layer ...............................................................6 2.3 Precise Control and Usability: The Application Services Layer .............................................. 7 2.3.1 Provisioning Made Easy........................................................................................................... 7 2.3.2 Deployment Control and Reliability ..................................................................................... 9 3.0 Conclusion ......................................................................................................................................... 12 Dell KACE Corporate Background ....................................................................................................... 13

Copyright 2010 KACE Networks/Resolutions Enterprises Ltd., Inc. All rights reserved.

1.0 Introduction
Organizations regardless of size or industry roll out business applications to the workforce. These applications and their supporting operating systems must be regularly updated and managed, often with limited teams of IT professionals. These same limited teams support a wider range of hardware platforms than ever before. In response to these challenges, some organizations turned to traditional, enterprise software IT deployment and management solutions. However, the cost and complexity of deploying and maintaining these solutions often puts them out of reach. For instance, traditional enterprise software solutions require hardware procurement and configuration, as well as software installation, integration and customization. In fact, they are so complex most traditional software vendors recommend weeks or months of expensive professional services to deploy their solutions. Additionally, hidden software and hardware prerequisites can drive up the true ownership cost of traditional solutions. Due to this cost and complexity, many organizations turned to point imaging solutions that offer lower price points at the expense of functionality. For instance, they cannot automate the build-out of reference systems (gold masters) nor do they offer remote provisioning. While point disk imaging tools offer improved efficiency, they do not fully automate deployment and save organizations the time and effort that full systems deployment tools can provide. The K2000 Series Deployment Appliances by Dell KACE breaks down these cost and complexity barriers and brings affordable, end-to-end systems provisioning to organizations of all sizes by utilizing an Appliance-based architecture. Appliances deliver a complete, pre-integrated bundle of operating environment and application software via a dedicated server appliance. They can be plugged into an existing network and immediately begin functioning. Appliance-based architectures eliminate many of the complexities and costs of traditional software solutions such as hardware procurement, and software installation and integration. At the same time, appliances provide exceptional performance, reliability, and control through a purpose-built solution that is pre-tuned, hardened and self-healing. This paper describes how the K2000 Appliance-based architecture provides a centralized, networkcentric deployment solution that is both extremely robust and highly affordable.

2.0 Integrated Through and Through

The K2000 is a complete solution that is fully integrated from metal to function. This deep integration of hardware, operating environment, and application functionality is one of the key factors that enable Appliance-based architectures to provide the highest performance, reliability and usability. The 3 integrated layers of the K2000 include: A hardware (physical or virtual) and software base platform layer A common management services layer An application services layer Each layer has been designed to work exclusively with, and leverage the purpose-built services of its adjacent layers to maximize the performance and reliability of the total solution.

Copyright 2010 Dell KACE. All rights reserved.

2.1 A Strong Foundation: The Platform Layer

The hardware and software platform layer provides a high performing, reliable and secure foundation for the management and application services layers. K2000 appliances are offered as both physical and virtual appliances and thus the hardware platform can consist of either physical or virtual hardware. Virtual K2000 (VK2000) appliances are deployed directly on VMware Virtual Infrastructure. This allows organizations that have invested in Virtual Infrastructure to quickly deploy VK2000 appliances to existing servers. It also allows organizations to easily move the VK2000 to different servers or adjust the amount of memory or processor assigned to the VK2000 to meet the changing needs of their environment. Organizations can also leverage the built-in high availability and backup capabilities of VMware to improve performance and reliability.

Copyright 2010 Dell KACE. All rights reserved.

The hardware platform of the physical K2000 appliance is comprised of a 1U rack-mountable server with Intel processor(s), dual gigabit Ethernet ports, and hard disks in a RAID configuration. This hardware configuration provides excellent reliability and performance through hardware redundancy and automatic failover. The software platform is composed of mature, open source-based infrastructure components that provide a secure, stable and cost effective computing environment. Open source components allow the operating environment to be precisely tuned to optimize the management and application layer functionality of the K2000. These components can also be tightly controlled to provide a secure, hardened environment that only runs services that are necessary for the K2000 management and application layers. This eliminates security vulnerabilities that can exist if unnecessary platform services are running. Finally, open source components help keep the cost of the K2000 low by eliminating the need for expensive commercial operating system licenses. The K2000 software platform components include: FreeBSD used as the operating system and specifically chosen because it is well known for excellent security and stability. FreeBSD is specifically configured to run only the services necessary for K2000, providing a hardened environment and eliminating a common source of vulnerabilities and instability. Apache HTTP Server (Apache) used as the web server for the K2000 administrative console. In addition, it provides standard, secure and reliable communication services to target systems. Apache, as the most widely deployed web server on the Internet, is a reliable and high performance engine for the K2000 user interface and communications infrastructure. MySQL database used for application data collection and reporting. MySQL provides outstanding performance, and is configured to maximize the performance and reliability of the management and application services layers of the K2000. The standard SQL interface allows easy access for extensible reporting. KACE includes a commercial MySQL license for each K2000. Samba provides a robust and proven Windows file server for the K2000. Samba allows the K2000 Deployment Appliance to reliably execute provisioning tasks on a wide range of Windows systems remotely over the network. The Samba implementation in the K2000 has been tuned to provide maximum performance, reliability and security for systems deployment. Open source-based technologies provide the additional benefit of constant evolution and widespread support. The new features and functionality constantly being released by the active open source community can be used to enhance the K2000 operating environment. The hardware and software components of the platform layer provide a strong foundation for the management and applications services layers of the K2000. This function-specific design is a key advantage of Appliance-based architectures in general, and for the K2000 specifically, enabling delivery of superior performance and reliability.

Copyright 2010 Dell KACE. All rights reserved.

2.2 Built-in Reliability: The Management Services Layer

The K2000 management services layer provides high availability through tight integration to the platform layer, built-in backup and recovery, and automated maintenance and self-healing. The management services layer also speeds implementation through plug-and-play deployment and a built-in DHCP server.

Native backup and recovery

High availability and reliable performance require effective implementation of failover, backup and recovery. Unlike traditional software solutions where this critical task is left up to the organization to implement, the K2000 features built-in failover, and backup and recovery. This provides high reliability and fault tolerance, and also reduces the maintenance costs of the K2000. Each K2000 includes a RAID configuration to provide hardware-based redundancy and automatic failover in the event of disk failure. In addition, administrators can regularly create backups of the K2000 database, as well as any software assets that have been uploaded to the K2000, to an off board location. These backup packages are used to restore the K2000 in the event of data loss or during an upgrade or migration to new hardware, and are also an effective way to synchronize software assets with K2000s in remote offices. This off-board backup capability also allows organizations to secure their data in a separate physical location to aid in disaster recovery. K2000 hard drives are hot swappable, ensuring interruption-free operation even when replacing failed hardware.

Automated maintenance and self-healing

Regularly scheduled maintenance is a key component for ensuring high performance and reliability. Instead of depending on administrators to perform maintenance manually, the K2000 provides automated nightly maintenance and self-healing. This guarantees that regular maintenance is conducted and also reduces administrative costs. Each evening the K2000 verifies the health of all systems and conducts regular maintenance on its hardware, storage, and security components. The results of the maintenance and health checks are reported to administrators in a nightly e-mail. To further increase reliability and decrease administrative overhead, the K2000 can automate its own system and security updates. Each evening the K2000 checks into KACE.com for any updates to K2000 software. The administrator is notified if any updates are found, and they are automatically downloaded and applied. These updates include not only application layer updates and patches, but also management and platform layer (OS, Database, and Web Server) updates. Administrators no longer have to patch and update each solution component independently. To simplify and accelerate technical support, the K2000 reports support related logs to KACE for analysis and data warehousing.

Copyright 2010 Dell KACE. All rights reserved.

Plug-and-play deployment
The management services layer provides rapid implementation through plug-and-play deployment and integrated network components such as an on-board DHCP server. This results DELL KACE in dramatically lower deployment costs than traditional software solutions that often require months of complex and time consuming deployment as well as paid professional services. Plug-and-play deployment allows organizations to simply connect the K2000 to their network and immediately begin provisioning systems. No software installation or integration is required because the K2000 management services layer seamlessly integrates the platform layer to the pre-installed application services layer. The K2000 also includes its own integrated DHCP server which speeds deployment for those organizations that do wish to utilize their existing DHCP servers for provisioning tasks. Lastly, the K2000 directly manages all PXE requests eliminating the cost and complexity of requiring stand alone PXE servers. In summary the management services layer is unique to Appliance-based architectures, and requires close integration to the platform layer. This layer enables the delivery of services such as efficient remote site provisioning, native backup and recovery, automated maintenance, and plug-and-play deployment. Unmatched reliability, ease of deployment, and low maintenance costs are the result of these function-specific capabilities and thorough platform integration.

2.3 Precise Control and Usability: The Application Services Layer

The application services layer provides a comprehensive set of centralized deployment functionality, and provides an easy-to-use interface for remotely provisioning systems over the network. The application services layer is built on top of and utilizes the management services and platform layers to maximize usability, control and deployment reliability.

2.3.1 Provisioning Made Easy

Intuitive graphical user interfaces
The K2000 Deployment Console is the web-based administrative interface that provides a unified and intuitive interface to all K2000 Deployment Appliance functionality. This easy-to-use interface keeps training time to an absolute minimum, provides for quick deployment, and enables technicians of all levels to administer the K2000. Full integration further reduces costs and improves ease-of-use by giving administrators a single unified interface for all deployment functions. For example, an administrator can use this single interface to build a reference system using network OS installation,

Copyright 2010 Dell KACE. All rights reserved.

capture and deploy this gold master image, and perform recovery tasks on any systems that fail to deploy properly. System Recovery in particular is greatly simplified via two bundled recovery environments that both feature intuitive graphical user interfaces. The first recovery environment, KACE Preinstallation Environment (KPE), is a customized Windows PE-based environment that allows administrators to execute a wide range of recovery tasks such as adding, deleting, or modifying files, editing registry settings, starting or stopping services, and repairing the master boot record. Access to this wide range of recovery capabilities via a point and click interface makes it easy for administrators of all levels to effectively recover corrupted systems. The second bundled environment, KNOPPIX, provides an alternative GUI-based environment for recovering corrupted Windows systems, and also provides recovery for Linux systems. KNOPPIX is the pre-installation environment used for NTFS optimized imaging of Windows machines, and sectorbased imaging of both Windows and Linux machines. Organizations can also import and utilize their own customized recovery environments from the K2000. This easy to access support for an extremely wide range of recovery environments means administrators of all levels can quickly recover almost any system, in any condition on their network.

Agentless deployment
Agentless deployment makes deploying and administering the K2000 extremely easy. Unlike traditional provisioning solutions, no agents need to be deployed and maintained. Instead all deployments from the K2000 can be executed over the network from the centralized K2000 deployment library. Agentless deployment reduces provisioning complexity, and also improves deployment efficiency and reliability, by ensuring that all deployments can be conducted remotely from a centralized, trusted library. The K2000 agentless, network-based architecture utilizes PXE standards to provision any LAN connected x86-based system. When PXE enabled systems boot, their local DHCP server directs them to network boot from the K2000 instead of from their local hard drive. These systems appear as available for deployment tasks in the K2000 deployment console, and administrators can immediately schedule provisioning tasks such a capturing or deploying an image. Administrators can also manually add systems to the K2000 via their MAC addresses before systems have booted from the K2000, so that provisioning tasks can be scheduled for initial boot to the K2000. These agentless capabilities not only reduce initial deployment costs, but also reoccurring maintenance costs since no agent maintenance nor updates are required.

Copyright 2010 Dell KACE. All rights reserved.

Automated provisioning
The K2000 provides breakthrough ease of use for the provisioning of one-off systems with network OS installation. First, the K2000 deployment console contains an intuitive wizard for rapidly creating network OS installations, and for deploying applications, files and scripts. The K2000 architecture radically simplifies network OS installation by automatically determining and installing the correct drivers for target systems, and automating the installation of applications. This enables the automated deployment of any hardware and software configuration, thus improving IT efficiency and flexibility by completely eliminating the need to manually build systems. Furthermore, K2000 network OS installation can deploy systems in a completely remote and unattended fashion, reducing desk visits and improving IT efficiency.

Secure access
A unified interface the K2000 deployment console provides robust security with a single point of entry into the entire solution from platform through to application level functionality. The environment is hardened and tamper-proof by eliminating the vulnerabilities that can occur when independent interfaces are available for platform and management services such as the operating system and database. Intuitive web-based interfaces, agent-less deployment, innovative automation and secure access bring new levels of ease of use to systems provisioning. Now administrators of all levels can save time and reduce errors through automated, remote provisioning of any system on their network.

2.3.2 Deployment Control and Reliability

Centralized, network-based deployment
The K2000 agentless PXE-based architecture allows all deployment activities to be executed remotely over local area and wide area networks from an integrated deployment library. This not only reduces deployment time and costs, but also improves provisioning reliability and control by ensuring that the correct image is always deployed to each target system. No longer do administrators need to fumble with DVDs and CDs trying to determine if they contain the correct image or not. The K2000 deployment library contains all images, network OS installation, drivers, recovery environments, applications, files, configuration tools, and pre and post deployment scripts.

Copyright 2010 Dell KACE. All rights reserved.

Administrators manage this extensive library via the K2000s intuitive web-based console. Administrators can directly load media to the library such as operating systems and applications, as well as configuration tools such as BIOS and RAID utilities. They can also use the deployment console to create network OS installations, capture disk images and assemble full deployment packages including pre and post deployment scripts and applications. This extensive and integrated library improves reliability and efficiency by storing and automatically cataloging all assets required for deployment. Once the deployment packages have been assembled, administrators can locally or remotely deploy the packages from the centralized K2000 deployment library. Packages are built around an image or network OS installation and include pre-deployment tasks such as BIOS, RAID and disk configuration, and post deployment tasks such as network configuration, user migration and application installation. Packages can be remotely deployed to any network connected system from the administrative console, or locally from a boot menu dynamically generated from the K2000.

Remote site management

With the increasing reality of multiple, remote sites within growing organizations, the ability to deploy systems from a central location is critical to reducing the time and cost associated with managing systems at these sites.

K2000 Virtual Remote Appliances allow a single centralized K2000 Deployment Appliance to stage and deploy disk images, network OS installs, drivers and applications to remote sites without the need for dedicated hardware or personnel at remote facilities. While the centralized K2000 Deployment Appliance drives remote deployments, the Virtual Remote Appliance serves as the deployment engine residing on the remote network for performance benefits and minimizing latency by communicating with the headquarter network only for synchronization purposes. This approach allows K2000 to offer the ease and consistency of centralized deployment with the speed of local provisioning. Key capabilities of the K2000 remote site architecture include:

Fast setup and easy administration A single MSI downloadable from the K2000 allows for the installation of both the virtualization software and the remote site image. The K2000 bundles the Virtual Appliance infrastructure, eliminating any prerequisite for virtualization infrastructure. Administrators can easily configure

10

Copyright 2010 Dell KACE. All rights reserved.

which deployment assets should be cached at each remote site, as well as the synchronization schedule. The K2000s synchronization technology allows remote site deployment assets to be updated automatically so that they stay consistent with those on the headquarter network. Easy setup and administration reduce the time and effort required to provision remote systems.

Agentless deployment Since remote machines can network boot into the K2000 Preinstallation Environment (KPE) provided by the virtual remote appliance, they can utilize the same deployment functionality as local machinesimaging, network OS installation, and recovery without the deployment and maintenance costs associated with agent-based approaches Caching and bandwidth throttling Relevant remote deployment assets are cached on the Virtual Remote Site Appliance that resides on the remote network. This allows for high performance when executing remote site deployments without impacting the wide area network. For networks with bandwidth constraints, users can allocate a maximum amount of bandwidth for the K2000 to use when executing remote site synchronization. Additionally, users can indicate a specific time for the remote site synchronization to take place so that it doesnt occur during a period of high traffic. Lastly, the K2000 only synchronizes changes to the virtual remote appliance, again keeping network impact to a minimum. To provision systems for which network booting may not be a viable option, the K2000 Preinstallation Environment (KPE) can be downloaded to a USB flash drive (KPE USB). KPE USB allows a system to boot into KPE and access the centralized K2000 deployment library for any deployment task. Centralized, network-based deployment provides excellent control and efficiency by effectively organizing all assets in one central library and allowing all deployments to utilize that library as the source for both remote and locally executed deployments.

End-to-end deployment automation

The K2000 Deployment Appliance automates the complete deployment life cycle. This eliminates the costs and errors generated by manual processes or point solutions, significantly improving deployment efficiency and reliability. The K2000 core deployment functionality includes network OS installation, imaging, migration, inventory, systems recovery, pre and post deployment tasks and an integrated deployment library. For a complete list of application features please see the K2000 Deployment Appliance data sheet. The K2000 pre-installation environment (KPE), as a Windows PE-based environment, provides the platform for automating most pre and post deployment tasks. When booted to KPE the full range of Windows tasks can be executed from the K2000. In addition, third party tools and scripts can be loaded and utilized within KPE such as BIOS and RAID configuration utilities. This provides a powerful environment for automating all pre and post deployment tasks associated with imaging or network OS installation including: Inventory Assessment Domain Joining Sysprep Automation Automated Workstation Naming Service Pack Deployment

11

Copyright 2010 Dell KACE. All rights reserved.

Configuration of RAID and BIOS settings Disk Partitioning Disk Formatting Driver Verification Reporting Installing Master Boot Record Network Configuration User Migration Application Installation Script Execution

The K2000 includes several options for imaging including sector-based full disk imaging, NTFS optimized partition-based imaging and file-based imaging. This complete set of imaging technologies allows the K2000 to support a wide range of platforms and file systems including all Windows and Linux X86 systems, as well as NTFS and FAT file systems. This ensures the K2000 can effectively image any system in your environment.

Smart imaging
KACE file-based imaging, K-imaging, utilizes smart, single instancing technology to significantly reduce the time, bandwidth and storage required to capture and archive disk images. K-imaging works with the K2000 deployment library to determine which files already exist in the K2000 library using checksums, and only copies files from target systems that are unique and do not already exist in the library. Since only unique files are copied during any image capture, this dramatically reduces the time and bandwidth required for disk imaging. In addition, since images share common files in the library the storage requirements are also greatly reduced. K-imaging also allows images to be edited and repurposed across the organization, reducing image maintenance costs. For example, K-images can have files and directories added, removed and modified. This means that as configurations change over time, images can simply be changed instead of spending time and resources building a new reference system and recapturing an updated image. Manual deployment steps add costs, slow the deployment process and add the potential for mistakes, while incorrect or out-of-date images result in failed deployments and extended user downtime. The K2000 reduces costs and improves deployment reliability by completely automating the deployment of all systems over the network from a centralized, integrated deployment library.

3.0 Conclusion
An Appliance-based architecture allows the K2000 to eliminate many of the complexities and costs of traditional enterprise software solutions. During deployment no server hardware needs to be procured or configured, removing considerable cost and effort. In addition, there is no software procurement, installation, integration, tuning or customization required. Simply connect a physical K2000 to a network via an Ethernet cable or deploy a virtual K2000 on Virtual Infrastructure and it immediately begins functioning. An Appliance-based architecture also keeps maintenance costs low. The K2000 is self-healing and performs automatic maintenance on all of its internal systems. This automates many traditionally manual maintenance procedures. This maintenance applies not only to the application layer, but also to the management and platform layers. The K2000 is hardened with all interaction done through a

12

Copyright 2010 Dell KACE. All rights reserved.

web-based console, keeping the K2000 secure and tamper proof. In addition, since K2000 hardware and software are delivered as one integrated unit, IT organizations need only manage a single vendor for support related matters. An Appliance-based architecture not only reduces deployment and maintenance costs but also allows the K2000 to provide breakthrough performance and scalability. The K2000 delivers high levels of performance and reliability through metal to function integration. Lastly, the integrated Web-based user interface, centralized deployment library, agentless architecture, remote site support and comprehensive provisioning capabilities give organizations unprecedented deployment control and reliability, while dramatically reducing the cost and complexity of systems provisioning.

Dell KACE Corporate Background

Dell (NASDAQ: DELL) creates, enhances and integrates technology and services customers count on to provided them reliable, long term value. Dell provides systems management solutions for customers of all sizes and system complexity. The award-winning Dell KACE family of appliances delivers easy-to-use, comprehensive, and affordable systems management capabilities. Dell KACE is headquartered in Mountain View, California. To learn more about Dell KACE and its product offerings, please visit http://www.kace.com or call 1-877-MGMT-DONE. Helpful Links: KACE Systems Management Appliances KACE Systems Deployment Appliances KACE Virtual Appliances

Dell KACE Headquarters 1981 Landings Drive Mountain View, California 94043 (877) MGMT-DONE office for all inquiries (+1) (650) 316-1050 International (650) 649-1806 fax European Sales: emea@kace.com Asia Pacific Sales: apac@kace.com
WPK203.1.11 While every effort is made to ensure the information given is accurate, Dell does not accept liability for any errors or mistakes which may arise. Specifications and other information in this document may be subject to change without notice.

13

Copyright 2010 Dell KACE. All rights reserved.