Symantec recently announced their Endpoint Management Strategy and Release 7.1 of the Altiris product. 

Managing the software patch level and software licenses on desktops, laptops, and mobile devices is a significant workload for organizations.  This work is essential to protect the devices, the information that they contain and to comply with licensing and other matters.  However it does not, in itself, add organizational value.

This kind of management is technically very challenging and needs sophisticated tools to meet these challenges.  According to DHL’s Jan Trnka Global Altiris Architect, End User Services, DHL has around 100,000 laptops and desktops that need to be managed, and these are located in every country where DHL provides delivery services.  That is in virtually every country in the world!  Many of these devices are connected over low bandwidth networks and distributing software patches needs to be carefully planned and controlled.  According to Mr Trnka, DHL have successfully used Symantec’s Altiris Client Management software for this task for some years.

Some organizations are looking to avoid these complexities by moving to virtual workspaces – where the software is delivered to the point of use on demand.  In 2008 Symantec acquired AppStream – a company providing technology for optimizing the delivery of applications through the various virtual workspace environments.   This does not avoid the need for management but reduces the need to manage the individual endpoints.   However in the IT world – new technologies are always added on top of what already is deployed.  So, according to Symantec, the integration of the management of virtual workspaces with that of physical ones is needed.  This integration is one of their key visions.

Following this theme – Symantec see the next growth area as being the management of mobile devices.  These are becoming ubiquitous and their use as personal and enterprise devices is often blurred.  Symantec used as an example the a large US financial institution; this is using the Symantec platform and VeriSign components to provide secure banking from these devices including banking a cheque based on a photo of the cheque taken by the device!  Therefore, Symantec’s vision is to evolve their endpoint management and security products to encompass mobile devices as well as servers, desktops and laptops.

What about identity management?  The content of a desktop, laptop or mobile device depends heavily upon the identity of the user and the role that they perform.  For mobile devices - the service for that device needs to be provisioned when the user joins the organization and de-provisioned when the user leaves.  So it is no surprise that the Symantec Service Desk - which has become work-flow centric - is claimed to have been extended to solve problems like  user onboarding and offboarding and elimination of "ghost accounts" in AD.   This looks more like creep into the provisioning product space than real management of digital identities.

Clearly Symantec have a mature product set for managing endpoints and a clear strategy of how this will evolve to meet the challenges of virtualization and mobility Although Symantec is well known for its desktop security software, notably the Norton Range of products, its product range has evolved over time and this evolution is the key to its success.   Since 2000 Symantec acquired VERITAS and Altiris extending its product range to include storage and endpoint management tools.  More recently it added the VeriSign security business:  this includes the Secure Sockets Layer Certificate Services, the Public Key Infrastructure Services, the VeriSign Trust Services and the VeriSign Identity Protection (VIP) Authentication Service.  Symantec’s vision for the management of virtual workspaces and mobile devices represents another step in its continuing evolution.   Ultimately, the test of this vision will be in its execution.