easyvista technical white paper ezv 2013
DESCRIPTION
EZVTRANSCRIPT
-
EasyVista 2013 Technical White Paper
Last update : May 24th, 2013
-
24/05/2013 EasyVista 2013 Technical White Paper
2
Summary
A. Description ........................................................................................ 6
A.1. Objectives .......................................................................................................... 6
A.2. Prerequisites ..................................................................................................... 6
B. EasyVista Architecture ..................................................................... 6
B.1. Three Tier Architecture ..................................................................................... 6 B.1.1. Objectives ..................................................................................................................................... 6 B.1.2. A gradual way of scaling ............................................................................................................... 6 B.1.3. Licensed users vs Concurrent users ............................................................................................. 6 B.1.4. Scale-up vs Scale-out of the servers ............................................................................................ 7
B.2. How the components are distributed in the architecture ? ........................... 8 B.2.1. Mono server Architecture .............................................................................................................. 8 B.2.2. Multi Server Architecture ............................................................................................................... 9
B.3. 24*7 availability ................................................................................................. 9
B.4. Security of the data transferred on the network ............................................ 9
C. Hardware and system prerequisites ............................................... 9
C.1. System prerequisites ...................................................................................... 10
C.1.1. WEB tiers .................................................................................................................................... 10 C.1.2. APPLICATION tiers .................................................................................................................... 15 C.1.3. DATABASE tiers ......................................................................................................................... 16 C.1.4. WEB browser .............................................................................................................................. 16
C.2. Windows servers ............................................................................................ 17
C.3. Disk space needed .......................................................................................... 18
C.4. EasyVista : sizing for less than 10 users ...................................................... 18 C.4.1. SQL Server 2008 Express or SQL Server 2008 Standard? ....................................................... 19
C.5. EasyVista: sizing for more than 10 users ..................................................... 19
C.6. Special considerations in architecture sizing .............................................. 21 C.6.1. More than 1 000 PCs inventoried each day: .............................................................................. 21 C.6.2. Many Self Service users: ............................................................................................................ 22 C.6.3. Documents uploaded by users on Service Desk: ....................................................................... 22 C.6.4. Dedicated database or not? ........................................................................................................ 22 C.6.5. How to secure the http traffic: ..................................................................................................... 22 C.6.6. SSO, LDAP, etc: ......................................................................................................................... 22 C.6.7. Easyvista on virtualized platforms: ............................................................................................. 23
-
24/05/2013 EasyVista 2013 Technical White Paper
3
C.7. Test platform, development platform etc ...................................................... 23 C.7.1. Would you like to test response times and workload increase with these platforms? .......... 23 C.7.2. Would you like to validate on these platforms the whole integration context and needs (LDAP,
SSO)? ........................................................................................................................... 23
D. Integration with your database servers ........................................ 23
D.1. SQL Server ...................................................................................................... 24
E. EasyVista and access controls ...................................................... 24
E.1. Access control manage by EasyVista ........................................................... 25
E.2. Access control by EasyVista and LDAP ....................................................... 26
F. User rights once connected to EasyVista ..................................... 27
F.1. Domains ........................................................................................................... 27
F.2. Profiles ............................................................................................................. 29
F.3. Users ................................................................................................................ 30
F.4. Limit the data based on geographical criteria .............................................. 31
F.5. Limit the data by department criteria ............................................................. 32
F.6. Limit the data both by geographical and department criteria ..................... 33
F.7. Data are based on trees to define your organization ................................... 34
G. EasyVista inventory process ......................................................... 34
G.1. Automatic discovery or by login script ......................................................... 34 G.1.1. Pros and cons of each method ................................................................................................... 34
G.2. Discovery Manager ......................................................................................... 36
G.3. Inventory process can be automatic ............................................................. 37
G.4. Server Inventory Method ................................................................................ 37
G.5. Notebook Inventory Method .......................................................................... 37
G.6. How data is collected ..................................................................................... 38
G.6.1. Collection points ......................................................................................................................... 38 G.6.2. How many collection points do you need? ................................................................................. 38 G.6.3. How is the data sent? ................................................................................................................. 39
G.7. Discovery of Windows assets ....................................................................... 40
G.8. Discovery of non Windows assets ................................................................ 41 G.8.1. SNMP Inventory .......................................................................................................................... 41 G.8.2. Linux Inventory ........................................................................................................................... 42 G.8.3. Usage Inventory .......................................................................................................................... 42
G.9. Software detection .......................................................................................... 43
-
24/05/2013 EasyVista 2013 Technical White Paper
4
G.9.1. Description .................................................................................................................................. 43 G.9.2. Other software like information detected ................................................................................ 44 G.9.3. Installed software as listed in the Control Panel ......................................................................... 44 G.9.4. Automatic update of the software catalog .................................................................................. 44 G.9.5. Manual update of the software catalog....................................................................................... 44 G.9.6. Serial number detection .............................................................................................................. 45
G.10. Antivirus detection ....................................................................................... 45 G.10.1. Antivirus detected ..................................................................................................................... 45 G.10.2. More information detected about Antivirus ............................................................................... 45
G.11. Movement history ......................................................................................... 46
G.12. Unique identification of an asset ................................................................. 47 G.12.1. Presentation .............................................................................................................................. 47 G.12.2. Workstations used by several people ....................................................................................... 47 G.12.3. Life cycle of an asset ................................................................................................................ 47 G.12.4. Masterization of machines ........................................................................................................ 48 G.12.5. Consolidation of inventory machines with existing information in the database ...................... 48
H. Integration of external data ............................................................ 48
H.1. Goals ................................................................................................................ 48
H.2. How does it work? .......................................................................................... 49
I. Linking EasyVista with external data .............................................. 49
I.1. Active Directory ................................................................................................ 49 I.1.1. Importing Active Directory data .................................................................................................... 49 I.1.2. Authentication done by Active Directory....................................................................................... 49
I.2. EasyVista and SSO ........................................................................................... 50
I.3. Integration with Microsoft Exchange .............................................................. 50 I.3.1. Exchange prerequisites ................................................................................................................ 51
I.4. Integration with your CTI system .................................................................... 51
I.4.1. Displaying the file ......................................................................................................................... 51 I.4.2. Recorded message ...................................................................................................................... 51
I.5. Barcode readers ............................................................................................... 51
I.6. Web Services .................................................................................................... 52
I.6.1. EasyVista as a service provider ................................................................................................... 52 I.6.2. EasyVista as client of an external web service ............................................................................ 52
J. Technical Support Agent ................................................................ 52
J.1. Objectives ........................................................................................................ 52
J.2. How does it work? ........................................................................................... 53
K. Annex 1 : Windows Inventory ........................................................ 53
-
24/05/2013 EasyVista 2013 Technical White Paper
5
K.1. Technical References ..................................................................................... 53
K.2. Software and OS configuration ..................................................................... 57
L. Annex 2 : Linux UNIX Inventory ..................................................... 59
L.1. Technical References ...................................................................................... 59
L.2. Software References ....................................................................................... 60
-
24/05/2013 EasyVista 2013 Technical White Paper
6
A. Description
A.1. Objectives The goal of this document is to help you to understand how the EasyVista platform will be integrated
into your environment.
A.2. Prerequisites This document is for information purposes only.
Each project will have its own unique specifications that will need to be analysed during the pre-sales
process and pre-installation preparation.
B. EasyVista Architecture
B.1. Three Tier Architecture
B.1.1. Objectives
EasyVista is based on a three tier architecture, meaning that the interface layer (WEB), the application
layer and the database layer can be installed on different machines and sized depending on the
project.
According to the number of concurrent users and the security policy of your company, you must define
how the EasyVista platform will be structured.
B.1.2. A gradual way of scaling
The EasyVista architecture is not static and can be modified later according to your changing needs.
If the number of concurrent users increases, if your security rules change, or if there are several
phases in your project, you can modify the architecture even after the installation.
Thats why you can start with a first level of architecture and decide later to upgrade to another one.
Each tier can be sized separately by adding servers.
B.1.3. Licensed users vs Concurrent users
In this document, we propose two different architectures mainly based on the number of concurrent
users. Basically, concurrent users are up to the maximum number of users defined by your EasyVista
license.
Even if there are N users in the license, it doesnt mean that they are concurrent: N users can be
connected, but at any one moment concurrent users are those who request an action at the same
time.
Thats why you can choose to use a simplified architecture if you calculate that the average number of
simultaneous transactions is less than the number of licensed users.
-
24/05/2013 EasyVista 2013 Technical White Paper
7
B.1.4. Scale-up vs Scale-out of the servers
When you have the choice between adding more capacity on a server or adding new servers, the first
solution is often the best if the current machines can support an upgrade.
The same applies if you have the choice between two single processor servers and a dual processor
or two dual processors and a quad processor. You should consider:
Less servers to install and manage
Less Operating System (OS) licenses
Less rack space
We do not apply these rules to the database layer, because it can only support scale-up according to
the current feature of SQL Server.
-
24/05/2013 EasyVista 2013 Technical White Paper
8
B.2. How the components are distributed in the architecture ?
B.2.1. Mono server Architecture
1
EASYVISTA SERVER
Mono server architecture
APACHE + PHP
EASYVISTA Application
SQL SERVER
ACTIVE
DIRECTORY
Corporatemail server
-
24/05/2013 EasyVista 2013 Technical White Paper
9
B.2.2. Multi Server Architecture
B.3. 24*7 availability Maximum availability can be reached by using clusters for the database and the web site.
With regards to the application layer, our recommendation is to add application servers.
Your system and database teams should manage the cluster mode installation and maintenance. Our
teams are not trained to do this sort of work.
A Load Balancer can also be placed in front of the web server. The load balancer must be session
persistent.
B.4. Security of the data transferred on the network You can add an SSL certificate on the Apache server to secure the data exchanged between the web
server and the clients.
C. Hardware and system prerequisites
-
24/05/2013 EasyVista 2013 Technical White Paper
10
C.1. System prerequisites
C.1.1. WEB tiers
Component Value
OS All operating systems supporting Apache and PHP
Apache Apache 2.2.10, 2.0.55 and more recent supporting PHP 5.4
Apache 1.x is not supported.
(We strongly advise that you use the most recent version of
Apache 2.4.x for security and performance)
You should avoid having IIS and Apache installed on the same
server, even if the listening ports are different.
If you compile Apache yourself you must include the SOCKET
module. You must send our team the parameters you used to
compile Apache.
Following parameters must be set in HTTPD.CONF:
Modules :
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module
modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule include_module modules/mod_include.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
Directory Easyvista
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
-
24/05/2013 EasyVista 2013 Technical White Paper
11
Security
ServerSignature Off
Do not allow that folders could be browsed
EnableSendFile On
Performance
LogLevel warn
HostnameLookups Off
LogFormat %a %l %u %t \%r\ %>s %b common
DirectoryIndex index.php
Server-Status + ExtendedStatus -> Desactivate if not necessary
Activate Keep-Alive with a short timeout like 4s
Scalability
MaxClients -> Depends of your configuration
MaxRequestPerChild -> 0 for Windows, 100 000 for Linux
MinSpareServers, MaxSpareServers -> Depends of your configuration
ThreadPerChild = 50 -> For Windows only
Activating compression on Apache 2.2 : Module mod_deflate .
Add the following in httpd.conf
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-
javascript
Activating compression on Apache 2.4 : mod_deflate
Add the following in httpd.conf
FilterDeclare gzipDeflate CONTENT_SET
FilterProvider gzipDeflate deflate "%{Content_Type} =~
/text|css/"
-
24/05/2013 EasyVista 2013 Technical White Paper
12
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /css/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /\.js/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /text/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /plain/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~
/javascript/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /xml/"
FilterProvider gzipDeflate deflate "%{Content_Type} =~ /flash/"
FilterChain gzipDeflate
SetEnvIfNoCase Request_URI \wizard_stream.php no-gzip dont-
vary
SetEnvIfNoCase Request_URI export_csv.php no-gzip dont-vary
The URL must allow a direct access to EasyVista without using a
subfolder (i.e. easyvista.mycompany.com and not
www.mycompany.com/easyvista)
PHP PHP 4.x is no longer supported
PHP 5.2 is no longer supported
PHP 5.4.9 to 5.4.x series (more recent versions are not
supported)
Following PHP modules must be available:
Curl iconv Json so sockets Xcache libXML zlib
If you compile PHP yourself you must include the socket, GD,
XML and Apache modules and the following directives :
'./configure' '--prefix=/usr/local/apache2.4.2/php-5.4.11' '-
-with-curl' '--with-iconv' '--enable-sockets' '--with-
apxs2=/usr/local/apache2.4.2/bin/apxs' '--enable-json' --
enable-module=so --
sysconfdir=/usr/local/apache2.4.2/php-5.4.11 '--disable-
mbstring' '--disable-pdo' '--disable-pdo_sqlite' '--disable-
phar' '--without-sqlite3' '--disable-tokenizer' '--without-
pcre' '--with-openssl' '--with-zlib'
Configure PHP.INI:
-
24/05/2013 EasyVista 2013 Technical White Paper
13
zend.ze1_compatibility_mode = On
zend.enable_gc = On
short_open_tag = Off
y2k_compliance = On
allow_call_time_pass_reference = Off
memory_limit = 192M
display_errors =off
log_errors = On
log_errors_max_len = 1024
track_errors = on
error_reporting = E_ALL & ~E_NOTICE
error_log = ( paramtrer)
register_globals = Off
register_long_arrays = Off
precision = 14
auto_globals_jit = On
post_max_size = 96M
include_path = ".;" (version Windows)
extension_dir = " modifier en fonction de rpertoire de php5 Windows
only"
upload_max_filesize = 30M ( paramtrer 30M selon Yves)
session.save_handler = files
session.save_path = "/repertoire_temporaire_session_php/"
session.auto_start = Off/0
-
24/05/2013 EasyVista 2013 Technical White Paper
14
session.cookie_lifetime = Off/0
session.gc_maxlifetime = 18000
session.gc_divisor = 1000
session.gc_probability = 1
session.cache_expire = 180
session.bug_compat_warn = 1
session.use_trans_sid = 0
session.use_cookies = 0
session.hash_function = 0
session.hash_bits_per_character = 5
session.name = PHPSESSID
session.serialize_handler = php
session.bug_compat_42 = On
session.cache_limiter = nocache
Expose_php = off
variables_order=GPCS
request_order = "GP"
default_socket_timeout = 60
magic_quotes_gpc = Off
safe_mode = Off
max_execution_time = 300
max_input_time = 300
file_uploads = On
upload_max_filesize = 30M
max_file_uploads = 20
default_charset = "UTF-8"
If you install a package of a Linux distribution, note that the IENT
extension must not be included in this package (if included, web
-
24/05/2013 EasyVista 2013 Technical White Paper
15
services wont work).
PHP hardened is not supported (old release not maintained since
2006 and that integrates natively the PHP SOAP module that is
not EasyVista compliant).
If your Linux distribution only proposes PHP Hardened, yu can
use more recent packages from :
http://www.php.net/downloads.php
REDHAT/ CENTOS : http://iuscommunity.org/packages/
DEBIAN : http://www.dotdeb.org/
Others The customer can integrate a reverse proxy of its choice between
the final users and the EasyVista website.
Customers technical teams are in charge of the choice, the
installation and the configuration of such a reverse proxy.
The configuration of the reverse proxy must guarantee a
transparent usage for the final users, as if there was no reverse
proxy (and especially guarantee the transfer of the EasyVista
parameters either by GET and POST, a correct management oh
http headers, cache and resource compression, upload and
download, etc.).
Installation, configuration and maintenance of the reverse proxy
are not included in the EasyVista installation nor in the technical
support.
C.1.2. APPLICATION tiers
Component Value
OS The application server works with Windows 2003 Server,
Windows 2008 Server and Windows 2008 Server R2, Windows
2012. 32 and 64 bits versions are supported.
.NET framework 3.0 mini must be installed on the application
server.
PROCESSOR The application tier works only with x86 processors
DATABASE client Connection to the database are done by the database client :
SQL Server client
ANTIVIRUS Local antivirus must not scan the LOG folder of EasyVista to
-
24/05/2013 EasyVista 2013 Technical White Paper
16
avoid performance issues.
C.1.3. DATABASE tiers
Component Value
OS SQL Server: WINDOWS 2003 SERVER and WINDOWS 2008
SERVER
SQL Server SQL Server 2008 SP1 and next SPs, SQL Server 2008 R2 (we
highly recommend that you use SQL SERVER 2008 R2), SQL
SERVER 2012
SQL SERVER 2005 is no longer supported due to UNICODE
features of EasyVista 2012
SQL Server tools available (Database manager, configuration
tools, BCP, Alias configuration, )
Sort order: CASE INSENSITIVE ACCENT SENSITIVE / SQL Latin
1 general
Authentication by SQL Server and not system based
Automatic growing of tempdb or at least 1GB
SQL Server 2000 is no longer supported
Database configured with READ_COMITTED_SNAPSHOT
To enable EasyVista FullText Search, the FullText Search feature
of SQL Server must be available and enabled.
C.1.4. WEB browser
Component Value
Version INTERNET EXPLORER 6 is no longer supported
INTERNET EXPLORER 7 is supported for SELF SERVICE users.
We strongly advise to use Internet Explorer 8, 9 and 10 (with last service
packs). For Internet Explorer, specific distributions (two letters at the end
of the version number) are not supported.
For Internet Explorer 8, the minimal security pack to apply is April 2012.
Chrome and Firefox are supported in the versions available when
EasyVista is released. Update frequency of Firefox and Chrome are
such that we cannot guarantee to be fully compliant with versions that
we cannot test when EasyVista is released. However, we do our best to
be compliant in the very next fixes of EasyVista.
-
24/05/2013 EasyVista 2013 Technical White Paper
17
Configuration JavaScript allowed
Automatically refresh the pages
Local cache for temporary files must be large enough (>10MB)
If you use SSL, check that the cache for secure pages is allowed.
For Internet Explorer >= 7 :
Security option / Downloads must allow AUTOMATIC PROMPTING FOR FILE DOWNLOADS.
Pop-ups must be allowed
For Firefox, Pop-ups must be allowed for the EasyVista web site.
Antivirus On the customer PC, the local antivirus should not systematically check
each .JS (JavaScript) file to avoid performance problem during the
display of the page.
Others EasyVista doesnt require APPLET or ActiveX on the client browser
Flash plug-in 9 or more recent. This is only needed for designing
Workflows
C.2. Windows servers Windows servers must use the latest service pack available.
The socket parameters of the windows machines must have been updated according to Microsoft
document accessible here: http://msdn2.microsoft.com/en-US/library/aa560610.aspx (this
configuration concerns only the servers and not the client PCs).
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
MaxUserPort -> 60000
-
24/05/2013 EasyVista 2013 Technical White Paper
18
TcpTimedWaitDelay -> 30
C.3. Disk space needed This table shows the space needed for SQL Server based on volume needs.
Group Information SQL Server
Administrative
database
The size of these databases doesnt vary during usage
EVO_ADMIN, EVO_BACKOFFICE,
EVO_REFERENCE, EVO_PROC
80 MB
Config database The size of these databases doesnt vary during usage 100 MB
Data Database Example based on the demo database :
Assets.......................................... 38400
Employees ................................... 8750
Orders ......................................... 500
Requests ..................................... 24200
600 MB
EasyVista is installed by default:
1 administration database group
1 demo account (config and data Database)
1 production account (config and data Database)
1 test account (config and data Database)
C.4. EasyVista : sizing for less than 10 users
Users connected LAN
5 Mono server XEON double core, 4GB RAM, Windows 2008 32 or 64-bit, 2HD RAID 1 (70GB) and 3 HD RAID 5 (70GB)
Or
Virtual machine with 2vCPU, 4GB RAM, 40GB HD
10 Mono server 2x XEON Processor, 8GB RAM, Windows 2003/2008 64-bit, 2HD RAID 1
(70GB) and 3 HD RAID 5 (146GB)
Or
-
24/05/2013 EasyVista 2013 Technical White Paper
19
Virtual machine with 4vCPU, 4GB RAM, 40GB HD
C.4.1. SQL Server 2008 Express or SQL Server 2008 Standard?
SQL Server 2008 Express can be used for up to 5 connected users. For more users we recommend
SQL Server 2008 Standard.
SQL Server 2005 Express is a free, but limited version of SQL Server. Check this link to learn more
about the differences: http://www.microsoft.com/sql/prodinfo/features/compare-features.mspx
C.5. EasyVista: sizing for more than 10 users
Note:
These architectures are defined to give you an idea of what the platform will look like. These
platforms must be adapted according to your own business and number of users.
An EasyVista platform can always be upgraded at a later stage, but please keep in mind the
implications to your business and support of your users of shutting down a production system. Its
better to define the platform as well as possible at the beginning of the project.
This advice is really important for physical architectures, which our experience says, are not often
upgraded on the average five years that last such a project (5 years is today the maximum guarantee
that can be subscribed for most of the servers). The architecture should not only cover todays needs
but also the changes that could occur during the lifetime project, both on the customer usage (more
departments, etc) and EasyVista upgrades (one major version per year).
Virtual architectures, excluded the database server, can be upgraded as needed, based on the
resources really used, and with very little stops in the product availability. Thats why our prerequisites
are less important for virtual architecture than for physical ones:
Virtualized platform administrators prefer to size the resources based on the real usage while the project is growing, instead of reserving too much resources at the beginning. Thats how they can guarantee an optimal usage of the physical resources of the virtual server among all the virtual machines
Using more than 4 vCPUs on a virtual machine should be considered with precaution because that such configuration can create contention on physical CPUS (vmware CPU Ready indicator).
-
24/05/2013 EasyVista 2013 Technical White Paper
20
Connected
users Physical architecture Virtual architecture
20 Dedicated web server, XEON DOUBLE CORE, 4GB RAM, LINUX, 2HD RAID 1
(70GB)
For the application and data server :
Case 1: Dedicated SQL Server on the
application server
Xeon Quad core, 4GB RAM, Windows
2008 32 or 64 bits, 2HD RAID 1 (70GB)
Case 2: Non dedicated server
The EasyVista server will only run the
application layer :
Xeon Double core, 2GB RAM, Windows
2008 32 or 64 bits, 2HD RAID 1 (70GB)
The SQL Server Instance must have
2GB of memory allocated and two
CPUs (or one CPU double core). The
instance must be dedicated to
EasyVista.
Dedicated web server, 2 vCPU, 4GB RAM,
LINUX, 1 HD (20GB but could me more
depending of the forecast about uploaded
files)
For the application and data server :
Case 1: Dedicated SQL Server on the
application server
2 to 4 vCPUs, 4GB RAM, Windows 2008
32 or 64 bits, HD 40GB
Case 2: Non dedicated server
The EasyVista server will only run the
application layer :
1 to 2vCPUs, 2GB RAM, Windows 2008
32 or 64 bits, HD 40GB
The SQL Server Instance must have 2GB of
memory allocated and two CPUs (or one
CPU double core). The instance must be
dedicated to EasyVista.
50 Architecture based on three different servers:
WEB server:
XEON QUAD CORE 4GB RAM 2 HD RAID
1 (70GB) , Linux.
Application server:
XEON QUAD CORE 4GB RAM 2 HD RAID
1 (70 GB), Windows 2008 32 or 64 bits.
Architecture based on three different servers:
WEB server:
2 to 4 vCPUS, 4GB to 6 GB RAM, HD 40GB,
Linux.
(more virtual servers can be added if
necessary)
Application server:
2 to 4 vCPUS, 4GB RAM, HD 40GB, Windows
-
24/05/2013 EasyVista 2013 Technical White Paper
21
Database server:
SQL Server instance must have 4GB of
RAM allocated and 4 CPUs (or one QUAD
CORE). The instance must be dedicated to
EasyVista.
2008 32 or 64 bits.
(more virtual servers can be added if
necessary)
Database server (physical):
SQL Server instance must have 4GB to 8GB of
RAM allocated and four to six physical cores.
The instance must be dedicated to EasyVista.
100 Architecture based on three different servers:
WEB server:
BI XEON QUAD CORE 8GB RAM, 2 HD
RAID 1 (70GB), Linux.
Depending of what the final users are doing
and of the forecast charge, it could be
necessary to double the web server when
you have more than 100 users.
Application server:
BI XEON QUAD CORE 8GB RAM 2 HD
RAID 1, Windows 2008 32 or 64 bits.
Depending of what the final users are doing
and of the forecast charge, it could be
necessary to double the Application server
when you have more than 100 users.
Database server:
SQL Server instance must have 8GB of
RAM allocated and six to height cores. The
instance must be dedicated to EasyVista.
Bigger
architecture
s
The architecture will be defined with your teams and our experts.
C.6. Special considerations in architecture sizing
C.6.1. More than 1 000 PCs inventoried each day:
-
24/05/2013 EasyVista 2013 Technical White Paper
22
Discovery data integration (Discovery, Usage, SNMP, Citrix) can be very resource intensive. A
single PC needs 10 seconds to be integrated in the EasyVista database because of all the rules
applied during the integration process (merges, movement history, etc). Huge imports can potentially
slow down the performance for end users.
In this case, it is necessary to either import data outside of working hours (e.g. night shift), or use a
dedicated back office server to import data: MONO XEON DUAL CORE, 4GB RAM, 2 HD 70GB RAID
1, Windows 2003).
C.6.2. Many Self Service users:
If the number of Self Service users is important, you should consider having a second line of servers
dedicated to them.
In this case, standard users will access EasyVista with one URL, and Self Service users with another
one. You can then guarantee the performance will always be the same for your standard users
(Service Desk, etc) even when many Self Service users are connected.
C.6.3. Documents uploaded by users on Service Desk:
The web server must have adequate disk space to accommodate the uploading of documents by
users. Documents such as licences, contracts, email attachments and screenshots will all be stored
on the web server and over the course of time could become huge.
You can configure EasyVista to store these documents outside of the web server, in a more secure
area (i.e. File Server).
C.6.4. Dedicated database or not?
We always recommend a dedicated database for EasyVista.
With SQL Server, EasyVista needs to use a specific sort order that could potentially conflict with the
one already in use.
C.6.5. How to secure the http traffic:
Its not mandatory to secure the http traffic, but you should consider using an SSL certificate to avoid
readable information being sent on your network.
For larger environments (more than 200 users on the same web server) we would recommend
installing a dedicated SSL encryption card on the web server.
C.6.6. SSO, LDAP, etc:
EasyVista integration in your security environment has no impact on the size of the architecture.
However, you must validate with your LDAP administrators that EasyVista will have no consequence
on their servers. EasyVista generates two LDAP queries for each new user login to EasyVista.
-
24/05/2013 EasyVista 2013 Technical White Paper
23
C.6.7. Easyvista on virtualized platforms:
You can use virtualized platforms to host EasyVista but you have to follow the rules:
Workstation platforms must not be used
There must be enough resources on the platform hosting the virtualization OS (network, memory, CPU, etc)
Resources dedicated to EasyVista virtual machines must be compliant with the technical white paper, as if it was a physical platform
The physical architecture hosting the virtualization platform must be designed and configured for performance (lot of memory, high speed disks and SANS, high speed network with Jumboframes, etc)
You can either use HYPER-V or VMware ESX / VSPHERE (or following).
Warning: EasyVista performance on virtualized platform is tightly linked to the performance of the
physical infrastructure hosting the virtualization OS.
C.7. Test platform, development platform etc
The right platform architecture and size is based upon the answers to the following questions
C.7.1. Would you like to test response times and workload increase with these platforms?
If the answer is YES, then these platforms must be identical to the production platform. Keep in mind
that this will cost the same price as the production platform, for a platform that will not be used very
often.
If the answer is NO, then these platforms will only be used to test new versions, develop specific
interfaces, etc. You can use smaller architectures, and even virtual server environments.
C.7.2. Would you like to validate on these platforms the whole integration context and needs (LDAP, SSO)?
If the answer is YES, then these platforms should be the same as the production database in terms of
OS, and location in the network.
If the answer is NO, then these platforms will only be used to test new versions, develop specific
interfaces, etc. You can use smaller architectures, and even virtual server environments.
D. Integration with your database servers
-
24/05/2013 EasyVista 2013 Technical White Paper
24
D.1. SQL Server
E. EasyVista and access controls
9
SQL SERVER : Database architecture
AD
MIN
IST
RA
TIV
E P
art
EVO_REFERENCE
EVO_BACKOFFICE
EZV_ADMIN
DA
TA
Part
CONFIG DATA
For each company 50xxx (or 40000 for the demo)
Account
Database
EVO_ADMIN
-
24/05/2013 EasyVista 2013 Technical White Paper
25
E.1. Access control manage by EasyVista
-
24/05/2013 EasyVista 2013 Technical White Paper
26
E.2. Access control by EasyVista and LDAP
-
24/05/2013 EasyVista 2013 Technical White Paper
27
F. User rights once connected to EasyVista
F.1. Domains Domains are designed to limit the quantity of data that a specific user can see.
A domain is a permanent filter based on several criteria and applied on all the queries where these
criteria apply.
1329
EASYVISTA authentication and LDAP
1
6
LDAP
Directory
1 Bind with an account allowed to browse the tree
2 Search in the subtree allowed for this account?
Based onthe attribute defined in EASYVISTA
(Uid or SAMaccountName
Subtree
allowed for
EASYVISTA
account
User+
Properties
3 Get the DN of the user
4 Bind with the DN (3) and the password
5 If binding is Ok, then authenticaion is done
-
24/05/2013 EasyVista 2013 Technical White Paper
28
5
Domain ALL THE COMPANY
Domains
Domain 1
Domain = Limit the data the user can see
Domain 2
Domain 3
Localisation
criteria
(Discovery+AM)
Department
criteria
(AM)
Asset type
criteria
(AM)
-
24/05/2013 EasyVista 2013 Technical White Paper
29
F.2. Profiles Profiles limit the actions that a specific user can do (Add, Update, Delete), the administration level they
have to manage filters and reports, the screens they access, etc.
6
ProfilesProfile = Limit what the user can do
Module
(Help-Desk,
Discovery,)
Theme
(Discovery,
Administration,
)
Menu
Menu
Add, Update, Delete
Theme
Screens accessible
Wizard available
Rights
Filters
Reports
-
24/05/2013 EasyVista 2013 Technical White Paper
30
F.3. Users A user is defined by:
A login and password
One or more domains that limit the data he will see
One profile to define the authorised actions on the above data
7
UsersUser = Account allowed to access Easyvista
Limit the data it can see
Limit what it can do
Domain 1
Domain N
Profile
-
24/05/2013 EasyVista 2013 Technical White Paper
31
F.4. Limit the data based on geographical criteria The first way to define domains is to use geographical criteria.
8
Limit data geographically
Site 1
Site 2
Dept 3
Dept 2.1
Dept 2.1
Dept 1
Site 3
Dept 3
Dept 2.1
Region manager,
All sites and all department
Site 3 Manager,
all departments
-
24/05/2013 EasyVista 2013 Technical White Paper
32
F.5. Limit the data by department criteria
9
Limit data by department
Site 1
Site 2
Dept 3
Dept 2.2
Dept 2.2
Dept 1
Site 3
Dept 3
Dept 2.1
Department 1 manager
Department 3 manager
Department 2 manager
Departement 2.2 manager
-
24/05/2013 EasyVista 2013 Technical White Paper
33
F.6. Limit the data both by geographical and department criteria
10
Limit by department and localization
Site 1
Site 2
Dept 3
Dept 2.2
Dept 2.2
Dept 1
Site 3
Dept 3
Dept 2.1
Department 2.2 manager of site 2
Department 2.2 manager of site 1
-
24/05/2013 EasyVista 2013 Technical White Paper
34
F.7. Data are based on trees to define your organization
G. EasyVista inventory process
G.1. Automatic discovery or by login script Inventory can be done:
With Discovery Manager, an automatic inventory tool that will discover assets connected to the local network and inventory the ones that can be reached
With the company login script
With a local agent installed on the asset
Each method has its own advantages. You should use each one depending of the result you are
expecting.
G.1.1. Pros and cons of each method
Method Analyze
11
Data structure in trees
Site 1
Site 2
Dept 3
Dept 2.2
Dept 2.2
Dept 1
Site 3
Dept 3
Dept 2.1
All
the sites
Site 3
R1
S1 S2
All
the departments
Dept 1 Dept 3
Dept 2
2.1 2.2
-
24/05/2013 EasyVista 2013 Technical White Paper
35
Discovery Manager Pros:
User friendly interface to configure the collection point and run an
automatic discovery
Quick discovery of the connected and reachable assets
Cons:
Only the up and running assets at the very moment of the discovery
process can be found
Well designed for:
First discovery process to collect data
Scheduled inventory for SNMP assets
Login Script Pros:
Each machine connected to the network will be inventoried each time a
user connects
The inventory will be completed one PC after the other, each that a user
connects
Cons:
The login script must be changed (1 or two lines to add)
Users must connect to have the PC inventoried
Well designed for:
Regular inventory of the assets
Local installation Pros:
Useful for PC that never use the login script
Cons:
A local agent must be installed, either manually or automatically with a
deployment tool if you have one
Well designed for:
Inventory of servers, notebooks, etc
-
24/05/2013 EasyVista 2013 Technical White Paper
36
G.2. Discovery Manager Discovery Manager is the tool that will be used to both configure the collection points, and do
automatic discovery. Please refer to the Discovery Manager user guide for more information.
Inventory based on WMI:
WMI must be configured and accessible on the remote assets
An administrator account will be used to access the assets remotely
Administrative Disk Shares (C$,) must be available for the configured account, on the remote PCs, and the PC running Discovery Manager
A shared folder (collection point) must be accessible from each asset, using the administrator account
Possibility to run a process remotely to the distant PC (enough memory, etc)
The asset name is found by using the Windows APIs
Inventory based on SNMP:
SNMP must be configured and accessible on the remote assets
A community must be specified if the asset is community protected (SNMP V1/V2)
SNMP V3 security is not supported for the moment
Inventory based on SSH:
SSH must be configured and accessible on the remote assets
SFTP must be available on the asset to transfer the scripting agent and retrieve the result files
An administrator account must be defined to access to the asset
PasswordAuthentication must be set to yes in etc/ssh/sshd_config
If you use a root account, check that PermitRootLogin is set to yes in etc/ssh/sshd_config
-
24/05/2013 EasyVista 2013 Technical White Paper
37
G.3. Inventory process can be automatic You can execute EVAGENT.EXE manually on PCs. However, it is recommended to configure this
process in order to have an automatic inventory during the logon process by adding a line to run
EVAGENT.EXE in your login script.
This is the best way to guarantee a frequent and up-to-date inventory, without having to install an
agent on all the PCs in your company.
G.4. Server Inventory Method Servers do not use login scripts, and are not restarted often enough to guarantee a frequent inventory.
You can install a service on the Windows servers you want to inventory. This service will do the
inventory on regular intervals.
Workstations that are never rebooted or seldom logged on to can be considered as servers and use
the service mode.
G.5. Notebook Inventory Method You can use the EasyVista REMOTE feature to install a local collection point on each notebook. This
collection point is independent and will inventory the notebook on a regular basis and will keep on
trying to send the data by FTP or SMTP until it is possible to connect to the EasyVista server.
-
24/05/2013 EasyVista 2013 Technical White Paper
38
G.6. How data is collected
G.6.1. Collection points
A collection point is a shared folder, accessible by a group of users. The folder contains the files
needed by EasyVista DISCOVERY and is located in this directory.
To inventory a PC, you just need to run EVAGENT.EXE from within this folder.
Result files are then encrypted and stored in a sub folder of the collection point folder and are then
sent to the EasyVista platform on a regular basis via a scheduled task.
G.6.2. How many collection points do you need?
It simply depends on how your network is defined:
If you just have one local network, you should consider having just one collection point
If you have a more complex network with several sites, you should define one collection point for each site. Even if they are physically connected, and if users can access a shared folder on the corporate LAN, our advice is to create one collection point per site instead of a single central one, in order to avoid heavy traffic on the WAN network and to automatically define the location of collected PCs.
For each collection point created, you can define an automatic default location (and/or department)
which will be automatically attached to each newly discovered PC. Consequently, the PCs will be
available to view for all users belonging to this domain based on these geographical criteria.
50
Collection
Point
Inventory overview
Send DATA
Login ScriptEnterprise equipment
Service
Serveur
WindowsService
Nomad
equipmentRemote
Others inventories :
SNMP,
USAGE,
CITRIX
-
24/05/2013 EasyVista 2013 Technical White Paper
39
G.6.3. How is the data sent?
Collected data must be sent to the main EasyVista platform and imported into the database.
Data must be sent regularly: our advice is once a day.
You can send data using three different options:
SMTP / SMTPS: data are sent to an e-mail account dedicated to EasyVista (e.g. [email protected]). The main platform will access this mailbox to get the collected files. Once imported, e-mails are automatically deleted from the mailbox: you dont need to delete them manually.
FTP / FTPS / SFTP : data are sent using an ftp web site accessible to the collect points. Once imported you dont need to delete them manually, files are automatically deleted from the FTP site.
SHARED FOLDER: If you have just one collection point on a single site architecture, you can use a shared folder to send data because most of the time, the server hosting the collect point and EasyVista server will be the same: in this case, thats the simplest way to send data.
HTTP / HTTPS
Depending on your network architecture and security rules, you can choose to use SMTP or FTP, or
both.
You can schedule to send data:
With a Windows scheduled task
Using a specific EasyVista service to install on one of your servers
51
About Collection Points
How many collection points (shared folders)?
Who are the administrators?
Which physical connections exist between the sites?
Which data transmission support for each collection point?
Regroup several physical sites under the same collection point name?
How are remote collections points installed?
NECE
SSAR
Y
Collection Point 1 SI Department 1 SI Department 2
FTP
POP3
FOLDER Collection Point 4
-
24/05/2013 EasyVista 2013 Technical White Paper
40
G.7. Discovery of Windows assets
Windows inventory agent runs on the following OS:
More recent versions of Windows
Windows 7
Windows 2008
Windows 2003
Windows Vista
Windows XP
Windows 2000
Windows 98
Windows 95
Windows NT4
See Annex 1 for more details on the information collected by the agent.
-
24/05/2013 EasyVista 2013 Technical White Paper
41
G.8. Discovery of non Windows assets
G.8.1. SNMP Inventory
The SNMP inventory module automatically collects information from the assets using the SNMP
protocol.
You can define as many IP subnets and communities as needed.
You can extend the EasyVista Management Information Base (MIB) extract rules with specific rules for
your SNMP assets.
Discovery Manager can be used to:
Display information directly collected from the SNMP assets
Add specific information from one kind of asset to have this information collected during the next inventory
Integrate new constructor MIB to improve the display of the information collected during inventory
4
Collect
Point
SNMP INVENTORY
Send
LAN
INTERNET
LAN
INTERNET
Network Printers Servers / Workstations
SNMP Layer : MIB Database
Others
Easyvista SNMP
-
24/05/2013 EasyVista 2013 Technical White Paper
42
G.8.2. Linux Inventory
Linux inventory is based on scripts that collect local information.
It is possible to improve the information collected by updating specific scripts (one for hardware
characteristics detection, and one for software). This feature is useful to adapt the detection of
specific Linux distributions or versions that the standard script does not fully cover.
Scripts can be:
Copied locally and executed once or scheduled
Remotely executed with Discovery Manager
Prerequisites:
Linux Shell version 2.4 or higher
Solaris v10 or higher (can work on previous versions depending of their configuration)
AIX 6 or higher (can work on previous versions depending of their configuration)
HP-UX 11i v3 or higher (can work on previous versions depending of their configuration)
Read only access to /DEV/MEM to retrieve BIOS information
G.8.3. Usage Inventory
A local agent is installed, either automatically by login script, or with a deployment tool if you have one.
This agent will collect the information about processes in memory and send them once a day to the
collection point.
Following data will be collected:
-
24/05/2013 EasyVista 2013 Technical White Paper
43
Information about software usage:
Field Description
DATE Date of the capture
COMPUTER_NAME Computer name of the PC captured
PC_EUID EasyVista unique identifier of the PC (EUID)
PATH Path of the exe in memory
EXE_NAME Executable file name in memory
VERSION Version of the exe in memory
PUBLISHER Publisher of the exe in memory
LANGUAGE Language of the exe in memory
NB_RUN Number of time the software has been launched during the period
FOUND_IN_MEMORY Duration of the software in memory (in seconds)
AGENT_VERSION Version of the usage agent that captured the data
Information about hardware usage:
Field Description
DATE Date of the capture
COMPUTER_NAME Computer name of the PC captured
PC_EUID EasyVista unique identifier of the PC (EUID)
TYPE_MEMORY MEMORY_Usage for the total memory used lines VIRTUAL_MEMORY_Usage for the total of the virtual memory used lines
TYPE_HARDWARE HARDWARE_Usage for the hardware usage lines If the TYPE_MEMORY column is MEMORY_Usage or VIRTUAL_MEMORY_Usage, this column represents the minimum of memory used by the PC during the capture.
VALUE_1 If the TYPE_MEMORY column is MEMORY_Usage or VIRTUAL_MEMORY_Usage, this column represents the maximum of memory used by the PC during the capture.
VALUE_2 If the TYPE_MEMORY column is MEMORY_Usage or VIRTUAL_MEMORY_Usage, this column represents the average of memory used by the PC during the capture.
NB_START For the HARDWARE_Usage lines only, represents the number of time the PC has been started during the day of the capture
RUNNING_TIME For the HARDWARE_Usage lines only, represents the time the PC has been used during the day of the capture (in seconds)
AGENT_VERSION Version of the usage agent that captured the data
G.9. Software detection
G.9.1. Description
Software installed on each inventoried machine is collected and checked against the EasyVista
software catalog during the integration of inventory data in the EasyVista database.
Following characteristics are collected:
Software name
Software editor
Short version or marketing version if it exists (e.g. Excel 2007)
-
24/05/2013 EasyVista 2013 Technical White Paper
44
Long version
Installation folder
By default, software is detected based on the presence of shortcuts or information in the registry. This
method guarantees an optimal detection, in terms of speed and quality. Analyzing the whole local
hard disks would take too much time, and use too many resources.
If needed, if specific software were not automatically detected, it is possible to configure specific
searches based on part of file names or folder names.
G.9.2. Other software like information detected
Following products are also added as software during the inventory:
Operating system
Office suite if available
G.9.3. Installed software as listed in the Control Panel
Installed software as listed in the Control Panel are collected and stored directly as components for
each asset inventoried.
They are not used as software detected during the inventory process, because we consider that the
information is not as good as the one collected directly with the method described previously:
Some software installed is missing (the ones installed without Windows installation process)
Some software already unisntalled are still present if the uninstallation process failed
Editor names and software names are not unified and not easily analyzed
Most of the time, no software version number
G.9.4. Automatic update of the software catalog
Our backoffice team improve the software catalog continuously, based on the information collected on
our platforms.
This catalog is available:
For new EasyVista installations
For update, included in the maintenance contract: you just have to install EasyVista Network on your EasyVista platform
G.9.5. Manual update of the software catalog
Inventoried software that are not automatically linked to an entry in the software catalog will be added
in an unknown software database.
They are mainly rarely discovered software or specific software of your company.
Using EasyVista, you can display the list of the unknown software discovered and improve the
recognition database by adding them in the list of software to discover.
-
24/05/2013 EasyVista 2013 Technical White Paper
45
G.9.6. Serial number detection
Software serial numbers are discovered automatically from the registry for the one stored by software
editors.
You can also add specific registry path to retrieve local serial number that are not automatically
discovered.
G.10. Antivirus detection
G.10.1. Antivirus detected
Software are tagged as Antivirus in the software catalog and grouped as Antivirus in the interface.
G.10.2. More information detected about Antivirus
Depending of the Antivirus product and the information published by the editor, here are the
complementary information EasyVista can collect:
Antivirus Information
VirusScan Version
Date of virus base
Version of virus base
Kaspersky Version
Date of virus base
ETrust Version
Date of virus base
Panda Version
Date of virus base
FProt Version
Date of virus base
Norton AntiVirus Version
Date of virus base
Version of virus base
-
24/05/2013 EasyVista 2013 Technical White Paper
46
Viguard Version
NOD32 Version
Date of virus base
BitDefender Version
Date of virus base
Version of virus base
G.11. Movement history During inventory data integration, the following changes in the machine configuration will be stored as
movement history.
Remark: specific historization can be done, either by configuration, or by specific development for
more sophisticated needs.
Data Event
Technical
characteristic
Changes in one of the following values :
BIOS
RAM Size
Login Name
OS Language
OS Serial Number
Default Printer
User Time zone
OS Registered user
OS Registered company
Comment
User language
Screen Resolution
Domain name
Computer name
Connected Device Add or remove a connected device
Network card Changes on a network card
Component
Component added
Component deleted
Software Software installed
Software uninstalled
-
24/05/2013 EasyVista 2013 Technical White Paper
47
Changes on a major version
Changes on a minor version
G.12. Unique identification of an asset
G.12.1. Presentation
Each inventoried asset will be tagged uniquely during its first inventory. This unique tag identifies an
asset among all the other assets of the database. Its called EasyVista tattoo or EUID.
Its necessary to create a unique identifier, because theres no natural identifier on an asset:
COMPUTER NAME: can change and may be duplicate on complex company networks
IP ADDRESS / MAC ADDRESS: can change during life cycle of the computer
UUID: many duplicates exist because constructor do not guarantee that this field supposed to be unique, is really uniquely filled for each machine
SERIAL NUMBER: many duplicates, event for the same constructor, and often not correctly defined (To be filled, 12345, etc)
ASSET TAG: based on a human action, and not surely unique on a complex estate
G.12.2. Workstations used by several people
During the first inventory, EasyVista unique identifier is generated and stored on shared places of the
machine:
C:\Documents and Settings\All Users\Application Data\EasyVista
C:\
%temp%
On highly secured PCs where users are not allowed to write information in these places, it is
recommended to do a first inventory using an administrator account. This inventory will generate the
EasyVista tattoo at the right place and users will be granted to access to it in read only.
G.12.3. Life cycle of an asset
If an asset is re-formatted, it will lose its local EasyVista tattoo. The next inventory will create a new
tattoo for this asset.
During the integration of the collected data for this asset, the integration process will try to merge the
old and the new tatoo to avoid creating duplicates in the database.
To do that, it will compare the following information of both collected data:
1. Asset Tag 2. Computer Name / Maker / Model / Serial Number / UUID
-
24/05/2013 EasyVista 2013 Technical White Paper
48
G.12.4. Masterization of machines
A PC that will be used as a master for duplication on other machines must not contain an EasyVista
tattoo. Otherwise, this tattoo will be duplicated on several machines, and these machines will be
considered as a single one.
G.12.5. Consolidation of inventory machines with existing information in the database
If some machines already exist in the database (integration of an old database for example), the
integration process of inventoried data will try to consolidated the inventoried data and the existing
data.
To do that, the integration process will compare machines in the existing database to the one
inventoried, based on the following fields:
1. Asset Tag 2. Serial Number 3. Computer Name
If no existing machine is found, a new asset is created in the database.
H. Integration of external data
H.1. Goals EasyVista uses a powerful layer to import data from different sources and reconciles them before
integration in EasyVista.
The integration module in EasyVista is very simple.
The pre-process system uses the speed and power of the SQL language to prepare the data (convert,
delete, merge).
Three steps:
1. From the different sources of data you have, copy the data in temporary tables, on your EasyVista data server. The pre-import process can work on data coming from LDAP servers, SQL Server, Oracle, and any ADO/ODBC connector.
2. Once imported, the data can now be selected, converted, purged into a single result table ready to integrate to EasyVista. Example :
LDAP data separates FIRST NAMES and LAST NAMES: you can use the pre-import process to merge them, and use a template to have the name in capitals for example.
LDAP data is often full of unwanted information (test accounts, distribution accounts). You can use the pre-import process to delete the data you do not need to avoid importing them into EasyVista
3. Integrate the data into EasyVista using the Integration tools
-
24/05/2013 EasyVista 2013 Technical White Paper
49
The whole process can be scheduled for regular integrations.
EasyVista will allow you to define an automatic process regardless of data complexity, quality, variety
and sources you need to integrate.
H.2. How does it work?
I. Linking EasyVista with external data
I.1. Active Directory
I.1.1. Importing Active Directory data
Your company directory can be imported into EasyVista, either as a one-off or regularly.
I.1.2. Authentication done by Active Directory
It is possible to configure EasyVista to validate the login and password given by users via Active
Directory. In this case, users still type in their login and password through the EasyVista login page,
but the validation is provided via the Active Directory database and not via the EasyVista database.
10
Pre import
Data source ORACLE or SQL SERVER
Easyvista
database
Model
Table
Table
LDAP directory
Table
Table
Local copy if necessary
1
Data post process
2
Table ready for importing
Table
Table
Table
SQL Queries
Table
Table
Extract
Executing queries on Local tables:
Delete , Insert, merge,
3
-
24/05/2013 EasyVista 2013 Technical White Paper
50
Specific access to your Active Directory is required to check what information can be used to map
users between Active Directory and EasyVista.
I.2. EasyVista and SSO
EasyVista can be integrated in your SSO system. Information regarding the already connected users
must be available either in a cookie, a session variable or a parameter in the HTTP header or URL.
Other specific identification methods are available. Please describe your system and we will see how
we can integrate your SSO system with EasyVista.
| Copyright Staff&Line | 5
Concepts
1 Identification 2 - Authentication 3 - Habilitation
1 Identification 3 - Habilitation
Done by the corporate Security System
Done by EasyVista Security Service
EasyVista with SSO
2 - Authentication
EasyVista without SSO
I.3. Integration with Microsoft Exchange
EasyVista can be linked to Microsoft Exchange:
Automatically create new meetings in Exchange calendars for actions defined in EasyVista for consultants
-
24/05/2013 EasyVista 2013 Technical White Paper
51
Automatically update the meetings in Exchange when a change is done in EasyVista.
I.3.1. Exchange prerequisites
MAPI layer must be installed on the EXCHANGE SERVER and accessible.
OUTLOOK client must be installed on the EasyVista application server in the same version than the
EXCHANGE SERVER. We require that OUTLOOK be installed to guarantee that tests can be done in
the same environment than the EasyVista application server with all the MAPI component correctly
installed.
The calendar of each consultant defined in EasyVista must be shared and accessible to the MAPI
account defined on the application servers.
EasyVista is compliant with EXCHANGE 2003, 2007 and 2010.
I.4. Integration with your CTI system
EasyVista can be integrated with your CTI system to automatically display the requestor file as if the
Service Desk user had used the EasyVista interface to find it.
I.4.1. Displaying the file
The CTI agent of your system (not included with EasyVista) must be able to call an EasyVista web
page with special parameters identifying the calling user.
Here is the syntax:
http:[ web server address]/indexSSO.php?url_account=[EasyVista account]&url_login=[hotliner
login]&url_password=[hotliner password]&do_quickcall=1&url_requestor=[calling user identifiantt]
I.4.2. Recorded message
An incident can also be created by sending a message to a dedicated mailbox. The content of the
audio message must be associated as an attachment to the e-mail.
I.5. Barcode readers
The following barcode formats can be used when connecting barcode readers to EasyVista :
UPCA
UPCE0
-
24/05/2013 EasyVista 2013 Technical White Paper
52
MSI
EAN8
EAN13
CODABAR
CODE39
I2OF5
CODE128
I.6. Web Services
I.6.1. EasyVista as a service provider
EasyVista web services are published with RPC ENCODED.
I.6.2. EasyVista as client of an external web service
EasyVista can call des web services with protocols:
RPC / ENCODED
RPC / LITERAL
DOCUMENT / LITERAL
J. Technical Support Agent
J.1. Objectives The goal is to automatically create new requests in EasyVista based on e-mail sent by users to a
dedicated mailbox. The mailbox will be scanned using the POP3 or IMAP4 protocols.
The text and subject of the e-mail are used to define the new requests. Attachments are saved and
linked to the new request in the attached documents screen.
-
24/05/2013 EasyVista 2013 Technical White Paper
53
J.2. How does it work?
K. Annex 1 : Windows Inventory
K.1. Technical References Information listed in the next table is collected only if they are available. Quality of information
collected can change, especially for older versions of Windows (NT4, Windows 95, Windows 98).
Characteristic Fields
Inventory Inventory Agent version
Inventory date
Path of the collection point
Collection point name
Machine Manufacturer
Model
17
Technical Support Agent : Principles
POP3 Server
Account 1
Account N
SMO Server
New request
Request number (RFC_NUMBER)
Creation date (SUBMIT_DATE)
Requestor (REQUESTOR_ID)Subject (SD_CATALOG_ID)
Status (STATUS_ID)
Origin (REQUEST_ORIGIN_ID)Localisation (LOCATION_ID)
Details (COMMENT)
Directory www/resources/..
Document 1 Document 2
-
24/05/2013 EasyVista 2013 Technical White Paper
54
Serial Number
UUID
Identification Computer name
Asset tag (if available)
EasyVista unique Identifier
BIOS Date
Name
Version
Memory DOS Memory
Extended
Total
For each memory bank:
Speed
Memory type (DIMM, etc)
Size or NOT INSTALLED
Logical disks For each logical disk :
Logical letter of the disk
Total size
Available size
Type (Fixed drive, network drive,etc)
Partition type (NTFS, FAT, etc)
Path to the network resource
Physical disks For each physical disk :
Disk number
Name
Serial number
Type (IDE, etc)
Number of partitions
For each physical disk that is smart compliant:
Disk vendor
Serial number
Firmware
Smart Disk information available (current value, threshold value, reference)
Network IP address
-
24/05/2013 EasyVista 2013 Technical White Paper
55
Network adapter
DHCP Active Yes / No
DHCP Server
Subnet Mask
Default Gateway
WinsPrimary
WinsSecondary
DNS Servers
Mac Address
Network cards For each network card installed on the machine:
Name
Speed
HALF DUPLEX or FULL DUPLEX
Printers For each printer linked to the machine:
Printer number
Local or network resource linked to this printer
Port
Printer name
Full printer name
Network server providing the resource
Monitor (if available) Name
Vertical frequency
Horizontal frequency
Model description
Serial number
Vendor ID
Model ID
Manufacture date
Peripherals tree For each device listed in the device list of the machine:
Device number
Name
Internet Default browser
-
24/05/2013 EasyVista 2013 Technical White Paper
56
Default mail
Internet Explorer Default page
Proxy enable Yes/No
Security level
Cookies status
Active script authorization
Java Parameters
Instant messenger ICQ Yes / No
MSN Messenger Yes / No
Yahoo Messenger Yes / No
Screen saver Active Yes / No
Is secure Yes / No
Timeout value
Screen saver name
Boot Default boot partition
For each partition configured on the machine:
Reference
Partition name
USB Devices Number of USB ports available
For each USB device connected :
Port number
Product name
Manufacturer
Vendor ID
Product ID
Main board Manufacturer
Product name
Serial number
CPU Frequency
Vendor string
-
24/05/2013 EasyVista 2013 Technical White Paper
57
Vendor
TFMS
Brand ID
Number of processors
Number of used, active and free sockets on mother board
K.2. Software and OS configuration
Characteristic Fields
Software detected
on the machine
NETWORK or LOCAL software
Exe name
Path to exe name
Software editor
Name
Long version
Short version
Language
Path to shortcut
Windows Windows version
Product ID
System root folder
Registered organization
Registered owner
Temp folder
Workgroup or Domain
Comment
Screen resolution
Default printer
User ID
-
24/05/2013 EasyVista 2013 Technical White Paper
58
Time zone
Country
System language
User language
Auto logon Yes / No
Windows update configuration
Windows firewall configuration
License numbers Product name
License number
Lotus notes Version
Outlook Server used
Connection string
LDAP / AD Server used
Connection string
Antivirus For each antivirus detected (see list of detected antivirus in this document):
Antivirus name
Virus def
Software executed
at windows startup
For each software configured to run at windows startup:
Exe name and path
Software name
Services For each service configured and active on the machine:
Exe name and path
Service name
Hotfix For each hotfix applied on the machine :
Kbase reference of the hotfix
Name of the hotfix
Installed software For each software listed in the installed software list of the control panel:
Installed software number
Name as listed in the control panel
IDs and serial
numbers
Office product ID (if available)
Windows log For each windows log (application, system, security, etc), list the last ten
errors:
Windows log name (application, system, security, etc)
Error code
-
24/05/2013 EasyVista 2013 Technical White Paper
59
Date and time
Error label
Environment
variables
For each variable defined on the machine:
Variable name
Value
ODBC Drivers For each ODBC Driver installed on the machine:
Driver name
Version
For each USER ODBC DSN configured on the machine:
Name
Driver
Recycler For each recycler defined on the machine :
Size
Folder used
DMI Present Yes / No
Process in memory For each process in memory:
Process ID
EXE and path to exe
Editor
Name
Version
Language
TCP/UDP ports open TCP or UPD
Port number
IP of the connected machine
Profiles List of the profiles defined on the machine (each corresponding to a
different user that has been logged on the machine)
Administrator
accounts
List of the accounts granted with the local administrator level.
L. Annex 2 : Linux UNIX Inventory
L.1. Technical References
Linux Solaris HP-UX AIX
Computer
name
Yes Yes Yes Yes
-
24/05/2013 EasyVista 2013 Technical White Paper
60
Serial number Yes if available in the BIOS
No Depends of the
machine
Yes
Vendor No HP IBM
Model Machine Type Yes Yes
BIOS name
and version
No No No
Main board
manufacturer
No HP IBM
Main board
serial number
No No No
UUID N/A N/A
Mac address Yes Yes No Yes
IP Address Yes Yes Yes Yes
DNS server No Name Yes Yes
Subnet mask Yes Yes Yes Yes
CPU
Frequency
Yes Yes Yes Yes
CPU Vendor Yes No Yes Yes
CPU Name Yes Yes Yes Yes
CPU Count Yes No Yes Yes
Monitor Model Depends of the monitor
No No No
Monitor serial
number
No No No
Monitor
Vendor
No No No
Memory Total Yes Yes Yes Yes
Membanks Yes Yes No No
Logical
partitions
Name, Physical
storage, size, free
space, type
Name, Physical
storage, size, free
space
Name, Physical
storage, size, free
space
Name, Physical
storage, size, free
space
User ID Name Name Name Name
L.2. Software References
Linux Solaris HP-UX AIX
Installed
software
Based on RPMs or
packages installed
Based on packages
installed
Based on packages
installed
Based on packages
installed
OS Information Vendor, version Vendor, version Vendor, version Vendor, version
-
24/05/2013 EasyVista 2013 Technical White Paper
61