Fighting Application Drift with Self-Healing

The ability to conduct and on-demand or automatic self-healing repair of a corrupted PC  and bring it back to the approved desired state is one of the many advantages Utopic’s Persystent Suite offers. In these cases it is easy to imagine a user clicking on a suspect link and infecting their system, or adding an unauthorized application fraught with spyware and other performance-hindering elements, or perhaps accessing their registry and adjusting a standard setting. Persystent Suite is perfectly scaled to directly remediate these issues on a single reboot of the system to return the affected PC to the desired state.

Although these scenarios happen too often and are extremely problematic, the more likely service desk call will be from a user experiencing slow performance or an application performing out of character. There are dozens of potential root causes, but a likely culprit is application drift. This indicates the affected PC is not using the most updated version of the application, an update did not correctly apply during the last upgrade, or, over time, has become misconfigured from its optimum standard. In some cases, it represents unsanctioned modifications made by the end-user or third party.

The best practice is to get the user back up and running immediately. By conducting an on-demand reboot of the PC, the user can return to productivity in about a minute. From the end-user’s perspective, it will be as if the issue never happened. The reboot restores the last known desired state. This desired state, maintained and controlled by IT, contains the proper version and the correct configuration for not only the application, but for the PCs entire operating system.  It also removes any unauthorized changes that may have contributed to the PCs performance issue, yet leaves the end-user files and profiles untouched. From a security, asset management and compliance standard, it ensures each user is using the appropriate version of an application to which they are given rights to access.

However in terms of best practice (and compliance satisfaction), it is important to know why the PC was affected. Every time the desired state is reapplied, Persystent Suite creates a file change report. This report lists all the items that differentiated from the desired state settings. It allows IT to see and document (without having to sift through thousands of event logs) the delta between the approved policies, registries, applications, infrastructure configurations etc…  from the time of the issue and the approved state. This way, IT can pinpoint root causes more clearly and adjust policies or procedures to prevent or mitigate such occurrences in the future.

Advertisements

Innovation of the Year!

utopic_pinkIn recognition of the seamless and inventive way PCs can now be automatically self-healed from small break/fix issues and catastrophic failure, Pink Elephant, the global IT Service Management leadership certification and training organization awarded its top prize for IT Excellence to Utopic Software’s Persystent Suite.

Utopic, a leader in imaging, repair and configuration management solutions, was selected among four finalists at Pink Elephant’s 20th Annual International Conference & Exhibition, “Pink16,” in Las Vegas for Innovation of the Year. Persystent is a cloud-based and on-premise platform that facilitates repair and recovery of compromised or mis-configured devices. It achieves this in near real-time and without manual intervention with a single reboot of a device. Visit our main website at www.utopicsoftware.com.

As part of the thorough judging process, Utopic proved that a PC experiencing a catastrophic failure resulting from a malware breach, could be “self-healed” with a healthy, approved image in only 45 seconds. It successfully met the judging panel’s rigorous requirements of a solution that could positively impact the ITSM community and be translated into best practices.

This acknowledgement goes far in confirming the viability ofIT-Excellence-Awards-Innovation-Of-The-Year automated self-healing that can repair and recover any PC in less than a minute regardless of the damage.” said Utopic CEO Bob Whirley, “More specifically, it validates the incredible hard work and vision our team has put in to developing a comprehensive and game-changing solution. It is truly a great honor.”

SEE A DEMO OF PERSYSTENT SUITE

According to Utopic, Persystent Suite achieves ITSM’s most important goal: getting users back up and running in the shortest amount of time and thereby promoting greater amore controlled compute availability and productivity. Studies have shown that Persystent reduces break/fix incidents by more than 70 percent. Through automatic corrective action, what called “self-healing,” an ideal state is reapplied during the pre-boot process and the user is back up and running within minutes without loss of data, setting or applications.

 “All the finalists were truly innovative, but what tipped the balance was that the judging panel thought the Persystent solution would have the biggest, broadest and most positive impact on the ITSM community, ” said George Spalding, Executive Vice President, Pink Elephant. “We congratulate the Utopic team and look forward to continued innovation from them in the future.”

According to the organizers, a record number of nominations were submitted this year from organizations of all sizes and from virtually every industry. Pink Elephant’s IT Excellence Awards are considered one of the industry’s preeminent honor. See Pink Elephant’s press release

“We are absolutely thrilled and gratified the judging committee made up of our peers and other subject experts at Pink Elephant recognized the value Utopic brings and that our Persystent solution is a proven path towards that value,” Whirley added.  “As a fast-growing technology company, it’s gratifying to know our team has made significant inroads into changing how change management is perceived, deployed and managed.”

Whirley has been invited to speak at next year’s conference.

The IT Excellence Awards were created to honor and generate public recognition of the achievements and positive contributions of organizations contributing to the ITSM community.

Pink Elephant is a premier global training, consultingimages and conference service provider, and has an undisputed reputation for leading the way. They are proud of their pioneering and innovative spirit, which has enabled them to introduce and spearhead many revolutionary concepts and programs since their inception forty years ago. Pink Elephant has grown to become recognized globally as The IT Service Management Experts and is very proud of its commitment to IT best practice frameworks. In fact, Pink Elephant has been involved in the “ITIL project” since its inception in 1989.

@itilexperts

 

Maintaining control of the repair/recovery process

One of the hallmarks of a self-healing process is the control applied to the width and depth of what parts of the operating system are automatically corrected back to an approved ideal state upon reboot. Based on requirements such as corporate policies, regulatory compliance, multi-user access and best practices, this setting changes from company to company, but also can be easily modified for various sub-groups within each organization.

To maintain proper control, an automated system must allow for or provide multiple levels of repair point control (for example-High, Medium and Low). A device will repair on every boot if it is assigned a Low/Medium/High level repair policy. However, an individual device (or group) can be assigned a “No Repair” setting to support an on-demand repair policy. This way, IT administration can control if and when a device needs to be returned to the last repair point. In fact, best practices suggest that repair should be implemented on demand rather that upon every reboot in order to maintain the continuous integrity of the permitted updates and allowable changes to the image assigned to that specific device.

When engaged to self-heal, Persystent always repairs the registry files (except for the keys excluded in filters). During boot up (after the BIOS loads), the process reapplies the approved image and the Repair Exempt filter. This way, any specific file and setting, such as Virus Definition Files, can be appropriately preserved. One of the chief benefits of the Persystent self-healing process is that the device is not being reset to a Zero-day state, but rather the last approved repair point. Additionally, the repair process only affects operating system and application files. The user’s data and files are not touched. A user profile is only impacted at the highest level of repair.

Further control of the repair process is evidenced by the flexibility of changing settings. The centralized WebUI allows IT administrators to change the repair levels against any individual or group at any time. This is done by simply adjusting the policy setting. This includes adding or modifying excluded files or other policies that can be applied to a named group of devices (i.e. identified by a characteristics like location, department, function or permission etc…) or defined by an event (i.e., updates, public daily usage by multiple users). The policies can be extended to when returns to ideal state can be scheduled and enforced.

The three levels of Repair:

Low Level Repair

  • Repairs any operating system or application files that are either modified or deleted back to the repair point state.
  • Deletes any new files/folders added in operating system and application folders.
  • User profiles are left intact. All change in the user’s profile are preserved and not repaired.
  • Any new files/folders created at the root of C:\ will be left intact.

Medium Level Repair

  • Repairs any operating system and application files that are either modified or deleted back to the repair point state.
  • Deletes any new files/folders added in operating system or application folders.
  • User profiles are left intact. All change in the user’s profile are preserved and not repaired.
  • Any new files/folders created at the root of C:\ are deleted.

High Level Repair

  • Repairs any operating system or application files that are either modified or deleted back to the repair point state.
  • Deletes any new files/folders added in operating system or application folders.
  • User profiles are deleted so that new user profiles will be created when a user logs on.
  • Any new files/folders created at the root of C:\ will be deleted.

Which repair setting is best?

Each company has unique compliance, security, device performance and administrative needs. This is why settings can be adjusted to meet specific requirements. IT administrators can add various policies that control the ability to add or manipulate certain registry, files, and services. Many companies enforce a variety of direct and unique policies that apply to a selection of their diverse user profiles. Most organization use low and medium settings for individual PCs based on the above noted considerations. High level repair settings are typically reserved for publicly accessed devices, classroom, kiosk and other multi-user machines.

Who chooses the repair point?

You do. Persystent’s imaging capabilities facilitates the creation and management of an image. A snapshot of this image is reapplied during the reboot process. When the repair is initiated, the self-healing (automatic corrective action) follows the repair level rules, exemptions and filters associated with the individual or group of devices and applies the last approved ideal state (image).

How often should a new repair point be created?

Best practices dictate that a new repair point should be taken immediately after authorized changes are made to the system. This can be automatically scheduled and executed with Persystent Suite. This includes changes such as Windows Updates, key application updates, installation of new applications, installation of new devices, etc… This will preserve the authorized changes and ensure the integrity of the repair process. Many companies schedule updated images weekly on a weekly basis; typically after the application of “Patch Tuesday” or a similar coordinated event. With Persystent, the process is considerably faster in that an entire image is not recreated. The process only identifies and incorporates the changes since the last approved repair point.

What exactly is repaired?

Depending on the level of control the self-healing applies corrective action against operating system and application files. However, this can be optionally expanded to include other files and folders that are not automatically part of the repair point by using our “Repair Point Include Filter” feature. The following is Persystent’s default repair point listing:

Default on Windows Vista, Windows 7/8/8.1
C:\Bootmgr
C:\Bootsect.bak

Captured on Windows Vista/Windows 7/8/8.1
C:\Windows (Excluding C:\Windows\CSC)
C:\Program Files
C:\Program Files (x86)\
C:\ProgramData
C:\Users\Public
C:\Users\Default
C:\Boot
C:\inetpub

The driving force behind Persystent’s multiple levels of repair is to allow for the maximum amount of control by IT while maintaining corporate standards of performance integrity. The flexibility of Persystent provides the right amount of protection, lifecycle expediency and compliance support for every machine under the enterprise umbrella.

With so many potential issues affecting critical systems, from user errors to malware infections to catastrophic failures (“blue screen of death’) IT departments constantly need to reimage machines from scratch or spend countless hours troubleshooting and repairing. The benefits of self-healing are obvious. It reduces helpdesk calls, promotes faster resolution of issues, eliminates the need for lengthy manual intervention, but most importantly it maintains a standard of performance through Persystent’s levels of repair.

 Download this article as PDF