Role-based access control
Desktop Central 7 uses a role-based access control (RBAC) motif in which you can log into the system as a full-fledged administrator or as one of a series of dedicated sub-administrative roles, including the following:
- Patch Manager
- Asset Manager
- Remote Desktop Technician
Once you are logged in as an administrator, Desktop Central offers you a plethora of administrative action options for managed devices; some of these are shown in the screenshot below.
Desktop Central 7 administrative options
The Scan Systems option is particularly relevant because network discovery is key to creating managed computers as well as in most other aspects of the software. The Scope of Management page, shown in the next screenshot, lists managed computers and enables you to (among other things) install or uninstall the agent software.
Managing client devices
The Scope of Management report truly forms the foundation of your systems administration with Desktop Central 7. This list comprises the systems that are managed by Desktop Central; thus, all other Desktop Central processes (for instance, inventory scanning, managing software, etc.) operate from this systems list.
IT asset management
Does your IT shop subscribe to service management frameworks such as ITIL? Regardless, we need to be able to document exactly what hardware and software we have within our infrastructure. We also need to be able to account for software licenses, to limit or prevent user installation of unauthorized software, and so forth.
As you can observe in Figures 4 and 5, the Desktop Central 7 agent software thoroughly scours target systems, enabling you the administrator to know always precisely what each machine’s hardware and software loadout looks like.
The rich reporting in Desktop Central 7 enables "at a glance" analysis of your target systems.
Desktop Central 7 can feasibly allow you to move away (partially or fully) from the often difficult-to-troubleshoot Group Policy infrastructure. For instance, with Desktop Central 7, we can perform the following hardware/software configuration tasks that are typically reserved for GPOs:
- Blocking or disabling USB devices on the network
- Performing power management on managed systems
- Applying Windows Explorer and Internet Explorer security policies
- Mapping drives, setting environment variables, customizing Control Panel
- Configuring Windows services (including firewall policy)
Software deployment and maintenance
The software deployment features that are built into Desktop Central 7 mean that you can possibly retire WSUS and Group Policy Software Installation.
If you seek to move away from the complex array of Windows OS deployment tools, then a related ManageEngine product is what you need: OS Deployer. OS Deployer includes functionality to manage all aspects of the operating system lifecycle: image capture, image maintenance, and image deployment.
However, Desktop Central 7 can be used to deploy service packs and any other .EXE or .MSI software installation package, and prevent specified software from being installed by your network users.
Notice how in the following figure the software packages list resembles the Programs and Features Control Panel item—deploying software with Desktop Central 7 is much easier than with comparable tools!
Software deployment with Desktop Central 7
In a nutshell, the software deployment feature in Deskop Central 7 enables you to completely manage the installation and uninstallation of approved software packages. The basic workflow for this works as follows:
- Create a central repository to host the software installers
- Create a schedule for installation (you can schedule installation on a per-user or per-computer basis)
- Determine application lifetime (you can schedule software updates or product installation automatically)
Patch management is another selling point of Desktop Central 7. The software allows the deployment of both Microsoft as well as non-Microsoft patch code. Desktop Central 7 also enables you to automatically deploy antivirus updates for clients that use the Microsoft Forefront Client Security software.
One interesting aspect of the patch management/security management feature in Desktop Central 7 is their online vulnerability database. The way this works is that the Desktop Central 7 software periodically queries this online database for the release of any Microsoft hotfix code, downloads the code to your Desktop Central management server, and notifies administrators as to its availability. This makes it easier for systems administrators to remain on the forefront (pun intended) of IT security.
Notice that this review only scratched the surface of ManageEngine Desktop Central 7's capabilities. I encourage you to download the free trial and have a closer look at this easy-to-use desktop management software. If you already have experience with the product or any questions about it, then please feel free to leave that feedback in the comments portion of this post.
If you want to have a chance to win a 100 computers annual subscription license (worth $995 USD) or a 50 computers annual subscription license of the Professional Edition (worth $545 USD), please send an email with the subject "Desktop Central" to . The deadline of this contest is January 7, 2012.