Sweating the details: optimizing usability and flexibility in bMS 2022 R1
IT admins know from hard-won experience that it pays to sweat the details when it comes to managing their networks. In other words, seemingly small things can make a big difference in how well sysadmins can keep networks, users and IT staff productive and secure.
Admins will see and appreciate that attention to detail built into the recently released baramundi Management Suite (bMS) 2022 R1. We’ve optimized or added multiple features that increase usability and flexibility for IT admins and end-users alike. Based on regular feedback we get from the baramundi user community, enhancements in 2022 R1 also increase end-to-end security and provide greater network transparency for a variety of endpoint devices.
Enhancing usability at the front-end and back-end
The new Kiosk adds many new UX features, including a much-anticipated Dark Mode. Users can view software available for self-service installation in tables or tiles, assign multiple apps to a device at the same time, or vice versa. For example, users can install the same application on their smartphone, tablet, laptop and desktop in a single step. It’s an intuitive and time-saving process that users and IT staff will appreciate equally.
Admins also get to enjoy new features that increase usability and efficiency, including:
- The ability to customize and save column layouts and properties in Universal Dynamic Groups (UDGs).
- Easy access to frequently used individual commands via the enhanced Custom Commands.
- Early email alerts for critical changes in endpoint BitLocker, firewall or antivirus status based on user defined UDG threshold values.
- Customizable notifications for disruptions or irregularities in bMS services and expiring reporting API keys to head off potential problems or to initiate appropriate responses.
Updates for update management
bMS 2022 R1 now has an update profile that can be set as a global default. All new endpoints are assigned this profile and automatically included in the next update job for devices matching the profile. That saves admins time when provisioning new devices. It also makes it much easier and faster to create and deploy update jobs, especially in standardized company or departmental environments.
Troublesome updates can now also be easily uninstalled using an extension of the "Manage Microsoft Updates" job step. Individual updates, entire update packages or individual cumulative updates can be removed as needed. When uninstallation is complete, the bMS performs an inventory of affected systems so admins can reconfigure the job, select a different remote update source, or make other changes as required.
Software supply chain security
One of the favorite and most widely used features of bMS is Managed Software (MSW), which includes fully tested, ready-to-deploy updates and patches released by software vendors for thousands of common – and not-so-common – applications. Our Managed Software team thoroughly checks all update and patch packages before adding them to our database for customer deployment. Testing covers package performance and operation as well as compatibility and malware checks. After each update is packaged and included in the MSW database, a checksum value is determined and stored centrally to ensure integrity and security.
bMS 2022 R1 now expands MSW supply chain security with end-to-end sealing. The baramundi Management Agent now downloads the installation sources locally, then revalidates the files in the background. Packages are executed only if all files are complete and unchanged. Admins are alerted to any unauthorized changes, manipulations or defective downloads directly in the bMC Notification Center and package distribution is prevented.
End-to-end sealing also includes the baramundi Management Agent itself. The baramundi server now checks whether the installation sources for the agent have been changed and notifies admins if any discrepancies are detected. This ensures that patches, updates and the baramundi Agent arrive on endpoints uncorrupted and eliminates a potential software supply chain attack surface.
Use SSH to add network devices, plus, Android Enterprise changes
The new release now automatically registers network devices that previously had to be added to the bMS manually. Using the alternative SSH (Secure Shell) protocol, admins can find more devices in both IT and OT environments and obtain port, server, version or specific keys, and other information.
Separately, we want to give customers a head-up about big changes to Google’s Android Enterprise management API coming in September 2022. bMS 2022 R1 includes support for the new API so customers managing Android Enterprise devices will be able to take advantage of updated features and functions.
One of the biggest changes concerns management of Android apps. Apps will no longer be released directly via the Play Store and instead will be managed, released and removed on a dedicated page. That includes WebApps. Thanks to input from bMS users, we’ve made it possible for customers to continue to release company-owned applications directly from the bMC without a detour to their Android developer accounts.
In addition, updates can be configured for each app instead of being applied system-wide. That helps admins address various situations, such as keeping older versions of apps until related internal server updates are completed.
The nature and extent of Google’s changes also will require users managing Android Enterprise devices to upgrade to bMS 2022 R1 before September. That’s typically a straightforward process, but please contact us if you’d like help planning and implementing the update.
Innovations, additions and enhancements
bMS 2022 R1 also includes:
- New UX convenience features such as a quick search and object tab list.
- The ticketing system and all templates are now fully available in English. Admins, ticket editors and authorized users can select the desired language for help desk communications on a per-user basis.
- Approvals for specific ticket type, e.g., service requests, can be linked with subsequent similar ticket types. Next-level approvals are then automatically distributed after release.
- In addition to classifications such as impact or urgency, the ticket template now also includes a "Priority" field.
- For SSO (Single Sign-On) use, an updated user authentication tool is available. Active Directory properties can also be used.
- Direct execution of actions on IT and OT devices is available via user-definable client commands. Commands can be defined globally and made available to all users.
Details about all of those and other new features and enhancements are available in the bMS 2022 R1 Preview document and release notes available on the baramundi Forum.