Reading time: 6 minutes | Category: Automation
If you are looking for a new IT solution for your company, there are often different manufacturers with different solutions. How do you find the right IT solution to meet your needs? Every IT solution should meet a few essential criteria if it is to provide your company with real added value. We collect them in our series.
One point is important, which is above all criteria: If you are looking for a solution for operational IT operations, then make sure that the new solution supports the bottom-up approach (i.e. “sets it down”, i.e. offers support directly in operational business) and does not function according to the top-down approach.
Here we let any solution with the top-down approach compete against the bottom-up approach (using ScriptRunner as an example) in the different categories (criteria).
Top-down:
The focus here is on solutions and products for the full automation of the entire IT infrastructure and its processes, i.e. above all complex IT service management (ITSM), orchestration, workflow or monitoring platforms. These are less specialized in scripting than in knowledge.
Bottom-up with ScriptRunner:
Support processes and daily tasks are made more efficient by scripting with PowerShell, where actions such as deactivating users, resetting passwords and many other everyday tasks are quickly performed by service desks or end users without compromising security.
Top-down:
In the administrative area, such workflow or orchestration platforms in the UI are very multi-layered and complex, sometimes with several consoles that must/can mesh with each other.
End-user interfaces are designed for intuitive usability. However, user/key user training is required to map procurement processes or approval processes, for example.
Bottom-up with ScriptRunner:
Admins and DevOps develop scripts in a team, supported by the integrated PowerShell ISE App. All settings, such as the configuration of execution policies and assignments, are defined via the Admin App and assigned or delegated to different user groups (e.g. service desk) for execution.
With the ScriptRunner Delegate App Service Desk employees can safely execute scripts via browser with a simple graphical interface without scripting knowledge or administrative access rights to the systems.
Top Down:
Projects usually take several months/years, high training and education costs in the administrative area, sometimes high dependencies on the manufacturer or service provider are given, because know-how is often not available in-house and has to be purchased. This can often be seen in the case of updates or upgrades of these solutions, where external support usually must be obtained.
Bottom-up with ScriptRunner:
ScriptRunner can be continuously extended step by step and can use any progress immediately. The total costs for recurring tasks and processes decrease permanently, you achieve sustainable efficiency gains. The investments in ScriptRunner and the implementation of the Use Cases have a fast and positive effect on the total costs for routine tasks.
As a rule, both systems are operated in virtual infrastructures and have standard requirements in terms of CPU, RAM, etc. performance. Workflow, ITSM or orchestration platforms typically require more performance.
Top Down:
In addition, some systems from this environment are available as public cloud services. This means that the host systems and the application are operated entirely by the provider and do not have to be provided by the customer.
Bottom-up with ScriptRunner:
The host system is usually operated in the customer network (private cloud) and is not available as a public cloud service.
Top Down:
There is a high risk here due to overburdened requirements for a solution and a high workload for the IT teams. Broad skills and a lot of specialist know-how are required. The more complex a planned solution is, the more complex the project and operations become.
Often only very few employees are to be found in these process operating teams, which often do not possess the necessary in-depth know-how (AD, Exchange etc.). This results in long maintenance times and queries about requirements arising from IT operations.
Bottom-up with ScriptRunner:
Manageable additional workload and step-by-step skill and experience building facilitate the implementation and introduction to day-to-day operations.
The ScriptRunner Action Packs also shorten the introduction to PowerShell automation. The Action Packs are product- and topic-oriented script collections with typical use cases for routine tasks for Active Directory, Exchange, Office 365, Windows Server and Client, VMware, Citrix and many more.
Top Down:
Workflow, ITSM or orchestration platforms typically require a little more steam under the hood but scale up best when needed. With public cloud solutions, this point is completely omitted again. Most systems have an advantage due to their mature high availability options.
Bottom-up with ScriptRunner:
CPU and memory are usually not the limiting resources for the parallel execution of PowerShell scripts. Execution requires very little RAM per script.
ScriptRunner has the additional advantage that ScriptRunner actions can be configured so that the PowerShell executions themselves can also take place on the target system, i.e. not necessarily locally on the ScriptRunner host (PowerShell Remoting, PowerShell Implicit Remoting). This provides additional load balancing.
Top Down:
The logic here lies in the very complex and complex workflows or processes, resulting in a lack of flexibility. This can only be compensated for by very high programming costs for new requirements or extensions to existing use cases. As already described above, operational framework conditions are left out of the equation.
Since the process teams cannot usually react agilely to the requirements of the specialist departments or IT operating teams, this leads to a poor cost/benefit ratio.
Bottom-up with ScriptRunner:
The logic here lies in the PowerShell script itself and can, therefore, be adapted very flexibly. ScriptRunner interprets the script parameters and displays them graphically automatically. No GUI must be programmed.
Based on tasks and processes that can be automated on the operational-technical execution level, further relevant systems such as monitoring, service applications, workflows and orchestration solutions can then be included in the second step. This agile, fast and pragmatic method enables results to be achieved quickly in day-to-day business with very good cost/benefit ratios.
Top Down:
Updates and upgrades for IT Service Management (ITSM) and orchestration workflow solutions are often complex and time-consuming. The solutions usually involve a mixture of local applications installed on the clients and web applications. In contrast to ScriptRunner, where the logic lies in the PowerShell script itself, in workflows you must pay special attention to where and in which places the manufacturer has tweaked the new versions by adding new features and changes. If changes affect the workflow itself, extensive testing must be carried out both before and after the changes.
Bottom-up with ScriptRunner:
Updates and upgrades of the ScriptRunner host or ScriptRunner services should always go hand in hand with the update of the ScriptRunner Web Apps. The update itself is simple, the new setup files will be “installed over it”. The settings from the previous installation are taken over and should not be changed.
Most users use the admin and delegate app via their browser. ScriptRunner supports all common web browsers (IE, Edge, Mozilla Firefox, Chrome). Thus, a rollout of a new version is very easy, since only changes are made on the web server. A software rollout to the clients is therefore not necessary. The set cache behavior of the browser should be considered. To renew the JavaScript files in the browser cache, you can use CTRL-F5 in conjunction with the reload of the application in the browser.
More at: https://support.scriptrunner.com/de/techblog/scriptrunner-tipp-software-update/
Top Down:
Complex IT service management (ITSM), orchestration workflow solutions usually have open interfaces such as REST. This basically allows the integration of the solution with other products. The security plays a very important role here, required administrative credentials are usually transferred in plain text in a script, for example. This poses hurdles for many companies, as restrictive regulations often stand in the way of such use.
Bottom-up with ScriptRunner:
Through standardized connectors (WebService, e-mail inbound, SQL), many different third-party systems can be quickly and easily integrated with ScriptRunner to complete automation solutions. This allows the third-party system to call ScriptRunner in a controlled and secure way and vice versa. Examples are:
Top Down:
It can be observed that there are not very many providers on the market who often interlink several individual solutions under one flagship. As a result, there are many updates, which often bring only a few real new features with them.
The dependencies between the individual solutions and the interaction of the interfaces are sometimes serious. Looking at last year (as of July 2018), it can be observed that more and more solutions are being purchased, resulting in consolidation to an even smaller number of providers. The extent to which or to which the purchased product is integrated is therefore always a black box and leaves customers feeling insecure.
Medium- and long-term support is very secure for large customers in the enterprise segment.
Bottom-up with ScriptRunner:
Not a completely new player on the market, but with a stable customer base, ScriptRunner provides at least one major release and 2-3 feature/minor releases in the calendar year. Most of the new features are based on feature requests from customers.
Our “Professional Onboarding” – five thematically separated web sessions in which you not only get to know the individual functions of ScriptRunner, but also gain a deeper insight into the functionality and interaction of PowerShell and ScriptRunner – ensures a smooth and accompanied introduction.
In addition to the Action Packs (script collections optimized for ScriptRunner from various subject areas), which are constantly being further developed and exclusively available to customers, Professional Services and workshops on individual areas (integration into third-party systems, etc.) can also be booked.
Top Down:
The solutions for full automation are located at the process or logic level.
This usually leads to very complex processes. The following figure shows the stages of transformation. The process level tries to cover the two upper levels “High Level” and “Fully automated”. The previously established stages often remain outside. If one tries to address these previously established levels, one realizes that the lack of agility delivers few and very late results for the actual day-to-day operations.
Source: IDC newsletter “Optimization drives digital transformation” 2017
Bottom-up with ScriptRunner:
ScriptRunner works exactly differently. The focus is on operational requirements that optimize day-to-day operations and quickly lead to results with low investment. Due to the open architecture with suitable interfaces to various systems (including process level) of the enterprise architecture, ScriptRunner can be integrated quickly and easily. If, for example, a leading workflow system is integrated with ScriptRunner, this has the enormous advantage that the workflows that ScriptRunner calls at one point remain lean. Changes are then made directly in the script. It is no longer necessary to touch the complete workflow.
First, clarify the terminology:
Authentication:
The input of login data into the system (assertion of identity)
Verification:
Verification of the assertion by the system or a superior and result of the verification (verification of the assertion from the authentication)
Authorization:
Examination of the rights, then granting or refusing them
Top down:
The systems usually have a very complex rights and role system, very finely granularly adjustable, which of course also leaves room for errors, since rights that were granted at a time are often no longer automatically removed. Coupling to one-time password systems or similar is usually possible. In the case of requirements or executions from self-service portals, etc., a release process for authorization can often also be triggered.
Bottom-up with ScriptRunner:
ScriptRunner has two roles – administrators and operators.
Administrators define the guidelines for the execution of the scripts and define the delegation to the operators or third-party systems, which then execute the actions in their rights and roles. This has the advantage that administrative accounts can be streamlined. Even administrators or sub-administrators no longer need extended rights to execute scripts using the graphical UI on the target system(s). To prevent an administrator from having access to a target system with the appropriate credentials from another area, several ScriptRunner instances are operated in practice. Users of the Delegate app can be presented with actions from different hosts, depending on whether they are authorized or not.
Release processes or securing a login to the apps or command prompt when executed by e.g. entering an additional one-time password is not yet possible today.
Top Down:
Some providers offer full public cloud functionality, the cloud infrastructure is usually always active. Multi-instance architecture, some manufacturers guarantee that not one customer instance is ever offline. This is a high-availability infrastructure that provides redundancy for the instances between two data center clusters.
Other manufacturers are only able to operate On-premise or in the private cloud.
Bottom-up with ScriptRunner:
ScriptRunner is On-premise or can be operated in the private cloud, there is no public cloud functionality today.
Top Down:
As a rule, several languages are supported in the user interface. The documentation is very detailed, and the customer often doesn’t get any further with deeper questions and configuration adjustments. This usually requires the involvement of the manufacturer or a service provider.
Bottom-up with ScriptRunner:
The user interface and the documentation are available in German and English.
The predefined Script Action Packs are developed in GitHub according to Microsoft best practices and documented in detail.
Further useful information on configuring queries, connecting third-party systems, building scripts, etc. is provided in the ScriptRunner Tech-Blog and helps in addition to Support.
https://www.scriptrunner.com/wp-content/uploads/2020/01/1zu1.png 702 702 Aline Imhof https://www.scriptrunner.com/wp-content/uploads/2018/05/ScriptRunner_Logo_RGB-300x45.png Aline Imhof2020-01-14 15:38:492020-02-13 15:33:48ScriptRunner ActionPack for Microsoft Power Apps and Power Automate
https://www.scriptrunner.com/wp-content/uploads/2019/08/PowerShellScripte_2zu1-e1581605646278.png 286 441 Thomas Joos https://www.scriptrunner.com/wp-content/uploads/2018/05/ScriptRunner_Logo_RGB-300x45.png Thomas Joos2019-08-15 00:04:432020-03-31 09:28:34Using PowerShell Scripts for Automation
https://www.scriptrunner.com/wp-content/uploads/2019/08/Secure1zu1-t.jpg 1000 1000 Daniel Finkenzeller, Consultant https://www.scriptrunner.com/wp-content/uploads/2018/05/ScriptRunner_Logo_RGB-300x45.png Daniel Finkenzeller, Consultant2019-08-08 15:44:422020-02-26 16:03:48Manage PowerShell credentials with Pleasant password server
Gain more time for innovation with automation in IT operations