If you are looking for a new IT solution for your company, there are often different manufacturers with different solutions. How do you find the right IT solution to meet your needs? Every IT solution should meet a few essential criteria if it is to provide your company with real added value. We collect them in our series.
One point is important, which is above all criteria: If you are looking for a solution for operational IT operations, then make sure that the new solution supports the bottom-up approach (i.e. “sets it down”, i.e. offers support directly in operational business) and does not function according to the top-down approach.
Choosing an IT Solution – Top Down vs. Bottom Up
Here we let any solution with the top-down approach compete against the bottom-up approach (using ScriptRunner as an example) in the different categories (criteria).
Part 1: Functionality, usability and costs
Functionality: What added value does the IT solution bring to your company?
Top-down |
Bottom-up with ScriptRunner: |
|
The focus here is on solutions and products for the full automation of the entire IT infrastructure and its processes, i.e. above all complex IT service management (ITSM), orchestration, workflow or monitoring platforms. These are less specialized in scripting than in knowledge. These approaches are driven to a large extent by visions and often leave out operational framework conditions. |
Support processes and daily tasks are made more efficient by scripting with PowerShell, where actions such as deactivating users, resetting passwords and many other everyday tasks are quickly performed by service desks or end users without compromising security.
|
Usability: How easy is the IT solution to operate (for example, is the user interface designed intuitively, how much training is required)?
Top-down |
Bottom-up with ScriptRunner: |
|
In the administrative area, such workflow or orchestration platforms in the UI are very multi-layered and complex, sometimes with several consoles that must/can mesh with each other. End-user interfaces are designed for intuitive usability. However, user/key user training is required to map procurement processes or approval processes, for example.
|
Admins and DevOps develop scripts in a team, supported by the integrated PowerShell ISE App. All settings, such as the configuration of execution policies and assignments, are defined via the Admin App and assigned or delegated to different user groups (e.g. service desk) for execution. With the ScriptRunner Portal App, help desk employees can safely execute scripts via browser with a simple graphical interface without scripting knowledge or administrative access rights to the systems.
|
Costs (one-time, ongoing): What is the total cost of ownership (TCO) for the IT solution?
Top-down |
Bottom-up with ScriptRunner: |
|
Projects usually take several months/years, high training and education costs in the administrative area, sometimes high dependencies on the manufacturer or service provider are given, because know-how is often not available in-house and has to be purchased. This can often be seen in the case of updates or upgrades of these solutions, where external support usually must be obtained.
|
ScriptRunner can be continuously extended step by step and can use any progress immediately. The total costs for recurring tasks and processes decrease permanently, you achieve sustainable efficiency gains. The investments in ScriptRunner and the implementation of the Use Cases have a fast and positive effect on the total costs for routine tasks.
|
Part 2: Performance, manpower and scalability requirements
Performance of the IT solution – does the IT solution run on (low-cost) standard hardware at the required speed?
As a rule, both systems are operated in virtual infrastructures and have standard requirements in terms of CPU, RAM, etc. performance. Workflow, ITSM or orchestration platforms typically require more performance.
Top-down |
Bottom-up with ScriptRunner: |
|
In addition, some systems from this environment are available as public cloud services. This means that the host systems and the application are operated entirely by the provider and do not have to be provided by the customer. |
The host system is usually operated in the customer network (private cloud) and is not available as a public cloud service. |
Requirements for manpower and knowledge/skills: Does the IT solution require a high level of manpower (including rare knowledge/skills)?
Top-down |
Bottom-up with ScriptRunner: |
|
There is a high risk here due to overburdened requirements for a solution and a high workload for the IT teams. Broad skills and a lot of specialist know-how are required. The more complex a planned solution is, the more complex the project and operations become. Often only very few employees are to be found in these process operating teams, which often do not possess the necessary in-depth know-how (AD, Exchange etc.). This results in long maintenance times and queries about requirements arising from IT operations. |
Manageable additional workload and step-by-step skill and experience building facilitate the implementation and introduction to day-to-day operations. The ScriptRunner ActionPacks also shorten the introduction to PowerShell automation. The ActionPacks are product- and topic-oriented script collections with typical use cases for routine tasks for Active Directory, Exchange, Office 365, Windows Server and Client, VMware, Citrix and many more. |
Scalability: Can the IT solution increase its output if additional resources are added to handle the increased load?
Top-down |
Bottom-up with ScriptRunner: |
|
Workflow, ITSM or orchestration platforms typically require a little more steam under the hood but scale up best when needed. With public cloud solutions, this point is completely omitted again. Most systems have an advantage due to their mature high availability options. |
CPU and memory are usually not the limiting resources for the parallel execution of PowerShell scripts. Execution requires very little RAM per script. ScriptRunner has the additional advantage that ScriptRunner actions can be configured so that the PowerShell executions themselves can also take place on the target system, i.e. not necessarily locally on the ScriptRunner host (PowerShell Remoting, PowerShell Implicit Remoting). This provides additional load balancing. |
Part 3: Agility, Flexibility & Adaptability, Serviceability and Interfaces
Agility, flexibility, adaptability: Can the IT solution be easily and quickly adapted to new requirements (e.g. without programming)?
Top-down |
Bottom-up with ScriptRunner: |
|
The logic here lies in the very complex and complex workflows or processes, resulting in a lack of flexibility. This can only be compensated for by very high programming costs for new requirements or extensions to existing use cases. As already described above, operational framework conditions are left out of the equation. Since the process teams cannot usually react agilely to the requirements of the specialist departments or IT operating teams, this leads to a poor cost/benefit ratio. |
The logic here lies in the PowerShell script itself and can, therefore, be adapted very flexibly. ScriptRunner interprets the script parameters and displays them graphically automatically. No GUI must be programmed. Based on tasks and processes that can be automated on the operational-technical execution level, further relevant systems such as monitoring, service applications, workflows and orchestration solutions can then be included in the second step. This agile, fast and pragmatic method enables results to be achieved quickly in day-to-day business with very good cost/benefit ratios. |
Serviceability: Can the IT solution be easily installed, operated, maintained and upgraded?
Top-down |
Bottom-up with ScriptRunner: |
|
Updates and upgrades for IT Service Management (ITSM) and orchestration workflow solutions are often complex and time-consuming. The solutions usually involve a mixture of local applications installed on the clients and web applications. In contrast to ScriptRunner, where the logic lies in the PowerShell script itself, in workflows you must pay special attention to where and in which places the manufacturer has tweaked the new versions by adding new features and changes. If changes affect the workflow itself, extensive testing must be carried out both before and after the changes. |
Updates and upgrades of the ScriptRunner host or ScriptRunner services should always go hand in hand with the update of the ScriptRunner Web Apps. The update itself is simple, the new setup files will be “installed over it”. The settings from the previous installation are taken over and should not be changed. Most users use the admin and delegate app via their browser. ScriptRunner supports all common web browsers (IE, Edge, Mozilla Firefox, Chrome). Thus, a rollout of a new version is very easy, since only changes are made on the web server. A software rollout to the clients is therefore not necessary. The set cache behavior of the browser should be considered. To renew the JavaScript files in the browser cache, you can use CTRL-F5 in conjunction with the reload of the application in the browser. |
Interfaces: Does the IT solution offer open or proprietary interfaces to connect with other IT solutions?
Top-down |
Bottom-up with ScriptRunner: |
|
Complex IT service management (ITSM), orchestration workflow solutions usually have open interfaces such as REST. This basically allows the integration of the solution with other products. The security plays a very important role here, required administrative credentials are usually transferred in plain text in a script, for example. This poses hurdles for many companies, as restrictive regulations often stand in the way of such use. |
Through standardized connectors (WebService, e-mail inbound, SQL), many different third-party systems can be quickly and easily integrated with ScriptRunner to complete automation solutions. This allows the third-party system to call ScriptRunner in a controlled and secure way and vice versa. Examples are:
|
Part 4: Sustainability and Consistency with the Enterprise IT Architecture
Sustainability: Will the IT solution be further developed and supported by the IT solution provider in the medium to long term?
Top-down |
Bottom-up with ScriptRunner: |
|
It can be observed that there are not very many providers on the market who often interlink several individual solutions under one flagship. As a result, there are many updates, which often bring only a few real new features with them. The dependencies between the individual solutions and the interaction of the interfaces are sometimes serious. Looking at last year (as of July 2018), it can be observed that more and more solutions are being purchased, resulting in consolidation to an even smaller number of providers. The extent to which or to which the purchased product is integrated is therefore always a black box and leaves customers feeling insecure. Medium- and long-term support is very secure for large customers in the enterprise segment. |
Not a completely new player on the market, but with a stable customer base, ScriptRunner provides at least one major release and 2-3 feature/minor releases in the calendar year. Most of the new features are based on feature requests from customers. The ScriptRunner Platform Onboarding – five thematically separated web sessions in which you not only get to know the individual functions of ScriptRunner, but also gain a deeper insight into the functionality and interaction of PowerShell and ScriptRunner – ensures a smooth and accompanied introduction. In addition to the ActionPacks (script collections optimized for ScriptRunner from various subject areas), which are constantly being further developed and exclusively available to customers, Professional Services and workshops on individual areas (integration into third-party systems, etc.) can also be booked. |
Consistency with the enterprise IT architecture: Does the IT solution match the standards set by the enterprise IT architecture of your company?
Top-down |
|
The solutions for full automation are located at the process or logic level. This usually leads to very complex processes. The following figure shows the stages of transformation. The process level tries to cover the two upper levels “High Level” and “Fully automated”. The previously established stages often remain outside. If one tries to address these previously established levels, one realizes that the lack of agility delivers few and very late results for the actual day-to-day operations.
Approach to architecture for IT infrastructure transformation jouney. Source: IDC newsletter “Optimization drives digital transformation” 2017 |
Bottom-up with ScriptRunner: |
|
ScriptRunner works exactly differently. The focus is on operational requirements that optimize day-to-day operations and quickly lead to results with low investment. Due to the open architecture with suitable interfaces to various systems (including process level) of the enterprise architecture, ScriptRunner can be integrated quickly and easily. If, for example, a leading workflow system is integrated with ScriptRunner, this has the enormous advantage that the workflows that ScriptRunner calls at one point remain lean. Changes are then made directly in the script. It is no longer necessary to touch the complete workflow.
|
Part 5: IT Governance, Cloud Capabilities and Documentation
IT governance: Does the IT solution adequately support IT governance requirements (such as a role-based authorization concept)?
First, clarify the terminology:
- Authentication: The input of login data into the system (assertion of identity)
- Verification: Verification of the assertion by the system or a superior and result of the verification (verification of the assertion from the authentication)
- Authorization: Examination of the rights, then granting or refusing them
Top-down |
Bottom-up with ScriptRunner: |
|
The systems usually have a very complex rights and role system, very finely granularly adjustable, which of course also leaves room for errors, since rights that were granted at a time are often no longer automatically removed. Coupling to one-time password systems or similar is usually possible. In the case of requirements or executions from self-service portals, etc., a release process for authorization can often also be triggered. |
ScriptRunner has two roles – administrators and operators. Administrators define the guidelines for the execution of the scripts and define the delegation to the operators or third-party systems, which then execute the actions in their rights and roles. This has the advantage that administrative accounts can be streamlined. Even administrators or sub-administrators no longer need extended rights to execute scripts using the graphical UI on the target system(s). To prevent an administrator from having access to a target system with the appropriate credentials from another area, several ScriptRunner instances are operated in practice. Users of the Portal app can be presented with actions from different hosts, depending on whether they are authorized or not. Release processes or securing a login to the apps or command prompt when executed by e.g. entering an additional one-time password is not yet possible today. |
Cloud capability: Can the IT solution be operated as a private or public cloud solution?
Top-down |
Bottom-up with ScriptRunner: |
|
Some providers offer full public cloud functionality, the cloud infrastructure is usually always active. Multi-instance architecture, some manufacturers guarantee that not one customer instance is ever offline. This is a high-availability infrastructure that provides redundancy for the instances between two data center clusters. Other manufacturers are only able to operate On-premise or in the private cloud. |
ScriptRunner is On-premise or can be operated in the private cloud, there is no public cloud functionality today. |
Documentation and support for different languages: How good is the documentation of the IT solution for users and operators? In which languages is the documentation available?
Top-down |
Bottom-up with ScriptRunner: |
|
As a rule, several languages are supported in the user interface. The documentation is very detailed, and the customer often doesn’t get any further with deeper questions and configuration adjustments. This usually requires the involvement of the manufacturer or a service provider. |
The user interface and the documentation are available in German and English. The predefined ActionPacks are developed in GitHub according to Microsoft best practices and documented in detail. For more useful information on configuring queries, connecting to third-party systems, creating scripts, etc., see the Knowledge Base and the ScriptRunner blog. |
About the author:
Clemens Feigl has over 13 years of sales experience in the IT sector. Together with his customers, he determines the automation and delegation processes in the company and advises the customer on the use of ScriptRunner in IT operations.