Feeds

So you want an office of Apple Macs - here's a survival guide

Trevor Pott digs out the tools to keep fanboi workers happy

Choosing a cloud hosting partner with confidence

Backups. You do have backups, right?

For file-based backups, it is hard to beat Apple's Time Machine. In fact, Time Machine is a selling point for Macs all on its own; it's more powerful and easier to use than Windows' native capabilities. Time Machine will back up your Mac to an external drive or compatible third-party NASes, my beloved, overworked Synology among them. You can also do Time Machine over iSCSI; the Drobo B1200i had no problems accepting backups from an entire office at the same time.

Image-based backups are critical for point-in-time recovery, restoring a system to a known-good state or coping with a dead hard drive. Traditional tools such as Clonezilla will do the trick, but Super Duper or Carbon Copy Cloner are far better suited. Between Time Machine and the image-based backups, Mac endpoints have become quite easy to maintain.

Centralised control

In a heterogeneous environment, how do you apply enterprise-grade centrally managed security, track usage and restrict access? The answer: using the same tools you use today. If you run a Mac-only environment, Mac only JAMF Casper Suite is where you should start. It does enterprise Apple management, it does it well, and it knows both OS X and iOS inside and out. Apple itself makes a popular option called simply remote desktop; it is a full centralised management suite and when combined with OS X Server can make Apple-only environments sing.

Microsoft's System Center 2012 SP1 is embracing management of Linux, Unix and OS X endpoints. To be frank, it's a good first try, but support is still not entirely there. It should be by the next revision, so keep your eye on it.

Symantec's Altiris and Dell's Kace are popular, truly enterprise-class management offerings with mature Mac support. I haven't personally had the opportunity to work with them in as much depth as I have with Microsoft's System Center. I have had only a few hours to play with both tools actively used in heterogeneous environments, but it is enough for me to strongly recommend them over System Center. System Center is a fantastic Microsoft-only solution, but these products have just been doing multi-vendor for longer.

Of course, Puppet is on the list here as well. If you do go the Puppet route for your configuration, Spiceworks is worth considering. Spiceworks and Puppet complement each other and even integrate well. Spiceworks gives you visibility of your network, and among other things, your software and hardware inventory. Puppet lets you control those items. Throw in monitoring from Nagios or Zenoss and SME admins can put together a powerful network management suite rivalling anything the big boys can offer, for a fraction of the cost.

'Have you tried turning it off and on again?'

Helpdesk software is the last critical item for any business deployment. System Center, Altiris, Kace and Spiceworks all offer ticket systems, asset management and so forth. They are all - to varying degrees - useful in a heterogeneous environment, and you shouldn't have to look beyond them for basic helpdesk software.

Screenshot of Windows running on a Mac over a remote connection

Behold, the beast of Redmond stalks my Mac desktop

Remote access is another matter entirely. For me, the biggest thing holding back Apple in the enterprise - even more than application compatibility - is the poor quality of the remote desktop software. OS X - like most flavours of Unix and Linux - uses VNC to share the desktop. The most modern VNC server is still slower than RDP from over a decade ago. Worse, Apple's licensing is such that you cannot do anything VDI-like: licences can only be used on Apple-provided hardware, and they offer neither high-density metal-as-a-service solutions, nor fully graphically accelerated VMware View-like VDI. If you want to remotely access your beefy Mac Pro and do some heavy lifting on it, you're out of luck.

If you are looking for remote access software for other purposes - the occasional peek into your home PC to check something, or for remote assistance - then there are many options available. Apple's remote desktop is one consideration. This application incorporates VNC client, SSH, file transfer and more. I personally use Teamviewer largely out of inertia; it works perfectly, why change? If you are going the Spiceworks route, Log Me In integrates directly into Spiceworks, making it a compelling choice.

Thinking different, in exactly the same way

If functionality gaps like the use of VNC serve as roadblocks to enterprise adoption, the blame lies squarely with Apple. In the case of this particular gripe, Apple could easily licence NX or pour resources into the very active community surrounding FreeRDP. Either would result in a more palatable remote option quickly. Lack of roadmap visibility, just plain dumb decisions and an obsession with secrecy also hurt corporate uptake.

A working networked account in the Mac OS X account control panel

Finally, all set up on the network and ready to fly

In truth, Apple simply doesn't care; Apple's goal isn't to build enterprise-class systems. It is a consumer electronics company. Secrecy is quite expertly parlayed into hype. Hype shifts units and has helped to build a religious following; one so strong that no gaffe can deter the faithful. Without a reason to innovate, Macs in the enterprise will never run an Apple solution stack unless you intend to run only Apple products. Unlike Microsoft networks - where the server and management side is Microsoft on Microsoft with added Microsoft - heterogeneous networks rely on third-party vendors to step in and fill the gaps.

Third parties have taken up the challenge and done a fantastic job; Macs in the enterprise are finally a perfectly viable option for organisations of any size. Microsoft is becoming a real option, with Symantec's Altiris and Dell's Kace being commercial off-the-shelf solutions. The freemium stack of Spiceworks, Puppet, Log Me In, Zenoss, Super Duper and globalSAN mean that even the smallest deployments can start bringing enterprise-class management to their Mac deployments today. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.