Kace offers IT automation sized right for SMBs

I believe that quite a few small businesses are silently hoping that they’re small enough to fly under the radar of the compliance police. Just keeping up with patches and software updates has to be stretching SMB IT managers to their limits.

Kace wants to come to their rescue with KBOX, a nicely compiled suite of IT automation tools. KBOX has fewer bells and whistles than the big boys in the SEM (Security Event Manager) marketplace, but it has just enough compliance features, software deployment tools, auditing, and help desk features to put a smile on an overworked SMB admin’s face.

Through an amalgamation of policies, network scanning, and centralized update and patch databases, KBOX v2.1 takes care of your hardware and application maintenance duties. The appliance mixes software pushes and updates with compliance checking at varying levels of intrusiveness. For example, you can force the users to wait while you complete a compliance scan, or you can make the scan an optional task that must be completed by a certain date.

Your click-and-choose script will also push out virus and application updates via a customizable portal page, or you can use the “wake on LAN” feature to push out updates after hours. If your Windows application doesn’t have a “silent” installation option, Kace offers a large collection of scripts for updates, and customization services are available through its services group.

The tidy browser-based management interface has neatly arranged tabs to separate the major features into logical categories: Inventory, Distribution, Scripting, Security, Help Desk, and Alerts and Reporting. KBOX even makes both mandatory and on-demand software pushes relatively painless via the WMI (Windows Management Interface).

Using the top-level tabs as your starting point, the KBOX menus drive you through a self-documenting, point-and-click interface that has you building complex automation scripts in minutes. With the option of raw XML editing, you can take your custom script along wherever you may roam.

On the vulnerability testing front, KBOX supports OVAL (Open Vulnerability and Assessment Language), a common vulnerability assessment infrastructure also found in offerings from the SEM heavyweights. This common description language for security events standardizes the assessment process, and it’s nice to see it in an SMB appliance.

For the smaller shops, Kace also provides a services group contract that can handle many of the day-to-day tasks like updates and compliance checking. Warranty and extended services contracts also cover hardware with Kace designing in mirrored, hot swap SATA disks to provide the primary storage medium with a third disk being used for compressed system backups for very quick system restores.

The Honolulu lab is a wild mix of machines that tends to sit for long periods between shoot-out testing, and as a result, I had a wildly variable list of updates that needed to be made. So even without an Active Directory backend, we used KBOX’s administrator log-ins to push out various updates these machines had missed and tried out things like moving Solitaire game programs into a quarantine area. KBOX did a good job with all of these tasks.

Just to make life interesting, we also tried the Kace client on a ClearCube blade workstation, and an old Celeron with Windows 2000. Performance was good; the only problem we encountered was with the blade workstation, and that was simply a need to turn off the anti-virus during the client install.

I would like to see KBOX support some non-Windows platforms -- some open-source options would be especially welcome -- and I found the help-desk functionality pretty basic.

However, KBOX marks the first time that I’ve seen this set of capabilities in a single package that SMBs may be able to afford. Although it has some room for improvement, Kace’s KBOX is a step in the right direction for an SMB market that has long lusted after an automated updater with compliance functions.