By Ross L. Kodner

Most people look forward to upgrading software with as much enthusiasm as changing dirty diapers. But the reality is that we live in an age where the publishers of the programs we use in our law firms and legal departments release upgrades, updates, patches, "fixes", etc. at a frightening rate. Our focus is to explore some of the issues and tactics related to the software upgrade process. Questions and issues we will address include:

With that said, we should first examine the "Big Picture" issues that relate to upgrading your system’s programs. Invariably, the question should be asked, "do we ever need to upgrade our software." This question arises especially from law firms who are satisfied with their system functionality, and the lawyers and staff have mastered the collection of programs. The fear, of course, is of upsetting a reasonably stable "apple cart."

Things to consider are how often the particular software publisher releases upgrades. If they are on a frenetic six month product life cycle, does it make sense to be continually in "upgrade mode?" Certainly not if you ever want to get any work done! Further, how do you distinguish between legitimate upgrades that may add new features or enhance existing ones versus thinly veiled "bug fixes" that do nothing more than correct prior program problems? One of the best ways to check is to talk to your peers who have already experienced the upgrades or who have installed the new "patches." This is where the legal technology listserves come into play. Pose your question on the Technolawyer list (www.technolawyer.com), the ABA’s Network 2d or Lawtech lists (www.abanet.org/discussions/home.html) or the Netlawyers list (www.net-lawyers.org). It’s often more productive to talk with those who have already lived through (suffered through?) an upgrade than trying to cull information from the "rah-rah" articles and reviews so common in the consumer-oriented computing magazines.

If one of your applications has a new release every 12 months, do you need to fall in lockstep and religiously upgrade? Or can you sit out some upgrade cycles? Is it enough justification that the publisher merely says "thou shalt upgrade . . . because we say so?" Or are there enough new features and program improvements that make the upgrade compelling? If there are not enough new features to make the upgrade irresistible, is there a solid collection of fixes and patches intended to stabilize a flaky piece of software, such that it is easier to deploy a single consolidated upgrade than multiple individual patches? All these are questions for consideration.

As to sitting out an upgrade cycle, it heavily depends on the following criteria:

Can you just upgrade your primary applications such as your office suite, your time/billing system, your accounting software, your calendaring/docketing systems, or your case manager? What about minor or secondary applications like document assemblers, system utilities, and communication products? Should they be treated differently? The best bet is to refer to the criteria previously indicated and ask basic questions:

Once you have decided which application to upgrade, does it matter in what order a collection of your programs are loaded on your workstations or server(s)? In some cases, it has been documented that some software, loaded after others, creates a situation that Infoworld übercolumnist Brian Livingston has less than affectionately referred to as "DLL hell" with the offending software commonly known as "breakware" because of its damaging or disabling effect on prior-loaded programs. This occurs when one program loads pieces of itself called "DLLs" (Dynamic Link Libraries) that have the same name as DLLs loaded by previously installed applications--but have been tweaked by the software publisher to favor their application or support a particular function of their program. Of course the program you have just loaded might run just fine. But any other program, which had been working correctly, might be rendered completely inoperable or just plain unstable. You need to know this ahead of time--again, ask others who have gone before you. Don’t count on the application’s publisher to tell you, or even warn you--they may not make such information available since no company wants to have the reputation of purveying "breakware" that doesn’t play well with other systems.

Upgrading Secondary applications may be a necessity when Primary applications are upgraded. Secondary applications could loosely be defined as "something other than primary applications." In other words, add-ons for primary applications such as document assemblers, electronic dictionaries, table of authority generators, comparison utilities, general system maintenance utilities, etc. There is a lot of compatibility interdependency between programs today such that an upgrade to a spanking new office suite might require a related update to a document assembly program like Hotdocs (www.capsoft.com) in order to maintain the linked functionality between the two--even though there may not be a compelling reason to otherwise upgrade the secondary application.

Don’t forget to update key system drivers periodically. Sometimes you may have new applications that might require it. These can include the latest versions of printer drivers, video drivers, modem drivers, soundcard drivers, scanner drives - all may all need to updated to work with upgraded primary applications. And don’t forget operating system patches and "Service Packs." In fact, many of the most significant stability gains come from these "little" updates rather than major upgrades of primary applications.

In addition to the obvious - the websites of your operating system maker and those of your primary applications, you’ll need access to all those "little" upgrades. Check out the following websites, in addition to vendor web pages, to find updated drivers and "patches":

There are many questions to answer in planning your next upgrade project. These include:

Of course the $64 teradollar question is . . . um . . . how do you know if the planned upgrades will actually yield a system that "works"? What kind of pre-rollout testing will you do? The general rule is that you can’t possibly over-test upgraded "prototype" systems; however, you can certainly under-test--this will make you, shall we say, less than popular with your troops.

Prudence suggests that in any roll-out where there are more than a handful of workstations involved, that you establish a small "pilot group" to test a new configuration and then tweak it before a broader rollout. Who will be in a Pilot Group? It may make sense to select some of your most adventurous users--those that view a new application as an exciting challenge rather than an aggravating hindrance to getting work out. Also if you have multiple categories of PC hardware (i.e. some laptop users and some desktop users) that you consider test rollouts to each of the different categories of PC workstation hardware. This will let you isolate the glitches that may plague each hardware class--differently based on the specific type of PC configuration being tested.

To some extent, the number of workstations you have will determine the process by which you distribute upgrades. For example, with just two PCs in peer-to-peer network, where the PCs are NOT physical hardware duplicates of each other, you may need to manually add all your updates to each PC and then separately "tweak" and fine-tune the workstations. On the other hand, in a networked environment, with any kind of consistency in your workstation hardware configurations, modern "Ghosting" software is nothing short of a miracle.

"Ghosting" is really a generic-ization of a product name - the program called "Ghost", now part of the Norton line of utilities from Symantec. These programs are very clever. They are "bit-image" copiers meaning that they can make exact duplicates of the contents of one hard drive to identical or nearly identically configured PC hardware. The latest version of Norton’s Ghost even allows this "cloning" on a piecemeal basis--several folders or perhaps just one drive partition. Generally, the less similar the hardware configurations, the less effective the cloning result via Ghosting--you run into issues where you are trying to run a PC with video drive "x" that has a setup from a different PC using video driver "y"--rarely successful. This makes the case for strategically planned consistent PC hardware purchases quite strong.

Companies that produce "Ghosting" software for workstation distributions include:

As previously mentioned, the "Ghosting" process takes its name from the first software in this category, Ghost, now a product in the Norton line of Symantec products. Ghosting can be done in two ways. It can be done in a process called single-casting. This consists of copying a "Ghost image" to one workstation at a time either via a connection to a network fileserver or a portable hard drive or CD-R(W) drive. The other method is the "assembly line approach" called multi-casting where a single "Ghost image" can be simultaneously transferred to many PCs at once, typically using a PC network as the connection and data transfer vehicle. The key is transferring a "Ghost image" to an identical PC; you may need to have multiple "Ghost images" for each class of PC. Generally, we would recommend not wasting your time experimenting distributing a "Ghost image" to a non-identical PC - it is likely be a mess (been there, done that, got the t-shirt :-). These products are incredibly adept and flexible, allowing Ghosting to partitions of different sizes, as well as deal with NT SIDs (System IDs--a unique identifier Windows NT 4.0 assigns to each workstation), support for FAT16, FAT32, NTFS and even OS/2's HPFS file/directory structures.

SIDEBAR: Quick Tip: Use Ghosting Products to Rebuild "Trashed PCs" and to Quickly Setup New Ones

A clever way to use "Ghosting" types of products is to help you quickly rebuild PCs your users blow up and to setup new PCs you acquire. Here’s how this would work:

Keep copies of the "Ghost images" for each class of PC on your network and even on CD-R(W) disc (the latter is really handy to send on the road with your "Road Warriors" so they can rebuild trashed laptops wherever their travels might take them).

When a user "kills" a workstation after loading the latest edition of "NASCAR Racing ‘99", "Halflife" or "Microsoft Flight Simulator" on their PC, recreate it’s "approved" setup in a flash by "re-Ghosting" it from your "image" file.

The same applies for identical new PCs - set ‘em up in literally a few minutes with the "approved" master configuration!

The Ghosting process really only makes sense for initial PC station setup or repairing otherwise unrecoverable "trashed" PCs. Very often, the situation you will face involves distributing updates to just one software application or installing operating system patches or perhaps just updating printer drivers for a team of your users. In such a situation, there are software distribution programs that can help--definitely better than manually walking to each station and laboriously installing your updates--one PC at a time. The following are the Microsoft and Novell approaches to network-based software distribution.

Microsoft’s System Management Server (SMS) is a network management product that allows for the distribution of software/updates as well as doing hardware/software inventorying, software license metering, network "health" monitoring - all typical of network management software bundles.

From the software distribution perspective, SMS does a lot including:

Electronic Software Distribution - sends updates and upgrades to workstations via the network.

Integrated Inventory - Uses hardware inventories to help decide which stations get which upgrades.

Rules-Based Software Distribution - Dynamically adds and removes PCs, users, or user groups from "collections" based on criteria set by the system administrator.

Scheduled Software Distribution - Allows you to control application deployment to occur during a specific time of day to avoid network congestion or to distribute software after a certain date to ensure users are trained first (assuming you’ve found a magic method for getting your lawyers to come to scheduled training sessions!)

Installation - A tool that allows system administrators to repackage changes and write scripts to create a package for "any" Windows-based application, even non-Microsoft products (gasp!).

Unattended Software Installation - Installs the software upgrades without requiring any user interaction (a good thing in most cases!) and it can install software with "administrator-level" full-access rights even if a minimal-access rights user is logged on.

Integrated Status - Reports the status of software installations and operating system upgrades so system administrators know when software is installed correctly or not.

The bottom line with Microsoft’s SMS is that the needed script writing process that makes all of this work IS NOT simple - when it works, it’s great; when it doesn’t . . . well . . . let’s say . . . it’s not great. Lot of Information about this product is available at www.microsoft.com/smsmgmt.

Novell’s ManageWise is a bundle very similar to Microsoft’s SMS. It is actually two separate products. ManageWise which It does the following (and then Z.E.N.Works, later described):

a. Network Monitoring - the system conducts network performance and "health" monitoring reporting as well as NDS (Novell Directory Services) monitoring.

b. Network Performance Tuning - it uses the respected LANalyzer utility to view WAN (wide area network) wide performance and allows remote network server "tuning."

c. Software distribution via integration with Novell’s ZENWORKS program (described below).

d. It has built-in anti-virus capabilities.

e. Like the Microsoft SMS system, it offers hardware/software inventorying.

f. ManageWise follows the "open" SNMP (Simple Network Management Protocol) network management standards for local and remote LAN/WAN management. This means it will work with all sorts of SNMP-compatible devices like network hubs, switches, routers, etc.

Info on the Novell ManageWise application is online on the Novell website at www.novell.com/products/managewise.

The program’s name has nothing to do with the Art of Motorcycle Maintenance. Rather, it is short for Zero Effort Networks - Z.E.N.WORKS. This program automates desktop PC management using Novell’s NDS network-wide directory system to remotely provide application management, software update distribution, desktop PC management, and remote workstation maintenance. In other words, sort of a Swiss Army knife for a law firm system administrator.

Z.E.N.WORKS also provides automatic workstation fixes. In other words, if one of your "dangerous" users inadvertently deletes vital files, for example, key Windows desktop icons or essential DLL files (don’t ask us how, but invariably every firm has a user who does this and then innocently throws up their hands and says "the system did it all by itself! It wasn’t me!"), Z.E.N.WORKS repairs the damage by automatically reinstalling the deleted files.

In the software update role, Z.E.N.WORKS distributes software from the nearest network file server based on the user or user group’s profile stored in the NDS--one of the reasons why Novell’s NDS approach is so helpful, especially in firms with multiple fileservers. The way Novell describes this as "the NDS difference" is as follows: "by leveraging a directory that already has all the network's user information stored within it Z.E.N.WORKS carries a personalized desktop to each user regardless of that user's location or the machine he or she accesses or what server on a WAN they are connected to." Pretty clever concept.

Z.E.N.WORKS takes a very different distribution approach from its counterparts--Microsoft’s SMS, Intel’s LANdesk and Hewlett-Packard’s Desktop Administrator. All the configurations that would typically be found on a user's hard drive are instead found on the network — and, through NDS, are carried over throughout the network without regard to the actual hardware used by the particular user. A user’s "digital persona" is stored in the NDS. As a result administrators no longer need to apply the same user's information to each and every network resource — instead, resources are applied to the user, whose ID (or persona) already exists in the NDS, LAN or WAN-wide. Thus, no matter where users are on the network, they access the same applications, use the same resources, and see the same interface . . . regardless of which desktop they use to log in to the network. Again, pretty clever. Info is at http://www.novell.com/products/nds/ZENWorks.

Novell’s Z.E.N.WORKS, Application Distribution With a Difference

Application and upgrade distribution using Novell’s Z.E.N.WORKS leverages the NDS just as the "digital persona" system does for user desktop profiles. A "snapshot utility" can be applied throughout the network via NDS. Users (or groups of users who should be configured to have the same sets of program they can access and similar Windows desktop appearance) are linked to the "application object" through the utility. They are presented with a desktop shortcut when there is an update available. They just double click on the icon to launch the new or updated application on their workstations and sit back and let the system do its thing.

This same "snapshot utility" can also detect when the application has been damaged . . and automatically "heals" it by re-copying its missing components. While most other management suites also offer some kind of automated application deployment scheme, Z.E.N.WORKS allows users to continue working while new or updated applications are being installed. At least that’s what Novell claims--we have never confirmed that anyone has actually done this and lived to tell the tale.

Windows 98 users have the "Windows Update" feature which enables individual workstations to contact the Microsoft website and update themselves with the latest patches and fixes for the operating system. This sounds great right? OS updating on auto-pilot . . . NOT! (Imagine the sound of a needle scratching over a record album).

What if you don’t want workstations randomly updating themselves and "killing" non-Microsoft applications? (Remember our "breakware" discussion?) What about the "Net traffic" that results? What happens if the update doesn’t complete properly? Who’s in charge here??? Our recommendation: TURN THE DAMNED THING OFF!! Or at the very least allow notification of the presence of updates but don’t allow the automated acquisition and installation (Microsoft should stop trying to be so "helpful").

Y2K!

We’re all utterly frustrated by short product life cycles and agonizing fast product obsolescence. The way you acquire new hardware and software upgrades may be a way to combat this - using a clever combination of leases and purchases.

Forget about "traditional leasing" - for example, those ads on the backs of PC Magazine touting "only $90/month" for leases for on the perfect Dell or Gateway PC configuration are "sucker leases" - high interest leases that are cash/profit cows for these companies. Today, dedicated technology lessors offer interest rates that are often below prime rate--in other words, "cheaper than money."

Most banks are equally clueless about technology leasing - they all seem to offer $1 buyout "leases" which if audited, would likely be re-classified by the IRS as "installment purchases" and you would be penalized, not to mention having to re-do it on your books as a capitalized/depreciated fixed asset purchase

Use leasing companies who specialize in technology and equipment leasing. The difference comes mostly from their experience in lease-end disposal of systems. They typically have connections to brokers who buy the turned-in components at the end of leases who in turn sell them to third world countries where a Pentium 166 may very well still be considered "hot stuff." Because the lessor makes money at the end in sales to brokers, there is less need to make lots of money on the initial lease. The net result is a combination of a higher buyout amount offered (as much as 10-15% "fair market value" buyouts are not unusual) which translates to lower payments during the lease term. This translates to lower total cash outlays than if you were to purchase the equipment and in most cases, if you were to finance the purchase out of your cash flow or by borrowing on your business line of credit.

Another plus is that the "more than nominal" buyout amount at the end of the lease term may properly act as a barrier to purchasing lease-end components. This is a GOOD THING since after the lease term (if the term matched the product’s predicted obsolescence period) you DON’T WANT THE PRODUCTS! Why? BECAUSE THEY’RE OBSOLETE!! This helps law firms work their way out of a common trap. They often buy out equipment at the end of lease because it’s "so cheap". The problem is that "cheap" is a relative term that typically has an inverse relationship to the firm’s productivity derived from using these systems. A three year old PC might be bought out for $100. Some bargain. If the software mix has been kept current, that once-swift feeling three year old PC is a boat anchor that will slow down your busy users and require more support to deal with the inevitable problems. It’s also out of warranty so any problems requiring repair are going to be on your nickel. Again, some bargain, huh?

The key to cost-effective technology leasing is looking at the mix of hardware and software products you are acquiring and structure a "layered" acquisition . . .

This means using a combination of a lease with varying terms for various "classes" of products and selective purchases. Certain PC products become obsolete to the point of being much less productive in fairly predictable time periods. For example, this is about three years for desktop PC stations and network fileservers. It is about two years for most laptops.

However, other PC products have much longer life cycle. For example, components that may have a much longer useful life can include network infrastructure items like hubs, routers, racking systems, UPSes, and laser printers - especially Hewlett-Packard laser printers which tend to run seemingly forever.

So a using a cooperative and creative leasing company, think about a layered leasing acquisition approach. Under this method you can enter a lease which has a three year term on "three year products", a two year term on "two year products" and a 5-7 year term on those products that seem to last forever before needing replacement. This means that you keep your system "fresh" and that you feel as if you maximized the value of each component since you are not replacing components prematurely. The longer term on "longer life" items also means lower monthly cash outlays for those items.

And what about software--do you ever really get rid of software? The answer, for the most part is "no", you keep it updated so that it may change compared to the initial purchase point, but overall, you keep it indefinitely. This means it often makes more sense to purchase your software.

So what’s the end result of this "layered" approach?

For your quickly obsoleting PC workstation, network fileserver and laptop components, it ends up being much like a car lease - you drive it for the lease term, turn it back in and get a fresh "car" that you lease all over again. This "use it, turn it in, lease a new one" approach gives a predictable monthly "use" cost (fully deductible as an expense on the books but certainly check prevailing and current tax rules with your qualified accountant). It also gives reasonable assurance that you’re never (or ALMOST never) using products that are long past their useful life cycle - which means they would be boat anchors on your firm’s productivity.

Another interesting option is to buy-out the PCs and laptops at the end of the lease term and pass them through at buy-out cost to employees - a nice employee benefit and no cost to the firm . . .

Done properly, you end up with financial resource maximization - paying only for what you use, always using the "right" components with a staggered replacement scheme that always happens in a finite, predictable, budgetable period of time. Gee, that sounds like we would be running our law firms like every other kind of business . . . a wild concept! With lease interest rates often less than borrowed money today (with the right lessor), this approaches "no brainer" status!

Many of our clients inquire about what to do with the old PCs they will no longer use. There are several options for you to think about as follows: