What is our primary use case?
We use Device42 mostly for asset inventory because our compliance rules require us to know what devices we are using: the warranty for each device, when we install it, when we remove it — so full tracking of the device lifecycle. We use Device42 mostly for asset inventory, including physical pieces of hardware and virtual devices as well.
We expected we would use a SaaS version but it was not possible, so we use the on-premise version.
We have more than one instance of Device42. We have four implementations of it in our company. Each of them is dedicated to a single environment: government, our AWS environment, co-location, and corporate co-location. There is no possibility for each of these environments to speak with each other, so that's why we use four different Device42 instances in our company.
How has it helped my organization?
Device42 is a source of trust for many things in our company, like IP addresses. In the past, we tried to have IP addresses centralized in an Excel spreadsheet, but now we have built automation to get information from Device42 with an API call. As a result, it's possible to deploy a new VM in 15 minutes and all the information is pulled from Device42, by our automation, to build that new VM.
It's the same for load balancers. When we want to create a new virtual IP for load balancers, we have it automated with an API call and Device42 provides all the information needed to get the job done. So Device42 helps us to build automation into our infrastructure.
Device42 is also a source of trust for our security scan. When a vulnerability is detected in our system, the system automatically looks for information in Device42 to find out who owns the server that has the vulnerabilities and what the contact email is for that team, etc.
The continuous discovery for us works daily. We can be sure, if a device has been updated, that information will be correct in Device42. We are tracking which devices haven't been updated in the last few days and, for each of them we try to understand why, and to fix things so that the discovery does update those devices' information.
I don't know if we can say it has reduced the time we spend on asset management, but in that same amount of time, we now have reliable information. In the past, we were not confident about the information we had. Now, we expect that the information we have is correct.
Also, we have many audits each year. Each audit requires us to provide evidence about how we manage our assets. There are inventory questions and it's easy for us to provide an audit report. When an auditor asks us information, we just have to a share-screen and show him, in 10 minutes, how we manage our assets, and he understands that everything is correctly managed. The audit is very quick.
What is most valuable?
We use asset management and program management. For some implementations, we also use the software management.
We use the automatic IT asset discovery for different things, like VMware discovery and SNMP discovery for network devices. It helps us to keep hardware information up to date in Device42, and the VMware discovery helps us to keep virtual device inventory up to date. It helps us ensure that we don't have more entries in Device42 than we have in our actual co-location and that we don't have more virtual servers than we have in Device42. We are sure to have 100 percent of our devices in Device42. Not more, not less.
The agentless approach to asset discovery is a good option. Sometimes it's better off to have agents, but in our environment, for most of our servers, it's really good to have the agentless. For a few of them we would prefer to have an agent because, from the network perspective, it's sometimes difficult to allow external Device42 discovery to have access to some devices for security reasons. The security team does not allow certain kinds of access. That's why it's easier if the secured server can have a call to an external service, rather than an external service calling the server.
What needs improvement?
Device42 is a main part of our processes. We need reliability, not only in terms of the data but with the solution itself. It's really difficult when we have 10 minutes of Device42 downtime because none of our teams can work for those 10 minutes, and it's more time lost if there is longer downtime. An improvement would be to have a cluster implementation of Device42 to have high-availability and ensure that we don't have downtime in case of failure.
Also, when we do an upgrade, it's mandatory to shut down the application. It takes 10 or 15 minutes to upgrade and it's once a month. It's not a big deal, but if it were possible to have no downtime, that would be better. We can plan for upgrades, but we try to have 24/7 availability in our organization, so there really isn't a good time to shut down service. Doing so always has an impact. We have teams around the world.
For how long have I used the solution?
We were early adopters and we have used Device42 since 2013.
What do I think about the scalability of the solution?
The scalability is pretty good. It's possible to have many devices in Device42, but we can see some limits. For a very large organization, it would be a little bit difficult to use Device42 because it's a single server. It's not possible to have scalability by load-balancing the load onto different servers. That's one of the reasons why we decided to have four different implementations, to be sure that we do not have everything on the same server.
We have more than 1,000 users in Device42 and most of them use it for the password management. Some users are using it for audit purposes, for asset management, and to be able to provide reports to senior management.
We have deployed Device42 everywhere. If our organization does not expand the number of devices, we won't need to extend Device42.
How are customer service and technical support?
Technical support is pretty good. Each time we need them, we can have a call with them. They respond quickly. It's good support.
Which solution did I use previously and why did I switch?
Before we used Device42 we had nothing except Excel sheets. We began our asset management with Device42.
How was the initial setup?
I was one of the main stakeholders when we decided to choose an asset management tool. When we decided to use Device42 it was mostly because of its ease of use and that it is easy to implement. We had some meetings with other companies that provide asset management tools. With all of them, there would have been months of implementation with an implementation team to help us. It would have been a big project to implement these applications. With Device42 it was easy. It was easy to install, it's easy to manage, and easy to understand how it works. That's one of the things we like with Device42.
Our implementation of Device42 took a few months. After one month we had 80 percent of our infrastructure in Device42, and the last 20 percent took a little bit longer because we had to discuss things with security. Within three months we had 90 percent in the solution and, after six months, we had 100 percent in it.
We were looking to have automated discovery to be sure that when new devices come in, they would be automatically ID'ed in Device42 and we wouldn't need someone to add them. In one month we automated most of the implementation.
What about the implementation team?
We did it ourselves, and that's one of the reasons we decided to use Device42. All of the other products asked us to use an integrator or a reseller or someone who would help us. Device42 was easy, so we decided to run with it. We were able to manage everything by ourselves.
What was our ROI?
It's difficult to say if we have seen ROI. We need the functionalities so we pay for the service. It did not replace something that might have been more expensive.
What's my experience with pricing, setup cost, and licensing?
We pay $100,000 per year. There are no costs in addition to the standard licensing fees.
What other advice do I have?
The biggest lesson we have learned from using this solution is that if we want to have clear asset management, we need to have the same processes, policies, and rules in each part of our organization. If each part of the organization works only on its side, it's really difficult to reconcile asset management. That's why each technical team that owns devices has to share their processes and work in the same manner. When that is done, it's really easy to have good asset management.
We don't use the solution's Application Dependency Mapping. In our organization, it's too difficult for a team to be able to provide information on application mapping and to be able to reconcile what Device42 discovers with what we have. So we decided not to use it.
Device42 does not affect our security. We try to use it so that it fits within our security requirements.
In the past, one person was working on maintaining Device42 and that was enough. But now that Device42 is critical for our organization, we have two people working on it to be sure that when someone is on holiday, a second person is there in case of trouble. They work as managers of asset management.
I would rate it at nine out of 10. It's difficult to give a 10 because it's always possible to do better, but it's a pretty good solution.
Which deployment model are you using for this solution?