Below is the transcript:
Hello looking to enhance or replace Azure or SCCM with a powerful easy to use proven alternative for endpoint lifecycle management. I’m Tim, director of architecture here at Swimage. Today I’d like to show you all the exciting work we’re doing with Swimage endpoint management. Responding to our customers’ needs, we’ve expanded our patented industry leading deployment engine Swimage. Swimage securely migrates, refreshes and recovers one system or 1000s in minutes with full functionality right at first log on. Our new enhanced features include asset management, self-service and client-side health monitoring and remediation. We created Swimage attuned to provide full support for remote users and compliance enforcer to monitor and remediate system security, compliance and health issues. All these features are managed by our new portal, giving the right tools to the people that need them, from high level managerial overview of assets down to the individual PCs for support. Now, let me introduce you to Kyle Harrelson, CEO of Swimage and let him dive in and show off these new features.
Thank you for joining us today to discuss Swimage endpoint management. I’m Kyle Harrelson CEO of Swimage, today I’m going to give you a high level overview of the main capabilities of Swimage, which include remote workforce management, PC provisioning, PC full system recovery, PC compliance enforcement, PC Health Check and remediation, as well as business continuity. Here’s a quick overview of all the main features of Swimage. Although Swimage has been around for 25 years, it has been primarily a provisioning tool, that’s the genesis of Swimage, but has evolved over the years based on customer demands and customer request to be a full PC lifecycle management tool, including some fundamental components such as asset monitoring, maintaining PC Health, compliance enforcement, automated remediation. The goal is to minimize support costs, minimize shipping cost, provide a very positive user experience, on demand has been with the remote self-service, especially for those work from home users. As well as being able to maintain encryption, security is a big part of what we do and encryption is a key part of that. So if you have encryption on your device, we can maintain the encryption throughout the entire migration process or any activities within that. We also have demands that we want to protect and control data rather than having to give up your data into the cloud. Any data that’s localized, we want to make sure we protect that, keep it encrypted, also recover it and be able to deploy and migrate any data regardless of where it’s located. And finally, we want to be able to scale to very large, very complex environments, depending on what your needs are, Swimage is going to adapt to that versus the other way around, you don’t have to change your processes your business functions, in order to adapt to our solutions. We’re very flexible that way. We have many years of experience doing this. And so we have developed ability across the board to really handle any type of situation. Okay, so what I’m going to do now is I’m going to switch to the management dashboard. I’m going to give you some live demos, I’m going to give you an overview of Swimage. I’m going to show you a little bit about some of the capabilities, what you’re going to view, how you’re going to do some of the activities. I’m also going to show some live demos of redeployments, I’m going to go through a reimage in place and I’m going to go through a PC replacement as well. And I’ll go through a little bit about the compliance engine and how that works and operates within Swimage and within your organization. So let me jump out of here and pull up the web console.
So this is the dashboard this is the Swimage dashboard. So this is the main primary view you’re going to be looking at and this is customizable and you can change some of the attributes and some of what you’re looking at but the main idea is, here you’re looking at PC Health in the upper left, it can sort by location it can sort by OS so it can pivot any way you want to. So if you want to look at device health by surfaces, such types of systems or by groupings you do that by model. So from here you can see which machines are healthy. Those are all okay and then by location and which ones are in the yellow which may be warnings and then which ones are red which are completely unhealthy and it’s customizable as around what health means. Health is out of box would include things like are you low on Drive space? Is your PC low on RAM? Is it having issues as far as crashing? Or is the file system corrupt? There’s a lot of different things that would determine what a PC’s health is and you can add those based on your environment as well as to what criteria you want to use to define PC Health. And then Swimage is going to be registered on these machines and constantly monitor this, help and report up to the console if a machine becomes unhealthy. Now not only does it report it, but actually take action on to and I’ll show you some of the actions that Swimage can take to fix issues for instance, if you’re low on drive space, they can actually run processes to clean up drive space, or defrag systems, things like that it can take care of. Now in the middle, you have compliance, compliance is a little bit broader than health as far as specifically what you want to do with it. So compliance would be things specifically around security that you want to make sure are enforced in your organization. So is the firewall turned on? Is the PC encrypted? Do you have certain components or software installed? Is your VPN up to date? Is your system patched? A lot of different things that could make up what is compliance. And so we have those rules built into our system as well here and you can see which machines are green, they’re fully compliant, which ones are yellow, you’ve got some issues, there are warnings, and then which ones are completely out of compliance, they’re critical, and those are the ones you probably want to take action on. And maybe have an automated invent with Swimage to say, you know what, it’s so far out of complaint I want to take action on these machines and do something so that they are no longer out of complaint or even on the network.
Now finally, on the right hand side, we have our attune readiness, attune being that remote management components. So what it does is it makes sure that everything’s up to date on these machines, and they’re ready for deployments. So you’ll take a look and see there, is it ready? Does it have everything downloaded? Are all the bits updated? And it does a checksum and integrity check on every single file in that attune readiness locks it down, and will tell you if anything’s out of sync with tune so you can pay attention to your devices and which ones are available for that business continuity and recovery method at a time of need. So you want to have your attune readiness all thumbs up ready to go in the event you need it at a moment’s notice. Now at the bottom you have your daily deployments, your monthly deployments, if you’re going through a large migration project, it could be migration of an operating system or replacing hardware, or it could be a domain migration, we handle all kinds of aspects and the reason why we often go through a migration project like this. But it keeps track of all the deployments per day and deployments per year by month, and it can give you a lot of information about how your deployments themselves are going. So that’s the general dashboard. Now I’m going to go into the deployment dashboard, very focused again, back down to the specifics around deployments. Okay, this gives you a different filtering. So this gives you a list of all the machines that are there and their status with as far as deployments go, gives you the tune status on all your total devices, that’s very important for your deployment project. So if you’re planning out a deployment, migration, like a domain migration, you can actually pre-stage the new image, all the new applications, all the new settings down to these devices in advance through attune. And then when you’re ready to do the actual migration from one domain to the other, you can use Swimage to do that activity. And you can see right from here, whether or not those machines are healthy and ready to go. So you can do literally a light switch migration one weekend to get every machine migrated from one domain to another. If you’re doing some sort of merger acquisition, you can do a quick cut over that way in all your systems simultaneously. Because with attune, you don’t have to worry about network bandwidth in order to do that process. Okay, then the completed deployments, you can see your project over time. And then on the left pane, you’ll see your current deployments. The current deployments are what activity is going on right now. And which step these machines are in. So you can see which ones are beginning deployment, going through a dry run validation, going all the way through the entire process, and where they’re at. So if any machine gets stuck in any of these steps, you’ll be able to see that immediately in this console. Okay, and you can also filter down so you can say I want only machines that are in London, and you can filter that down. And that gives you just the machines in London, it filters the top pane to be just the location of London. Or you can filter it down by which ones are not ready in Hong Kong, you could do that as well. And then you also have the filtering pane up here, which gives you very specific types of filtering. Okay, I’m going to clear my filters and I’m going to filter down just to my demo machine. So now what I’m going to do is I’m going to jump into an actual deployment. So I’m going to start with a machine for a PC reimage. So I’m going to reimage this machine. So I’m going to drop out of here and I’ll pull up this machine and this is going to be an in place reimage.
So I’ll pull this up. And what you can do here and I’ll show you a couple of different capabilities of Swimage. So first off, you can do self-service and I’ll pull up the self-service tool, which is our SWAT. It’s the Swimage assist tool. This is a localized tool that keeps track of everything Swimage related, and allows you to manage and monitor things locally, gives you things like information about the PC, drive information, volume information, it allows you to change all your schedules, and what are the polling cycles for everything. Look at all the logs, you can look at all your scheduled tasks, you can send out scheduled tasks to do certain things at certain times with Swimage. You can look at the general health of the machine. So it gives you agent health, attune health, so on so forth. And then you can have your build status for attune. And you can actually create processes to update, change your builds, change your image, things like that through here. And then you can also manage the ransomware recovery. Or you can go into here and actually go to redeploy this machine. And the users can do their own deployment here. Now you can turn which features the users have on or off within the assist too. I mean, you constantly have access to everything, by going to the unlock, it will log in as a technician, and then it opens up everything you can manage, everything within Swimage. So that’s general assist tool, gives you local capabilities. I’m going to jump out of that though, because what I want to demonstrate, instead of kicking this off through the self-service tool, I want to actually kick it off through the Swimage tool, and the web console. Okay, so I’m going to jump back to the web console and then I’m going to kick off this machine through here. So everything’s good. Main thing I’m looking for here is the Deployment Health is ready, he’s thumbs up, he’s ready to deploy, device status ready, I’m good to go. So I’m going to go down to deployment and I’m going to pick my action which is going to be deploy and reimage this PC. I can give user notification, Swimage actually has a huge benefit over the patch upgrade that you have in the relief cycle that Microsoft provides because when you migrate to one operating system to another with Swimage, it does a cleanup process as well. So anything that’s on there, that’s old, stale, you don’t want, whatever, it will actually purge all that. And it has an effective result of getting you everything back. But it cleans system. So it has some significant benefits of just simply doing the in place upgrade. In place upgrades is fine, it gives you pretty much everything you have. But it also has a garbage in garbage out component to it, which basically means that if you had malware on your device before, you’re still going to have it after it migrates, it doesn’t have any activity to purge any of that kind of stuff. Swimage does actually do that it cleans up the system, while it does the migration, and it’s actually faster, it’s about twice as fast to do a complete rebuild with Swimage than it is to do the feature upgrade process within Microsoft. Okay, so I’ve kicked this off, now, it takes a few minutes for the polling cycles to happen, and then it’s going to kick off the process.
Okay, as you can see there, there it is, it’s actually pretty quick. And then it gives you this dialogue which you can grey these out so you can’t have the ability to reschedule but it really gives the opportunity for the user if they’re in the middle of a project or something like that they want to migrate, they can actually reschedule and you can have it rescheduled. So maybe seven days out, but no more than nine or something like that. So you have a lot of flexibility of when they can schedule themselves more often that not they let it go now. Or they can say you know what, I’ll just let this go in the evening, leave my machine on, say reschedule it for 5pm or whatever. Okay, so let me walk through a little bit about the process and what it’s going to go through here. So there’s a lot that goes on behind the scenes, albeit, it’s completely automated, there’s no touches in this whatsoever. So what it’s going to do right now is it’s going to do a dry run validation, this dry run validations scans the systems and goes through every step of the process and make sure it has everything needed to do the deployment. It’s done. Do that on top of what attune has already done to validate all the data in the bits. It does it again, just to make sure everything’s still there. The goal with this process is we want to make sure that it’s going to go end to end 100% we don’t want to have any issues partway through. Okay, so it does that dry run validation, makes sure all your applications are valid, and it’s going to be successful. Once it’s done with the validation process, it continues and then it does the encryption handler, the encryption handler what it does is it detects what type of encryption is on this device and it can be anything from BitLocker, McAfee Symantec, it doesn’t matter what it is, it detects the type of encryption and handles that encryption, specifically how it’s designed. So if it detects McAfee, for example, it’s going to collect all of the upper filter drivers, it’s going to collect the encryption keys that it needs to recover this system and it’s actually going to transfer those to new Operating System. So first it gets transferred to a WinPE, then it gets transferred into the Windows 11 when it’s finished, so that none of the data on this drive ever becomes unencrypted. So it stays encrypted throughout the entire process.
After it does all the encryption handler detection, what it’s going to do then is reboot into PE, the PE process, then takes a couple of additional steps. So first thing it does is a full disk snapshot, the full disk snapshot takes a picture of every single file in the file system, including your operating system, your temps, your registry, all of your data that goes into that snapshot, the snapshot has a couple of main benefits. First benefit of that snapshot is that you can restore to that snapshot. So if anything does happen to this machine, and it can’t finish for whatever reason, or it finishes and something is not right with the new operating system, you can do a full rollback. So that rollback process takes about two minutes, its reverting to that snapshot puts everything back exactly the way it was before the snapshot. So at this point in time, it’s going to revert this entire system back to this current state. So previous operating system, everything, it doesn’t matter where it came from, it could go from 7 to 11 and then you can roll it back and put 7 back on this machine if you ever needed to. That actually rollback process is very rare, because Swimage is highly resilient, you can power up the machine, you can do whatever you need to, battery dies, you simply power it back on Swimage picks up where it left off and continues the process. So it is highly highly resilient. So using that rollback processes is used very infrequently. But it gives you a safety net, because you know that in no condition, you’re going to be deploying a lot of machines, because you can do these in mass and no position you’re going to be deploying a machine and find out that any of them have failed. Because you know you can always roll it back, which means that because you can roll it back, you don’t interrupt the user. So you could do this overnight, come back in the morning, let’s say 1% have failed or whatever, it rolls back automatically, they’re back to the old operating system, they still continue to work and then you focus on what went wrong with those machines, fix that, and then migrate them the next day, or whatever issues you may have. But really, the goal here is not to interrupt the business because you want to do this type of project. So it gives you a lot of safety in how you’re going to manage the systems moving forward. Okay, once the snapshot is done, it then captures your data, and then captures all your information based on rule. So those rules are, where data is located your personality, what is protected within those personalities, so that data gets captured. And then it scrubs the drive, it downloads and loads the new operating system. So new image, but this is a customized image. So you can use a custom image that you want not based on what Microsoft thinks you ought to have. So you can still customize the image with Swimage, not only can it be customized, but you define what’s the customization and Swimage will build it for you. Okay, so you build your own customized image without a lot of image maintenance either because a couple of clicks and you have a new image, when Swimage builds an image, it builds based on your customizations, it will sysprep it, it will and then publish that automatically for you. So there’s little effort to do to keep those customized images if you want to do that, it can also use a generic image as well if you choose that as well. So it has a lot of flexibility.
So the image comes down, and then it detects what type of hardware it is, auto injects all the drivers necessary for this machine. Those drivers get injected automatically, and then it goes through your out of box experience. Then we’ll and throughout this process keep in mind, it’s migrating encryption components over, goes throughout a box, the system’s locked, so users can’t interrupt it during this entire process and then it installs your customizations, any customer reg punches you have, any custom scripts you want to run, any tuning or tweaking, it can add and remove any Windows features or components automatically for you based on the templates you have assigned. And then what it does is it will install all your applications as an entire list of applications, either from the old operating system that it discovered, and from additional templates it may have applied throughout the process. And then once it has all the applications installed, it’s going to join the domain, restore all your data, your personality, your settings, and locks it down and when you’re done you log in. The entire process and then again, usually around 30 minutes could take maybe an hour but that’s at most, and you get an entire system fully rebuilt. The goal here though, is it’s completely hands free it’s zero touch. Okay, I’m going to let that run, while this is running, though, I do want to pull up another slide and I want to talk a little bit because I mentioned the provisioning piece of it. This is a very important part of Swimage. So I want to talk about the provisioning. And the provisioning piece is really based on templates. So when you provision a device, you’re going to say I want every machine to look like, everybody is going to get a row that’s our global deployment, everybody’s going to get certain settings, I’m going to join certain domain, I am going to get these certain configurations. So everybody gets a row, which is a standard template for everybody. Okay, then you start layering on additional templates. Well, I have the generic one but then I want to layer on a template for location, the location may do things like change the language, add a couple of applications, change some configuration here and there. So you can change based on a type of template, you can lay around a departmental template, which will give you additional functionality or job function. And then you can layer on as many templates as you want. So a template can do one of two things when you’re layered on to an existing template or provisioning state. So what it can do is it can change an attribute. So job function template may be a higher strength than the location template. So it may change which OU that machine belongs to when it joins the domain. Or it may change certain attributes like the like the PCs, name, things like that. Or it can add applications. So you can add different applications say your department has three applications job function has four more applications, addition to the six applications from the deployment role. And then you have a total of applications all applied to the same device. There’s one other template that gets automatically applied and if you’re doing an in place migration, or you’re doing a PC to PC migration, another template is automatically created, which is a template based on the attributes of the previous system. So it’ll scan the device, it will do a discovery on it and create a template that adds applications based on application matching rules. So I may scan a machine find 100 application go three of these applications I need because I have a rule. So I’m going to automatically create a template with those three applications in there, and then add it to the process so that it gets additional applications as part of it. Goal, again, is to make sure that everything is going to be reapplied and reinstalled on this machine. When Swimage goes through the entire process the idea is that when the user logs in for the first time, they have everything that the PC is fully compliant, they have all their applications, they have all their data all their settings, they can immediately start doing their job and not have to wait for policy to kick in not have to wait for applications to install everything is immediately ready to go at that time.
Okay, I’m going to jump back out of that, and I’m going to go through second scenario. So I’m going to drop him out of the way for a second, I’m just going to watch him in the background. I’m going to do scenario number two. Okay, scenario number two is going to be a PC replacement. So I have here a PC, it’s Windows seven, it’s old, it needs to be replaced. And he’s sitting at home. So he’s waiting for a new device, he’s got all excited, he gets a new device shipped. So it gets shipped over. And all he has to do on the new machine is powered on because this machine has already been provisioned, you’ve provisioned in the Swimage web console, it’s got the templates assigned to it and knows exactly how to build it, powered on you get this screen. This screen is waiting for the old PC. So waiting for the OPC is simple, it just puts it in this statement, it says I know I need data from an old device, I’m going to wait for that data to get transferred. So I’m going to layer them on top right now. And I’m going to go ahead back to the Swimage console. And I’m going to go to my old machine and what I want to do here is I want to kick off an action. In my deployment, I’m going to say I want to transfer data. Again, this can be done also self-service, so the users, with a little bit of instruction, they can kick this off themselves, it’s pretty easy process to do. Not a problem. So once it gets started, what it does is it scans in the background, a discovery, everything about this machine, it’s identifying. So that discovery process, finds all the applications, finds all the data, finds all the settings, find all the components, and then it gives you the styling it says okay, I’m now ready for the transfer. And so what you need to do on the new machine is simply type in the pairing code, it’s very similar to like a cell phone replacement, you put in the pairing code like that. I’m going to go and apply that. And once that pairing code gets applied, they’re going to handshake across the network. Now across a network can be crossover cable, regular patch cable over your wireless at home, or on a corporate LAN, doesn’t really matter as long as they can see each other on the network, they’re going to communicate, they’re going to handshake and they’re going to transfer the data. So the first thing that gets transferred, all that discovery information gets transferred over, which is basically your application matching rules, your personality things like that. And then once that gets transferred over, then it transfers all your data. So it scans based on the rules and says, I need data, I need my entire profile, everything in My Documents directory, and any type of file extension that fits the rules like a PST or something that’s tucked away in some weird location on the drive is still going to transfer all that information over the new device. The goal again is for that user experience so that when they log into the first time on their new machine, it looks and feels exactly like their old one and it has all functionality. So they can continue doing their job, as if they were still working on their old machine but now they have a new device. So they’re pretty excited, it’s easy to do, they can do this over lunchtime, dinner doesn’t really matter it’s mostly hands free, they just have to power it on and type in the pairing code, walk away, have a cup of coffee, watch a movie, whatever they want to do, and they get their PC migrated very, very simple process.
Now you can also do this in mass in an office, if you had a lot of machines, you wanted to migrate 500 machines on an entire floor in a building, you can do that very easily with this, you can have an entire build center, all you have to do is provision and then advance, very easy to provision 1 or 1000s of machines simultaneously with Swimage, you assign their templates that are ready to go, you power them on in a build center, they build all the machines up to a certain point, and then you can kick off this process, get that pairing code remotely and identify old to new, so you’re doing the old to new matching in mass. And then all you have to do is it’s going to build itself, transfer all the data, you just do a quick swap on the machines at the desk, and you can migrate an entire floor in a matter of couple of hours. And very, very quick process to do it that way. We’re going to let this run this is going to probably take another 15 minutes, it’s going to migrate all the things over. And I’m going to put him aside and I’m going to watch him on the side over here, and then we’re going to get back into the presentation. Okay, I want to add a couple of different upflow. Actually. So this is the PC replacement flow. This is kind of, I want to put this up here because a lot of times, it’s not very clear as to exactly everything Swimage is doing, it does a lot of work in the back end, because it’s fully automated, there’s a lot of code behind it. Yeah, simple process, you boot it up, put a pairing code, what actually does happen, this is what this flowchart does. So to set up this process, you have to have the agent installed on the old device, that’s simple, because it has to have that in order to create that template, do that discovery, get up, collect all your data and migrate it over. So it does that automatically. And then on the new device, what you do is you create that deployment role, so the deployment role, and then you assign templates that’s in the provisioning side before the machine even exists, you can do this. So you create your role, create your templates, assign your templates, and then what it’s going to do, then you assign that new role with those templates to the new machine. Okay, that’s when it gets shipped. So then you power on the PC at the house, okay. And then what it does is it kicks in and automatically starts building it simultaneously the old PC is now doing the export of the data. And it’s transferring now you can transfer either directly, which is what we’re doing in this example. Or it can transfer to the cloud to an external USB, it doesn’t matter where that data goes. The direct PC to PC migration is the fastest because it doesn’t have to have storage space. And it uses gigabit network to go directly from one to the other. So it’s a really fast process. So I like that one. But you have flexibility to do it any way you want to based on your requirements. Then once it gets that exported data, it transfers the application information over, it creates that template, applies that to the new machine and then it transfers all your data. And as it does that it’s building applying customizations, installing your applications and it restores the data. And then once it has all the information gathered and collected from the old device, then it’ll join the domain. And it can do that remotely. So that join domain on a remote process which has an elegant process for the data, it can either do it through Azure, through a provisioning package, or it can do it through a VPN tunnel. So Swimage has a remote connection manager that makes sure that VPN is established, it can talk to your domain controller, and actually join that domain remotely. So it has a very elegant process for doing that as well. So you can get the entire system completely migrated to a new domain, even on prem, on prem domain, Active Directory domain without any effort whatsoever.
So very, very simple process. So I’m going to jump out of that and I’m going to go into back to my deployment console, Swimage console and I’m going to jump out of him. So keep monitoring those kind of on the side. And then I’m going to jump into helping, this is the lifecycle management part of service. So now you got deployments all handled and everything now you get into the lifecycle. So This monitors exactly which machines are compliant, healthy. And you can start setting up rules to make sure machines stay healthy. And you can trigger events based on how far machines get out of compliance or if they become unhealthy and to manage them that way. So for example, if I wanted to filter this down, it’s a very, very snappy filtering process, I just simply click on which machines on this pie are not compliant, it automatically filters the top band to be all the machines that are not compliant. So I can take a look at a machine and say this machine is not compliant, because it’s not encrypted. So it has the rule, assigned, the rule is check for encryption. Okay. And the alert on this is simply alert. Now you can add additional actions on this criteria to say it’s not encrypted, you can do things like lock the system, reboot the system, reinstall applications, enable encryption, things like that, you have a lot of flexibility, what you want to do as far as what criteria you look for, and then which actions you take based on that criteria. And it’s completely flexible, we have a lot out of the box, but you can customize it however you need as far as maintaining your own company’s compliance rules and Swimage does that automatically. So what I’m going to do here is I’m going to filter, but I’m going to get to a machine, get down to my demo machine again. And I’m going to look for my demo that is not compliant. And we have one right here, I’m going to open him up, he is not only not complaint, he’s not really healthy. So what I’m going to do here is I don’t want him on the network, I’m going to bring him up, put him aside, I’ll show you what this machine looks like. Okay, and this guy right here. As far as the user is concerned, they’re sitting there happy they’re doing their job, they’re not realizing this machine is having some issues, but you’re certainly seeing it over here. So what I’m going to do is I want to add an action, I’m going to say, You know what, I want to do some security actions on this, and I don’t like what’s happening, I don’t feel comfortable with even the users on here, I’m going to lock the device, I do that, and then I’m going to save that. And what that’s going to do is send an event over to this machine, and actually lock the system and Swimage has a locking process. This is a system level lock. And what this locking process does is it prevents any more access to this machine. And you could reboot it, you can power it off or whatever. But you’re not going to get back in here. The only way to get back in here is if you have a technician actually physically on this machine that knows the passphrase to get past this lock screen, or send a command remotely to unlock it.
So at this point, this machine is completely locked out, I can go ahead and I’ll send another action to unlock it. I’ll go ahead and do that. Say that and then it can unlock the machine. Now that’s just one example of some of the things you can do with these activities. You can reboot it, you can reimage it and you can do multiple tasks. So I want to lock it out and I want to reimage the device, you can do that that’s really useful for kiosks and those public facing machines, you can actually send those commands out. If you see machines become out of compliant, let’s say you feel like it’s gotten hacked, it’s got profiles that don’t belong, or you can check for certain activity on a machine that says, I don’t like what’s going on in this machine, immediately Swimage will lock it, immediately. Swimage will rebuild the system from all known good source and get that system back operational without ever sending out technicians. So if you have kiosks that are you know, and in the wild, and you just need to manage and monitor those, you can do that directly from Swimage and not even have techs involved, it can do that completely automated. Okay, so that’s the compliance engine, and you can manage it pretty closely with that. So what I’m going to do is I’ll show you a little bit more about how the compliance is configured. I’ll clear all the filters and go into the configuration. So it’s basically built on triggers, actions and rules. So in this area, you’ll say I want to check for certain triggers. So for instance, I want to say check for GIMP is GIMP installed or not. So you’re going to monitor an application or you can check for Drive space, you can check for encryption, and you can monitor based on a script, a type of folder Swimage has a lot of built in activities as well to monitor and then based on what it finds, you can take action on those and the actions include alerting, taking action, running scripts, recovering system, deploying the system, locking it out, whatever you want to do as far as actions go. And then the rules once you once you’ve defined what your triggers and action are you can create a rule. So for instance, I have a rule that says I’m want to look for encryption. So the name of the rule is remediate based on encryption, the description is not encrypted, I’m going to run it in a single instance. So what this will do is run, as soon as it detects that this machine’s not encrypted, it’s going to run the trigger, which is going to have the action of enable encryption. So as soon as it detects this machine’s not encrypted it immediately enables encryption on it, and within seconds, it’s going to start the activity of enabling that encryption. So that’s kind of the way the rules and configuration are set up on there. Okay, so I’m going to real quickly jump out of here, I’m going to minimize these screens, because I want to go back and show you the end result of our processes. Okay, so this is the data transfer finished. And this is the new device, I’m going to go ahead and log into this new machine and kind of show you what we have on the new machine. Okay, and on the old device, I’m going to go and close this, now what you can do with Swimage is you can trigger this so that it will auto wipe this machine, most often you don’t do that, but you can if you’re high security, and you want to ship a bare metal device back on this old hardware, you can do that. So Swimage can actually wipe that device. Because all the data and all the settings have been already transferred to the new machine.
Okay, we are logged in, and you got your nice little windows 11 Start Menu. Okay, I’ll close that. And you notice side by side, I mean, it’s got all your settings, all your data has been migrated over, application matching has happened. So if you want an application installed from the old, it’s now installed on the new if you didn’t want an application installed, it’s not going to reinstall that application. That’s an important part because that’s how Swimage knows to purge certain information if it needs to, then you get the Swimage dialogue, the post Swimage dialogue. This is optional. And allows the user to do things like change your Keyboard Layout, change your timezone, all this keyboard layout, language, and everything will get migrated if it’s a PC replacement. If it’s a bare metal build, sometimes you may not know that. And so it gives you this option to allow the user to change that. And you also have the option to add applications in here as well. So you want to give them the ability to install an application, you can do that in here as well. I’m going to go ahead and exit that. And that is the PC to PC replacement. And then at the same time, while that’s closing that guy out, I’m going to log into the in place migration which is also finished. I’ll go ahead and log in there we go. We now have a complete refresh. It started in windows 10 and now it’s Windows 11. It’s got all your data, all your personality, everything back restored, you can just continue working as normal, now you got a fully refreshed system. And it will still give you the Swimage post configuration screen which will close momentarily. Okay, while that’s turning, what I want to do, is I’m going to show you one more cool little feature of Swimage, put my console here again, go back to my deployments, I’m going to find this machine, my post dialogue, I’m going to filter him back down again. He says complete here 100%. So I’m going to open him up. And I’m going to add an action. Okay, so you open up, what I’m going to do here is I want to show you how the rollback process works. So it’s Windows 11 now I’m going to roll him back to Windows 10, where he started and this kind of demonstrates the capability of Swimage in rolling it back. Now this could happen automatically anytime throughout the process if something did happen, you changed your mind or whatever you wanted, you can actually roll it back to the previous system. I’m going to go ahead and save this. I’m going to watch how this system rolls back. Just a couple of seconds and we’ll kick off the rollback process, there’s the rollback process and you can automate this as well. I’m going to say go ahead and roll this back and it’s going to put the system back to its previous state. I’ll try to do this real time as we’re going through. It takes about a minute or two. I’m going to demonstrate how quickly this process actually works. I do hope you enjoyed today’s session. Again, you can go to our website get all information about Swimage. We have a lot of capabilities that I didn’t cover today. So you can go and collect the data about how we operate, the encryption handler, we have patents around, mostly around encryption and deployment processes. We have a 25 year history in doing this for large enterprise customers. Typically, it’s a single quick setup, and you can go on going with your deployments and migrations, we do update the process, add new features, we’re kind of excited about some of the new tools we’re coming down the pike with Swimage, pretty excited about some of the security aspects of about what we can offer as well. And we do have a lot of knowledge around keeping PCs compliant, keeping PCs secure, especially now dealing with remote systems. Okay, what this is doing now is it’s booting into PE, and it’s going to then run the rollback process and as soon as it’s rolled back in, it’ll be finished. The rollback process itself, like I was saying, it’s roughly about two minutes and so here’s the rollback itself. It’s now taking the previous operating system and applying it to the current so what it’s going to do is roll the entire file system back to the windows 10 that had prior. And when it does roll back, everything’s the same, got all your same applications, all your same data, same locations, everything’s identical. And there’s the rollback process, it’s finished, it’s now booting into Windows 10, where it was before. Okay, very simple process.
Okay, a little bit more about the PC lifecycle management part of Swimage. So from cradle to grave Swimage handles this. So on the purchasing side, Swimage provides a really defined provisioning engine. This provisioning engine allows you to define all the attributes within Swimage and give you the machine name, which operating system you’re laying down, which applications you laid down, how to configure it, any customizations really anything you want to do 100% of the time, you can manage through the provisioning engine within Swimage. This is a centralized provisioning engine. So single quarterly, you go to, you can do basically everything with that. Okay, then once you’ve got a provision, it’s fully automated, you provision it and then the PC boots up, and it knows exactly how to build itself. And that building itself can be basically unique to every single device in your organization. Once it is provisioned and built, then you get into maintenance mode. Maintenance Mode is anything you need to do around monitoring the PC Health, remeeting any issues, upgrading the operating system, repairing problems, you can recover from malware, you can recover from ransomware, you can keep this PC compliant. So you can detect if it’s out of compliance, you base those on rules. If those rules get mismatched, and you need to realign that machine, you can do that very quickly through micro programming, which can fix little issues. Or you can step in and say you know what, this is not compliant, I’m actually going to rebuild the entire system from scratch. So you can take it from one extreme to the other if you need to, based on your needs in your organization. Okay, and then you can also refresh the PCs for a new computer. So you can ship out a new PC, migrate everything from the old machine to the new machine, that’s a very, very simple process, I’m actually going to demo that today. And that process allows for even the users to do that themselves. So you can ship out a new machine to the endpoint, to the home user and all they have to do is power it up and it’s going to migrate everything from old to new that simple and they ship the old one back. So very, very simple process for that it can be done either individually like that at home, or it can be done in mass so that lots of machines can be done in an office simultaneously without really impacting your bandwidth at all. Swimage is optimized to be very bandwidth friendly, whether it’s a lot of machines in the office or a single user at home even through dial up Swimage can handle those kind of requirements. Okay, and then finally when it comes to replacing that PC, you can then dispose of the old one, you can do a wipe a DOD wipe on the old one if you want to, after all the data has been transferred and then you can dispose of that machine, so very very simple process in managing your lifecycle for all your machines. And then you start over again with an industry and you can continue to maintain. The goal again is to make this a very simple process, easy for the users, very painless for those end users that they can get machines up and running very quickly and really minimize that downtime. The goal here is to reduce IT expenses, so reducing the IT expenses means minimal shipping cost. So if you have to ship machines out right now, because you need to fix issues, but you don’t have a really good support model. Typically, that’s what ends up happening. You have a home user, they’re having an issue, it’s cheaper to just ship a new machine, they use the new machine that they shipped out. And then they send the old one back and it gets decommissioned or you ship out a loaner machine and then temporarily, they ship the old one back to the depot, it gets migrated to machine or repaired and then the shipping goes back. Rather than doing all that cross shipping. What Swimage can do is simply be a triggered event that says this machine is running slow. It’s not right, it’s got malware, it’s got something going on with it rather than shipping in a new device, simply fix it in place. So what it will do is it will send a command out, it will redeploy the entire system from all known good source in place, no network required, no external storage required. It does everything in place on that same drive, rebuilds the operating system, it reinstalls all your applications, migrates all your settings, profile, state everything about 30 minutes, you’re up and running, that completely eliminates those crash shipping just to simply fix a machine. It also reduces your support costs, because you don’t have individuals having to spend hours on the phone trying to figure out what’s going on with a machine, it’ll simply trigger an event says, go ahead and redeploy. We can take that to another level and the users can actually do this themselves, if they feel like they’re having a problem. Last time this fixed the problem, I’m going to go ahead and do it again, they can actually reinitiate a rebuild of their system in place, knowing that they’re going to have all their functionality back app settings, data, everything they need to do their job is going to be recovered on that machine. And in about 30 minutes they’re back functioning again.
There’s an external benefit of this as well. So if you reimage machines more often, or you simply wait for a certain period of time and just reimage the machine, say toward the end of the hardware life, traditionally, which might be three years, refreshing the operating system is going to speed up that machine, because it’s going to get rid of bloatware, it’s going to get rid of all the fat that’s on that machine that has been slowing it down. It’s not the hardware that slows down, it’s the operating system, the bloat is on. So you’ve refreshed that machine, what you can do is instead of having three year life cycle in your machines, you can get hardware life, 4, 5, 6 or plus years, on these machines, we’ve had customers getting 9, 10 years out of a piece of hardware, if the hardware is fine, it’s not really miss-functioning or anything like that and the users are really heavy users, they can live with hardware for as long as they need to. So Swimage is a really good process for getting that exact hardware, it saves a lot of money. Okay, next we want to improve performance. The idea is that we want little to no downtime, the users can get up and running very rapidly that can be done over lunch, it can be done overnight, it can be done if there’s a critical issue during the day, because it doesn’t take very long to get it completed. But the key part about this is all data settings are protected, and retained. So at the end of the process, users don’t have to spend another day or weeks trying to reconfigure their outlook signatures, or reconfiguring all their little, where the icons are located and getting exactly the way you want that personality gets transferred with Swimage. So they log in, they don’t even realize anything’s changed, except on the back end, it’s a brand new operating system, it’s all new installed applications, it’s all cleaned up. Any of the bloat, anything that you didn’t want on there has been purged completely. So it’s a really clean build. But that personality still gets retained, which makes the users very happy, they continue their job, which is really about maximizing their performance for your company. And then finally what I want to talk about is a little bit around the business continuity, this is a really important factor because Swimage is designed to allow for business continuity and get triggered in the event of a disaster recovery. So if you have Swimage enabled on all your devices, and you have a malware outbreak, for example, you can use Swimage to trigger that event. So that malware gets purged very quickly from your organization, it will lock the system and will immediately trigger a rebuild of your systems. And this can also include ransomware, we have a ransomware recovery component as well, that does a backup of your data which can restore. So what happens is because Swimage resides on the machines itself, it can recover from itself. So it recovers the operating system, all your applications, purges your ransomware it can be done completely remote, and it can do all simultaneously. So you could actually have an entire system recovery in a matter of minutes to hours versus weeks or months to get a full company rebuild if you have that kind of outbreak. So Swimage is a fundamental part of disaster recovery. And then also we have the piece, fits in that’s security compliance, making sure that all machines are within bounds of security. So if you have kiosk machines that require high level of security because they’re public facing. If anything gets out of compliance, it feels like it’s getting hacked or anything like that, on these devices Swimage can kick in immediately and lock that system out from any further attacks. And then it can also not only lock it out or report it, and rebuild the system in place without any ability to access the system while it’s being rebuilt.
Now I’m going to talk about the offerings of Swimage. First, we’re going to start with the Swimage endpoint management. That is our flagship product. It’s been around for a number of decades, and what it allows is for the rebuild, reimaging, bare metal build, PC replacements, recovery refreshes domain migrations everything to do with imaging a device, imaging the device includes laying the operating system down, including drivers, application settings, data migration from PC to PC or in place for recovery of a system, whether it’s malware, or just you need to refresh the operating system or domain migration. Swimage attune is an extension to Swimage in play management. Swimage attune allows for the extension to the home office for the worker from home, remote worker that’s very hard to read. So what attune does is it gathers all the components necessary to build that machine, and it creates a recovery space on that device, keeps that recovery space secure and up to date so that in the event of a future migration, attune is at the ready to redeploy this machine. With attune it allows for a mass upgrade of an environment. Or if you need to do disaster recovery, it allows you to rebuild systems simultaneously and get the entire organization back up and running in a matter of a couple of hours. But compliance enforcer is another extension to the Endpoint Manager, which allows for devices to be based on rules, monitored and fixed and repaired as needed. So it keeps machines compliant, you set up some rules within Swimage and the compliance enforcer to say, I need to have certain settings always installed, I need to have applications installed. If a machine gets detected and does this within seconds, as out of compliance, then the compliance enforcer will take action, the action can be repair that application, upgrade the operating system, it can lock the system, it can reinstall software, do whatever is necessary to fix that problem, get that machine back into compliance. Okay, next we have the ransom recovery. Yet another extension, which is a plugin, it allows you to do all the existing components of rebuilding a systems recovering from malware. But with the ransomware, your data is no longer intact and reliable. So what ransomware recovery does is it adds a backup component which is an incremental backup to your devices. And when a triggered action happens where you need to rebuild the system because of ransomware, everything else gets rebuilt from known good source, good applications, good images, good drivers, and then the data which is no longer reliable, gets retrieved from these backups. And then the encryption converter is a tool. It’s not an extension, it is a separate tool that allows you to zero touch in a mass scale, converting encryption from one type of encryption to another. So if you want to go from encryption A to encryption B what it does is it locks the system, it will add a second layer of encryption to the machine, it will then remove the old encryption, decrypt it, remove it, and then it will securely add the new encryption, re-encrypt the drive, unencrypted the second layer encryption and then unlock the machine and get it back to the user. It takes a couple of hours can be done overnight and it is completely zero touch and highly scalable. You can do anywhere from a few to a few 1000 a day. Okay. And then finally we have our white-glove services. The white-glove services for Swimage allow you to use our expertise to do any type of managed services, managing Swimage itself, managing all your compliance, your rules, we have a lot of expertise around that. We can also do provisioning. So we would provision all your devices, ship them to the endpoints, and we would keep all your systems healthy and secure.
I’m going to bring up my PowerPoint again. And talk a little bit about what value Swimage brings to our organization. Now we did a case study for a company and this is kind of the information which came out of this case study of where the savings were at. And there are basically four main buckets, reduce user downtime. This is the amount of time a user has to wait for their machine to get functioning again after something happens, so maybe he gets a blue screen of death, it dies, it gets a virus, whatever it is, depending on where they’re at and where the technicians are. I’ve seen home users get two weeks downtime before they can get fully functional again, because of the crash shipping that has to happen and that sort of thing. And for those remote workers, the downtime reduction is significant because Swimage can kick in, rebuild the system and get it functioning in a matter of minutes versus sometimes weeks. But on average, we discovered about 80% reduction in user downtime. Okay, now we have the reduction in shipping costs. So reduction, especially for the homeworkers where you’re shipping loaner PCs, or shipping their old PC back, it gets repaired, it gets shipped back and ship the loaner back, reducing a lot of shipping. And anytime there’s a non-hardware related issue Swimage can kick in and fix it, regardless of the issue, if it’s blue screen of death, because the operating system got corrupted, bad driver, something like that gets on that machine, malware Swimage will fix that. If it’s not a hardware related issue, you don’t have to ship machines, because Swimage can fix that in place, reduction in shipping costs we found was about 90% reduction. Again, it varies based on kind of what your activities or business processes are. Okay, next is reduction in support and tech costs, we do that by 95%. Most of the time, this is all self-service, you can do this remotely, you don’t have to send out second tier support. So Deskside Support here many times goes away, instead of sending out second tier support, which is your desk side, hey, user, step out of my way, I’m going to sit at your desk for the next four hours trying to figure out why you’re having these pop up or whatever you’re getting on this machine and tweaking the registry, uninstalling apps or whatever, first tier support can simply rebuild the system. So they can send on the command to either fix it or complete reimage it, they don’t have to send a desk side support, they can do it overnight, they can say no, I’m going to schedule you for let’s try 7pm, you’ll be home, come back in the morning and tell me if the problem is solved. And more often than not, Swimage will solve the problem, that machine is fully refreshed, you just say thumbs up, ready to go, tickets closed, very little support, tech time involved. Okay. And then finally, is the increased throughput. If you have a mass migration, if you have a domain migration, acquisition, something like that, we can increase the throughput significantly 650% is this particular example, again, may vary. But it’s because of the snapshot that we can do very aggressive, we were very robust, very resilient, very easy to set Swimage up, it takes very little effort, Swimage is up and running, you get it installed, you configure your templates, this is what you want to do, it can build the image, you can start pushing out very rapidly. So instead of having months, six months to a year, sometimes two years before you can take an entire organization and migrate it from domain a to domain B, we can do that in a matter of weeks. So throughput gets significantly improved. If you’re really gutsy about it, you can do an entire life switch migration one weekend, you can get an entire organization migrated from one domain to another using Swimage. Because the actual technology behind this is robust enough to allow you to do that.
I want to talk next a little bit about the ease of setup, comparing specifically the auto pilot, we’re getting a lot of feedback from the challenges, there’s a lot of a lot of push to go this direction, Microsoft is providing it with the EAs, but they have a lot of prerequisites, that’s a little concerning, because you have to have everything Microsoft related, it’s got the EA, you have to have OneDrive, you have to have Azure AD, you have to have Microsoft Intune to really take advantage of what our Autopilot is offering. But that also means you’re giving all your infrastructure and identity and all your data over to Microsoft. And who knows what they have in store for the future as far as licencing goes around that, I’m not sure everybody is really keen on giving that all over to Microsoft because that could be problematic later down the road. Rather than that stick keep control over that. So Swimage allows you to control your image, it allows you to control all of your applications, it controls all of your data doesn’t matter where you store your data Swimage is going to manage that. It’s very easy to setup. So Swimage setup is a couple of AD accounts, a SQL database, a single server, it doesn’t matter the size of the other organization, we have customers on a couple of 100 machines up to 350,000 plus systems being managed with Swimage in a single organization. Still the same kind of infrastructure, very simple setup, it’s a click, click next, finish, couple of hours fully functional, that fully functional, meaning you can actually start deploying, kick off the agent, you push it out. And those machines immediately are ready to be rebuilt, managed, controlled everything through Swimage because we have so many of the out of box templates and everything already configured 80% of the time. It’s like yeah, it’s good to go ready to configure and start using Swimage immediately. So and then deployment time is about 30 minutes anytime there’s an issue you can rebuild a system in 30 minutes. On the Autopilot side, not as much, it can take a long time to even deploy a machine. And if they’re remote, low bandwidth, no bandwidth, can’t do it at all, it doesn’t work. So you have a lot of limitations, it’s heavy labor to set up, there’s a long learning curve, you have to have special talent in order to manage this, which usually translates to expensive talent. You have to have multiple portals, anybody that’s used it and trying to manage it is always frustrated with Microsoft regularly changing what their portal looks like and what you have to do. And all of their policies that you do within Autopilot, are really Microsoft driven. So you have some flexibility what policies are, but it’s within their limits. So you can’t say for example, I want to change some of the Windows components that are installed by default, because Microsoft may not want you to do that, through Swimage you can change any of those, you can remove any of the Windows components that you don’t want to have in your organization. Installation is a lot of times weeks to months with Autopilot and configuration takes a very long time. And it’s a lot of technical debt to install Autopilot. And once you’re into that technical debt getting out of it, is also very expensive. So you’re, kind of at the mercy of Microsoft, whatever they want to do for their licencing fees, they’ve got you. Okay, so we want to make everybody aware that there’s an alternative to that, you don’t have to do that. However, if you want to go Autopilot route, we can leverage it, we can still deploy applications from Intune, we can support the Autopilot provisioning process, we can do all of that with Autopilot, we certainly don’t depend on it.
Okay, then coming to the actual deployment flexibility, which you can do with Swimage versus Autopilot, Autopilot is very rigid. You can’t customize the image, you’re going to get the latest Microsoft image, whether you like it or not. Swimage allows you to have that fully customizable. You can build and maintain it with Swimage. Like I said earlier, with Swimage you define your image within Swimage and say, I want my image to look like this, I want it to have these customizations, these settings, these applications go, Swimage will actually rebuild that entire image for you, sysprep it, publish it all with one click. So it’s very, very easy to manage and update images with Swimage. Swimage also manages your hardware drivers, you can point to an existing machine and extract the drivers directly off that device and create a driver pack out of it. So you can customize drivers, you can create applications that are treated like drivers. So you can have an application that is packaged like an application, but handled and installed like a driver. So for instance, your hotkeys or whatever is specific to a certain type of hardware, you can say install this application on this particular hardware, based on what Swimage detects on that machine. Okay, and you can also use hardware wild carding, say, I want all Dell machines to have these couple of drivers in addition to all the other normal drivers it’s going to use based on its P&P. Within Autopilot, the hardware drivers are pulled down from the update. So the update stores fine for the vast majority of them, we have no problem with that. But there’s going to be exceptions to that. And Swimage can also support that model. But Autopilot doesn’t have any exceptions for those off cases that are once in a while you’re going to have a driver that you don’t want from the store, you want a specific driver for a specific model, you can do that. On the application side, Swimage can handle any type of silent application from anywhere, it can stage those locally as well. So they can install those rapidly and be ready for those applications immediately on first login. It also does a matching application process. So it can match applications based on what it found in your old system, your old operating system, match those based on rules and reinstall those applications, you can reinstall the same application or you can pick and choose different applications based on app A, I want to reinstall B you can do something like that. And then on the Autopilot side applications are fairly rigid, has to be in the Microsoft or in SCCM through SCCM applications. And it’s very bandwidth restrictive. So you have to have pretty high bandwidth to get those applications installed. And it can take a long time before applicants are actually installed on a machine after the user logs in. Which becomes a problem for the zero trust process because you could have a very long wait period with Autopilot before that machine actually become secure and compliant. Whereas Swimage that machine’s compliant before the user even logs in for the first time. And then on the customizations we have the ability to customize anything you want to with this process. We can customize templates, you can add additional scripts, any type of executable, run through it PowerShell. And you apply those customizations to a template, that template gets applied to a provisioning process, that provisioning gets applied to a machine and then that machine is going to honor that throughout the life of that machine, okay, customizations within Autopilot are really strict around group policies. Again, like I was saying, group policies within what Microsoft allows on Autopilot are restricted based on what Microsoft wants you to see, they’re controlling the Group Policy, you’re not.
Although you can manage which group policy or you can add your own personalized group policies in there. Okay. And then data protection, we protect data no matter where it’s at, it detects where the data is at, based on rules, it keeps data where it’s located. If you want to migrate data with Swimage, go I want to go from localized data to OneDrive, you can do that if you’re already in OneDrive, Swimage can handle that. And it’ll migrate data wherever or however you want and you also have data within that. The snapshot. So it does do that snapshot. If you ever need to retrieve data, that snapshot has all the data in there. So even if your rules missed it, you can actually go and retrieve it. The goal again with Swimage is never have any data loss, and always have your data protected. Now that snapshot in the event of malware can be also be taken offline and you can take that and put it into its own virtual machine and you can do forensics on it. If you see malware on a machine, you get that machine fully recovered, take that snapshot offline and actually go through that process and find out where the malware came from and do that sort of forensics on it. Then we also maintain encryption throughout, so at no point is data ever decrypted on that machine. If you start encrypted, you’re going to keep that encryption through the entire process. On the Autopilot process a little more rigid on that. If you really want to maintain your data on a PC replacement, you have to have it in OneDrive, there is no process in Autopilot to go to directly from PC to PC, or even to some type of external storage, you have to have it in OneDrive for to get restored. If you’re doing an in place rebuild, it does delete all your data, you can retain just the data in your profile, anything outside of your profile is gone. It’s unrecoverable at that point. So you do have some risk and data loss if you’re storing data outside of your standard profiles. And you also have no control over any of the settings with Autopilot that you do with Swimage, you have full control over all your data retention settings.
Okay, quick summary of everything I talked about. I’ll let you read through this. Get more information though, on our website, we have a lot of information on the website about how Swimage operates a lot of detail about any of the specifics around here, how data is handled, how applications are handled, a little bit more about the console. And you can also go to the website and get more information about setting up. You can request a demo, you can contact our help support, you can request a quote, things like that.