< Deployment

temporary Preface/Background info - Work in Progress - all Help needed and very welcome!

Dwe 13:52, 23 June 2008 (PDT) Notice: since the existing content was old, obsolete and contained just very little information regarding deployment but a lot of marketeesh, i`ve decided to do/try a fresh restart, moving the old content into the 'obsolete' section.

think tank/ brainstorm: current objective, status and further plans

Objective: provide a place where basic questions, definitions etc. can be discussed etc - please think of this article to be in 'think tank/ brainstorm' mode.

Status: 10-20%, shrinking of long passages required as well as fixing spell, grammar and format - errors. (I`m not a native speaker/writer and the text has not yet been reviewed, please feel free help there. :))

Plans:

• having other people contribute feedback, add /review article sections, discuss etc. Even if someone thinks the article is nuts is asked to provide a short comment...

How you can help / contribute

Tasks:

• fix text errors

• research and review resources on the web

• using the requirements list and scratched design of the toolkit:
  • research, review addons that provide required functions and add them to requirements list as well as the toolkit structure

tia, dwe

Deploying Firefox

Why is a 'new' article needed?

Though there are numerous sites about the deployment of firefox in a company, they mostly just scratch on the surface, are outdated/not verified to work with the actual version, pointing to extensions and tools mostly created for older firefox versions which were not developed further and are obsolete today.

There are Groups like the FireFox Enterprise Working Group, but i`m unable to find a site and project that focuses on the basics and provides reliable, verified information.

If someone has links etc. of actual project, please drop me a mail and/or add them here, preferable with a short description.

The group mentioned above has some interesting information, but the scope of the case studies are installations with thousends of pc`s and partly very highlevel requirements.

Corporate demands often result from the requirement to implement certain management systems or to comply with standards - even in the it department.

The increasing usage of it-management process-modells, with ITIL beeing one of the most widespread, forces more and more the companies to implement them, requiring software, configuration and processes to comply.

Currently just one single individual installations using the internet for updates and as source for the installation of updates simply bypasses and violates eg. the ITIL change-management process as well as security.

Microsoft internet explorer can be updated using a company operated wsus or softwaremanagement server, how can this be done with firefox and extensions?

With the browser evolving to the most important platform directly following the os, microsoft beeing in a strong position with the bundle of os and browser as well as providing all the tools and concepts to maintain ie installations in corporate networks, mozilla firefox is required to catch up - and do it fast.

large group of possible users left out

One of the in my opinion most important group of users appears to be left out: the sometimes self-learned, part- or even free-time working operators managing networks with roughly 5-20 systems up to administrators of networks with 50-500 systems or more.

These guys won`t do a custom build of firefox to meet the companies requirements ever. Typically they are also very reluctant of fiddling with a bunch of different tools.

Quite often these operators and admins already have had a hard time to explain to dubious superiors that 'It`s Opensource - we don`t pay licence fees - it`s free' as well as 'No we can`t buy a support contract from mozilla, but we won`t need one', often promised 'it`ll work like the other browser' and finally gotten a cautious approval with typically either none or a very small time budget, also beeing often expected to do unpaid overtime once the approved time budget is excessed.

Knowing they`ll be the one pointed at if something later breaks or just appears to be broken, they prefer to play it safe: minimal configuration and settings, none or just a few small extensions (eg. duplicate tab but avoiding Mozbackup), unwilling to search the web for non-standard tools and to read several tutorials on 'how to repackage firefox', they just want and need 'tools that work'.

With firefox lacking these 'official', easy to use tools to customize, reconfigure, repack and deploy via standard distribution methods as well as no means to remotely maintain already deployed configurations, extensions and their settings, these operators and admins have to choices:

• leave it

• go for it, despite the lacking tools

The later are those still eager to do almost everything to avoid the 'other' browser, and instead of giving up and cancelling the project (perhaps with a smirking superior commenting the apparent defizits of opensource software), they try to meet the company requirements, but are often forced by small or non-existing time-budgets to deploy firefox in a way that not only leads to diverging software revisions, patchlevels, installed extensions, settings and configuration settings, bus also sooner or later resuls in unmaintable setups which finally become security risks.

This group is especially in need of tools, reference / example solutions etc.

Deploying Firefox - from original article

Many people are using Firefox at home, and many also want to use it at work or see it on public computers such as at libraries or Internet Cafes. This article provides links and references to issues that might come up when considering or executing a Firefox deployment plan. It describes a wide variety of tools and features available that can be to deploy Firefox and centrally manage and control the use of Firefox in enterprise, business, education, and a variety of large and small organizational settings.

The Rational for Deploying Firefox inside Organizations and Institutions - from original article

• It is interesting to note that Firefox market share in corporate environments appears to be pretty closely tracking with the increased use of Firefox in the general internet population. Firefox use inside many organization often starts with IT, web development teams, and engineering departments and then spreads to other departments and individual users.
• Concerns about security is a strategic reason some organizations move to Firefox exclusively, or set up support support for multiple browsers.
• Many users choose Firefox when it is offered inside their organization, or go around IT policies because it makes these users more efficient and more productive in accessing information on the web. They take advantage of firefox features such as tab browsing, rss feeds, and integrated search to get more done, faster. With the amount of time that "knowledge workers" spend using a browser each day these productivity increases can add up to be significant to the bottom line and the competitiveness of a company.
• Some organization also chose Firefox as a tool to assist in ensuring development of internal applications and documents comply with web standards, and that the organizations do not get locked into proprietarty document formats that could become difficult or costly to support. If your applications and content works in Firefox its highly likely they will work in other browsers, and open up possibilities that ensure your internal organizational content is searchable and useful with other applications that support standards.
• International organizations, and organizations that support multiple Operating Systems also like Firefox because its a way to standardize the browser for all their users. If you have an organization where engineering teams might use Linux or Unix Systems, Design and Web Development Teams using Mac, and Business Teams using Windows Firefox is the one browser that can be used across the company, and its available in over 40 languages.
• Firefox can also be customized and extended to meet specific needs of an organization by creating addon extensions or building on the Firefox platform.

Company vs. Enterprise - different requirements and priorities

Though the usage of firefox in corporations is generally labeled as 'enterprise usage', the group of enterprise users is split into at least to parties with opposite or different requirements in addition to the already ones:

Enterprise: 'Enterprise' is almost allways connected with large corporations having more than a couple of thousend employes, remote locations and usually a sophisticated it-infrastrukture neccessary to provide reliable it services to thousands of users.

It-departments typically have the capability to develop applications, tools, interfaces and other kinds of software neccessary to integrate applications into the company infrastructure as well as ensure that requirements are met.

important firerfox requirements: - networked based configurations : store configurations on a network,

Company: Even a a small shop with eg. 10 employes and 5 pc is a company, needing the same access to common it services and products like an enterprise though on a much smaller scale. Depending the type of business, they also may have have to comply with the same laws, current jurisdiction and may also be required to implement standard business-processes at least for some processes (eg. the requirement to implement risk-management system etc.).

Companies of these sizes often have very small it-departments, sometimes backuped up by external consultants, with the admin often performing additional duties or working on a half-time base.

important firefox - requirements: - package builder: tool to customize and dristribute firefox in a company network

In the end, the reasons for the differences boil down to a simple cause: human resources aviable - for the project - for lifecycle management and support of productive solution - to build up knowledge on operational issues - to build up knowledge with a broader scope

which also defines whether there will be knowledge aviable as well as the amount of time required - to operate: common, day-to-day tasks, mostly changes of already existing targets - to operate: and administrate: being able to run the initial deployment, do major changes

	- to develop: to actively use the framework to extend features and functions by 

- doing research, testing and integration of new addons - to develop and provide custom solutions not covered by existing addons or configurations

The obvious conclusion is that the main diference isj ust the time and humand resources aviable: - enterprises are able to throw much manpower and have aviable knowledge to find a solution to a problem - the same problem can be a unsolvable showstopper for smaller companies because of missing knowledge and/or, time required to develop a solution or build up neccessary knowledge.

Even the amount of time and/or knowledge required to for daily operational taks might be too much.

list of requirements

common mandatory requirements

• operational tasks completely aviable via interface/console

• predictable amount of time required for operational tasks for calculation of the time required in productive use

• customziation and redeployment of customized package

• silent installation, upgrade and removal of the package using common software management tools.

(the 'big picture'...)

• preconfiguration of settings at install time, such as update- and addon-source, security settings and configaritions like custom CA`S and certificates, default profile, etc.

• protection of basic application settings against changes on at least two levels: global se, affecting all firefox users on a machine and per-profile settings.

• controlled deployment of updates, using a company-owned update source,

( Change-management anyone?... we`d whack the whole process if we allowed the installation of updates from a website, not knowing/caring wether it was successfull or not, without tests and verification in the company software environment and without an informed decision to deploy the update at a certain time or to delay it...)

• reporting success and failure of all post-installation changes that are not controlled by common software management systems made to the package itself, addons as well as configuration settings, to a central collection point, acting as source to feed other management or monitoring systems.

(It does not help to know just the release number - we need to know wether eg. custom certificates were properly installed, a certain addon is installed, the configuration is protected etc. of each installation)

common optional requirements

Either extending existing requirements or new ones:

• granular protection of settings 'per - item'

• whiteliste of sites allowed to install updates and addons

• requiring a custom certificate for updates and installation of addons

+ split -configuration: global, and user

• concept for loading /storing configuration via https, webdavs etc. a

• concept how settings& configurations of addons can be maintained the same way as the firefox configs.

• generic, operatingsystem independent, interface to enforce configurations via policys. connectors to the different systems like MS ads-based grouppolicys as well as linux, mac-os specific ones - not everyone has an ads running, policyfiles loaded from a share would make life a lot easier.

• best-practice, cookbook, real-world examples

typical enterprise requirements

common roles: operator, administrator, developer

Enterprise requirements for applications typically are:

- deployment and update/upgrade management possible with the existing software management systems

- configuration settings controllable on a per-item level

- configuration at deep level, settings hidden or not accessable by default firefox configuration interfaces

- support and maintenance contract covering the application lifecycle

- security and access conrolled via interface with MS group - policies

typical small to medium sized demands

common roles: operator, administrator

A small to medium sized company might have the following requirements:

- easy customization (eg freeze of existing installation and use as base as well as profiles, creation of custom package, easy deployment

- centralized management interface for: firefox + addons lifecycle and to all items additionally required .

- secure access amd usage, integrated into firefox, error checking/input validation, logical strucure of functions and application behaviour,

- wizards for common tasks

Which all are related to the management of firefox itself, do not exist, are in high demand and therefore a reasonable developer task :)

the list of questions

Apparent and usefull points to think about and questions to answer on 'how to make employees use and get used to it as common tool which is daily and actively used. are.

Functions and features probable or already known to be needed and/or demanded currently or in the near future:

feature and functions - questions to define the general corporate requirements

- what functions/features expects a corporate user as: 
-- usefull for daily work or tasks
-- easely aviable
-- in common use 

- what are the expectations on aviability, interface ergonomy, even look, design and style. 

- what are functions which could be grouped/combined/replaced and how are they currently provided

-what are functions officilly known as missing, wished, in need for improvement, logical when eplained etc. 
 
- needed: how are the existing features connected to business processes as well as other applications

- how would these functions/features be expected/or aggreed on to be provided on application level? 

- what features may be required in the near time resulting from general development or projects?

rinitial research and evaluation of possible solutions and suppliers - checklist

- what are current, competing and future solution concepts and are there alternatives?

- when searched: how are the results rated, how many referenced by other sources, etc.

Qustions on aviable solutions - are there commercial products already providing all or parts of the functions, if so, how ?

Opensource - are there opensource products and projects providing all or parts of the functions, if so, how?

Opensource Projects: - are there dying or dead produkts or projects, with the last change of site more than 1 and 2 years ago, - if so: what were the reasons? - What where the major points of trouble, what the smaller ones? - Do current solutions for the problems of earlier projects exist, have concepts, approaches changed?

License /patents/lockouts - Are there concecpts covering or related to the functions/features etc. currently locked by patents or other ipo, - Are there patents already filed and pending, - Are the patents for sale, been recently traded, been recently discussed on the internet and/or in common media? - if patents/ipo: when filed, who is the holder, his position on oss, what is planned to do with the patents, reason for patent if known? - What already known proposed or developed alternate concepts do exists and are these also in danger?

Platform - Provider: Mozilla, mozdev etc. - what is the official mozilla point of view, declared position, current or announced or expectable interest? - what the inofficial one of core developers as well as moziilla and firefox core related communities, are there discussions, is it actual in the community or group? - what specs, actual need/demand, expectations/requirements, concepts, approaches and discussion already exist? - what other interested parties that might or already demands the feature and function?

actual situation: firefox and corporate use : what a possible customer searching the web currently sees

From the position of a company considering deployment and use of firefox, for everyone starting a research on "firefox" combined with "corporate network" or their sysnonyms.

Searches like these are used to verify the project, backup/ support decision process as well as to select candidates for further evaluation from exisitng projects, vendpors,. suplpliers.

general 'knock-out' indicators are:

first class: - no dedicated website provided by project, supplier, vendor - no current, outdated or irrelevant information (like the previous text here - see obsolete section) - no current development and releases covering at least firefox 1,5 -2.x - no current downloads, site hits - no identifiable userbase or size of actuall installations unknown or very low - no mailinglists, forums etc. or not returned by results - no active community of users and developers - no active community support - no active bug-tracking - concept proven as not practical, logical approch or obsoleted by current different ones

second class: - no or bad online and/or common media coverage - current unfixed security problems - solution provided as oss is part of larger, commercial application

The decision wether the project itself is reasonable as well wether a vendor or supplier is a candidate is made quickly, not showing up in a general query on the projects target mostly results in not beeing pre-evaluated and therefore not beeing considered as solution provider.

Overall picture based on results

Using google as 'eyes', the results returned were linked to resources with felt ~90% of the checked ones having the following general problems:

- to old / obsolete: the date last changed is more than 1 or 2 years - unaccessable/unaviable - documentation etc. - downloads unaviable - sourcecode was unaviable

- development stopped: no active developmend planned, no plan published, active bug-management. - no new users: project has had no new users (downloads, comments, reviews) - no current information, active, dedicated community or a board or even current related thread, - few or no interlinking between projects, not mentioned in current, related results, no reviews.

After a surge in interest and many corporate use related projects on tools, functions etc. in 2004, 2005 and 2006, most projects were closed or died after an average time of 1-1,5 years existence for mostly unknwon, not offically stated reasons.

There are very few related projects which can mostly be found only by references in other documents. These are also not showing up in google.

Blogs, articles etc. covering the field mostly show concern about the neglectance of this theme and/or link to old/obsolete resources.

Conclusion and important missing things =

The corporate usage of firefox does not seem to be of much general interest, the need only seen by several groups an people.

The most important things missing are: - a central, dedicated and living website providing initial information, faq, existing solutions, similar or related projects - central website rated within the first 5-10 results returned by queries like the ones decribed here. - a faq - a definition of corporate use and the resulting requirements - possible concepts - corporate usage scenarios

´software evaluation - first quick glance` - method, results and ratings in detail

This method is focused on the scenario 'corporate software project` and meant to be used for for initial eveluation of of aviable sources and possible candidates and selecting candidates and suppliers for further evaluation, as well as meta-information providing static ratings based on the results of this process..

. 

Using one or two popular searchengines to crawl the web for a list of questions to ask, facts to check, points to consider, this first evaluation gives, apart from the mere technical facts, am impression and feelingm especially wether software is fit for production usage and the vemdor is reliable, even before having a further look at the other information and spending an average of 5- 15 minutes on each query, questions answered by results average total: eg. 10 comp / -5std.

When using limited time for each query to check results, select a candidate, do the checks and documents results as well for the whole process makes for predictable use of time - resources.

Should be done simoultanously by two or more individual testers to reduce personal views of testers on results.

Questions can be implemented with webbased query systems, even on the free ones existing.

Ratingmodell, queried facts and their rating, querylevel are templated and provided as lists. Typical range would be 1-5, 5-10 targets for evalution using this method.

Questions and the categories they belong to are those deemed to be typical and/or required The decision wether to further evaluate or to skip a product is often based on this first impression and the feeling, especiall if the search has the additional purpose to check the general prakticability of the proposal.

Now, let`s try that with queries combining "firefox" without version number with the words "customize" and "company" as well as their most common synonyms like "corporate" instead of "company".

initial evaluation: using firefox as corporate browser - googled results

"firefox 3 customization corporate usage" comes up with just one or two links from the year 2004 one of wich leads to an disabled account-

"firefox custom company" as well as "firefox custom company version" come up without exact or even related matches

"firefox customize company use" at least results in wiki.mozilla.org linking the CCK - Extension - grave as well as a todo - list and some archived conversations at the end of the page.

CCK - Extension via wiki.mozilla.org Last comment was added in 2005, this is also the last time something changed.

wiki.mozilla.org: Searching for firefox and/or company,enterprise or similar keywords Typical non-related results were a lot of links on 'toolbar customization".

Replacing firefox with internet explorer also results in few hits, but "internet explorer customization corporate usage" results in the ie administration kit showing up at third position.

Overall impression: A couple years ago the distribution of customized firefox packages in a company was a high-level theme to which numerous projects were created to provide the neccessary tools.

Current relevant information is nearly nonexistant.

= Addon: scratch design: Corporate Firefox Toolkit

possible design of a toolkit for firefox customization, deployment and management on a corporate network

Regardless wether in small nor in medium to largesized corporations: Tthe demands of it staff and everyone who needs to install, manage and support installations on more than a few pc.

Since requirements can be bit abstract, the following scratch designs shows a possible structere based on expected and/or required configuration and management tools.

Functions and features are grouped into hypothetical packages or products, one would/could expect to find when searching for something like "Corporate firefox toolkit" or "corporate framework for firefox".

The primary demand is as always: The product can be installed, managed and used with only minor changes neccessary to be expected on the existing it infrastructure.

Such a product might consist of:

- corporate manager tookit: - run as ff addon or xul app - plugin interface and structure, plugins are addons - access to main app, app manger and subtrees as well as moduls controlled by common access controll list providing typical acl - settings like 'per remote ip/net etc.' -

provide functions and categories required for management of the main package and as framwork for additional payload addons via network : - configuration and settings: - policy - apply configuration settings to firefox installations assigned to groups, define and distribute mandatory settings, lockdown of user - read/write access to all or parts of the configuration - profile manager: manage firefox profils, backup/restore etc. policies etc - addons and addon - settings: policy controlled install/update addons, access addon - software manager: install, update, removal - distribution : - manage install/update/upgrade as well as rollback for firefox, addons - is primary (only) uodate and addonserver for all ff installations

A 'security' page and other common functions of a function or feature could be provided by the main package but use settings provided by the addon they`re configured for.

possible modules: - corporate firefox manager:

- manager - provide and manage distribution of: - configuration: - global, per group/user configurations and settings - global, per user/group policys for configuration and settings - profile: - per - user profile and per user settings, inheriting global configs and settings - profile backup/restore

- distributor: - structure, security settings and the content of directories exported via ftp, ftps, smb, http, etc. - updates, provides addons and custom software - package builder:

=== Required: interface definition for unified functions every module and ff-extension shoudl support to allow: - unified acls defining access to addon function groups or single items (eg. user may run some addon - function, and can see but is not allowed to make changes, eg. a the lue of a backup-path. possible approach: labeling of functions or gui elements/functions with security permissions and/or unique identifier (something like a sec-guid) as pointer to permission definitions stored in a sqlite database (what is official mozdev approach?

- support for global security and configuration policys

scratch design: possible corporate user-level applications using the tookit as management framework

functions and features possibly usefull in corporate networks

The following describes a possible solution to provide

- provide functions/features neccessary or helpfull for the corporaton and it`s employees work. - provide interfaces easely accepted by users

in a corporate network, using

the application provided for the enduser as well as aviable source-code and documentation of existing, designed, planed for: - firefox - addons - firefox - based applications as well as webpages

and the framework of the previously described network toolkit

Using only ipo resistant or safe or alternate concepts Sourcecode, inheriting the license of the original as soon as the sourcecode or the project distributed to the enduser is used as source for further distribution of similar products.

The functions and features in this list are grouped and sorted into packages one would/could expect or agree to find and use them when looking for a project on a "corporate community/communication server" product:

- bookmark server: with user, group, global lists, change monitor, fuzzy-able search for near matches, bookmark-list-sharing with public, custom group, user security definitions, also backup, import/export,loadbalancing and/or ha master-slave config for replication/syncing/backup/failover-hotstandby, bookmark lists between different bookmark servers,

full ort partly covering, already existing software: http://olbookmarks.sourceforge.net/download.php http://bookie.mozdev.org/

- contact /phonebook server corporate phonebook, per - department, categories, groups, functions

- central notice/info/alert - tool, to inform users of works like maintanance,

(RSS, very simple one), aviable via undeletable button, a tray icon, displayed once at starttime,  and a tray icon indicating new/unread info, alert after x min unread once brwoser  was started as well as x numbers the brwoser was restarted within a specified time range.  

- corporate info tool: information about new documents etc. as well as categorie, audience, scope, desc. (RSS, very simple one), aviable via undeletable button as well as at starttime and a tray icon indicating new/unread info

- corporate community server/client per user current status/info, out-of-house, vacancy etc. as well as links to alternate user, online chat -client supporting jabber, irc etc. chat-servers for dev.: jabber, irc protected streams groups, rooms etc.

server: 1) corporate community a) web tree, firefox acls, provides xul based chat client, default, b) runs locally installed chat client

2) corporate chat server a) in-house run chat server, external sw. required, jabber, irc, icq support, defaults to jabber, configuration package for linux provided, b) links to remote chat server

Resources on the web

current information:

http://www.spreadfirefox.com/node/818 http://www.kaply.com/weblog/category/enterprise/ http://wiki.mozilla.org/Enterprise news://news.mozilla.org/mozilla.community.enterprise# http://www.frontmotion.com/ http://www.spreadfirefox.com/node/2292

discovered projects and addons: http://www.okob.net/projects/jabberc/, xul, 1.2a Mozilla/5.0 and JRE v1.3.1 i

http://jabberzilla.jabberstudio.org/, xul, 1.x, lc: 2005 "first off you should use a pretty recent version of Firefox (at least version 1.02, previous versions have a bug), and open this current page with the browser. Don't have an updated version?"

chatzilla: https://addons.mozilla.org/de/firefox/addon/16

needfull things: update notifier: app + add, https://addons.mozilla.org/de/firefox/addon/2098

rss - reader, https://addons.mozilla.org/de/firefox/addon/4578

reminder fox: erinnerungen - alarme: http://reminderfox.mozdev.org/faq.html