Professional Documents
Culture Documents
Champagne Monitoring On
A Beer Budget
by Jean-Pierre Garbani and Evelyn Hubbert
EXECUT I V E S U M MA RY
At some point in time in the life of a growing IT organization, the question of monitoring the distributed
infrastructure is bound to arise. Whether it’s a shift from a mainframe-centric infrastructure or the
result of a growing business, there is a critical point at which staff skills alone are no longer enough
to manage incidents and problems. At that stage, the choice is to either go with one of the four major
vendors, guaranteeing that all the future management needs will be covered, or to use a best-of-breed
solution for the problem at hand, which leaves the future questions open. Usually, best-of-breed
solutions, while limited in scope, cost less in terms of license and installation (the beer part), but
they don’t “integrate” easily with other complementary solutions to provide an overall effective IT
management scheme (the champagne part). In reality, a combination of process and technology may
help overcome this integration hurdle and provide cheap, but excellent, champagne.
TABLE O F CO N T E N TS N OT E S & R E S O U R C E S
2 The Needs Of A Growing Enterprise Forrester interviewed 13 companies, including:
4 Avoiding The Potential Pitfall Of ITIL BMC, Heroix, iConclude, Microsoft, NetIQ,
4 A Process-Centric View Unlocks The Benefits Opsware, Opalis, ProactiveNet, Quest, RealOps,
SolarWinds, ServicePilot, and Zenoss.
Of ITIL
6 IT Process Automation Products Simplify
Related Research Documents
Integration “SWOT Analysis: HP OpenView, Q4 2006”
7 Product Choices November 9, 2006, Market Overview
RECOMMENDATIONS “SWOT Analysis: CA, Q2 2006”
11 Low Cost And High Effectiveness Are No May 24, 2006, Market Overview
Longer Mutually Exclusive
“SWOT Analysis: IBM Tivoli, Q2 2006
WHAT IT MEANS
May 24, 2006, Market Overview
11 This Is No Longer Rocket Science
“SWOT Analysis: BMC Software, Q2 2006”
ALTERNATIVE VIEW
March 27, 2006, Market Overview
12 Large Vendors Provide More Intelligence
“The Forrester Wave™: Service Desk Management
Tools, Q1 2006”
February 17, 2006, Tech Choices
© 2006, Forrester Research, Inc. All rights reserved. Forrester, Forrester Wave, WholeView 2, Technographics, and Total Economic Impact are
trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. Forrester clients may make one
attributed copy or slide of each figure contained herein. Additional reproduction is strictly prohibited. For additional reproduction rights and
usage information, go to www.forrester.com. Information is based on best available resources. Opinions reflect judgment at the time and are
subject to change. To purchase reprints of this document, please email resourcecenter@forrester.com.
2 Tech Choices | Champagne Monitoring On A Beer Budget
TARGET AUDIENCE
IT infrastructure and operations professional
· Critical applications have been hosted on mainframes. Major revamping of user interfaces
through tools like J2EE application servers, presence on the World Wide Web, and packaged
applications, such as customer relationship management (CRM) and human resource
management (HRM), multiply the number of distributed servers until it reaches the critical
mass.
· The enterprise grew faster than its management capabilities. Companies with a relatively high
growth rate can multiply the number of servers during a period of several years, but not fast
enough to the point where management is a crucial issue right at the company’s inception. The
buildup is gradual enough so that nobody thinks that monitoring is an issue, until probability
takes its toll.
There are other paths that lead to the same result — the number of calls from end users and the
lack of proper tools to support an operation center create customer dissatisfaction and distract staff
from normal tasks. At that stage, one must look for a solution that would provide application and
infrastructure monitoring, with some level of root cause analysis and event filtering. Here, again,
the solution features may vary from enterprise to enterprise, such as a function of the geographic
dispersion that would command a stronger focus on networks, or the need to manipulate tons of
data that would put the accent on databases and server performance.
Sticker Shock
The management software market is dominated by four large vendors: BMC Software, CA, HP
OpenView, and IBM Tivoli. These large enterprises are a bit like haberdasheries, where all of your
clothing needs are covered from head to toe under the vigilant eye of a person with excellent taste.
Of course, all this luxury comes at a price. On the other hand, there is the possibility to shop for
each individual piece of clothing, relying on your own intuition and making significant savings in
the process. This analogy leads us to believe that: 1) using major vendors guarantees the result, and
2) we will gain precious time by having a single vendor cater to all our needs. Experience shows that,
in reality, the haberdasher does not have good taste and that fitting the proposed clothes takes an
enormous amount of time.
Basic monitoring functions for 300 to 500 servers, from one of the major vendors, are million-dollar
propositions. Because these solutions integrate with other pieces in the vendors’ catalogs, they are
complex and difficult to install and require a fair amount of resources to deploy or upgrade, even
though much progress has been made during the past five years by using agentless technologies and
incorporating best practices.
Because monitoring is one basic component of infrastructure management (itself only one
component of IT operations management), astute vendors stress the integration point across
infrastructure technologies, as well as across management disciplines, as a deterrent to alternative
point solutions.
This is, indeed, a very valid objection to point solutions. Since the dawn of IT, we have endlessly
pursued solutions to interprocess communication. By nature, a process in a machine uses space that
cannot be shared with other processes. In the past, many solutions were devised to resolve the issue,
mostly belonging to two families of solutions: 1) using a common data store, or 2) using some kind
of interprocess messaging. Since point solutions usually have proprietary data formats and do not
follow established standards — except for Simple Network Management Protocol (SNMP), which
has a limited reach — integration between solutions has to be stitched by hand, finally creating a
custom ensemble with all the long-term ownership issues inherent to bespoke solutions.
Enterprises seem to be left with a pay now or pay later choice: Use an expensive integrated solution
that frees them of future worries, or acquire a cheaper solution that will require replacement or
integration with other solutions in the future.
· ITIL provides information structure. The difference between an ITIL-based approach and
a traditional, technology-oriented one is the difference between top-down and bottom-up
strategies. While the former defines the information requirements from the overall objectives
of the process, the latter defines de facto processes from the information available at the
technology level.
· Process automation and XML provide the magic integration sauce. The introduction of
process automation solutions such as RealOps, Opalis, or iConclude provides significant
progress by: 1) providing the ability to control and launch relevant operations represented by
different point products, and 2) passing relevant data between these products, thus resolving the
interprocess communication problem.2
· Technologies define separate fiefdoms. IT organizations are often compared with feudal
systems, in which independent and domain-oriented groups enforce loosely coordinated
processes. This promotes parochial and protective attitudes that enterprises seek to resolve by
using service-oriented management products such as business service management (BSM), and
by improving the process structure.
· Vendors are happy to oblige with products to match. Unfortunately, this divide-and-conquer
attitude to managing technologies separately is encouraged by management software vendors
—their clients are the “competency silos” of IT and their products are what their clients expect:
domain-specific. Such products do not lend themselves easily to a service-oriented view or
to the support of ITIL processes. They often offer breadth of information as well as depth of
information, thus bridging several management processes and promoting the need for a tight
integration.
Defining the information needed for each step of a typical ITIL incident management process, and
what information needs to be passed between these steps provides two precious data points: 1) the
requirements for monitoring products, and 2) the type and level of communication that is needed
between these products. By conducting a top-down, process-driven analysis, we are actually able to
show the real requirements and separate reality from legend (see Figure 1).
These automation solutions help coordinate management applications and pass information from
one application to the next using supplied integration modules (see Figure 2). The main difference
with using these solutions as an integration framework is the absence of a common data store.
While the use of a common data store for all collected data is one of the linchpins of integrated
suites, it is often not necessary when we look at how people work throughout a given process.
For example, the operation center’s role is to receive alert, identify, and characterize the incident. In
fact, it must prepare the work of the person who will analyze the incident and prepare its resolution.
This person, who is often referred to as “level 2” support, has different needs from the operation
center, or “level 1” person, and in many instances will use a different, more “forensic-oriented”
product to analyze the issue. In this case, the benefit of a common data collection and data store is
simply to avoid the proliferation of agents on the infrastructure components. Recent solutions based
on agentless technologies will avoid the agent proliferation problem altogether.
Process
Identify root cause automation Determination tests
PRODUCT CHOICES
To make the process-driven approach more concrete, we have assembled a nonexhaustive list of
products that could provide the information required by an incident and problem management
process. Three components are required: 1) a monitoring solution that provides infrastructure
monitoring data and potentially some root cause analysis; 2) a help desk solution; and 3) a run book
or operational process automation solution that will provide automation and integration between
the solution components.
Monitoring
When it comes to IT infrastructure — servers, applications, databases, and networks — it is vital to
have tools to monitor key performance aspects in real time and over time. The following monitoring
tools are possible choices:
· ProactiveNet relies on strong analytics for root cause identification. The monitoring
solution of ProactiveNet collects and correlates performance data in real time across the entire
IT infrastructure, spanning application and Web servers, operating systems, network devices,
databases, and applications or in-house scripts. This data serves as basis to identify the root
cause of performance problems. The tool sets intelligent thresholds through learning the above
and below baseline abnormalities across the different infrastructure components. This input is
then used to provide alarms to the IT operations team. The monitoring solution is an agentless
solution.
· NetIQ manages from an application perspective. The AppManager Suite centrally manages
the health, performance, and availability of applications across Windows, Unix, Linux, VoIP,
and network devices. An SNMP tool kit allows the monitoring of other systems and devices.
Agents are installed on the managed nodes which inform the management server about issues at
the managed nodes. This data is stored in a repository that sits on the management server.
· Quest Software presents a comprehensive monitoring suite. The solutions from Quest
are threefold: application management, database management, and Windows management.
Application management is done via Foglight. Agents collect and correlate data from all
aspects of the application and store it in a database for analysis and/or reporting. The database
management tools cover the entire life cycle from quality and optimization to performance and
availability and change and configuration management. The Windows management tools are
solely focused on the entire MS Windows environment with all its subsets. Examples are MS
Exchange Management, Active Directory Management, and SharePoint.
· Nagios provides basic network monitoring. Nagios is an open source network monitoring
tool which runs under the Linux operating system but can also run on most Unix systems. It
monitors network services such as Simple Mail Transport Protocol (SMTP), POP3, etc., and
host resources such as processor load, disk and memory usage, log files, etc. “Plugins” allow
for the development of customized host and service checks. All these devices monitored send
a status check back to the administrator. Nagios also monitors environmental factors such as
temperature. The tool comes with reports and a variety of alerting mechanisms (email, SMS,
instant messaging, etc.).
· Open NMS is a traditional infrastructure monitoring tool. Open NMS is an open source
network management platform which provides enterprise-grade network management. It
supports the monitoring of large number of nodes from one single server. Key features include
automatic discovery, detecting new services on new and existing nodes, and gathering response
time and performance data. The engine is rule-based which allows for customization.
· SolarWinds is the best-kept secret of network management. The Orion Network Performance
Monitor, with additional Orion Modules, allow for the monitoring of IT infrastructure. Orion
Network Performance Monitor uses standard MIBs and protocols to monitor the network
without requiring agents. It automatically discovers routers, switches, servers, and other devices
within the network. The alert engine is configurable for different network scenarios as well as
different alert actions.
· Zenoss looks like a strong competitor for large frameworks. Combining open source and
other sources, Zenoss Core is a complete solution that monitors all components, including
applications, at the event, performance, and configuration level.
Many other solutions are available on the market. Among the potential vendors to look at are
Argent, Ipswitch, and RedHat.
Service Desks
Service desk tools — also known as help desk tools — are often the first time business users have
contact with IT services when something does not work as expected. The two main parts of a
service desk solution are the management of incidents and the communication of the resolution to
the existing incidents. Some available service desk tools:
· BMC Software has expanded its solutions with Magic. BMC Service Desk Express Suite
(formerly Magic Service Desk) is a service support solution for midsize businesses. This browser-
based tool automates help desk support functions for both the help/service desk administrator
and the employee or client. It provides self-service ticketing, service management, asset
management, and, most importantly, an automated way to manage and track issues and their
respective resolutions which users of the IT service experience.
· IBM has also acquired a service desk. IBM’s recent acquisition of MRO Software with
its Maximo Enterprise Suite provides both a service desk component to the IBM service
management portfolio and support for service requests to its solution. The IBM Tivoli Service
Desk closely aligns IT operations and the business by improving IT service support and
delivery performance. The IBM Tivoli Service Desk supports self-service requests for incident
and problem management and it ties into contract management and procurement. It also
manages the intersection of users and IT operations, helping ensure the smooth transition to
IT operations, where change and configuration management, release management, and service-
level management are all managed. IBM Tivoli Service Desk is a Web-architected J2EE solution
with advanced business process management that is based on SOA, Web services, and XML.
The other important pieces of the Maximo Enterprise Suite are its asset and service management
and SLA Manager components. Service management provides end users the ability to track
their service requests, whereas the Maximo SLA Manager allows maintenance organizations to
manage the entire SLA life cycle.
Process Automation
Process automation functions as an integration tool between monitoring and service desk solutions.
Many of the available solutions leverage best practices such as ITIL or internally established best
practices. The following is a list of some available process automation tools:
· Opalis is one of the pioneers of process automation. Opalis Integration Server integrates,
orchestrates, and provides workflow between different management tools, applications, and
infrastructure components. It updates existing configuration management databases (CMDBs)
with the changes in configurations, and updates service desk applications with the necessary
process details. Its integration packs extend automation to systems management applications
that are monitoring solutions, as well as service desk solutions, data protection solution,
virtualization, and provisioning software and other tools (for example, Cognos).
· iConclude is a more recent, but potent solution. OpsForce is a data center automation
solution tool which sits between the existing monitoring solutions and the service desk solution
and executes predetermined resolution procedures for alerts and incidents. Predetermined
resolutions are automated procedures such as alert acknowledgement, trouble ticket creation,
running troubleshooting tests, taking repair actions, and closing tickets with clearing the alerts.
The OpsForce Studio tool is used to create these automated processes, and the accelerator packs
provide flows and out-of-the-box processes that are built on ITIL’s best practices. Opsware
has announced a partnership with iConclude to automate the different processes related to
the Opsware product line. The concept is similar to BladeLogic’s, as is the name Orchestrator.
Currently, iConclude supports HP OpenView for Windows, BMC Remedy, Mercury SiteScope,
and Microsoft MOM and SMS.
R E C O M M E N D AT I O N S
Smaller and innovative upstarts have produced more targeted solutions, usually at a lower
price. However, firms fearing future integration issues are sometimes reluctant to opt for “point
solutions.” The advent of operational process automation and integration products such as
RealOps, Opalis, and iConclude change the parameters of the choice. It is now possible to provide
a level of communication and automation between diverse solutions without getting into
extensive in-house customization. The best practice:
W H AT I T M E A N S
A LT E R N AT I V E V I E W
ENDNOTES
1
A UK government agency published the first ITIL document in 1992 for use in the public sector. The library
contained books of guidance on the processes within IT service management and covered help desk, plus
problem, change, service-level, and configuration management, based on a best practices approach.
2
Extensible Markup Language (XML) is a simple, very flexible text format derived from SGML (ISO 8879).
Originally designed to meet the challenges of large-scale electronic publishing, XML is also playing an
increasingly important role in the exchange of a wide variety of data on the Web and elsewhere.
40714