Guide to Network Management and Monitoring
Considerations for buying into a network management platformBy Denise Dubie
When looking to invest in network monitoring or management capabilities, here are some key factors to consider:
Framework vs. point product: The big four management vendors offer a lot of features across expansive product suites, but some argue the implementation time and cost is too much to handle. You need to consider what you want to manage and what features are most critical. While the term framework is supposedly dead, many vendors offer suites of capabilities that customers can mix and match. Stand-alone products can provide a quick fix for a specific pain point at a low cost.
The benefit of choosing a vendor with multiple products is integration; the downfall is getting more tools than you might need. Weigh the environment's needs against the capabilities and consider the possibility of expanding the products use for future network demands.
Active or passive: If you want to be able to configure the software to take automated actions, you will want to invest in active technologies. Active capabilities will enable software to reboot machines or restart services on device. The features require more configuration efforts upfront and often involve installing agents on managed devices, but active capabilities can help automate repetitive tasks. Active technologies also are said to eat up some processing power and space on the devices where they reside, but most technologies have a very small footprint.
Passive technologies are often used to monitor traffic and response times on devices. The tools can also work in real-time to alert IT staff of missed thresholds or performance problems, but they often do not take any action. Passive tools also involve non-intrusive traffic monitoring, which doesn't require installing agents on managed devices. Passive tools collect information and store it for several purposes, including historical trending, log management and compliance or audit requirements.
Agent or agent-based: When it comes to software agents, most IT managers would rather live with the little gremlins on their machines than opt for the alternative. The small pieces of code work with network management software to collect information from and take action on managed devices. But configuring, deploying and updating thousands of agents across client and server systems isn't appealing. And in some cases, performance and security degrade when machines become overloaded with agent software from multiple vendors.
But without agents, you would have to physically visit desktops and servers to carry out simple tasks such as software updates. That's why most IT managers choose to place a few hand-picked agents on managed machines, reducing manual effort and helping secure the machine with antivirus tools.
"There are risks in putting too many agents on any one device, so I've had to set hard limits on how many agents we send out to our endpoints," says William Bell, director of information security at CWIE, an Internet-based Web-hosting company in Tempe, Ariz. "Some people will tell you agents are botnets waiting to happen, but if you have ever tried to patch thousands of machines without agents, you know agents have their place. It's a judgment call."
Real-time or historical reporting: Many products offer both capabilities, but you need to determine how you want your network management product to report on the data it collects. Tools that report in real-time often do so for problem detection and remediation. Real-time reporting isn't actually real-time; it is near real-time and it will help you resolve performance problems perhaps before end users notice a service degradation or a failed service.
Historical reporting is more often put to use to spot usage trends and plan for capacity going forward. The data collected over time can deliver valuable information around performance patterns as well. Such information can help you tweak applications to better perform on networks or allocate resources differently to support demand.
Automated capabilities: Automation is playing a bigger part in network management tools. Many vendors automate simple tasks such as pinging devices, but you should assess the amount of automation you would be comfortable with and determine if the product can support that level of automation. For instance, run-book automation will use pre-defined scripts to resolve a known issue without operator intervention. Other products can automatically provision more resources based on application demand.
Process/workflow support: Best practices like those laid out in ITIL or COBIT help you streamline operations and better reach compliance with industry standards. Many IT organizations decide to undergo process overhauls without requiring input from vendors, but it is important when choosing a new product to ask if the vendor supports process improvements. The support could come in the form of a workflow engine that uses similar language as that laid out in process frameworks or the reporting tools could generate reports that sync with ITIL or COBIT standards, for instance.
Integration: Many management vendors use standard protocols such as SNMP or can collect Cisco's NetFlow data, but the products also have their own proprietary protocols that might cause an integration headache when you look to cobble together multiple tools. You must ask vendors to what extent they are open to integration with third-party APIs and what type of time investment is required to get the product installed and configured to meet their needs.
Pricing model: Vendors offer annual licenses, subscription services and, in many cases open source models of their software. Annual license costs would involve you maintaining and updating the software on your own. Software-as-a-service models would have the vendor hosting and maintaining the software, while you view data collected and take action on reports generated. And open source software is generally free of charge, but doesn't include the same support included in commercial software. You need to consider if you have the time and resources to install, support and maintain the software in house or if you would be better served outsourcing its maintenance.