November, 2007

Month in Review - November 2007

This is something I’ve seen from other bloggers that I decided early on I wanted to do. First, it offers a way to consolidate a group of thoughts in a digestible manner and second, it allows me to self-review myself on what I covered over the month, review feedback, plan ahead for next month, etc.

Overview and Goals for this blog - The launch/kick-off post that outlined what I plan to cover over the days ahead

Development of new Reference Models for Data Center Automation
Building out a reference model for data center monitoring/automation - Part 1 brainstorming notes as I begin to build out a reference model for Data Center Automation to help drive/organize the postings and coverage this site focuses on.
Reference model build out, take two - Part 2 brainstorming, reviewing land learning lessons from ITIL & FCAPS models.

Data Center Automation: Change Management
Managing server/application configuration management - quick take - Brief mention of server virtualization automation/management companies
Recent news in managing server virtualization - update on activities around the virtualization management vendors
Microsoft continues it’s drive into the data center - insights around the launch of their latest updates to Systems Center
Why note AlterPoint, NCCM continues to consolidate? - Quick soapbox on the Network Configuration & Change Management space sparked by the Voyence acquisition by EMC.

Data Center Automation: Security Management
Automating security, risk & compliance for your data center - Discussion around products that help automate making your data center more secure.

Data Center Automation: Resource Management
How to be a network admin god? - Network inventory, asset, resource, CMDB (pick your term) tool that I had the chance to review from the open source sector. Open-source has it’s place in Data Center Automation to.

Data Center Automation:  Process Management
IT Operations Process Automation - aka  “Run Book” continues to mature - review of players in this emerging automation area.

Data Center Automation: Performance Management
Activities in Application, System & Network Performance Monitoring - Talk about InfoVista and Solarwinds

Data Center Technologies: Virtualization
Virtualization in data center, drumbeat keeps getting louder - everyone is jumping on the bandwagon
New Data Center Survey Results - hard numbers about server virtualization growth plans.
So I need to get back on track and hopefully during December finish up the  reference model.  I’ve also noticed no coverage so for for availability management.  Need to take care of that to as I know I’ve seen things from IBM, CA, HP, BMC and others about their Manager of Managers (MOM) products.

Recent news in managing server virtualization

I still haven’t forgot my previous promise to talk further about system virtualization automation. I’m still researching and formulating my perspectives on the space. Meanwhile, here is some recent news and traction from the vendors.

Cassatt - launched a new version and updating positioning around their product offerings. Taking more a “green” slant to their positioning, they still automate in the data center key tasks on systems.

Scalent Systems - have stuck OEM relationships with EMC, HP and Unisys which shows very encourage momenteum for the space!

others have been quiet since their announcement at VMWorld back in September.

PlateSpin - September product launch.

Veeam - September product launch.

Vizioncore - September product launch.

IT Operations Process Automation - aka “Run Book” continues to mature!

This is an area I haven’t hit on yet but will also need to fit into the reference model (that one of these days I’ll get back on track)

Lots of action what Gartner and others are calling Run Book Automation or RBA!!!  So let’s summarize the latest.

Optinuity launched a new version of their product that has also been re-branded. Attempting to elevate and differentiate itself beyond the other RBA vendors through re-focusing their primary target audience (from IT Operation Executives to Enterprise Application Executives) and adding specific functionality to provide a self-contained (not reliant on IT Operations) closed loop, automated process (e.g., application monitoring).  The goal, per talking with CEO Scott Stouffer, is to get as close to the enterprise applications themselves as possible (e.g., the teams that develop and/or perform the advanced support/administration for them).  One example discussed was a unique “locked account” scenario that was happening thousands of times a month and thus wasting hundreds, if not thousands of man hours a month!

Opalis launched a new version of their product (version 5.4) which includes some intriguing enhancements in the areas of automating virtualization and the ability to run simulations of process automation workflows prior to deployment in the live environment. They also continue to sport a very impressive list of out-of-the-box IT Operations centric connectors for products/companies that don’t have a process automation product including; BladeLogic, EMC, IBM, Microsoft, Symantec along with support for various product from the other big 4 vendors that do have competing products (e.g., BMC, CA, HP).

HP announces their re-branded suite that includes the former iConclude product HP has so many pieces for automating the data center (beyond the RBA capabilities)…the question now is can the execute on it’s organization (e.g., product bundling/branding), integration (e.g., focus on delivering the right use cases end-to-end) and deployments (e.g., making this all come together inside complex enterprises).

BMC made their move into this space back in the summer time (July) with their acquisition of RealOps. They re-branded this product as BMC Run Book Automation and are using it to tighten up and automate the process flows between their other products; Remedy, Atrium, Marimba, etc. Of course you can still use the platform to integrate with non-BMC product but they are going to focus on their own product line.

NetIQ recently threw their hat into the ring also. Now a subsidiary of Attachmate, they built their solution internally over the past couple years (prior to BMC or HP joining in). Their focus appears to be, in my opinion, around helping ensure their product AppManager stays competitive with other System/Application monitoring vendors (e.g., BMC, HP, IBM, CA, Microsoft). The challenge will be that the service desks they would integrate with are part of companies that now also offer this Run Book Automation technology. So basically, if your a current NetIQ customer and happy then you now won’t be as motivated to go to BMC or HP who own all three components (e.g., system monitoring, process automation and service desk).  Smart strategy move to continue innovating and keep current customers happy.

Stratavia also announced their latest product release in October.  Originally more focused on automation tasks for databases, they continue to evolve their product to be competitive with the other non-database centric but more system/applications centric vendors.  This database automation functionality evolved from their original business model of being a managed service provider for remote database management (at that time they were called ExtraQuest).

To that point, it’s amazing how many of these RBA or IT Process Automation companies come out of operational businesses.  Stratavia was original a managed services provider, RealOps came out of the consulting ranks from Windward Consulting.  This makes sense with various Data Center Automation function…they are very complex and challenging tasks that originally are tackled with service-based approaches only then to be automated with software.  Beyond this RBA sector, another couple vendors that started from similar origins would be Opsware (originally a managed service provider) and BladeLogic (whose founder were previously responsible for operating the infrastructure for a managed service provider)

I also read in a recent Forrester report by Jean-Pierre Garbani that the first market sizing forecast for the IT process automation software space is about $50 million today, but forecasted it to grow to about $700 million by 2015.  Now that is some SERIOUS GROWTH!

One last item, I want to give credit where credit is due to a former boss, colleague and friend Dave Williams who is now at Gartner.  I remember him talking about this space looong before anyone else!  That is recognized in this write-up by internetnews.com. When he left AlterPoint back in February 2006 I remember talking about these products over lunch a number of times.  I had the chance to work closely with the RealOps executive team when AlterPoint built a partnership and integration with them.

So if you have a very, very complex IT Operations environment or are seeing skilled people doing very unskilled/mundane tasks over and over and over…it’s time to check out one or more of these vendors!

So what other “Run Book Automation” vendors are out their at what have been your experiences so far with their products, the company itself and their partners???  Please chime in with your comments as I know their are a ton of people evaluating and using these products these days!

New Data Center Survey Results

Great survey to read through that was conducted by TechTarget’s SearchDataCenter.com called “Data Center construction is booming”

<snip>

Conducted in May 2007, the study found that over the next 24 months, more than 80% of U.S. companies plan to expand their data centers.

The desire to consolidate has led the overwhelming majority of those planning new data centers to include server virtualization in their plans. But in general, new data centers will be technologically different from their predecessors.

Respondents plan to implement a host of new technologies in their new data centers (see Table 1). More than 85% plan to implement server virtualization.

<snip>

Bottom line, more fuel for the data center automation fires!

Virtualization in data center, drumbeat keeps getting louder

As mentioned during our Microsoft thread last week, Virtualization and the management of it is something all vendors are already doing or starting to offer. It’s been and continues to be the hot new technology “thing” in the data center automation space that nobody wants to not have “an answer” for. SUN, a traditional player in the data center just announced their latest activities last week.

<snip>

New hypervisor and management tools will be released to the open-source community, CEO Schwartz promises. Sun Microsystems, joining a growing group of companies that are building their own virtualization software, has launched a new virtualization and management platform designed fro the data center of the future.

<snip>

No matter if the vendor is big, medium or small - optimizing and automating the data center continues to gain major attention and momenteum. It seems like every time I turn around i’m reading more about server optimization through virtualization or WAN optimization through application acceleration appliances (e.g., Riverbed, SilverPeak, Expand Networks, Exinda and some of the bigger guys like Cisco, Juniper)

Article snip referenced above is available in it’s complete version here Sun’s New Virtualizatino Manager Supports Windows, Linux

**Update** Just came across a very well written article that captures/builds upon the essence of this blog post - “Hypervisor battle glowing red hot“

**Update2**  Just came across this blogger & blog posting while I was searching around last night doing more research related to this topic.  I just laughed so hard I was almost crying :)  Meanwhile, it looks like John is a trainer on Tivoli products and an advocate of open source so I’ve added him to my blogroll.

Microsoft continues it’s drive into the data center

Not to be ignored, Microsoft continues to march towards becoming a serious player in the data center automation space. Still of concern remains their holistic focus on of course Microsoft products. I know they have a strategy (connector, partner oriented) but… The reason I believe it continue to become a player is 1) depth of capability and details for the Microsoft components of the data center and 2) very affordable price point compared to other vendors (e.g., hundreds to thousands of dollars…not tens to hundreds of thousands of dollars)

Anyways, this week in Barcelona, Spain at Microsoft TechEd Forum 2007 they announced three new major products to be aware of.

System Center Configuration Manager 2007 -evolving the original SMS product beyond desktop and focusing it on primary configuration, software deployment, inventory, etc. automation in the data center.

System Center Data Protection Manager 2007 - file system & database (e.g., SQL Server) backup/restore capabilities

System Center Virtual Machine Manager 2007 - just what the product name leads you to believe, this product is about automating the provisioning and management of virtual machine instances on physical systems.

These join previous products:

System Center Operations Manager 2007 - previously known at MOM (Microsoft Operations Manager) which as roots back to an OEM relationship with NetIQ for monitoring servers/application/etc.

Systems Center Capacity Planner 2007 - planning/design tool as you prepare to deploy Microsoft application/products (e.g., Exchange)

Red Monk, a blog I watch, has been at the forum providing coverage for Microsoft. Here is a nice write up and video interview. Also, there are a ton of articles being written out there with more depth and perspective then I’m going to cover here. The point to mentioning things was - keep an eye on Microsoft, they are serious and getting more serious in Data Center Automation.

Update: As I was doing more research I came across a great set of resources and also a presentation by my friend Robert Reynolds who is a Senior Product Manager over at Microsoft in the Systems Center Group. His presentation on Operations Manager is here. A number of other videos, whitepapers, etc are available on TechNet for System Center.

How to be a network admin god?

Simple, take advantage of FREE but powerful tools to do your job better/faster/easier! Then share these cool tool finds with your friends.

I had the chance to take a look at ZipTie, a free network administrator “cockpit”, over the weekend. The utility, available for download from www.ziptie.org, is part of a growing open source movement in network and systems management. I recommend putting aside 60 minutes over lunch one day to download and check this out while you ‘re eating your sandwich.

The best comparison I can make around current ZipTie capabilities would be to imagine PuTTY or SecureCRT on steroids.  NOTE: you need to have credential password access to the network devices to get the value I’m going to talk about from here on out…so if you don’t have those rights on your network devices then this may not be for you. Below is a quick screen shot that shows the primary cool features I’m going to hit.

What is so impressive about this desktop utility is it’s simplicity. Download, install, discover and now you have a personal inventory list (e.g., routers, switches, wireless access points, application acceleration devices). From that device list you can take a variety of forensic or troubleshooting actions when you need to:

• telnet/ssh
• ping
• traceroute
• nslookup
• SNMP MIB walk
• Port status
• Interfaces status
• View current configuration files (search it)
• Compare to historical configuration files
• NIPPER (a really cool configuration auditing tool that analyzes your configurations for vulnerabilities)
• and much more…

If you don’t see a tool that represents a current script you typically use when you’re troubleshooting, no worries. You can build one (remember this is open source) or if that’s not your forte, head up to their user community, post the current script you use and ask for someone else to help build it. Same thing goes with making sure ZipTie has support for the network devices you need. Say for example you have some firewall that it seems no other network management vendor supports, not a trouble for ZipTie. There is a “how to guide” to build it yourself or again, post up to the community and ask for help! Also, while your up on the site, check out the other capabilities the utility offers while making sure you review their complete road map which they publish.
It’s amazing how far network management has and still is evolving. Functionality like this would have cost an enterprise tens if not hundreds of thousands of dollars less then 10 years ago. This will be another angle to consider as I get back on track and continue to build out the Data Center Automation Taxonomy I’ve been working on. Just wanted to take a moment and share this find.

Full disclosure: I worked for AlterPoint over a year ago. This ZipTie initiative was just about to start when I left. This was my first chance to check it out and since I was so impressed I felt compelled to share my perspective.

Automating security, risk & compliance for your data center

Time for a quick side bar from our reference model discussion.  Just wanted to make a quick, timely mention for a space that’s is evolving currently called IT Governance, Risk & Compliance Management or “IT GRC” (as defined by Gartner, Forrester, EMA, IDC).  This is an emerging space that helps enterprises automate their data center and beyond for IT related risks and also helps leverage that automation for reducing the overall cost in proving compliance (which to date has been traditionally been done through lots of manual labor, e.g., consultants).

So what exactly do these product do?  They provide a top-down approach to organizing your IT security management program and initiatives.  You establish your goals (hopefully making sure they are aligned with the overall business goals) and then leverage three primary automation engines to status those goals:

1. Automation of the interview process for security controls that can’t be tested with software instrumentation.  Build and distribute with workflow automation web surveys to ask system, application and network owners various process, procedure and administrative IT control status questions.  These are traditionally called non-technical controls in the security world since there isn’t a way to have software automatically gather the information.
2. Automation for previous audit reports or for external auditors through a data entry workflow where they take their physical (face-to-face) interview results and input them into a centralized content management system
3. Automated connectors that gather and normalize controls, resources and scoring data from security monitoring products (e.g., vulnerability scanners, configuration/policy managers,  and any other security software product that automate technical controls).

Now, with all your technical and non-technical controls automated into a normalized, centralized model you can view your Key Performance Indicators (KPI’s) and how they are ranked/mapped against the overall business goals.  Also, it’s a unified location to point your auditors saving you team time and frustration.

Really cool stuff!  This area is still up-and-coming but something to keep and eye on.  Of course I have a bias as a company I’m working for, Securityworks, just launched the company and their latest version of the product.  Securityworks isn’t the only vendor out there with this vision.  Venture capital has recently been pouring into the space with companies like Agiliance, Brabeion, ControlPath, Compliance Spectrum and more coming to market.   For some more independent background on the challenges these solutions automate I would recommend checking out a great power point presentation from Forrester’s Khalid Kark.

Bottom line here, which we will discuss more as we get back into the reference model thread, this is a great solution for larger enterprise’s that have made investments in security monitoring products but still aren’t able to make the auditors happy or answer key business questions like”how secure are we.”

Reference model build out, take two

So a quick continuation note on my recent post related to pulling together a reference model for automating our data centers.  Once I get the Data Center Infrastructure categories set it’s going to be very important to build out the actual Data Center Automation categories.  In the previous post I mentioned Performance, Fault, Configuration & Security - which functionally are part of a now defunct reference model initiated many moons ago.  My friend Glen O’Donnell recently wrote about this on his blog R.I.P. FCAPS.  He is a proponent of ITIL as the replacement for that.  I’m familiar with and have worked with ITIL previously, so let’s take a quick look at what it may add to my Data Center automation categories.

There are 11 functional domains that are core to ITIL, here is a link that describes each of the below items in detail.

1. Service Level Management
2.  Capacity Management
3. Contingency Planning
4. Availability Management
5. IT Financial Management
6. Configuration Management
7. Problem Management
8. Incident Management
9. Change Management
10. Service / Help Desk
11. Release Management

Reviewing these areas points out a major hole I missed in my first post on this topic.  A CMDB - no matter what you call it (e.g, IT Asset Management, Inventory) is an automated, up-to-date, capability to have a fresh view of all IT assets and their relationships.  Not only is it needed to make decisions but also is a core component of course for configuring your Fault, Performance, Configuration & Security automation solutions.

Another area I need to put more thought into is if/how to incorporate the people/process side of things (e.g., Help Desk/Ticketing).  My desire for this model is what it would take to approach the utopia of “lights out” data centers through automation.

Next time on this topic I’ll tackle the above questions and also look at eTOM from TMN (another model I’ve worked with previously).  But that will have to wait till next week.  Here is a quick note I came across on the internet that compares eTOM to ITIL.

Building out a reference model for data center monitoring/automation

So as this blog is just getting rolling I’m quickly realizing I need to come up with a graphical reference model, key approaches and metrics to reference. So to get that process started, i’m going to brainstorm some items here and hope to get some feedback on areas I should make sure I don’t forget. I’m not trying to re-create the wheel here but in my experience with ITIL, FCAPS, TMN, OSS, etc I still haven’t found a model that is technical enough to capture the essence of the challenges I’m solving - while not so technical I get lost in the weeds. I’ve see 50,000 foot views and I’ve seen 10,000 foot views but I’m aspiring to find something that is at the 30,000 foot level.

Data Center Infrastructure categories:

• Network Connectivity: Routers, Switches, CSU/DSU, WiFi
• Network/Application Optimization: Load Balancers, WAN Optimizers
• Network/Application Security: Firewalls, Intrusion Prevention, Data Leakage
• Application Servers: Windows, Solaris, Linux, Virtualization
• Applications: ERP, CRM, Web, Databases, VoIP, Streaming Media (may need to break this down further)

Data Center Automation categories

• Performance/Capacity Management - throughput, processor usage, memory usage, latency
• Event/Fault Management - availability, consolidator of all alerts/messages into single pane of glass
• Configuration/Software Management - upgrades, functionality changes, deployment, provisioning
• Security Management - vulnerabilities, intrusions, leakage

The first area I’m thinking through is Performance Management where you gather key metrics over time to assist in the identification of current or future performance hindering situations that may ultimately result in productivity or revenue losses by an enterprise.

Key Performance Metrics

• Basic (all components in the Data Center should provide these): Processor Usage, Memory Usage, Throughput, Latency
• Advanced (will be unique/specific to each Data Center category): Bandwidth savings (e.g., WAN optimization), Transaction failures, page faults, etc)

Point of View for actual metric

• System-centric - something specific to a Data Center infrastructure category (e.g., processor utilization)
• Flow-centric - something watching transactions end-to-end at some point in the infrastructure (e.g, VoIP transaction, DNS resolution request)

Then the last area to consider and discuss are the methods by which this information is gathered; proprietary agent, agentless, hardware appliance, leveraging an established vendors agent, etc. Certain information may only be available through certain methods. Those method may or may not be an option for use depending on the enterprises’ business requirements. I’m going to need to come up with a way to organize/categorize these based on business uses (e.g., NetFlow, RMON2, SNMP, WMI, RPC, XML, Proprietary)

So stay tuned as I work to pull this together over the days ahead. Once I’ve hashed out this model I hope to provide a taxonomy of vendors and how they map to each. Once we have that in place then it will be time to start going through best practices and methodologies around evaluating vendors to meet you company’s individual business requirements.

As always, please provide feedback, thoughts, ideas as we build this out.  Note to self:  This is currently centered on managing the IP portion of the Data Center, not inclusive of power, space, non-IP storage, etc…once I get the IP portion down I hope to extend into those areas.