IBM Tivoli

Mar 10 2009   1:24AM GMT

IT Process Orchestration Revisited

Posted by: Ryan Shopp
BMC, CA, enigmatic, HP Software, uc4, stratavis, Opalis, NetIQ, LANDesk, IBM Tivoli, iwave, RBA, Run Book Automation, data center automation, IT Process Automation

I decided it was time to review and make an update to the IT Process Automation, Process Orchestration, Run Book Automation, Data Center Automation, IT Process Integration, or whatever name each vendor, customer or analysts choose to call it.  Since my last update to the Data Center Automation Blueprint (DCAB) there have been some industry changes with some vendors going a different direction, other being acquired, etc.

A quick review of this space from the DCAB is first up.

Process Orchestration
Description - Cross-silo automation for mundane manual or high occurrence tasks. The capabilities are focused around helping individual technology domains (e.g., network, windows, unix, database, etc) communicate and collaborate to automate tasks that before required numerous people and passing around a trouble ticket.

Top 5 Capabilities
1) Drag/Drop graphical interface for designing process workflows
2) Common, normalized Data Model of common/primary attributes
3) Library of pre-defined, re-usable actions/triggers/processes for usage out-of-the-box (bigger the better - even a community that shares is a plus)
4) Policy/Desired-state engine driving things
5). Sandbox, simulator to help test workflows without impacting actual resources/instances within the production enterprise.

The Vendors
BMC (formerly RealOps)
CA (formerly Optinuity)
Enigmatec
HP (formerly Opsware, formerly iConclude)
IBM (formerly Micromuse Impact)
iWave Software
LANDesk (Process Manager product)
NetIQ (Aegis product)
Opalis
Stratavia
UC4 Software

So since the last update, what has been going on in the space….

It’s interesting to see Stratavia tweaking their company positioning as the “independent” choice.  Makes sense considering we’ve had a wave of consolidation with the big 4 ensuring they have coverage for this functional area, and also other well known (larger) management vendors (LANDesk & NetIQ) adding capabilities.

Optinuity was acquired by CA in October and naturally that changed some things for Opalis which had a previous OEM relationship with CA.  Opalis in turn also trumpets the “independent” choice and has gone further into talking about how this doesn’t serve the customers since those vendors are using those acquisitions to bring their own products together and not looking at it from a heterogenous standpoint of I have 5 products from 3 vendors and I need them all to work together smoothly.  One last area that I need to do some more exploring around is something I felt a year ago would eventually happen and the lines would start blurring between Business Process Management (BPM) solutions and IT Process Orchestration.  The are starting to compare/contract with BPM and also talk more Business Intelligence (BI) messaging.  It’s nice to see a vendor lay out in plain site some recommended evaluation criteria for all customers and even competitors to see…great way to set the bar.

Those are a couple key things i’m seeing at a glance…what else is going on out there.  Who else is in the space these days, what is their key differentiator versus the players listed above.  Drop you comments in below if you a vendor or a customer using one of these vendors or another one I don’t have listed.  I’ll make updates to the DCAB if it’s appropriate.

Feb 27 2009   4:07AM GMT

AlterPoint: The End of An Era

Posted by: Ryan Shopp
SolarWinds, NCCM, BladeLogic, BMC, CA, IBM Tivoli, EMC, HP Software

Well AlterPoint has found a home.  The last of the early/original NCCM (Network Configuration & Change Management) vendors, focused on Enterprise, has been acquired.  Others have come along in the later days, but AlterPoint, Rendition and Voyence (formerly PowerUp Networks) are now all part of another organization.  Rendition is part of HP Software via the Opsware acquisition, Voyence is part of EMC, and Emprisa is part of BMC.  IBM & CA decided they had a close enough solution through their Micromuse & Aprisma acquisitions respectively.  An adventure for these companies that started back in 2001ish now sees all of them part of a more holistic solutions.

In the end for my favorite of the bunch, AlterPoint (yes, i’m biased), the end wasn’t what the team along the way had in mind.  It’s great to see a home for the software that can continue to take care of some of our great customers including household names like Citigroup, Microsoft, E-Trade, Yahoo, Hertz and many others.  The acquisition to me personally brought closure but also reminded me of the great team and journey that I personally had the experience to be part of.  I spent about 4 years at AlterPoint and worked with some really great people that were amazing at what they do.  A number of those strong players these days are over at another great company in Austin that many people reading this blog may know called Solarwinds.  Others found themselves helping other network and systems management companies in Austin and beyond.  It was a great ride (at times) and in retrospect I miss those days and those experiences and hope again some day to get to work with one or more of them.  Alright, enough of that sentimental, memories type stuff.

NCCM was a great play that in my retrospective perspective was like what Firefox has done versus Microsoft.  It provided a real challenge to an established vendor that had fallen asleep at the wheel.  What do I mean by this?  Cisco and it’s CiscoWorks product line, since they own pretty much all the networking hardware market, was the incumbant.  The software was really struggling to solve the problems of it’s customers and simply wasn’t a priority to them.  Along came the NCCM vendors and soon enough that all changed.  Cisco after a few years of seeing NCCM success and hearing it from their customers, really started putting significant efforts back into their software products that competed against the NCCM vendors…they even embraced one of them and did an OEM deal with Rendition after evaluating all of us.  They learned from that and in the end they are the ones who stand most victorious from my perspective.  I think either directly or indirectly or however you want to look at it they learned more about the value of management software and it’s affect on hardware and sales in general.  From that I’m sure we will see in the upcoming month some loosely associated results when the announce their “California” Blade Server and explain more about their relationship with BMC (a.k.a. BladeLogic, RealOps, Emprisa).  This is destined to help spark and shake up the Data Center Automation market and even more the Data Center itself.  This is going to be interesting!

So one last hats off to the NCCM vendors, a final salute to AlterPoint and to all those who put in their blood, sweat and tears helping build NCCM.

RS

some news coverage links around the AlterPoint acquisition:

NetworkWorld:  Versata Enterprises acquires AlterPoint

Austin Statesman:  AlterPoint acquired by Versata

Apr 17 2008   9:58PM GMT

Performance and Availability Management vs. Analytics - Part 1 of ?

Posted by: Ryan Shopp
Network monitoring, Performance management, BMC, NetIQ, Alcatel-Lucent, NetScout, Analytics, CA, Systems monitoring, Application monitoring, SolarWinds, InfoVista, IBM Tivoli, HP Software, Quest Software, Netuitive, Integrien, NetQoS, Compuware, Fluke Networks, Network Instruments, Opnet, Entuity, Brix Networks, Keynote, Gomez, Xangati, Apparent Networks, Packet Design, Groundwork, Hyperic, Nagios, OpenNMS, ZenOSS, Firescope, Indicative, DCAB, eg innovations, cittio, nimsoft

I’ve had an opportunity to be briefed over the past couple months by a number of current Data Center Automation Blueprint’s Performance & Availability vendors (e.g., CITTIO, eG Innovations, InfoVista, Integrien, Nimsoft).  With that and some further research I think I’m ready to take another pass at this area of the blueprint.

First up, all these vendors use a variety of techniques to collect a variety of data from as many points of view as possible.

• Their own server agents that collect data about systems, services, applications, databases, etc and then aggregate back to a centralized console
• Agent-less centralized consoles that leverage infrastructure standard communications protocols (e.g., SNMP, RPC, ODBC, WMI, SSH, TCP, UDP, HTTP) to query or connect remotely to collect data from networks, systems, services, applications, databases, etc.
• Passive traffic flow collectors (which can be an agents or appliance) that are either in-line with the traffic flows or receive an exact copy of all traffic flows traversing a network connection (e.g., switch port uplink) through hardware vendor capabilities (e.g., spanning)

These data collection points can be statistics about a specific IT infrastructure resource ; physical devices, virtual devices, physical connections, virtual connections or resources running on physical or virtual devices like services, processes, applications, databases, etc.

Or the data collection points can be traffic flows or end-to-end specifics including passive traffic flows, synthetic transactions or even as simple as a pinging from remote points.

Metrics that are captured, typically revolve around throughput, errors, utilization, latency, up/down status, etc. (there are way to many to mention here).

After saying all this, there is a list a mile long of vendors (a number already noted on the DCAB) that capture these predominately time-series oriented data points about performance, capacity, availability using any/all these methods or vantage points (I know, passive traffic flows are not time-series data but patterns/usage/performance etc can be determined from them).

So, with all that data, what most these vendors offer are two primary types of functionality; 1) a variety graphical reports and 2)metric thresholding capabilities that produce a list of outstanding issues/alerts/alarms/events/concerns (whatever you want to call them).

Ok, so why did I organize and point all this out. So I can draw a line around where most of the innovation from my perspective is occurring. The above is for the most part in my eyes a commodity these days. Most companies have had collection/reporting/thresholding capabilities spanning multiple technology silos since pretty close to the start of the enterprise networking. The reports continue to get fancier, the number of data sources a single product collects from continues to expand, etc.  Another sign of commoditization is related to the variety of economic business models offering these products; open source, managed service providers, internet distributed products, appliances deployment models and indirect sales forces, large enterprise direct sales force, completely flexible frameworks for service providers to basically “build their own,” etc.

For the most part where the majority of technical innovation is occurring these days is the next layer above this data collection, reporting and alerting. Now let me say this, yes…there is some great innovation still occurring in the data collection realm (e.g., Xangati offering real-time Netflow down to a user level, PacketDesign monitoring routing messages, NetQoS leveraging advanced TCP/IP theory to analyze where end-to-end bottlenecks are occurring). But, for the most part these new data sources are being used to augment or replace currently deployed data sources in an attempt to see things from either as many vantage points or the best vantage points to avoid surprises within their unique enterprise IT environment.

So where is the serious innovation coming from…stay tuned for part 2.

Mar 17 2008   1:22PM GMT

BMC makes the big move, buys BladeLogic for $800M

Posted by: Ryan Shopp
BMC, EMC, CA, IBM Tivoli, HP Software, BladeLogic, RealOps

So BMC is the one, not IBM or EMC that decides to piece it all together.  Responding to HP acquiring Opsware (July ‘07); BMC, in less then a year, has acquired RealOps (July ‘07), Emprisa (Oct ‘07) and now BladeLogic pulling together the critical components for their DCA strategy that all tie in nicely with Remedy, Atrium etc.  Very impressive!  They have most the pieces, now it’s about execution on the vision/strategy.

So HP & BMC have acquired the major pieces, IBM has many of the pieces too, but some are showing their age versus the newer products that were acquired by their competitors.  CA has been the quietest of all players, so I would expect for them to make some moves to shore things up ASAP (but most likely at this point having to pay premiums based on previous CCM valuations).  Meanwhile, EMC has been methodically building themselves up in the hope to make a run at knocking off one of the big 4 in IT Infrastructure Management, but they still have some serious work based on the recent moves of some of the current big 4.

Data Center Automation is about to hit the major growth curve now that multiple big guys have strong portfolio’s in the game.  As predicted, 2008 is going to be hot for Data Center Automation!

Mar 5 2008   7:59PM GMT

Top Enterprise Management Tools vs. Data Center Automation Blueprint

Posted by: Ryan Shopp
Network monitoring, Performance management, BMC, DataCenter, Networkingchannel, Analytics, CA, Systems monitoring, CMDB, Application monitoring, InfoVista, IBM Tivoli, HP Software, Network Configuration, RealOps, RBA, Run Book Automation, IT Process Automation, Netuitive, NetQoS, Opnet, DCAB, Tideway

I was doing some “light” reading this morning and came upon this recent article:  Top 10 Enterprise Management Tools

It’s focused on Complete Enterprise Management, not specifically focused on the Data Center so I thought I would summarize and then compare/contrast/discuss:

• Network Fault & Performance: CA eHealth & Spectrum
• Consolidated Event Management: IBM Tivoli Netcool
• Service Impact Monitoring : IBM Tivoli Business Service Manage & Service Level Advisor
• Application Discovery Mapping: Tideway Foundation
• Business Intelligence: Cognos
• ITSM Workflow, CMDB and Service Desk: BMC Remedy ITSM and Atrium
• Network & Systems Configuration Managment: HP Automation (formerly Opsware SAS & NAS)
• Process Automation: BMC RunBook Automation

Since it isn’t data center centric, it’s light on automated management for applications & databases.  It also chooses to stay away from the very congested and sometimes confusing security/protection market.

Next up, I thought  it would be fun to do a quick mapping to the Data Center Automation Blueprint.

• Network Fault & Performance, Consolidated Event Management, Service Impact Monitoring = Availability & Performance
• Application Discovery Mapping, CMDB = IT Resource Reconciliation
• Business Intelligence = Analytics (maybe…Analytics is still a work in progress…need to figure out this vs. BSM etc)
• ITSM Workflow, Service Desk = outside of DCAB listed as Manual Task Orchestration

I was surprised not to see an End-User Application Performance Monitoring category.  These products either do their duty from passive agents on the endpoint or from data center appliances using slick algorithms, TCPIP theory, etc.  Maybe that could have indirectly been rolled under Network Fault & Performance as CA acquired Wily which offers that.  The other one missing was more towards Capacity Planning and Trending Analytics, either based off historical data like what Opnet offers or from real-time data patterns from Netuitive.

Needless to say I found it a really nice write-up and summary of those products/offerings.  The only thing I struggle with is all of the big 4 (BMC, CA, HP, IBM) are represented in this mix.  Which means you will have 4 sales guys all continously battling it out to grab more land.  This may be good from a cost competition standpoint, but it’s a real fiasco for making sure all parts are playing nicely with each other or simply managing those vendor relationships.  Bottom line, you’re always going to have at least one of the big 4 in there as they continue to snap-up the innovative smaller companies/ technologies to enhance their portfolio and offer differentiation.  So I’d typically recommend a strategy where you pick 2 of the big 4 and keep them in check versus each other while continually looking for those innovative start-up’s to fill in the gaps.  Here is an example of how you could do this using the categories in the original article.

• Network Fault & Performance: HP Network Node Manager, Operations Manager, Performance Insight
• Consolidated Event Management: IBM Tivoli Netcool
• Service Impact Monitoring : IBM Tivoli Business Service Manage & Service Level Adviser
• Application Discovery Mapping: IBM Tivoli Application Dependency Discovery Manager
• Business Intelligence: Cognos (which IBM recently acquired)
• ITSM Workflow, CMDB and Service Desk: HP AssetCenter (former Peregrine)
• Network & Systems Configuration Managment: HP Data Center Automation (formerly Opsware SAS & NAS)
• Process Automation: HP Operations Orchestration (formerly iConclude that Opsware acquired)

Or, if you want to completely rebel and go the non-big 4 route, take a look at the above mappings to the DCAB and look for a name that’s not big-4.  Example:  Network Fault & Performance: InfoVista or NetQoS

Jan 18 2008   4:14PM GMT

Digging into the DCAB’s 6 functional areas: Resource Reconciliation

Posted by: Ryan Shopp
Symantec, BMC, EMC, DataCenter, ITIL, CMDB, IBM Tivoli, HP Software

 The second up and coming area goes by many names these days.  Some call it next-generation asset management, many others call it CMDB.

I’m calling it resource reconciliation as I would like to see it extend beyond a discovery engine, IT asset database, dependency mapping and the necessary graphical topology and reports.  I also believe that these tools not only should communicate directly with the infrastructure outlined in the Data Center Automation Blueprint (DCAB) - but also synchronize and provide reconciliation capabilities with the 5 other DCAB functions.

What I’m saying is I want to make sure that all my other functional products always are 100% accurate to what my IT infrastructure contains.  There is no reason my performance & capacity products don’t know about a specific IT resource.  Nor, do I want multiple discovery engines combing my infrastructure setting off false alarms in my security products or requiring me to open additional communication avenues making the infrastructure less secure.

Here are a list of the vendors I know of, this space saw some major consolidation during  2006.

BMC
CA (Cendura acquisition)
EMC (nLayers acquisition)
HP (Opsware acquisition)
IBM (Collation acquisition)
Symantec (Relicore acquisition)
Tideway

Another area I’m researching and pondering inclusion in this category are service catalogs (e.g. NewScale)  Any thoughts or opinions on how they compare to the players/products  above?

Jan 17 2008   7:14PM GMT

What are the most desired features in IT Process Orchestration (e.g. RBA)?

Posted by: Ryan Shopp
LANDesk, BMC, NetIQ, DataCenter, IBM Tivoli, HP Software, Opalis, Optinuity, RealOps, Stratavia, RBA, Run Book Automation, IT Process Automation, Enigmatec, Scapa Technologies, OpTier

Alright, looking for feedback on this one. After talking about the players in the IT Process Orchestration space, I’m wondering what are the primary capabilities people are looking for?

Here are my top five, please feel free to throw down yours in the comments below:

1. Drag/Drop graphical interface for designing process workflows
2. Common, normalized Data Model of common/primary attributes
3. Library of pre-defined, re-usable actions/triggers/processes for usage out-of-the-box (bigger the better - even a community that shares is a plus)
4. Policy/Desired-state engine driving things
5. Sandbox, simulator to help test workflows without impacting actual resources/instances within the production enterprise.

Beyond these five core capabilities, depending on the processes you wish to automate you need to verify what interaction/communications protocols are supported (e.g., SNMP, WMI, JMX, ODBC, Telnet/SSH/FTP to CLI, XML/Web Services). Make sure they have what you need to communicate with.

Of course, it also goes without saying (just like with any commercial product) table stakes require RBAC security, reporting, logging, appropriate hardware/software requirements.

Bottom line, I guarantee if your a medium to large enterprise you have current manual processes that these products can automate for you! Reducing errors due to the mundane nature of that task, freeing up people currently doing the task for other projects or tasks and also the intangible benefit of it’s simply faster which provides better customer service depending on the process that is automated. Make this a priority in 2008 and get one of these vendors in there to help out!

Disclosure: I have no relationships with any of the vendors in this space. The comments are all made based on my personal experiences and perspectives.

Jan 14 2008   8:42PM GMT

Digging into the DCAB 6’s functional areas: Process Orchestration

Posted by: Ryan Shopp
LANDesk, BMC, NetIQ, DataCenter, IBM Tivoli, HP Software, Opalis, Optinuity, Stratavia, RBA, Run Book Automation, IT Process Automation, Enigmatec, Scapa Technologies, OpTier, GridApp Systems

Alright, back on track with our review of the 6 functional DCAB areas. We are now onto the hottest, fastest growth areas! First up, Process Orchestration or what Gartner has coined as Run Book Automation?

These products offer the ability to define, build, orchestrate, manage, monitor and report on workflows that automate specific IT intra or inter domain processes (intra = between different products for the Windows Server team or inter = between the application and network team). There are a ton of case studies and examples on most the players websites.

A couple quick examples to get a flavor include:

A monitoring product identifies a specific condition (e.g., an outage), it then checks a configuration auditing product to see if a recent change was performed for that system.

A configuration auditing product monitoring if a device is in or out of compliance notices an situation and then automatically opens a trouble ticket. Later, it notices again the situation has been resolved and it adds the appropriate details to the ticket and automatically closes it out.

Here are the companies I know about (as always, in alphabetical order)

BMC (formerly RealOps)
Enigmatec
GridApp
HP (formerly Opsware, formerly iConclude)
IBM (formerly ThinkDynamics)
LANDesk (Process Manager product)
NetIQ (Aegis product)
OpTier
Opalis
Optinuity
Scapa Technologies
Stratavia
UC4 Software
xTigo

As always, who am I missing. What are the opinions out there from users or evaluators for each platform (please chime in down in the comments section). I have personal product exposure and experience with only BMC, Stratavia. Some of the key features that I learned from those products included the value of having a normalized, common data model and “action” abstraction capabilities so you re-use previous process actions in new workflows.

Here are a couple good reviews and write-ups for further reading if desired.

Data Center Manager Primed for IT Process Automation
IT Process Automaton Overview and review of some players

Jan 5 2008   7:40PM GMT

Digging into the DCAB 6 functional areas: Security and Protection

Posted by: Ryan Shopp
Symantec, EMC, Tripwire, Configuresoft, Ecora, ArcSight, NetForensics, DataCenter, IBM Tivoli, HP Software, LogLogic, Reconnex, Vericept, nCircle, Skybox Security

The massive number of security management vendors make simply covering this portion of the DCAB a very intimidating task. So many technology approaches and different data center technology focuses (e.g., networks vs. system vs. applications etc). I’ve attempted a first pass at sub-dividing this functional area. I know that do to it’s vastness, I’m going to miss tons of vendors I already know about and also stretch the categories a little in my attempt to limit the number of sub-divisions.

Proactive Identification (proactive searching for a potential exposure point that could become a situation) which includes:

• IP Scanning - query remotely that simply requires IP address to gather information and determine if their is a potential condition of concern. Vendors include: eEye, nCircle, Nessus, Qualys, McAfee, Rapid7
• Configuration/Settings Auditing - query remotely (using credentials) or having an agent on the system to take a more details look at the configuration files, etc. Vendors include: ConfigureSoft, Ecora, nCircle, Tripwire, Solidcore, Skybox Security
• Penetration Testing - remote query attempts to actually expose or harm a data center resource. Vendor include: Core Security, HP (former Spi Dynamics), IBM (former Watchfire), Imperva, Mu Security, BreakingPoint Systems

Reactive Identification (reactive, collecting of events or watching data flows to identify a condition or re-occuring trend)

• Security Event Consolidation (aka. SEM) - unified view of events from a variety of sources with the hope that you can quickly identify a problem and resolve it sooner after it occurred, or seeing something that tells you that problem may be about to happen. Vendors include: ArcSight, NetForensics, EMC/RSA
• Information Archival & Reporting (aka. SIM) - archiving and then the analysis and mining of all that event data to identify a re-occurring situation that could be resolved. This archive is also a great resource for reporting certain compliance situation to auditors. Vendors include: ArcSight, NetForensics, LogLogic
• Data Leakage - monitoring activities or traffic flows to identify if sensitive information is being . Vendors include: EMC/RSA (Tablus), Reconnex, Symantec (Vontu), Vericept

Alright, that will have to do for now. Identity & Access Management is a whole other area but this will have to do for now. Wow, I’m really starting to realize that this DCAB was biting off more then I could honestly chew Hopefully, it will prove helpful to someone out there. When I do start to make updates the best way to manage that may be moving this to a wiki.

Quick status check, I’ve now taken a first pass on 4 of the 6 functional areas (and most of them require/deserve a return visit sometime soon). Each functional area alone probably could/would be topic enough for an individual blogger (any volunteers). I’ve also had some great recent conversations with people on virtualization, process orchestration and resource reconciliation that i’m eager to talk about. So as I’ve stated before, comments are open for anyone and everyone to add thoughts and commentary. Which vendors did I miss, what capabilities/functions did I miss as we monitor the security in our data center.

Jan 2 2008   11:10PM GMT

Digging into the DCAB 6’s functional areas: Configuration and Change

Posted by: Ryan Shopp
BMC, EMC, Configuresoft, Ecora, DataCenter, CA, IBM Tivoli, HP Software, BladeLogic, Cassatt, Scalent, Solidcore, mValent

There seem to be two key components or approaches to this functional area. Some vendors are focused on auditing & monitoring the configuration/state of a device while others are focused on that and the provisioning/deployment of configuration/software to a device. Typically, the vendors going across data center technology categories are audit-centric.

Vendors doing both Deployment & Auditing (listed alphabetical)

• AlterPoint (for network devices)
• BladeLogic (for appilcations, servers)
• BMC (for applications, servers with Marimba acquisition and networks with Emprisa acquisition)
• CA (for systems)
• Cassatt (for systems, applications, networks
• Cisco (for network devices)
• ConfigureSoft (for applications, servers)
• Ecora (for servers, applications)
• EMC (for network with Voyence acquisition, for storage with ControlCenter)
• HP (former Opsware for applications, servers, networks, storage)
• IBM Tivoli (for applications, servers)
• mValent (for applications)
• Phurnace (for applications)
• Scalent Systems (for servers, applications)
• Symantec (for servers, applications with Jareva, Altiris and storage with CommandCenter)

Vendors focused on Auditing

• Solidcore (for servers, databases, networks)
• Tripwire (for servers, databases, networks)

Vendors that do both primarily for desktop’s which extends to provide some server configuration and change capabilities for the data center

• Avocent (from Landesk acquisition)
• Lumension (former Patchlink)
• Microsoft (former SMS product)

Just as with my previous post on Performance & Capacity I’m not done with this one. I started going through the laundry list of vendors in the “virtualization” space but simply ran out of my allocated time for today. So I’ll pick back up on it at a later time