Please subscribe to the <a href=”http://itknowledgeexchange.techtarget.com/data-center-automation”>RSS feed for Adventures in Data Center Automation</a>
<img src=”http://itknowledgeexchange.techtarget.com/data-center-automation/files/2008/02/data-center-automation-reference-model4.jpg” alt=”Data Center Automation Blueprint” />
<b>6 Functional Areas (each section discussed below)</b>
<li>Resource Reconciliation (aka CMDB)</li><li>Process Orchestration (aka RBA)</li><li>Analytics</li><li>Performance & Availability</li><li>Security & Protection</li><li>Configuration & Change</li>
Description – Automation that captures a complete view of all IT resources, assets, services etc. and their relationships, layers 1 through 7. This comprehensive view of all IT resources is the “record of truth” and needs to always be 100% accurate. Once in place, this is the hub of information that keeps all other monitoring and management solutions on the same page so nothing is missed or overlooked.
Top 5 Capabilities
1) Comprehensive discovery engine that can automate the identification of and it’s communications relationships for any IT resource (e.g., applications, databases, services, systems, storage, network etc)
2) Impressive visibility capabilities including multi-layer topological / dependency mapping illustrations while offering comprehensive reporting options (e.g., graphical summaries down to detailed lists)
3) Reconciliation automation where this solution serves as the “source of truth” for the current state of the IT resources in the data center. At a minimum this should offer the ability to report differences between this and other Data Center Automation solutions. The real deal would have embedded automation/integrations that keep all products synchronized, saving major amounts of time for the system administrators and avoiding an event from occurring when it unfortunately wasn’t being monitored.
4) Accurate fingerprinting (e.g., discovery-to-data model mapping). Making sure the discovery process has the ability to keep up with newer software versions, new vendors etc for all the possible IT resources in the data center.
5) A fast search engine to quickly find an IT resource you are: troubleshooting, need to review prior to putting in a change order to understand potential impact or may be susceptible to a recently announced security threat, etc.
5b) A policy engine, built on the search engine, that enables users to define desired attributes for specific types of IT resources and be notified immediately when something doesn’t match that desired state so it can be remediated.
<a href=”http://www.bmc.com/BMC/Common/CDA/hou_Page_Generic/0,3465,81909862_92306905,00.html”>BMC </a>
<a href=”href=”http://www.ca.com/us/Products/Product.aspx?ID=5955″>CA (Cendura acquisition)</a>
<a href=”http://www.emc.com/products/detail/software/application-discovery-manager.htm”>EMC (nLayers acquisition)</a>
<a href=”http://www.opsware.com/products/visual_application_manager.php”>HP (Opsware acquisition)</a>
<a href=”http://www-306.ibm.com/software/tivoli/products/taddm/”>IBM (Collation acquisition)</a>
<a href=”http://www.symantec.com/business/products/overview.jsp?pcid=2247&pvid=1461_1″>Symantec (Relicore acquisition)</a>
Description – Cross-silo automation for mundane manual or high occurrence tasks. The capabilities are focused around helping individual technology domains (e.g., network, windows, unix, database, etc) communicate and collaborate to automate tasks that before required numerous people and passing around a trouble ticket.
Top 5 Capabilities
1) Drag/Drop graphical interface for designing process workflows
2) Common, normalized Data Model of common/primary attributes
3) Library of pre-defined, re-usable actions/triggers/processes for usage out-of-the-box (bigger the better – even a community that shares is a plus)
4) Policy/Desired-state engine driving things
5). Sandbox, simulator to help test workflows without impacting actual resources/instances within the production enterprise.
<a href=”http://www.bmc.com/products/proddocview/0,2832,19052_0_90902406_157022,00.html”>BMC (formerly RealOps)</a>
<a href=”http://www.optinuity.com”>CA (formerly Optinuity)</a>
<a href=”http://www.opsware.com/products/process_automation_system.php”>HP (formerly Opsware, formerly iConclude)</a>
<a href=”http://www-306.ibm.com/software/tivoli/products/netcool-impact/”>IBM (formerly Micromuse Impact)</a>
<a href=”http://iwavesoftware.com”>iWave Software</a>
<a href=”http://www.landesk.com/Products/ITProcess/Index.aspx”>LANDesk (Process Manager product)</a>
<a href=”http://www.netiq.com/products/aegis/default.asp”>NetIQ (Aegis product)</a>
<a href=”http://www.uc4.com”>UC4 Software</a>
<b>Analytics</b> *note: this is a recent change to the DCAB and is still being defined**
Description – coming soon
Top 5 Capabilities – coming soon
<a href=”http://www.alterpoint.com/index.php?id=143″>AlterPoint (offers specific analytic module “Lifecycle” built upon their Network Configuration & Change Product)</a>
<a href=”http://configuresoft.com/analytics_solutions.aspx”>ConfigureSoft (buit upon their ECM product)</a>
<a href=”http://www.bmc.com/products/proddocview/0,2832,19052_19429_93877323_157328,00.html”>BMC (acquried ProactiveNet)</a>
<b>Security & Protection</b>
Proactive Identification (proactive searching for a potential exposure point that could become a situation) which includes:
<li>IP Scanning – query remotely that simply requires IP address to gather information and determine if their is a potential condition of concern. Vendors include: eEye, nCircle, Nessus, Qualys, McAfee, Rapid7</li><li>Configuration/Settings Auditing – query remotely (using credentials) or having an agent on the system to take a more details look at the configuration files, etc. Vendors include: ConfigureSoft, Ecora, nCircle, Tripwire, Solidcore, Skybox Security</li><li>Penetration Testing – remote query attempts to actually expose or harm a data center resource. Vendor include: Core Security, HP (former Spi Dynamics), IBM (former Watchfire), Imperva, Mu Security, BreakingPoint Systems</li>
Reactive Identification (reactive, collecting of events or watching data flows to identify a condition or re-occuring trend)
<li>Security Event Consolidation (aka. SEM) – unified view of events from a variety of sources with the hope that you can quickly identify a problem and resolve it sooner after it occurred, or seeing something that tells you that problem may be about to happen. Vendors include: ArcSight, NetForensics, EMC/RSA</li><li>Information Archival & Reporting (aka. SIM) – archiving and then the analysis and mining of all that event data to identify a re-occurring situation that could be resolved. This archive is also a great resource for reporting certain compliance situation to auditors. Vendors include: ArcSight, NetForensics, LogLogic</li><li>Data Leakage – monitoring activities or traffic flows to identify if sensitive information is being . Vendors include: EMC/RSA (Tablus), Reconnex, Symantec (Vontu), Vericept</li>
<b>Configuration & Change</b>
Description: Automation around making configuration or software changes in mass or in a more controlled, systematic way even if on individual level. Understanding what the potential impact or risks are associated with making that change and keeping tabs on what is changing and if it is authorized or in line with established standards.
1) Making changes easier through a simplified user interface – enables more junior administrators to make traditionally more complex changes that required senior individuals.
2) Abstraction layer that enables the same change to be applied to a numerous resources, which includes spanning multiple vendors.
3) Ability to recommend when a change is not recommended or even unauthorized…understanding the interdependencies and risks associated with a change.
Vendors doing both Deployment & Auditing (listed alphabetical)
<a href=”http://alterpoint.com”>AlterPoint (for network devices)</a>
<a href=”http://www.bladelogic.com/products/index.html”>BMC (formerly BladeLogic) for servers/applictions</a> and <a href=”http://www.bmc.com/products/products_services_detail/0,,0_0_0_1301,00.htm”>for networks (formerly Emprisa)</a>
<a href=”http://ca.com/us/eitm/solution.aspx?id=7816″>CA (for systems)</a>
<a href=”http://www.cassatt.com/prod_data_center.htm”>Cassatt (for systems, applications, networks)</a>
<a href=”http://www.cisco.com/en/US/products/sw/cscowork/ps2073/index.html”>Cisco (for network devices)</a>
<a href=”http://www.configuresoft.com/ecm.aspx”>ConfigureSoft (for applications, servers)</a>
<a href=”http://software.emc.com/products/product_family/controlcenter_family.htm”>EMC (for network with Voyence acquisition, for storage with ControlCenter)</a>
<a href=”http://www.fastscale.com/”>Fastscale (deployment/provisioning centric)</a>
<a href=”http://www.gridapp.com”>GridApp (for databases)</a>
<a href=”http://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-271-273^1440_4000_100__”>HP (former Opsware for applications, servers, networks, storage)</a>
<a href=”http://www-306.ibm.com/software/tivoli/products/prov-mgr/”>IBM Tivoli (for applications, servers)</a>
<a href=”http://www.mvalent.com/Products/integrity_overview.htm”>mValent (for applications)</a>
<a href=”http://www.phurnace.com/products/index.php”>Phurnace (for applications)</a>
<a href=”http://www.scalent.com/html/learnmore/index.htm”>Scalent Systems (for servers, applications)</a>
<a href=”http://www.symantec.com/business/products/index.jsp”>Symantec (for servers, applications with Jareva, Altiris and storage with CommandCenter)</a>
Vendors focused on Auditing
<a href=”http://www.ecora.com”>Ecora (for servers, applications, networks)</a>
<a href=”http://www.solidcore.com”>Solidcore (for servers, databases, networks)</a>
<a href=”http://www.tripwire.com/”>Tripwire (for servers, databases, networks)</a>
Vendors that do both primarily for desktop’s which extends to provide some server configuration and change capabilities for the data center
<a href=”http://www.landesk.com/Products/ServerManagement/Index.aspx”>Avocent (from Landesk acquisition)</a>
<a href=”http://www.lumension.com/vulnerability-management-console.jsp?rpLangCode=1&rpMenuId=118439″>Lumension (former Patchlink)</a>
<a href=”http://www.microsoft.com/systemcenter/configmgr/default.mspx”>Microsoft (former SMS product)</a>
<b>Performance & Availability</b>
The Big 4 are entrenched here (e.g., BMC, CA, HP, IBM)…
<a href=”http://www.bmc.com/products/proddocview/0,2832,19052_19429_93877323_157328,00.html”>BMC (Performance Manager)</a>
<a href=”http://ca.com/us/products/category.aspx?ID=315″>CA – (eHealth – former Concord, Spectrum – former Aprisma, Unicenter)</a>
<a href=”http://www-306.ibm.com/software/tivoli/products/netcool-omnibus/”>IBM Tivoli (Netcool – former Micromuse Omnibus, Proviso – former Quallaby that Micromuse acquired)</a>
<a href=”https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-15_4000_100__”>HP (Operations Manager, Network Node Manager, Performance Manager, Performance Insight)</a>
And the up-and-coming threats to replace one of these guys also (e.g., EMC, Microsoft, Quest Software)
<a href=”http://www.quest.com/performance-management/”>Quest Software (Foglight, PerformaSure)</a>
<a href=”http://www.emc.com/products/software/smarts/smarts_family/index.jsp”>EMC (SMARTS</a>, <a href=”http://www.emc.com/products/software/smarts/ip_performance_mgr”>IP Performance Manager</a>)
<a href=”http://www.microsoft.com/systemcenter/opsmgr/default.mspx”>Microsoft (Systems Center Operations Manager)</a>
But then, we have a slew of others…
<a href=”http://www.symantec.com/business/products/category.jsp?pcid=2246″>Precise Software (recently spun-out from Symantec)</a>
<a href=”http://www.compuware.com/products/vantage/6534_ENG_HTML.htm”>Compuware (Vantage)</a>
<a href=”http://www.lucent.com/wps/portal/!ut/p/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLd4w3dnTRL8h2VAQADYR9IA!!?LMSG_CABINET=Solution_Product_Catalog&LMSG_CONTENT_FILE=Products/Product_Detail_000157.xml”>Alcatel-Lucent (VitalSuite)</a>
<a href=”http://www.networkinstruments.com”>Network Instruments</a>
<a href=”http://www.netiq.com/products/am/default.asp”>NetIQ (AppManager)</a>
<a href=”http://www.apparentnetworks.com”>Apparent Networks</a>
<a href=”http://packetdesign.com”>Packet Design</a>
And don’t forget the Open Source Software (OSS) vendors
Another area I’m not sure if it belongs here, security or analytics is Log Management where you maintain historical event/message/alert logs and then have historical reporting and applying advanced indexing and searching technology to quickly find the “needle in the haystack” problems.