Data Center Automation Blueprint

440 pts.
This IT answer entry is an on-going wiki page that highlights capabilities and vendors for the 6 functional areas in the realm of Data Center Automation. There are two ways to contribute. 1) you can "create answer" where you write directly into the wiki page 2) you can "add to discussion" where you state your thoughts/opionions but it doesn't change the main wiki page. Consider this page the next phase of development for this collaborative effort that started back in November 2007. Please keep your thoughts/feedback coming - Ryan

Answer Wiki

Thanks. We'll let you know when a new response is added.

Please subscribe to the RSS feed for Adventures in Data Center Automation.

6 Functional Areas (each section discussed below)

  • Resource Reconciliation (aka CMDB)
  • Process Orchestration (aka RBA)
  • Analytics
  • Performance & Availability
  • Security & Protection
  • Configuration & Change

Resource Reconciliation
Description – Automation that captures a complete view of all IT resources, assets, services etc. and their relationships, layers 1 through 7. This comprehensive view of all IT resources is the “record of truth” and needs to always be 100% accurate. Once in place, this is the hub of information that keeps all other monitoring and management solutions on the same page so nothing is missed or overlooked.

Top 5 Capabilities

  1. Comprehensive discovery engine that can automate the identification of and it’s communications relationships for any IT resource (e.g., applications, databases, services, systems, storage, network etc)
  2. Impressive visibility capabilities including multi-layer topological / dependency mapping illustrations while offering comprehensive reporting options (e.g., graphical summaries down to detailed lists)
  3. Reconciliation automation where this solution serves as the “source of truth” for the current state of the IT resources in the data center. At a minimum this should offer the ability to report differences between this and other Data Center Automation solutions. The real deal would have embedded automation/integrations that keep all products synchronized, saving major amounts of time for the system administrators and avoiding an event from occurring when it unfortunately wasn’t being monitored.
  4. Accurate fingerprinting (e.g., discovery-to-data model mapping). Making sure the discovery process has the ability to keep up with newer software versions, new vendors etc for all the possible IT resources in the data center.
  5. A fast search engine to quickly find an IT resource you are: troubleshooting, need to review prior to putting in a change order to understand potential impact or may be susceptible to a recently announced security threat, etc.
  6. A policy engine, built on the search engine, that enables users to define desired attributes for specific types of IT resources and be notified immediately when something doesn’t match that desired state so it can be remediated.

Process Orchestration
Description – Cross-silo automation for mundane manual or high occurrence tasks. The capabilities are focused around helping individual technology domains (e.g., network, windows, unix, database, etc) communicate and collaborate to automate tasks that before required numerous people and passing around a trouble ticket.

Top 5 Capabilities

  1. Drag/Drop graphical interface for designing process workflows
  2. Common, normalized Data Model of common/primary attributes
  3. Library of pre-defined, re-usable actions/triggers/processes for usage out-of-the-box (bigger the better – even a community that shares is a plus)
  4. Policy/Desired-state engine driving things
  5. Sandbox, simulator to help test workflows without impacting actual resources/instances within the production enterprise.

Analytics *note: this is a recent change to the DCAB and is still being defined**
Description – coming soon

Top 5 Capabilities – coming soon

Security & Protection
Proactive Identification (proactive searching for a potential exposure point that could become a situation) which includes:

  • IP Scanning – query remotely that simply requires IP address to gather information and determine if their is a potential condition of concern. Vendors include: eEye, nCircle, Nessus, Qualys, McAfee, Rapid7
  • Configuration/Settings Auditing – query remotely (using credentials) or having an agent on the system to take a more details look at the configuration files, etc. Vendors include: ConfigureSoft, Ecora, nCircle, Tripwire, Solidcore, Skybox Security
  • Penetration Testing – remote query attempts to actually expose or harm a data center resource. Vendor include: Core Security, HP (former Spi Dynamics), IBM (former Watchfire), Imperva, Mu Security, BreakingPoint Systems

Reactive Identification (reactive, collecting of events or watching data flows to identify a condition or re-occuring trend)

  • Security Event Consolidation (aka. SEM) – unified view of events from a variety of sources with the hope that you can quickly identify a problem and resolve it sooner after it occurred, or seeing something that tells you that problem may be about to happen. Vendors include: ArcSight, NetForensics, EMC/RSA
  • Information Archival & Reporting (aka. SIM) – archiving and then the analysis and mining of all that event data to identify a re-occurring situation that could be resolved. This archive is also a great resource for reporting certain compliance situation to auditors. Vendors include: ArcSight, NetForensics, LogLogic
  • Data Leakage – monitoring activities or traffic flows to identify if sensitive information is being . Vendors include: EMC/RSA (Tablus), Reconnex, Symantec (Vontu), Vericept

Configuration & Change
Description: Automation around making configuration or software changes in mass or in a more controlled, systematic way even if on individual level. Understanding what the potential impact or risks are associated with making that change and keeping tabs on what is changing and if it is authorized or in line with established standards.

Top Capabilities

  1. Making changes easier through a simplified user interface – enables more junior administrators to make traditionally more complex changes that required senior individuals.
  2. Abstraction layer that enables the same change to be applied to a numerous resources, which includes spanning multiple vendors.
  3. Ability to recommend when a change is not recommended or even unauthorized…understanding the interdependencies and risks associated with a change.

Another area I’m not sure if it belongs here, security or analytics is Log Management where you maintain historical event/message/alert logs and then have historical reporting and applying advanced indexing and searching technology to quickly find the “needle in the haystack” problems.

Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Jovsta
    Hey Ryan, Firstly, good work but a couple comments. I will not try to address IMHO all the gaps in different categories, at least not until I've gather most of my thoughts, but one glaring omission of other HP offerings and potentially misleading the space of HP Business Service Automation (BSA - aka Opsware) suite. Resource Reconciliation, Analytics, and especially Configuration & Change are not the selling point of HP BSA. Its almost entire in the Process Orchestration with tentacles in other categories, but not the driver. For these areas, HP have an even large suite of products from their acquisition of Mercury and Peregrine. An example, Resource Reconciliation is covered by HP Universal CMDB (uCMDB) with Discovery & Dependency Mapping (DDM - formerly Mercury Application Mapping) and federation with Network, Operations, Asset Management (Peregrine) platforms. This is not even mentioning the range of adapters to 3rd party platforms. Regards J
    10 pointsBadges:
  • AlexEvolven
    Hi Ryan, Thanks for posting all this valuable information. An area we see a niche to improve via automation is the configuration and change management process .<br> Evolven's innovative Granular Configuration Automation solution takes on the dynamics and complexity of today's IT environments in a way that was never available before. Its powerful capabilities help to significantly reduce downtime risk and minimize its impact. <br> Read more here: <br> and please feel free to check out: How to Drive Change While Remaining in Control – A recorded webinar with experts from EMA and Evolven <br> Thanks and regards,<br> Alex Gutman Technology Evangelist Evolven Software, Inc.
  • qazwsxedcrfvtgbyhnujm
    Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me...thanks .
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: