Some Tradeoffs Are Worth It

I like tools. The more complex they are, the better. I can easily spend an hour in a hardware store like Lowe’s or Home Depot and never leave the tool aisle. If it has laser beams, sharp blades, and requires hearing and eye protection, even better! There’s a problem with the bigger tools though. They tend to cost a lot and they typically do only one or two things. They do them well for the most part, but their ability to help you out in a variety of situations is limited. They also tend to be a lot bigger and difficult to lug around.

There’s another class of tool though. It tends to do several things, but probably not as well as the specialized ones. One of my favorites is the Leatherman multi-tool made by the fine folks in Portland,Oregon. What would take me an entire set of tools purchased individually, this tool can do rather well. It has a variety of different mini-tools on it. There’s pliers, a knife blade, a file, multiple driver bits, a can opener, etc.

When you consider the wide range of network monitoring tools out there, we tend to buy single use tools. Granted, there are some out there than can accomplish a wide range of things like SolarWinds Orion, but for the most part, our tools do either one or just a few things. In the network world, I typically categorize the various tools in one of about 4 different categories.

1. Configuration – These are the tools that aid you in pushing out changes to a large number of devices. Infoblox NetMRI, HP Network Automation software, and SolarWinds Orion NCM are a few of the more well known programs.

2. Real Time Monitoring – These are the tools that alert you when something is down, going down, or experiencing other anomalies in near real-time. EMC Smarts(now branded as EMC Ionix), Whats Up Gold, GFI NSM, and SolarWinds Orion are a few of these.

3. Flow Data/Network Trending – These are the tools that show you historical, or near real time flow statistics on your network infrastructure. CA NetQos ReporterAnalyzer, Compuware Gomez NPM(formerly Compuware NetworkVantage), Plixer Scrutinizer, and Fluke Networks OptiView NetFlow Tracker are a few of these.

4. Authentication/Policy Enforcement – These are the tools that permit or deny access to the network or a specific device within the network. Cisco ACS, Microsoft Network Policy Server(formerly Microsoft IAS), and Juniper Networks Steel Belted Radius are some of the more well known programs.

Perhaps like me, you find yourself wondering why the bulk of the tools we have in use on enterprise networks only do a certain amount of tasks. I believe the answer has to do with complexity. It is a rather monumental task to develop software that can handle just one of the four areas I mentioned. Add virtualization to that and it becomes even more difficult.

The Solution?

HP has an interesting product called Intelligent Management Center(IMC) that aims to handle all 4 areas I listed above to one degree or another. Not only can it keep configurations of all your network devices, it can monitor their up/down state, keep traffic flow statistics, and even enforce security policies. Here’s a short list of what it can do according to HP:

“Fault management, device configuration, device policy enforcement, change alerts, VPN management, user access management, network traffic analysis, virtualization management, network discovery, centralized reporting, access control list management, QoS policy management, MPLS VPN management, endpoint posture checking, identity and access management over LAN, WAN, wireless, and VPN.”

It is important to note that this product is not designed to only work with HP systems. It supports several thousand different non-HP products. Just about every Cisco product you can think of is supported by this tool. For that matter, just about every vendor you can think of is supported as well. I saw a live demonstration of this product at HP Discover earlier this year. During the IMC session, the challenge was made to name an obscure brand to see if IMC would support it. There was only one product out of a half-dozen or so that were named that wasn’t supported. It was a SonicWall device. Not surprising considering how GUI heavy those products are.

The goal of IMC is simple. You can see it represented in this picture:


Swivel Chair Management – This is what happens when we have to use several different tools to manage the network. We shift from one tool to another. Back and forth repeatedly. You have no doubt heard the term “single pane of glass” before. That is the term HP uses to counteract the typical swivel chair management most enterprises use when it comes to network management applications. IMC puts it all in one place allowing multiple silos within an IT department to use the same tool for all their management needs.

That’s the basic rundown on IMC. It’s modular, built off the FCAPS model, and consists of the following modules:


Icing On The Cake

IMC has some serious hooks into the virtual ecosystem. For those of us who are from traditional networking backgrounds, we have struggled with visibility into the virtual ecosystem over the past several years. Traffic goes into blade enclosures or ESX hosts and doesn’t necessarily come back out. Monitoring VM’s has become quite difficult, and if that VM changes ESX hosts, it gets even harder. Cisco has a solution to that problem in the Nexus 1000v, but that involves an additional purchase. Not everyone wants to go down that route. While IMC cannot do all of the things that the Nexus 1000v can, it gets pretty close due to extensive use of the vCenter API. As vSphere matures, so will IMC’s ability to see into the virtual environment.

Closing Thoughts

IMC is by all rights a great product that I think is going to set the bar for other all encompassing management tools. However, I think it would be naive to assume that IMC can replace all other management tools out there. There are going to be several things that specialized software from vendors can do that IMC cannot. That doesn’t mean IMC can’t do the bulk of the functions of these other tools. It just means that you have to be realistic when it comes to a product like IMC.

Like my Leatherman that I described at the start of this post, IMC is able to do a variety of things. However, there are limitations around the knife or the screwdriver on my Leatherman. Sometimes you do need a specialized tool to get the job done. The efficiency you gain from leveraging a tool like IMC in an enterprise network is a tradeoff I am willing to make. All of it comes down to knowing what your needs are and using the best tool to meet them.

This was the third and final post for the Blogger’s Reality Show Contest 2011 sponsored by HP and Ivy Worldwide. If you wouldn’t mind, click the thumbs up or thumbs down right below this paragraph and let me know if you enjoyed this post, or if it didn’t really apply to you. You can also leave a comment if you wish.

This entry was posted in contest, data center, virtualization and tagged , , , . Bookmark the permalink.

6 Responses to Some Tradeoffs Are Worth It

  1. Robert Juric says:

    The more stuff people try to bring into my “pane of glass” the more distractions I see. I understand the benefit of getting the entire IT department to use a single tool for management, but I’ve rarely seen this embraced by the entire department. Silos seem to have their preferred tools. But I would like to emphasize what you said, “All of it comes down to knowing what your needs are and using the best tool to meet them.”

    The phrase “Jack of all trades, master of none” comes to mind.

    • Robert,

      I left out a ton of additional information because nobody will read it if it is over 2000 words. 🙂 IMC is a modular system, so each person can customize it to their own preferences. That, coupled with role based access, ensures people can only see what they need to see.

      Today this is primarily geared towards network and security people, but I can see it moving into the systems and storage arenas in the coming years.

  2. Pingback: Absolutely nothing but everything to do with #BRC2k11 » Nerd Blurt

  3. Luigi says:

    GREAT Post! i mentioned you in my video and provided a link back to this article in the little i did write about.

  4. CJ Infantino says:

    I agree with Robert. It is hard to get an organization to use one tool. More than that, finding a “single-pane of glass” to replace all the single one off tools is near impossible.

    Many companies claim they have it, but I have never seen it actually work as intended. To me, it is still the “Magical Unicorn” that is out there somewhere but no one can find it.

    On the flip side, it does look like HP is getting closer and I like that you can control what you see to avoid distraction. The question is…does it really work like marketing says it does?

  5. Francesco says:

    You can also consider Solarwinds in Point 3 too, thanks to it’s extraordinary NTA.

Comments are closed.