FEATURE: NETWORK MONITORING
PANKAJ PRASAD, PRINCIPAL
RESEARCH ANALYST, GARTNER
Is there a tendency for end-users to
use too many monitoring tools?
In principle end-users would like to
procure just one monitoring tool. The
reality is different though. It is not
uncommon to see an enterprise deploy
30+ monitoring tools. So the answer
is a Yes. The reasons are varied. Some
common reasons for a tool sprawl are:
• Inherited legacy of point-solutions
acquired along with investment in IT
infrastructure
• IT operations teams working in silo
groups and influencing investment
in tools of their own choice – for
example, network team vs server vs
storage teams. Each of these teams
may have a preference for their own
monitoring tool
• Non-availability of a holistic solution
for visibility across all layers of the IT
architecture
Are there any problems with a
‘multi-tool’ approach? Do end-users
struggle to understand contrasting
sets of network monitoring data?
A multi-tool approach creates problems
in IT operations, procurement as well
as with the on-going maintenance
of the tools. For example, from an
operations perspective, a multi-tool
approach requires almost a swivel-chair
management, where the operations team
needs to switch across various screens
to gain a complete understanding of a
particular IT-related event.
Another aspect many end-users
overlook is that monitoring tools rarely
work in isolation. Data interchange
with other IT operations management
(ITOM) processes and tools (for example
incident, capacity etc) is usually an
inherent requirement for monitoring.
This requirement for integration creates
additional challenges:
• From a tools management and
maintenance perspective, the
challenges relate to integration
across various tools
36
INTELLIGENTCIO
“A CIO can
gain visibility
into business
transactions
which
transforms
IT from being
a viewed as
a cost centre
working in a
reactive manner
towards being
transformed
as a business
partner.”
• Implementing appropriate
workflows to enable the required
flow of data across various tools in a
seamless manner
• Rigid controls on any changes/
enhancements (like upgrades,
patching, configuration changes
etc.) to ensure the process, workflows
and data interchange remains intact
across various tools
• From a procurement perspective,
every assessment cycle has to go
through reviews regarding version
control across all tools to ensure
seamless integration. This means
working closely with vendors and in
some cases could also require using an
older version to ensure compatibility
with other existing tools
Do end-users struggle to understand
contrasting sets of network
monitoring data?
Consumers of monitoring data within
an IT operations team have different
requirements dictated by their personas.
For example, a Network architect
would appreciate a topological view
of the IT architecture, while a network
operator would appreciate network
traffic analysis. In some organisations,
a system administrator would
appreciate additional parameters
detailing health of the network and
IT infrastructure elements like routers,
switches, servers etc. It’s more about
the level of granularity vs abstraction
the monitoring tool is capable of,
acquisition and visualisation of data,
and whether these elements are
aligned to the persona of the end user
consuming the data.
Would end-users be better off
utilising a single, integrated
approach to monitoring?
A single integrated approach to
monitoring is a goal that a majority of
end users would like to achieve. Towards
this end, multiple approaches have
been tried. For example, consolidating
monitoring tools into those existing,
select fewer tools based on overlapping
features; and having a rip-and-replace
approach, where end users bring in new
tools with functionalities that enable
them to decommission many existing
tools. However, the approach that works
best is to shift the focus from tools to
data that is captured by monitoring
tools, and leverage technology for
consolidating data.
A couple of approaches that have
worked towards consolidation of
monitoring are event correlation and
analysis (ECA) and artificial intelligence
“A CIO can now
provide real-
time inputs
regarding
impacts to
business as
a result of
network and IT
performance.”
www.intelligentcio.com