Tools extend reach of management platforms
Administrators of federal networks responding to edicts for downsizing have found a helpful tool in a new generation of products that work in tandem with network management platforms to monitor systems and applications.
Until recently federal network managers working from a central site had only limited ability to monitor systems and applications actually residing on a network. But these new products allow managers to "drill down" to users' desktops and monitor local applications and network traffic regardless of where the user resides - a technique that saves money by locating management teams at a single site and reducing the number of personnel needed to monitor the environment.
Rob Swisher chief of the Computer Division at the National Oceanic and Atmospheric Administration said his organization began using these products to consolidate management of the agency's nationwide administrative network about 18 months ago.
"Now we can go down to the desktop level so we can centralize and consolidate network management at one location in terms of tools and people " Swisher said.
Vendors are rushing to the market with products they say will not only identify whether a problem originated on the network or within an application but also automatically take action to fix errors.
"This is a fairly new market on the federal side " said Kathy Ollivier director of federal operations at Boole & Babbage Inc. the manufacturer of the Command/Post systems management product. "With the government going through downsizing and reductions in force they really need to look at better managing the entire environment - managing across entire applications and not just pieces of them."
Managers point out that locating the point of failure in a complex computing environment can be extremely difficult. Joe Tabaco a systems analyst at the National Weather Service's Eastern Region said he discovered that when Hurricane Fran hit the North Carolina coast his agency's frame-relay network managed by AT&T on the FTS 2000 contract was literally dumping research data off the network because of the large bursts of network activity.
But Tabaco didn't make this discovery through AT&T's management reports. Nor was the region's main management platform Cabletron Systems Inc.'s Spectrum able to provide the detailed information Tabaco needed he said. Instead Tabaco used a diagnostic tool called RouterManager/AutoBahn from StonyBrook Software Bohemia N.Y. With this tool Tabaco found that the network was dumping up to 90 percent of the data sent to the field.
Most observers agree that no one solution can do it all regardless of how useful an organization's network management platform system may be.
Managers commonly complain that certain types of equipment cannot be managed properly without a management product specifically tailored to read the Management Information Base variables emitted by the hardware. MIBs feed the management platform with information it needs to monitor the health of particular devices.
Keith Cornett chief of the Mission Systems Division at NASA's Marshall Space Flight Center said he was unable to monitor his routers and hubs with his network management platform and had to purchase specialized packages to do the job. "Some vendors are reluctant to fully develop their MIBs " he said. "I don't understand it. If I put a product out I would want anybody to be able to manage it."
Managers throughout government have found themselves in the same boat as Cornett using separate systems to manage switches hubs routers bandwidth and other aspects of their nets.
The resulting morass has led to an additional need for systems that can monitor an application without regard to the type of equipment involved.
Even vendors of the leading traditional network management products realize their solutions are not sufficient to meet the needs of complex customers such as federal agencies. Steven Johnson a systems engineer with Fore Systems Inc. said he believes the real task for network management platform vendors is to build in compatibility for products such as his company's ForeView switch management package. "There's only so much a product like [Hewlett-Packard Co.'s] OpenView can do except to make it easy for other vendors to plug in " he said.
Michael Ross a certified networking specialist at IBM Corp.'s Global Government Industry division said his company recognized the trend early last year and purchased Tivoli Systems Inc. Tivoli's products run in tandem with OpenView and other network management platforms such as IBM's widely used NetView 6000 and give centralized managers the ability to receive data from remote servers or desktops on the status of a site's operations.
Tivoli's TME 10 product suite like most systems management products works through intelligent agents - code installed on remote servers or less frequently desktops to selectively query clients for data used to determine the efficiency of the local environment. Managers at central locations can access that data and similar data from other sites for a complete picture of the application regardless of the environments it is running on.
Marty Fredrickson federal government sales manager at Tivoli said his division was able to triple its growth last year over 1995 figures due to the growing need of federal managers to adopt a systems-oriented approach to network management. The company sells TME 10 products mostly through indefinite-delivery indefinite-quantity contracts but is also seeing an increase in sales through its General Services Administration multiple-award schedule contract. In addition the Defense Department named TME 10 a component of its Defense Information Infrastructure Common Operating Environment.
A network manager at the National Security Agency who requested anonymity said the agency is testing Boole & Babbage's Command/Post which monitors applications on a variety of operating systems and generates reports on them to a centralized server. "It allows us to train operators in one platform and merge all of our applications management into one command center using one tool " he said.
But one potentially negative effect of this model is the possibility that polling among networked devices could eat up a significant amount of bandwidth. Vendors are attempting to mitigate that problem by confining most of the polling to the local level instead of continually sending data back and forth between remote sites and centralized managers.
For example Joe Quigg divisional vice president of Computer Associates International Inc.'s enterprise management group said his company's forthcoming CA-Unicenter TNG 2.0 management product will distribute to servers "very small-footprinted agents" that will read MIBs and report back to enterprise managers only when problems are indicated. He said the product will begin shipping by the end of March.Most vendors are also incorporating intelligent modules into their products these modules can identify problems before they happen and automatically take corrective action or notify an administrator before things go awry.
John Belena general manager of federal operations at BMC Software Inc. said his company's Patrol management suite lets users write scripts for Patrol agents telling them what data to collect and what to do with it. "We've put the intelligence at as low a level in the environment as we can and designed it so it can automatically react to 20 percent of the items that cause 80 percent of the problems " he said.
Travis Ray program manager for aviation standard information systems at the Federal Aviation Administration said Patrol has allowed his office to monitor database activity across the country from a central location in Oklahoma City. He said he intends to create his own scripts for the product once users have had more experience with it.
But NOAA's Swisher warned against one potential problem with applications and systems management that no vendor will be able to fix for an agency. He pointed out that some network administrators at remote sites claim territorial rights to their servers and may not want centralized managers nosing around their applications. Swisher who runs the centralized site at his agency said he still has not come up with a solution to that roadblock.
"Some of these organizations will tell us `Don't you dare look beyond the server ' " he said. "There are some policy issues on just how far we can probe and we are very wary about becoming Big Brother. Even though we have all of these whiz-bang tools the real problem is a policy issue."
If agencies can overcome this vendors and network managers say they can respond to requests to consolidate without losing management capability. "We see people deriving a great deal of value from being able to centrally manage " Tivoli's Fredrickson said. "The feds have caught on pretty fast."
* * * * *
At A Glance
Status: Federal network administrators looking for a better indication of the health of their networks are integrating a new class of systems and application monitoring tools into their existing network management scheme.
Issues: Solutions that use intelligent agents to gather information from clients provide the kind of detailed systems data that administrators need to anticipate and correct problems. However these products can eat up bandwidth and may make some end users uneasy.
Outlook: Good. Existing management software still has some shortcomings but industry vendors have new solutions in the pipeline.