Managing SLAs: Software tools are starting to catch on

ExecTech graphic

Service-level agreements attempt to get IT service providers and customers on the same page when it comes to expectations on performance, availability and reliability.

SLAs establish objectives and define how performance will be measured. An organization might track SLAs manually or use some form of automation. The latter approach could involve deploying multiple server and network monitoring products to determine whether a service is up to scratch. Alternatively, an IT shop could deploy a broader offering, such as an IT service management (ITSM) system, business service management (BSM) product, cloud management platform or specialized SLA-monitoring solution.

SLA management tools can help IT departments keep tabs on the services they offer internal customers or external users in the case of interagency shared services. Agencies can also use the tools to track how their vendors are doing.

The degree to which SLA management solutions find use in the government space, however, differs widely from agency to agency.

"We have seen from the technology perspective that there are a wide variety of maturity levels across our government clients," said David Kramer, vice president of management consulting solutions at Octo Consulting Group. "Some use spreadsheets and some use ITSM modules and some use point solutions."

The Energy Department's Fermilab falls into the last category. The lab uses ServiceNow's cloud-based ITSM software to manage SLAs as part of a broader initiative to tap enterprise software-as-a-service solutions, a Fermilab spokesman said.

Some agencies use a combination of products and manual techniques to mind their SLAs and different approaches to track different parts of the IT infrastructure.

The Interior Department pursues multiple paths to service-level management. Interior's Office of the CIO has started providing shared IT services for internal and some external customers. The CIO's office is using manual and automated methods to monitor service levels.

For example, the office manually compiles service availability metrics when it tracks its Bison Connect cloud-based email system, which is powered by Google Apps for Government. Interior, meanwhile, measures some desktop support services against SLAs it has established using BMC Software's Remedy ITSM software, said Bernie Mazer, Interior's CIO.

Mazer said he believes Interior will continue to use a variety of tools to manage service levels, but the management approach will evolve over time.

"As our shared services mature, the tools we use to manage the SLAs will also mature," Mazer said.

The more-than-one tool philosophy is also the case for the Federal Aviation Administration's Mike Monroney Aeronautical Center, which houses the Enterprise Services Center. ESC provides data center, information security and office automation support, among other shared IT services.

"We don't use one [piece of] software but actually several to help maintain our SLAs," an FAA spokesman said.

Why it matters

SLAs become increasingly important as the federal sector pursues shared IT services. The Obama administration's Federal IT Shared Services Strategy, also known as the "shared-first" approach, promotes interagency service delivery and cites SLAs as a mechanism for tracking performance. SLAs — and the ability to manage them — can help agencies navigate their service-provider roles.

Federal IT departments, meanwhile, are embracing a more service-oriented approach and adopting service management practices such as those described in the IT Infrastructure Library. In ITIL, a service target is set during the service management process, and the SLA solidifies the understanding between provider and supplier.

SLA management tools aren't strictly for service providers. An agency might also use them to monitor their vendors. For example, a cloud service provider will provide its own SLA and the means for monitoring it, but an agency might not want to rely on the vendor's scorekeeping ability.

Alex Bewley, chief technology officer at Uptime Software, a Toronto-based company that develops SLA monitoring and reporting software, said such tools are most commonly used by IT groups looking to provide the best service for the applications they manage. But he added that a number of customers use the software to track outsourced servers and applications.

"They usually do this when they don't believe the availability metrics that come from the outsourcer, or they believe that the 'wrong' metrics are being used to represent the availability of applications," Bewley said.

The fundamentals

The use of automated systems to track SLAs has yet to become a common practice.

"Most agencies do utilize some form of a help-desk or service-desk tool; however, very few actually utilize...service-level management in relation to services," said Jim Leake, Unisys Federal Systems' vice president for end-user computing.


Bewley said customers might take a step-wise approach to automation by starting with simpler tools and then evolving into a more mature setup for rigorous and comprehensive reporting on applications and infrastructure.

Building better SLAs

Software tools can help agencies manage service-level agreements, but the task is much easier if administrators start by negotiating a favorable arrangement.

That's probably easier said than done when cloud and software-as-a-service (SaaS) providers already have their own SLAs. But customers might be able to get vendors to budge to meet specific requirements. Thomas Trappler, a cloud consultant and director of software licensing at the University of California, Los Angeles, offers the following observations:

SaaS vendors will negotiate. "Factors impacting a client's ability to negotiate modifications include how established the provider is, and the type or volume of business the client represents to the provider," Trappler said.

It's easier to negotiate fee-based services. "Google provides a range of SaaS solutions — some no-cost, some fee-based," he said. "It can be challenging to get Google to change their terms for their no-cost offerings. For fee-based solutions, there's room for negotiation even with more established vendors. It just depends on how much they want your organization as a client."

SLAs are only one factor in cloud adoption. Trappler said the key cloud risks to consider typically fall into the following categories: infrastructure/security, SLAs, data access, protection and location, and vendor relationship. "The relative importance of each potential risk will vary depending upon the client organization's unique tolerance for risk, and the data sensitivity and business criticality associated with the specific function being moved to the cloud," he said.

Agencies' automation options include ITSM and help-desk management systems. Products from BMC Software, CA Technologies, HP, IBM, Samanage and ServiceNow include an SLA feature.

BSM products, which aim to help IT organizations run more efficiently, can also play a role in SLA management. Some ITSM providers also operate in this space.

SLA monitoring and management tools represent another alternative, with Heroix, ManageEngine and Uptime offering relevant software.

Cloud management platforms and cloud service brokers provide another path to SLA management and one that tends to be more outward-facing. Cloud service brokers act as intermediaries between customers and cloud service providers.

IT solutions provider NJVC operates a cloud service brokerage through its Cloudcuity framework. Kevin Jackson, vice president and general manager of NJVC's cloud services, said the Cloudcuity broker can advise agencies on the most cost-effective cloud service provider/SLA combination that meets their business requirements. He said the broker provides SLA metrics across multiple providers as well as SLA comparisons.

"A cloud services broker acts as an independent third party in the monitoring of SLA adherence, reporting breaches and the delivery of associated remedies," Jackson said.

Other SLA management tools can also serve as a check on external service providers.

Simon King, director of strategy for service support at BMC, said that in the past, enterprises would often depend on a vendor's SLA reporting. But he has seen a shift from that approach.

"There's more interest in doing performance monitoring from the consuming side, [not] just relying on the providers," he said.

King said organizations can also deploy tools that monitor end users' experience. Those tools zero in on glitches that affect users and help track vendor performance. He said every conversation he has with government or commercial customers eventually comes around to the topic of end-user experience because outsourcing will look like a bad choice if that experience degrades.

"Even when you outsource, you don't want to give up on tracking SLAs," King said.

The hurdles

One immediate challenge buyers must tackle is choosing from the variety of solutions for managing SLAs.

Some of the variability stems from ITIL. Vic Berger, principal technologist at IT solutions provider Affigent, said the ITIL framework includes a dozen subcomponents that software can address. Capabilities that include managing change, capacity, service catalogs and continuity all fall under the SLA/ITIL umbrella, he said.

Organizations must decide which ITIL areas apply to them and then make a decision about software tools, Berger said, adding that different software players emphasize different ITIL components.

Furthermore, an IT infrastructure encompasses a range of platforms that could need monitoring, so the SLA management job could call for more than one tool.

"An agency would leverage different tools depending on the SLA," said Kris Mathisen, vice president of infrastructure optimization and cloud services at Unisys Federal Systems. For example, an agency could use a data center infrastructure management tool such as Rackwise to track how efficiently a data center uses energy. Similarly, NetApp's OnCommand tool could be used for a storage-related SLA, he added.

According to Mathisen, the salient question becomes how to aggregate the management and tracking of all the SLAs an agency might have in place.

"To achieve this, you would need a system that integrates with the [application programming interfaces] of the various systems you wish to monitor or tools you wish to aggregate into a master dashboard similar to what cloud brokers are evolving to provide," he said.

FAA's Enterprise Services Center uses BMC's Remedy as the main tool for collecting metrics on the service desk's response and resolution of incidents, the FAA spokesman said. The center also uses the tool as its configuration management database. It uses CA's Nimsoft Service Desk to manage alerts and thresholds on servers for service-level metric requirements. Oracle Enterprise Manager provides the same function for the center's databases.

The data collected by those systems is sent to a Microsoft SharePoint database for reporting to the center's customers, the FAA spokesman said.


  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected