Managing through the stacks

Network management is one of the most vital, encompassing areas of information technology and is one that requires a lot of training. As networks expand globally and support more users and more applications, network management systems are growing more complex, more automated and, by necessity, easier to use.

And because network managers often are held responsible for failures caused within applications, network management systems have begun to take on application management, adding yet another layer of complexity.

Federal network managers say they want tools that can help them keep tabs on their networks' status and help prevent outages. And while industry offers countless products aimed at meeting these requirements, the trick has been to find integrated products that offer friendly graphical user interfaces.

Agencies have found themselves focusing on a network management platform, such as Hewlett-Packard Co.'s OpenView, and stacking other products on top. This approach has given managers the ability to peer all the way down into their networks at routers and other devices. But it also has led to situations where agencies have ended up with duplicative products that can make it difficult to locate points of failure.

"The kinds of services that networks are supposed to deliver and the interrelationship between [wide-area networks] and campus networks are more complex than before," said Dennis Drogseth, an analyst with Enterprise Management Associates (EMA), a Boulder, Colo., consulting firm. "The requirements are more intense, and the expectations for control are higher."

By all accounts, network managers are in the hot seat. Valerie O'Connell, an analyst with Aberdeen Group, noted that network failures are responsible for less than 10 percent of all system outages. But when things go wrong, the blame still falls on network managers.

"When it comes to network failures in enterprise America, network folks are guilty until proven innocent," O'Connell said.

The predicament of network managers becomes even more complicated when national security issues come into play. Military users have the most urgent requirements for network management.

"The network is like our oxygen line. Without it, we start to gasp in a hurry," said Eugene Newman, technical director at the U.S. Atlantic Command's Joint Warfighting Center (JWFC), a cross-Defense Department operation for training, simulation and analysis.

These urgent requirements call for powerful tools that can help managers monitor the health of their networks and keep them running efficiently. In the federal government, as well as in the commercial world, many managers use HP's OpenView for network management.

OpenView is not an off-the-shelf application, so its role is often misunderstood and the product underutilized. "Eighty percent of network management is OpenView, yet it is the most misunderstood product out there," said Doug Picard, president of International Automation Associates, a Monterey, Calif., network integrator.

Users expect an off-the-shelf product from OpenView when, in fact, it must be configured from end to end, Picard said. "The product is richer than the people's ability to use it," he said. "It has a huge amount of capability, but none of it is out of the box. Many people just don't have the expertise and understanding to deal with its network management capabilities."

As a result, network users have demanded more user-friendly interfaces. For The Mitre Corp., one of the main attractions of HP's OpenView is the way it performs on the Microsoft Corp. Windows NT platform, said Sandra Wallace, network and system management specialist at Mitre, which is performing a network infrastructure upgrade for the Air Force as part of the Combat Information Transport System project.

Wallace said her biggest concern about network management is the user interface - a problem alleviated by the familiarity of Windows NT. "The Air Force has to use airmen straight out of high school," she said. "They don't have much experience with computers, so they feel more comfortable with NT than Unix. We can get them up to speed faster."

In the first phase of the three-part upgrade, Mitre introduced HP's OpenView Network Node Manager on Windows NT at 108 bases with a limited 250-node license. In the second phase, starting in August, the Air Force will procure an unlimited license.

Lacking a comprehensive understanding of network management systems, users stack other products on top of OpenView to get the graphical representations of particular manufacturers' products. For example, although Wallace uses OpenView to manage network devices such as switches and routers, she also uses Cisco Systems Inc.'s CiscoWorks management tool because its interface appeals to users who are accustomed to a Cisco environment.

Other products Wallace uses include Remedy Corp.'s Help Desk, a trouble-ticket system; Quadritek Systems Inc.'s (now Lucent Technologies Inc.'s IP Services Product Group) QIP, a configuration tool for managing Internet Protocol addresses; and Fore Systems Inc.'s ForeView for Asynchronous Transfer Mode device management.

Despite all the products they stack on top of it, users seem to trust OpenView to hold the network together at the core. And HP has always focused on the network management ball, not straying too far off base while continuously incorporating new technology.

"Our flagship product is strong in network management, not systems management or the mainframe," said Reiner Baumann, HP's product manager for Network Node Manager.

The focus and the framework are fundamental differences between HP and its competitors. While other products extend out to the enterprise or offer an all-or-nothing product set, HP always has taken a modularized add-on approach, Baumann said.

The Enterprise Approach

Some users prefer the enterprise approach because it covers more ground and provides a standard, cross-departmental framework. If the user interface is good, it can make network management training easier.

JWFC's Newman chose to use Cabletron Systems Inc.'s Spectrum for network management instead of HP's OpenView. "OpenView did a great job managing the network but not the entire enterprise external to the facility," Newman said.

But Newman also stacks products on Spectrum, using it with Opticom Inc.'s Executive Information System, which provides automated desktop reports, and Metrix Inc.'s WinWatch intelligent agents. Combined, the products form a Spectrum module called Systems View, which takes application information gathered by WinWatch and automatically creates a report for the IT department. That report then can be displayed on a word processor.

Cabletron utilizes inductive modeling, an artificial-intelligence technology, to isolate problems on the network. This represents a systems approach.

"Spectrum's focus is on managing the IT infrastructure," said Joe Syr, program manager for the Spectrum Strategic Partners Program at Cabletron. "Using inductive modeling, [Spectrum] is able to understand the interdependencies and relationships between the devices."

The Anniston Army Depot, Ala., chose to use Computer Associates International Inc.'s Unicenter TNG enterprise management tool for managing its network in a standard, user-friendly environment. Like other users, those at the depot selected their network management solutions in large part because of the interface.

Beverly Brooks, customer service center manager at the depot's support division, said Unicenter TNG employs a color-coded interface that makes management a snap. "If the icon is green, the network's up with no problem," she said. "If yellow, it's a 'caution,' an alert to check the device and a sign of a potential problem. If it's red, then it's a critical alert. If black, it's down.

"It's state-of-the-art and a lot of fun to work with," Brooks said. "It gives you a graphical picture of your network down to your desktop. Icons represent devices and applications."

The Anniston Army Depot takes an enterprise approach to network management, incorporating six Unicenter modules: help desk, software delivery, asset management, World Wide Web management, remote control and response management.

In an increasingly typical scenario, the depot solved an application problem from within a network management framework. "Prior to using the software delivery option, we had people physically go out to 1,200 desktops, loading software with a CD," Brooks said.

Computer Associates also utilizes artificial intelligence in its enterprise management system. Computer Associates' Neugents, a solution based on neural networking technology that forecasts system failures, looks inside Windows NT and predicts when there will be an outage, said Brandon Musler, director of product strategy at Computer Associates, Islandia, N.Y. The company is working on Neugents technology that would watch attempts to open firewalls, detect an intrusion from a virus and take preventive action before any damage is done.

HP's OpenView has a similar technology called NodeSentry, an intrusion detector that requires the use of Network Node Manager.

Another growth area of network management, policy-based networking, is supported by HP in OpenView's PolicyXpert, a stand-alone product that provides bandwidth allocation priorities.

Elsewhere, Tivoli Systems Inc. recently announced that it plans to add management capabilities to NetView, a tool formerly manufactured by Tivoli-owner IBM Corp. Over the next year, Tivoli will add policy-based management capability, Web-based management and better integration with third-party products.

Stacked Too High?

Although product stacking undoubtedly increases control of the network, it also creates duplication. "There are multiple, fragmented network management solutions that duplicate efforts and aren't efficient," EMA's Drogseth said.

To resolve the problem of duplication from product stacking, network management vendors recently began offering event correlation (EC) modules, which isolate the single point of failure on the network. These modules dynamically understand how all network devices are related and seek patterns to determine the cause when something breaks, Drogseth said.

"With event correlation, you are getting rid of redundant and superfluous alarms," Wallace said. "If a router goes down, you can take downstream devices out of service so you don't get alarms on all the routers downstream simultaneously."

Automated EC is a network management goal. "True EC shouldn't be just the red light from the router but the red light indicating which part on the router," Drogseth said. "Some EC will move beyond the network space, look at the application and determine what problem might be in the application. These are emerging now, but they need to be automated and adaptive."

Technologies such as event correlation hold out the promise of even greater control of network management in the future. Such developments are bringing managers closer to their vision of totally integrated control of their networks.

JWFC's Newman said, "Future network management systems have got to be able to reach from the top down as far as you want to go and [work] with other network management systems you don't necessarily have control of."

-- Gerber is a free-lance writer based in Kingston, N.Y.

*****

AT A GLANCE

* Status: Network management tools exist to help users monitor traffic, devices and even applications. Most users select a core network management tool and add other products specifically geared to the management needs of network components.

* Issues: The practice of "stacking" network management products on top of a core system can create confusion and make it difficult for managers to locate points of failure. In addition, products from multiple vendors may be poorly integrated.

* Outlook: Encouraging. Vendors are adding new capabilities to their products to make it easier for disparate tools to function together. Other innovations include new policy-based management tools and software agents that help predict trouble.