Almost any organization with a significant investment in IT resources has a large collection of disparate systems -- different hardware platforms running different operating systems, connected by three or four different types of network backbones running a few of the popular standard network protocols, hosting a widely different collection of applications, which in turn store their data in a number of different database systems. These systems often span a number of different eras in which different system management paradigms ruled, from the centralized mainframe with dumb green-screen terminals, through variations of distributed two-tier and three-tier client/server architectures with GUI interfaces, to the ORBs, object stores, Intranets, and Internet servers we find in newer systems with so-called social interfaces. The systems are sometimes located at sites spread all over the country or -- in the case of multinational organizations -- all over the world.
The enterprise manager's challenge is to monitor, control, manage, and continuously plan, extend, and adapt this very heterogeneous conglomerate of system components to give end users the integrated information resources they need to run the business successfully. This includes four related areas of management -- namely, systems management as we traditionally knew it (the hardware and the operating system), network management, application management, and database management (also known as database administration). The enterprise manager's biggest problem is that almost each of these components must be managed in a different way using different tools and techniques, from the very primitive to the highly sophisticated. To add to this agony, few of these systems integrate well with the components of the others. The enterprise manager's latest challenge is to manage the Web servers, Web database gateways, and many other Internet- and Intranet-related products. This includes not only the organization's Intranet components, but also its public Web site, which may be protected by a firewall.
Fortunately, some enterprise-management tools on the market can help you manage this mess of IT resources as if it were a tightly integrated collection of highly compatible system components. These management tools include Computer Associates International Inc.'s (Islandia, N.Y.) CA-Unicenter The Next Generation (TNG), Hewlett-Packard Co.'s (Palo Alto, Calif.) OpenView, IBM Corp.'s (Armonk, N.Y.) Tivoli Management Environment (TME), BMC Software Inc.'s (Houston) Patrol, Microsoft Corp.'s (Redmond, Wash.) Systems Management Server (SMS), Platinum Technology Inc.'s (Oakbrook Terrace, Ill.) set of enterprise- management tools, and Candle Corp.'s (Santa Monica, Calif.) Command Centre. A wide variety of tools can also be used to manage specific areas of the enterprise, such as the databases, only the applications, only the network protocols, or only the security of the resulting system, but I will not consider them here. Some of these tools were reviewed in Robin Schumacher's article in the January edition of DBMS, page 71.
Similarly, there are also tools that can be used to manage some proprietary collections of systems, such as only the Microsoft products or only the Oracle database and its related products, but I will not cover these either. Some of these tools were reviewed in my Server Side column in January 1997 DBMS (page 83). In this article, I focus on the more popular tools that provide real enterprise-management capabilities for heterogeneous system components.
It is impossible to list all of the systems and system components supported by each of the enterprise-management tools in an article of this length. Suffice it to say that most of these enterprise-management tools can be used to monitor and manage various hardware platforms (from mainframes down to desktop PCs and notebooks), various operating systems (including mainframe operating systems such as MVS and VM, most flavors of Unix, DEC VAX, and Windows NT and Windows 95 on the PC platforms), various network infrastructures and protocols (such as SNA, TCP/IP, DECNET, and IPX), and most of the popular DBMSs (including IMS, IDMS, Datacom, Oracle, DB2, Sybase SQL Server, Informix, and Microsoft SQL Server). The sets of systems and components supported are constantly changing and extending, as support for more and more components is added to each release of these enterprise-management tools. The best approach is to visit their respective Web sites or contact their vendors to determine whether your particular system configuration can be managed in its entirety.
A number of issues are closely related to these management functions:
Discovery: During initial installation, and even after major restructuring, you require a discovery facility that can detect all of the identifiable system resources on the network. It is impractical to require an enterprise manager to capture the specifications of all of the system resources in a new system before managing them.
Inventory and asset management: Because the enterprise-management tool must be able to manage all of these resources, it should be able to give you a complete inventory of all of the managed system components as assets on the network.
Change and configuration management: Similarly, because the enterprise-management tool maintains a complete inventory of all of the IT resources and their interdependencies and interconnections, it should be able to give you impact-analysis information. From the information you extract from the tool, you should be able to determine what will be affected when certain components are removed, changed, or replaced.
Application management: Managing applications is a totally different beast. The set of possible hardware platforms, operating systems, network protocols, and DBMSs can still be enumerated and characterized by the developers of the enterprise-management tools (although it is a mammoth task), but the same obviously cannot be expected for all application programs. They cannot be expected to consider all of the third-party application packages on the market, not to mention the millions of systems developed in-house. However, it must be possible to integrate all these applications as managed components in the managed infrastructure, together with their interdependencies on the other system components. For example, you would want to know which applications would be affected if you upgrade the DBMS to a new release. In other words, the critical task is to keep track of dependency relationships between the various managed system components.
As I mentioned already, several enterprise-management products provide these basic enterprise-management functions. CA-Unicenter TNG provides a comprehensive range of integrated management functions that manage all of the enterprise resources, across all platforms, networks, databases, and applications. It has a discovery option that "sniffs" through your network to detect all of the identifiable system resources. CA-Unicenter's components are classified into five functional areas -- namely security control, automated storage management, automated production control, data-center administration, performance management, and accounting. All five of these disciplines are utilized through a single, fully integrated GUI interface. CA-Unicenter TNG has a so-called "real world interface." It uses 3-D visualization and animation techniques to display the entire IT environment. (See Figure 1.) It provides a unique way of navigating through the enterprise: starting from the cities, zooming through buildings, the networks, the systems, and finally into the so-called Unispace, where abstract objects such as processes, applications, and databases are represented. CA-Unicenter TNG also supports what it calls "business process views," through which it provides a business perspective to the management of enterprise resources. Users can define which resources pertain to a particular business process. This enables managers to ask questions such as: "Can we process orders?" These business views also enable administrators to deal with only those resources that impact each business process, wherever they are located.
HP OpenView is a family of products and solutions to manage networks, systems, applications, and databases on a variety of platforms, ranging from the mainframe to the desktop PC. It includes facilities for distributed network management, integrated network and systems management, and various systems- management solutions specially tailored for the telecommunications industry. For example, the IT/Administration module of HP OpenView provides consolidated system administration for both Unix and Windows NT systems. The HP OpenView IT/Operations module is an advanced operations and problem-handling system that enables your enterprise manager to keep an integrated, distributed, multivendor computing environment up and running at all times. It is tightly integrated with HP's network-management platform, HP OpenView Network Node Manager. HP OpenView IT/Operation has a discovery and layout algorithm, which automatically discovers, monitors, and updates your view of the network environment.
The suite of Platinum tools is intended to manage tasks and projects from end to end. Multiple Platinum tools can work together to facilitate large-scale end-to-end systems management. The Platinum Apriori help desk, the Platinum CCC/Harvest change and configuration management tool, the Platinum AutoXfer software distribution tool, and the Platinum AutoXfer Inventory tool for inventory and discovery all work together, as the Platinum Application Vitality bundle, to continuously manage change in production applications. The Platinum Enterprise Performance Management (EPM) suite, composed of Platinum DBVision, Platinum ServerVision, and Platinum WireTap, addresses end-to-end performance issues for databases, servers, operating systems, and network applications. The Platinum suite of products uses a common set of services that facilitate the exchange of messages and data.
IBM's Tivoli Management Environment (TME) 10 can be used to manage users, systems, databases, and applications from a central location. The TME suite of tools makes it possible for an enterprise manager to automate, delegate, and schedule routine and time-consuming tasks. These tools also cater to software distribution and installation, security control, and resources and services monitoring throughout the network. Based on technology licensed from Intel, TME 10's autodiscovery capability automatically locates hardware, software, and configuration file information on PC desktops, branch servers, and central servers.
BMC Software has more than 110 software solutions for systems, application, and data management across the enterprise. BMC's Patrol products for automated application management provide for the optimization of applications, databases, servers, and networks. These tools can help the enterprise manager improve performance while automating his or her control tasks in complex, multitier, heterogeneous environments. BMC's Backup and Recovery Management products automate backup, recovery, and restart with coordination across distributed heterogeneous database environments, including Oracle, Sybase, DB2, IMS/DB, IMS Fast Path, and CICS/VSAM. BMC's products for database administration provide advanced schema management, change migration, statistics management, and log analysis within and across multiple heterogeneous databases, to significantly automate the database management processes.
Microsoft Systems Management Server (SMS) provides centralized management tools for various computing resources. It can be used for software installations and upgrades, remote control and administration, troubleshooting, software inventory and configuration, performance monitoring and tuning, and application execution on desktops located anywhere on the network. SMS can install its own agents automatically on any node. It can detect, identify, and maintain an inventory of PCs, servers, software, and packages running on the popular DBMSs. SMS has remote diagnostic and troubleshooting facilities. The enterprise manager can take over the screen, mouse, and keyboard of a remote workstation to get configuration information, to execute applications, or to guide a remote user through an application. It can even remotely reboot an identified PC.
CA-Unicenter TNG has an object-oriented, multitiered architecture that is based on a distributed object repository and a manager-agent infrastructure. The distributed object repository is used by all of the management functions to store information about the managed objects, their properties, and their interrelationships. HP OpenView's IT/Administration module's object-oriented design makes it possible to utilize the systems management information whenever possible. For example, a new user created with IT/Administration can simultaneously become a user in the HP OpenMail environment. Microsoft SMS's management file structure is based on the Desktop Management Interface (DMI) created by the Desktop Management Task Force (DMTF). The Platinum EPM tools employ an agent/console architecture. The core technology of the Tivoli TME is an object request broker that conforms to the OMG/CORBA specification.
It must also be possible for the enterprise manager to extend and customize the facilities of the tool. Each organization has a unique set of systems that must be monitored and managed. In addition, each organization has its own set of third-party and in-house applications that must also be managed. Although you may still be able to code management interfaces into your home-grown applications, this is not always the case with applications bought from third-party vendors or with legacy systems. You should be able to adapt the enterprise-management tool to monitor and manage third-party applications and packages through their own proprietary interfaces. The object repository of CA-Unicenter TNG can be extended. Any subsystem, including client and third-party extensions, can define additional classes and objects in the repository.
HP OpenView IT/Administration's module uses model-based reasoning technology. An enterprise manager can add new functionality by describing new models and plugging them in without altering the core product. The IT/Operations module provides an open, scalable IT management framework that lets you configure specific views and tools, based on your organizational needs and operator skills.
You can extend the functionality of Microsoft SMS with tools developed in Microsoft Visual C++ and Visual Basic. SMS uses Management Information Format (MIF) files, which makes it easy to extend the inventory information it keeps in its Microsoft SQL Server repository database. SMS's flexible, distributed, and balanced design lets you make network and systems management changes without having to reconfigure the management software.
Tivoli TME is a highly scalable and interoperable tool that works transparently across thousands of mixed servers and tens of thousands of clients, all from a single point of control. Its toolkits have published open APIs, which developers can use to implement their own TME 10 applications.
A related issue is integration with other tools. For example, BMC's PatrolView family of integration products allows the automated management and monitoring capabilities of the Patrol products to be viewed natively within most leading system- or network-management frameworks, such as CA-Unicenter and HP OpenView. Patrol's Intelligent Autonomous Agent technology provides agent-to-console and agent-to-agent integration, forwarding all application and database-monitoring events, alerts, and graphing data received from the Patrol Agents to the third-party consoles; it can also communicate directly with the third-party agent. The Platinum tools can be extended to work with other tools and networks and even with systems-management frameworks such as HP IT/Operations and IBM Tivoli TME frameworks.
CA-Unicenter TNG's DB Alert and Systems Alert modules let administrators detect, isolate, identify, and automatically correct operating-system and database problems. They have intelligent agent support for databases such as CA-OpenIngres, Oracle, Informix, and Sybase and operating systems such as Windows NT and Unix.
The event-management facilities of the HP OpenView IT/Operations module lets you quickly identify, locate, and resolve system and network faults to keep your systems operational. It can collect messages from a variety of sources, including system and application log files, SNMP variables, and traps, and via a number of open APIs. You can set monitors that check the system events against predefined thresholds or filter messages at their source on type, severity, time of day, and other criteria. You can resolve problems by configuring automated corrective actions and predefined operator-initiated actions.
Platinum's EPM suite can monitor and manage processes and applications at the database, operating system, and network levels. This includes event- and exception-based messaging, which can trigger alarms when specified events or exceptions occur. Platinum AutoAction is an automated systems operations tool that continually monitors all console activity, instantly reacting to all messages, events, and commands. AutoAction enables an installation to run its computer systems completely unattended. EPM (DBVision) monitors and manages databases such as DB2 Common Server, Informix, Oracle, and Sybase. It also supports processes and applications developed using these DBMSs.
Microsoft SMS can monitor performance-related events. It can forward these events as SNMP traps to remote agents; it can also catch and react to SNMP traps originating from other managed devices.
The Tivoli TME 10 Enterprise Console is a powerful event-handling application that uses rules-based event correlation for the integrated management of networks, systems, databases, and applications. It has three disciplines of event management -- namely, event integration, event processing, and event response and notification. It collects and integrates messages from any important information source in the distributed environment, including SNMP alerts and events from diverse sources, such as all of the major network management platforms, databases, SNMP agents, log files, Tivoli-enabled applications, intelligent agents, third-party applications, and user-defined applications. Events are processed by a sophisticated rules engine through which you can configure intelligent event-processing business rules. These rules implement the procedures to meet business needs, such as response and service times. You can filter events, consolidate events, drop duplicate or irrelevant events, close self-correcting events, escalate events, and correlate cause-and-effect events. A distributed automation engine reacts to system events by dispatching and controlling distributed responses from a central server. It can launch automated responses, which can take place on multiple systems.
The Candle Command Center for Distributed Systems includes a number of facilities for event handling, such as Monitoring Agents for Unix, Microsoft Windows NT, NetWare, Oracle, and Sybase, and an SNMP Alert Adapter for NetView for AIX, which can be used to monitor and build alert rules with key SNMP performance messages.
Microsoft SMS takes advantage of the built-in security and networking features of the Windows NT server to control access to each SMS function. It uses the NT Remote Control functions, which conform to the NT security model. Users can define permissions for functions controlled from remote managing agents, and they are alerted when such a remote control is activated.
The Tivoli TME 10 Security Management product provides centralized, role-based security administration facilities spanning multiple Unix platforms, Windows NT, and MVS via RACF. The distributed-systems-managed node component, Tivoli Access Control Facility (TACF), addresses the distributed security problem by providing an innovative architecture consistent with IBM's RACF solution in the MVS arena. Platinum's AutoSecure and AccessManager (newly acquired from ICL) address a wide range of security concerns, including single sign-on, authentication, and authorization.
The CA-Unicenter TNG Resource Accounting and Chargeback facility lets you create an accounting structure that matches your organization. You can associate charges for CPU time, I/O, disk utilization, and much more. You can split charges among users, generate invoices, and obtain the results of many accounting-related queries.
Platinum CIMS is a powerful chargeback, finance, and resource-management tool for internal and external IT resource accounting. CIMS works with the Platinum CIMS Capacity Planner to provide full-capacity planning functions, including financial considerations.
The automated storage-management component of CA-Unicenter TNG provides full and incremental file backup facilities across the entire network, and it keeps track of backup versions. This includes automatic archiving to solve disk-space problems before they happen, which can be tied in with the event-management components. The tape-management facility ensures that critical backup data on tape is protected against overwriting and accidental deletion.
HP OpenView OmniStorage provides automatic storage management. After you install and configure it, the product operates unattended. It uses magnetic storage as a cache for the frequently used data. Infrequently used data is proactively migrated down the storage hierarchy to optical jukeboxes or tape libraries. Access to migrated data is transparent. For users and applications, the data access is independent of its physical location.
Platinum AutoMedia and Platinum NetArchive provide complete tape library management, distributed file system backup and recovery, and hierarchical storage management (HSM) solutions.
It is important to note whether push, pull, or activate technology is used for software and application distribution and delivery. With push technology, the server broadcasts and delivers the software to all of the listed clients. (See the section on push technology in "From The Editor," DBMS, March 1997, page 8.) Pull technology is used when the clients request new software from the server. Activate technology is used when the distribution and installation of the software are separated -- the software is delivered to the clients using either push or pull technology; but it is only installed and made generally available when activated from the server. You often require activate technology when you have a large number of clients to distribute the software to, or when a whole release of an application must be activated simultaneously.
CA-Unicenter TNG's Software Delivery module provides software distribution across all platforms and on a wide variety of systems. It provides push, pull, and activate technology. CA-Unicenter TNG can also distribute reports online by identifying the report requirements of each user and selecting the appropriate pages of each report.
By using distribution depots, HP OpenView's Software Distributor handles software distribution and software-management tasks across Unix and Microsoft Windows NT platforms. The software is organized into products, subproducts, and file sets. You can keep multiple versions of the same software in one single depot.
Platinum's AutoXer utility provides a comprehensive software delivery/distribution solution that not only distributes software to nodes across an enterprise but also collects data from these remote nodes and enables the system and network operators to execute system administration tasks remotely. Platinum AutoDeliver is an output-management tool that provides centralized access and control over a wide range of output devices. It distributes output to fax machines, printers, email, pagers, and storage and retrieval functions throughout the organization.
Microsoft SMS can distribute software to identified PCs and servers at remote sites. The administrator performs this function by dragging an icon representing the package to the icons representing the remote servers. SMS can also be used to install and distribute custom applications by using scripting tools such as Microsoft's Visual Test, which was recently sold to Rational Software Corp.
The Tivoli TME 10 Software Distribution facility uses transaction-based deployment technology to guarantee that all client and server software components are installed fully synchronized. Tivoli's transaction service makes it possible to deploy applications with distributed, interdependent components as a single unit.
With CA-Unicenter TNG's automated production-control facilities, you can schedule work either through calendars or by triggered events, with built-in workload-balancing events. This structure intelligently distributes work to the systems with the most resources available. TNG also includes automatic recovery options through which you can specify the corrective actions to take when critical application or management tasks do not complete successfully.
Platinum's AutoSys is a powerful jobscheduling tool, providing scheduling and workflow for thousands of jobs across a heterogeneous IT environment. Platinum's AutoRerun provides rerun and restart management for MVS; it handles rerun and restarts automatically without requiring job-code changes.
Through its scheduling facilities, Microsoft SMS can control the execution of any commands and utilities on remote servers at specified times. You can also use SMS to manage lights-out installations.
CA-Unicenter TNG has a problem-ticket/user-help system, with automatic problem escalation to ensure prompt responses. You can also configure it to generate problem tickets automatically based on specific system events.
Platinum Apriori gives help-desk, customer-support, and technical-support staff the functionality to solve most problems on the first contact with an end user or customer. Hands-Free Support is a companion product to Apriori that lets users solve problems themselves by accessing Apriori knowledgebases via email, the Internet, or an Intranet.
Some of the enterprise-management tool vendors are releasing components to specifically address the Web. For example, BMC recently released a Patrol Internet-management software bundle. In addition to agents for the hardware platforms and knowledge modules for Unix or Windows NT, it consists of the Patrol Knowledge Module for Internet Servers. This is used to monitor and manage various Internet and Intranet servers, including Web, FTP, proxy, news, and mail servers. You can also use Platinum's AutoXfer module for the distribution, configuration, installation, and upgrading of software across WAN environments, the Internet, the Web, and Intranets. Tivoli's net.Commander also provides enterprise-management functions for Intranet application environments. The Tivoli net.Analysis module probes the usage of Web sites and is tightly integrated with Tivoli net.Commander.
A related issue is the use of Web browsers as alternate front ends to enterprise-management tools. Not only are all users getting accustomed to browser-like interfaces, but it is very convenient for an enterprise-management staff member to check the systems from home using a Web browser, especially after hours or during weekends.
BMC's PatrolWatch Console module for Web browsers provides secure "anywhere, anytime" remote access to view the status of the managed environment across the Internet. This interface can be customized and configured through the Patrol Developer Console.
With Platinum's Apriori Hands-Free, you can perform self-service problemsolving via the Internet. It provides a 2437 user self-service directly from a home page or via email.
Tivoli's Internet Enabled TME resulted from the inclusion of Internet browser and Web server software in future versions of the TME. Various enterprise managers can each have their own, tailored management interface based on Internet browser technology.
In a distributed database environment, a number of other complications come into play. The data objects can be partitioned across the various databases, where each object is only placed in one database; alternatively, the database objects can be replicated, so that one database object (such as a particular table or stored procedure) is placed in a number of different databases. The enterprise-management tools must be aware of these distribution and replication issues. When you start managing the actual data contained in the databases, the same problems arise but on a much finer level of detail. With data management, additional complications such as data ownership and data-access rights based on the data values must be resolved.
With the increased publication of database data on the Web, security control also becomes more complex. So-called statistical databases contain sensitive information concerning individuals, but you want to publish macro statistics from these databases on the Web. The problem is that by selectively using the appropriate statistics, you can deduce sensitive information about individuals.
BMC's Patrol suite of products covers application, messaging, middleware, and operating-system management. However, BMC Software also provides an extensive set of tools for database management, which can be used on CA-OpenIngres, IBM DB2, IMS, Informix, Microsoft SQL Server, Oracle, and Sybase SQL Server databases. These include tools for recovery management, altering databases, fast loading and unloading of data, log file analysis, and performance monitoring and tuning.
Apart from BMC's products, none of the other enterprise-management tools really addresses the database management issues in sufficient detail. Granted, they do address backups, security controls, and other related management issues, but they do not really cater to the management of the individual database objects. However, note that there are many DBMS-related tools for database object management. But again, the enterprise-management team needs this functionality to be tightly integrated with the other enterprise-management tools.
However, this challenge is a moving target. As technology and its uses continue to evolve, most organizations are using heterogeneous and distributed databases for OLTP and DSS or data warehousing applications. Management tools must address these complex environments properly to be useful. As DBMS vendors embrace parallel-server technologies, users are creating very large databases of several terabytes in size, and in particular, very, very large data warehouses. Apart from the size issue, warehousing introduces complex mappings, transformations, and migration paths between the source and warehouse databases and sometimes from the warehouse down to departmental data marts. Ideally, the enterprise-management tools should be aware of these issues, because they must monitor and control these processes as well.
Although some of these enterprise-management tools are addressing the Web with Web-enabled tools, Web access-monitoring tools, and tools to distribute software across the Web, we must look at it from a database point of view. If you publish the data from your databases directly on the Web, instead of having a handful of users you now suddenly have an unlimited number of users. The access requests of these thousands of users must be controlled in such a way that access to the database is still secure and consistent but does not become a maintenance nightmare for the enterprise managers.
