Why SMB Tools are Inefficient for Managing Enterprise Networks
Your network is growing, and the business is demanding that you operate it more efficiently. What do you do? Well, one thing for certain is that you can’t rely on inflexible, framework legacy network management solutions that are really a collection of multiple, disparate products and require you to re-architect your system to make any significant changes.
And that so-called single pane of glass is not a real integration. It’s simply a pseudo consolidation of many tools that replaces swivel chair management with the alt-tab kind. So now what?
Low-End Network Management Tools Aren’t the Answer
Some low-end network management vendors say you should use their tools, which they claim are affordable alternatives to legacy solutions that force you into buying features you don’t need, are overly complex and too expensive. But that just confuses fewer features with efficiency when the real sources of efficiency in a network management solution come from an agile architecture that can respond quickly to change. It does not come from cutting features or buying a bunch of tools with a low initial price tag.
The problem with both legacy systems and network management systems meant for small to medium sized networks is that they are both based an old-style model of network management that relies on networks being largely static. This is out of touch with the dynamic nature of today’s IT environments, which need solutions that can rapidly adapt to changing requirements and advanced technology, are highly automated, and can scale efficiently.
In the sections that follow, we’ll take a closer look at why SMB solutions are inefficient for enterprise-class networks.
You have a limited number of staff members to manage the network and a shrinking pool of skilled personnel for hire. For these reasons, automation of most tasks is essential for operational efficiency.
Lower-end tools require you to manually control individual device settings, touch off reports, and load information into them. When you have a network of 10,000 devices this is not an option.
Although some SMB products may seem to be highly automated, it’s important to ask detailed questions about the level of automation they include. For example:
- Is it necessary to go into each device and individually select the ports to monitor, or does the product do full auto discover of all ports by default?
- If the product includes auto update, do you have to manually rescan to re-discover devices? If not, maps and inventory cannot be trusted because they won’t automatically pick up changes.
- Does the product ask the user to manually relate devices to each other to attempt to define some root cause logic? If so, is that really workable when there are 500 or more devices?
- Does the product include out-of-the-box features such as predefined rules for avoiding event storms?
- Can you easily create custom filters to help you quickly identify problems that are most important for your environment?
- When an event is raised can you quickly drill down to detailed information?
- Do you need to enable event generation on a port-by-port or metric-by-metric basis? If so, the event system will not scale. The metrics needed to assess the health and well being of the network should be monitored by default, and events warning of problems shouldn’t need to be configured.
- As you scale to enterprise level you will need a network management system that automatically tracks your network inventory and topology, filters and make sense of events, determines the root cause of problems, monitors and alerts on performance issues, and automatically runs regularly scheduled (and previously defined) reports.
To cover a barely sufficient amount of the requisite management functionality of an enterprise, SMB solutions require multiple products, each of which has its own requirements for installation, deployment, management, scaling, and so on. These products must be manually integrated (if possible) and each requires its own database (and maybe its own server), which the customer must provide at a separate, additional cost.
Adding new functionality means adding yet another module that must be integrated. In addition, each server requires backend deployment, including setting up a web server and a separate database for each product. This creates even more work, more costs, and more complexity when trying to scale (see scalability section below).
Finally, beware the so-called single pane of glass. Products that offer this introduce even more inefficiency as this is simply a pseudo consolidation of many tools and is yet another product that you must integrate. In reality, there is little to no integration between the products and very few features for viewing different kinds of data side-by-side or in context with each other. As a result, it may be necessary to log into different consoles to get to information collected by each product.
The bottom line is that multi-product architectures don’t adapt quickly to change because they’re simply not designed for it.
- Do you need to restrict polling to only the most important ports? This is necessary on some SMB products as the polling engines cannot cope with the number of ports in an enterprise network.
- Does the system show a flurry of undifferentiated alerts, or does it show object dependencies so you can find the root cause?
- Is this a “red light / green light” tool listing hundreds of devices’ reachability one after another, or does it incorporate root cause analysis, “separating the smoke from the fire” and identifying the causative device, not the downstream affected ones.
Data Collection Approach
A sure sign of a “departmental” tool attempting to pass itself off as an enterprise solution is when it implements distributed polling in order to scale.
Server capacity is scaled by adding distributed pollers with each sharing a portion of the overall CPU load. But any network monitoring architect can tell you that the bottleneck in infrastructure management is I/O to the database. Having multiple pollers simultaneously send data back to a single data store does not solve the issue but can exacerbate it.
Distributed Polling Increases Bottlenecks at Both Data Collection and Storage
Unable to Scale to Enterprise Level
An enterprise network management system must be architect-ed to scale easily and without limit. As discussed, multi-product solutions are difficult to scale due the varying requirements of each product. Other features of the architecture that affect scalability are data collection approach and server capacity.
Other risks include:
- Single point of failure: If the central database fails, the ability of polling servers to collect data will be impacted.
- WAN link failure: A failure of a WAN link between remote pollers and the central data store will cause loss of data.
- Expensive WAN links: If data is sent to the central server over expensive and/or low capacity WAN links then pricey upgrades to these links may be needed.
- Lack of real-time data: If the remote pollers simply gather data and forward it without real-time analysis, the benefits of immediate notification of anomalies are lost.
A true enterprise class solution distributes not only the polling but also the data storage. These multi-server solutions allow each server the visibility to the data stores of the other servers and therefore can scale infinitely. This is an architecture designed from its inception for enterprise computing.
An important consideration when scaling the network is whether there will be any loss of network visibility. Specifically, when expanding network coverage, what adjustments must made to the polling frequency to increase server capacity and how much coverage is lost?
SMB tools typically use servers with capacities that max out at a low number of polled objects* (for example 1,000) before the polling interval must be lengthened. Furthermore, the default interval may already be infrequent. For example, it is not unheard of for an SMB solution to use a default polling interval of 10 minutes for a device and 9 minutes for an interface.
Good data is the source of value of any network management system. The quality of data is affected by many aspects of a network management solution, including integration of functional areas, techniques and technologies used to monitor and analyze traffic, level of automation, and data collection method.
Integration of Functional Areas
The lack of integration between tools in an SMB suite lowers the value of data because it cannot be seamlessly shared and displayed back in a sensible, valuable, and easily digestible manner. Each area affects the others, and the ability to understand data from each area side-by-side makes a difference for understanding the network holistically.
For example, performance can be affected by faults and faults can be caused by changes in inventory. If this information is not fully integrated, management will be swivel chair/alt tab style, and analysis and correlation will take place in the network administrator’s head. This is hardly sustainable for a network with hundreds or thousands of devices, and inevitably, important insight for the business will be lost.
Techniques and technologies used to monitor and analyze traffic
Due to their size and complexity, enterprise networks require techniques and technologies for monitoring and analyzing traffic beyond what is offered by SMB solutions:
Traffic Segregation: Larger networks incorporate techniques and technologies required to segregate traffic and scale operation. Advanced routing protocols are an example. The use of BGP, EIGRP, IS-IS and other routing protocols, MPLS VPN tunnels, and more are commonplace in an enterprise network. SMB tools typically are blind to these protocols and can say little about them. An enterprise class solution is very aware of their use and makes insight into their deployment transparent.
Enterprise class networks require an established vendor support structure with expert level support staff that provide personalized attention, resolve problems quickly, and value customer input.
One way that vendors of lower-end products keep acquisition costs low is to use forums and expensive pay-as-you-go support, which place an unnecessary burden and risk onto customers. This is another way in which expensive ongoing operational inefficiencies are uncovered over time and in retrospect make the product acquisition price seem less than a bargain.
A 5-minute interval is standard for an enterprise solution. Although an SMB tool might let you manually configure the interval to 5 minutes it would require re-engineering the system, and why do that when a good network management system will do that for you out of the box, with in-depth, comprehensive visibility across the network?
The Truth about Customizable Polling
Some SMB vendors claim that customizable polling is primarily used to achieve sub-minute polling for important interfaces. In reality, it’s used to “ratchet back” the polling in an attempt to scale the network size.
Finally, some SMB tools require users to set the polling intervals for each device. This assumes that the network is small and that this manual process is achievable. No network engineer can possibly manually configure the polling intervals for a network of 5,000, 10,000, or 50,000 devices. Enterprise solutions recognize that administrators of large networks require the solution to make smart decisions for them.
*The term “objects” here refers to a physical or virtual port.
IP SLA: With smaller networks, there is less concern about data latency. Not so in larger networks. Some SMB solutions may offer an IP SLA “tack on” module, but the information it provides is not integrated into the various disparate network management tools. An enterprise solution incorporates IP SLA knowledge into the core solution.
QoS Monitoring: Larger organizations also often implement port-level QoS, which requires specific techniques for its monitoring. QoS configurations can be dauntingly complex, and any monitoring system destined for enterprise deployment must be capable of automatically understanding and applying suitable monitoring without operator intervention if it’s to be useful in a practical sense. Effective QoS configurations require tuning, which is impossible without the appropriate feedback. A good enterprise network management system will provide this as an integral capability.
Unlike legacy and SMB network management solutions, Entuity is designed with contemporary network environments in mind where fast, continual change is the norm. Entuity is not a collection of products bolted together—it’s a single software product with all the core functionality you need to run the network in a lot less time, including:
- Auto Discovery and Inventory
- Live Topology
- Events Management
- Root Cause Analysis
- Configuration Management and Monitoring
- Seamless and Infinite Scalability
- Elemental Performance
- Integrated Application Flow
- Customizable Reporting/Dashboards
- Integrated Virtual/Physical Management
- Cloud Support
There is no need to integrate the various functions or to reintegrate them on upgrade. All parts, including an embedded database, work together straight out of the box. This makes it easy to install, customize, operate, and maintain, and lowers total cost of ownership to a fraction of the cost of other products. These functions share a common set of data, leading to minimal duplication, increased performance and scalability, seamless integration between all features, and deep insight about the network.
With Entuity, you get all the enterprise class capabilities you need to efficiently manage your network over the long haul where most cost savings are realized:
|Unified Architecture||Single software product with all core functionality (including database) needed to run the network at a fraction of the cost of other solutions.|
|Ease of Use||Layer of abstraction shields users from the complexity of installation, integration, upgrading, scaling, and day-to-day tasks.|
|High Automation||Highly automated with features such as: automatic install of web services and database; fully automated discovery and auto update; out-of-the-box (and configurable) event filtering; and scheduled reports.|
|Easy, Unlimited Scalability||All core functions have identical demands of and connections to the architecture. To scale, simply add instances of the all-in-one server.|
|No Bottlenecks||Collects and stores data locally to prevent bottlenecks and reduce risk, allows fast access to accurate data, and helps control WAN line costs.|
|Advanced Reporting||Includes enterprise-class reports for performance, capacity planning, managing maintenance contracts, executive reporting, and more. Plus over 100 out-of-the-box reports, custom report building, and custom dashboards.|
|Meaningful, Accessible Data||Allows seamless data sharing between functional areas, provides deep performance and flow metrics, and enables easy data export for use in third-party applications.|
|Professional Support||Includes established support structure staffed by professionals—a necessity for enterprise networks. Lower-end tools typically provide forums, which have value but are no substitute for expert support.|
That enterprise networks will continue to experience rapid changes is a given in today’s IT environments. Operational efficiency then is a top priority if network teams are to keep up with business requirements.
While it’s true that legacy network management systems are expensive and inefficient, SMB solutions are not an effective alternative for managing enterprise networks because they:
- Use multi-product architectures, each with its own requirements for installation, deployment, management, scaling, and more.
- Offer limited automation, which means that things like the devices and ports must be manually input to be discovered and then manually re-scanned for updates.
- Are unable to scale to an enterprise level due to distributed polling methods and low-capacity servers.
- Produce shallow, error prone data, which is caused by a lack of integration between tools, low automation (which increases the likelihood of errors), and a central database that may not contain the most recent data.
- Offer only basic reporting capabilities that don’t help you uncover and analyze trends, and which are mainly graphing tools that offer little value over what already appears in the UI.
- Use unlimited licensing models on low-capacity servers that are monitoring devices with a large number of ports. This may lead to the server reaching its limit sooner than the device count associated with it.
- Do not offer professional support, instead using forums as a substitution or expensive pay-as-you-go support plans.
Unlike legacy and SMB network management solutions, Entuity is efficient by design—built to help dramatically reduce the complexity of network management amidst rapid change.
It’s extensible, agile, and unified architecture enables change to accommodate growth, scales without limit, and easily integrates with the larger IT environment. By shielding network administrators and users from the underlying architecture, Entuity simplifies management, dramatically increases operational efficiency, and lowers total cost of ownership.
Entuity takes the work out of network management. Our highly automated, unified enterprise-class solution puts deep network insight at your fingertips, frees IT staff to focus on strategic projects and easily integrates with major frameworks and networking environments. Entuity’s support and services teams are frequently praised for their rapid response, networking expertise and involvement in special engagements. Founded in 1997 by two senior-level IT executives from the financial industry, Entuity is headquartered in London with US operations in Boston.