Recently in BSM Category

Sometimes ingenuity leads to alternative uses of new products in ways the original designer never imagined. The classic business school example is 3M’s Post-It note which was originally conceived as pressure sensitive adhesive – a novel idea with few practical uses until someone slapped the adhesive on a piece of paper and found utility in a reusable bookmark. 

As a follow up to my recent post titled “End User Experience Monitoring as lynchpin for BSM,” I spoke with Eden Shochat, CTO of Aternity, to learn more about their offerings in this space and discuss unique contributions they could make as part of a larger BSM strategy. For those who aren’t familiar with them, Aternity provides a new class of Application Performance Management software via its Frontline Performance Intelligence Platform.

An excerpt of our very interesting discussion is presented below:

Abbas: I’ve described the role that EUEM solutions like Aternity’s Frontline Performance Intelligence play in the context of BSM, but what is unique about your technology in this area?

Eden: Aternity’s Platform fuses application, desktop and user performance monitoring with real-time business intelligence. This approach generates the most accurate and comprehensive user experience information from multiple levels of the network and application stack on the end-user machines (physical or virtual). By combining this unique data with correlation, clustering and anomaly detection analysis algorithms, Aternity’s Platform is able to perform preemptive problem detection, usage & usability analysis, fact-based capacity planning and activity-oriented compliance. 

It seems inevitable that IT budgets will face greater scrutiny as the global economy comes into question. After all, if increasing corporate costs and slowing or uncertain spending impacts revenue, then budget cuts will become a fact of life in the quest for profitability.

Proven cost-reducing IT measures (i.e. layoffs and investment cuts) will be no-doubt be adopted, while less traditional areas like SaaS, virtualisation and outsourcing should all flourish even more from this turn of events. Indeed in its recent “The State Of IT Services: 2008”, Forrester reported that while budgets have been slashed, demand for outsourced services remained high.

However IT is done, whether in-house, in the cloud or otherwise, it needs to be done with minimal cost. But while hardware and software costs have consistently fallen throughout ‘IT history’, operational costs like salaries have consistently increased. One benefit of business service management, is that it automates time-consuming processes like root cause analysis and it can project the potential effects of change on IT services. The attraction of such automation becomes particularly apparent when considering the looming squeeze on budgets as it presents a clear way of circumnavigating the predicament.

What is clear about this period of economic uncertainty is that businesses are demanding even more transparency over IT, both in-house and outsourced and IT downtime is likely to be scrutinised at a far higher level for far more firms than in the past. With IT downtime presenting potentially business-threatening cost, IT operations will increasingly find themselves mandated to take a more strategic approach to preventing downtime.

For example, in one session on CMDBs, in excess of 50% of the audience (by show of hands) said they were currently implementing a CMDB. Two-percent admitted they were on their second try having failed the first time around. No surprise integration was routinely cited as the main culprit and that’s an area Managed Objects has certainly mastered.

StackSafe has posted some notes from the show here – and we’d like to offer some bits and bytes – mostly paraphrases – as well:

>> Congratulations to Cindy from Hallmark (photo nearby) who won our Wii raffle.

>> IT is good at measuring performance, but poor at measuring quality.  A help desk that aims to solve 60% of incidents on the first call is really just encouraging staff to close a ticket with a poor answer and reopen a new one with another call. – Malcolm Fry, “CIO and the 366 Degree Circle”

>> Roughly 10% of the audience raised their hand when asked “do you know what BSM is?” – Lisa Erickson Harris, “BSM and Best Practices, Elevating the Role of the Service Desk”

>> IT investments will continue to grow, but they must either produce cost savings in the supply chain or improve the customer experience – Charlie Feld “Enabling 21st Century Business Model with IT”

>> A well run IT department is like air – it’s taken for granted. – Dennis Ravenelle, IT Service Continuity Management, Where do I start?

>> “An inaccurate CMDB is worse than no CMDB.” – Richard Peasley, Building Decision Support Systems that Work

- Abbas

Jason Stamper’s recent blog post “10 best technologies to beat the downturn,” highlighted some ideas for IT professionals to streamline budgets by using affordable technology rather than cutting back on IT resources. The economic downturn potentially represents a great threat to IT -- yet to businesses which are dependent on IT (and this is increasingly the case); any unexpected or ill-conceived cuts to IT resources may have a profound and adverse impact on IT services.

Business survival, particularly in certain sectors, will necessitate cost-reduction; one of the quickest ways of realising such an objective is by reducing workforce. This puts a greater strain not only on the people who remain, but also on the quality of the IT services. Because of the business’ increased dependence on IT, a drop in service quality in today’s environment will likely result in more severe business impacts than in the past.

Consequently, many quick cost-cutting fixes to the ICT infrastructure may prove more attractive than worthwhile. To truly understand how to reduce cost, IT professionals need to change their approach more fundamentally and adopt a service perspective. Rather than buying seemingly cheaper hardware/software for their network or laying off staff, IT leaders need to focus on how the different parts of IT relate to service and what value those services derive so that the consequences of decisions, particularly in terms of business impact and potential risk to quality of service are always thoroughly understood.

Only then will they be in a position to identify the areas worth investing in and reduce spending to others accordingly. To put it simply, when they understand what tools they have in the box and can map the dependencies of their IT machine, they will be well placed to be that ever-beneficial step ahead of the CFO. As one author opined, “Careful With That (IT) Axe, CFO!”

- Jim

Some time ago I was working with a customer who was new to his organization. His sole responsibility was to administer Managed Objects software – and was tasked with modeling his business’ most important services.

It might defy expectations, but this new hire was made responsible for modeling the service dependencies for an organization he knew little about. We worked together for about a week and I like to believe I gave him a lot of good advice and training. Consequently, he wasn’t exactly humored at the quantity of work that lay before him, but he gotten some good ideas on how to begin.

About a year later, I spoke with him again and to paraphrase, this is what he told me:

He was viewing his Managed Objects BSM operations console and saw a critical problem -- one of their Oracle servers had thrown a critical error. He walked over to the network operations center to see what they were doing about it.

In response to telling the ops guys that Oracle was down on one of their critical apps, he received blank stares.

“Huh? No, Oracle isn’t down, it all looks okay.”

And then just as the ops people were saying as much…they saw he was right. There was an error. Their question to my customer was, how did he know that, and more importantly how did he know that before they knew?

The answer is simple: he asked the hard questions about what the service dependencies were and then was able to model them. He didn’t model every service, but he modeled the important ones.

He asked questions of managers, operators and developers. He read standards. He pieced together information to develop a picture of how the systems work, and then going back and asking more questions. In context, and against some fairly tremendous odds, my customer pieced together how the key systems they monitored actually worked.

This story is cliché amongst my co-workers. They all have had instances where customers have related similar experiences and seen it themselves.

- Tom

I get to have some very interesting and varied discussions with people interested in BSM. They generally start off with a high level strategic goal for their IT organization and go from there. A common theme that’s emerged in a large percentage of them lately is the topic of Application Performance Management (APM) and its relationship with BSM. More specifically, I’ve been spending a lot of time talking about End-User Experience Monitoring (as a subset of APM) as a key element of IT management strategy.

The most important factor when organizations look towards End-User Experience Monitoring (EUEM) technologies is of course that user experience is the ultimate success criteria by which IT services should be evaluated. If I could provide highly responsive application services that were always up and running, what else could be expected of me? The end users would be happy and the lines of business would be realizing the value of their application investments. The underlying technology at that point becomes largely irrelevant. Whether the applications run in corporate datacenters, are hosted by a 3rd party, run in a cloud, or are 100% virtualized, it just doesn’t matter. I am of course oversimplifying the matter by focusing on performance and availability of applications, while leaving out other elements such as security, but, for the sake of discussion, let’s stick to performance and availability for now.

The benefits for having an EUEM solution in place are obvious:

-- Instead of waiting for the phone to ring at the IT Ops Help Desk, you are proactively notified about application failures and brownouts (“this application is so slow!”)
-- Is the reported issue real; is the application really slow or is it performing the same as it always does?
-- Quickly get a handle on the scope of an issue; how many users impacted, which locations, is it all applications or just a few, etc.
-- Get initial diagnostic information to start the triage process; who gets called into the war room? Visibility always sounds great, but I always like to ask – “Have you considered the downside of total visibility into end user performance?”
-- Issues that previously went unreported will be obvious on the chosen EUEM products reports – If an application performs slowly and no one calls it in, was it a real problem? The answer is now Yes, whereas before the EUEM tool, it never happened.
-- Don’t be surprised when you hear talk about establishing internal service level objectives for performance, availability, and MTTR not for IT infrastructure elements, but End User Experience.
-- How well equipped are you to handle an increase in the number of events that need troubleshooting?  Now that you know every time an app fails or is slow, how quickly can you figure out WHY it happened?

This is where the BSM discussion starts to come up organically (unless it was the starting point, of course). Having a defined service model in place for the key applications & services that IT provides to the business is key to the WHY side of the EUEM equation. We talk about having a BSM implementation that ties together the best of breed End-User Experience Monitoring solutions, Service Desks, Fault and Event Management solutions, Element Management platforms, IT infrastructure performance monitoring tools, and other types of products to build a complete strategy for IT and Business Operations. Integration discussions quickly follow but that is a topic that has been covered extensively in other blog posts (but if comments suggest it’s time to revisit the topic, we certainly can).

I often wind up talking about specific types of EUEM technologies and vendors because of my background in this space (see full disclosure below) wanted to capture some of those discussions in a series of posts. First off, I generally group EUEM tools into one of three categories:

1. Passive monitoring systems

    -- Generally appliance offerings which capture and analyze IP packets to provide insight into End-User Experience of a wide array of applications
    -- May have specialized analyses for standards-based apps such as Web, Voice, and Video
    -- Deployment is usually at datacenters or wherever the applications are hosted
    -- Vendors providing solutions in this space (in alphabetical order):
            -- CA’s Wily Customer Experience Manager (via Wily)
            -- Compuware’s ClientVantage (via Adlex)
            -- Coradiant
            -- HP’s Real User Monitor software (via Mercury Interactive)
            -- IBM Tivoli
            -- NetQoS
            -- Nimsoft
            -- OPNET Technologies
            -- Quest’s Foglight End User Management

2. Active monitoring systems w/ synthetic transactions

    -- In most cases this involves recording sample user activities (e.g. login, search for info, run report, etc.) and using deployed robot agents/appliances to replay them at varied intervals.
    -- Most frequently these solutions tend to be oriented exclusively towards Web apps, but there are specialized vendors that focus on large enterprise application suites such as SAP and Oracle.
    -- Generally deployed at user population centers such as campuses or representative locations such as selected offices in Europe or Asia.
    -- Market was pretty much created by Mercury Interactive (now part of HP) so they are the dominant player here.
    -- Some of the vendors in the passive monitoring space also have some active monitoring elements in their portfolio to “poke” the applications when users might not be utilizing their applications (after business hours, for example); other smaller vendors offer lower cost solutions when compared to the HP suite including Managed Objects’ own Business Experience Manager.
    -- For internet facing applications, services from companies like Gomez and Keynote Systems are great sources of performance data without having to deploy your own monitoring “robots”

3. End-user behavior monitoring & analysis

    -- A few of the passive monitoring vendors offer aggregate or high level data, but I tend to group solutions into this category that have detailed analysis not just performance, but also business analytics about user behavior.
    -- Some of the defining elements in this category include capture and playback of complete user sessions, tracking time spent on each page, click-through rates, and error or missing content identification.
    -- Solutions in this space are specialized by applications (e.g. Web, SAP, Oracle, etc.)
    -- Deployment can be a combination of appliances and software agents. 
    -- A few of the vendors in this space (in alphabetical order):
            -- Aternity
            -- Knoa
            -- Tealeaf

The list of players in the EUEM space is not comprehensive, just a short list of those whom I have some level of familiarity. Some quick Google searches or a call to your favorite analyst should turn up more.

I would like to explore this area in more detail and plan a series of follow up posts with topics such as: details about what information from EUEM solutions should be incorporated into the BSM fabric (Hint: it’s not just events); sharing field experience on deployment strategies that have worked & pitfalls to avoid; detailed coverage on specific vendors including strengths, weaknesses, integration details, etc.

If you have experience with any of the products mentioned, other vendors that feel should be mentioned in any of the categories, general feedback, or would like to have a one-on-one discussion on this (or other) topic I’ve covered, leave me a comment below.

***Disclosure: The author of this post, Abbas Haider Ali, held roles at OPNET Technologies and IBM prior to Managed Objects.

IT governance is a main motivator for corporate entities in their decisions to create compliant IT systems that include CMDBs. The CMDB is supposed to model (as closely as possible) a "vision of the truth" about those corporate entities’ IT systems. To that end I would like to discuss the governance of how a CMDB is constructed. By CMDB governance I mean: the performance, risk assessment and compliance of a CMDB to the actual true state of the IT system being modeled; I might also add to this the confidence in that CMDB as it relates to its accuracy in modeling the IT system.

How then are CMDBs constructed? The best way is to tie together existing data and complement that data with discovery tools and old fashioned data-entry. The latter may be done through the use of various scripts or the mining of databases that hold certain aspects of the system, but in large part these would be grouped under ‘formal methodologies.’

At this point the CMDB construction is already fraught with danger, for example holes in the data, or data that is inaccurate or stale. The confidence factor of such a CMDB may be quite low, which makes it rather useless. This problem is exacerbated by that fact that building it can be a very time-consuming and difficult procedure. There is a very well known decision matrix called the ‘Impact/Effort’ matrix. The idea is that if an activity has a high effort, but a low impact, then that activity is not worth doing.

This is a major problem in creating a useful CMBD. What to do?

Well, before I attempt to answer that question, let me introduce a different way that CMDB’s can be created: social networking tools.

The idea is that the IT systems knowledge (at least on a high level) is contained in the heads of many human beings. The raw data can be managed by the discovery tools and formal tools, but the structural knowledge and ability to correct or fill in knowledge requires constant, dynamic human intervention.

That’s why tools like Managed Objects myCMDB that allow ‘Wiki’ like intervention into the construction of a CMDB are so useful. This works by taking the view that the CMDB is a dynamic living entity that never really attains a static ‘state of truth,’ but instead has major portions that are basically static, and ‘outliers’ that are being dynamically changed as network needs change, as virtual machines are created and destroyed, and as complex applications go into and out of existence. The truth in a complex IT system is a living, breathing, and most importantly, changing beast. This is why the traditional methods of creating a CMDB always seem to end up with something that is out of date with the real thing.

To make sure that the data is maintained in the CMDB correctly, a ‘governance’ policy needs to be instituted between the ‘gathering’ of the data, and the ‘structuring’ of the data within the CMDB itself. Obviously there will be many things that can be instituted as boiler-plate within this policy, but there will be many aspects of this policy that will be unique to the corporate entity that is instituting them. The policy is itself stored within the CMDB which introduces an aspect of feed-back that will help to tailor this policy to better capture and structure the dynamically collected data that ultimately forms the CMDB model.

The feedback loop is essentially a human interaction activity and could be compared to idea of domain experts who edit an encyclopedia (or a Wiki).

These experts examine the current structures of the collected knowledge within the CMDB to the real world, and modify the policy so that the collection and structuring of data more closely fits with, and changes with, the real world. The ultimate hope is to get to a policy that produces the closest possible CMDB model to the real world.

As the policy improves within the enterprise, the confidence factor rises and, of course, the usefulness of the CMDB within the enterprise also rises.

- David

• Poor application performance translates to lost revenue, research shows
  (tags: application performance)

  
  
• Technobabble: analyst twitter index
  Who's who of analyst tweets
  (tags: social networking)
  
  
• IT Automation – All the Things We Are Talking About
  (tags: IT alignment)

  
  
• BSM in the Clouds
  Doug McClure on BSM and Cloud Computing
  (tags: BSM Cloud computing alternative delivery model)
  
  
• Inside the CIA's Extreme Technology Makeover, Part 1
  CIO Magazine uncovers the CIA's secret to IT and busienss alignment
  (tags: BSM IT business alignment)

Sometimes people learn to live with pain. The pain may be real, enduring and chronic but people choose to ignore the pain -- which isn't the same thing as making it go away.

I was speaking with a prospect recently about our BSM solution, and though after listening carefully to our presentation this person’s first reaction was "we just don’t have the pain" to drive this sort of initiative. However, as conversation evolved, we began to uncover that not only was this organization living with pain -- the pain was in fact excruciating and had a direct impact on the highest levels of IT leadership. They had in effect, chosen to ignore the pain. Here’s the story as conveyed:

We have a heterogeneous IT management environment. Our tools report silos of information that must be manually correlated to understand the overall health of the IT infrastructure. As such our users usually provide IT with the first indication that there is a slowdown or outage. For example, a user in California will call the helpdesk in New York to report that an application is running slow.

Upon receiving the call, IT looks at their tools, but the screens are all reflecting green: IT can’t see the problem. Frustrated their issue isn’t being resolved, the users begin to assume IT isn’t worth their salt, and consequently stop calling to report incidents or problems.

Later our CIO goes on a company-wide townhall tour, to visit users and better understand how IT can support the business. He’s taken aback when he gets blasted by users during a meeting (ambush?) at the California office because the PeopleSoft application has been running slow for weeks.

Determined to get to the bottom of this issue the CIO returns to the office with this anecdote and thoroughly questions his staff. "Why wasn’t this problem addressed?" he demands, noting how critical the application is to the business. "No one reported the incident," is the response.

This is a quintessential business case for BSM if I’ve ever heard one. By integrating those existing IT management tools, BSM can consolidate those silos of information and link the underlying infrastructure components to the service being provided (in this case a PeopleSoft application). The benefit of doing this has been proven time and time again: IT will be able to rapidly determine root cause of incidents and problems, often before their customers are even aware, and dramatically reduce the mean-time-to-repair (MTTR). This supports the overall organization’s maturity to move from a reactive to a proactive IT organization. Why not eliminate chronic pain instead of learning to live with it?

As for my prospect, well, we have a second meeting soon and the CIO will be involved.

- Randy