Managing dispersed networks and attached devices can be costly
if you have to send staff out to make changes. So what can
ITdirectors do to minimise expense?
Managing IT systems can be difficult at the best of times, even
when all the equipment is within walking distance. When most of
your infrastructure resides at remote branch offices life can be
particularly miserable, both for the technicians who have to travel
there to configure and fix it, and for the staff who have to wait
for their systems to be repaired. The ideal scenario for companies
with scattered infrastructures is to manage it all from a central
site, without leaving the front door.
Not surprisingly, cost is one of the biggest concerns for companies
trying to manage networks and servers across a wide area. Apart
from the price of downtime at the remote site, the obvious overhead
is travel time. Installing an IT expert at a branch office is not
feasible for most companies because they would not be used enough.
But without them you will not have the local skills to troubleshoot
problems, and training in basic IT maintenance for staff with other
competencies is not the best use of their time. On the other hand,
sending staff from a regional office to fix problems carries travel
and staff time overheads.
There are several ways that this dilemma can be tackled. Rolling
out network and system management software to cope with branch
office problems is one way around it, although this will involve a
high degree of expertise and up-front investment.
The alternative is to outsource the management tasks, getting
someone else to look after the network infrastructure and the
equipment sitting at the end of it. In some cases it is possible to
outsource just one aspect of the infrastructure. For example, UK
router supplier Activator offers not only branch office network
routers, but also the management services supporting them.
Managing director Chris Hyde explained that the equipment is
designed to be remotely deployable without any IT expertise. Once
it is physically attached at the branch office, it connects back to
Activator's network using ADSL or ISDN and declares itself to the
company's distributed services system. After the router identifies
itself using a serial number, the system configures it according to
settings preprogrammed by technical staff.
Activator's routers can then network with each other via broadband
connections to create a wide area network. The company provides a
web-based portal system that customers can use to monitor their
network of routers, finding out which ones are available and
checking usage statistics.
If a router experiences problems, it can e-mail the relevant people
to report its status, and it can be configured from the head
office. This dramatically reduces the number of field visits by IT
staff, said Hyde. "The worst case we ever had was a customer having
to hit the reset button on the back of the equipment. If we have to
make a field replacement, we send out a man on a motorbike with a
new one."
Customers can either buy the router outright and pay for the
service on a yearly basis (at around £100 per year per router plus
the initial £500 cost for the equipment), or rent the equipment and
fold the cost of that into the management contract. The latter
would set them back about £40 per month per unit.
However, Activator focuses purely on the network equipment.
Companies dealing with a branch office scenario may have other
concerns, such as the management of servers, desktops and printers.
In November, Infonet, a telecoms company which provides
datacommunications and other network consulting services, launches
an outsourced network-management service called Firstwatch.
Bob DaGiau, vice-president of enterprise management services,
explained that the service will remotely monitor and manage
client-owned infrastructure, regardless of network service provider
or device supplier. Firstwatch covers four categories: network
devices, security (the management of security appliances and
firewalls), servers and IP telephony management.
Users can buy seven levels of service, ranging from basic remote
monitoring and full medication all the way up to the top level
which includes engineering advice, change management and problem
management. At the top level, Firstwatch will liaise with equipment
suppliers on a user's behalf to resolve a problem.
The seven levels of management are particularly important to
customers, said DaGiau. "It is all around out-tasking: enabling the
customer to choose which elements of the infrastructure will be
monitored and managed by a third party."
For those companies that do not want to outsource, however, there
are several issues to consider when it comes to managing remote
networks. "Before you even start," said Pete Nicholls, technical
director for the UK and Ireland for Cisco, "think about
consolidation." He hopes companies will consolidate multiple
services such as firewalls, intrusion detection and telephony into
a single branch office device.
"By having a particular service running on the box, you can take
other servers and pull them back to the datacentre," he said.
Taking Windows servers and storage back to head office and caching
file systems locally inside a single integrated network device, for
example, reduces management costs, he said.
While many branch offices currently have disparate devices, he
hoped that, five years after the millennium, many companies are
approaching the technology-refresh stage and will be ready to
consolidate.
Consolidation carries logistical relief because users only need a
single warranty, rather than different agreements for different
pieces of equipment. The other advantage is that pulling different
services into a single branch office network router can make
management easier, because more things can be managed from a single
environment by accessing the router directly. In many cases, it can
be done without having a separate management software platform,
Nicholls said.
On the other hand, even if servers are moved back to head office,
there will be many other Lan-based components that will need
support, such as desktop PCs and printers.
Companies such as Landesk Software, which offers a management suite
to help support products in remote locations, are eager to promote
the benefits of its software for taking control of far-flung
equipment.
Landesk's suite of tools also deals with the distribution of
software patches, explained Daniel Power, north European sales
manager for Landesk. "Getting patches out to machines as fast as
possible so that an environment is not at risk is becoming a
significant issue," he said.
The system, which includes a software client at the remote end of
the network, uses bandwidth throttling so that it will only use
network capacity to download patches when the target machines are
not busy sending or receiving traffic.
These network and server management techniques are all very well,
but what happens if a server goes down?
Trying to manage a server without a functioning operating system or
remote management client running on it presents its own
challenges.
However, there are some products to cater even for these
contingencies. KVM, originally used as a protocol for switching the
same keyboard and monitor between different computers, has been
extended to run across IP. The result is rather like a very long
set of virtual monitor and keyboard cables, extending between the
remote site and your desktop.
The advantage of this, explains CC Frinklin, product marketing
manager for KVM switch supplier Avocent, is that a user can control
a remote machine in its pre-boot state, changing Bios settings and
altering boot sequences. It is also possible to control remote
routers using the KVM switch, and even to create a remote VT100
session.
Avocent is now working to incorporate support for the Intelligent
Platform Management Interface (IPMI) into its next generation
products. IPMI, which is being heavily promoted by Intel, places
hardware diagnostic and monitoring capabilities inside the server
hardware.
Companies have used baseboard management controllers (BMCs) to do
this in their hardware for years, but the equipment has often been
proprietary. IPMI offers a commonly-accepted way to communicate
data about system voltage, temperature and other metrics to network
and system management software.
IBM is a big supporter of IPMI, said Rob Sauerwalt, global brand
manager for software and services within the company. IBM began
supporting IPMI in Version 4.2 of Director, its hardware-management
product.
The company has traditionally shipped its mid- to high-end server
hardware with integrated systems management processors - hardware
monitoring equipment that sits on the motherboard. It also ships
the same equipment on a card, called the remote supervisor adaptor,
which can even be fitted into its low-end servers.
"It is out there monitoring everything from memory, through
processes, to hard drives," he said. "We have also added predictive
failure analysis."
By watching for trends in individually insignificant hardware
errors, Director software can interact with the hardware monitors
and predict when a component will fail. Used in this way, IPMI can
complement other reporting standards such as SNMP, which focuses on
more generic devices, and CIM from Distributed Management Task
Force, which sits above IPMI in the reporting stack.
Sauerwalt is excited about the rudimentary autonomic capability
within Director software. Taking blade servers as an example, he
explained that putting a spare blade into a chassis at the remote
site gives a company's branch office the chance to take up the
slack automatically, should another blade fail.
Director's Remote Deployment Manager module can redistribute an
image to a remote machine, so if a blade fails, the software can
redistribute its workload among the other functional blades until
it has downloaded a new image for the spare server blade, he
explained. Then, staff at head office can cause lights on the
faulty blade to blink so that local non-technical staff know which
piece of equipment to pull out of the blade server chassis and send
back to head office.
The bottom line is that substituting technology for travel is a
smart move for companies with dispersed IT infrastructures. A
mixture of preventive measures, combined with fine-grained control
and good software update mechanisms, will go a long way towards
cutting travel bills and getting the far-flung corners of a
business network up and running, should things go awry.
Six of the best
Tips for remote network management success
- Consider outsourcing to take the strain off your IT department,
leaving it to plan and innovate rather than fight fires
- Consolidate. Pulling multiple services into a single box at the
remote site makes management easier
- Limit the potential for branch office staff to compromise
remote systems by installing proper access controls at the remote
site
- Centralise. Even when running thin-client applications from a
local server in the remote office rather than running everything
from central office, it can make management easier because there is
less to go wrong on each desktop
- Use hardware monitoring within servers, and ensure that it
interacts with system management software
- Be sure to allow for "out-of-band" control - if a server or
router goes down, users need to be able to control it using either
KVM or programmable boot sequences