Enterprise IT shops are getting serious about winnowing the tools they use for network capacity planning, monitoring, event correlation, configuration management and more.
Network executives are making strides in their ongoing efforts to reduce network management tool sprawl, but there’s still plenty of room for improvement on the road to a consolidated, platform-based toolset.
Nearly two-thirds of enterprises (64%) in EMA’s Network Management Megatrends 2020 report indicated they use between four and 10 tools, and another 17% use more than 10 tools. And that’s just the tools that companies will admit to.
In the same way that individual business units go out and acquire their own productivity applications without telling anyone (shadow IT), network managers have their own bags of tricks, which include open source tools as well as tools developed in-house. The true number of tools in a large enterprise, if you include every advanced script written in-house, could hit triple digits, suggests Mark Leary, research director for network analytics at IDC.
The problem is that having a patchwork of multiple, siloed tools can be expensive and leads to “fragmented workloads, inefficient data collection and sharing, and difficulty in escalating problems,” according to EMA.
Network execs have gotten the message. The number of enterprises using 16-20 tools to monitor and troubleshoot their networks dropped from 8% to 5% between 2018 and 2020, and those using 11-15 declined from 12% to 9%, according to EMA survey. The sweet spot appears to be 4-5 tools, with 41% of respondents indicating that’s how many separate tools they’re using, a significant uptick from 25% in 2018.
When asked about their purchasing strategies, 35% of respondents said the goal was fully integrated, multi-function platforms, while only 27% cited best of breed from multiple vendors. However, the EMA report also notes that “for many companies a unified tool strategy is an aspiration, not a reality.”
One major hurdle for network execs is that they are being asked to maintain uptime and performance amid the increasing complexity of the network, which now has to accommodate IoT devices, cloud traffic, SDN, SD-WAN, more people working from home, 5G, you name it.
All of these new demands fuel the temptation to acquire additional tools.
How did we get here?
You can’t fix a problem until you figure out the root cause. In the case of network management, the problem is that there are many tools that do one or two things really well but no tool that does everything well.
There are tools that discover and map the network. There are tools that monitor network traffic. There are tools that troubleshoot. Tools that perform root cause analysis and event correlation. Tools that focus on configuration management and change management. Tools for application performance management. Tools that do capacity planning.
“There are tools that do multiple things, but they still don’t do everything,” says EMA analyst Shamus McGillicuddy. Not only that, each tool has its own strengths and weaknesses. “Maybe your configuration tool can do basic flow analysis, but then maybe they don’t have change control. If you want to do configuration management in a more sophisticated way, or the tool doesn’t scale, maybe you buy a second flow monitor tool that scales more.”
Then there are dozens of open source tools that are tempting to download because they’re free. “I’m not getting everything I need from what I have, so I’ll just download an open source tool,” McGillicuddy says. The downside is not only lack of integration but also the time and effort it takes to patch and update the open source tool.
Leary adds that one of the major trends in networking is that network managers are becoming programmers, building their own tools in order to automate specific network management functions. The proliferation of custom tools only exacerbates the problem in the long run.
What you can do
There are several best practices and guiding principles to help organizations consolidate and optimize their network management toolsets.
- Conduct an inventory of vendor, open source and in-house tools. Try to identity overlap, tools that may have been used by a single network manager who may have left the company, cases in which two network engineers each use their pet tool for the same functionality, or where a redundant tool is being used only as a backup.
- Consider timing. Once candidates for consolidation have been identified, the best time to make a move is when licenses are expiring or when vendors come out with a new version that might have additional functionality, allowing the organization to eliminate even more tools.
- Look for platforms, not point products. Identify vendors that are putting together a broad suite of integrated tools.
- Identify vendors that are building a cross-vendor ecosystem. Before doing business with a vendor, ask them to walk you through the ways that you can take data from their tool and integrate it with data from other vendors on a single management platform.
- Set up formal best practices and processes for managing the toolset.
- Look for ways to consolidate toolsets across other IT groups. Consider tools used by security and DevOps, for example.
- Automate as many processes as possible.
- Consider data-sharing and correlation capabilities. Look for vendors that enable their log data to be consumed by AIOps tools that use machine learning to perform event correlation and other network management functions.
Consolidation is an ongoing effort and takes time, training and planning. At Guardian Life Insurance, it took more than a year for the company to replace six disparate tools with the SaaS-based Zenoss platform.
Guardian slashes costs, improves cross-IT tool integration
When Avronil Chatterjee arrived at Guardian as technical manager for enterprise monitoring five years ago, he encountered multiple point solutions, decentralized monitoring by the network team, and a lack of correlation among the networking, server, security and application development teams.
He began investing in agent-less systems that could help the company monitor and troubleshoot its network of more than 1,000 network devices and more than 4,000 servers in both on-premises and cloud environments.
Chatterjee settled on the Zenoss platform. “We were looking for one platform that could do it all,” Chatterjee says. He is using Zenoss for network monitoring, application performance management and event correlation.
The move enabled him to slash his $1 million annual licensing expenditure for network management tools by 70% right off the bat. “That was a pretty big win from a cost perspective,” Chatterjee says.
But the consolidation is paying dividends in other areas as well. Operational efficiency is much better, he doesn’t have to manage relationships with as many vendors as before, and he doesn’t need as many staffers to manage the tools, so he can cross-train his team to perform other tasks.
Of course, no large enterprise can get by with only one tool. While the move to Zenoss enabled Chatterjee to replace some legacy HP networking tools, plus several additional point products, he is streaming security and application log data into a tool from Splunk for advanced performance and capacity planning.
He is also using AppDynamics for application performance management, particularly when it comes to optimizing the response time and overall performance of the company’s ecommerce site. And he is using an AIOps tool from Resolve in order to increase IT automation and orchestration.
Chatterjee says the transition entailed “a lot of heavy lifting.” One aspect of the transition was training staffers. “Change is always difficult, and there was a little bit of apprehension. It took some time for users to get comfortable with the new tool and really get on board. But it worked out well,” he says.
The plan was to roll out the new system in “phases and waves” with a combination of soft launches, as well as operating the two systems in parallel for a period of time. Looking ahead, Chatterjee says his goals are to increase the level of automation and to introduce natural language processing so that senior managers can ask an answer-bot “who are the top talkers?” rather than have to navigate dashboards, menus, and command lines.
Consolidation becoming even more imperative
While it would be ideal to get down to one magic tool that can do it all, realistically enterprises will continue to have multiple network management tools for the foreseeable future. McGillicuddy says companies shouldn’t get too hung up on the number of tools. Instead, they should focus more on getting the best functionality from each tool and making sure that tools are integrated within the networking team, and, if possible, across security, server, DevOps and other groups.
“While EMA advises a consolidated approach to network management, large toolsets are not necessarily a harbinger of doom. However, EMA believes that enterprises with large toolsets can find opportunities to integrate those toolsets for unified workflows and better integration,” McGillicuddy says.
Leary points out that one of the lessons learned from the current pandemic is that network teams need to be ready for anything that comes along that could significantly alter network traffic patterns.
Toward that end, network managers should look for products that can do more than one thing, products that provide automation, that are part of a larger platform and that have the ability to provide a common set of data points in order to enable analysis of that data, Leary says.