What is our primary use case?
We use the solution for monitoring the HW and network infrastructure of several key corporate applications and network domains in an InsurTech environment.
A plethora of HW and network elements are monitored, including the infrastructure of the CRM, ERP, Citrix and Cisco systems, along with the ‘bubble’ DR environment.
The monitored infrastructure is mixed, and it varies from relatively old servers for file archiving up to the latest version of high-performance Intel CPU servers. The OS mainly consists of MS Windows and Linux versions.
How has it helped my organization?
The unified environment for monitoring all the HW and network elements by the same admin team independently of their vendor and version has been great.
It allows infrastructure admins to provide fast and accurate responses to events.
IT security personnel found it useful and easy to analyze potential network breach events and alerts further using data from the system.
The identification of infrastructure and network areas that generate a lot of events/alerts can be improved using the system's drill-down and reporting capabilities.
What is most valuable?
The most valuable aspects of the solution include:
- Accurate and descriptive presentation of the HW events/alerts
- Intuitively to use GUI
- Intelligent grouping for discovering correlations and propagating outages
- Identification of the affected services and functionalities (degraded/zero-level services)
- Event/Alert drill-down and statistical reporting capabilities
- Automatic generation of Netcool rule files with MIB Manager using SNMP MIB files
- Web GUI to be used on the field technician's mobile device
- Good system support by the vendor
What needs improvement?
The solution needs to invest in the development of a knowledge base and use of AI services for providing event resolution and intervention directions based on:
- The HW vendor
- The alert type
- The installed applications
- The server OS/VM type and version
- The interfaces between the various infrastructure elements
- The network topology
- The predefined event/alert correlation system rules
They need to enhance the system's capabilities to detect network security breaches based on the aforementioned knowledge base and AI services and the relevant network security architecture.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The system is very stable and well-tested.
Very large environments must account for potential performance issues if many alerts are processed (not filtered out). As usual, special considerations and infrastructure design is required for this case.
What do I think about the scalability of the solution?
The system is scalable even though we are monitoring the most critical applications and subnets for cost reasons.
How are customer service and support?
IBM has the support of good quality. Its support websites are very informative. The provided documents and product descriptions are well-written. We assume here that the key users of the system will be experienced IT admins.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We have used mainly Windows OS monitoring tools, but these cannot cover all types of HW elements.
How was the initial setup?
The initial setup was complex due to the different vendors and OS of the monitored HW.
For the same reasons, the UATs were also initially time-consuming.
What about the implementation team?
The system has been implemented by various internal admin teams and an external long-term IT partner that already supported most of the monitored infrastructure.
What's my experience with pricing, setup cost, and licensing?
If the various HW elements are from the same vendor, a monitoring solution provided by that vendor or its partners will potentially result in lower licensing and operational costs.
Moreover, for very large environments the buyers should estimate the total probe cost as a percentage of the total solution cost and compare it to other monitoring systems also.
What other advice do I have?
IBM Tivoli NetCool OMNIbus is a good solution for a sizable HW environment that includes a plethora of different elements. For this case, NetCool OMNIbus provides a flexible baseline that can be trusted.
Which deployment model are you using for this solution?
On-premises
*Disclosure: My company does not have a business relationship with this vendor other than being a customer.