How to Remotely Manage your IT Infrastructure

Continued from page: 1

Sunday, July 16, 2006

Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

Types of solutions

Let's now try to understand what kind of solutions are possible, and compare their features. Broadly speaking, there are two different scenarios in Remote Infrastructure Management. One is to outsource it to a third party, which could be an independent managed service provider or even an ISP. Or you can do it yourself. In case of the first two, we met some companies who are into this to understand how it's done.

ISP based RIMS
In this type of a scenario, the Web service provider goes one step ahead and provides management to your applications and in house servers as well. Here, by applications we mean the Web applications and services/data centers. ISPs generally don't cover the whole gamut of services, and keep out of things such as desktop, network and inventory management.

This type of a scenario is good for those who already have an IT team for the desktop's support and maintenance, but need to outsource their applications and servers management. They will provide the customer with ports that can be polled using any network monitoring tool to view the reports that the ISP has generated about your setup. This would help you determine how well is the ISP going about the job, what have been the trends, were there any unwarranted downtimes, etc.

Specialized RIMS vendors
There are companies who are purely dedicated to providing full support for your IT infrastructure remotely. This includes support for your data centers, servers, network and even Inventory Management. Many companies use their own custom made software for the job. In such a setup (see figure 2), there is likely to be a RIM core, which is basically a database that captures and stores all your events and alerts. All alerts are fetched and sent to this RIM core using either hardware polling devices, which have been developed by the vendors or by some common fetching mechanism such as rsync or FTP. The software should be installed/configured on each clients' location. After these events are captured by the RIM core, they are forwarded to a monitoring agent, which has pre-defined thresholds configured for various types of services like database, mail, system performance (RAM, CPU, etc), Web servers, etc. Here, all events are checked against their preset thresholds and forwarded to a help desk/trouble ticketing application. This application, in most cases also has built in the SLA details that have been set between the vendor and the service provider. For instance, if some organization wants that a set of his particular servers in the datacenter should be treated on a priority basis, then the alerts generated from those devices will automatically get priority on the helpdesk tickets. These applications' front end can then be monitored by the IT team for diagnostics and repairs. For repairing, they again can use standard techniques such as IP KVMs, Remote Desktop or VNC.

In-house RIMS
It's not necessary that you outsource your IT infrastructure management to an external agency. If you already have a skilled IT team in place, then you can setup your own RIM as well. You could then centralize your pool of skilled IT manpower, and leave very little manpower at the branches for routine jobs, like fixing minor hardware or network related problems. The applications and the hardware for the job are easily available.

In case of Open Source applications, you will have to integrate all the different components by yourself. It's possible but difficult, whereas if you go for a packaged product, then you will get everything in one place. But of course, the magic doesn't come cheap. You have to pay a good amount for this kind of an application. We have talked about some of the packaged and Open Source products at the end of this story. Before going directly on implementing those software, lets first try to understand the basic requirements and precautions you should take while deploying an RIMS.

Basic requirements

Like we said, you can setup your own RIM solution as well, but there are a few pre-requisites and basic factors that must be taken care of such as
connectivity issues, security in remote access, bandwidth requirements, etc. Let's look at them in more detail.

Connectivity
For connectivity, you could either go over the Internet or have your own leased lines. The choice depends upon the kind of setup you currently use to connect your various branch offices. In case of a public network, security becomes a major concern, which we've tackled separately. Leased lines are a good option for remote data center monitoring. Needless to say, Internet based connectivity costs less, but you would have to take into account the security aspects.

Bandwidth requirements
When you talk about deploying Remote Infrastructure Management, the first thing you would need is good bandwidth. There are basically two components of RIMS that require bandwidth. The first is polling of the events and sending them to the NOC. This component is very necessary and will need reliable connectivity. Because if the line is down, then you won't be able to understand what is happening at your Remote
location at all. The key here is to maintain a failsafe mechanism for the connectivity.

Here, you won't need a huge amount of bandwidth because the type of data sent in this case is commonly plain text. A standard 256 Kbps line should be OK for this. Ideally, have a 256 Kbps line with a 128 Kbps failsafe line. The second component of RIMS, which will need bandwidth is the 'Remedy' or rather the 'Management' part, where you will need to access the machines directly from the remote location, either over IP
based KVMs or using some kind of a Remote Desktop application.

This is the type of task you wont always need. You'll only need it when there's a major problem. Therefore, it may not be necessary to have a dedicated link for the job for all your sites. You would however, need it for all the main sites. Usually, at least 512 kbps is required for this function to work effectively.

Security issues
This is the biggest challenge when you deploy RIMS, because you're actually opening up your entire IT infrastructure to be accessed from anywhere. There are multiple ways to implement security. In case you're using the Internet for remote connectivity, then the first level of security would be creating a secure tunnel, for which you can use VPN for SSH based applications. Then you can have an ACL based connectivity over a
virtual console that would require LDAP authentication. The concept of virtual consoles is very interesting. Here, instead of actually terminating the connection to a machine at the remote location, the connection is terminated over a virtual machine (may be MS Virtual Server or VMWware Server), which has very few privileges and can only open a Web browser for authenticating the user with the credential of the local network. When this authentication is done, the user can then run remote desktops from that virtual console to connect to other nodes on the network.

The other option is to restrict any type of inbound connection from the remote locations. Surprised? You must be thinking, how could one connect to those locations? This is indeed possible and is a very good mechanism to restrict any kind of hacking. In this kind of a setup the key role is done by the monitoring or alerting system. What exactly happens is very simple. Whenever an event happens, that crosses a certain pre- defined threshold, it triggers an outbound connection which then connects the location to the NOC and the connection is made.

Page(s)   1  2  3  4