How to Remotely Manage your IT Infrastructure

Continued from page: 2

Sunday, July 16, 2006

Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

Features

Whether you're outsourcing your IT infrastructure management or doing it in house, there are a certain number of features that must be considered. These depend largely upon what parts of the infrastructure you are going to manage remotely.

Management console
One of the key things that every remote infrastructure management solution needs is a management console that's easily accessible from anywhere. This should be able to give you, at one glance, a complete picture of your IT infrastructure. It should tell you the services that are running smoothly, the ones that have gone down, etc. It should be Web based and accessible from anywhere across the world, as long as you have a Web browser and Internet access.

BIOS level access
The options available today for BIOS level access are Remote Management Cards and IP KVM switches. The remote management cards are PCI cards and usually have a network adapter and an on-board modem. Remote management of server would thus be possible through the network adapter or by dialing into a modem. For security, these cards use SSL v3 and user authentication. These cards come handy when there are only a couple of servers in your remote location, whereas IP KVM switches are useful for data centers where many servers are being managed remotely. There are quite a few features, which you can get from an IP based KVM. For example, some of them support monitor sharing, which means you can view all the desktops from one interface. This helps you monitor a large number of screens at one time. The second benefit is that, one gets
integrated security on such kind of devices. And last but not the least, you can monitor heterogeneous devices from one place, because they don't need any specific client to get installed on the monitoring machine to access the remote nodes. You can actually access and manage Linux, Unix, Windows and MAC machines from one single console and that too at the same time.

Real time alerts
Another very important feature required from RIMS is real time alerts. After deploying a remote infrastructure management solution, how do you want to receive the alerts, and who should receive them? Plus, how should these alerts be sent? Should they be e-mailed or SMSed? Once the alerts are received, what action can the receiver take? Can the receiver remotely resolve the problem using say a cellphone or PDA? These are all the things that need to be considered when deploying a remote infrastructure management solution.

What to manage?

The network
Network monitoring is a key function of remote infrastructure management. Any network infrastructure consists of a wide number of devices such as a wide variety of routers, switches, various types of connectivity options like ATM, frame relay, etc. They allow an enterprise to have more effective communication. That's why the health of these network devices is extremely critical, and requires constant monitoring. To achieve effective monitoring, you need to ensure that your network management package can automatically discover all the devices on the network and keep polling them at regular intervals to get their status. There are packages that can just do the monitoring part. They will auto-discover your network devices and create a map of the same. There would be other packages that would even allow you to connect to a particular device via Telnet if some management is needed.

Applications
Application monitoring and management is a key area of concern for any IT infrastructure. After all, at the end of the day, it's the performance and uptime of these applications that matters to the business. Today's IT infrastructure is heading towards heterogeneous, distributed and rapidly changing architecture. It's not enough to manage a single operating system and applications running on it. These days you will monitor multiple hardware elements and server configurations, operating systems, middleware and business applications, which are running simultaneously. That's why, the IT team of any enterprise is always trying to monitor the health of their running business applications like database servers, Web servers and mail servers. This is where a remote application monitoring and management solution comes in, which can keep a constant eye on the health of your business applications. In order to monitor applications, you need to have an application monitoring system in place with pre-determined application specific thresholds. This is to ensure that the administrator can get alerts at the right time, and the moment an application starts behaving abnormally.

Assets
In large organizations, it is difficult to track and counter issues of hardware component thefts. Another issue can be more software copies installed vis-a-vis the number of licenses that the company holds and which makes the installation unauthorized. Using a good remote infrastructure tool, you can do remote software inventory tracking and control, remote software license management, and a regular audit of all applications installed in your organization. A RIMS can regularly perform system audits and alarm you if a system component goes missing or if a user installs an unwanted application. It also lets you remotely block or remove any unwanted application or remove it completely from the node. Plus the same system can also be used to document system configuration individually which includes, IP address, admin passwords, etc. and can be referred by an IT Manager to troubleshoot the system if any failure occurs.

Patches and updates
New vulnerabilities are discovered frequently and it becomes important to patch these vulnerabilities before they pose any threat to your network. If you have Windows update enabled on the nodes in your network, they will be able to patch the Windows vulnerabilities. But other software vulnerabilities still need to be patched. Most organizations prefer to use RIMS even for Windows update, as that ensures the user has not interrupted the updation and vulnerabilities are patched properly. With RIMS, patch management can also be updated, ie, the RIM solution automatically checks for new patches on the configured vendor's website, and when new ones are available it automatically downloads and distributes them to all nodes on the network.

Remote deployments
Whenever a new application is introduced in a large organization, going to every node and manually installing it can be quite painful. While automating this process with a RIM solution can reduce the time as well as the manpower needed. All that's needed is to upload the new application to the RIM solution and schedule the time for the install to happen. Another option available is to keep the setup of the application to be installed at a network and instructing the RIM solution to pick the software from there and install it on the nodes. Another option to do this is through login scripts. These network login scripts have commands for installing the software. The method generally connects to each computer that logs in to an organization's network, though one issue with this method is that users might not login to network everyday.

The Solutions

To do remote and centralized IT infrastructure management, there are many commercial software available such HP OpenView, IBM Tivoli, Unicenter and even some not so well known ones like Kaseya.

There are also companies who've developed their own tools and monitoring software, due to cost and licensing issues of the commercially available RIM solutions. For example, NaviSite India is a company that's managing around 900 IT infrastructure (located in the US and the UK) remotely from India. They use their own designed software to monitor their clients' IT infrastructure. Their solution polls their client locations and fetches alerts to NaviSite's monitoring system and then the monitoring system passes the alerts to their help desk system to process it further.

Kaseya

Kaseya is an easy to use Web based Remote Infrastructure Management solution. It has features like Patch management, Software Deployment, Network Monitoring and Alerts. It can also do complete System Inventory and Audit for all hardware and installed software.

Kaseya also has helpdesk and trouble ticketing capabilities, allowing you to create tickets of every problem, so that they can easily be tracked. Kaseya can create reports of everything it does, from Audit reports to Network Bandwidth usage reports. It can also let you remote control and manage the nodes on your network and take their backups regularly.

Installation
Before installing Kaseya, you need to have at least a Microsoft Windows 2003 or 2000 Server and Microsoft Internet Information Server (IIS) version 5 up and running with its SMTP service enabled. It also needs Microsoft SQL Server 2000 or MSDE 2000 (the latter is included with Kaseya). Installing it is fairly simple, and during the installation, it asks for username, password and an email-id. Once Kaseya has been installed, you need to deploy its Agents on all nodes on your network, so that they can make outbound connection to the Kaseya Server. You can roll out the agents in a number of ways. You could place them in a Windows logon script or E-mail them to clients, if they're in remote locations. The agents can also be downloaded from the Kaseya server's URL.

Remote patch management
Once the Agents have been installed on the nodes, Kaseya can scan them for missing patches and apply them. Kaseya can also be configured to generate a ticket or an alarm, or inform you by e-mail if a patch install fails. The option for patch roll back is also available. You can also configure it in such a way that a node automatically reboots after the patch has been installed, or take a user's permission before rebooting. All you need to provide is the URL from where Kaseya can download the patches that you want to install on your nodes.

To schedule a patch scan on a managed node, you need to go to the Path Management link and click on the Scan Machine in the function list. Then under Machine.Group.ID, you can see all the managed nodes. Choose the nodes on which you want to perform a patch scan. You can run the scan immediately or schedule it. Once the scan is finished, it will show you the missing patches. Then, click on Machine update to schedule the updation of these missing patches. You can directly update the nodes without even scanning them. For this, go to patch update and choose the patches and against every patch you will see the machine's tab. Click on this tab to specify the nodes on which you want to install patches and than you can schdule them in a similar fashion.

Remote application deployment
Kaseya lets you remotely deploy any third party installation program or create your own software installation package with the Packager. It lets you remotely install or uninstall any software suite or individual file. Just like patches, application installation can be scheduled, and rollout of software updates and deployed software installations can be done remotely from all managed nodes. Kaseya creates scripts to deploy applications remotely using the installation packages. It also has a utility called Packager, which lets you create custom installation packages.

There's a wizard that takes you through creating scripts for remote application deployment. To do this, go to the main window of Kaseya and click on Scripts. Then, from the left bar, click on Application Deploy. A wizard will appear on the right side. Here, you have two options, either you can send the installer from the Kaseya server to the remote machine and execute it locally or execute the installer from a file share on the same network as the remote machine. For the first option you need to upload the Installation package to the Kaseya server. The wizard takes you through the process of choosing the location where the file has to be uploaded on the server, choose the files and the type of installer to deploy, and finally the name of the script; and also whether you want to reboot the node after installing the application. After the script gets created, simply select the nodes you want to deploy it to, and select whether to do it immediately or schedule the task. To see the status of the script on a particular node, you can go to Script Status where it will tell if the process is pending or has been successfully executed.

Audit and inventory
Kaseya can automatically audit every managed machine. It can do hardware and software inventory. It keeps all audited data on the server, and this data is available even if the node is online or offline. So it provides you a complete summary of the nodes.

To start an Audit, click on Audit on top of the main window and click on Run Audit. You can choose between running a Baseline Audit, or a System Information Audit, or both. You can also do a PCI and Disk Audit. Upon enabling this option, you can see the hardware information collected in this display. The Agent on the client machine collects hardware vendor and product information on PCI network adapters, multimedia controllers, mass storage controllers, bridge devices, hard disk drives, and CD-ROM devices. You can also schedule audits to be done at regular intervals. Once the Audit has been performed, browse to View Group Data. Here, you can see all the Audit results like System Information, Installed Applications, Software Licenses, Disk Volume Information, CPU/RAM info, etc. Just click on any of these and choose a particular node to see its detailed information.

Once you have all the system inventory reports, you can go ahead and manage the applications installed in the nodes. For this, go to protection, click on Network Access and you will see the list of nodes. Click on any node and you will see all applications running on that node. To select the applications you want to block or remove, or to approve the new installed applications from the nodes, click on Select. Now choose the nodes and click on block or remove or approve as per your need. You can also enable or disable if you want the user to be notified when the application is blocked. Similarly, you can also block access to any file in the node.

Page(s)   1  2  3  4