Originally published on July 19, 2011 in our free BigLaw newsletter. Instead of reading BigLaw here after the fact, sign up now to receive future issues in realtime.
Many large firms use System Center Configuration Manager 2007 (SCCM), often in concert with Windows Server Update Services (WSUS), to push software updates and patches out to their server and desktop computing environment. Many even use it to deploy new operating systems.
While SCCM, if properly configured with all the appropriate levers pulled and buttons pushed, is a powerful tool for managing and manipulating the desktop and server environment, it falls short as a proactive monitoring tool of these same environments.
Enter System Center Operations Manager (SCOM).
How Does SCOM Work?
Once the server, service accounts, and database are configured (much like SCCM), SCOM has a Discovery wizard that can use the Active Directory or IP address subnets/ranges to identify new "target" computers or devices. Devices and appliances are a bit different (see below), but for computers running a Windows OS, the SCOM server can then push out the SCOM agent to these discovered computers automatically.
And then the magic happens. Once the agent is installed, it begins to monitor a myriad of data points accessible on its host — from event logs, to application states, to CPU, memory, and disk usage. And really, that is just the beginning of what SCOM can monitor and report back to you.
Microsoft's Management Packs: From Basic to Best Practice
If the SCOM agent is up and running on a given target computer, and it is able to call home, then a basic heartbeat is established. But if the target computer is a Microsoft Windows-based computer, and the appropriate "Management Pack" (downloadable for free from Microsoft) is installed on the SCOM server, then the alerts can report a whole lot more than just an up or down OS state.
The Windows 7 client agent, for example, monitors everything from boot performance to memory exhaustion analysis to shell performance to hardware and software component failures.
On the server side, when using the SQL Management Pack for example, the monitor will not only tell you that a backup failed, or let you know about a long-running SQL Agent job, but it will also let you know if your databases aren't configured according to Microsoft's Best Practices (e.g., "The auto close flag for database Northwind is not set according to best practice.")
The Exchange Management pack reports delays in SMTP queuing, log file growth, mailbox availability, etc. You get the picture.
What About Non-Microsoft Servers, Appliances, and Network Devices?
If your non-Microsoft servers, appliances, and network devices can be configured with Simple Network Management Protocol (SNMP), you can create your own device Management packs (if you are familiar with the data being served up by a given device), or download or purchase the non-Microsoft Management Packs pre-configured to give you access to all of the minutiae detail that the SNMP agent on a given device provides.
As with Microsoft SCOM agents, SNMP-managed devices operate via a software agent installed on each device, the sole purpose of which is to report on device-specific health data. And if it's a name-brand, enterprise class product (e.g., Cisco routers, EMC SANs), you can be sure that every major manufacturer provides SNMP ready to go on all of their shipped products.
When freebie Management Packs are not available (e.g., VMWare), you can buy them from companies that know how to "speak" your server/appliance/device's SNMP language. Some examples:
Veeam Software's nworks Management Pack for VMware
Jalasoft's Smart Management Pack for VMware VirtualCenter
Bridge Ways' System Center Ops Manager
Or you can browse for your product in the SCOM Management Pack Marketplace.
Conclusion
Whether you work for a massive, multi-site international law firm, or a midsize law firm with one, two, or three locations, SCOM is an invaluable tool for staying on top of the health of your firm's computing environment. With SCOM, you can manage your environment as proactively as possible. Don't wait for your users to tell you that you have a problem. Get SCOM up and running and you'll know before they do!
Written by Matthew Berg, Director of IT at Wolf, Greenfield & Sacks, P.C..
How to Receive BigLaw
Many large firms have good reputations for their work and bad reputations as places to work. Why? Answering this question requires digging up some dirt, but we do with the best of intentions. Published first via email newsletter and later here on our blog, BigLaw analyzes the business practices, marketing strategies, and technologies used by the country's biggest law firms in an effort to unearth best and worst practices. The BigLaw newsletter is free so don't miss the next issue. Please subscribe now.