Monitoring Architecture

By: Mark O’Gara, TAC Expert

Monitoring has evolved to mean much more than just managing the network components in the IT production data center. In the good old days, a Simple Network Management Protocol (SNMP) management product was sufficient to manage all the network components. For today’s complex IT environments, we need a multi-tier monitoring architecture. A multi-tier monitoring architecture is a critical component to a good monitoring strategy. A sample multi-tier monitoring architecture follows:

  • Customer Experience Management (CEM)
  • Application Performance Management (APM)
  • Synthetic transactions
  • Manager of Managers (MOM)
  • Element Management Systems (EMS)

The base layer of the architecture is the Element Management Systems (EMS). The EMS layer manages the health of all the components in our IT environment to include components in our data centers, Software-as-a-Service providers and cloud providers. The EMS layer manages components such as routers, LAN switches, servers, middleware and databases. Depending on the complexity of the environment, you might have multiple EMSs and stand-alone point solutions such as an agent-less protocol monitoring tool.

The next layer in the architecture is the Manager of Managers (MOM). The MOM layer consolidates all the alarms and events from the EMS layer to provide a unified and coordinated view of the IT environment. Typical functions provided at the MOM layer include event correlation and data enrichment. The MOM provides the ability to input alarms and log files from the various EMS layer devices. The MOM layer helps to solve the problem of the EMS layer being managed in silos.

The third layer in the monitoring architecture is synthetic transactions. The synthetic transaction layer provides the ability to simulate users transaction and understand how the user will interface with the application and core infrastructure components. Typical functions provided by the synthetic transaction layer include testing a Uniform Resource Locater (URL), executing a Common Gateway Interface (CGI) on a web server at the basic level to executing the multiple steps a user would take to execute an application process. The synthetic transaction layer starts to test the horizontal aspects of how well the infrastructure supports an application transaction in the production environment.

The fourth layer of the monitoring architecture is the Application Performance Management (APM). The Application Performance Management layer provides the ability to track an application transaction from a time and resource perspective. The APM layer will timestamp transactions, store the data, and provide reporting and alerting on the transaction. Another function of the APM layer is how well, or not, an application consumes resources such as the available memory in a virtual machine (VM). The APM layer provides data on how well the application transaction performs and gives us live data on the production environment.

The last layer in the architecture is the Customer Experience Management (CEM) layer. The Customer Experience Management layer provides the ability to understand how well the external users can access our production environments. The functions provided by the CEM layer include testing remote network access from different geographical locations and running simulators to test mobile network access. A well executed CEM layer provides data on issues effecting the user that are beyond the IT production environment.

Depending on the maturity of your monitoring organization, you may have one or all of the layers listed in the monitoring architecture. The key to success is to establish a good base Element Management System layer and build up!

Mark O’Gara, TAC Expert, has more than 30 years of experience as an operations and engineering IT executive with a diverse background from start-ups to Fortune 50 companies. Experienced with tactical, hands on problem solving as well as developing and implementing business strategy. Creates a high performance team by focusing on communications and leadership development. Able to lead large change management transformations that focus on improving service delivery and cost reductions. Functional expertise in monitoring, voice, data, wireless and applications.