IT Infrastructure Monitoring Forum

IT Central Station
May 14 2021

There are many open source IT Infrastructure Monitoring solutions on the market. However, large companies often invest in a paid solution. What do paid monitoring solutions offer that make them a better choice than open source?

Richard TreadwayWhen you’re considering infrastructure monitoring, you certainly have plenty of options to choose from. From free to expensive, from targeted to comprehensive, today’s monitoring software presents a confusing assortment of features and claims. How do you make sense of it all and choose a solution that meets your needs and is within your budget? The question “Can you afford it?” might quickly become “Can you afford not to have it?,” especially when you consider the cost of poor performance and downtime. We look at ways to frame the problem and decide what’s right for you. We start by looking at cloud infrastructure monitoring tools and why they need to be specifically designed to handle new cloud-based applications. Then we’ll consider how to measure the value of a monitoring tool and what it’s worth to your organization.   Read the complete analysis in this eBook Infrastructure Monitoring Software: Can You Afford It? How to choose a monitoring tool that meets your needs — and your budget Thanks, Richard Treadway
Faustine ChisasaThe main reason large companies invest in paid solutions is the advanced and timely support  provided when using paid solutions. And of course those who sell the solutions need to do a good support job to continue selling their products. Using open source solutions means having very skilled  personnel to do most if not all of the work on getting things working and continue running which can be more expensive than paying for support by opting a paid solution. For example a monitoring solution for a large enterprise may require experts or separate teams to handle database administration, network and systems administration, web applications, systems security etc. but most of the work will be done by the vendor or suppling partner when it comes to paid solutions. Also paid solutions seem to be more secure and when issues or bugs arise, the supplier/vendor is responsible to quickly get things on track.  Paid solutions can easily provide customer requested features as part of support, that means less work on the end user for features request. And since paid solutions are often sold to many similar customers, many large companies feel more assured by the large  portfolio of existing customers hence less risk in their opinions.
Stacy LeidwingerGeorge Spiers a certified Citrix CTP and technology evangelist has a nice write up talking about how without enough experts to manage the infrastructure you do have to rely on technology to help: In relying on software, I think the key difference commercial products can bring is the embedded intelligence and automation that can discover your overall infrastructure along with the what and how to monitor automatically. With open-source, you often have to decide what you want to monitor and what thresholds to set and even create scripts to manage the alert process. With 3rd party tools, it is all there and a core reason for needing help is you don't have enough experts already.  Just make sure if you are paying for a product, it is doing a lot of the setup, configuration, and management for you! 
Ariel Lindenfeld
Sr. Director of Community
IT Central Station
Mar 05 2021
Let the community know what you think. Share your opinions now!
MichaelDelzerThe ability for the solution to correlate data from across the enterprise to remove noise in alerts, and for the alerts to be able to trigger automation to remediate a known problem/incident.
Dmytro KutetskyiI think you need to look for: 1. Unifications. All aspects of the monitoring should be done by one or multiple tools. As an option, integration between tools should be possible. 2. Plug-in based or open architecture. Open Source will be a huge plus. In this case, you will have community support, and hiring the expert for widely used technology should not be the issue. 3. Tools should have quick support - monitoring could go down when you really need this. Open Source tools allow you to have a big market of engineers with good expertise. 4. Agree with other comments - ROI is very important here.
Stacy Leidwinger1) Ease of deployment and maintenance. The ideal solution will auto-discover your environment and have intelligence built in to tell you what to monitor and how to monitor with built-in alerts that leverage industry best practice thresholds. This way users can anticipate issues and resolve them before users are impacted.  2) Historical, real-time, and discrete data that will show all IT infrastructure elements used to deliver a single end-user experience. The is the only way to monitor and troubleshoot issues is to have full visibility into the true user experience. 3) Document all user activity, behavior, and system performance so that you can share, integrated, and enhance data to collaborate with management, other IT teams, application vendors, and even end-users. 
Henry Steinhauer
Systems Engineer at a tech services company with 10,001+ employees
Feb 05 2021

With the security issues associated with SolarWinds - are people switching to other vendors?   Which ones are you switching to?

RobertUllmanThousand Eyes acquired by Cisco, interesting synergies with AppDynamics APM.
chamepicartWe’ve switched from Solarwinds to Centreon even before the issue occurred. It’s way cheaper and is a good alternative and very flexible to your needs. You can play with it yourself.
Darryl TheronHi Henry, Infosim, Stablenet is a very good alternative. Regards, Darryl Theron
IT Central Station

How does it differ from ITSM? 

Which products would you recommend to make up a fully defined ITOM suite?

DonaldBakelsIT operations management (ITOM) software is intended to represent all the tools needed to manage the provisioning, capacity, performance and availability of computing, networking and application resources — as well as the overall quality, efficiency and experience of their delivery, I would recommend at least the following products Application & underlying infrastructure monitoring, ITSM Servicedesk & Security management software.
IT Central Station

What tools do you recommend for SQL server monitoring for an enterprise-level business?

DonaldBakelsI highly recommend 2 products from the SolarWinds ITOM Suite; 1 Server Application Monitor Check link: 1 Database Performance Analyzer for SQLServer Both products are integrated
Morne' O'KennedyI personally believe in SCOM (Operations Manager) since it contains all the required tools to monitor and manage SQL operationally. Majority of enterprises already have the Microsoft EA in place so the System Center licensing is already available along with SQL.  .. in summary
Usman MalikYou can use Solawind or BMC
Nurit Sherman
Content Specialist
IT Central Station

Is it required in your company to conduct a security review before purchasing an infrastructure monitoring solution? What are the common materials you use in the review? Do you have any tips or advice for the community? Any pitfalls to watch out for?

MenojRoekaleaI would start focussing on the used acounts and their privileges, other components aren't that interresting security wise. But the used accounts are probably over privileged as my experience has showed my before.
Sofian BayoudhIT security is an ongoing exercise, with some sporadic penetration testing. SOC should be closely coupled to NOC, especially in terms of log management, traffic capture and analysis (for heuristics/forensics), connectivity/management, DNS security, WAF, etc. So it's more than security review before deploying NOC, it's rather complete integration with due proper design and planning.
Matt DavisMy company does not require a security review per se, although we do incorporate security measures to protect our network. For example, if your monitoring system is public facing, you'd want to lock it down so that only the IP ranges and TCP/UDP port ranges necessary for you to monitor what you want to monitor are allowed in. If you are doing only active monitoring, then you don't really need to allow any establishment of connections from outside. If you are using SNMP traps, or an agent that pushes info to the monitoring services, the respective IPs and ports need to be allowed in. You can do this with a firewall like iptables. Security by obscurity is also still a helpful thing. Default port numbers, etc. are low-hanging fruit for bots and things that scour the internet for easy victims. You can also use something like fail2ban, which creates a blacklist of IPs who repeat failed logins. It is also helpful to ask the vendor which versions of software they use. It is possible they use an older version, which is not as secure as using one that is regularly updated with security patches. For example, do they use mySql? Which version? What about the OS? Is it a version still supported?