We use it for monitoring our management infrastructure. We also use it for pinging some customer workstations, customer sites, and devices.
We use it for monitoring our management infrastructure. We also use it for pinging some customer workstations, customer sites, and devices.
I'll talk about BPPM here. Having the performance monitoring in place allows us to be able to react if our systems are having either disk, memory, or CPU performance bottlenecks or issues. It also allows us to react if there are up/down monitoring issues or it's approaching a situation where a threshold will be breached.
For the network automation tool, from a security perspective, the real focus for us has been to maintain the configurations of our router switches, network devices, etc., and to be able to deploy them in a consistent fashion. If consistency equals security then it's helped it from a security point of view. But outside of that it's not something that I would consider to be a security tool, per se.
We use it for configuration management. The big thing for us is that we cannot afford to lose our configurations across our different environments. For example, we have configurations in our Dev environments which, once they're vetted, go up to staging. Once they're vetted there, they go into a DR space and from there into production. So having consistency in our deployment practices, first of all leads to cleaner implementations and, most importantly, it ensures that if something bad happens we can actually recover quickly.
Previously, when we had outages, people were scrambling along trying to find what the configurations were. We would have to get a new device in because the old device crapped out. We would put in the device and we would all pray very hard that the new configuration was the same as what was there previously, because sometimes we couldn't be totally sure. Prayer is a wonderful thing but it's not suitable for business SLAs.
It has absolutely helped our organization to use skilled personnel for more productive tasks because now we have the data that people need so that they can do their jobs better and more efficiently. With good data come good decisions. With no data you get haphazard results.
Finally, because it's alerting us when certain things happen, it allows us to put our processes in place to be able to deal with whatever the issue is at hand and that actually allows for more collaboration.
The dashboard is very useful to us as is the Presentation Server interface, in terms of policy creation and configuration and use of the tool.
There's a much cleaner approach to the dashboards now in TrueSight versus what they had previously. Previously it was more cumbersome to be able to display the data that is required to do our jobs. Different people have different functions, and as a part of those functions, they need to look at different types of data. My managers are interested in things like, the number of tickets that are open. How long did it take to address an incident? How long did it take to close an incident? Things like that with SLAs. Whereas the support people want to just know that the incident has come in and to be able to look at it and correlate that data with other data to determine what the actual problem is. Depending on who's looking at the data, they need to configure that data in different ways, and the dashboards help us to do that better than what was previously available.
There probably needs to be a little bit more collaboration between the Entuity teams and the BBNA teams. For our endpoint device monitoring we typically use a tool called Entuity. We buy it through BMC. TrueSight or BPPM typically does performance monitoring for servers, but for endpoint devices, such as routers, switches, etc., we typically use Entuity. The network automation tool keeps these configurations for us, keeps them all tight and clean, and makes sure things are synced up. But there's a lot of room for improvement in expanding the functionality of BBNA to work a little bit more tightly with Entuity. Right now they're still very siloed in terms of the toolsets. There might be some opportunities to grow that partnership.
In terms of additional features, I'm wondering if they should be looking at integration with some other toolsets, such as Ansible on the Red Hat side, or other scripting capabilities on the Windows side. A little bit more thought could be put toward using those tools. We also use Atrium Orchestrator in-house. It's a run-book automation tool. Having more out-of-the-box orchestration examples in AO to leverage BBNA and TrueSight would be really good to see.
I came in Monday morning and my TSIM servers were both down. I'm working with support to understand why.
We've built out the product to meet the number of servers that we have to monitor in our managed security space - the stack that we deal with - so we've already gone through the scaling process. Because the high-availability feature hasn't been working, it's performed quite poorly.
A lot of the support is quite good. They really want to help. There are two different teams in support right now. There's a whole team dedicated to TrueSight, specifically. Sometimes, when I put in a ticket to support, there's another team and that other team is totally dedicated to something called the PATROL Agent. That is an agent you deploy in boxes, agents which can talk to TrueSight and feed it information. In our case, we care about TrueSight, we don't really care about the PATROL Agent. I don't want to say the PATROL Agent is an afterthought, but it is a part of TrueSight, not the other way around. But many times this other team wants us to fuss around with the PATROL Agent and we don't really want to fuss with it. We only want to deal with TrueSight and things to do with monitoring. If TrueSight says we need to install an extra agent somewhere, then that's what we do.
From a support perspective, it's almost like there are two silos at BMC for the monitoring software. One is dedicated to Patrol and the other is dedicated to TrueSight. Because we're really a TrueSight shop that uses Patrol, all of our tickets should automatically go to the TrueSight support people. However, we keep getting routed to the Patrol people, and I don't feel that the Patrol people fully get what we need to do in our environment. They don't seem to cross-pollinate. The Patrol people don't really know anything about TrueSight, and the TrueSight people know a little bit about Patrol. If your ticket gets over to the patrol people, then good luck. That's very frustrating from a support perspective.
The people are very nice, they're competent. Some of them are incredibly excellent. And others, they try their best, but...
I can't say enough about the sales teams. They are excellent and the pre- and post-sales support are incredible, they are some of the smartest people I know. Phenomenal people. That's very much a strong point. They are amazing people. They're very busy, but when you get them involved, it's great working with them. Fantastic
It's not about the technology, it's about the relationships. When you get really good people to work with and to deal with from a sales perspective, it becomes less about selling and more about, "Look, I have this problem, what do you have that can actually help me meet my business objectives?" It really is comforting to be able to call up somebody at any time and say, "Look, this is what's going on," and see what they have to say to help you out. That, to me, is really pretty cool.
Our sales guy, Ralph Filippelli, is just an absolutely amazing guy. He's constantly in our corner and I feel that I can call him up anytime and say, "I have this business problem" or "I've got these contracts coming in, I need some help here." He's happy to do whatever he can and I'm happy to give him the business.
BPPM came in not long after I came into the organization. Prior to that, they were using some open-source tools that were cobbled together to try to create the same functionality, and it was spotty monitoring at best.
For the BBNA product specifically, we were using HPE's product which became Micro Focus Network Automation. We switched because we were already using some BMC tools, and we thought that it would be a great opportunity, from an integration standpoint, to standardize on a toolset from BMC.
Regarding TrueSight, the setup has been a nightmare. We followed the instructions. Sometimes, things wouldn't work at all as they were documented. We would contact support and they'd say, "Oh yeah, this is a known issue." And then we'd have to implement these changes with obscure switches and other things just to run the software to install. In other cases, certain software just didn't seem to work at all.
We've been working with BMC support in various ways such as to allow for the high-availability components for the TSIMs to work together. There have been issues there. We've seen randomness in how other pieces of the software work. Integration with the Presentation Server and the TSIMs has been a challenge. The ports that are required for HA to be utilized were not clearly documented anywhere. In fact, they still aren't documented online anywhere, even though we managed to pull it out of some of their support people. That's another issue from a documentation standpoint.
From an installation perspective, there were inconsistencies between different versions. In the 11.x stream that we deployed, versus 10.7, there were major differences. Sometimes they weren't reflected in the 11.x documentation.
We have not gone into production with TrueSight. We've deployed it, but it's not working. And we've had BMC support and other people involved. We've had people come to visit us and see the issues that we've experienced. I've spent another 20K on experts in the TrueSight tool to help us to optimize the configurations that we've deployed. But we haven't been able to utilize those people because we don't have a stable product.
One of the big issues has also been the integration of TrueSight with the Remedy/ITSM stack. That's slowing us down in being able to go fully into production with it. We've got the core software installed, but it's not doing its job fully. There are issues that we need to remedy prior to being able to fully utilize it in production.
For BPPM we did hire a third-party consultant. But for the TrueSight deployment, it's all been BMC personnel.
We have about five folks involved in different levels of the deployment. They're working with integration on the ITSM side. From that perspective, they've been working on different sides of the fence to get things working together.
Network Automation has replaced our HPNA. The cost of the product was a little bit cheaper than what we paid for the HP product, which is now Micro Focus. The return on investment is not huge, but our trust in working with the vendor is big because with the changeover and HPE selling off those assets to Micro Focus, we had concerns about the stability or longevity of the network automation tools.
There's a fee for the licenses themselves, per contract, and then we have a yearly licensing fee that's many thousands of dollars. But that's not just for TrueSight, that's also for support for ITSM, Atrium Orchestrator, BBNA, and other BMC tools in the environment. We have to support more than just TrueSight in that space. It's a package deal from a support perspective. From a licensing perspective, when we get a contract in we size the contract, do quotes from the contract, and then we engage BMC to say, “This is how many additional licenses we're going to need as a function of that contract.” Then we do the numbers thing. But we've actually dumped a lot of money. I think recently it was about $174,000. But again, it depends on the contract, it depends on what we're dealing with. It's been many thousands of dollars.
We looked at various tools. For example, we looked at CA, which was bought out by another company. We looked at some CA monitoring tools because they're being used out of our head office, but we found that the Entuity/BMC solution was preferable for various reasons.
My advice would be to holistically look, at a macro level, at all the tools you're using in your environment. If you're already using some BMC tools, there's a compelling argument to using TrueSight because of the opportunities for integration of those products.
The biggest lesson that we've learned using Network Automation is that change is painful. We were using HPNA for a long time, and we had built toolsets around that. Some products have functionality that's better than others, and it's a matter of tracking that and making sure that you understand the toolset prior to deployment.
We have deployed TrueSight in our Dev, Staging, and Prod environments but we're not using it fully yet. We're still using BPPM in production at this time.
Regarding the solution's capabilities in analyzing and fixing security vulnerabilities through patching or configuration changes, we don't have that tool suite deployed. TrueSight isn't really meant for that from a security perspective. It's really performance-monitoring that we're leveraging at this time. We didn't buy any of the add-on pieces for security monitoring.
We're a managed security services shop. Our clientele is mostly government-based. We keep getting contracts. We've got five bids underway right now. As the bids expand and we win more business, we deploy into the environment. As we deploy into the environment, we have a need for more licensing. That's typically how we've handled things in the past. We are growing the service and growing the business based on the number of contracts that we get in-house. The more contracts we win, the more business BMC gets, and everyone's happy at the end of the day.
I would rate Network Automation at seven out of ten. It's a good product, it's relatively stable, but we have seen some issues, stability-wise, with the server. We have to stay on top of that, make sure we're monitoring it, to make sure it's doing what it's supposed to do. The interface is a little clunky at times, but it works well for what it does. From a configuration management perspective, it's excellent. It really does a good job there.
As I said, I'd like to see tighter integration with Entuity. Because Entuity is doing that monitoring already for the endpoint devices, I'd like to see a little more collaboration between those teams. That would allow me to give higher marks.