Manage your network from one console

When I was a kid, I collected baseball cards. I started with only a few cards, which I kept in a beat-up shoebox. However, my collection soon outgrew the shoebox, and I needed a better way to organize the cards. So, I bought a specially built box that made my collection look neater and let me monitor the cards' condition.

Managing Windows NT systems is similar to card collecting—as you acquire more systems, you need an organized way to manage those systems. For example, your company might have thousands of NT systems, in hundreds of locations, and an email infrastructure generating millions of messages per day. Managing those servers requires long hours, extensive resources, and numerous separate applications. Unfortunately, the time and cost associated with learning and maintaining individual products hinder monitoring and can lead to unforeseen problems on crucial servers.

Systems administrators need a consolidated solution that provides the best of monitoring and reporting from one location for an unlimited number of servers and workstations. Because companies are managing systems worldwide, the need for Web-based monitoring support is crucial. Also, management products must include a snap-in that you can easily drop into Windows 2000's (Win2K's) Microsoft Management Console (MMC).

NetIQ AppManager Suite 3.0, which NetIQ targets at systems administrators and managers who monitor crucial servers in single or multiple domains, extends its NT support to Win2K servers. AppManager lets you monitor applications such as Microsoft SQL Server, Microsoft Exchange Server, Win2K Server Terminal Services, Oracle's relational database management system (RDBMS), and Citrix WinFrame. The software also lets you monitor framework products such as Computer Associates' (CA's) Unicenter, HP OpenView, and Tivoli Enterprise. AppManager lets you use preconfigured business rules for automating repetitive, time-consuming tasks and setting proactive notification and problem correction.

Not for the faint of heart, the product comes in an imposing 5-pound box that includes a CD-ROM and three thick manuals: the Installation Guide, Users Guide, and Knowledge Script Reference Guide. The extensive documentation is a testament to AppManager's robustness.

Inside AppManager
AppManager includes four essential components—the console, repository server, management server, and agent—and an optional Web-management server. The console, in which you perform most management work, is available as a standard program or as an MMC snap-in. (You can open the AppManager snap-in from the AppManager program group, or you can add the snap-in to a separate MMC console that includes other program snap-ins.) The repository server, which uses a SQL Server 6.5 database, stores information about monitored systems and applications. You can't use SQL Server 7.0 for the repository, but NetIQ promises SQL Server 7.0 repository support in the future. The management server is the communications mediator between the monitored system's agents and the repository. To receive requests from the management server to accomplish a specific monitoring task, you must install the agent on each server or workstation. The Web-management server lets you use AppManager in a Web browser, which can save money if you manage systems worldwide.

AppManager monitors other systems through Knowledge Scripts (KSs), which are files that you configure to automate specific management and monitoring tasks. You can choose from more than 400 prebuilt KSs, or you can use a text editor to create custom KSs. NetIQ includes a list of the most popular KSs for each monitored application. You can begin using the KSs immediately, but I recommend that you spend some time reviewing the KSs in the hard-copy Knowledge Script Reference Guide, which describes each KS in detail.

Prebuilt KSs for NT administration let you identify CPU bottlenecks, pinpoint top CPU-consuming applications, check the status of key services and restart them if necessary, monitor DHCP leases, review Performance Monitor counters, measure disk space utilization and disk I/O, and check for key files. Prebuilt KSs for Exchange Server let you track end-to-end response time between Exchange servers, monitor inactive mailboxes over a specified period of time, check the status of key Exchange Server services and restart them if necessary, pinpoint frequent senders and receivers of email, and monitor overall message flow. Finally, prebuilt KSs for SQL Server let you monitor a server's status; identify frequent database and CPU users; monitor free database, device, and log file space; and determine the cache hit ratio.

Microsoft is bundling the AppManager Windows Management Instrumentation (WMI) Agent with Win2K. The WMI Agent, one of AppManager's key architectural components, will conduct performance monitoring and event monitoring for networks with Win2K and NT systems.

Microsoft is also bundling AppManager's Web-Based Enterprise Management (WBEM) in Win2K. WBEM embraces standards that let you use Internet technology to manage systems, networks, and users. WBEM defines schemas, outlines protocols, is open and extensible, and offers a fast and inexpensive way to gather and analyze data.

With Win2K's instrumentation, you can access AppManager and its data from an Internet browser. This accessibility is particularly important if your company has international locations.

Preflight Checklist
To test AppManager's capabilities, I ran the program in a domain environment. I used a Digital PC 3000 model system with a 300MHz Pentium II processor and 128MB of RAM. I installed Win2K Advanced Server (Win2K AS) beta 3 on this system—which I named DIGITAL2000—and configured the system as the domain controller. I also used two servers running Win2K Server with 350MHz AMD-K6-2 processors and 64MB of RAM; one server ran SQL Server 7.0, and the other server ran Exchange Server 5.5.

AppManager includes a preinstallation application that checks your system against AppManager's components' software requirements. In an application as large and complex as AppManager, this feature is essential. I ran the preinstallation check from a separate window, and in about 4 minutes I had an HTML report that listed each component's system requirements and told me whether my test system passed or failed each requirement. The report included HTML hot links that led me to Web pages containing detailed explanations of each requirement and instructions for fixing items that failed. I used the suggested settings to configure SQL Server and Exchange Server, then initiated the installation program. The setup program was thorough: I entered information or accepted default settings through about 15 screens.

You need to ensure that your applications are working (i.e., services are running) before you start the installation. Otherwise, you'll spend time troubleshooting application-related errors. Installation problems can occur because of insufficient RAM or disk space for a component, improper NT or SQL Server permissions, broken network connectivity between computers, or use of an unsupported version of SQL Server for the repository.

After I ensured that my servers met all the software requirements, I began the installation program. The program installed the console, repository server, management server, and agent on the DIGITAL2000 system.

If you haven't installed SQL Server, the system will prompt you to install the 120-day evaluation copy of SQL Server 6.5 that AppManager includes, install a licensed copy of SQL Server 6.5, or skip the repository installation. Because I'd already installed SQL Server 6.5, I didn't receive this prompt. The system asked me to name the repository, and I chose the default name QDB. I entered the SQL Server login password (for repository access) and left the default for the SQL NetIQ account password, netiq. Next, the system prompted me for repository options; I left the default, which selects all options.

AppManager, MMC, and You
AppManager is Win2K-ready. I opened the Operator Console MMC snap-in from the NetIQ AppManager program group and logged on to my test server. The MMC console, which Screen 1 shows, includes four panes: TreeView, List, Graph, and Knowledge Script.

The TreeView pane, on the window's upper left side, gives you an iconic, hierarchical representation of your systems and applications that is similar to Windows Explorer's treeview. The List pane, at the bottom of the window, lets you view the status of the KSs (i.e., jobs) that are running. The four tabs beneath the List pane let you view events, jobs, details of jobs, and graphed data. The Graph pane, on the window's upper right side, lets you view data in graph form from KSs that you've collected data from. Clicking the Graph Data tab in the List pane displays icons that represent collected data. Dragging these icons onto the Graph pane lets you display realtime and historical graphs. The Knowledge Script pane, on the window's middle right side, lists prepackaged KSs for each monitored system. You can access specific application KSs by clicking the tabs at the bottom of the pane (e.g., you click the SQL tab to access SQL-specific KSs). You can drag KSs onto the system you want to monitor—a capability that simplifies their implementation. After you drag a KS, its Properties window appears, letting you specify time intervals, thresholds, and corrective actions for system monitoring.

I clicked the NT tab in the Knowledge Script pane, then dragged the CpuLoaded KS onto the DIGITAL2000 system. The Properties window for this KS appeared, and I changed the monitoring schedule's 1-minute interval so that I could run the script immediately. On the Properties window's Values tab, which Screen 2 shows, I set the Collect Data value to y for yes, changed the CPU threshold from the default of 85 percent to 10 percent (to illustrate how the threshold works), then clicked OK. The TreeView pane began flashing alternating exclamation points and J icons next to the monitored system. After 1 minute, an entry for the graphed data appeared in the List pane at the bottom of the screen. I dragged the entry onto the Graph pane and gave the graph a name. I selected the settings to monitor the data in realtime and display all the data, and I clicked OK. The data appeared in a new graph, which Screen 3 shows, and updated each minute thereafter.

Monitoring systems and graphing data was easier than I anticipated, and the changeable options let me create presentable and easy-to-view documents. At any time during server monitoring, I could easily print the graphs to include them in a report or a presentation.

Reporting the Results
Realtime monitoring helps you see how your systems and applications are performing at a given moment, and a good reporting feature is imperative for reviewing your systems' history and providing status reports to management. NetIQ provides hundreds of reports that summarize, for example, the inventory, performance, and event data that AppManager collects. Reports are particularly effective at letting you determine whether you meet service level agreements (SLAs)—a criterion that many enterprise organizations require.

Before you create reports, you must enable data collection in the Properties dialog box of each KS that you set up. The system can collect data in realtime, or you can specify a data-collection time period. Because I had already collected data, I wanted to view a printed report. On the AppManager toolbar, I selected Extensions, Report Manager. The software groups reports according to the application that uses them. I wanted the report to summarize my test system's CPU utilization from the data I collected earlier. I double-clicked the NT CPU Load By Hour report, and within 30 seconds an easy-to-read graph appeared, which Screen 4 shows. You can set up filtering criteria for the data, and you can change the column labels within each report.

Digging Deeper with Extra Tools
With the Repository Browser, experienced SQL Server administrators can use SQL commands to view and query the AppManager Repository's database tables and records. To open the Repository Browser, I opened the AppManager menu, then clicked Extensions, Repository Browser. From the Tables menu, I selected Event, which initiated a SQL select event. I clicked Next to browse through records one by one. You can use Repository Browser to customize and execute other queries. To export data from the AppManager Repository, you simply select the data from one or more tables, then select Export All Records from the File menu. I liked the user-friendly interface and the ability to customize queries.

The AppManager Operator Console lets you monitor one repository at a time, which suffices for small shops but is cumbersome for a large enterprise. If you want to monitor more than one repository at a time, you can use the Distributed Event Console. You access the Distributed Event Console from the NetIQ group in the Programs menu. Each repository takes up one line and displays a server icon. To manage a repository quickly and easily, double-click the icon to open the AppManager Operator Console.

Security is imperative in any enterprise application. AppManager's Security Manager, which is accessible from the Extensions menu, lets you manage security for an AppManager site. For example, you can define user roles and the rights associated with those roles. Also, you can identify users who can access AppManager and specify their roles. Finally, you can store and manage application passwords, SQL Server logins, Exchange Server profile information, or SNMP community strings that you need to run certain AppManager KSs.

I opened Security Manager and logged on. The first time you log on to Security Manager, AppManager prompts you to choose from three predefined roles: Administrator, Standard User, and Read-Only. The Administrator role gives full access to all applications. The Standard User role lets you view and start all applications except the Icon Manager, Repository Browser, and Distributed Event Console. In addition, the Standard User role doesn't let you change report properties. The Read-Only role only lets you view the AppManager views, start the Operator Console, and start the Report Manager. These three prebuilt roles will probably suffice for most new companies, but you'll want to create customized roles to fit your company. I was disappointed that AppManager's Security Manager doesn't integrate tightly with NT's User Manager for Domains—I had to create user roles separately rather than simply add NT user accounts or groups to a specific role.

You can open Win2K's and NT's Event Viewer, Performance Monitor, and Server Manager from within AppManager. For example, when you receive an event notification (or alert) in the List pane, you can open Event Viewer or Performance Monitor to drill down to more specific information. And if you want to add or remove systems from your domain without leaving the console, you can access Server Manager. Immediate access to these tools saves time.

Help and Complaints
NetIQ's product support team answered my many questions and helped me implement AppManager in a variety of scenarios. I also made two calls to NetIQ's technical support division: I asked about WBEM, WMI, and AppManager's Win2K support. NetIQ's representatives responded to my questions with timely, accurate, and courteous answers.

AppManager performed well throughout my tests, but you need to consider the system requirements as minimums and ensure that your systems have plenty of memory. My biggest complaint is that AppManager has no facility to create custom KSs; I had to exit the main program and edit .ini files in a text editor. AppManager needs to include a facility to simplify KS building.

The Verdict
Management tools shouldn't be a burden to learn and should be easy to install, configure, and manage. Although AppManager isn't an application you'll master in a weekend, you can begin basic monitoring within that time frame. AppManager's preinstallation check is a blessing—most users, anxious to begin using a program, neglect checking system requirements. The KSs are impressive and address almost any need, but if you can't find an appropriate prebuilt script, you can use a text editor to create your own.

AppManager doesn't support UNIX or Novell NetWare system monitoring, but the product's extensive and unparalleled support of NT network monitoring is beneficial. Considering the time you spend trying to use multiple monitoring products—not to mention those products' cost—you'll find that AppManager is fast, easy to monitor, and cheap. Competing products, such as Microsoft Systems Management Server (SMS), tend to focus more on software distribution than on crucial operational concerns such as event and performance management. If you need to monitor a single-domain or multiple-domain enterprise, buy a copy of AppManager today.

NetIQ AppManager Suite 3.0
Contact: NetIQ * 408-330-7000 or 888-462-7647
Web: http://www.netiq.com
Price: Starts at $2500; managed system's software starts at $600
System Requirements: Windows NT Workstation 3.51 or NT Server 3.51 or later, 100MHz Pentium processor or better, 32MB of RAM (64MB of RAM for repository), 11MB to 166MB of hard disk space, Microsoft SQL Server 6.5 with Service Pack 1 or Service Pack 3 or later