cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

2016 Resolutions: 4 Suggestions For Your IT Bucket List

Level 18

Here in these early days of January, it feels the same way weekends did on Saturday mornings when I was 8 years old—a giant bowl of Sugar Frosted Choco-Bombs in my lap, cartoons on TV, and hour after hour of joyful opportunity spread out in front of me.

However, in the years since I was 8, I have learned a few things:

  • Don't turn up the volume on the TV before it turns on or it wakes up your parents.
  • 2 bowls of cereal is awesome; 4 is too many.
  • Carry the milk with both hands even when you are sure you can do it with one.
  • Make plans or all those hours disappear before you know it. Then it's Monday again and you are explaining to Mrs. Tabatchnik why the answer for all your math homework problems is 12.

In the spirit of that last point, making plans, now is the perfect time to set some goals. One might even call them "resolutions" for things that should be on your 2016 bucket list. Here are 4 suggestions of things that should be on yours.

Turn off the noise
My first 2016 resolution suggestion is pure #MonitoringGlory. Nobody wants to get an automated ticket, email, or text for something that isn't actually a problem, whether it comes in the middle of the day or at 2 am. Resolve to spend some quality time with your alert triggers and their results. Does the trigger logic identify a real, measurable, actionable problem, or is it an "FYI alert" that merely pesters an actual human to go check and see if something is ACTUALLY wrong? Now dig into the results over the last year. Did this alert generate storms of alerts? Almost none at all? What did people do when the alert came in?

All of these questions will help you create a better, more meaningful alert. This leads to the recipient of the alert believing it more, which leads to better responsiveness.

Enable IPv6

In the 20 years since the protocol was released, IPv6 has netted only a 10% adoption in the workplace. With the oncoming storm of SDN, IoT, and BYOE—not to mention the general growth of networks and network complexity—there are alarming security risks in NOT understanding what is and isn't IPv6-enabled in your environment (and what it's doing). Finally, with the not-so-modest gains to be made with IPv6 in the area of clustered servers, domain controllers, multicast, and more, this is the time to get in front of the curve and start planning, and even implementing IPv6.

Commit to learning and testing now so you aren't under the gun when it's really crunch time.

Commit to security

In the same vein, your IT resolutions should include at least one security-related commitment. Maybe you make friends with the audit team for once. Maybe you scan your network device configurations and see if they meet SOX or DISA STIG standards. Maybe you use NetFlow or Deep Packet Inspection to identify the types of traffic on your network (as well as the source and destination of that traffic).

Heck, even just choosing and using a password manager for your own personal accounts would be a great start. If for no other reason than it would get you thinking about all the OTHER users in your organization and how they are managing their passwords. Which, as we saw throughout 2015, was the first line of defense to fail in every major breach.

Whatever it is, don't let security be someone else's responsibility this year.

Know the value of your monitoring

Coming back around to monitoring for my last point, commit to taking the time to understand what monitoring provides you. What I mean by that is, every time a specific alert triggers, what have you saved in terms of minutes of outage, staff time, and/or predictive vs reactive repair costs?

Calculating this may be time consuming, but it's not complex, as I've described in the past (https://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2015/01/09/the-cost...).

Why should this be on your 2016 resolutions? Because it helps you identify which tools, monitors, and alerts cost your company (in time to create, maintain, and respond to) more than they are worth, and which have a high return on investment. Not only that, but doing this for existing monitors helps you evaluate which of your upcoming requests is most worth digging into.

Finally, having these numbers handy gives you the ammunition you need to face the bosses and bean counters when you request additional licenses—they need a justification.

Because I don't know about where you work, but it feels like my whole management and purchasing team is related to old Mrs. Tabatchnik.


Those are MY recommendations for what you should have on your 2016 IT resolutions, but your list probably looks a lot different. You really should put those resolutions to work. How? By entering them in the 2016 IT Resolutions contest (https://thwack.solarwinds.com/community/solarwinds-community/contests-missions/it-resolutions/overvi...). Meanwhile, I want to hear your thoughts about my list, your list, or your IT plans for 2016 in general, in the comments below.

14 Comments
MVP
MVP

Good stuff Leon...

I would add document and documentation. 

- You need to review ( audit ) your monitoring at least annually as application you monitor may change and you may not have been aware or told about.

- update your documentation on what you have built and why things were built that way ( allows newbs to see why some things are why they are and to perpetuate tribal knowledge)

- review you documentation to be sure it is current.  (this is in some cases a full time job)

----- the audit/documentation review is actually a good job for newbs as they will then see and/or touch most everything at least once during the process and it gives them a good overview of the environment.

I'd also add that greater benefits can come to an organization when the silo-ed departments adopt a common monitoring platform that can present a big picture in a single pane of glass, which also allows drilling down into those silos like Network or Database or Server or Application, etc.

NCM and NTA and NPM are excellent to have, but when other groups have their own specialty monitoring apps and they eschew an Orion-style global management solution, there are many things that are going to bounce between departments and the service desk before the right folks are identified to resolve issues.

Level 14

Great piece.....

my 2 cents..

On IPv6 .... a part of the 90% we have a couple of vendors who license by workstation (IPv4) (don't say it!!!")

Security - I've tried in the last 6 months to increase awareness of security in everything we do... results are improving. My advice is to make folks aware that they indeed are part of the solution...

Level 14

All four are good bucket list items.  1, 3, and 4 are on going, in a never ending, self-sustaining loop.  As for IPv6, we won't be moving in that direction where i work any time soon.

Funny you say that about Noise.  We have a team that has gotten carried away with their new toy Splunk.

There must be a send all mode, because they are sending out useless notifications and lots of them and by lots I mean Powerball sized numbers of notifications.

Level 14

Must.....tune......Splunk.....

MVP
MVP

This is exactly what I was about to write.

Right from the word go, I've been committed to dropping noise. The less I'm alerted the better.

Only other thing I do always is to create alerts when an issue occurred and we didn't 'notice'. If that issue occurs again, we'll know that time.

MVP
MVP

I totally agree but unfortunately I (like others I assume judging by the lack of) totally hate doing documentation.

Luckily we have architects that do a lot of documentation but I really should be doing some as well. It should be my new year's resolution.....

Make and tune rules in LEM!

Get our block of IPv6 addresses.

RT

Level 12

Great points Leon!

I'm about on the same page as network defender on this one as our LAN/WAN will not be moving from IPv4 to IPv6 for a while. 

#1 & #4 are ongoing and must be tuned and managed properly to ensure people do not get numbed or inundated by alerts and then ignore them or filter them out!

#3 is my pet peeve and such an important subject and has been since the '90s.  With IoT devices and State sponsored attempts to gain access to information, this one will become one of the top $$ buckets for all companies/enterprises regardless of size.  "Like it or NOT!"

Agree completely with Jfrazier and documentation also assists with all of the other points too!

Always enjoy your POV Leon!

Level 17

Turning off the noise is one of my big priorities this year!

All very good points and depending on each environment will decide the extent at which you can implement/tune.

#1 On going process and depends what the "Fire of the Week" is.

#2 Do not see it happening this year, maybe on the perimeter but not likely.

#3 Is my daily bread. Live it, work it, develop it and try to make it easier for others to follow.

#4 Always to develop data to prove why we do what we do and how we want to present it.

Good luck to all and remember to keep your feet on the ground when you are reaching for the stars,  ~Casey Kasem

Level 12

commit to security is very important for any company.

MVP
MVP

For us, "Knowing the Value of our monitoring" has to be a top priority. We have duplicate tools being controlled by different business units. If our uppers could see the benefit of monitoring across the board and not just little snippets here and there our jobs would be so much easier and we could save some $$ by eliminating duplicate software.

About the Author
In my sordid career, I have been an actor, bug exterminator and wild-animal remover (nothing crazy like pumas or wildebeasts. Just skunks and raccoons.), electrician, carpenter, stage-combat instructor, American Sign Language interpreter, and Sunday school teacher. Oh, and I work with computers. Since 1989 (when you got a free copy of Windows 286 on twelve 5¼” floppies when you bought a copy of Excel 1.0) I have worked as a classroom instructor, courseware designer, desktop support tech, server support engineer, and software distribution expert. Then about 14 years ago I got involved with systems monitoring. I've worked with a wide range of tools: Tivoli, Nagios, Patrol, ZenOss, OpenView, SiteScope, and of course SolarWinds. I've designed solutions for companies that were extremely modest (~10 systems) to those that were mind-bogglingly large (250,000 systems in 5,000 locations). During that time, I've had to chance to learn about monitoring all types of systems – routers, switches, load-balancers, and SAN fabric as well as windows, linux, and unix servers running on physical and virtual platforms.