Showing results for 
Search instead for 
Did you mean: 
Create Post

One Company's Journey Out of Darkness, Part IV: Who Should Use the Tools?

Level 10

I've had the opportunity over the past couple of years to work with a large customer of mine on a refresh of their entire infrastructure. Network management tools were one of the last pieces to be addressed as emphasis had been on legacy hardware first and the direction for management tools had not been established. This mini-series will highlight this company's journey and the problems solved, insights gained, as well as unresolved issues that still need addressing in the future. Hopefully this help other companies or individuals going through the process. Topics will include discovery around types of tools, how they are being used, who uses them and for what purpose, their fit within the organization, and lastly what more they leave to be desired.

Blog Series

One Company's Journey Out of Darkness, Part I: What Tools Do We Have?

One Company's Journey Out of Darkness, Part II: What Tools Should We Have?

One Company's Journey Out of Darkness, Part III: Justification of the Tools

One Company's Journey Out of Darkness, Part IV: Who Should Use the Tools?

One Company's Journey Out of Darkness, Part V: Seeing the Light

One Company's Journey Out of Darkness, Part VI: Looking Forward

Throughout this series I've been advocating the formation of a tools team, whether it is a formalized group of people or just another hat that some of the IT team wears. This team's task is to maximize the impact of the tools that they've chosen to invest in. In order to maximize this impact, understanding who is using each tool is a critical component of success. One of the most expensive tools that organizations invest in is their main network monitoring system.  This expense may be in the CapEx spent obtaining the tool or the sweat equity put in by someone building out an open source offering, but either way these dashboards require significant effort to put in place and demand effective use by the IT organization. Most of IT can benefit from these tools in one way or another, so having Role Based Access Controls to these platforms is important so that this access may be granted in a secure way. Screens should be highly visible so that everyone in the office can see them.

Network Performance Monitoring

NPM aspects of a network management tool should be accessible by most if not all teams, although some may never opt to actually use it. Outside of the typical network team, the server team should be aware of typical throughput, interface utilization, error rates, etc. such that the team can be proactive in remediation of issues. Examples where this has come in useful include troubleshooting backup related WAN congestion issues and usage spikes around anti-virus updates in a large network. In both of these cases, the server team was able to provide some insights into configuration of the applications and options to help remedy the issue in unison with the network management team. Specific roles benefiting from this access include: Server Admins, Security Admins, WAN Admin, Desktop Support

Deep Packet Inspection/Quality of Experience Monitoring

One of the newer additions to NMS systems over the years has been DPI and its use in shedding some light on the QoE for end users. Visibility into application response time can benefit the server team and help them be proactive in managing compute loads or improving on capacity. Traps based on QoE variances can help teams responsible for specific servers or applications provide better service to business units. Specific roles benefiting from this access include: Server Admins, Security Admins, Desktop or Mobile Support

Wireless Network Monitoring

Wireless has outpaced the wired access layer as the primary means of network connectivity. Multiple teams benefit from monitoring the air space ranging from security to help desk and mobile support teams. In organizations supporting large guest networks - health care, universities, hotels, etc. the performance of your wireless network is critical to the public perception of brand. Wireless networks monitoring now even appeals to customer service or marketing teams. This addition to non-IT teams can improve overall communications and satisfaction with the solutions. For teams with wireless voice handsets, telecom will benefit from access to wireless monitoring. In health care, there is a trend to develop a mobile team as these devices are critical to the quality of care. These mobile teams should be considered advanced users of wireless monitoring.

IP Address Management (IPAM)

IPAM is an amazing tool in organizations that have grown organically over the years. Using my customer as a reference, they had numerous /16 networks in use around the world, however many of these were disjointed. This disjointed IP addressing strategy leads to challenge from an IP planning standpoint, especially for any new office, subnet, DMZ, etc. I'd advocate read only access for help desk and mobile support teams and expanded access for server and network teams. Awareness of an IPAM solution can reduce outages due to human error and provides a great visual reference as to the state of organization (or lack there of) when it comes to a company's addressing scheme.

I personally do not advocate an environment that promotes read-only access for anyone interested in these tools as the information held within these tools should be secure as they would provide the seeds for a well planned attack if so desired. Each individual given access to these tools should be made aware that they are a job aide and carry a burden of responsibility. Also, I've worked with some organizations looking for very complex RBAC for their management teams, unless you have an extremely good reason, I'd shy away from this as well as the added complexity generally offers very little.


While in theory I like the tools team idea and it can work with buy in from all teams all the way up the ladder.

But in a silo'd separation of duties environment it may be hard to get the full buy in.

With that said, I have seen it work and I have seen it fail.  It has to be fully supported by all teams to work well or in some cases at all.

Thank you for posting this series.

Level 14

I hadn't really thought about it, but our network admin team is our tools team.  We implemented various SolarWinds products for ourselves, replacing HP OpenView and Cisco Works.  We then worked with our other teams, showing them the many benefits of SolarWinds.

I agree with Jfrazier‌; my organization's history of silo'd expertise limits my ability to get buy-in on a "single pane of glass" tool like the Orion suite of products.  I'm making slight inroads, and am hopeful other groups can share in the Solar Winds experience; if I can improve their management view and alerts and increase their ability to predict and be more proactive, I'll be a happy camper.

But each team has their own go-to best-of-breed or proprietary tool, and I may not know their areas well enough to get them the right information quickly with an Orion tool demonstration.

So we run the risk of having multiple tools' experts in a room, only interested in what their own tool can show and do.

With some luck I may be able to generate enough interest in Orion that one day we may be able to reduce some of the proprietary tools and supplement or replace them with Orion.  I think everyone benefits then, as long as all the original tasks of the proprietary tools are accomplished.  Especially when Orion cuts down troubleshooting time and improves Help Desk triage and ticket assignment accuracy.


A solution to rschroeder‌ and many others where there are manu good point solutions in place is to set up a unified message format.

This is a base message format that becomes a standard template to be implemented by the various point solutions, batch jobs, applications, etc.

This allows for a few templates to be created that will handle most events and it scales across all platforms.  Following the 80/20 rule, they should

cover 80% or more of the events you have to deal with. Then the final 20% is more one off, custom to the situation or a more focused audience or automated actions.

It takes some forethought and planning as well as time to get everyone to conform.  I've had it scale across mainframes, unix (6+ flavors), windows, Tandem, etc.

While it is not a perfect solution, it can work or at least allow a common notification point in-between point solutions.  Thus it becomes a win-win for everyone.

Level 12

very nice articles. all parts are awesome .


Whilst Solarwinds is primarily our networking tool, I do allow all the other teams read access to all the data. So if the Wintel team gets complaints about slow access to one of their servers, they are able to check the network to see if the issue is there.

I've created some easy to read dashboards, so issues are spotted easily. The other teams also use IPAM.

We also have read only access to the firewalls again to help us with trouble shooting and to save (potentially) wasting other people's time.

Level 17

Great Article! Excellent series!

About the Author
Shaun Neal is a Solution Architect with enterprise networking, security and mobility expertise. Additionally, Shaun is engaged in wireless product development, deployment, integration and go to market strategies. His experience aligns information technology and the organizational mission to create service orientated architecture design and see it through implementation.