26 Replies Latest reply on Oct 19, 2018 12:09 PM by alphabits

    What is up with Solarwinds Network Automation Manager (NAM)?

    alphabits

      Sorry if this isn't the right area for this discussion. During Thwack camp this year I saw Network Automation Manager mentioned quite a few times, so I decided to look it up and try to get some more information on it.

       

      I've go an extensive global deployment with instances installed in Americas, Europe, and Asia. I'm currently running: NPM, NTA, NCM, SAM, and VNQM. Are there any differences with NAM, or is it really the same base products? I've got 13 APEs, will they be able to work with NAM in this way?

      Anyone know if the pricing model is different?  I also noticed that SAM was missing from it, but did see it as an optional add-on.

       

      I'd like to talk about it with some people already using it.

       

       

      Network Automation Manager - SolarWinds Worldwide, LLC. Help and Support

        • Re: What is up with Solarwinds Network Automation Manager (NAM)?
          rschroeder

          I upgraded to NAM this fall and I like it.  Feel free to PM me, but the basics are:

          • I already had NPM, NCM, and NTA and three APE's, along with four SLX licenses
          • I wanted VNQM, UDT, IPAM, at least one more APE, and more licenses to handle more interfaces, but the price point was too high
          • I learned about NAM and started negotiating with my SW seller.  Definitely take what they say / promise with some healthy skepticism, and verify before trusting that this is right for your environment.

           

          The results of my inquiries made it apparent it was to my advantage to drop my current licensing and migrate to NAM.

           

          The benefits I achieved through buying NAM included:

          • I now can offer my team and our customers VNQM, UDT, IPAM, and HA
          • I increased my license count from four SLX's (effectively 48,000 elements) to 100,000 elements
          • I can install up to twenty APEs without any additional charge
          • My annual Solarwinds Support contract cost decreased! Only by $1,000 per year, but when I consider all the additional functionality, flexibility, and elements I can monitor, I had expected significantly higher support costs, and this was a very pleasant surprise.
          • I now manage 42,746 interfaces, 849 nodes, and 491 volumes with five pollers (the main NPM instance and four APEs) with plenty of room for growth
          • NAM licensing allows me to approach the silo'd SA's now and ask "What would it take for you to drop Nagios and use NPM?"  Formerly they'd object due to the price of NPM compared to their freeware version of Nagios.  But my Interface count means I'm licensed to manage all 4000 of their servers with NPM.  SWEET!  Here's hoping I can knock that particular silo wall down.
          • My SW reseller was bent a bit over a barrel when I approached him.  It was about a week before the end of Solarwinds fiscal year, and it appears that if he would be able to persuade me to buy NAM, that would perhaps put him over some theoretical sales threshold and maybe get him a bonus or kudos or who-knows-what.  I knew this going in (hey, buy your cars at the end of the month when it's a rainy day and you can often negotiate a better price if it means a salesperson can make their monthly quota with one more car sold), and I wasn't ashamed to ask for steeper discounts than he offered.  He hemmed and hawed and eventually talked himself into giving me a MUCH better price than his initial offer.  When I read his first quote, I told him it was so far out of my budget that I couldn't even bring it to my boss to laugh at.  Apparently there was great incentive for him to find a way to make the sale; his conversation flow changed and he started asking me for reasons why a bigger discount might be warranted:  "You've been a customer of ours for nearly twenty years, haven't you?  And you personally are a Solarwinds Certified Professional, right?  AND you are a current Thwack Most Valuable Player, aren't you?   I see you're ranked in the Thwack Leader Board Top Ten for the last few months . . .    Hmmm . . ."  Eventually he quoted a price, I had him put it writing.  I brought it to my boss (who I'd been priming for this purchase for over a year) and explained that NAM was the right way for us to get UDT and IPAM now because:
            • They filled a need for our new CMDB initiative in that they'd be able to provide the connectivity information for every device in the organization, and that's what the CMDB needs.
            • Our DBA's can mine UDT info from the Solarwinds Orion database and slide it seamlessly into our LANDesk Service Desk CMDB. 
            • Our Communications Platforms team has no VoIP management tools and had been asking for VNQM for a couple of years.
            • My team needed at least one more poller now to keep up with interface element monitoring
            • Corporate growth trends show we'd need another SLX in the coming year, and the price was substantial unless we got it through NAM
            • The new licenses and APE's would poise us to affordably get more customers for our team. 
          • All those stars lined up perfectly, apparently.  I gave him the quote at the EOB on the Wednesday before Solarwinds' fiscal year would end (that Friday!).  He said he'd see if he could scrape funds together for this unbudgeted upgrade.  I wasn't optimistic.  When I came in the following morning, I learned the P.O. was already cut, sent, & received, and I already had access to all the licenses and modules!

           

          Limitations:

          • I did not have SAM or DPA or VMAN or SRM or WPM before, and I still do not have any of them.  NAM doesn't include those. The pricing for SAM/DPA are VERY high when you're talking about 1000 SQL and 250 Oracle instances.  Getting our SA's and DBA's to start using Solarwinds without SAM and DPA is an uphill climb.  But I'll save that challenge for 2018 and be happy I have as much as I do now.
          • There is confusion between NAM and NOM.  Make sure you research both, and get the right one for your needs.
          • Only 100,000 elements are licensed for NAM (this is not a problem in my environment) (In 2018 the NAM element count doubled to 200,000!)
          • I had to spin up additional VM's for the APE's (the resources were available and unused, and my SysAdmins had that done in twenty minutes)
          • I had to move my Solarwinds Orion database to a dedicated VM due to the additional demand for RAM and CPU (which was a great idea anyway, even without NAM).
          • SW recommends 128 GB of RAM for the SQL database in large SLX deployments, as well as quad 3 GHz CPU's, and my VM environment doesn't offer either of those.  So my queries and page refreshes are not snappy fast, but they're acceptable.
          • SW recommends Enterprise SQL licensing, but it's VERY expensive.  I'm doing without it; things seem OK so far.  I'm having my DBA's quote the new Enterprise license environment for next year, but I expect it'll run to $120K or more, so I'm not holding my breath for it.
          • UDT's functionality is awesome, but its reporting capabilities are not fully fleshed out yet.  It'll be fun and VERY USEFUL when UDT has canned and customizable reports like NPM does.  If you're interested, please vote for a Feature Request for UDT Reporting here:  Create more canned and custom reports to leverage UDT information, please?
          • I had to spend more time learning new SW applications and reconfiguring my environment to support them.  Examples:
            • All of my environment runs on snmp-v3 as a best practice, but UDT doesn't play nicely with snmp-v3 unless you can apply up to three kluges to the switches, and not all switches are compatible with those kluges.  I ended up deploying snmp-v2 across all my switches, and locking it down so only my APE's were allowed to use snmp-v2.  This pacified my security team and got me the data UDT needed.
            • I needed a domain administrator service account that seems to have P.O.G. for UDT and IPAM to discover/monitor/leverage my domain controllers and Active Directory resources.  Once again, Security was willing to bless this as long as the credentials met their stringent requirements.
          9 of 9 people found this helpful
            • Re: What is up with Solarwinds Network Automation Manager (NAM)?
              alphabits

              Thanks for the extensive write up, and congrats on the success.

               

              For the most part it sounds great, and I have a meeting with my account manager on Monday about it, though I do have some concerns.

               

              - Do you know if the 100,000 element count is a hard set limit? Is it not dependent on the amount of polling servers?

               

              - SAM not being covered. My account rep said it can be added on in a separate bundle, so I'll have to gauge that cost/benefit ratio. SAM for the last 3 years has really mostly been used by me only, to gauge system performance (web pages, form login, polling server, and AppInsight for SQL, etc.).

               

              I'm still really in a research phase, as licensing for this year has already been sent in. This could be something I'm looking at deploying in 2018 if the stars align.

              • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                sja

                Hi rschroeder

                 

                Is that something that I could  “pick and choose”?

                 

                I have NPM/NCM &3 pollers+ AWS

                I sure like the to try the redundancy and maybe VNQM (if something positive will happen),but absolutely not planning  to make use of UDT or IPAM Or NTA

                 

                Is the bundle means that you must install everything?

                  • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                    rschroeder

                    I did not have to install everything that came with NAM.  In this case, I suspect "bundle" means that you've purchased the license for all the modules, but are not required to install all of them. 

                     

                    And I believe you have the option to never install certain modules.  Or install some later.

                    1 of 1 people found this helpful
                    • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                      rschroeder

                      One of the most important reasons for me to get NAM was to be able to use the information it discovers through UDT.  I've used that module hundreds of times in the last two weeks alone, and my Help Desk and End User Platform Support teams are VERY excited to be able to get that information.  It's saved me LOADS of time already, since we have frequent requests to discover which switch ports are attached to specific devices.

                       

                      That work flow comes from departments who install devices on the network, and these devices have no admin interface from which their IP addresses can be preset or discovered.  For example, HVAC controllers and IP-based security cameras are this way.  They show their MAC address on a label, but there's no way to get their IP addresses for managing them until you search for the MACs in the DHCP server, or pull them out of the ARP table in a router.  Imagine having a customer hand you a thousand MAC addresses and then ask where they're attached, and what IP addresses they all have!  I faced that this past week.

                       

                      For small numbers of MACs, it's easy to use the Device Tracker Search tool, into which I can paste the MAC address, or host name, or IP address, and get a quick view showing switch, switch port, router supporting that subnet, the VLAN involved, and even the user's name (if one is present). 

                       

                      For larger numbers of MACs (or IP's or host names), it's fast to execute a SWQL query from SDK pointed at the UDT section of the SQL database.  Three or four clicks and I can see all 120,000 lines in that database, and from there it's an easy matter to export to Excel and filter against the list of MACs the user provided for the search.

                       

                      Having IPAM installed, even though I already rely on Infoblox IPAM, makes the UDT information just that more accurate.  AND it reveals how bad my Microsoft DNS solution is, regarding stale DNS entries for devices that don't support Dynamic DNS updates and I envy you.

                       

                      If you have VoIP enabled and if lots of folks rely on it, and if you have set up IP SLA's on WAN links to improve VoIP performance, VNQM seems tailor made for discovering problems and identifying jitter.  I haven't got my Communications Platforms teams to give me their Call Managers' IP addresses and community strings yet, but I'm pestering them for this info so I can improve Network VoIP performance for them.  VNQM doesn't work with Cisco NEXUS IPSLA's yet, which is unfortunate since my big core WAN routers are Nexus 7009's running IPSLA.  But the routers on the other side of those links aren't Nexus, and they DO have IP SLA's configured, so I suspect I'll get all or most of what I need from them.

                       

                      The thing I have not yet implemented from NAM is HA.  I don't have enough customers relying on Solarwinds yet--just my Network team and some smaller departments who really only understand the up/down parts of the alerts they get.  And that's all they want.  Having Solarwinds down is a big pain for the Network team, but there's only six of us at present.  I intend to grow our Solarwinds customer base and get more folks aware of it.  Considering I have 100,000 licenses for volumes and servers, that should get the attention of my SysAdmins!

                       

                      Good luck with NAM if/when you decide to get it.  It was the right fit for my environment, and moving our stand-alone licenses for NCM, NPM, and NTA over to the NAM licensing saves us a thousand dollars a year.  Not bad for increased services and more capacity, for just a one-time purchase fee.

                  • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                    PeterLyttle

                    Hi Folks,

                     

                    I'm really interested to hear how any of you with centralized global installations have handled the 200ms limit between APEs and SQL DB? (currently the only issue needing addressed before we go ahead with NAM/ACM)

                     

                    Thanks!

                      • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                        rschroeder

                        My organization has only a hundred satellite locations, all within 500 miles of each other.  We don't run into 200 ms latency anywhere, and I apologize I don't have what you need to get the job done.

                         

                        I suggest you reach out to SolarWinds sales and discuss your design challenges and see what solutions SolarWinds' engineers can offer.  There ARE multiple international businesses that use SolarWinds for their NMS, and I've read some of the comments and ideas their staffs have shared.  It seems to work well for them, and I'd be very interested to learn what SolarWinds comes up with for you.

                         

                        Please share what you learn from SolarWinds!  New and existing customers may benefit from your experience with this design challenge.

                        • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                          alphabits

                          I have a global setup with multiple polling engines around the 200ms mark. None are above 250. I changed from regionally deployed Solarwinds instances to a centralized deployment with remote APEs this year. It was a lot of work. Since then I have ran into some issues, but no deal breakers.

                          1. Polling engines around 200ms will not be able to handle as many elements as your local polling engines. With NAM this may not be an issue due to having unlimited licenses. I've found they can really only reliably handle around 6,000 elements per polling engine. Down from the 12,000 advertised.

                          2. Installs on the remote APEs can be a PAIN. The new centralized deployment option in 12.3 may help with this. I haven't had a chance to use it yet. Be sure to use the "offline" install packages when setting up or upgrading.

                          3. Make sure you have reliable connections to your APEs with plenty of bandwidth to support the data from them.

                          4. Keep an eye on MSMQ. Data will back up here if your polling engine cannot get everything out to the database between polls.

                           

                          I also monitor the performance of all polling engines with SAM. You may not have it in your deployment, but you can setup some kind of custom monitoring with perfmon.

                           

                          If you're going to be using NAM, and have reliable connections with enough bandwidth I don't see any problems based on my exp.

                          Just be sure to monitor the deployment. NPM 12.3 also has the new "Deployment Health" menu.

                           

                          Well hit me up if you have any other questions I might be able to help with.

                          1 of 1 people found this helpful
                            • Re: What is up with Solarwinds Network Automation Manager (NAM)?
                              PeterLyttle

                              That's great information right there thanks. The worst case scenario (currently) would be around 300ms between the APE and DB for a specific region - the problem is that if we have a support issue we could be knocked back straight away as we're not in a supported configuration.  The only alternative(s) I could think of to maintain the centralised deployment was to have a APE for the problematic region located around 200ms away and then poll the region across the WAN rather than with a local APE (not ideal but with dependencies etc still workable).  ACM(SAM) would be used to monitor all aspects, but good to know the performance drops along with the MSMQ backlog potential.

                               

                              Alternatively I see that the Solarwinds DB fully supports MS replication technologies, I'd wondered if you could use MS Peer-to-Peer (or merge for better conflict resolution) replication to get the data into the region and then run a DNS loadbalancer to ensure the same entry point/DB name - something i'm sure support may have an issue with.