9 of 9 people found this helpful
I upgraded to NAM this fall and I like it. Feel free to PM me, but the basics are:
- I already had NPM, NCM, and NTA and three APE's, along with four SLX licenses
- I wanted VNQM, UDT, IPAM, at least one more APE, and more licenses to handle more interfaces, but the price point was too high
- I learned about NAM and started negotiating with my SW seller. Definitely take what they say / promise with some healthy skepticism, and verify before trusting that this is right for your environment.
The results of my inquiries made it apparent it was to my advantage to drop my current licensing and migrate to NAM.
The benefits I achieved through buying NAM included:
- I now can offer my team and our customers VNQM, UDT, IPAM, and HA
- I increased my license count from four SLX's (effectively 48,000 elements) to 100,000 elements
- I can install up to twenty APEs without any additional charge
- My annual Solarwinds Support contract cost decreased! Only by $1,000 per year, but when I consider all the additional functionality, flexibility, and elements I can monitor, I had expected significantly higher support costs, and this was a very pleasant surprise.
- I now manage 42,746 interfaces, 849 nodes, and 491 volumes with five pollers (the main NPM instance and four APEs) with plenty of room for growth
- NAM licensing allows me to approach the silo'd SA's now and ask "What would it take for you to drop Nagios and use NPM?" Formerly they'd object due to the price of NPM compared to their freeware version of Nagios. But my Interface count means I'm licensed to manage all 4000 of their servers with NPM. SWEET! Here's hoping I can knock that particular silo wall down.
- My SW reseller was bent a bit over a barrel when I approached him. It was about a week before the end of Solarwinds fiscal year, and it appears that if he would be able to persuade me to buy NAM, that would perhaps put him over some theoretical sales threshold and maybe get him a bonus or kudos or who-knows-what. I knew this going in (hey, buy your cars at the end of the month when it's a rainy day and you can often negotiate a better price if it means a salesperson can make their monthly quota with one more car sold), and I wasn't ashamed to ask for steeper discounts than he offered. He hemmed and hawed and eventually talked himself into giving me a MUCH better price than his initial offer. When I read his first quote, I told him it was so far out of my budget that I couldn't even bring it to my boss to laugh at. Apparently there was great incentive for him to find a way to make the sale; his conversation flow changed and he started asking me for reasons why a bigger discount might be warranted: "You've been a customer of ours for nearly twenty years, haven't you? And you personally are a Solarwinds Certified Professional, right? AND you are a current Thwack Most Valuable Player, aren't you? I see you're ranked in the Thwack Leader Board Top Ten for the last few months . . . Hmmm . . ." Eventually he quoted a price, I had him put it writing. I brought it to my boss (who I'd been priming for this purchase for over a year) and explained that NAM was the right way for us to get UDT and IPAM now because:
- They filled a need for our new CMDB initiative in that they'd be able to provide the connectivity information for every device in the organization, and that's what the CMDB needs.
- Our DBA's can mine UDT info from the Solarwinds Orion database and slide it seamlessly into our LANDesk Service Desk CMDB.
- Our Communications Platforms team has no VoIP management tools and had been asking for VNQM for a couple of years.
- My team needed at least one more poller now to keep up with interface element monitoring
- Corporate growth trends show we'd need another SLX in the coming year, and the price was substantial unless we got it through NAM
- The new licenses and APE's would poise us to affordably get more customers for our team.
- All those stars lined up perfectly, apparently. I gave him the quote at the EOB on the Wednesday before Solarwinds' fiscal year would end (that Friday!). He said he'd see if he could scrape funds together for this unbudgeted upgrade. I wasn't optimistic. When I came in the following morning, I learned the P.O. was already cut, sent, & received, and I already had access to all the licenses and modules!
- I did not have SAM or DPA or VMAN or SRM or WPM before, and I still do not have any of them. NAM doesn't include those. The pricing for SAM/DPA are VERY high when you're talking about 1000 SQL and 250 Oracle instances. Getting our SA's and DBA's to start using Solarwinds without SAM and DPA is an uphill climb. But I'll save that challenge for 2018 and be happy I have as much as I do now.
- There is confusion between NAM and NOM. Make sure you research both, and get the right one for your needs.
- Only 100,000 elements are licensed for NAM (this is not a problem in my environment) (In 2018 the NAM element count doubled to 200,000!)
- I had to spin up additional VM's for the APE's (the resources were available and unused, and my SysAdmins had that done in twenty minutes)
- I had to move my Solarwinds Orion database to a dedicated VM due to the additional demand for RAM and CPU (which was a great idea anyway, even without NAM).
- SW recommends 128 GB of RAM for the SQL database in large SLX deployments, as well as quad 3 GHz CPU's, and my VM environment doesn't offer either of those. So my queries and page refreshes are not snappy fast, but they're acceptable.
- SW recommends Enterprise SQL licensing, but it's VERY expensive. I'm doing without it; things seem OK so far. I'm having my DBA's quote the new Enterprise license environment for next year, but I expect it'll run to $120K or more, so I'm not holding my breath for it.
- UDT's functionality is awesome, but its reporting capabilities are not fully fleshed out yet. It'll be fun and VERY USEFUL when UDT has canned and customizable reports like NPM does. If you're interested, please vote for a Feature Request for UDT Reporting here: Create more canned and custom reports to leverage UDT information, please?
- I had to spend more time learning new SW applications and reconfiguring my environment to support them. Examples:
- All of my environment runs on snmp-v3 as a best practice, but UDT doesn't play nicely with snmp-v3 unless you can apply up to three kluges to the switches, and not all switches are compatible with those kluges. I ended up deploying snmp-v2 across all my switches, and locking it down so only my APE's were allowed to use snmp-v2. This pacified my security team and got me the data UDT needed.
- I needed a domain administrator service account that seems to have P.O.G. for UDT and IPAM to discover/monitor/leverage my domain controllers and Active Directory resources. Once again, Security was willing to bless this as long as the credentials met their stringent requirements.
Thanks for the extensive write up, and congrats on the success.
For the most part it sounds great, and I have a meeting with my account manager on Monday about it, though I do have some concerns.
- Do you know if the 100,000 element count is a hard set limit? Is it not dependent on the amount of polling servers?
- SAM not being covered. My account rep said it can be added on in a separate bundle, so I'll have to gauge that cost/benefit ratio. SAM for the last 3 years has really mostly been used by me only, to gauge system performance (web pages, form login, polling server, and AppInsight for SQL, etc.).
I'm still really in a research phase, as licensing for this year has already been sent in. This could be something I'm looking at deploying in 2018 if the stars align.
NAM had a hard limit for 100,000 elements in 2017. Given NAM lets me have 20 or more APE's, it still limits things to 100,000 elements. In 2018 this doubled to 200,000 elements--at no extra charge!
I think my organization would really benefit from SAM with DPA, but everyone has their own silo and their own product-specific tools with which they have expertise. Some team members have seen multiple tools purchased and cast aside; they're not interested in learning something new because they don't understand the benefit to the organization when EVERYONE can see EVERYTHING and have problems bubble up to the top of that NPM single pane of glass.
Here's hoping you end up with the right solution for your organization, at a great price!
Can someone clarify that please... With NAM, APEs are free up to 100K elements? Is that correct?
Here are some resources to review on that topic:
Search - SolarWinds Worldwide, LLC. Help and Support (this isn't a generic link--it goes to the NAM pages)
When I go to my Customer Portal site, log in, and review licenses, now that I have purchased NAM I see twenty licenses for APE's available (minus the ones I've already installed).
If you don't find what you need at https://support.solarwinds.com, then contact your Solarwinds Sales Engineer, or open a Support Ticket either online or via telephone with Solarwinds.
To clarify, I believe NAM allows you to install up to 20 APEs.
The 100,000 element license limitation is set by the processing & computing capabilities of one instance of Orion NPM. When you must monitor more than 100k elements with NPM, Solarwinds recommends you purchase and install a second "main" instance of Orion NPM.
Once you have more than one instance of NPM, and you have more than 20 distributed pollers, I suspect you're now in the big leagues where you should consider purchasing and deploying the Enterprise Operations Console (EOC). I installed EOC when we merged with two other businesses that had their own NPM instances, but together all three of us were small enough to simply manage all nodes under one instance of NPM. So last year I dropped EOC and converted two NPM instances to APE's and monitor everything with one NPM instance.
This saved me a boat load of money in licenses and support, and got my various Network Teams acting like one team instead of three separate teams. It was a great decision.
But once you get two or more NPM's going, you can't see all the nodes' status in one web page view--you must have a separate browser window dedicated to every NPM. Unless you get EOC--then all the NPM instances report to it, and it displays everything.
I feel that EOC is great for the highest level of Network Managers to see, and that lower levels of Network Analysts should be dedicated to their own region's instance of NPM. It would be good if they didn't have to worry about another region's nodes, and have another web window open to that region's NPM. Of course you could just devote a monitors to each NPM instance; that should work well instead moving to EOC.
We actually just under 100K elements. We do have a plan to exceed 100K and it is built on the back of a rather robust SQL server platform and SSD-based RAID 10 array. Aside from that, everything else is pretty stock -- aside from the 17 polling engines
Ah, I thought you were somewhere around it. I guess I was mistaken on being over vs near
Is that something that I could “pick and choose”?
I have NPM/NCM &3 pollers+ AWS
I sure like the to try the redundancy and maybe VNQM (if something positive will happen),but absolutely not planning to make use of UDT or IPAM Or NTA
Is the bundle means that you must install everything?
1 of 1 people found this helpful
I did not have to install everything that came with NAM. In this case, I suspect "bundle" means that you've purchased the license for all the modules, but are not required to install all of them.
And I believe you have the option to never install certain modules. Or install some later.
Cool thanks for the quick response
I just find some of those models not a good idea for large scale deployment...
The idea of getting free pass licensing is good..
One of the most important reasons for me to get NAM was to be able to use the information it discovers through UDT. I've used that module hundreds of times in the last two weeks alone, and my Help Desk and End User Platform Support teams are VERY excited to be able to get that information. It's saved me LOADS of time already, since we have frequent requests to discover which switch ports are attached to specific devices.
That work flow comes from departments who install devices on the network, and these devices have no admin interface from which their IP addresses can be preset or discovered. For example, HVAC controllers and IP-based security cameras are this way. They show their MAC address on a label, but there's no way to get their IP addresses for managing them until you search for the MACs in the DHCP server, or pull them out of the ARP table in a router. Imagine having a customer hand you a thousand MAC addresses and then ask where they're attached, and what IP addresses they all have! I faced that this past week.
For small numbers of MACs, it's easy to use the Device Tracker Search tool, into which I can paste the MAC address, or host name, or IP address, and get a quick view showing switch, switch port, router supporting that subnet, the VLAN involved, and even the user's name (if one is present).
For larger numbers of MACs (or IP's or host names), it's fast to execute a SWQL query from SDK pointed at the UDT section of the SQL database. Three or four clicks and I can see all 120,000 lines in that database, and from there it's an easy matter to export to Excel and filter against the list of MACs the user provided for the search.
Having IPAM installed, even though I already rely on Infoblox IPAM, makes the UDT information just that more accurate. AND it reveals how bad my Microsoft DNS solution is, regarding stale DNS entries for devices that don't support Dynamic DNS updates and I envy you.
If you have VoIP enabled and if lots of folks rely on it, and if you have set up IP SLA's on WAN links to improve VoIP performance, VNQM seems tailor made for discovering problems and identifying jitter. I haven't got my Communications Platforms teams to give me their Call Managers' IP addresses and community strings yet, but I'm pestering them for this info so I can improve Network VoIP performance for them. VNQM doesn't work with Cisco NEXUS IPSLA's yet, which is unfortunate since my big core WAN routers are Nexus 7009's running IPSLA. But the routers on the other side of those links aren't Nexus, and they DO have IP SLA's configured, so I suspect I'll get all or most of what I need from them.
The thing I have not yet implemented from NAM is HA. I don't have enough customers relying on Solarwinds yet--just my Network team and some smaller departments who really only understand the up/down parts of the alerts they get. And that's all they want. Having Solarwinds down is a big pain for the Network team, but there's only six of us at present. I intend to grow our Solarwinds customer base and get more folks aware of it. Considering I have 100,000 licenses for volumes and servers, that should get the attention of my SysAdmins!
Good luck with NAM if/when you decide to get it. It was the right fit for my environment, and moving our stand-alone licenses for NCM, NPM, and NTA over to the NAM licensing saves us a thousand dollars a year. Not bad for increased services and more capacity, for just a one-time purchase fee.
Thanks for your informative posts about NAM! On a side note, you don't have to make the entire environment HA right away. For example, you could have your primary server in a HA pool and leave the rest of your APEs standalone.
I can't imagine living without SAM.
I can only imagine life WITH SAM. ;^)
My SA's rely on the freeware version of Nagios to tell them the status of their servers. It's hard to beat free, but Nagios doesn't make beautiful reports, and doesn't come close to presenting an integrated single pane of glass (IMHO).
And SAM has a nagios plug in as well!
I didn't know that. I'm not sure whether to think that's a good thing or not. Do you use it? Do you like it?
I've migrated a few people off Nagios, and once you guy used to the lingo and ways things are done in Nagios versus Orion it is pretty painless to transition over. The SAM nagios component monitor makes things pretty streamlined to check all the same things as what you already have in place.
1 of 1 people found this helpful
Nah we used to use nagios (it's actually still running) and has some WUG before too. Orion has been better than both of them but hard to argue with nagios price.
I'm really interested to hear how any of you with centralized global installations have handled the 200ms limit between APEs and SQL DB? (currently the only issue needing addressed before we go ahead with NAM/ACM)
My organization has only a hundred satellite locations, all within 500 miles of each other. We don't run into 200 ms latency anywhere, and I apologize I don't have what you need to get the job done.
I suggest you reach out to SolarWinds sales and discuss your design challenges and see what solutions SolarWinds' engineers can offer. There ARE multiple international businesses that use SolarWinds for their NMS, and I've read some of the comments and ideas their staffs have shared. It seems to work well for them, and I'd be very interested to learn what SolarWinds comes up with for you.
Please share what you learn from SolarWinds! New and existing customers may benefit from your experience with this design challenge.
Ah ok thanks for the reply either way! It was actually SW that recommended me posting a message on Thwack to gauge other peoples experiences, though they are going to look internally too.
1 of 1 people found this helpful
I have a global setup with multiple polling engines around the 200ms mark. None are above 250. I changed from regionally deployed Solarwinds instances to a centralized deployment with remote APEs this year. It was a lot of work. Since then I have ran into some issues, but no deal breakers.
1. Polling engines around 200ms will not be able to handle as many elements as your local polling engines. With NAM this may not be an issue due to having unlimited licenses. I've found they can really only reliably handle around 6,000 elements per polling engine. Down from the 12,000 advertised.
2. Installs on the remote APEs can be a PAIN. The new centralized deployment option in 12.3 may help with this. I haven't had a chance to use it yet. Be sure to use the "offline" install packages when setting up or upgrading.
3. Make sure you have reliable connections to your APEs with plenty of bandwidth to support the data from them.
4. Keep an eye on MSMQ. Data will back up here if your polling engine cannot get everything out to the database between polls.
I also monitor the performance of all polling engines with SAM. You may not have it in your deployment, but you can setup some kind of custom monitoring with perfmon.
If you're going to be using NAM, and have reliable connections with enough bandwidth I don't see any problems based on my exp.
Just be sure to monitor the deployment. NPM 12.3 also has the new "Deployment Health" menu.
Well hit me up if you have any other questions I might be able to help with.
That's great information right there thanks. The worst case scenario (currently) would be around 300ms between the APE and DB for a specific region - the problem is that if we have a support issue we could be knocked back straight away as we're not in a supported configuration. The only alternative(s) I could think of to maintain the centralised deployment was to have a APE for the problematic region located around 200ms away and then poll the region across the WAN rather than with a local APE (not ideal but with dependencies etc still workable). ACM(SAM) would be used to monitor all aspects, but good to know the performance drops along with the MSMQ backlog potential.
Alternatively I see that the Solarwinds DB fully supports MS replication technologies, I'd wondered if you could use MS Peer-to-Peer (or merge for better conflict resolution) replication to get the data into the region and then run a DNS loadbalancer to ensure the same entry point/DB name - something i'm sure support may have an issue with.
Have you looked into the Remote Office Pollers they are working on? Its like a mini polling engine with better latency abilities, but I don't know how many elements you're looking at with your 300ms area.