Microsoft operations Manager, or MOM, has gotten a major face-lift along with a new name—System Center Operations Manager 2007.
Now in beta and expected to ship by January 2007, SCOM 2007 has a new user interface and expanded management pack support. (Final pricing is expected to remain unchanged, at $795 per server.) IT administrators at Windows-heavy shops should definitely put SCOM 2007 on their "should evaluate" list, but they should also be aware that there is no upgrade path for MOM 2005.
In fact, IT managers running MOM 2005 will have to set up a parallel path for SCOM 2007, running both systems until satisfied that SCOM 2007 is capturing all events. At that time, say Microsoft officials, MOM 2005 can be decommissioned.
eWeek Labs has a MOM 2005 infrastructure in place, but during tests we had to install SCOM 2007 alongside it, including deploying the SCOM 2007 agent to systems already running MOM 2005 agents.
Management Packs are plug-in modules that are the backbone of MOMs (and SCOMs) monitoring, management and reporting capabilities, and we were fortunately able to use the MOM 2005 management packs that we already had in place on SCOM 2007. These included the 50-plus application and technology packs that MOM 2005 administrators are likely also using, as well as third-party-supplied management packs.
Management packs for forthcoming Microsoft products, such as Vista, Office 2007 and Exchange Server 2007, are expected to be available by the time SCOM 2007 ships. This is important for Windows-heavy shops because the expert knowledge that comes with management packs can significantly ease the day-to-day monitoring and management of applications through the SCOM 2007 interface.
Management packs also can increase the chances that applications will be implemented in the most secure fashion possible, by running reports that show how basic configurations, such as user accounts, should be implemented.
The lack of legacy integration between MOM 2005 and SCOM 2007 is vexing, but it is also an indication of the sweeping code work that Microsoft has done to bring the old MOM into the new System Center family of management products.
After we finished installing the SCOM 2007 beta, we got another indication of the magnitude of the differences between MOM 2005 and SCOM 2007: Gone is the treelike MMC (Microsoft Management Console) that MOM used for years and that also is familiar to Microsoft Exchange Server and SQL Server administrators. SCOM 2007 instead has neatly laid-out dashboards and reports that we found more effective at presenting critical problem information. (And weve worked with MOM for many years now.)
Key to the newly improved dashboard layout is the addition of an advanced discovery capability. We found that this feature really shines when used in conjunction with Microsofts Active Directory.
During tests, the discovery tool trolled our Active Directory and allowed us to easily locate and bring under management all the Windows servers and desktop systems in our test network. This is a big improvement over earlier versions of MOM in that SCOM 2007 makes it much easier to find systems and then begin the agent deployment process. Considering that all machines currently running agents for MOM 2005 must have the new SCOM 2007 agent installed as the first step in a transition between the two products, the new discovery process will reduce cutover work.
The initial discovery process is automated when using Active Directory, but it can also be targeted to find small groups of systems as they join the network.
We also used the advanced discovery tools to add individual systems, although this process wasnt nearly as easy as the initial discovery because of all the details we had to specify for SCOM 2007 (an issue with MOM 2005 as well).
Using the templates and design tools now included in SCOM 2007, it was easy to create and administer groups of machines, such as Exchange Server 2003 and SQL Server 2005 systems. We were able to display systems in a diagram layout that made it simple to see what machines in a particular management group needed attention. The new diagram display takes the place of the Visio-based diagram interface that first appeared in MOM 2005, and it is much easier to use and more tightly integrated.
SCOM 2007 also is much more effective than MOM at helping IT departments meet stringent auditing requirements. A new user-role feature provides a useful interface that allows the creation of SCOM 2007 users. In our tests, we used the built-in roles—including administrator, advanced operator, author and report security administrator—to assign access rights to various users.
The new user-role function is a big advance over previous versions of MOM. With SCOM 2007, we were able to assign operators to groups of systems in a least-privileged mode, and we could explicitly enable users to work with approved views to the management interface. This kind of restricted-rights access puts SCOM in line with operations management tools such as BMC Softwares Patrol Enterprise Manager and provides some needed catch-up for the Microsoft platform.
SCOM 2007 also can monitor distributed applications that depend on groups of systems. For example, we tested SCOM 2007 with a basic Web application that used SQL Server 2005 on one server and Exchange Server 2003 on another server. The SCOM 2007 authoring view allowed us to easily configure the management packs associated with each of the monitored applications.
We used the new distributed application designer to describe the applications that we wanted to monitor as a group. SCOM 2007 provides a variety of templates that support nearly all the most common scenarios of distributed applications. In addition to monitoring server software, we could monitor server hardware devices, SNMP-enabled server hardware, and Cisco switches and routers.
SCOM 2007 is much more friendly than MOM 2005 to big shops that are accustomed to running scripts to perform management tasks. The SCOM 2007 beta we tested includes a beta version of "Monad," a command-line interface shell and scripting language from Microsoft. When Monad is released, it is expected to be among the main tools used to administer not only SCOM 2007 but also many of the Microsoft server products that SCOM 2007 is designed to monitor.
MOM 2005 offered agentless monitoring capabilities, but theyve been greatly expanded in SCOM 2007.
For example, we implemented the application crash information collection capability in our SCOM 2007 system, using crash data from the Dr. Watson for Windows program error and debugging tool included in Windows XP. We combined the resulting reports (which we had a hard time inducing during testing) with reports from application health monitors on our Windows Outlook clients and Office applications to get a view of what users were experiencing in our network. We could have configured the agentless exception monitoring to also forward data to Microsoft.
We generated reports on agentless exception monitoring that showed the top 10 crashes and crashing applications. These reports, along with many new reports included in the product, should be interesting to IT managers, especially for making decisions about how to allocate break-fix resources.
Technical Director Cameron Sturdevant can be reached at firstname.lastname@example.org.
Among the most proficient monitoring platforms on the market (www.netiq.com)
BMCs Patrol Enterprise Manager
Provides real-time problem notification (www.bmc.com)
CAs eHealth AdvantEDGE View
Uses a Web-based console along with system agents to monitor system health (www.ca.com)
Hewlett-Packards OpenView Application Insight
Uses a variety of plug-ins to capture application performance (www.hp.com)
IBM Tivolis Enterprise Console
Monitors software and hardware events to identify root-cause problems (www.ibm.com)