DMTF Solidifies CIM Standards

Commentary: New process could mean clearer system and network management guidelines-if it's handled properly

System and network management took another step toward standardization on Nov. 19 with the release of a compliance and registration tool for vendors to prove that they conform to the CIM (Common Information Model). The Distributed Management Task Force has been working on a beta version of the test tool since spring, and is releasing the tool and registration process in hopes that equipment and application vendors will prove that their products conform to CIM.

For IT managers, a "CIM-compliant" seal may mean a device or application will be easier, and presumably cheaper, to manage. I recently spoke with Winston Bumpus, president of the DMTF, about the other ramifications of the compliance test.

"We have a set of sophisticated tools to be able to allow people to do the certification in their own environment and then do it online," said Bumpus, who is also the Director of Standards at Novell.

Starting on Nov. 19, vendors who are members of the DMTF will be able to use the compliance tools and online registration process to declare that their products behave as defined in the CIM 2.2 specification, which was released in 1999. The list of vendors who successfully pass the test will be available to the public.

As I see it, the auditing process to ensure that vendors correctly executed the test remains the weak link in the certification procedure. This is because a third party with business connections to the DMTF, which is therefore beholden to the paying members of the body, is in charge of reviewing results. Also, because the compliance test is so new, DMTF members still have plenty of opportunity to say that the test is broken or the CIM specification itself is ambiguous, to deflect attention from their noncompliance.

It isnt that the members of the DMTF have a past history of fudging results to get their standards accepted. In fact, the opposite is true. Ive attended several DMTF developer conferences and have seen engineers working together to solve complex interoperability problems. My concern is that with uncertain economic times ahead, the pressure to get a "pass" result with as little extra effort as possible will start to manifest itself in changes to the standard, not in the products that dont pass muster.

Even so, the compliance tool and registration process is a very good idea that requires just a few tweaks to make sure it works as intended. The need for system and network management standards could bring with them very large increases in IT productivity with just a little incremental investment. For this reason, IT managers should carefully watch how the CIM compliance tests are conducted, and sound off if they dont like what they see.

Senior Analyst Cameron Sturdevant can be contacted at