A new article in the September issue of LANLine (“Automation creates productivity”) summarizes typical challenges and problems in network monitoring very well and is really worth reading. I would like to briefly discuss some of the issues raised and how our product Enterprise Alert® was developed to solve them.
Problem 1: Immediate response
Of course, it is important that especially critical alarms are processed promptly. Even small problems can quickly lead to major failures. Email and dashboards are often the means of choice, as they are brought along by the monitoring tool. However, you need to be aware of the limits of these two methods and Enterprise Alert can help here:
- Location-independent and attention-grabbing alerting: Dashboards require constant attention and/or appropriate access, e.g. a PC/monitor. The employees’ freedom of movement is restricted. The alerting via smartphone, call and SMS by Enterprise Alert ensures greater flexibility and mobility.
- The use of email for alerting has several disadvantages: The signaling is often not very concise. Important alarms have the same position in the mailbox as an Amazon notification. Tracking (alarm acknowledged, resolved or not) is difficult to cumbersome. And the responsibility for an alarm (takeover by a colleague) is also difficult. Enterprise Alert provides a remedy here. Alarms are acknowledged and this is visible to the whole team in real-time. The signaling can be adjusted to the severity and other parameters via alerting rules. The status of an alarm can be viewed directly.
Problem 2: Too many alerts
This is a big classic, which usually leads to important alarms being ignored, overlooked, or overheard when it really counts. Enterprise Alert offers effective ways to manage a flood of different alarms. Customers confirm that it can reduce the number of false alarms by up to 95%.
- Alarms can be filtered. Alerting rules in Enterprise Alert represent a filter system with which the contents and parameters of incoming data and events (messages from monitoring systems) can be scanned and examined for values. If the correct values are not included, an alarm is not transmitted or triggered.
- The alerting rules in Enterprise Alert can also be used to control how alarms are signaled. For example, the type of alarm can be selected, and the reaction behavior can be determined. In the app you can also set the criticality of an alarm, e.g. via a dedicated push tone. This helps enormously in achieving a precise and fast reaction.
- Alerting rules can also be used to send alerts exclusively to specific teams or team members according to their responsibilities and capabilities. This reduces the alarm load on colleagues.
Problem 3: Alerts at nightime
Of course, many important alarms do not occur during the day or during normal working hours. How do you make sure that the alarms are not overlooked without burdening employees unnecessarily? Sending them to a whole team during nighttime is not a sensible way to do this. Operating a 24/7 NOC is expensive and reserved for large companies. On-call services are a good option, but need a tool like Enterprise Alert.
- Enterprise Alert was developed specifically for IT on-call duty. The integrated, very convenient planning of duty times in the browser allows automatic routing to the respective active on-call person (or several) without bothering other employees in their spare time.
- Alarming via multiple channels (push, SMS and call) as well as repeated signaling until acknowledged ensures high reliability when reacting to an important alarm.
- Enterprise Alert’s comprehensive escalation feature also ensures that alarms are received after all if the on-call person missed the notifications. This is achieved through multi-level escalation within a team or across multiple teams.
Problem 4: Temporary alerts
Particularly in the network environment, there are often short term failures that can be eliminated after a few seconds. Such alarms can cause a lot of work, because it takes a lot of effort to track the validity of such an alarm.
- Enterprise Alert offers an elegant solution that consists of two parts. First, alerting rules provide a delay mechanism. It can be waited for a certain period of time if an “Up” or “Good” event comes from the triggering monitoring system. If there is no event, the alarm is triggered. In the same way it is possible to wait for multiple occurrences of a monitoring event. Secondly, Enteprise Alert can also process a monitoring alarm in a third party system via 2-way connectors and its REST API. This means that when an alarm reset occurs in the monitoring system, the alarm is also set to closed in Enterprise Alert and the signaling is stopped. At the same time, the alarm remains visible in the log for later analysts.
Problem 5: Fast remediation
It is obvious that not only fast detection, fast reaction, and fast analysis are crucial for IT availability. Ultimately, it is also important to solve problems quickly. Enterprise Alert has been a pioneer in this area for 10 years.
- Enterprise Alert offers the so-called “remote actions”, i.e. the execution of IT automation scripts (“runbooks”) directly in response to an alarm. Enterprise Alert integrates itself into IT automation tools such as Azure Runbooks or System Center Orchestrator, and can then execute these runbooks using monitoring alarm parameters (e.g. server name or IP) either immediately and fully automatically (“Triggered Automation”) or manually triggered by the network administrator. Of course, this can also be done location-independently directly from the mobile app. This way the troubleshooting and problem solving can even be done from the soccer stadium as a customer assured us (before Corona of course).
More information
We will be pleased to show the capabilities and features of Enterprise Alert in a personal demo. Click here to book your time.