Key Takeaways from our digital SCOM Usergroups
by Opslogix, on Nov 29, 2021 10:51:55 AM
After almost two years living with a pandemic that changed the way we live and, not the least - the way we work, we are happy to say that we just finished the first events in quite a long while.
What used to be very successful "live events" have now turned into online, digital ones, and though it's not quite the same, we are pleased that the participation was high and feedback positive.
The user group's primary focus, one in Swedish, one in Dutch, was Microsoft's System Center Operations Manager, SCOM, and everything related to on-premises/hybrid monitoring.
As Microsoft recently announced a new release of SCOM 2022, we have some things we'd like to share!
SCOM 2022
Though the release is not here yet (expected release Q1, 2022), and many organizations might wait a bit with migration to the newest release, it is still interesting to see what Microsoft is bringing to the latest version. Shortly, the newest release will enhance the RBAC capabilities, ITOM Compliant Alert Closure and Microsoft Teams Integration, etc. What was especially interesting among users was the handling of alert closure and alert management in general.
At Microsoft Ignite, you can find everything regarding the new release, and if you haven't already read this article, "SCOM 2022: What to expect and what you need to know," it's a summary of some of the most significant, need-to-know updates.
Working with SCOM
SCOM is a widely adopted platform in various organizations today - and for a good reason. It is practical and has excellent potential, even though it can require some experience and knowledge - especially during development- and implementation stages.
Except for the high requirements of technological skills and know-how, the technical aspect of SCOM, which is highlighted naturally, one cannot forget or neglect the organizational one. There must be acceptance around the tools used in the organization for processes and routines to function and for the investment to have satisfying returns.
Another component to consider when creating a well-functioning monitoring platform and the general IT environment is documentation. Documentation is a kingpin for the organization. Why? It facilitates transparency, structure, and interdepartmental accountability, while in the long run creates uniformity in work methods, creating reliability and stability.
Event & Incident management
There is a wide range of ways to interact with alerts, events or incidents. Some organizations use a more centralized model or method, including a NOC and SOC, while others a more team-based DevOps approach.
One organization had completely phased out the internal operations, NOC, and relied on sending direct alarms to the right teams using Teams or another choice of communication. The NOC was instead passed on to an external partner being responsible for incident management.
While this was a well-functioning solution for them, this was far from the structure deployed by everyone. The regulations and requirements for other organizations looked completely different, and thus, their incident management too.
This was a topic causing lots of questions and discussion, especially for organizations with large environments and many business-critical systems - as the operations are highly dependent on everything to run without issues at all times.
For less significant systems, there were other approaches, e.g., distribution of alarm only during business hours and not throughout the whole day.
Life cycle management is of great importance in all aspects of SCOM, however, when it comes to managing alerts, this was emphasized as being crucial. Alerts always need to be actionable, and what sometimes can be a cause of issue is to determine the baseline of which alarms to be acted on. Once this is done, through automation a bi-directional SCOM/ticketing service can be set up to improve and streamline workflows.
Some users were familiar with and using the OpsLogix ServiceNow Incident Connector to improve alert handling. The SCOM Connector for Microsoft Teams is another way to efficiently distribute alerts to the correct receiver, team, or department without (or with) a central NOC.
SCOM in the future
SCOM is not the only monitoring platform out on the market, but how is it compared to competing solutions? Substitutes to SCOM being brought up were SolarWinds and Nagios/OP5, and even though both have benefits compared to SCOM, most users agree that SCOM will last for years to come.
It can be a complex, time-consuming product to work with. Though there are areas of improvement, it's still a robust platform with great potential. Some even experienced SCOM having a renaissance as a lot of different applications are being integrated into SCOM. Additionally, the community that Microsoft put effort into creating has lots of resources available and events to participate in to learn more.
Many organizations also tend to use several systems, e.g., for Microsoft and Linux monitoring, and thus a competing solution could just as well be seen as a compliment. For Windows, however, SCOM is an "all-inclusive," well-developed platform where not too many configurations have to be made, compared to, e.g., monitoring Linux servers in SCOM.
"SCOM is a fantastic tool!" Though there might be some experienced performance challenges, it's a very sustainable solution. There seem to be few substitutes that can take SCOMs place, especially those that are not open source. What is the downside of the open-source is the extensive in-house expertise and know-how that it would require, as well as extra work to have it up and running.
Monitoring as a Service
"Monitoring as a Service" is a concept that has been changing the packaging of products for years now, affecting everything from the mobility industry to banking. IT is not an exception. There are rumours of turning SCOM into a service (Project Aquila). Though there is no confirmation from Microsoft yet if that will be released and then how that model will look, there was some curiosity about the SCOM platform as a Service.
Speaking of "Monitoring as a Service," we were happy to welcome a guest who shortly described their experience using OpsLogix Monitoring as a Service. MaaS is a holistic service for companies wanting to put less effort into monitoring and alarm detection and transfer that into solving potential issues, developing and improving the IT operations.
Monitoring as a Service builds on the OpsLogix Digital Operations Framework, which was also brought up during the discussions, as it too, was used by participants in the event. Both MaaS and the Framework are designed to help organizations create modern, future-proof monitoring using SCOM. To learn more about both options and the differences, read Build vs. Buy.
Cloud vs. On-Prem
A couple of years ago, the focus on everything cloud was high. Even though it still is, there seems to be a unified opinion that it's not going quite as fast as once expected. Several organizations have grown (if yet at a slower pace) on-prem environments, indicating that it is still a significant share of the IT environment.
It seems pretty standard to work with a hybrid solution; some applications are cloud-based, while others are on-prem. Even though going cloud-based has seemed like a noticeable trend in past years, it's evident that bringing applications back to a private cloud is now becoming a thing. There is simply no logic behind putting everything in the public cloud for the sake of it.
Why on-prem, or in some cases, private clouds, are beneficial is partly because the experienced performance is too low as compared to the cost and effort to re-write applications to cloud versions. Another important aspect is related to the response times when monitoring specific servers. This can be industry-specific, but some organizations can not afford the extra time cloud monitoring would implicate.
SCOM, the on-prem version (at the time being the only one available), has strong support and not much pointing in the direction of change. Keeping it on-prem also implies more internal control, as delivering a stable environment does not depend on the internet connection or similar issues.
Future events
Are you interested in getting news about future events? New User Groups, local events, or Webinars regarding monitoring, SCOM, or other related topics - please let us know by subscribing to updates to the right.