Automation, better metrics top list of Cisco's network-management challenges.
Network management has been a source of frustration for Cisco for years.
CEO John Chambers annually seems to lament the state of Cisco network management (compare LAN/WAN management tools) when he's asked where the company is most challenged or weakest from a product development and marketing aspect.
Perhaps it doesn't help that Cisco has acquired more than 125 companies since 1993. An acquisition binge at that pace will keep network management integration efforts continually on the back burner, a perpetual moving target. Indeed, as Cisco gets bigger through acquisition and market dominance, its network management fabric comes more and more unwoven.
"It's actually a good thing when network management is struggling, because it says that innovation is really happening at a fast rate," says Karen Sage, Cisco's director of product management for network management. "So, it's really a Catch-22. I don't know if you're ever going to have a single, shrink-wrapped 'Here's your network management' that can do every area and everything and all functions. As Cisco moves into higher layers of the protocol stack, that makes it even more challenging."
Unlike its intention to be No. 1 or No. 2 in each market where it participates, Cisco does not have the same ambitions for network management. It does not plan to develop a product to be a manager of managers or an all-encompassing enterprise-management system à la HP OpenView, IBM Tivoli or CA; rather, Cisco's myriad management tools are intended to be an enabler of those systems by sharing useful event, alarm and diagnostic data about the network infrastructure and networked applications.
"We're not there to establish a network management business by itself, a soup-to-nuts network-management system," Sage says. "Our play here really is an enabler. We also very much want to enable this ecosystem of partners. Because we're not in competition with them. That's a very different strategy from saying you're going to own this market.
"We're going to provide leadership capability but we're not going to be leaders, as in, this is a prime market for us," Sage continues. "We are trying to drive market penetration and enhanced business because of this. But are we separating it out to look at it as a market individually? No."
Sage says these are the top needs of Cisco customers in the network management realm:
* Service automation for deployment and tracking.
* Instrumentation for detailed and specific metrics for specific domains, so that customer experience can be measured. An example would be VoIP mean opinion scores.
* Openness, so Cisco management applications can interact with customers' homegrown tools and customers can monitor the Cisco component of, and role in, a larger network.
Users, analysts, consultants and third-party vendors have expanded on this wish list. Cisco Subnet blogger Michael Morris, a communications team lead and network architect at a $3 billion high-tech company says that as a Cisco customer, he would like to see a better user interface for Cisco IOS software.
"Cisco user interfaces seem like they are outsourced to high-school kids learning how to code Java to use 100% CPU at all times," Morris says, suggesting that Cisco hire someone from Apple to improve its GUIs.
A management platform that integrates all of the "cool" network management features of IOS, such as NetFlow, IP SLAs, SNMP, Generic Online Diagnostics (GOLD) and Call Home, would be an improvement, Morris says. GOLD defines a common framework for diagnostics operations across Cisco platforms running IOS; Call Home provides e-mail-based and Web-based notification of critical system events. Some of this integration now is provided by third parties.
Also on the IOS front, Cisco can do a better job providing IOS version tracking, says Yankee Group analyst Zeus Kerravala.
Customers might still be running versions of IOS that are one or two major releases behind the most current release, and they might require ad hoc patches and updates. It may never be possible for Cisco to release a network management program that accommodates each and every release or version of IOS in use. "It's not uncommon for customers to have hundreds of versions of IOS running," Kerravala says. "So, it's really difficult to know at any moment in time which devices have which operating system on it, which revision level they're at. I think the biggest thing they need to address is IOS management," he says.
The tracking issue already is being addressed, Cisco's Sage says. "That's actually where we benefit a lot from the CiscoWorks infrastructure tools," she says. “Every operating system and every version is modeled in there and tracked. So, we even have things that can alert customers to when certain IOS releases are out of date, or when there's [a security alert] issued. Our management tools can identify if there's any impact in the network. It's very sophisticated tracking, process and documentation," she adds.
CiscoWorks could use some improving, however, especially in the user interface, according to Cisco Subnet blogger Larry Chaffin, chairman, CEO and founder of Pluto Networks, a consulting company specializing in VoIP, wireless LAN and security associated with Cisco networks.
"The biggest knock I hear from people is that they just don't like CiscoWorks," Chaffin says. "Sometimes it's hard and cumbersome. And the Cisco [network-access control] interface is very hard. They need to make things much easier for customers with the management interfaces."
Customers also demand a fully integrated, enterprisewide management system from Cisco, Chaffin says. Anything less requires increased time, work and expense. "They want one tool that does everything," he says. "They don't want to have to have seven tools and have all these people managing different tools, because then you get into training, upgrades, who's doing what, are they all going to come back in and be able to do the same thing. [It would be helpful] if they already have something that's enterprisewide, that's comparable to other [vendors' management systems], that they could just add into rather than saying, 'Guess what, you have to have another server, interface, someone else trained on it.'"
Cisco's Sage says such a system is unrealistic. "There's this kind of false notion that there's a centralized management system that does everything," she says. "If you look at what customers actually need, it really is specific to their domains. Things have to have the complexity managed there, as opposed to being a generalist. That's the trade-off you take."
To that end, Cisco's network management architecture begins with CiscoWorks infrastructure management as the foundation, topped by separate domain managers for data center, wireless, unified communications, multicast and security. Those domain managers then are capped by management applications for compliance and change and configuration automation and control; network application-performance analysis; and network enabled, policy-based identity.
CiscoWorks is the user interface for this architecture, Sage says. From there, users can access different tool sets to drill down into domain-specific tasks, she says.
That still leaves a couple more burning needs for Cisco users, says Glen Tindal, CTO of third-party management-software vendor Intelliden. Scalability -- being able to expand the infrastructure as customer demand dictates, is one. "It's important to make one investment, to grow on the back of that investment, and to feel comfortable that it can scale to meet demand," he says. Auditability and compliance also are needed to ensure security, consistency and the network's ability to fulfill the service-level requirements of the customer.
Cisco's been offering a compliance-management application suite called Proactive Automation of Change Execution -- or PACE -- since July 2006. Intelliden's customers, however, virtually all of whom have Cisco-based infrastructure, require even more than what the vendor offers, Tindal says.
"I can't have a situation where I have different pieces and parts, each one of those addressed either partially or not at all," Tindal says on behalf of his customers. "I have to have all of those components because it's upon those that I'm going to build my business. And where the network is my business, needless to say, it's really key, important and critical."
Perhaps this is why Chambers laments the state of Cisco network management year-in and year-out.
"Chambers is always highly critical because he's a perfectionist," Sage says of her boss's comments. "His various comments on network management stem from the fact that he really, really deeply cares about this area, and he sees it as one key that directly benefits our customers. If you were to ask him if anyone in the industry has 'nailed' network management, he would agree that they haven’t.
"I think what's a little bit unfortunate about that is that it misses some of our real network-management success stories," Sage continues. "Part of what you see is that it's very hard to stop and celebrate the success when there are new technologies around the corner. Network management never gets a break. It's tough to get those comments -- at the same time, he raised a very high bar for us."