Management standards: Keeping an open mind

Customer demand for open software is driving countless vendors, such as HP, IBM and Microsoft, to work more closely with industry organizations to develop common protocols, languages and, industry standards for network and systems management.

Customer demand for open software is driving countless vendors, such as HPIBM and Microsoft, to work more closely with industry organizations to develop common protocols, languages and industry standards for network and systems management.

Management standards, such as SNMP and Common Information Model (CIM) - now in Version 3 and 2.7, respectively - came into being years ago. Yet widespread excitement over standards work has remained lackluster - until recently.

In the past two years, the poor high-tech economy and demand for new Web-based technologies caused the Distributed Management Task Force (DMTF) and its peer standards groups to stir the pot a bit and start working on multipurpose standards that could help network executives get control of today's distributed applications. Several industry organizations work with corporate end users as well as their member vendor companies and developers to create a means to an end - the end being open, interoperable and manageable information systems.

"Many technologies can make up a standard, and there are a lot of variables we need to consider," says Patrick Gannon, president and CEO of the Organization for the Advancement of Structured Information Standards (OASIS). "But ever since the dot-com bust, end users have been more particular about where they spend their money, and using standards-based products can increase the value of their current and future IT investments."

As far as Tim Hagn is concerned, a vendor selling proprietary products can keep on walking.

"The proprietary beast is dying, and we will not buy proprietary stuff if there is a viable alternative," Hagn says. The vice president of IT operations and engineering at Zurich Life in Schaumburg, Ill., makes integration capabilities, or as he says, "the ability to play well with others," a primary factor when choosing vendor wares. "We prefer vendors who are not afraid to integrate their products into our multi-vendor environment," he says.

Standard practices

Industry groups composed of many leading vendors work toward a common means to manage hot technologies such as security, storage and Web services. Here’s a sampling of the latest specifications currently in development:

Security
Standards group: OASIS and OWASP
Specification: Web Application Security (WAS)
Announced: May 2003
Mission: To produce a classification scheme for Web security vulnerabilities, a model to provide guidance for initial threat, impact and risk ratings, and an XML schema to describe Web security conditions for use with assessment and protection tools.
Still to come: First committee meeting to be held July 3, 2003
Web services
Standards group: OASIS, DMTF, GGF and W3C
Specification: Web Services Distributed Management (WSDM)
Announced: February 2003
Mission:To define Web services management; to use Web services architecture and technology to manage distributed resources, and to develop the model of a Web service as a manageable resource.
Still to come: First draft of WSDM Version 1.0 expected January 2004
Acronym key:
DMTF = Distributed Management Task Force
GGF= Global Grid Forum
OASIS= Organization for the Advancement of Structured Information Standards
OWASP= Open Web Application Security Project
SNIA= Storage Network Industry Association
W3C= World Wide Web Consortium

These concerns led Hagn to use HP OpenView software to manage services and application performance across the insurance provider's network. Hagn's attitude, and that of other customers, spurred HP to get on the standards wagon. HP recently proclaimed its commitment to Web services and plans to submit its Web services management framework to an OASIS working group.

"Everybody realizes now if we get synergy in terms of standards, then everyone - users and vendors - benefits," says Al Smith, CTO of HP's Web services management operation.

Microsoft, IBM and VeriSign last year published a proprietary specification for Web services specifically, while OASIS continues to work on an open standard for Web services security. The Global XML Web Services Architecture is a framework that Microsoft and IBM are developing (along with BEA Systems, RSA Security, SAP and VeriSign), to give Web services higher-level abilities for security and reliability.

Last summer some 17 vendors submitted the code-named Bluefin specification to the Storage Network Industry Association (SNIA), which is expected to announce Version 1.0 of the newly named Storage Manage Initiative Specification (SMI-S) next month. SMI-S proposed to give storage customers a way to manage multiple storage appliances from different vendors. Before the proposed specification, enterprise storage managers would have had to manage each storage appliance with vendor-specific tools and work to integrate the disparate information manually.

"Customers want interoperability, and vendors on their own can't deliver that," says Ray Dunn, marketing manager for SNIA's Storage Management Forum. "Today, vendors are willing to work together to create a baseline for interoperability and then add their differentiation on top for a competitive advantage."

But unlike one of the oldest - and probably most ubiquitous - management standards, SNMP, the specifications under development today can't be called simple by any means.

"SNMP is the most prevalent instrumentation model for network devices, and it's a component-based management model," says Winston Bumpus, president of the DMTF. "But today we need to be able to represent not only the resources, but also the relationships among those resources. You can't manage on a component basis, you have to manage on a system basis."

Developing common methods for managing Web services, storage, security and service-oriented networks has involved multiple standards bodies working together and combining established technologies with protocols to create a new standard. For example, SMI-S uses the DMTF's CIM standard to create common data models among different storage appliances with the Web-Based Enterprise Management protocol as a means of transport and communication between the appliances and the management console.

In addition to creating multi-vendor storage initiatives, standard groups such as OASIS work to create the means with which companies can securely and reliably perform application transactions over the Web. OASIS has 60 technical committees and specifications that focus mostly on enabling e-business and newer initiatives, including developments in security, interoperability and management standards for Web services.

Security Assertion Mark-up Language is an XML framework for exchanging authentication and authorization information. Electronic Business XML is a modular suite of specifications that let corporations of any size and in any location conduct business over the Internet. And Web Services Distributed Management is a recently formed technical committee charged with developing Web services architecture and technology to manage distributed resources.

"Standards have long been fraught with politics and self-interest, but today's efforts aren't as fragmented, and they seem to be more well intentioned," says Rick Sturm, president of Enterprise Management Associates. Sturm notes that while SNMP has been around for about 10 years - and that's a few lifetimes in the technology industry - it still remains a constant in the network manager's toolbox. But he's quick to point out that other efforts haven't enjoyed as much success.

"Sometimes the professionals get caught up in the minutia, and the standard can't take off. Take [Common Management Information Protocol], for example," Sturm says. CMIP was intended to pick up where SNMP left off, but problems with its implementation delayed its widespread availability, and it is now only available in limited form from its developers.

Despite all the separate standards bodies and the various specifications they're working on, industry watchers say standards developers might have learned from mistakes and gotten past vendor self-interest to develop technology for the greater good of the industry. While vendors can keep up with competition that is offering open standards and perhaps stay on the cutting edge of new technologies, customers want obvious benefits such as more product choice, easier integration and faster implementations.

Learn more about this topic

OASIS

TeleManagement Forum

Storage Networking Industry Association

Distributed Management Task Force

OASIS releases draft of free e-commerce data standard

The draft contains specifications for XML representations of seven key business documents - order, order response, simple order response, order cancellation, despatch advice, receipt advice and invoice.

IDG News Service, 01/28/03

OASIS takes on workflow specification

The standard would be based on a specification originally written by IBM, Microsoft and BEA Systems.

Network World Fusion, 04/29/03

 
Insider Tip: 12 easy ways to tune your Wi-Fi network
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies