Wednesday 13 May 2015

Is Operations Manager dead now we have Azure Operational Insights?

With the announcements at Microsoft Ignite the other week, the General Availability of Operational Insights (OpInsights) and the new over-arching service of Microsoft Operations Management Suite, some people are now starting to declare System Center Operations Manager (SCOM) as dead with OpInsights as it's "born in the cloud" replacement.

Lets try and address this, becuase quite simply, that's wrong.

Operations Manager has a long history, with the current version being System Center 2012 R2 but stretching as far back to 2000 when Microsoft licensed the NetIQ technology and developed it into MOM 2000 and across MOM 2005, SCOM 2007, SCOM 2007 R2, SCOM 2012, SCOM 2012 R2 and soon the vNext 2016 release.

So straight away, we know there's going to be a new release with the vNext wave in 2016 so this certainly isn't a discontinued product, but if we have this shiny new toy, Operational Insights, why would I consider the On-Premise Operations Manager?

They do the same thing, right?

Both solutions have slightly differing areas of functions/features/approaches or whatever you want to call them.

Operations Manager

This is designed to sit within your environment and based on a management pack model is extended to monitor for events, performance, availability and configuration across your infrastructure. This infrastructure could be Windows Servers. Unix/Linux Servers, Network Devices or even physical "tin" (HP/Dell/Cisco UCS Servers) SAN's etc.

So we have a wide range of infrastructure we can monitor and get alerts for a wide range of "hicups" that can occur while also dragging out performance metrics like memory, CPU, Disk utilisation or SQL DB locks, Exchange message queue lengths etc.

Operational Insights

From the documentation site:
Operational Insights is an analysis service that enables IT administrators to gain deep insight across on-premises and cloud environments. It enables you to interact with real-time and historical machine data to rapidly develop custom insights, and provides Microsoft and community-developed patterns for analyzing data.

OpInsights is based on "Solutions" which in a simlar vein to management packs, extend the service with features/functions.
At present there's only a selection but I think it's safe to say this will expand over time if/when partners and the community are allowed to develop for the platform.

Currently you can use solutions to provide:
  • Malware Assessment - Shows which servers do/dont have protection installed and any with threats present (i.e. malware installed)
  • System Update Assessment - Shows which servers have missing Windows Updates
  • Capacity Planning - Using Operations Manager & Virtual Machine Manager (VMM) to analyse CPU, Memory, Network and Storage metrics to provide forecasting and what if scenarios such as over or under utilised VM's or when hosts will be exhuasted or resources.
  • Change Tracking - Shows which servers have the most changes, what changed (service status, workload changes to Exchange, SharePoint etc, application installation)
  • Security and Audit - Performs forensic analysis and security breach pattern investigations while enabling audit scenarios.
  • Active Directory Assessment - Assesses the risk and health of your AD environment
  • SQL Server Assessment - Assesses the risk and health of your SQL Server environments
  • Alert Management - Surfaces the alerts from Operations to allow detailed searching and analysis to help with root cause identification.


So what's the difference then?

While Operations Manager is focused on gathering raw performance data, checking things are running and available and capturing events, OpInsights is focused on taking information and applying machine learning algorithms and best practice analysis to it to provide forcasting, trending and
It can also be clearly seen that a couple of the solution packs in OpInsights actually require an Operations Manager infrastructure in place (Capacity Planning and Alerts) to gather the right type of information to analyse and you have two options for connecting servers to OpsInight in the first place;
  • Operations Manager Management Group Connection
  • Direct Server Attachment

The two solutions basically share the same agent (Microsoft Monitoring Agent) but have the two distinct connection methods.

For an environment with more than a few hundred servers, my personal approach would always be to deploy SCOM locally and use that to control deployment and management of agents and therefore use the SCOM management servers as "proxies" to OpInsights while it would certainly make more sense for smaller SMB customers with a handful of servers to use the direct connection method.

And this is where OpInsights could be seen as a replacement

Not so much a replacement, but an alternative... If you only had 10 Servers for example, that's a lot easier to manage through say Server Manager to see if it's up or down, it's unlikely you have a big team with delegated responsibilites for Exchange, SharePoint etc and you might not need the indepth
monitoring SCOM provides but would welcome an overview of your servers and some cool analytics and best practice recomendations would be welcomed.

Compliments to the Chef...

In essence, both of these solutions are complimentary to each other.
Operations Manager is and will be for the foreseeable future the best solution for monitoring and managing your infrastructure at a granular level and is extensible in a much greater way than OpInsights can be (scoped tasks and delgated administration for example) but Operations Manager doesn't have the raw analytics and pattern detections that OpInsights can leverage from Azure and therefore provides a new level of informational view of your infrastructure.

In short, no, OpInisghts isn't a replacement to Operations Manager. It's a new solution for sure, yes it can be used standalone but with a break point in usefullness without Operations Manager.
But if you haven't tried it yet, go do so NOW!
There's a basic free tier meaning you can try this without risk and you'll undoubtedly fall in love with the service very quickly like I have, as have the customers I've shown it to and onboarded to it.

Go here to signup now:

1 comment:

markson said...

You will find that there is an administration for abnormality identification in Azure commercial center that you can call to follow any oddities the telemetry information from the servers.machine learning certification