What to Look for in an ITPA Tool?

I really was hesitant to write this blog entry. After all, it is presumptuous at the very least for a vendor to tell you what to look for in a tool without knowing your requirements, and at its worse, it is misleading because of vendor bias towards their own tool. But after hearing requests for this sort of information from enough people, seeing other vendors providing lists of their own, and hearing bloggers give them props for publishing lists, I felt that there might be some value in sharing common feature requests from the IT organizations I've spoken with, especially since ITPA technology is relatively new and many are just learning about the power it can provide. So I split the difference. Here is a list of ITPA features that I've heard requested as well as a list that nobody thought to ask for, but I'm suggesting you will need at some point. I should also make it clear that NetIQ Aegis provides all of these features out-of-the-box.

First, the top 10 most common features:

1. A drag and drop workflow designer - This is the most obvious thing that differentiates ITPA technology from other software automation tools. It's what makes the tool flexible to be customized to a particular organization's processes, yet simple to implement by eliminating the need for developers to build and maintain code or scripts to automate. If your tool doesn't have this, it's not an ITPA tool.
2. Pre-built "activities" - These are the building blocks of process. In effect, they are what you drag and drop onto the workflow designer canvas. They perform specific functions or control certain features in other tools in order to automatically execute processes. You can also think of these as pre-built scripts, but many ITPA tools (including Aegis) have much more sophisticated activities than that.
3. Logical connectors - As you design your process, there will be times when you need to branch the workflow depending on the conditions that are met. Connectors between activities should allow for logical conditions to be tested for (such as an if-then statement) and then allow the process to follow the appropriate path.
4. Pre-built "adapters" - Another feature of nearly all ITPA tools are adapters or connectors to common IT management tools such as systems or network management, ticketing tools, CMDBs, provisioning tools, and so on. These enable rapid integration and control of tools already in place, reducing the need for deployment of additional agents and helping to drive more ROI from existing investments. Some ITPA vendors are trumpeting their independence as a selling point, as they have to support heterogeneous tool sets without the breadth of products that one of the Big 4 has. NetIQ joins that chorus, because while we have several other tools, which of course we support with adapters, we also realize we need to support heterogeneous platforms that are common to IT organizations.
5. General adapters - IT organizations typically have custom applications or less-common tools that would be useful to integrate with, so most ITPA vendors provide general integration methods such as web services, direct database connectivity, Command Line Interface, XML or other file exchanges, email, and so on.
6. Process lifecycle management - This feature ensures that only authorized administrators can place a process into production, stop it from running or make changes to processes. This is usually accompanied by audit records of changes made to processes.
7. Event, scheduled and manual triggers - Something has to kick off a process, and these are the three means by which most ITPA tools initiate a process. Scheduled and manual triggers are the easy part. In larger environments, dealing with high volumes of events and state changes often test the scalability limits of ITPA tools (except for NetIQ Aegis - see "An embedded correlation engine" below).
8. Real-time process display - A display or console that shows the current status of all processes, the path taken through the workflow, and the step that a process is currently executing - or is hung up on. This is useful for troubleshooting processes, providing a means for user input and quickly obtaining the status of any or all of the processes that are working. Bonus points if this display is a web console.
9. Pre-built workflow content - Sometimes you need to build a process workflow from scratch, but often there is a sense that what you're doing is so common that surely someone must have done it before. Most ITPA vendors provide some pre-built workflows and some are beginning to offer workflow sharing sites on their Qmunity, I mean community pages.
10. Reporting - Anyone with a process design or quality improvement background will tell you that you need metrics in order to accurately make improvements. ITPA is a technology uniquely positioned to enable process improvement by helping to identify where the bottlenecks are, which process runs most often, and so on. A reporting component should collect store and flexibly display these metrics.

In addition to these 10 points I often get asked what makes NetIQ Aegis a unique ITPA platform? Here is a bit of background on the logic we used when designing our architecture to meet some challenges that we felt would provide additional value to our customers.

1. An embedded correlation engine - NetIQ has a history of creating products that are largely event-driven. Our flagship AppManager product is a systems management tool that monitors for thousands of conditions in all sort of distributed systems and applications. Our Security Manager product similarly monitors for specific security events from both agents and other technologies such as firewalls, IDS and anti-virus software. So we naturally wanted to use events as process triggers and that led us to include a correlation engine into our ITPA product. This was necessary to provide an event filter to reduce the stress on the workflow automation engine. We have customers processing 3000 events per hour with NetIQ Aegis without any issues. We've seen spikes of 10,000 simultaneous events or event state changes and can handle that too. Without a correlation engine, in order to use events as triggers, the first steps of your workflows have to be designed to look and see if there are other workflows already handling sympathetic events or a similar event from a different tool. This is highly inefficient and will generally bring a typical workflow automation engine to its proverbial knees. This is why most customers of other ITPA technologies wind up manually triggering event responses after someone, say in the NOC, has manually investigated the event and made a decision to respond. Of course, that's not very automated and you lose a lot of the cost benefit doing it that way.
2. A Resource Management Database - After deciding to embed a correlation engine in our architecture, we realized that it wouldn't be very useful if users had to write a rule for every potential combination of event and server, application, etc. But we also realized that almost all of the tools that we could integrate with contain local repositories of asset or configuration information, including groups of servers based on things like business services, geography, technology type, and so on. Since the basic premise of ITPA is to leverage tools that are already in place to execute process, it seemed logical that we would draw upon those same tools to pull out the Configuration Item (CI) information they contain. Those CIs and groupings become a dynamic source of information for correlation rules, making those rules more powerful and reducing the workload of building and maintaining the rules. All of that data needs to be stored somewhere, and the local repository for NetIQ Aegis is called the Resource Management Database (RMDB).
3. Reconciliation technology - So after solving the problem of using high-scale events as triggers for process, and reducing the workload of building and maintaining correlation rules, we realized there was another problem this introduced. If you pull CI information from tools from multiple vendors, you will have overlapping CIs because tools will refer to them in different ways (e.g. by server name, IP address, FQDN, etc.). So we had to create a means of reconciling CIs automatically by normalizing the data before storing it in the RMDB. This is actually a patent-pending part of the NetIQ Aegis platform that we refer to internally as iQCIM (the NetIQ Common Information Model).
4. Diversity of workflow types - Other ITPA vendors tend to favor provisioning and job scheduling use cases, mainly because they either started as a job scheduling platform or are looking to bolster the use of their provisioning tools. Analyst research shows that the use of ITPA to govern provisioning processes is what the market is primarily interested in today, perhaps because that is what gets used most often as examples by the other vendors. But an interesting thing is happening with the current economic climate. Those who need to show immediate and dramatic cost reduction to justify a new tool purchase are starting to see that automating steps in the event managment process can significantly reduce operations costs quickly by reducing the need for tier 1 (or NOC) personnel as well as offloading some of the tier 2 response onto those tier 1 resources without the risk of mistakes and eliminating the need to permission the entire NOC with admin or root priviliges on every server. In addition to provisioning and event response uses, NetIQ is also a respected leader in security and compliance management, and NetIQ Aegis has strengths in automating many processes in these disciplines, most of which are highly manual but ripe for automation to reduce costs. Having this diversity of supported workflow types enables NetIQ to provide value across the IT organization with a single infrastructure.

So if you're considering deploying IT Process Automation in your environment, give these points above consideration. I believe you'll find that NetIQ Aegis offers a compelling ROI for the processes you're initially looking to automate, and offers the most flexibility for meeting future needs due its unique architecture. And don't hesitate to drop me a line at travis.greene@netiq.com with any questions about NetIQ Aegis. Or you can find me speaking on IT Process Automation at Interop in Las Vegas on May 19th at 2:45pm in the IT Automation track. 

| Follow us on Twitter | Follow us on Facebook