Managing Technology Tivoli Architecture and …...IBM Software Group Managing Technology Tivoli Architecture and Solutions German Unix User Group February 2002 Michael Brokmann Tivoli

IBM Software Group

Managing TechnologyTivoli Architecture and Solutions

German Unix User GroupFebruary 2002

Michael BrokmannTivoli Lead Architect EMEA Central [email protected]

2 | IBM Confidential | © Copyright IBM Corporation 2001. All Rights Reserved

IBM e-business Infrastructure Software

LeveragingKnow-How

LeveragingInformation

Transformation& Integration

ManagingTechnology

Integrated Enterprise

Management

Integrated Enterprise

Management

Messaging and

Collaboration

Messaging and

Collaboration

Relational DatabaseRelational Database

Online Transaction

Systems

Online Transaction

Systems

Enabling Integrated e-business

Enabling Integrated e-business

Integrated Information

Infrastructure

Integrated Information

Infrastructure

Enabling the Minds of

e-business

Enabling the Minds of

e-business

End-to-End e-business

Infrastructure Management

End-to-End e-business

Infrastructure Management


Tivoli Areas of Focus

Partner Middleware and ApplicationsPartner Middleware and Applications

SecurityConfiguration& Operations

Performance & Availability Storage

Infrastructure Services

Change and Configuration Management


Data and Resource Management


Threat Management

Threat Management

Identity, Access and Privacy Management


Event, Correlation,

Automation and Monitoring

Event, Correlation,


Business Impact Management


Job SchedulingJob Scheduling Data Management

Data Management


High Level Architecture

Common Application ServicesCommon Application Services

Framework Architecture (CORBA)Framework Architecture (CORBA)Component ServicesComponent Services

(J2EE)(J2EE)

NetWorkNetWork ApplicationApplication DatabasesDatabases SystemsSystems

Agent Agent

Config &OperationConfigConfig &&

OperationOperation

Performance&

Availability

Performance&

AvailabilitySecuritySecurity StorageStorage


Physical Architecture

Tivoli Management Region (TMR)

Tivoli Management Agents

TMR

TMG

TMA

TMR

TMG

TMA

Tivoli Management Gateway

Tivoli Management Server Inter-RegionCommunication

Organisation - Scalability - Geography - Security - NetworkingCentral and/or Distributed Management Design


Platform Strategy

•Based on Market Direction – Customers / Analysts•Reducing ‚Managing Platforms‘ towards

•UNIX (AIX, HP-UX, Solaris)•LINUX (including /390)•Windows

•Keep Broad Support for ‚Managed Platforms‘•Strong IBM Focus on Linux•Tivoli Support

•‚Managing & Managed‘ Platform Support•Strong Demand for Linux on zSeries (/390) •Red Hat, SuSE, TurboLinux


Configurations & Operations









Threat Management

Threat Management



Event, Correlation,


Event, Correlation,





Data Management


Configurations Management

Preparation Site

Source Host

Package &

Test

TMR Server

ServerComponent

Gateway

Repeater/DepotDelivery

Agent(Web)

Agent(Web)

Reference Modelling –

Activity Planning

(WEB)

Depot

(Mobile)

Operations

DataMoving

Planning &Administration

PerformSoftware Distribution Operations

Devices (PalmOs, WinCE, Nokia Communicator, NetVista IAD (Neutrino + Linux OS)


Configurations Management

Common OpenRelational Repository

Cross Platform Scanning Technology•Server and Desktops (Mobile)•Hardware and Software •DMI Scanner•User Info•Custom Scanner

Scalable Collection Service•Define when to return data•Staged data transport•Asynchronous •Adjust to Bandwitdh

Integration of Network Data•Element Manager Device Information

•Router, Hubs, Switches•CISCO Works•IBM Nways•Nortel Optivity•3Com Transcend

•Leverage NetView•Interfaces•Segments•Nodes

Data Analysis & Reporting•Predefined Queries & Reports

Integration with other Disciplines•Software Management•Change, Asset, Problem


Performance & Availability









Threat Management

Threat Management



Event, Correlation,


Event, Correlation,





Data Management


Performance & Availability

Business Impact ManagementLine of business views, cross discipline analysis,

predict, optimize, analyze, account, report

Event Correlation and AutomationCross system & domain root cause analysis

Monitor Networks, Systems, Applications, Transactions and User Experience

Collect metrics, local analysis, persistence, automation, root cause, filter,

concentrate, probes, user simulation

Rap

id ti

me-

to-v

alue

thro

ugh

a ti

ghtly

in

tegr

ated

man

agem

ent s

yste

m


Monitoring Focuses on One Server at a Time

• Combined monitoring of:– Hardware– Operating System– Middleware– Applications

• Local correlation and diagnosis at the server level

• Take action to cure problems when possible

• Notify other systems or administrators

BrowsersApplication

ServersWeb/Edge

Servers

DumbTerminals

HostSystems

Host Databases

Clients

Servers

DistributedDatabases


Event Correlation and Automation

Monitor Systems and Applications


Monitoring Architecture

Analyzer

CIMOM Repository

Provider

Managed Obj

MemoryManagement

Process

Memory Paging

Private BytesWorking Set

Available MemoryTotal MemoryQueue Length

Available CapacityTotal SwapSpace

Queue Length

Metric analysisCritical path

Recovery


Monitoring Architecture

Resource Model

If transaction time > w,DB response time > xOS Memory in use > y, andBandwidth utilization > z, thenInitiate single server cure or Forward to TEC

TEC

ETL

LogFile

Real-timeReporting

HistoricalReporting

(TDW)

Provider Layer

Single Server (Example Metric)

Hardware (% CPU Utilization)Network (Bandwidth Utilization)

OS (Memory in use)Middleware (DB call response time)

Applications (Transaction time)

Java (JMX)

webMethods (OMI)

Windows (WMI)

WebSphere (PMI)

JSR

Custom

CIM …

Monitoring EngineResource ModelResource ModelResource ModelResource Model

Work Bench


Transaction Monitoring

• Problems to be solved – Transaction Measurement in Web and Enterprise Applications– Focus on the Enduser Experience– What is my customers response time?– Are my key transactions available?– What is my backend service time?– How long did the page take to render?– How fast is my site traffic growing?

• Monitoring for Transaction Performance• Enterprise Application Performance Monitor• Quality of Service Monitor • Synthetic Transaction Investigator (Simulation)

arm_getid

arm_start

arm_stop

arm_end

App

licat

ion

Tran

sact

ion

do user's work

arm_init

T1

T2

response time

Application Code TAPM Agent

ARM API


Transaction Monitoring –Quality of Service in Web Environments

TS 2

Enterprise•Reports•Events

Internet DMZ

TS 1TS 3

TS 5

TS 4

Web Server

Fir

ewal

l

Fir

ewal

l APPServer

AccountingServer

Server Component

QoSMonitor

1. User initiates a transaction from a browser2. Transaction flows through backend (TS2 – TS1)3. Client time measured via Javascript (TS4 – TS3)

4. Results sent to QoS/Server Component where T5 is observed :TS5 – TS1 = Round Trip Time


Event Correlation Focuses on Multiple Resources

• Receive and correlate events from multiple networks and systems

• Problem signatures are used to determine root cause

• Automate corrective actions • Notify other systems or

administrators when necessary

• Delivery of Event Adapters

BrowsersApplication

ServersWeb/Edge

Servers

DumbTerminals

HostSystems

Host Databases

Clients

Servers


TEC





Event Correlation Example

Disk D fullSAP

MQ

DB2

RM forMQ

RM forSAP

RM forDB2

RM forOS

RM forOS

RM forOS

Order Capture

Order Fulfillment

EventMgr

Can’t w

rite re

cord

Can’t Write Record

Monitoring

WASRM forWAS

RM forOS

OC App

RM forOC App

Root Cause of order capture & order fulfillment

failure is out of spaceon DB2 server

Root Cause of order capture & order fulfillment

failure is out of spaceon DB2 server

DiskFull



• Proactively determine the impact of events on the business

• View how business processes span the physical environment

• Verify end user service levels • Analyze historical data and

predict future service levels

BrowsersApplication

ServersWeb/Edge

Servers

DumbTerminals

HostSystems

Host Databases

Clients

Servers






Reporting - Tivoli Warehouse

Customers / Partners Business Intelligence Front End

Service Level Management

Standard Reports

TWH 3rd Party Applications

Net View

TWSM

TWSA

DB

FrameworkTAPM DM (monitors) INVTEC

INV

DBSAP Lotus Xchg

DB MGR Etc...

Storage

TEC

OS390 data

CICS, IMS,

DB2, MVS,


Performance & Availability –Getting the ‘Big Picture’

IBM Tivoli Business Systems Manager IBM Tivoli Service Level Management

IBM TivoliWeb Analyst

Tivoli EnterpriseData

Warehouse

Reporting andBusiness Intelligence Integration

IBM Tivoli NetView (for z/OS)IBM Tivoli NetView Performance

IBM Tivoli Enterprise Console

IBM Tivoli Monitoring for…-Transaction Performance- etc

IBM Tivoli Monitoring

Even

ts &

Inte

grat

ion

Daily Operations Historical Operations

Common Components


Storage









Threat Management

Threat Management



Event, Correlation,


Event, Correlation,





Data Management


Storage Management Solutions

•Storage Management•Backup, Archive, Space Management, Disaster Recovery

•Storage Resource Management•Systems Management of Storage Networks•Capacity, Asset, Availability, Event, Performance Management

•Network Discovery•LUN Management (Host to LUN Mapping)•Policy Based File System Automation

•SAN File Sharing•Moving Big Files Fast over the SAN•Sharing SAN Storage Devices in SAN Environments


Security









Threat Management

Threat Management



Event, Correlation,


Event, Correlation,





Data Management


Threat Management

Tivoli Risk ManagerTivoli Risk Manager

Network IDS

Firewall

Network IDS

Web ServerwithWebIDS



Multiple diverse,yet complimentaryIDS Sensors

Host IDS

Host IDS

Host IDS

Console

CentralDB

Tivoli Enterprise Console

Router


Threat Management in Action

WEB Server

FireWallNetwork IDS

Monitoring

Risk ManagerRisk ManagerFireWall


Access Management - Common Permission Framework

ClientClient Security Layer

Security Layer

Protected ResourceProtected Resource

PD ServerPD Server

BrowserBrowser WebSEALWebSEAL Web Resource

Web Resource

Java Appl.Java Appl.

JAASJAAS Protected ResourceProtected Resource

MQ Appl.MQ

Appl.MQI API

InterceptorMQI API

InterceptorQueued MessageQueued Message

UserUser PD for OSPD for OS UNIX Resources

UNIX Resources

ClientClient CORBA InterceptorCORBA

InterceptorServerServer

Object/ ACL DBObject/ ACL DB

User Registry

User Registry

Tivoli Policy DirectorTivoli Policy Director


Tivoli Policy Director – Secure Web Access

WebSEALWebSEAL

Browser

HTTP(s)

PolicyManagerPolicy

Manager

Object/ACL Database

Object/ACL Database

User Registry(LDAP)

User Registry(LDAP)

HTTP(s)

iPlanet

WebLogic

MS IIS

WebSphere Application

Server

WebSEAL passes to application:ØNothingØCredentials from Lock BoxØUser & group info (iv_user/iv_groups)

ØEPAC (iv_creds “Dossier”)

ØLTPA Cookie (WebSphere/Domino)

ØSupplemental user information (Tag-value)

ØEntitlements information (PD_Portal)

WebSEAL passes to application:ØNothingØCredentials from Lock BoxØUser & group info (iv_user/iv_groups)

ØEPAC (iv_creds “Dossier”)

ØLTPA Cookie (WebSphere/Domino)

ØSupplemental user information (Tag-value)

ØEntitlements information (PD_Portal)


Securing UNIX Operating Systems

PDOS Kernel Interception

UNIX native services

PDOSProcesses Replicated

Policy DB

CredentialCache

Cache

UserRequest

Policy Director

Policy DB

User RegTivoli Tivoli

Policy DirectorPolicy Directorfor Operatingfor Operating

SystemsSystems


Business Business LogicLogic

System/Application System/Application DefinitionsDefinitions

Applications,Applications,DatabasesDatabases

OS/OS/NOS’sNOS’s,,DirectoriesDirectories

OS/390OS/390(RACF, ACF2**, (RACF, ACF2**,

Top Secret**)Top Secret**)UNIX / Linux UNIX / Linux

Security EngineSecurity EngineWeb / Java/Web / Java/

OtherOtherResourcesResources

ResourcesResourcesLDAP

Reporting Reporting & Auditing& Auditing

ResourceResourceProvisioningProvisioning

** through services

UsersUsers

UsersUsers&&

AccessAccessControlControlPoliciesPolicies

TivoliTivoliIdentityIdentityDirectorDirector

TivoliTivoliPolicyPolicy

DirectorDirector

TivoliTivoliPD PD

for OSfor OS

HR/HR/AdminsAdmins

EmployeesEmployees

CustomersCustomersPartnersPartnersSuppliersSuppliers

Create, Delete, & Create, Delete, & Modify User InfoModify User Info

WebWebDelegatedDelegated

AdminAdmin

WebWebPasswordPassword

ResetReset

Web SelfWeb Self--ServiceService

HRHRSystemsSystems

WorkflowWorkflow

Identity Management


Summary

•Tivoli is Systems Management Software•Config & Operations / Performance & Availability / Security / Storage•Highly Integrated but Modular Approach

•Enterprise Customers (Market Leader)•Small-and-Medium Business

•Cross-Platform vs. Multi-Platform Approach•Proven Scalability

Documents

Managing Technology Tivoli Architecture and …...IBM Software Group Managing Technology Tivoli Architecture and Solutions German Unix User Group February 2002 Michael Brokmann Tivoli