This is why CRN Test Center engineers were surprised to discover that in a Windows-dominated world, a popular sampling of MSP platform products revealed a lack of integration with certain critical Windows technologies.
Test Center engineers popped the hood on an expensive MSP platform from SilverBack Technologies, medium-priced products from vendors LPI Level Platforms and N-Able Technologies, and a low-cost product from vendor AdventNet.
Because it is a Windows-dominated world, the Test Center invited Microsoft's System Center Essentials platform to participate. Many MSPs said Microsoft might own the MSP platform market with System Center Essentials, but the software giant declined to take part.
Because a successful MSP business is a proactive one, the Test Center determined that a well-structured resource workflow is a prerequisite to a quality MSP platform. Many MSP vendors, however, have architected their products to be reactive, and these types of products, which lack high-level workflow support sequences, can easily overwhelm small service providers with limited resources.
Equally important to success is quick access to support. Tracing faults should be direct and simple. When an alert has been identified, service providers should be able to know how to solve it right on the screen.
Linking a knowledge base to alert types is also a must-have feature. Moreover, service providers should be able to click on alert links that send them directly to a device interface at a customer site. Most MSP vendors in the review lacked this feature. But most demonstrated key strengths such as automated report generation.
The following pages reveal the details on each platform.
Policies also can be inherited so that unique rules applying to specific customers are the only rules technicians need to observe. This enables MSPs to add customization without starting from scratch. For instance, MSPs can create a gold policy that covers the most common devices and link customer-specific devices with a smaller policy.
Out of the box, SilverBack's Datacenter server arrives with monitoring rules for many network devices, including enterprise-scale devices such as Cisco routers, large Canon printers and Check Point firewalls. Some of Datacenter's monitoring capabilities cover network latency, SNMP traps, CPU utilization, memory buffer overflow and various log files from Linux, Unix, Novell and Windows. In addition, Datacenter arrives with extensive support for entire facilities and can monitor power lines, heat, moisture and temperature.
Datacenter relies on an agentless client software to manage customers' LANs. The agentless software, called SilverStreak, communicates by initiating an SSL tunnel back to an MSP site. Some SilverBack MSPs also like to use VPNs to communicate with customers.
During a remediation session, technicians can quickly launch a SilverStreak management tunnel back to an MSP site. Once a tunnel is established in a LAN, devices and applications are accessible via Telnet or VNC. SilverStreak also can initiate vulnerability scans, check perimeter access at firewall zones and distribute and monitor patches so that systems are kept up to date.
A unique feature in SilverStreak is its internal database, which maintains a log of every action it is performing on a network. Armed with this data, technicians can conduct detailed forensic analysis. The log also is important to customers that need to maintain some government or industry compliance.
Datacenter arrives with about 1,000 predefined conditions. The conditions are general events that SilverStreak checks for on any device and application. Some of these events are not specific to any operating system and cover any Windows or Linux server. For instance, by setting up general server alerts for "system out of virtual memory" and "system not accessible," Datacenter is intelligent enough to cover specific operating systems and server technologies. Conditions can be overridden as well.
SilverBack offers seven different packages that start from a $3,000 Quick Launch up to a $99,500 Business Builder Plus package. As packages go up, SilverBack increases the number of licenses and network capabilities. SilverBack's licensing model is based on the number and types of devices, which range from 35 to 450 licenses per customer.
In addition to supporting the basic Windows Management Instrumentation (WMI) interface and MSRPC protocol, Datacenter arrives with an integrated patch-management system that automatically updates Windows patches, including hundreds of other products. VARs do not have to purchase a separate Microsoft Software Update Server.
NEXT: LPI Level Platforms
VARs that want to run their own managed service site have to install LPI's Managed Workplace on a Windows server. The agentless client called On-site Manager gets installed at customers' sites. On-site Manager only needs to reside on a single Windows server box.
Managed Workplace arrives with about 75 templates to monitor specific SNMP and WMI messages for many devices and common Windows applications. The templates have all the alerts and monitoring rules required to detect problems in devices and applications. In order to match specific service levels, LPI allows solution providers to create and modify any default template.
The templates are written in XML so no coding is necessary. However, solution providers usually have to work with software vendors and LPI to create custom templates to monitor vertical software. The process is not difficult because new customizations can be created by copying rules from existing templates.
For security, On-site Manager uses Microsoft's Baseline Security Analyzer to perform periodic audits. The agentless client also seeks out known virus signatures and detects spyware and P2P clients. In addition, LPI provides a unique Web site monitoring solution for customers that are hosting critical e-commerce and business applications. The monitoring solution covers page response time and connection thresholds.
Through the device page in the Managed Workplace interface, MSPs can easily open remote connections in seconds. Level Platforms uses SSL tunneling to go directly to a site. Once inside a LAN, MSP technicians can use Telnet, VNC or any client used by customers to connect to devices.
Managed Workplace now arrives with a page dedicated to distributing and managing patches. The software uses the Windows Update Service through On-site Manager so customers do not have to install a dedicated server to schedule updates. Managed Workplace also provides a library of scripts to update any non-Microsoft software. With scripting, MSPs can create unique service rules to monitor and manage devices.
LPI now integrates with Intel's VPro technology. VPro provides stateless hardware management even when there is no operating system on a device. With VPro-ready PC and server systems, for instance, MSPs will be able to provide backup over the Web, even if these systems have been turned off by end users.
In addition to live Webinars, LPI has placed a series of case studies online that demonstrate many unique VAR services and how they are making money with them. The case studies are designed to encourage VARs to innovate and differentiate themselves from other MSPs.
LPI provides the most comprehensive set of Microsoft technologies in this group.
NEXT: N-Able Technologies
The Momentum system is a scaled-down version of the Velocity offering, which costs $4,200. Momentum serves customers that primarily use Windows, Mac and SNMP devices, whereas the Velocity program expands across Linux, Solaris, HP-UX and Novell systems. Entry-level pricing for the Momentum system is $99 per license per month for one or two licenses, $70 for two to five licenses, $60 for six to 15 licenses and $50 for 16-plus licenses.
To make an even smoother transition into managed services, N-able hosts a weekly Q&A session for Momentum partners where they can address their most immediate concerns on the use of monitoring tools. By contrast, Velocity partners receive tailored training sessions on how to create custom services and customized reporting. Velocity partners also get dedicated access to solution architects and device specialists. The company provides the same technical support for both channel programs.
N-able's hosted system has one of the simplest and most logically structured NOC views that CRN Test Center engineers have tested. Upon login, technicians first see all outstanding tickets and alerts on the right-hand side. By clicking on the links, technicians start an inspection process on devices and applications. N-able provides three connection choices per device: VNC, Terminal Services and RAdmin. MSPs have to install a probe on a single Windows system at customers' sites and work over Port 443.
The Momentum system is rather basic, though. MSPs start out with only 18 scripts. To build more sophisticated monitoring solutions, MSPs are forced to rely on their programming skills and the N-able community. The scripts are simple batch files that run basic programs that are driven by command-line parameters. However, the hosted system has various page settings such as thresholds and regular expressions to extract information and design alerts. As far as supporting Windows technologies, N-able provides the basic WMI interfaces for Exchange 2003 and SQL Server, including Windows patching.
OpManager's Professional package has a starting price of $795 per customer and covers an unlimited number of devices. To monitor server-based Windows applications out of the box, VARs have to sign up for the OpManager Enterprise package. OpManager's MSP Edition server starts at $4,995 for the first 100 customers. For an additional $99, MSPs can service up to 50 devices, and an extra $299 covers an unlimited number of devices.
OpManager arrives with a client probe that works on Windows and Linux. The probe works over Port 443 so no special ports have to be opened at a firewall. Once installed, the probe begins to categorize every device and run scans. The probe has an internal database that stores every activity. After syncing up with OpManager's central hosted server, the probe flushes its database, so even if technicians lose a session connection, nothing is missed.
At the OpManager's MSP Edition home page, technicians get a brief snapshot of all active alarms for each customer. The alarms have designations that visually depict device and application statuses so that technicians can quickly identify and act on the most severe cases. Like the alarms, OpManager arrives with many types of monitors, each associated with specific activities. Depending on a monitor, technicians can set thresholds or identify keywords inside log files.
To make a physical connection, technicians have to use Remote Desktop, which is based on the open-source RDP so technicians can connect to most operating systems. Currently, OpManager can start services automatically but cannot reboot servers.
The MSP Edition arrives with an integrated Google Map finder so that technicians can quickly find where a problem is taking place. This is a useful feature for small MSPs that need to optimize traveling time between customers. After LPI, AdventNet's MSP solution had the best support for Windows technologies. Surprisingly, AdventNet can monitor Microsoft Active Directory.
Take the open-source network management system Nagios, for example. Even though Nagios is a matured open-source product, new MSPs would have to spend an inordinate amount of time configuring scripts, defining services and network objects and creating reports virtually from scratch. Get used to the command line if you decide on a Nagios solution.
Although limited, the Nagios system is useful when monitoring devices that communicate with SNMP. Service providers can setup Nagios to execute events that scan for messages in a service queue. Likewise, applications can send messages to the Nagios service via command files. However, scanning through SNMP messages is quite tedious in Nagios.
Nagios developers recommend using an open-source SNMP trap translator located at www.snmptt.org. Without this translator, developers have to understand the SNMPs formats being received and write objects from scratch that can capture them.
After capturing each SNMP trap, service providers have to create shell scripts for each format to process them. The process is manual and can take quite some time to get right. Once service providers start offering Nagios services to multiple customers, they can easily spend weeks setting up each service.
Yet MSPs determined to use open-source software as an MSP platform should know they are not alone. A startup named GroundWork Open Source (See MSP Vendor List) is representative of a new breed of MSP platform vendor that bundles multiple open source tools such as Nagios, Network Weathermap, Cacti, and RRDtool into a single platform that costs less to support than if an MSP tried to tackle each open source application individually, said Tony Barbagallo, vice president of product management and marketing for the San Francisco-based vendor.