As IBM continues to drive its software initiatives around e-business, the tasks associated with managing business process integration are getting more complex. The point man for rising to this challenge within IBM is Robert LeBlanc, general manager for IBM's Tivoli Software Inc. In an interview with InfoWorld Editor in Chief Michael Vizard and Test Center Director Steve Gillmor, LeBlanc talks about how systems management is evolving into business process management and why this requires a holistic view of the entire enterprise.
Q: What's your biggest challenge going forward with Tivoli?In the last 24 months there have been huge changes in the systems management market that [have] affected all three key players -- Tivoli, BMC, and CA. We've been spending some time refocusing the Tivoli business around four key areas that we feel really encompass what systems management is today and what we believe systems management will turn into in the future, which is really business impact management. It goes beyond just managing systems and managing availability. It really tends to look now as holistic view of applications and seeing how all of this is fitting together in terms of the service levels for a critical business process. We think systems management will move from the realm of being IT-centric to being more business-centric.
Q: How does IBM approach this space?We see the four key areas of systems management, with two areas being more traditional systems management. Configuration is really job scheduling, software distribution, [and] inventory management. The second area is performance and availability, which really is the area of monitoring and trying to understand what is going on in my environment. We see that area moving upscale, in which people are starting now to connect multiple back-end monitoring systems to get a holistic view in order to give customers the ability to be more proactive in their management, rather than reactive. If you look at systems management up to this point in time, it's been very reactive. We think that over time systems management will be more proactive, in which you gather up information and understand business patterns. That's why we call it business impact management.
The third and fourth areas are new areas that are kind of becoming part of the systems management structure. One is security, where we separate out what we call operational security such as the firewall, anti-virus, and intrusion detection from security management. Within security management, we look at two different areas. One is threat management, which means I've got all of these anti-virus tools and firewall tools and they're all throwing up information. How do I co-relate that together? How do I predict that several events [are really] an attack on my systems or look [for] patterns that say I may be susceptible to something going on from either outside the business or even inside the business? We made a set of announcements in which more of the security vendors who provide that low-level information are plugging into our risk manager product, which is really a threat management platform which enables a single console view of the events. The other aspect of this is security management around authentication, authorization, and administration. This brings in the whole area of identity management and managing users so that I get a single view of the user. Finally, the fourth area that we're very much focused on is the whole area of storage, especially in the area of disaster recovery. Since the events of Sept. 11, that's become a thing that's top of mind for a lot of businesses because they understand the criticality of their IT systems. Their ability to recover will be the ability for them to continue with ongoing businesses.
Later this year we'll have a set of products around storage resource management. Companies today are spending almost as much money on storage as they do on servers. They have a good handle of their servers, they understand the capacity, they understand performance, they understand how to monitor systems. But when you move to the storage site, they really don't have a good handle of what they have and they want to manage storage like they would manage any other valuable resource.
Q: So on some level, IBM is not building security products, but rather products to manage the security products?That's exactly the role we see ourselves playing. I'm not going to be in the firewall business or the intrusion detection business. I really want to be at the management layer that allows customers to plug in whatever tool they're using that's providing them with information, and then give [them] the ability to do that co-relation of event and messages to give them a view of their business and allow them to write business processes against a certain set of events that matches the business policies or security policies of an organization. We published a set of APIs that they can hook into, and that allows us to pull in all of these third-party vendor products.
Q: What is the underlying infrastructure for all this integration?From a technology perspective, we are going to leverage WebSphere and Web services underneath the covers for the next generation of Tivoli products. That gives us a couple of advantages over our competitors. It enables us to get to a Web-based infrastructure from what has been a traditional client/server architecture that has made up the Tivoli framework in the past. We have access, obviously, to WebSphere and the talent and the skill that WebSphere has to move to a Web services structure faster than a CA or BMC could, given that they don't have access to the technology nor do they have access to the skill. We are also going to integrate the next generation of Tivoli products with the open Eclipse development platform, and that'll help customers build applications that can take advantage of this open set of systems management services that are going to become available over time.
Q: How will the use of WebSphere and related technologies help scale Tivoli up to meet the challenges of the Internet, given the fact that we can't run agents everywhere on the Internet?It's not just only WebSphere application server but also MQSeries. That'll help us with some of that scalability that we probably don't have as much of today with the agent kind of technology that we're based on today. Part of our problem is that we're based on proprietary technology based on CORBA that had some inherent design flaws in it and is really not conducive to a Web environment. I want to use standards-based architectures like WebSphere and Web services to provide that capability.
Q: How is the process of backup and recovery getting more sophisticated?We're getting now to a granular set of products that enable you to back up particular pieces of an IT infrastructure. Obviously, if it's a catastrophic event [such as] Sept. 11, then it's the ability to recover the whole environment. [What] you need to do is make sure you've got a backup and restore set of capabilities that enable you to do the restore part. Most of the vendors in the market have focused on backup and they always talk about how quickly they can back up your system. That's great when you're in normal operations. The real value of backup and restore software is when you're trying to restore, and that's where speed and ease of use and everything really comes into play.
Q: What new challenges will the advent of wireless computing present?The challenges come in several areas. When you talk configuration operations, how do I distribute software and manage the inventory on wireless devices? How do I provision a device? We think provisioning and changing how you provision depending on the type of device is important. We look at wireless as just an extension of the natural progression of what access mechanisms that you need to be able to manage. That's actually what's driving customer interest in having a single view of access, rather than all of these point products used and all of these different IDs and everything else. Customers want one holistic view because they're combining these technologies in with other technologies to build business applications, and they want their systems management provider to provide a total end-to-end view.
Q: How does all this strategy relate to the self-healing systems goals that IBM has put forward under to aegis of Project Eliza?A lot of what we start delivering here is really the first level of instantiation of that vision. It's not going to be one event or one product that instantiates that. It's going to be several projects, several things over a period of time. More and more you're going to see the base monitoring capability be provided by the lower-level systems, whether it be operating systems or subsystems such as databases and the like. We're taking some of our low-level monitoring capability and we're actually building that into products like WebSphere and DB2 and others. We're taking technology from other parts of our software portfolio and we're also providing capability to parts of our software portfolio. The operating systems, as they get smarter, provide more information. As you provide more information you can do more proactive analysis of information. So the next generation of Tivoli products will have a data warehouse built in. That will enable us to collect more and more information and therefore be more proactive in management rather than reactive. The more we can make our products, the other parts of the software portfolio, self-healing and self-managing, the better those products are and the better able we are to manage the higher-level value propositions that our customers are telling us are becoming more and more important. People want to be able to do proactive service-level management so they can adapt service levels and make changes on the fly based on service levels, not just on catastrophic events that may occur.