The MSP craze of 2006 was spearheaded by midmarket solution providers catering to SMBs with mostly Windows-based networks.
This is why CRN Test Center engineers were surprised to discover that in a Windows-dominated world, a popular sampling of MSP platform products revealed a lack of integration with certain critical Windows technologies.
Test Center engineers popped the hood on an expensive MSP platform from SilverBack Technologies, medium-priced products from vendors LPI Level Platforms and N-Able Technologies, and a low-cost product from vendor AdventNet.
We searched for integration with key Microsoft monitoring technologies that capture performance, execute security auditing and provide automatic links to Windows' auto-update system. But engineers discovered that these various MSP platforms were not fully integrated with certain vital Windows technologies. What's more, as new technology looms—such as Vista's programmatic event tracers and Intel's VPro auto-discovery—MSP vendors are still in the planning stages when it comes to preparing their products.
Because it is a Windows-dominated world, the Test Center invited Microsoft's System Center Essentials platform to participate. Many MSPs said Microsoft might own the MSP platform market with System Center Essentials, but the software giant declined to take part.
Because a successful MSP business is a proactive one, the Test Center determined that a well-structured resource workflow is a prerequisite to a quality MSP platform. Many MSP vendors, however, have architected their products to be reactive, and these types of products, which lack high-level workflow support sequences, can easily overwhelm small service providers with limited resources.
Equally important to success is quick access to support. Tracing faults should be direct and simple. When an alert has been identified, service providers should be able to know how to solve it right on the screen.
Linking a knowledge base to alert types is also a must-have feature. Moreover, service providers should be able to click on alert links that send them directly to a device interface at a customer site. Most MSP vendors in the review lacked this feature. But most demonstrated key strengths such as automated report generation.
The following pages reveal the details on each platform.
Review: SilverBack Technologies
SilverBack Technologies is known for the unique policy engine in its MSP suite, which simplifies IT management. The policy-based architecture allows MSPs to offer many services to multiple customers without having to re-create management rules for each customer. By standardizing policies in a network operations center, MSPs can add many customers and devices without having to hire more technicians.
Policies also can be inherited so that unique rules applying to specific customers are the only rules technicians need to observe. This enables MSPs to add customization without starting from scratch. For instance, MSPs can create a gold policy that covers the most common devices and link customer-specific devices with a smaller policy.
Since general policies are shared among customers and require the most observation, technicians do not have track individual faults per customer and instead can perform remediation based on policies. What's more, the grouping of policies is far more effective for tracking many problems at once rather than just relying on single views of each customer. Because the main policies put in place by MSPs and SilverBack remain mostly unaltered, new customers that come on board can be serviced in a matter of hours.
Out of the box, SilverBack's Datacenter server arrives with monitoring rules for many network devices, including enterprise-scale devices such as Cisco routers, large Canon printers and Check Point firewalls. Some of Datacenter's monitoring capabilities cover network latency, SNMP traps, CPU utilization, memory buffer overflow and various log files from Linux, Unix, Novell and Windows. In addition, Datacenter arrives with extensive support for entire facilities and can monitor power lines, heat, moisture and temperature.
Datacenter relies on an agentless client software to manage customers' LANs. The agentless software, called SilverStreak, communicates by initiating an SSL tunnel back to an MSP site. Some SilverBack MSPs also like to use VPNs to communicate with customers.
During a remediation session, technicians can quickly launch a SilverStreak management tunnel back to an MSP site. Once a tunnel is established in a LAN, devices and applications are accessible via Telnet or VNC. SilverStreak also can initiate vulnerability scans, check perimeter access at firewall zones and distribute and monitor patches so that systems are kept up to date.
A unique feature in SilverStreak is its internal database, which maintains a log of every action it is performing on a network. Armed with this data, technicians can conduct detailed forensic analysis. The log also is important to customers that need to maintain some government or industry compliance.
Datacenter arrives with about 1,000 predefined conditions. The conditions are general events that SilverStreak checks for on any device and application. Some of these events are not specific to any operating system and cover any Windows or Linux server. For instance, by setting up general server alerts for "system out of virtual memory" and "system not accessible," Datacenter is intelligent enough to cover specific operating systems and server technologies. Conditions can be overridden as well.
SilverBack offers seven different packages that start from a $3,000 Quick Launch up to a $99,500 Business Builder Plus package. As packages go up, SilverBack increases the number of licenses and network capabilities. SilverBack's licensing model is based on the number and types of devices, which range from 35 to 450 licenses per customer.
In addition to supporting the basic Windows Management Instrumentation (WMI) interface and MSRPC protocol, Datacenter arrives with an integrated patch-management system that automatically updates Windows patches, including hundreds of other products. VARs do not have to purchase a separate Microsoft Software Update Server.
NEXT: LPI Level Platforms
Review: LPI Level Platforms
For about $4,000, small MSPs can set up up their own managed services. LPI Level Platforms offers a site license model instead of charging per device. The MSP license starts at $2,499 for three customer site licenses for one year and includes a NOC license with full partner benefits. The cost of the server is separate. Pricing for sites ranges from $5 per month to $200 per month for enterprises. Typical SMB prices start at $25 per month for up to 254 devices.
VARs that want to run their own managed service site have to install LPI's Managed Workplace on a Windows server. The agentless client called On-site Manager gets installed at customers' sites. On-site Manager only needs to reside on a single Windows server box.
On-site Manager uses Windows Management Instrumentation (WMI) for all Windows PCs and servers, including key Windows applications such as SQL Server and Exchange. For switches, routers, VoIP and IP-PBX devices, surveillance cameras, security card systems and all other non-Windows devices, the agentless software uses SNMP.
Managed Workplace arrives with about 75 templates to monitor specific SNMP and WMI messages for many devices and common Windows applications. The templates have all the alerts and monitoring rules required to detect problems in devices and applications. In order to match specific service levels, LPI allows solution providers to create and modify any default template.
The templates are written in XML so no coding is necessary. However, solution providers usually have to work with software vendors and LPI to create custom templates to monitor vertical software. The process is not difficult because new customizations can be created by copying rules from existing templates.
For security, On-site Manager uses Microsoft's Baseline Security Analyzer to perform periodic audits. The agentless client also seeks out known virus signatures and detects spyware and P2P clients. In addition, LPI provides a unique Web site monitoring solution for customers that are hosting critical
e-commerce and business applications. The monitoring solution covers page response time and connection thresholds.
Through the device page in the Managed Workplace interface, MSPs can easily open remote connections in seconds. Level Platforms uses SSL tunneling to go directly to a site. Once inside a LAN, MSP technicians can use Telnet, VNC or any client used by customers to connect to devices.
Managed Workplace now arrives with a page dedicated to distributing and managing patches. The software uses the Windows Update Service through On-site Manager so customers do not have to install a dedicated server to schedule updates. Managed Workplace also provides a library of scripts to update any non-Microsoft software. With scripting, MSPs can create unique service rules to monitor and manage devices.
LPI now integrates with Intel's VPro technology. VPro provides stateless hardware management even when there is no operating system on a device. With VPro-ready PC and server systems, for instance, MSPs will be able to provide backup over the Web, even if these systems have been turned off by end users.
In addition to live Webinars, LPI has placed a series of case studies online that demonstrate many unique VAR services and how they are making money with them. The case studies are designed to encourage VARs to innovate and differentiate themselves from other MSPs.
LPI provides the most comprehensive set of Microsoft technologies in this group.
NEXT: N-Able Technologies
Review: N-Able Technologies
N-able now offers two routes for MSPs: a hosted Momentum MSP platform and a server-based Velocity system.
The Momentum system is a scaled-down version of the Velocity offering, which costs $4,200. Momentum serves customers that primarily use Windows, Mac and SNMP devices, whereas the Velocity program expands across Linux, Solaris, HP-UX and Novell systems. Entry-level pricing for the Momentum system is $99 per license per month for one or two licenses, $70 for two to five licenses, $60 for six to 15 licenses and $50 for 16-plus licenses.
VARs starting out in the Momentum system must complete a three-hour technical training program before activating customers on the hosted system. The training walks VARs through initial settings of an N-able hosted server, how to configure and deploy a client at a customer site and how to proactively monitor a network. On one of its tabs in the hosted solution, N-able added a direct link to its community message board so new MSPs can share experiences and find specific how-to topics right away.
To make an even smoother transition into managed services, N-able hosts a weekly Q&A session for Momentum partners where they can address their most immediate concerns on the use of monitoring tools. By contrast, Velocity partners receive tailored training sessions on how to create custom services and customized reporting. Velocity partners also get dedicated access to solution architects and device specialists. The company provides the same technical support for both channel programs.
N-able's hosted system has one of the simplest and most logically structured NOC views that CRN Test Center engineers have tested. Upon login, technicians first see all outstanding tickets and alerts on the right-hand side. By clicking on the links, technicians start an inspection process on devices and applications. N-able provides three connection choices per device: VNC, Terminal Services and RAdmin. MSPs have to install a probe on a single Windows system at customers' sites and work over Port 443.
The Momentum system is rather basic, though. MSPs start out with only 18 scripts. To build more sophisticated monitoring solutions, MSPs are forced to rely on their programming skills and the N-able community. The scripts are simple batch files that run basic programs that are driven by command-line parameters. However, the hosted system has various page settings such as thresholds and regular expressions to extract information and design alerts.
As far as supporting Windows technologies, N-able provides the basic WMI interfaces for Exchange 2003 and SQL Server, including Windows patching.
Unlike its competitors, AdventNet started providing managed services after years spent building a large portfolio of enterprise applications. Some of these applications now are being integrated into the company's MSP solution. For instance, for the past three years, AdventNet has been offering a stand-alone OpManager server for VARs targeting customers that need remote management.
OpManager's Professional package has a starting price of $795 per customer and covers an unlimited number of devices. To monitor server-based Windows applications out of the box, VARs have to sign up for the OpManager Enterprise package. OpManager's MSP Edition server starts at $4,995 for the first 100 customers. For an additional $99, MSPs can service up to 50 devices, and an extra $299 covers an unlimited number of devices.
AdventNet now is offering OpManager's MSP Edition as a 30-day free trial so new MSPs can sign up potential customers without any strings attached. During the trial period, MSPs have full access to the product and are encouraged to generate weekly inventory and status reports. The trial period also extends to AdventNet's established MSPs that are seeking new customers.
OpManager arrives with a client probe that works on Windows and Linux. The probe works over Port 443 so no special ports have to be opened at a firewall. Once installed, the probe begins to categorize every device and run scans. The probe has an internal database that stores every activity. After syncing up with OpManager's central hosted server, the probe flushes its database, so even if technicians lose a session connection, nothing is missed.
At the OpManager's MSP Edition home page, technicians get a brief snapshot of all active alarms for each customer. The alarms have designations that visually depict device and application statuses so that technicians can quickly identify and act on the most severe cases. Like the alarms, OpManager arrives with many types of monitors, each associated with specific activities. Depending on a monitor, technicians can set thresholds or identify keywords inside log files.
To make a physical connection, technicians have to use Remote Desktop, which is based on the open-source RDP so technicians can connect to most operating systems. Currently, OpManager can start services automatically but cannot reboot servers.
The MSP Edition arrives with an integrated Google Map finder so that technicians can quickly find where a problem is taking place. This is a useful feature for small MSPs that need to optimize traveling time between customers.
After LPI, AdventNet's MSP solution had the best support for Windows technologies. Surprisingly, AdventNet can monitor Microsoft Active Directory.
The appeal of an open-source MSP platform that is understandably the savings associated with not having to pay licensing fees. But open-source software products do have technical support costs associated with them—and for good reason. Open-source software can introduce complexity.
Take the open-source network management system Nagios, for example. Even though Nagios is a matured open-source product, new MSPs would have to spend an inordinate amount of time configuring scripts, defining services and network objects and creating reports virtually from scratch. Get used to the command line if you decide on a Nagios solution.
Essentially, Nagios traps service providers into providing Linux services. Even though the Nagios documentation describes an add-on for Windows, the software is actually missing from the download site. CRN Test Center engineers looked through all available plug-ins and files on Sourceforge but were not able to find any binary files for Windows.
Although limited, the Nagios system is useful when monitoring devices that communicate with SNMP. Service providers can setup Nagios to execute events that scan for messages in a service queue. Likewise, applications can send messages to the Nagios service via command files. However, scanning through SNMP messages is quite tedious in Nagios.
Nagios developers recommend using an open-source SNMP trap translator located at www.snmptt.org. Without this translator, developers have to understand the SNMPs formats being received and write objects from scratch that can capture them.
After capturing each SNMP trap, service providers have to create shell scripts for each format to process them. The process is manual and can take quite some time to get right. Once service providers start offering Nagios services to multiple customers, they can easily spend weeks setting up each service.
Yet MSPs determined to use open-source software as an MSP platform should know they are not alone. A startup named GroundWork Open Source (See MSP Vendor List) is representative of a new breed of MSP platform vendor that bundles multiple open source tools such as Nagios, Network Weathermap, Cacti, and RRDtool into a single platform that costs less to support than if an MSP tried to tackle each open source application individually, said Tony Barbagallo, vice president of product management and marketing for the San Francisco-based vendor.