For Martin Webb, upgrading the network to support new IP-based applications and then adequately managing them can be like taking one step forward and two steps back. As technologies such as VoIP emerge to advance his network, the tools to manage them are falling behind, says Webb, who is manager of data network operations for the Canadian province of British Columbia.

"Network management technologies are fairly well positioned to tell you if the device is available, and report on traffic in and out, utilisation and errors," Webb says. "The problem is, they only give you visibility into how you believe your traffic is flowing. Management products now need to understand how the network routing functions and to see changes to the routing in real time."

The traditional model of centralised server software depending on distributed agents and intermittent SNMP polling of the network simply can't keep up with the rate of real-time change that today's applications sustain. Never mind looking ahead to a time when data, voice and video applications will share on-demand bandwidth and computing resources. Then Web services-based service-oriented architectures (SOA) will enable applications to disassociate from the hardware, requiring management from within the application. And the management of today really will lose its bearings.

"The mainframe-oriented and agent-based technologies are going to evolve in the next five to 10 years to support real-time requirements, and that's going to call for a lot of integration and standards support among vendors," says Stephen Elliot, a senior analyst with IDC. "Even now, large vendors are looking to improve their management capabilities through standards and more management knowledge of various IT domains, such as applications, storage, servers and networks."

Understanding a dynamic network
As management vendors change their perspectives, corporate IT executives need to shift their view of the advanced IP infrastructure from one of network availability to a more dynamic picture of application performance on - and user experience with - the network. In British Columbia, as Webb rolls out VoIP to some 450 sites, he finds himself talking with developers to better understand how applications need to traverse his network. Since implementing a partially meshed network, it's anyone's guess which way application traffic will choose to travel, Webb says.

"We can look at bandwidth consumption and see no errors, trying to understand why the user experience is becoming a problem," he explains. "We're realising more and more there are traffic flow issues, but with centralised monitoring tools, it gets very difficult to bring all the pieces together."

Management heavyweights, such as BMC Software, Computer Associates, HP and IBM, are tweaking their products to better share data among them, as well as adding ease-of-install and use features to management suites that once required considerable up-front work to get results. The vendors also are partnering with start-ups, such as Collation, nLayers and Relicore, to build and update application topologies and collect configuration data across network devices, and application and server software. As a result, IT should be able to visualise how applications use network resources and get an accurate picture of application performance and IT service delivery.

Yet few management software makers have put a stake in the ground when it comes to IP-based applications such as voice and video. NetIQ and Micromuse offer VoIP management products, and CA is expected to put its Concord acquisition to use in the realm of VoIP management, but the leading vendors mostly have only pieces of the larger product set needed.

"IT managers are looking to equipment manufacturers to get a handle on voice and video performance. The network and systems management folks are still polling, and that is not real-time," says George Hamilton, a senior analyst at The Yankee Group. "For voice and video, there are more transient performance issues and you need something that can capture that information for troubleshooting and diagnostics."

Tools find it hard to keep up
Bringing on additional IP traffic is stretching the limits of LAN/WAN and QoS tools at White Electronic Designs, says James Kritcher, VP of IT at the provider of integrated silicon and packaging services. The Arizona company, which already uses IP for security cameras, iSCSI storage and Polycom videoconferencing, is testing VoIP.

"In our VoIP pilot, we are finding it can be a challenge to maintain the quality and consistency of voice communications in a dynamic network environment," Kritcher says. "Apps that had run just fine previously begin to choke when voice traffic is introduced."

That's why Chris Holbert, when he was IT director at medical device manufacturer North American Scientific, kept voice and video traffic separate from the data application on the company's MPLS network. (Holbert has since changed jobs.) "The applications were segmented on the network mainly because of the inability to manage quality of service, reliability and security," he explains. "To manage the IP net of the future, tools have to operate at Layer 7 across the stovepipes where the true application intelligence is."

The premise of routing application traffic based on content, prioritised by IT managers' pre-defined rules, isn't a new one for the WAN. But now Layer 4-7 products, sometimes called application front-end processors, are reaching into the data centre. These appliances combine application and network point solutions, while providing functions such as server load balancing, SSL acceleration, compression and traffic shaping. Other appliances look at WAN performance by evaluating performance characteristics from within the LAN. Cisco, for example, might find its way into the data centre with its recently announced Application Oriented Networks (AON) strategy for optimising Cisco networks to run Web services. The AON line includes modules that offload some XML-based message processing - once done in middleware server software - onto Cisco Catalyst 6500 switches and integrated services routers in branch offices. The AON line also will include software for managing the flow of XML traffic.

"The equipment guys like Cisco put intelligence into their gear and say that's the way to manage the future nets, while [software vendors such as] Microsoft and IBM say the network is a dumb routing platform that needs to support intelligent applications," Yankee's Hamilton says.

The Web services challenge
HP in June announced its OpenView SOA Manager software, intended to help developers build management into their applications and to allow network operations staff to better track application performance across the SOA. BEA Systems, CA and IBM reportedly also have SOA management tool plans, which may cause problems for niche vendors such as Actional, Amberpoint and SOA Software.

While network latency, packet loss and jitter cause performance problems with voice and video applications, Web services propose a different set of challenges for IT staff familiar with monitoring the performance of applications connected to specific servers. "SOA and Web services require active management and an intermediary within the systems," says Ron Schmelzer, a senior analyst at ZapThink. "Passive management will send a task to a human; active management will do something about it if something goes wrong along the service chain."

Managing SOA requires a shift from managing IT components to managing the processes associated with an application, which can include some 70 to 80 pieces, says a senior VP of architecture who wished to remain anonymous. "The point of SOA is to re-use business services, which means the applications have to be more transparent and work together more easily," says the IT executive, who works at a financial services firm. "For SOA, you need an umbrella layer that can see all the traffic that is being managed by multiple vendors and be able to point to the problem causing the service to fail across the processes."

Try joined-up thinking
To get an idea of management on applications not attached to any specific server, vendors need to embed the management intelligence into the application. And developers need to build applications with management in mind, taking into account how to configure the application to run in specific environments. The change will take time and will require that vendors adopt standards.

"For a while, you'll see a hybrid of agent and agent-less technologies, as vendors work to integrate their own management capabilities across domains. Such standards as Web-based Enterprise Management and XML will help bring about easier integration for Web services management across various products," IDC's Elliot says.

Despite advances in various forms of application management - data, IP and Web services - most IT managers believe they still will need to use multiple tools to manage their advanced IP networks. Integration will be the focus going forward. One would hope the vendors could facilitate the move toward a fluid management system, made up of several tools tackling various technologies. But for now, network managers will rely on their own innovations to achieve the ideal "single pane of glass" to monitor application performance on converged networks.

"We just integrated our management tools to feed data into one console so we can stop depending on five or six consoles and get an idea of performance from one place," says Kim Jahnz, lead WAN data network engineer at Aurora Health Care in Milwaukee. Jahnz uses management software from Aprisma and Concord, as well as tools from Intellitactics and Attention Software. Strong technology partnerships among software and equipment vendors will help better manage a converged network, Jahnz says.

"It's easier if I do the integration work and prevent our staff from having to train on multiple systems, but it would be nice if software vendors could agree on a standard, like [has happened on the hardware side with] Cisco," she says.

Jim Mileski, systems administrator for Financial Partners in Massachusetts, agrees. "In IP networks, everything is getting larger and more complex. Now you need tools that are smart enough to tell you what's there, how it's configured and which one event is the one causing the problems."