IT operations detect, correlate, protect, and predict performance events of the IT infrastructure through a single-pane-of-glass (unified console) like your car dashboard. This helps to isolate the root cause for each specific event, conduct impact analysis, isolate business issues, contain firther problems, and effectively correct incidents, all through a single simple interface.
Predefined policies, implemented as automated processes, capture exceptions, performance issues, or IT incidents across applications and network devices. These incidents are then correlated and rolled up to business service views in order to facilitate a prioritization based on impact of the event.
Continuous monitoring in real-time across unrelated data sources and logs presents a real challenge, but it’s necessary to gain trust in your data collection across all IT operations. This monitoring must also be automated to combat progressively more targeted cyberattacks driven by sophisticated, finely tuned, and increasingly automated processes used by cyber-criminals, terrorists, and politically driven hacktivists.
Many governments, particularly at the central government level, are beginning to mandate the implementation of continuous monitoring practices in their IT systems. In the U.S., the Office of Management and Budget (OMB) issued a continuous monitoring mandate, OMB M-10-15, in 2010 to provide reporting instructions for the Federal Information Security Act and Agency (FISMA), but only through more recent guidelines from partner organizations such as the National Institute of Standards and Technology (NIST), with their special publications, has the U.S. begun to provide more deliberative and prescriptive guidelines.
IT operators rely on event reduction techniques such as correlation engines, or limit either the breadth or depth of data collection to only machine data from business-critical applications. The machine data collected is typically not categorized or normalized, and there are no tools to search events or logs. The data is also retained for the short term and may not fulfill the need to keep services up and running at all times.
This short-term retention of data limits the intelligence in the system, as events fixed and annotated a few months ago may not be stored for retrieval. The alternate option is to invest in expensive databases and resources to manage and analyze the data.
Check out how these problems can be fixed through combining HP ArcSight, the industry-leading Security Analytics solution with the HP Business Service Manager, the industry-leading IT management solution.
Vsit:www.hp.com/go/OpsAnalytics for more info…