CMDB: Making IT Managable

While ITIL adoption has been slow in the U.S., one of it’s main components, the CMDB, is beginning to catch fire in IT departments across the country.

In a nutshell, a CMDB is a way to gain the ever-elusive single-version-of-the-truth about your IT infrastructure, your IT assets (software, hardware, switches, servers, PCs, laptops, etc.) and the business processes that depend on them.

Even though its name would indicate otherwise, what CMDB is not is a database, although it can be (and at some level needs to be). Nor is it a packaged technology you can buy from a single vendor (although some may be trying to sell it that way). A CMDB is a federated repository for all of your siloed information on infrastructure and systems.

“All that information is available from a siloed point of view but there’s no way to form the connections and map the dependencies across those,” said Bob Quillin, director of Marketing for the nLayers Group at EMC.

A CMDB can be a real-time view of everything in your inventory reported through some form a business-intelligence tool with the information cobbled together by disparate tools (many of which you may, and probably do, have in house) that talk to each other and report back through a common interface.

Or you can create CMDB like a data warehouse where these same discovery and asset management tools, for example, send collected information to some a database somewhere for later analysis. In practice, both approaches are probably best combined.

A CMDB can be as big or small as your like; taking in your entire, world-wide enterprise or focusing just on a few critical network components that require infinite ‘nines’ of up time, for example.

“The CMDB that’s called for within ITIL is the central repository for problem (management), incidents, configuration items and so on within an organization, however, in practice, there’s nothing in ITIL that says you need just one,” said IDC’s Research Manager for Enterprise Systems Management Software, Fred Broussard.

Perhaps the most important aspect of a CMDB isn’t as a federated repository of information but the fact that it stores and tracks the inter-dependencies of each configuration item (defined by ITIL as “hardware, software, buildings, people, and formal documentation such as Process documentation and SLAs.”).

This tracking may finally give IT managers and CIOs the ability to see exactly how a change in one part of the infrastructure, systems, software, etc. will affect every other part of the chain and, therefore, ultimately, the business. This is where the power of CMDB really shines, said Quillin.

“And that’s been sort of the Holy Grail of IT management and governance is ‘How can I align my business functions with the IT investments I’m making. And then, operationally, how can I manage infrastructure more from a business context so when I make a change I’m not going to affect the business in an adverse way?'”

Not only does a CMDB aid in these decisions but it also has a role to play in governance and compliance. By tracking everything that is going on in IT (or as much of it as you set it up to track) you now have a very clear audit trail. This allows you to then find out what changed, for example, who changed it, when it was done and what effect it had on the rest of the system.

“The point is the CMDB is not a thing, it’s a landscape, it’s a system,” said Dennis Drogseth, a VP of Enterprise Management Associates, which just released a study on CMDB adoption last week. “So the CMDB is exactly that political-cultural process of getting organizations to define a trusted source of information for a given environment and to share that info in a consistent way with all parts of the organization.”

It is this trusted source of information that is also key to fast uptake of CMDB. For too long, IT has had the tools to discover and manage all sorts of things but there has really never been one place where everyone could turn for the same information about the same event and trust that to be the right information.

“Everyone has information about assets and as long as everybody’s products can look at other people’s products and say ‘Oh, I see this computer here. Are we talking about the same computer?’ we can do that same type of comparison,” said IDC’s Broussard. “That’s one of the big things that’s required (with CMDB).

“So this idea of federation is what seems to be pervasive … but also the idea of a reconciliation engine as well that sort of says ‘Okay, when we talk about this copy of Microsoft Office on this computer we’re talking about the same copy’. And that’s the trick.”