4. Management Frameworks
There's a lot of great guidance out there on the technical aspects of designing,
installing, configuring, and operating Exchange servers and
organizations. There's a lot less material that provides a coherent
look at the issues of the entire lifecycle of IT management in general,
let alone Windows or Exchange deployments in particular. There may be,
however, more than you think: every organization of every size
struggles with common nontechnical issues and needs a good defined
framework for managing IT resources. Having this type of framework in
place makes it easier to properly plan for disaster recovery and
business continuity concerns as well as other common management tasks.
There are several frameworks you may wish to examine, or with which you are already familiar in some fashion:
The Information Technology Infrastructure Library (ITIL)
is the 900-pound gorilla of the IT management framework world. ITIL
provides a generic set of tools for IT professionals to use as template
concepts and policies when developing their own management processes of
their IT infrastructure and operations.
Microsoft has developed the Microsoft Operations Framework (MOF),
a detailed framework based on the concepts and principles of ITIL. MOF
takes the generic framework offered by ITIL and provides greater detail
optimized for Windows and other Microsoft technologies.
Like Microsoft, IBM offers its own ITIL-centric framework: the IBM Tivoli Unified Process (ITUP).
ITUP provides guidance on taking generic ITIL concepts and processes
and linking them into real-world processes and tasks that map to real
IT objectives.
The Control Objectives for Information and Related Technologies (COBIT)
best practices framework was initially created as a way to help
organizations develop IT governance processes and models. While COBIT
is typically thought of as optimized for IT audits, it offers a number
of supplemental practices suitable for IT management.
4.1. ITIL
The best way to learn about ITIL is to go through
one of the training and certification events. Outside such classes,
ITIL is in essence a collection of best practices in the discipline of
IT service management. IT service management is just what it sounds
like: effective and consistent management of IT services. IT management
is in many respects nonintuitive and offers several specific challenges
that are not common to many other management disciplines; most people
need specific training to learn how to manage IT in the most effective
way. ITIL represents the most accepted IT management approach in the
world.
ITIL was developed by the British Standards
Institution in an attempt to develop a centralized management standard
for IT throughout the various British government agencies. This effort
was not successful — in part due to the change from mainframe-based
computing to personal computers and networks and the resulting lowering
of barriers to server acquisition and deployment. However, it did allow
the formation of existing best practices and thoughts on IT service
management into a single collection of best practices and procedures,
supported by tasks and checklists IT professionals can use as a
starting point for developing their own IT governance structures. ITIL
is supported and offered by a wide variety of entities, including many
large enterprises and consulting firms, with training and certification
available for IT professionals.
ITIL has been through several iterations. The most
current version, ITIL v3, became available in mid-2007 and consists of
five core texts:
Service Strategy
Demonstrates how to use the service management
discipline and develop it as both a new set of capabilities as well as
a large-scale business asset
Service Design
Demonstrates how to take your objectives and develop them into services and assets through the creation of appropriate processes
Service Transition
Demonstrates how to take the services and assets previously created and transition them into production in your organization
Service Operation
Demonstrates the processes and techniques required to manage the various services and assets previously created and deployed
Continual Service Improvement
Demonstrates the ongoing process of improving on the services and assets that already exist to increase value to your customers
While ITIL provides a reasonably coherent management
approach, it is not without its flaws. There are four main common
criticisms:
ITIL is by no means complete. In particular,
it doesn't map into definitive, prescriptive guidance. By concentrating
on best practices and concepts, it can be rather generic and sometimes
vague. It doesn't offer instrumentation or benchmarking to measure the
impact of ITIL adoption on your organization's management practices. If
you adopt ITIL, be prepared to spend time adapting its guidance to your
organization, identifying gaps, and coming up with processes to fill
those gaps.
ITIL is focused solely on
service management and, as result, fails to address related issues such
as enterprise architecture design. While at first this focus seems
reasonable, in practice it can cause long-term problems; ITIL does not
have a way to detect problems or flaws in the design, let alone a
mechanism to fold feedback gathered from ITIL-aligned management
practices back into the design process (or vice versa).
The
ITIL process can be somewhat expensive. Between the acquisition cost of
the core texts, the training, and the certification, organizations can
spend a fair amount of money without any specific mechanism for gauging
their return on that investment. Additionally, the quality of the books
(aside from the overall holes in the ITIL guidance) is reported by many
to be spotty and uneven.
ITIL's
limitations are not always well understood even by those who have gone
through certification, leading to a common attitude that ITIL is not a
solution for all IT governance problems. In particular, many ITIL
practitioners can lose sight of the practical benefits and flaws of the
discipline and tend instead toward a dogmatic pursuit of ITIL.
4.2. MOF
Microsoft has worked with ITIL for more than 10
years, beginning in 1999. As ITIL has developed and grown in
popularity, Microsoft saw that its customers needed more specific
guidance for using the principles and concepts of ITIL in the context
of Microsoft technologies and applications. As a result, they created
the Microsoft Operations Framework, which they describe in the following manner:
The Microsoft strategy for IT service management is
to provide guidance and software solutions that enable organizations to
achieve mission-critical system reliability, availability,
supportability, and manageability of the Microsoft platform. The
strategy includes a model for organizations and IT pros to assess their
current IT infrastructure maturity, prioritize processes of greatest
concern, and apply proven principles and best practices to optimize
performance on the Microsoft platform.
MOF is not a replacement for ITIL; it is one
specific implementation of ITIL, optimized for environments that use
Microsoft products. It's specifically designed to help IT professionals
align business goals with IT goals and develop cohesive, unified
processes that allow the creation and management of IT services
throughout all portions of the IT lifecycle. It is currently on version
4.0, which aligns with ITIL v3.
MOF defines four stages of the IT service management lifecycle:
Plan
Plan is the first stage of the cycle: new IT
services are identified and created, or necessary changes are
identified in existing IT services that are already in place.
Deliver
Deliver is the second stage: the new service is implemented for use in production.
Operate
Operate is the final stage of the cycle: the
service is deployed and monitored. It feeds back into the Plan stage in
order to effect incremental changes as necessary.
Manage
Manage stage is not a separate stage; instead,
it is an ongoing set of processes that take place at all times
throughout the cycle to measure and monitor the effectiveness of your
efforts. This is illustrated in Figure 1.
So, how necessary are management frameworks in real
deployments? Why are we wasting valuable space talking about ITIL and
MOF when we could be cramming in a couple more nuggets of yummy
Exchange 2010 technical goodness? The answer is simple: we can't
include everything. No matter how thorough (and long) the book, there
will always be more technical details that you can't include. Instead,
we wanted to include at least an introduction to some of the
nontechnical areas that can give you an advantage.
Let's demonstrate the practical value of some of
this ITIL mumbo-jumbo by tackling a hot topic of discussion:
availability and uptime. We've heard a lot of executives talk about
"five nines of availability" — but what, exactly, does that mean? You
can't have a meaningful discussion about availability without knowing
exactly what kind of availability you're talking about , and without knowing that, you can't measure
it, let alone to the ludicrous degree of detail that five nines
represents.
Now let's discuss uptime. Uptime has a pretty
well-defined meaning; you just need to know what scope it applies to.
Are you talking server uptime, mailbox uptime, or service uptime? Once
you have that defined, you can take measurements and apply numbers for
quantitative comparisons.
ITIL and MOF give you not only the
conceptual framework for agreeing on what you're measuring, but also
guidance on how to put the process of measurement into place. That kind
of discipline can give you a lot of long-term advantages and help keep
your Exchange deployment better managed than you could do on your own.
The thing to remember is that these frameworks are starting points;
they're not cast in stone, and they're not laws you must rigidly obey.
If you find some aspect that doesn't work for your organization, you
should first make sure you understand what the purpose of that feature
is and how it's intended to work. Once you're sure that it doesn't
apply as is, feel free to make documented changes to bring it into
alignment with your needs.
