View a larger version of the diagram.

EM7 Technology Overview

The diagram above provides an overview of data flow and communications for a sample high availability EM7 solution.

All-in-One, Extensible Architecture, High Availability
EM7 Solutions are delivered as an All-in-One management appliance or in an Extensible Architecture (with High Availability option) as shown above.

In the Extensible Architecture configuration, the core functions of EM7 are distributed to three “tiers” of dedicated systems – Data Collectors, Centralized Database(s) and Application/Report Server(s).
The three tiers can be geographically dispersed depending on customer-specific network configuration, firewalls, etc. with only a limited number of ports required to be open between the tiers to preserve customer-specific security policies or airgaps between networks.

Benefits of EM7 Extensible Architecture vs Traditional Centralized Systems
Traditional centralized management systems require administrators to open a vast number of ports to allow traffic to flow back for anything that needs to be monitored. In our decentralized system, traffic from each monitored device only needs to be able to reach the Data Collection Server instead of going all the way back to the central monitoring system which could be behind firewalls or have additional security restrictions.

This architecture not only reduces the number of open ports and firewall access for monitoring traffic, but it also reduces the amount of data that must be carried across the WAN to that required by just the retention and event rules. Log parsing, trap handling and polling can all occur at the Data Collection tier. In other words, heavy communication between boxes and Data Collection Server(s) can happen locally on the LAN where companies usually have plenty of bandwidth instead of across the WAN where bandwidth may be limited and/or expensive.

Hot Standby for True Disaster Recovery and Failover
The EM7 High Availability option takes advantage of the architecture design to provide cost-effective monitoring redundancy. Replicated databases can be positioned at two different geographic locations with all monitoring data kept in real-time synchronization for a hot standby solution in case of disaster or outages.

Collection of Data from Devices and Integration with 3rd Party Solutions
EM7 utilizes a combination of both passive and active methods for gathering data and event information from devices and existing third-party solutions - irregardless of vendor or operating system.
Passive Monitoring: EM7 can accept email, traps and syslogs
Active Monitoring: EM7 polls devices using:

- SNMP
- HTTP/S to retrieve XML-formatted data or to perform Web Content Verification
- SQL queries through the Dynamic Application engine
- SMTP for round-trip mail performance testing
- ICMP checks
- TCP Port checking

Web-Based Access and Notifications
Users access EM7 via HTTP/S in a Web-based console that can be customized based upon access level, function, geography, etc to show the devices, events, tickets and other EM7-collected information needed to help them perform their jobs. No client software is required. EM7 sends customized notifications for events and tickets via email and RSS feeds to desktops or handheld devices.

Agentless and Agent-based Monitoring
Most of the functionality provided by EM7, particularly that based upon SNMP monitoring, does not require agents to be installed. Some systems may have pre-installed agents, e.g., Dell OpenManage, IBM Director and HP/Compaq Insight Manager, that are used by EM7 Dynamic Applications to provide very granular monitoring. Customers may require WMI agents for advanced monitoring of MS SQL, MS Exchange, MS IIS and automated server stops and restarts.