Business Process Management (BPM ) Best Practices
Making Peace in a Virtual World
By Kia Behnia, Chief Corporate Architect, CTO Office, BMC Software
In many IT organizations, two camps have formed. The agility advocates want
to unleash the power of virtualization technology, giving it free rein to flex
the IT infrastructure for maximum agility. The control advocates want to rein
in virtualization technology through control processes. They fear that lack
of control opens the door to problems.
The two camps are in conflict. Agility advocates view control advocates as
placing unnecessary restrictions on agility. Control advocates look at agility
advocates as exposing the organization to unnecessary risk.
Both camps have valid concerns. Too much control hampers agility. Too much
agility exposes the organization to risk. Striking the right balance is a difficult
Based on our experience working with many IT professionals who are tackling
this challenge, we have come up with seven principles for a service management
strategy in the virtualized world. By applying these principles you can find
the optimum balance between control and agility. In so doing, you can bring
about a peaceful solution that brings the two groups together. As a result,
you can tap the unprecedented agility offered by virtualization, without exposing
your organization to risk.
1. Embrace all types of change.
Changes occur through manual and automatic activities. Some changes are
planned; some are not. Some are authorized; some are not.
- Planned changes are anticipated and scheduled in advance. The manual provisioning
of a new physical server and an update to a server operating system are good
- Unplanned changes may be anticipated, but they are not scheduled ahead of
time. A manual fix to restore a failed server and automatic failover are examples
of unplanned changes.
- Authorized changes have all the proper approvals in place. Moreover, if
they are manual changes, they are performed by a person authorized to make
- Unauthorized changes don't have proper approvals, or they are performed
by someone who isn't authorized to make the change.
An effective service management approach accommodates all four combinations:
unplanned/unauthorized, unplanned/authorized, planned/unauthorized, and planned/authorized.
2. Use only best-practice processes
IT Infrastructure Library (ITIL) guidelines outline best-practice change and
configuration management processes. Control Objectives for Information and related
Technology (COBIT) offers proven IT governance practices. Frameworks such as
these, however, don't provide specifics on applying the practices to virtualization.
According to independent research firm IDC, "in companies adopting ITIL
or other best practice frameworks, incorporating the virtual infrastructure
into the process workflows will be crucial." By optimizing process workflows
for the virtual environment, IT creates a single, integrated set of processes
and controls to handle all changes, whether they are to physical or virtual
That doesn't mean applying the same processes in the same way to every change.
It means optimizing the processes for the type of change. For example, the level
of control, auditing, and reporting required to add and provision a physical
server differs substantially from that required for the automatic movement of
a virtual server from one physical host to another.
By intelligently applying exactly the right level of control, auditing, and
reporting to each change, IT can strike the optimum balance between control
and agility, allowing the enterprise to exploit the agility offered by virtualization
while minimizing risk.
3. Manage by exception.
To manage virtual environments effectively, IT needs to take a lesson from
event management. Thousands of events occur in the IT infrastructure and it's
impossible for the IT staff to intervene in every one. So, instead of flooding
the operations console with alerts, well-architected event management systems
manage by exception, presenting the IT staff with only those events that require
As in event management, it is physically impossible -- and it's also unnecessary
-- for the IT staff to get involved in every change in the virtualized environment.
Many changes occur automatically based on pre-approved policies. The IT staff
need focus on only the changes that require attention -- that is, the exceptions.
4. Maintain near-real-time visibility of the IT landscape.
Change happens quickly in virtualized environments. To work effectively,
the IT staff must have a comprehensive, accurate, and current view of the IT
infrastructure that reflects changes in near real time. This includes changes
to virtual as well as physical resources.
Change information should be maintained in a configuration management database
(CMDB) that shows the physical and logical relationships of all resources, and
the services they support. For example, the CMDB should contain information
on which virtual machines are supporting which applications and services, and
which virtual machines are currently running on which physical host servers.
The CMDB also maintains information on all planned changes and keeps a historical
record of all changes made to each resource.
This comprehensive and near-real-time view enables the IT staff to determine
the impact of a change on the overall IT infrastructure and on business service
delivery. The record of all previous changes enables the staff to relate problems
to recent changes, speeding problem resolution.
5. Automate and integrate wherever possible.
Automation enables IT to maintain control without hampering agility. It leverages
solutions that automate change processes in the physical environment and optimizes
these solutions for the virtualized environment. It also integrates the processes,
out-of-the-box, with virtualization software control points for virtual machines.
Integration extends the sphere of control of the change management solutions
to include changes made through the virtualization software -- whether these
changes are performed automatically or done manually by the administrator. The
result is a single change and configuration management system that encompasses
all changes. As a result, the IT staff works with a single set of processes
and supporting solutions, simplifying management and reducing training requirements.
6. Keep virtual server proliferation in check.
To control server sprawl in the physical environment, many IT organizations
have established processes that govern the change and configuration of physical
servers. Simply applying these processes to the virtual environment, however,
is not the answer to preventing virtual server sprawl. IT must optimize these
processes to govern the change and configuration of virtual machines. This ensures
that all changes to both physical and virtual machines are performed with the
right level of knowledge and control to eliminate both physical and virtual
7. Embrace heterogeneity.
Heterogeneity is a fact of life in today's data centers and will remain so
well into the future. The typical data center includes physical servers that
are hosting virtual machines and those that are not. It also includes disparate
operating platforms, such as Windows, Linux, and UNIX servers, as well as mainframes.
An effective service management approach accommodates this heterogeneity.
Peace at last
By applying these principles, you can bring the agility and control advocates
together, bringing peace to the virtualized world. The benefits are well worth
the effort. You'll contain the proliferation of virtual machines, preventing
virtual server sprawl. You'll exert just the right level of control, auditing,
and reporting to every change, ensuring that IT maintains continual compliance
with corporate policies and government regulations -- all without limiting agility.
The optimum balance between control and agility enables IT to continually improve
service. What's more, it reduces costs. IDC estimates that deploying ITIL-based
process improvements for a virtual infrastructure translates into an average
annual cost savings of $100,000 to $200,000.
In the end, IT moves faster and with greater flexibility without increasing
risk. Everyone benefits. IT reduces costs and aligns more closely with the business,
contributing greater business value. Business users gain the competitive edge
of an agile and stable IT infrastructure that delivers the services they need,
when and where they need them.
About the Author
Kia Behnia, chief corporate architect in the CTO Office at BMC Software, is responsible for leading the design of BMC Atrium, the industry-leading, service-enabling architecture for Business Service Management. He was previously CTO for the change and configuration products at BMC, and CTO for Marimba, Inc., which was acquired by BMC. Prior to joining Marimba, he served as a senior member of the technical team for Tivoli Systems, Inc. Behnia has more than 15 years of experience in the management of distributed systems and databases.More by Kia Behnia