Feeds

A sysadmin always comes prepared: Grasp those essential tools

Help us scope the perfect IT admin's toolkit

Application security programs and practises

Desired state management

This category covers everything from the aged Group Policy Objects to patch management through to state enforcement technologies such as Puppet. Desired state management apps are simple in concept but miserable to design.

There are three elements to all desired state management tools: detection of current state; remediation (if current state does not equal desired state); and freaking out if remediation fails.

Desired state management tools are most popularly associated with the DevOps and automation movements but they have been around for decades in one form or another.

The number of widgets IT departments have to care for is exploding

Once optional, they are now vitally required tools for the simple reason that the number of widgets IT departments have to care for is exploding. Even the smallest of businesses cannot mollycoddle each and every device.

Of the desired state management tools, patch management is probably the most widely deployed. Virtually everyone has Windows Server Update Services (WSUS) but WSUS doesn't make sure Java is up to date, nor keep Flash under control.

Windows is not the point of vulnerability it once was; it is the third party apps – on Linux and Apple as well as Windows – that are often the problem. This means you need to have patch management that can cover more than WSUS alone can handle.

Asset management

Asset management applications have reached must-have status. Today's world consists not merely of PCs and switches but of smartphones, NFC readers and cloud services.

IT departments have to track hardware, software and service subscriptions. They need to know who has what and why, and whether the ongoing expenses are still justified.

More critically, asset management tools are increasingly vital to planning backups and various tiers of network design, and detecting clandestine IT deployments.

Anything that isn't in the system is a potential security threat, and with the Internet of Things that is only going to get worse.

Backups and disaster recovery

Not so long ago I had a conversation with Jamie Brenzel, CEO of Canadian cloud backup provider KineticD. I heard the spiel on what the company does and noted that by and large its offerings were pretty bare.

Backup is a crowded space and I wondered how it managed to survive the technological arms race.

Brenzel's answer was simple, if shatteringly depressing: an alarming number of businesses simply don't have backups of any kind. KineticD is not competing against other backup vendors, it is competing against "nothing at all."

It should go without saying that if you have no other tools to hand you at least have working backups. Sadly and incomprehensibly, this is not universally the case.

Proper disaster recovery planning is even rarer. Despite this, our businesses increasingly depend upon complex automated IT to function.

We manage to stay competitive only because we have replaced expensive, salaried people with cheaper (in theory) machines.

Retraining people is a huge pain and productivity drain, but rebuilding data and redesigning automation causes similar grief.

Diagnostics

Just as perimeter defences aren't enough for any business, all of the other categories discussed here combined will not prevent all failures. Eventually, something somewhere is going to go mad and you will need the tools to figure out what has gone wrong.

Basic tools such as ping are so common as to be known even to much of the non-IT populace. Others like packet sniffers are useful for finding out which widget is chanting bing tiddle tiddle bong instead of doing its job.

For every potential error there are a dozen individual tools – I can mention at least eight packet sniffers off the top of my head – but as the number of basic elements sysadmins have to diagnose continues to increase, tool suites are becoming increasingly common.

These suites range from specially designed Linux Live CDs to quasi-legal DVDs of commercial software such as Hirens and installable omnitools such as LanGuard all the way to cloudy subscription diagnostics-as-a-service offerings.

As-a-service management

This emerging category can range from outage notification to root-cause identification. The real purpose of these tools is blame assignation.

A cloud provider doesn't have a neck to wring, so when something goes pear shaped the first neck to reach for is that of the nearest sysadmin.

Tools are emerging to fill this niche. First to mind is startup Thousand Eyes, which does a good job of telling you whether the problem is yours, the service provider's or that of one of the ISPs between you.

Developing orthogonal paths to problem resolution (read finding out who to send the bottle of Scotch to) is also a critical tool in the as-a-service era.

Have your say

What started all of this for me was an introduction to GFI Cloud. This is a tool that offers many of the above must-have features with an ultra-simple interface.

GFI Cloud is quite a bit different from the company’s on-premises offerings and it got me thinking about the evolution of the systems administrator’s professional toolkit.

The categories outlined above are pretty broad but I think they cover the critical areas. Which tools do you feel are best in each category? Which vendors do you feel have proved themselves? More importantly, who makes tools that cover multiple categories in a single offering?

If I have missed a category, please mention it along with the tools you feel solve the problems listed. Let us know what your biggest sysadmin headaches are and your favourite tools to fix them.

Win a prize

We have prizes up for grabs. The first 30 people to sign up for a GFI Cloud free trial and add two or more devices to the console get a limited edition T-shirt from The Register.

All signs ups that add two or more devices before this competition ends will be entered into a draw to win a 10-user licence of GFI Cloud’s AntiMalware Pack.

Find the full competition T&Cs here. ®

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.