Network visibility has increasingly become an important factor in achieving profitability and operational efficiency. When an operational parameter lies outside of a prescribed threshold or range, an alarm is issued to provide notice of this event. The event could be the result of hardware failures, software failures, poor performance, network instability, improper configuration, resource shortages, etc. As networks continue to grow and mature, operations support personnel must be able to quickly and more accurately respond to such network failures and other events. Being able to timely respond to the event is fundamental to effective event processing.
Typically, events are reported to one or more databases that collect, filter, and process the information for review and resolution by operations support personnel. For widely distributed networks, the quantity of databases collecting and processing events increases proportionally with the breadth and depth of the network, and as a result, greater emphasis must be placed on being able to accurately consolidate and present the event information. In a multi-tiered environment, a supervisory information management system at a higher tier can be deployed to consolidate information that has been collected at a lower tier of database.
A challenge facing event management systems involves security management. A critical objective of security management is to preserve the accuracy and integrity of the collected event information, especially in government networks, to thereby make the information useful for forensic purposes. To that end, it is important to be able to control access to network resources, prevent sabotage, secure sensitive information, and detect unauthorized changes and corruption of stored information. Concerns surrounding the preservation of data integrity and data accuracy are magnified within widely distributed and/or multi-tiered environments, where it is significantly difficult to maintain the security and integrity of information as multiple instances of the information flows throughout the environment.
Therefore, a need exists for improved solutions that can collect and secure event information in a widely distributed network, and facilitate more timely resolution of network faults.