Updated on March 3, 2017 by UpGuard
For today’s busy sysadmin, systems health and performance monitoring tools like Microsoft’s SCOM (Systems Center Operations Manager) and the open-source Nagios are invaluable. They enable at-a-glance monitoring of large numbers of servers throughout a network, which is doubly critical in case of a widely geographically dispersed network setup such as in a WAN or MAN. Though they broadly achieve the same goals, SCOM and Nagios come at it from quite different directions.
SCOM is a near real-time server and data-center monitoring tool from Microsoft targeted at monitoring servers and enterprise infrastructure, services, and applications like Exchange and SQL. Not to be confused with SCCM (Systems Center Configuration Manager), which is a management tool meant for use with Windows-only client nodes. SCCM works by deploying agents to perform remote management tasks such as automated software installation and updates of Windows components, as well as other non-Windows services and apps. Like SCOM, SCCM also utilizes agents and can technically be used for some rudimentary monitoring; though this isn’t really its intended use.
SCOM is a cross-platform tool; it works on Windows, MacOS, and Unix-based operating systems, including Linux. It can be used to monitor both operating systems and hypervisors by retrieving and displaying state, health and performance information of these machines. From Wikipedia:
“The SCOM agent watches several sources on that computer, including the Windows Event Log, for specific events or alerts generated by the applications executing on the monitored computer. Upon alert occurrence and detection, the agent forwards the alert to a central SCOM server. This SCOM server application maintains a database that includes a history of alerts. The SCOM server applies filtering rules to alerts as they arrive; a rule can trigger some notification to a human, such as an e-mail or a pager message, generate a network support ticket, or trigger some other workflow intended to correct the cause of the alert in an appropriate manner.”
SCOM also supports agentless monitoring, although this is of course not as functional as agent-based monitoring.
From the 2007 version of SCOM onwards, Microsoft includes the Powershell CLI for added functionality. By default, SCOM only monitors the basic OS activities mentioned above. But by incorporating the use of Management Packs (MP’s), SCOM’s monitoring functionality can be extended to both Microsoft services (eg Active Directory, SQL Server, Exchange, print servers, Hyper-V) and also non-Microsoft services and apps (eg Oracle DB, Cisco routers, VMWare, EMC, Symantec clusters, etc). An SCOM MP exists for almost every widely-used application out there, so they are simply too numerous to list. See a more comprehensive unofficial list here and the official Microsoft list here.
SCOM’s huge advantage is the wide availability of MP’s and the fact that it’s a Microsoft product. This means that it integrates seamlessly into a Windows environment, and also that Microsoft MP’s such as Exchange, SQL Server work flawlessly on SCOM, given that they are developed and updated by teams working closely with the SCOM developers. SCOM’s main drawback, like so many other Microsoft enterprise tools, is its pricing. Actually, ‘pricing’ encompasses two separate issues – the high price and the convoluted, hard-to-understand nature of the pricing. First of all, SCOM is only available as part of the System Center suite. Then there are different prices for existing vs. new customers. After that you require the System Center management license, and that comes in different versions (price range $1323 - $3607). Then after that you also need client licenses for all the servers you intend to monitor on SCOM - these range in price from $62 to $121. And you also require a SQL Server database to store all this data, so there is an additional cost if you don’t already have SQL Server. But you can get a discount on this cost if you will only use that SQL Server to host System Center databases, not databases for other apps… Let’s just stop there – it’s pretty clear that Microsoft pricing is a nightmare to try and make sense of.
Nagios is a free, open-source monitoring tool. It was originally designed for the Linux environment, but it also runs on Windows using necessary free plugins or extensions such as Check_MK, NSClient++ or commercial ones such as Nagwin.
The Nagios Core is a somewhat bare-bones tool right out of the box. It does not even have a dashboard and a nice GUI, which really should be mandatory for a monitoring tool. However, this is happily remedied by use of add-ons and plugins which greatly extend the base tool’s functionality. A list of these can be obtained here and these cover a wide array of services – databases, operating systems, network equipment and so on. There’s also a commercial version which includes all these nice add-ons. The latest commercial version is called Nagios XI, and it costs from $1,995 for a 100-node Standard edition license to $6,495 for an unlimited-node Enterprise edition. These are one-off costs, and the Enterprise editions also require either a Maintenance + Support or a Maintenance-only contract. Full details here.
One of Nagios’ main drawbacks is the high level technical expertise required to keep it up and running. Its reliance of manual configurations results in a steep learning curve for admins. Other issues are issues with scaling to very large setups, and Nagios Core’s difficulty with auto-discovery of entire network topologies, not just the servers but also virtualization, storage and network devices. See more here. Nevertheless, despite these issues, Nagios is still the de facto leader in open-source monitoring tools.
A choice between SCOM and Nagios will be determined by your needs and the characteristics of your environment. If you have a mostly-Windows setup or do a lot of Windows development then SCOM may be a better fit for you. If instead you have a smaller *nix setup where cost is a major issue, then perhaps Nagios is a better fit, although it also calls for a much higher level of technical expertise and configuration before the tool starts working for you.
That said, SCOM will happily also monitor non-Windows environments. And Nagios will also work on Windows with plugins, and you can also get a commercial version if you aren’t that technically inclined or wish to avoid the steep learning curve. Also see the table below for a summarized comparison.
Windows, Unix, Linix
Windows, Unix, Linux, Mac OS
*Must be hosted on Windows
Server: $1,995 - $6,495
Server: $1323 - $3607
Client: $62 - $121 per node
|Main features lacking in the other||
Fault Management & Correction
Excellent Windows integration
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.