CA UIM (Unified Infrastructure Mgmt)

Basic Information

Broadcom CA UIM (Unified Infrastructure Management), formerly known as CA Nimsoft Monitor, is a unified system monitoring and analytics platform. It provides comprehensive monitoring capabilities for physical and virtual servers, public and private cloud environments, storage platforms, databases, hyper-converged infrastructures, packaged applications, mainframes, and big data technologies.

• Model: Broadcom CA UIM (Unified Infrastructure Management)
• Latest Stable Version: DX UIM 20.4, 23.4. Version 20.3.3 has removed dependency on CA Business Intelligence (CABI) for rendering native Operator Console screens.
• Release Date: Specific release dates vary by version. For example, UIM 20.3 was released prior to October 1, 2020.
• Minimum Requirements: Varies significantly based on deployment size (small, medium, large) and components. Requires a 64-bit processor.
• Supported Operating Systems: Broadcom UIM supports various operating systems for its components (hubs, robots). Support for specific OS versions evolves; for instance, Windows Server 2008 and R2 reached end of platform support for UIM 20.3 on October 1, 2020. Older robot versions' end-of-life/end-of-support is generally determined by the underlying OS support.
• End of Support Date: End of Service (EOS) and End of Life (EOL) dates are published by Broadcom and vary by specific UIM version and component. For example, some UIM components had EOS/EOL dates in 2013-2015. Platform support for certain OS versions for UIM 9.0.2 was discontinued effective October 30, 2018. Windows Server 2008 and R2 platform support for UIM 20.3 was discontinued effective October 1, 2020.
• End of Life Date: See End of Support Date.
• Auto-update Expiration Date: Not explicitly specified as a general feature; updates are typically managed through patches and new releases.
• License Type: Commercial license, typically managed through Broadcom.
• Deployment Model: On-premises, SaaS, or hybrid environments.

Technical Requirements

Technical requirements for CA UIM are highly dependent on the deployment scale (small, medium, large) and the specific components installed (database, UIM server, UMP, CABI, hubs, robots).

• RAM:
  • Database Server: 16 GB (small), 16 GB (medium).
  • UIM Server: 16 GB (small), 32 GB (medium).
  • UMP (Unified Management Portal): 12 GB (small).
  • CABI (CA Business Intelligence): 12 GB (small). If CABI is deployed on the Operator Console, an additional 8 GB RAM is required.
  • General Hubs: 8 GB.
• Processor:
  • Minimum: 64-bit XEON-class, 2.0 GHz.
  • Database Server: 16 cores x 2.8 GHz (small), 24 cores x 2.8 GHz (medium).
  • UIM Server: 16 cores x 2.8 GHz (small), 24 cores x 2.8 GHz (medium).
  • UMP: 8 cores x 2.8 GHz (small).
  • CABI: 8 cores x 2.8 GHz (small). If CABI is deployed on the Operator Console, an additional 8 CPU cores are required.
  • General Hubs: 4 cores x 2.8 GHz.
• Storage:
  • Database Server: 100 GB (small), 500 GB (medium). Obtain at least 1 TB for the database, using RAID 10 for speed and reliability. SSD drives are recommended for high reporting needs.
  • UIM Server: 100 GB.
  • UMP: 50 GB.
  • CABI: 100 GB.
  • General Hubs: 50 GB.
  • Available disk space: 15 GB recommended on all systems, with the installer requiring 2.1 GB temporary space.
  • SSD storage for data is recommended, ranging from 2 TB to 12 TB depending on retention settings.
• Display: Not explicitly detailed, but typically requires standard monitor resolution for administrative consoles and dashboards.
• Ports:
  • Controller: Port 48000 (default), needs to be open bidirectionally between hub and robot.
  • Hub: Port 48002 (default), for robot-to-hub and manager-to-hub communications.
  • Tunnel Client: Port 48003 to access the tunnel server.
  • WASP probe: Port 80 for Admin Console and UIM web page.
  • Probes: Each probe on a robot needs one port after 48007 (e.g., 48008, 48009). A range like 48000-48050 is recommended.
  • Database (MS SQL): Port 1433.
  • Database (Oracle): Port 1521.
  • CA EEM server: Port 5250.
  • HTTPS configuration: Default port 8443 for Admin Console.
  • A range of ports (e.g., 48000 through 48020) should be open during installation.
• Operating System: Requires a CA UIM-supported operating system. The UIM Server, UMP server, and UIM database server must be set to the same time zone.

Analysis of Technical Requirements: CA UIM is an enterprise-grade solution with substantial hardware requirements, particularly for larger deployments. The architecture is distributed, necessitating careful planning for database, UIM server, and portal components, often across multiple physical or virtual servers for optimal performance. The emphasis on 64-bit processors and significant RAM and storage indicates its capacity to handle extensive monitoring data. Network port configuration is critical for inter-component communication and requires detailed firewall planning.

Support & Compatibility

• Latest Version: DX UIM 20.4, 23.4.
• OS Support: Supports various Windows, Linux, Solaris, AIX, and HPUX platforms for robots/controllers. Specific OS versions have defined end-of-platform support dates.
• End of Support Date: Varies by product version and component. Older robot versions' support is tied to the underlying OS support. Broadcom provides documentation for End of Service (Legacy) UIM Versions.
• Localization: Documentation and interfaces are available in multiple languages, including English, Japanese, Chinese, Portuguese (Brazil), and Spanish (Spain).
• Available Drivers: CA UIM uses probes to collect data, which act as specialized agents. It does not typically rely on traditional "drivers" in the same way hardware does, but rather on its extensive set of probes (over 140 pre-built probes) for various technologies.

Analysis of Overall Support & Compatibility Status: Broadcom actively maintains and updates CA UIM, with newer versions like DX UIM 20.4 and 23.4 being current. Support for older versions and specific operating systems is subject to Broadcom's lifecycle policies, with clear end-of-support announcements for platforms. The product offers good localization support. Instead of traditional drivers, CA UIM leverages a vast array of probes for monitoring diverse infrastructure components, ensuring broad compatibility with various technologies.

Security Status

• Security Features:
  • Account Management with user types, password policies, and ACL permissions.
  • HTTPS configuration for Admin Console and Operator Console.
  • SSL encrypted communication between UIM components, configurable for normal, compatibility, or SSL mode.
  • Support for SAML Single Sign-On and LDAP integration.
  • Ability to set up access to Operator Console using a DMZ.
  • Restriction of computer-level (IP) access to the CA UIM Database.
  • Secure Hub and Robot configurations, including manual upgrades to secure versions and secure transmission of certificates.
  • Firewall best practices and port reference for secure setups.
  • Recommendations for protecting privileged access, enforcing strong password policies, and using hub-to-hub tunnels with encryption (TLS 1.2 and X.509 certificates).
  • Running robots and monitoring probes under non-privileged users.
  • Auditing in UIM interfaces.
• Known Vulnerabilities:
  • CVE-2020-8010 (Improper ACL handling), CVE-2020-8011 (Null pointer dereference), CVE-2020-8012 (Buffer overflow) affecting UIM versions 20.1, 20.3.x, and 9.20 and below, with hotfixes available.
  • CVE-2020-28421 (Improper access control) allowing local privilege escalation, affecting UIM 20.1, 9.2.0, 9.1.0, 9.0.2, with hotfixes available.
  • Log4j2 vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) were addressed, with DX UIM 20.4 Operator Console (OC) replacing Log4j libraries with 2.17.1. DX UIM prior to 20.4 was vulnerable to CVE-2021-44228 and CVE-2021-45046.
• Blacklist Status: No general "blacklist status" applies to enterprise software. Security advisories and hotfixes are issued for identified vulnerabilities.
• Certifications: Specific security certifications (e.g., FIPS, ISO) are not explicitly detailed in the provided information, but FIPS encryption can be enabled.
• Encryption Support: Supports SSL encrypted communication between UIM components. FIPS encryption can be enabled, requiring Bus (Robot) version 7.80 or higher. Hub-to-hub tunnels support encryption with TLS 1.2 and X.509 certificates.
• Authentication Methods: Supports LDAP, SAML Single Sign-On, and internal account management with password policies.
• General Recommendations: Broadcom recommends implementing hotfixes for identified vulnerabilities, protecting privileged access, enforcing strong password policies, using hub-to-hub tunnels with encryption, and running robots under non-privileged users.

Analysis on the Overall Security Rating: Broadcom CA UIM incorporates a robust set of security features, including comprehensive access control, encryption for data in transit, and support for enterprise authentication methods. The vendor actively addresses known vulnerabilities by releasing security notices and hotfixes, as seen with the CVEs related to ACL handling, buffer overflows, and Log4j2. Best practices for secure deployment, such as firewall configuration, privileged access protection, and non-privileged user execution for robots, are also emphasized. The ability to enable FIPS encryption further enhances its security posture. Overall, CA UIM demonstrates a commitment to security, but like all complex enterprise software, requires diligent patching and adherence to security best practices for optimal protection.

Performance & Benchmarks

• Benchmark Scores: Specific public benchmark scores are not readily available in the provided information. Performance is generally discussed in terms of scalability and real-world metrics.
• Real-world Performance Metrics:
  • Scalability: Broadcom uses DX UIM internally to support large-scale, complex IT environments across hundreds of sites, handling over 40 business-critical SaaS solutions. It can scale to support 15.3 million messages per hour.
  • Monitoring Capacity: Capable of monitoring thousands of devices and robots, with sizing recommendations for small (<500 devices, <200 robots), medium (200-1000 robots), and large (>1000 robots) deployments.
  • Alarm Noise Reduction: Broadcom achieved a 97% reduction in alarm noise using DX UIM, leading to improved service levels and faster response.
  • Mean Time To Repair (MTTR): The solution aims to speed up MTTR through intelligent analytics and comprehensive coverage.
• Power Consumption: Not directly applicable for software; power consumption depends on the underlying hardware infrastructure where UIM is deployed.
• Carbon Footprint: Not directly applicable for software; depends on the energy efficiency of the hardware and data centers used for deployment.
• Comparison with Similar Assets: CA UIM is positioned as a unified, analytics-driven solution that provides comprehensive coverage across hybrid IT infrastructures, aiming to reduce reliance on multiple disjointed point tools. It offers automated discovery, configuration, and monitoring, differentiating it from solutions that may require more manual intervention or lack a unified view.

Analysis of the Overall Performance Status: Broadcom CA UIM is designed for high performance and scalability, capable of monitoring extensive and complex IT environments. Its ability to process millions of messages per hour and significantly reduce alarm noise demonstrates its efficiency in real-world scenarios. The architecture supports distributed deployments, allowing for optimized resource allocation and performance. While specific benchmark scores are not provided, the emphasis on intelligent analytics, proactive problem resolution, and unified monitoring suggests a strong performance focus aimed at improving operational efficiency and reducing MTTR.

User Reviews & Feedback

Summary of User Reviews and Feedback:

• Strengths:
  • Comprehensive Monitoring: Users frequently highlight its ability to proactively manage a wide range of infrastructure components, including network, servers, storage, databases, and applications, across on-premises, cloud, and hybrid environments.
  • Unified View and Dashboards: The platform provides a centralized control and a single pane of glass view of the entire infrastructure through customizable dashboards, aiding in quick troubleshooting and management.
  • Automation and Analytics: Features like automated discovery, configuration, deployment of monitoring, and advanced analytics (including contextual log analytics and predictive analytics) are highly valued for speeding up mean time to repair and improving efficiency.
  • Scalability: The solution is praised for its ability to scale and support large, complex IT environments.
  • Alerting and Reporting: Effective in generating alerts, providing trending reports, and offering robust SLA creation, monitoring, and reporting.
• Weaknesses:
  • Complexity: Some users may find the terminology and architecture complex, especially new users.
  • Resource Intensive: The system has significant hardware requirements, particularly for larger deployments, which can be a consideration for resource planning.
  • Vulnerability Management: While Broadcom releases fixes, the presence of known vulnerabilities (e.g., Log4j2, ACL issues) requires continuous attention to patching and updates.
  • Installation and Configuration: Initial setup and configuration can be involved, requiring careful planning and adherence to documentation.
• Recommended Use Cases:
  • Proactive management of diverse IT infrastructure, including network, server, storage, databases, and applications.
  • Monitoring complex, hybrid IT environments spanning on-premises and cloud resources.
  • Organizations seeking to consolidate monitoring tools into a single, unified platform.
  • Environments requiring advanced analytics, predictive insights, and automated monitoring configuration.
  • Businesses focused on improving service levels, reducing alarm noise, and accelerating troubleshooting.

Summary

Broadcom CA UIM (Unified Infrastructure Management) is a robust, enterprise-grade solution designed for comprehensive monitoring and management of diverse IT infrastructures. Its key strengths lie in its ability to provide a unified view across physical, virtual, cloud, and hybrid environments, supported by a vast array of specialized probes. The platform excels in automated discovery, configuration, and deployment, coupled with intelligent analytics that facilitate proactive problem resolution and a significant reduction in alarm noise. This leads to improved service levels and faster mean time to repair. CA UIM offers extensive security features, including robust access control, encryption, and support for enterprise authentication methods, with Broadcom actively addressing vulnerabilities through patches and advisories.

However, the asset's complexity and substantial hardware requirements for larger deployments can be a weakness, necessitating careful planning and resource allocation. While powerful, new users may face a learning curve due to its extensive features and terminology. Continuous vigilance in applying security updates and adhering to best practices is crucial to maintain its security posture.

Overall, CA UIM is highly recommended for enterprises seeking a scalable, integrated, and intelligent solution to manage complex, heterogeneous IT environments, particularly those aiming to consolidate monitoring efforts and enhance operational efficiency through automation and advanced analytics. Its capabilities make it well-suited for organizations prioritizing comprehensive visibility, proactive issue detection, and optimized service delivery.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.