I think of My Big Fat Greek wedding to ‘Compare SolarWinds and SCOM’. The wedding reception, where the father says the root of his daughter, and son-in-law’s last names, are from the greek word for Orange, and Apple. “so in the end, we’re all fruits” We are the same but different, where diversity and inclusion is key. Everyone’s got a voice. Contribute, don’t consume 🙂
First, I’ve been lucky to administer both tools for Fortune 100 companies (and more tools). Second, I hope this blog provides some clarification of the strengths, weaknesses, and costs associated with both tools. Here’s hoping wordpress readers identify with my background – saving money, cutting coupons, looking for on-sale, buy one get one deals. Thirdly, while everyone’s past experiences may not be the same, cost is still a big factor. Lastly, proprietary tools, Security, and other requirements can make or break an implementation.
Here’s a link to a PPT built to ‘Compare SolarWinds and SCOM’ feature wise, that goes along with ‘My Big Fat Greek Wedding’ and the fruit. PPT title ‘better together’, is loaded with links and breaking out key capabilities.
Some items NOT covered in the PPT comparison
Example context – SAW/PAW/Red Forest
Both tools can store credentials within the application, obfuscated.
SCOM allows gMSA’s (managed service accounts) for key services including run as accounts. View the Monitoring Guys blog plug here for CJ, Scott, and Tyson’s contributions 😛
COST
Monitors Windows, Non-Windows, Microsoft products
Community of custom application monitoring
Add unlimited VMAN, DPA, SCM, VNQM adds $256K
Migrate functionality to site license ($48K > $344K)
SCOM small enterprise example
Windows Server, SQL licenses (no cost given)
No license limitation for products/features used, community built solutions
Monitors Windows, Non-Windows, Microsoft products
Large community of custom application monitoring
No yearly support costs (included with Microsoft support agreement)
SQL Enterprise licenses is same, where SW HA/High availability is the SolarWinds cost, not compute licenses for Windows Server, SQL
ESX monitoring via NiCE VMWare 3rd party pay pack is $10K/year
OpsLogix Teams integration helps with NOC/NOSC/SOC integration
Including NiCE Oracle monitoring $10k/year
I’ll leave the cost comparisons to you.
Securing the Applications and web consoles
SolarWinds (SW)
Secure SW website search, Smart Cards post, 2FA/MFA/RSA post
NPM (now N-Able RMM – Remote Management & Monitoring)
NCM Thwack forum
SCOM web console
Did you know – gMSA’s (managed service accounts) can be used with SCOM, Windows, AD, etc? Monitoring Guys blog plug here for CJ, Scott, and Tyson 😛
Configuring AD Delegation, Smart cards and SSL certs (Client Certificate Mapping Authentication, IIS configuration, FIPS
Knowledge sources: Learn.Microsoft.Com, TechNet, blogs, STIG Library and more
Vulnerability mitigation
SCOM vulnerability mitigations Blog vuln search, SCOM STIGs plus IIS, Windows Server, SQL, WebServer ALL apply
Solarwinds vulnerability – Trust Center – CVE2023-23836, CVE2021-35211, CVE-2023-33231, all from searches.
NO DISA STIG for SolarWinds, so IIS, Windows Server, SQL, WebServer ALL apply
NOTE: I’ve NOT supported SolarWinds recently to see Security scans for other vulnerabilities and STIG settings (Windows Server, SQL, IIS, Network blog. STIG dashboard ‘how to’
Licensing
Licensing is a big differentiator cost wise
SolarWinds needs an EA for Windows Server, SQL licenses.
SCOM has been part of the EA (Enterprise agreement) for at least 15+ years (since SCOM2007, if not MOM2005). Windows Server license (now CPU based), SQL license, however NOT enterprise comes standard. One reason the System Center suite is successful might be this built-in licensing, as well as the feature depth and cost the tools provide.
Hardware requirements
In my experience interacting with customers, SolarWinds support recommends hardware configuration well above vendor recommendations. Support recommendations requesting high compute to provide memory level SQL speed and responsive web console. However, the compute is basically ESX host level compute in the realm of 128GB of memory per server, in High Availability (HA), meaning x4 – 2 servers for 2 sites.
Monitoring tools are rarely Tier1 Applications with respective Service Level Availability (SLA). Expectation alone presents a disparity, and false impression. People just see a tool and base on personal experience.
Is it really surprising if one is faster than the other?