The IT monitoring market: suites and business models

Thomas Timmermann -

July 20, 2023

IT monitoring presents most administrators with quite a dilemma: you need to invest a lot of money and time in something that, in the best-case scenario, will never be needed. On the other hand, you can’t do without monitoring.

If a company is dependent on its IT – which affects practically every company today –- the availability and performance of the IT, that is, the infrastructure and the network, must be constantly monitored. This is the only way to intervene immediately in the event of disruptions before they cause serious damage. And they will do if they are not detected, localized, and remedied in good time.  

This somewhat divergent relationship with monitoring means that many people in charge have surprisingly little experience with monitoring. Usually, some monitoring tool has been in use for years, every now and then an update is done, a few new devices are integrated into the monitoring setup, and that’s it. Surprisingly often, there is no central monitoring solution at all, and systems are only monitored with on-board tools. Only when massive failures and damage occur due to an unrecognized malfunction does the topic of monitoring move to the top of the agenda. A frantic evaluation of the monitoring market begins, at the end of which there is often a price that massively exceeds the actual budget. 

This article provides clarity and prevents unpleasant surprises by describing the monitoring market, explaining licensing models, pointing out price traps, and giving concrete tips for the successful evaluation of a (new) monitoring solution. 

The IT monitoring market 

Essentially, two types of monitoring tools are required for the day-to-day operation of a traditional IT environment: IT infrastructure monitoring tools (ITIM) and network performance monitoring and diagnostics tools (NPMD). Application performance monitoring (APM) tools also appear as a category but are primarily aimed at DevOps rather than ITOps or administrators, so we’ll leave those out of consideration here. Let’s look at the range of solutions for ITIM and NPMD. Here we find three different concepts:  

Solutions for specialists

Such tools provide in-depth analyses of specialized areas, as required by experts. Typical examples are, for example, NPMD tools that use flow protocols or packet sniffing to examine the data traffic in the network. Depending on their focus, they analyze security aspects, user experience and application performance, or the overall performance of the network. These tools are usually relatively expensive and require experts to use them successfully. In return, they provide a tremendous depth of data and can be valuable in determining the root cause of problems. 

Plixer, Flowmon, or Wireshark are examples in the NPMD area; in the infrastructure area, there are numerous native solutions from manufacturers such as VMware or IBM that offer deep insights into their own systems – but only into these. 

Broad solutions for all-rounders

Such broad solutions pay special attention to easy implementation and operation. They monitor the entire infrastructure or network with all its components, including superficial traffic measurement, always focusing on a broad overview rather than deep analysis. These tools provide the foundation for the day-to-day operation of an IT environment; they are the multi-tool of the admin or a helpdesk team and run on the overview screen in the NOC. Ideally, they can be combined with specialist solutions: the broad solution takes care of the initial alerting and shows correlations to other areas, while the specialized solution enables more in-depth root cause analysis. 

Solarwind‘s Network Performance Monitor or ManageEngine OpManager are examples of broad NPMD solutions, while Checkmk or Nagios offer a comprehensive feature set in the infrastructure area. Paessler PRTG offers an even broader feature set in one software by including both infrastructure and network. 

Suites for specialists and all-rounders

Examples of broad suites include Solarwinds and ManageEngine. Some vendors offer comprehensive suites consisting of a wide variety of tools, modules, and add-ons that provide both a broad overview and give specialists on the team the analyses they need. In most cases, these are bought-in solutions that are not really integrated with each other but merely displayed on a higher-level dashboard. Alternatively, some vendors of broad-based solutions offer interfaces to incorporate specialized tools and operate partner networks to support their customers with appropriate integrations. 

Tips for the evaluation 

First of all, make sure that you know what you need. An accurate inventory is elementary.  

  • Do you need to monitor your infrastructure, network, or both? 
  • Is the focus on quick alerting in the event of an issue or do you need in-depth analyses for finding the root cause and for long-term optimization? 
  • Do you only need a selective extension of an existing monitoring setup, should existing monitoring tools be integrated into a new, higher-level monitoring scenario, or do you want to implement a completely new, homogeneous overall concept? 
  • Are you looking for a solution for a few experts or do you want many employees to access the solution who are perhaps not so well trained? 


We have determined our needs and identified possible solutions. Before we embark on a detailed technical evaluation, we should take a look at licensing. Otherwise, we may spend a lot of time and effort identifying a solution as technically suitable, only to discover in the end that the price of the required licenses is completely beyond the available scope. The type of licensing does not make software cheap or expensive, but it can provide transparency or disguise the actual price. Some tools are licensed by the number of users, others by the number of monitoring servers, monitored devices, or aspects monitored on devices. There are subscription models that are billed monthly or annually and models that combine a one-time license purchase with ongoing maintenance costs. The subscription model incurs higher ongoing costs but avoids costly initial investment in the license (OpEx instead of CapEx). In some companies, this can facilitate the release. Solutions that are only available as a purchase option, on the other hand, keep follow-up costs manageable. 

With regards to licensing, you should pay particular attention to the scope of functions. Essentially, we can distinguish between three models here: 

  1. The building block 
    Manufacturers of the above-mentioned suites in particular use a modular approach: virtually every function is available individually as an application, add-on, or module. You can put together the exact solution you need and only pay for what you really need. That’s the theory. In practice, however, such building blocks are often characterized by their lack of transparency. Different licensing models for the individual applications and modules and unclear functional descriptions make it difficult to determine the exact costs of the required solution without an expert. Often, there are massive follow-up costs when daily use reveals functional gaps in the solution already purchased, which then makes costly extensions necessary. Usually, however, the investment is already so high by then that one bites the bullet and accepts the additional costs instead of writing off invested work and money and evaluating a different solution.  
  1. Editions 
    There are different editions – usually two or three – that offer a different range of functions each. Here, you only pay for what you need, provided that an edition exactly meets your actual needs. Otherwise, it can be quite annoying – because expensive – if you must switch to a larger, more expensive edition just for extended reporting or for a feature that is only needed for a small area. 
  1. “All inclusive” 
    Each license includes the full range of functions without the need for any modules or add-ons. The advantages are obvious: maximum transparency, that is, no unpleasant surprises because you overlooked that some features still require a paid add-on or an expensive “Enterprise Edition”. On the other hand, you pay for the full range of functions, even if you only need a fraction of them.