Neither of both:
My architecture is functionally oriented and doesn’t really match either of the two models very well, though it seems to fit the ITIL model better. I structured the architecture as shown in the picture because each bubble matches the functionality provided by a single product. The FCAPS model, while conceptually clean, doesn’t match how products are used in the real world. What it does match are the outputs you’d like to see. For example, a security alert should be generated from any of several sources, such as an insecure configuration, an event that indicates a violation, network traffic flows (DoS attack), or an insecure topology. I can’t buy one tool that does all of this in one product. Even the big framework providers have to deliver multiple tools to provide the full breadth of security monitoring that is generally desired.
I really like this picture, which gives a very good overview of the landscape of Network Management Systems and how these tools interact with each other. I totally agree that both ITIL and FCAPS do not really fit, the reason is that both are about processes, not systems.