Steve Broadhead, director of Broadband-Testing Labs, evaluates
two products that offer a simple way of monitoring networks and are
easy to implement.
At Broadband-Testing we have witnessed many examples of users
"paying lip service" when it comes to network management software.
Companies often spend millions of pounds and then never fully
complete the software deployment, or they deploy it but never
really use it.
Worse still, a bad deployment of network management software can be
damaging to the network. In one example, a well-known entertainment
company was found to be taking up 72% of its network capacity with
network management software traffic alone. SNMP - the de facto
network management software protocol - can be a real network killer
if mishandled.
It is clear there is still a need for network management. However,
a simplified approach gives the IT department just the information
of real value, does not hog the network and does not cost millions
of pounds to buy and even more to deploy.
This is the thinking behind the second wave of UK-based, network
management product developers. Forget the "network management
software" concept - this is about simple tools that do a specific
and valuable job and do it properly. Moreover, virtually any user
is capable of understanding and using these tools, not just
specialist consultants. Network management is now an open code, not
a closed, or even closet, technology.
This points to a genuine revolution in the way networks are being
managed from top to bottom through new approaches, specific tools
and with return on investment a key factor.
Deltalert Server
Deltalert is a network management tool that sets out to do one
specific job - identify the state of change on a network and ensure
that minor problems do not escalate into major ones, so the data
remains manageable.
Deltalert is web services-based, so is designed to be controlled
across the internet, even across very low bandwidth links, such as
GSM/GPRS.
It consists of three separate modules - the server, the SNMP module
and the Telnet Tracker, all of which run on a standard Microsoft
Windows PC. The server focuses on the network as a whole, whereas
the SNMP module raises change messages when an interface changes on
an SNMP interface. The interface throughputs can be monitored and
any deviations from a preset profile will raise a message.
The Telnet Tracker connects to a switch/router via a Telnet
connection, checks for changes in configurations and lets you
compare old with new, side by side.
Deltalert Server presents you with a single screen, where the first
thing you do is run a discovery.
The discovery options allow you to enter an IP address range. You
can also set which TCP ports to search for on the devices to be
discovered. By default, Deltalert checks for ports 21,23, 80 and
443, but you can add others manually. It also searches for SNMP
support using default community strings, public and default, and
these can be added to.
The discovery process consists of four sweeps - first for IP
addresses, then for DNS information, then for TCP port information,
and finally for SNMP data. Once all data for a discovered node has
been accumulated, it is automatically stored in the database.
Thereafter, any change discovered by Deltalert is reported.
As network nodes are discovered, a list is developed on the
left-hand side of the screen - like Microsoft Explorer - which can
be viewed by IP address, DNS information or name. By default, these
fall into a single group but can be moved into new groups by
dragging and dropping. A right-click on any node pops up a window
showing node details, ping details and ping response.
Colour coding is used extensively to define the state of any
element within Deltalert, such as a discovery in progress or if the
network nodes have discovered a failed ping response, for example.
This makes it easy to quickly spot any problem areas.
As data is accumulated you can filter it accordingly. Under "data
db" - the central database where all Deltalert information is
stored - you can search for database entries by general or specific
filters. You can search for a particular IP address, or in relation
to a specific time and date - called the epicentre. Searches can be
within a particular timescale, such as plus or minus 30 minutes of
that epicentre.
This is a logical and human way of resolving problems, based on
when that problem occurred, rather than starting with the technical
breakdown and working backwards, as is more traditional.
At a starting price of just £99, anyone looking for a quick and
simple means of tracking changes on their network, wherever they
are - even with a product such as Hewlett-Packard's Openview
already in place - should consider Deltalert. A 30-day
demonstration version is downloadable and only takes five minutes
to get up and running.
Mutiny Toshiba Network Monitor
Network monitoring is often considered to be a specialist
application for specialist people. However, with Toshiba Network
Monitor (TNM), Mutiny is breaking the old rules. Mutiny's TNM is
all about simplicity and cost-saving. That is, saving the "hidden"
costs of a classic network software deployment, such as training,
timescales, day-to-day management and maintenance.
It comes as a network appliance which you attach to the network and
switch on. "Plug 'n' forget" technology is how chief executive John
Earley has described it. Nor is there reason to set aside a
substantial amount of time for the deployment; just a few
hours.
The appliance-based approach to management provision makes sense.
The first advantage comes with ease of installation. Anyone who has
wrestled with a complex software installation will require little
persuasion as to the benefits of a system that arrives
pre-installed. Appliance suppliers have said that users could
justify the investment in a boxed product just by analysing the
costs of getting the software installed and operational.
The TNM is designed to provide network monitoring and alerting
facilities for SNMP-based devices from PCs to high-end routers,
mid-range systems such as IBM AS400 and beyond, and consists of a
neat, small footprint Toshiba SG-20 server appliance with Red Hat
Linux and Mutiny software pre-installed. It has integrated
connectivity for Lan and Wan, the latter used to send pager and
SMS-based alerts.
The first task for the Mutiny appliance is to automatically poll
the configured IP address ranges and build a database and map of
the discovered devices. Specific icons are auto-assigned to
particular device types, so from a visual perspective, an untrained
computer user can easily recognise what is being shown.
What information is retrieved thereafter by the system is dependent
on what the SNMP service at each device is collecting. For example,
this might include processor, memory and disc utilisation as well
as system processes. The TNM system is particularly suited to
monitoring application servers such as Microsoft Exchange, SQL
Server and IIS via optional remote agents. Each agent supports a
wide range of metrics, all of which are configurable.
Alerts are raised once pre-configured warning and critical
thresholds have been exceeded. For ongoing monitoring, Mutiny's TNS
uses a simple concept based around four specific icons to show
device status.
Any unknown devices are assigned a blue circle, while a yellow
rotating icon gives a triggered-warning and a red pulse identifies
a critical system problem. The classic green "all clear" icon
completes the picture.
Rather than simply offering a basic alert procedure, as is often
the case, Mutiny has built in a tiered support contact database,
consisting of primary, secondary and default shift patterns, per
day, so that the TNM determines the order in which support staff
should be called out, as well as in what form to notify them.
As a different approach to network monitoring, the Mutiny TNM is
worth considering for any network where simplicity of operation is
key, but where that network is still a critical component of the
business.
Deltalert Server:
www.deltalert.com
Mutiny Toshiba Network Monitor (TNM):
www.mutiny.com
Going open source
Openxtra, a new UK start-up, is giving away a range of general
network management tools, which are all open source but packaged by
Openxtra to make them easier to deploy and use.
These are available from the company's website along with a
range of products you can buy. The latter, however, are focused in
specific areas such as WLan intruder detection.
Clearly the company is looking to make money in the areas of
consultancy and design, but it is a clear example of someone
bucking the trend. Network management has always come with a
sizeable price tag attached, but not any more.
www.openxtra.com
Helpdesk network management
Helpdesk, or IT service management, is one area of software not
traditionally associated with network management. However, UK
developer Sunrise, best known for its established, if now slightly
ageing, Enterprise ITSM product, has rewritten the rule book with
its new product, Sostenuto, a pure browser-based application.
This is not simply a "web-ised" version of an old product but a
completely new concept in IT service management. The idea is that
there are inherent cost benefits attached to deploying an entirely
web-based product, such as a high level of process automation and a
simple user interface, saving both time and cost.
Whereas most helpdesk software deployments involve rolling out
software to multiple sites, with Sostenuto it needs only a single
upgrade on one machine and a URL sent to all the clients enabling
them to download a Java runtime module necessary to run the
software.
Sostenuto maintains all the key features you would expect to
find in a helpdesk product. However, where the common, modular
approach is relatively rigid in terms of how it forces you to work
in a particular way - and is usually expensive - Sostenuto has been
developed from the ground up as a pure framework. The fact that in
its basic incarnation it is a set of IT service management-specific
tools is almost incidental.
It means that, in practice, although you can treat it as a "me
too" product, it can be developed into any kind of network asset
management application suite you want it to be, or even a generic
enterprise application.
If this sounds a little frightening, you can take some comfort
in the knowledge that Sunrise already has some early adopters using
the product in ways they had not even envisaged.
And the customers are happy. In some ways the situation is
analogous to when Lotus introduced Notes - which became a
phenomenal success - and then spent the first 12 months trying to
work out what it actually did for users.
Steve Broadhead and Broadband-Testing
Labs
Steve Broadhead runs Broadband-Testing Labs, a spin-off from
independent test organisation the NSS Group.
His IT and networking experience dates back to the early 1980s,
where he worked deploying and managing PC networks for two
insurance companies, after which he made a sideways move into
computer journalism.
In 1991 he formed Comnet, which became the NSS Group, with Bob
Walder, specialising in network product testing for suppliers and
the publishing industry.
In 1998, Broadhead created the NSS labs and seminar centre in
the Languedoc region of France, offering a wide range of test and
media services to the IT industry. Now named Broadband-Testing, it
focuses on network infrastructure product testing and related
areas.
Author of recent DSL and Metro Ethernet reports, Broadhead is
now involved in a number of projects in the broadband, mobile,
network management and wireless Lan areas, from product testing to
service design and implementation.