?
Solved

I need a network monitoring and netflow tool any recommendations?

Posted on 2014-12-30
9
Medium Priority
?
362 Views
Last Modified: 2015-02-13
Hi EE,

I am looking for a new network monitoring tool that will allow me to:
get alerts on server down, space, snmp traps, service down, etc.
I also want to monitor network equipment, bandwidth usage, top talkers, top applications and drill down abilities.

Are there any that you are using that you strongly recommend?  Please share and let me know pros/cons why you like.
0
Comment
Question by:operationsIT
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 1000 total points
ID: 40523809
I use nagios for monitoring.

cacti is good for utilization with plugins to monitor thresholds.  i believe that there is also a netflow plugin.

i prefer flow-tools and, visually, ntop.  you should also take a look at FlowViewer to to view utilization, top talkers, etc.
0
 

Author Comment

by:operationsIT
ID: 40523859
@Jan, have you compared it to Ipswitch, solarwinds or opsmanager (manage engine) as I'm hearing these names a lot?
How long have you used it?  
What is the most useful aspect?
What would do you find to be missing?
Do you have to have any other tools in addition to this?  or were Cacti and FlowViewer past tools?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40523882
I've used IPswitch and Manage Engine in the past.  i'm just not willing to pay for something that I can get for free.

Nagios:  excellent monitoring tool for hosts and services via many mechanisms (10+ years)

Ntop: excellent at graphing top talkers and graph by protocol (4+ years)

flow-tools: command line set of tools to collect data (for use by ntop and flowviewer) and to also query data directly (15+ years?)

I like apps like Ntop and FlowViewer but have found after the initial "coolness" has worn off, no one pays any attention to the pretty pictures.  It's nice that there is a gui to search flow data records but that's not really a big deal since that can be scripted.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 11

Expert Comment

by:rharland2009
ID: 40523896
I've used the Solarwinds platform for these functions with good success for many years.
We have visibility into all the items you mention with a combination of the Network Performance Monitor and Netflow Traffic Analyzer modules. The SW platform is built strongly around integration, so there's a single GUI for multiple modules, etc. It's certainly not unique, but I like the Solarwinds flow product for ease of mixing sFlow/Netflow information with good accuracy. Strong reporting/alerting/etc. are part and parcel of what the products deliver for us. Simple web-based frontend, etc. It's a highly customizable product and works well for our global environment.
0
 

Author Comment

by:operationsIT
ID: 40525272
@rharland2009 - so you are using it now?  What is the best feature/What if anything are you missing?
0
 
LVL 11

Accepted Solution

by:
rharland2009 earned 1000 total points
ID: 40525300
Best - that's a tough one! I'd say that one of my favorite things about it is the centralization - not only of GUI access, but of alerting/notification/traps. It's easy for me to build highly-specific and customized alerts for not only basic network monitoring (up/down, CPU/memory pressure, drive space, etc.) across platforms, but more sophisticated alerting for application health and performance, service/process monitoring and statistics, and sFlow/Netflow behaviors. In addition, I can build custom views that roll up data from all these different sources into easily-readable pages that show our business stakeholders at a glance how their apps/servers/services are performing.
The new versions of NPM also have grown to include DPI and the ability to use Wireshark-type packet analysis to dive even deeper into network and application performance. It's pretty cool stuff.
There are also modules for IP address management, device/user tracking, router/switch/etc. configuration management, etc.
On the sFlow/Netflow front, as of NTA 4.0 Solarwinds changed how the flow data is stored to increase historical availability information greatly. Now I have granular, non-summarized data going back months without some huge storage requirement.
What am I missing - not much, to be honest. The platform does everything for our business that it was designed to do and more. When I onboarded at my shop 2+ years ago, there was no visibility into what the heck was going on in our infrastructure, on our networks, and through our applications. That has fundamentally changed, and we don't spend time fighting fires. If your business can afford it, I think it competes very well with the other players in the space.
0
 

Author Closing Comment

by:operationsIT
ID: 40543548
Great input thank you!
0
 
LVL 11

Expert Comment

by:rharland2009
ID: 40544344
Glad I was able to provide some info for you!
0
 
LVL 2

Expert Comment

by:Michael Rojek
ID: 40607645
NetCrunch 8 is a great option to try out as well. It's an all-in-one monitoring suite combining server, app, log and network infrastructure monitoring. It's agentless, and has a focus on ease of use and automation.

Bandwidth can be monitored in many ways, but the coolest feature is the physical segments map. It shows you the physical connections between your devices, as well as the bandwidth going through them. Very useful for drilling down and finding bandwidth hogs.

Top talkers are displayed automatically, and it has window docking features to let you set up multi-screen displays.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Is your computer hacked? learn how to detect and delete malware in your PC
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses
Course of the Month17 days, 4 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question