Why you need network monitoring systems and what they can do for you
A collection of articles that takes you from defining technology needs to purchasing options
No enterprise can function efficiently without the use of network availability monitoring tools. Assessing and troubleshooting network devices to ensure their availability is a fundamental requirement in today's data centers -- especially as demand for always-accessible applications and services continues to build.
Although no one tool fits every network, understanding your organization's requirements and the complexity of your network will help determine which network management platforms will offer the most benefit. Fortunately, there are a wide variety of tools that address networks of all sizes -- from the smallest of businesses to very large organizations and service providers.
Dell EMC Smarts
The Dell EMC Smarts IP Availability Manager provides real-time root-cause and impact analysis of infrastructure health and performance. IP Availability Manager is part of Dell EMC's Service Assurance Software Suite and isn't sold separately. This suite includes Service Assurance Manager, which acts as the presentation layer for data and analysis provided by IP Availability Manager. The Service Assurance Software Suite also includes tools for monitoring applications, MPLS wide area networks and Fibre Channel storage area networks.
IP Availability Manager automatically discovers physical, virtual and logical network objects and builds a model of how those objects relate, interact and behave. For instance, it can deduce how a switch port will behave if a network cable goes bad. It will then present that analysis to the IT administrator, so he can fix the problem. It collects events and translates them into information that tells the administrator what the problem is and what effect it has on IT services.
IP Availability Manager can also monitor Wi-Fi infrastructure and network-attached storage.
Service Assurance Manager takes the data and metrics collected and builds a topology map with data collected from other installed network management platforms. It correlates topology, events and analysis from IP Availability Manager and any other installed Dell EMC management systems.
The product's geomapping feature lets users place their infrastructure on a global map. This provides users with large, distributed networks the context they need to understand what parts of the business are affected by network events.
Service Assurance Manager also correlates and reports on infrastructure performance data collected by other Dell EMC software products. The software is deployed as several individual components on servers, which maximizes flexibility, but increases complexity.
Dell EMC delivers service packs for Service Assurance Manager that automatically configure the product for monitoring specific business applications and services. The product is also highly customizable, allowing users to create their own service packs for monitoring nontraditional infrastructure elements, such as transportation control systems.
Dell EMC Service Assurance Software Suite is licensed based on the number of objects it discovers and manages in the network -- i.e., it discovers each networked device and converts it into several different managed objects. All Dell EMC software and licensing can be purchased through its partners.
Professional services to install the Dell EMC product are optional. Dell EMC offers full technical support for the product.
Formerly known as AccelOps Network Performance and Availability Monitoring prior to Fortinet Inc.'s 2016 acquisition of AccelOps, the renamed FortiSIEM is a cross-domain infrastructure management tool that includes a robust security operations center (SOC), as well as a network availability monitoring component. This component provides a platform for monitoring and troubleshooting networked devices. It can alert IT administrators to network events and help them diagnose and resolve problems.
The FortiSIEM network operations center portion of the tool monitors the performance and availability of infrastructure equipment, such as switches, routers, servers and storage. FortiSIEM can leverage NOC analytics with SOC analytics to offer a greater level of visibility from a network management platform's security standpoint.
The product collects operational data through network flow records, Simple Network Management Protocol (SNMP), Syslog, Windows Management Instrumentation and a variety of vendor-specific protocols. The product provides both real-time and forensic analysis of infrastructure monitoring data, with the ability to store up to one year of data for historical analysis.
The FortiSIEM interface includes Layer 2 and Layer 3 topology maps, with event and service information overlaid on top. Users can drill into management details by clicking on the map. The maps can also be filtered and exported for easy collaboration.
The product determines baseline network behavior and tracks infrastructure utilization. FortiSIEM supports the major hypervisor platforms, including VMware vSphere, Microsoft Hyper-V and KVM.
Fortinet FortiSIEM can be deployed in traditional enterprise networks, as well as within service providers that manage multiple domains. The tool can also be deployed with FortiSIEM Windows and Linux agents that collect additional information for monitoring the overall health and security of the network.
The company offers both a perpetual license and an annual subscription license. Each license supports one infrastructure device and enables support for up to 10 events per second. If more events per second are required for a specific device, they can be purchased separately. Licenses for advanced and base Windows agents are also a separate line item. Fortinet sells its products directly and through channel partners. The company offers a free 30-day trial version of FortiSIEM.
Fortinet FortiSIEM is deployed on a server as an all-in-one virtual appliance. IT organizations that choose the subscription license can deploy the server either on premises, or in a public or private cloud. The subscription license to FortiSIEM includes maintenance and customer support; support for the perpetual license must be purchased separately.
Fortinet offers two base tiers of customer support: enhanced support during business hours from 8 a.m. to 5 p.m., or 24/7 comprehensive support. Support includes standard phone, web and email access to technicians. Advanced services are also available to provide more personalized support.
Among network management platforms, Infosim includes a network availability monitoring component. Designed to support very large networks, the product comes in two editions: StableNet Enterprise and StableNet Telco. StableNet also includes optional network performance management and network change and configuration management features.
StableNet's core features include automated discovery, performance management, traffic analysis, fault management, configuration management and reporting. It also offers a full set of inventory and asset management features.
The platform discovers network and non-network devices via SNMP and Internet Control Message Protocol. Its discovery features also find Layer 2 and Layer 3 VPNs, virtual LANs and servers -- including hypervisors. It can assemble discovered resources automatically into topology and dependency maps.
StableNet's core fault management feature monitors the health of network resources. It automatically correlates alarms and events to perform root-cause analysis and business-impact analysis. It also gives network managers information on how to take action on a network failure. In addition to monitoring non-network devices, such as servers and storage, StableNet can monitor external cloud resources, making it suitable for hybrid cloud infrastructures.
The system can produce customizable real-time and historical reports via its web-based dashboard. It can also output those reports in a variety of formats for presentation in a user portal or distribution via email.
StableNet's performance management capability uses synthetic transactional performance measurements to analyze end-user experience. Its traffic-analysis feature collects and analyzes network flow data, including NetFlow and IPFIX, to report on traffic conditions, with quick insight into top talkers, quality of service and application performance.
StableNet integrates with a wide variety of event management systems, service desk systems, cloud and virtual management systems, and configuration management databases.
The Infosim StableNet licensing model is based on the number of measurements monitored per device. This model can be used to better right-size a deployment to reduce upfront costs. Infosim sells the product directly and through channel partners.
StableNet can be deployed as a single hardware appliance with an embedded database and polling engine. But users can use their own server infrastructure for installing the StableNet server, agent and GUI components on different bare-metal or virtual machines. For certain types of data collection, including synthetic performance testing, local agents must be deployed at each monitored location.
The company offers optional professional services for the installation of StableNet. It also offers product training services and two levels of technical support. Standard support includes access to the technical support team during business hours, an online knowledge base, an online ticketing system, software updates and patches. Enhanced or premium support adds access to technical support 24/7.
Infosim offers a free, fully functional 30-day trial of StableNet.
NeuralStar is designed to monitor the infrastructure of nontraditional networks, such as government agencies and satellite communications operators, as well as infrastructure elements network management platforms would track in the mainstream enterprise.
Kratos offers two additional products to optimize network operations: Compass, which helps ensure uptime of mission-critical equipment, and NeuralStar Service Quality Manager, which is geared toward service providers that need to monitor service-level agreements and minimize customer disruption of services.
NeuralStar automatically discovers network equipment and other devices in the infrastructure using SNMP, Internet Control Message Protocol, Dynamic Host Configuration Protocol and IP address scanning -- both IPv4 and IPv6 -- and then maps the entire network. The system continuously rediscovers the network to identify changes. It has an inventory and asset management feature, and it automatically maps all devices into a topology map. Its mapping feature can create multiple maps for large, distributed networks, with subnets and routed networks included. The maps are highly customizable.
The system's fault management feature triggers alarms based on faults and performance issues. It also sends alarms based on business functions that are associated with specific devices. An alarm deduplication feature helps reduce alarms that are symptomatic of core issues. Users can create customizable threshold alarms using 29 different attributes in the system. NeuralStar's event correlation and analysis feature lets users create rules for monitoring the availability and performance of applications and infrastructure with real-time and forensic root-cause analytics.
Kratos' Unified Monitoring Center instructs NeuralStar on how to monitor application health and performance for specific applications, such as Microsoft Exchange, by tracing the dependencies of that application on the network.
NeuralStar's dashboard offers multiple layers of visibility, including a global network operations view that provides consolidated insight into the entire network. The inventory list view gives users a quick glance into devices and objects that can be sorted by many variables during a troubleshooting exercise. Users can also get a detailed device view with performance metrics and see the same information for the next upstream or downstream device. They can also drill down further to an interface-level view to get insight on throughput, traffic, packet discards and errors.
Kratos licenses its product based on the number of devices it's monitoring. A free-trial version of NeuralStar is available.
NeuralStar installs on a single server with embedded database and polling engines. But customers can use another database or deploy the device polling engine on separate servers. The product's add-on, high-availability option lets enterprises deploy a second standby system that's synced with the active system.
Professional services for the installation of NeuralStar are optional. The company also offers training on product use and customization. The company offers phone and online technical support 24/7 for emergencies and regular business hours for nonemergencies. It maintains a support portal, where users can track trouble tickets and access tutorials and videos.
Containers help network engineers to simplify complex networking challenges
What's the intent behind intent-driven networking?
Which network management platforms provide the best performance?