Dr. Jorgenson, I'm trying to write the Enterprise Network Monitoring Requirements for our division to show vendors...
to comply. What requirements should I put on my list of requirements? What would you recommend to evaluate and/or talk vendors of the enterprise network monitoring products that can do as follows?
a. RCA (root-cause analysis)
b. Correlation events
c. Network performance
First I would direct you to one of my previous answers that outlines current Best Practices for Network Monitoring
As I point out there, not only are Best Practices (and hence requirements) a moving target, but today's solutions are simply not up to meeting current needs. This shouldn't stop you from posing requirements of vendors that they can't fulfill; yet this is exactly what they need to hear in order to adapt and offer the product you really need. But will it be soon enough?
To summarize from that previous answer, the key high level requirements I would ask for would include:
- Continuous monitoring capability
- Flexibly configurable, practically useful notification
- Real-time responsiveness (feedback on what your network is doing NOW)
- Zero-effort, deploy-at-will capability
- Low-to-no knowledge or ownership of the network required
The need to do the three things you list are all relevant. Probably you won?t get everything in equal measure. So the question is, which one(s) do you need most? Focus on that.
And the answer depends on your network and your administration style and resources. What will take the greatest load off your back most effectively?
There are many solid offerings out there to consider - this list isn't intended to be comprehensive. For a strong option in each category though, I'd suggest:
a. RCA (root-cause analysis) - MagnumTech/Coordinator b. Correlation events - VERITAS/NerveCenter c. Network performance - jaalaM/appareNet