In an ideal world, network engineers should not be doing legwork for help desk technicians. However, too many engineers...
do not live in an ideal world.
Don Click has found himself in this situation many times. The senior infrastructure manager for the Technology Services organization of Denton County, Texas, would receive regular phone calls from Tier 1 support techs who were looking for basic information, such as the location of a PC on the network.
"I would have to go into the core routers and do an ARP [query] on the IP address to find the MAC address," Click said. "And from the MAC address, I would start trying to narrow it down to every uplink switch ... until I could find the final switch that this device was on. When you're dealing with 200 switches across a given area, pinpointing one IP address is not always easy."
Network device trackers and switch port mappers can make this task simpler, but some are very expensive while others aren't very rich in features. IP address management (IPAM) vendors offer switch port mapper appliances, such as Infoblox's PortIQ. But such appliances start at nearly $15,000, which can put them out of reach of many budgets. Some network access control (NAC) vendors, such as Bradford Networks, offer device tracker capabilities as part of a network security and access control solution. But installing a NAC solution is overkill for someone just looking to track down end-user devices for the help desk. Other vendors offer free switch port mappers, such as Quest Software's pt360 Tool Suite Switch Port Mapper. These tools offer a real-time view of devices on the network, but they are not much help in tracking a device that is only connected intermittently.
To fill this void, Solarwinds recently introduced User Device Tracker (UDT), which starts at $1,795 for 2,500 ports. UDT allows network administrators to search for a device by IP address, hostname or MAC address. UDT uses Simple Network Management Protocol (SNMP) polling and other functions such as ARP table queries to discover which ports a device is connected to.
The tool is similar to an old-school switch port mapper, said Jim Frey, research director for Enterprise Management Associates. But UDT takes the concept a bit further.
"Switch port mapping might give you a sense of what address is on a port, but primarily it checks the status of each port, what sort of traffic is going in and out. It looks at port utilization. Do I have capacity?" Frey said. "Solarwinds takes the next step by querying that switch and asking it what addresses you're seeing associated with that port. What client addresses."
Solarwinds had a switch port mapping capability as part of its popular Engineer's Tool Set, Frey said. But UDT adds device tracker capabilities. The company has also added a Device Watch List feature, which alerts engineers when a specific device they are looking for plugs into the network.
Click's organization tested UDT while it was in beta. In the first three weeks of using it, UDT saved him at least a couple hours of work, he said.
"Someone will call in and ask me, 'Where is this PC?' They'll give me the machine name or MAC address and I can tell them to go to this building on this floor and it's in this corner," he said. "Because of the way we have our switches laid out and mapped, it's really easy for me to go into UDT and find the device. In the grand scheme of things, my role is Tier 3 and the guys needing this information are Tier 1. Now with this they have access to a view inside the switches that I'm not able to give them otherwise."
User Device Tracker's Watch List feature is valuable for finding rogue devices or devices that are taken on and off the network intermittently. Normally an engineer has to search for such devices actively.
"Normally I'm spending resources to look at that port every few minutes," Click said. "With Watch List, it's just watching for activity. If it sees something happen, I'll detect that change instead of me constantly watching the board."
User Device Tracker is especially useful to Click because Denton County's user community is highly mobile.
"We do not require our user community to notify us when they decide to move from one office to another," he said. "Typically we react. They call and say, 'We moved from this office to another. Come and move my stuff.'"
UDT also stores historical data on switch port usage, which can come in handy when troubleshooting. Click said that users will sometimes move devices without permission that are configured to only work on a specific port.
"We have special configurations on a port for say, a dedicated printer for payroll," he said. "If they [move] that and it stops working, I can go and look at the history of the IP address through UDT and see it was originally configured for this [other] port. I can move that config to the new port.
Let us know what you think about the story; email Shamus McGillicuddy, News Editor.