Top Network Monitoring Tools
As anybody who’s familiar with the ISO/OSI network management model already knows, network management is a topic that covers many areas, if not also many sins. For those not familiar with the model, it’s not a bad place to start a discussion of what network management tools should do (though more recent discussions add a few items to this list, as I will do shortly myself). This model consists of the following five elements:
- Fault management: This covers topics related to problems, errors or failures, and includes event notifications, alarms and alerts, problem identification, troubleshooting, problem resolution and error or event logging.
- Configuration management: This covers topics related to how a network is set up, addressed and operated, and includes change control and management, inventories of hardware and software, and configuration data.
- Accounting management: This has to do with keeping track of who’s using what kinds of resources for how long and includes asset management, cost controls and chargeback mechanisms.
- Performance management: This covers items related to how a network is behaving at any given moment and over time, and includes network capacity planning, availability, response time measurements, error rates, throughput and utilization.
- Security management: This covers elements of network and node security, and includes security policy requirements and implementations, authorization, access controls and audit trails, security event logging and authentication failures.
Because the ISO/OSI model was developed in the 1980s, notions of what’s involved in network management have advanced a bit, but not so much as to make it irrelevant. Additional areas that technology and experience have added to the mix include elaborations on the five areas mentioned, plus topics like storage management, directory services management and patch/update management. Although these areas may be shoehorned underneath at least one area of the ISO/OSI model—namely, all three under configuration management—all three have their own unique toolsets and mindsets and can also claim some degree of autonomy.
Where Tools Fit
The interesting thing about tools that fit under the broad heading of network management is that some take up positions under the heading of general management (aka, network/systems management consoles), while others fit under part or all of one of the model’s five categories or under one of the three additional categories added here. In fact, network management experts distinguish between three classes of systems in the network management arena, all of which may work together in real, functioning systems:
- Element management systems (EMS): These are management utilities that target some specific type of system or application and provide mechanisms to do some or all of the following: investigate faults, monitor activity, change configurations, troubleshoot problems, manage security and so forth. Usually, individual applications or operating systems include tools and utilities designed to manage a single instance at a time: These all qualify as EMS implementations.
- Multiple-element manager: These are management utilities designed to manage and control multiple elements, often of the same type, in distributed networking environments. Often distributed applications or databases, directory services and other inherently multi-system environments include management tools designed to provide detailed control over entire databases, directories and so forth.
- End-to-end management systems: These are management consoles or utilities designed to access EMS or multiple-element managers and provide comprehensive, overall monitoring, management and control over large-scale, widely distributed networks. These include well-known management systems such as Computer Associates’ CA-Unicenter, Tivoli’s Enterprise Console or HP OpenView, designed to integrate lots of individual components and provide global views of and controls over entire enterprise networks.
Network Monitoring Tools
Although network monitoring is just one piece of the ISO/OSI network management model, it should make sense that such capability operates at different levels and applies in some sense to all levels (and to those other topics mentioned to extend that model). That’s why I break the overall listing into two categories: one for leading, general, end-to-end management systems; the other for leading, specific, multiple- or single- element management tools likely to be of interest to broad segments of the IT professional population.
General, End-to-End Management Systems
As already mentioned, these include products like HP OpenView, Tivoli’s Enterprise Console and hundreds of individual management modules for security, configuration, software distribution and so forth, as well as CA-Unicenter. These are all large-scale, enterprise-class management systems that can integrate data from hundreds to hundreds of thousands of NMS and multiple-element managers in a single, coherent environment with monitoring and management capabilities. There are also numerous products that cluster more in the small- to medium-sized business (SMB) world, or that seek to leverage investments in open-source tools and technologies.
In general, these systems are universal in their approach to the kinds of elements they’ll accommodate and monitor. They seek to incorporate as much management and monitoring information as possible and are likely to include data from network infrastructure devices (routers, gateways, switches and so forth), general-purpose file-and-print servers, application servers and often end-user workstations as well. They’re able to give as complete and comprehensive a view of what’s happening on enterprise networks as there are managed elements or other management systems capable of reporting in to them.
Such tools are big, complex and often expensive, and months or years are normally required to plan, design, implement, test and deploy solutions built around them. It’s typical for implementations to require extensive customization, and it’s not unusual for implementations to require some custom programming as well. When out-of-pocket costs are combined with the value of the time and effort necessary to implement end-to-end solutions, they seldom cost less than six figures and sometimes cost even seven or eight.
Other Monitoring Tools
These are either EMS tools that manage single system or application instances, or multiple-element management tools that handle multiple instances of the same kind of application, service or platform. Some directory services—like Novell Directory Services (NDS), Microsoft Active Directory (AD) or Sun Directory Services—might even be classed into this category. Likewise, distributed management or monitoring tools built into operating systems, like the Microsoft Performance Monitor and similar management console snap-ins, fit broadly into this category. Here, it’s pretty much a case of “pick a platform or an application, then look for a suitable monitoring tool.” As you’d expect, such tools are legion, and those that are likely to be of interest therefore become purely a matter of what kind of system, platform, application or network one is trying to monitor. Use your favorite search engine, look for trade or professional reviews, and check out relevant newsgroups or user groups to get pointers to equivalents in your areas of concern.
When Monitoring, Knowledge Is Power
The key to making monitoring work lies in understanding wh