Skip Links

Network World

Jimmy Ray Purser

Network Management Sucks!!!

By JimmyRay on Wed, 02/25/09 - 9:40am.

Network Management...

I could almost end this blog with just that statement alone. What is it with NMS that feels like were are riding in the back seat from Wisconsin to Florida with our stinky second cousin Bert. Anytime, I sit in a vendor meeting and they are trying to hock their NMS off on me I can picture signs for "See Rock City" or "Wall Drug" for the east coast to west coast survivors.

We need NMS for our networks right? I have been a big speaker against most forms of NMS for 250 devices or less for a while now. Perl scripts and Open Source can do a better, faster and cheaper job. The problem I came to reluctantly discover was:
- It does not scale well
- It is personalized based on the last network admin. Lets face it, we should always be looking at networks based upon who is managing it after us.
- It is a lot of manual correlation
But still, NMS promises are kinda like being chased by a angry Shih Tzu with your friends watching. With networks becoming more and more application layer driven, we need something with a little more power. For example;
- Flow based management is cool but what if I need more then just the conversation, I need packet capture/inspection THEN correlate those together with a verifiable SLA? Now what?
- 1GB 10GB 40GB 100GB? How do I monitor that? Not with a plain Jane NIC for sure. Heck at 1GB my NIC buffer size is only 64K which is just fair for 100M. Plus add in fragmentation and CPU interrupts and you can see your accuracy goes down fast. What's that? Your are using jumbo frames also...oh man...
- I know, I like Network TAPs also, but I do not like the sprawl, the cost and the management of these passive security holes.
I much as I just loathe to admit it, I am back to looking and (gulp) using NMS over my customized scripts, bag o' TAPs and Open Source Progs. Time is money and the higher up the stack I climb the more time I am investing in troubleshooting a problem.

So lets consider a few NMS truisms...according to ole Jimmy Ray;
- We need NMS not based upon how many devices BUT what applications are using your network. Sometimes an element manager and built in Web U/I is just fine.
- No NMS is never ever going to managed everything we need on our network. I will need more then one, so choose wisely.
- NMS is NOT my primary job, so it needs to be easy to read and find info. That REALLY means it needs to be coded by someone that understands networking with THAT type of gear. Not outsourced to save a few bucks on stock options for some knob Exec.
- Correlation, Correlation, Correlation. There is so much data out there that I can use to make some very informed decisions, I just need to know what it is in readable form and not MIB OID strings.
- It absolutely positively must be secure on many levels. From data storage to RBAC views to Channel access. When I am paid to Pen Test a network, I always try to install a lightweight NMS somewhere. Security trumps all other features in NMS simply due to the valuable information that can be mined here.

Anyway, this self introspection is not due to a session I had with a Guru or a vision I had after smoking a very strong H.J. Bailey Don Ramone 660 cigar, it's worse. I have requested a TechWiseTV show on....NMS. I heard groans from all over the place, including my own. I think the time is right to take another look at NMS at both a hardware and software layers. Our jobs can be made simpler and more efficient.

So my question is, What are YOU looking for in a NMS? Give a shout out to the ones you use and like. I'll give you a shout out on the show and even toss in a TechWiseTV shirt if we use it on the air or in the planning docs.

Jimmy Ray Purser

Trivia File Transfer Protocol
Talk about lack of sound information, In 1297 at the Battle of Stirling Bridge, English Earl John de Warenne chose this bridge as the best point to attack William Wallace's lightly armed and angry Scots. Big mistake with the right information he could have walked up river a few miles and easily crossed giving his well armed troops more fighting space. But then we wouldn't gotten a truly awesome Dude flick, "Braveheart"

NMS

0
By DLH (not verified) on Wed, 02/25/2009 - 3:43pm.

Don't get me started!! I have been plagued with running HP OpenView NNM for more than three years now. Patch after patch, version after version, install after install, nothing changes. The interface is horrible, the functionality rabidly mediocre. The application itself is just plain insane--it's not uncommon for a router to disappear entirely. What's that? Just add it back in you say? Ha! If just one interface IP from the router is somehow hanging around, you've got to track it down and delete every instance of it before you can even think of adding it back. Sometimes I think NNM is more of a way for HP to sell services than it is a viable application. The only way you could possibly understand how or why it does the things it does is if you've been working with it for 20 years or have the HP inside track.

NNM...

0
By Dougie Stevenson (not verified) on Sun, 03/08/2009 - 4:50pm.

NNM... An amalgamation of bandaids , patches, and hacked in code.

I went to my first OV Forum in 1996 in St. Louis. In the "Meet the Developers" session, there were several of us that explained that netmon was broken. That xnmevents was broken.

Year after year after year, the user community pummeled HP about netmon and the fallacy behind the way they were doing things.

Then somewhere along the lines, they got a look at Riversoft OpenRiver. Ended up buying a small peice of it in hopes of bandaiding up the Topo DB for L2 and doing better polling.

All they did was to layer another hunk of junk on top of the hunk of junk that was preciously there!

The strength behind NNM in the early days was that there were alot of Element Managers that plugged right in. They even broke that!!!

NNM had potential. But it was never realized. Never will now. What used to hold 70% of the market is now a shadow of its former self. In fact, alot of NNM customers have gotten rid of NNM and went without maps.

And certain technologies KILL NNM... Like MPLS... HSRP/VRRP ... 32 bit addresses... IPv6...
NAT... PAT... Even V2C specific things like the sectioned FDB of a Cisco switch using a community string with VLAN appended...

HP NNMi -the new NNM from HP

0
By Arunaruna (not verified) on Wed, 03/25/2009 - 3:36am.

Hello,

Have you tried the new NNMi 8.x product? This NNM 'i' product is a completely re-engineered/rearchitected product when compared to the older NNM versions. HP is offering a free license to migrate to this new NNMi product until end of this year.....

To get more help on the migration check out their NNMi portal at: http://www.hp.com/go/nnmi

NNM oh mercy!

0
By JimmyRay on Wed, 02/25/2009 - 4:04pm.

Wholly smokes, I have chewed on that turd sandwich all too many times. NNM is a perfect example of how NOT to code up NMS software. It used to burn me up that NNM has ALL of their CGI applications installed without any authentication. I figured that one out AFTER a command injection attack, to edit the session.conf file to UserLogin: ON and then use the OVHTPASSWD app to add the user credentials to the passwd file. Really? That is the solution? NNM adds hours to my network management or used to...! Oh Happy Day!!

Perspective

0
By Anon (not verified) on Wed, 02/25/2009 - 4:25pm.

Try PacketTrap Perspective! for the price, it ROCKS! www.PacketTrap.com

Geez

0
By Anon-i-mouse (not verified) on Wed, 02/25/2009 - 5:17pm.

What a shameless PT plug!

Know what you mean, have a solution

0
By DonB (not verified) on Wed, 02/25/2009 - 4:40pm.

JimmyRay,
I feel your pain, brother! I've has to deal with too many NMS that grow into huge monsters that server no *practical* purpose.
The ONLY folks out there that "get it" are at Solarwinds. Their ORION NMS is actually geared for real business and provides quick, simple, reliable info. I don't want to know every detail, all I want to know is big problems FIRST, and then some network statistics to back up my NEEDS (and butt!).

Check them out, you'll be surprised.
Don

I hear you there!

0
By JimmyRay on Wed, 02/25/2009 - 5:23pm.

Man do I love those folks!!! Solarwinds has a great product that is a cut above most others I have tried. Plus many vendors could learn a great deal about customer service and support from them. You like the Orion product eh? I will check that out for sure. I have the Engineers Tool Set which is as important to a laptop as the battery is.

Thank you for the info!

Jimmy Ray

Sorry, Orion is an example of how NOT to do it right....

0
By Kirbini (not verified) on Fri, 02/27/2009 - 3:29pm.

Sorry, I have extensive experience with NMS going back to 1996: NetworkIT, Unicenter, Network General, Cisco(don't)Works, NetSaint, MRTG, Cacti, NetMRI and now Orion. Unicenter was by far the worst of the lot, but Orion isn't far away. Their tech support is bad, the sales is more like hocking used cars than enterprise software, it's VERY expensive to do anything out of the box (try using it on overlapping IP spaces or in an MSP environment), and the coding is VERY VERY VERY shoddy. Oh, and I forgot the crappy mapping/auto discovery, constant DB drops without notice (try telling your boss why you lost 4 weeks of customer data), poor upgrade/patch notification, poor patch cycle (last version has had three major service packs in 3 months, one of which was produced before the product was released) and upgrades that fail spectacularly (and the only answer you get is "try installing again"). Try graphing two datapoints on the same graph sometime. I could go on, but I see I already have.

Yes, SW does make some decent engineering point tools, but that's because SW was started by an single engineer who needed Windows tools that simply didn't exist on Win95 (yes, that long ago). Their stab at NMS is sub par at best. But I'm stuck with it for now.

For trending, alerting and network weathermaps (and arp tracking and..) Cacti ROCKS. For congif management and troubleshooting, NetMRI super rocks!

Cacti+NetMRI FTW!

@JimmyRay

0
By Anon (not verified) on Wed, 02/25/2009 - 5:39pm.

PacketTrap is a way better product for the price than SolarWinds. SolarWinds is soooo overprices it's scary.

123456next ›last »

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
About Networking Geek to Geek

Jimmy Ray Purser is the technical co-host for Cisco's TechWise and BizWise TV. Jimmy Ray also conducts advanced training for engineers across North America and Europe and regularly speaks at industry conferences such as VON, CeBIT, N+I, and Networkers. As a field engineer, Jimmy Ray experiences networking first hand behind the console or in the rack. He is an active member in the IEEE and the Ethernet Alliance and has designed, installed and tested numerous networks for Fortune 500 companies, the United States military and other institutions worldwide. He holds 3 U.S. patents for Ethernet security algorithms with two others pending and one defensive publication, as well as numerous other vendor certifications in networking and security.

Purser holds a Bachelor of Science degree in electrical engineering from Southern Illinois University is currently pursuing a master of science degree in electrical engineering.