I could almost end this blog with just that statement alone. What is it with NMS that feels like were are riding in the back seat from Wisconsin to Florida with our stinky second cousin Bert. Anytime, I sit in a vendor meeting and they are trying to hock their NMS off on me I can picture signs for "See Rock City" or "Wall Drug" for the east coast to west coast survivors.
We need NMS for our networks right? I have been a big speaker against most forms of NMS for 250 devices or less for a while now. Perl scripts and Open Source can do a better, faster and cheaper job. The problem I came to reluctantly discover was:
- It does not scale well
- It is personalized based on the last network admin. Lets face it, we should always be looking at networks based upon who is managing it after us.
- It is a lot of manual correlation
But still, NMS promises are kinda like being chased by a angry Shih Tzu with your friends watching. With networks becoming more and more application layer driven, we need something with a little more power. For example;
- Flow based management is cool but what if I need more then just the conversation, I need packet capture/inspection THEN correlate those together with a verifiable SLA? Now what?
- 1GB 10GB 40GB 100GB? How do I monitor that? Not with a plain Jane NIC for sure. Heck at 1GB my NIC buffer size is only 64K which is just fair for 100M. Plus add in fragmentation and CPU interrupts and you can see your accuracy goes down fast. What's that? Your are using jumbo frames also...oh man...
- I know, I like Network TAPs also, but I do not like the sprawl, the cost and the management of these passive security holes.
I much as I just loathe to admit it, I am back to looking and (gulp) using NMS over my customized scripts, bag o' TAPs and Open Source Progs. Time is money and the higher up the stack I climb the more time I am investing in troubleshooting a problem.
So lets consider a few NMS truisms...according to ole Jimmy Ray;
- We need NMS not based upon how many devices BUT what applications are using your network. Sometimes an element manager and built in Web U/I is just fine.
- No NMS is never ever going to managed everything we need on our network. I will need more then one, so choose wisely.
- NMS is NOT my primary job, so it needs to be easy to read and find info. That REALLY means it needs to be coded by someone that understands networking with THAT type of gear. Not outsourced to save a few bucks on stock options for some knob Exec.
- Correlation, Correlation, Correlation. There is so much data out there that I can use to make some very informed decisions, I just need to know what it is in readable form and not MIB OID strings.
- It absolutely positively must be secure on many levels. From data storage to RBAC views to Channel access. When I am paid to Pen Test a network, I always try to install a lightweight NMS somewhere. Security trumps all other features in NMS simply due to the valuable information that can be mined here.
Anyway, this self introspection is not due to a session I had with a Guru or a vision I had after smoking a very strong H.J. Bailey Don Ramone 660 cigar, it's worse. I have requested a TechWiseTV show on....NMS. I heard groans from all over the place, including my own. I think the time is right to take another look at NMS at both a hardware and software layers. Our jobs can be made simpler and more efficient.
So my question is, What are YOU looking for in a NMS? Give a shout out to the ones you use and like. I'll give you a shout out on the show and even toss in a TechWiseTV shirt if we use it on the air or in the planning docs.
Jimmy Ray Purser
Trivia File Transfer Protocol
Talk about lack of sound information, In 1297 at the Battle of Stirling Bridge, English Earl John de Warenne chose this bridge as the best point to attack William Wallace's lightly armed and angry Scots. Big mistake with the right information he could have walked up river a few miles and easily crossed giving his well armed troops more fighting space. But then we wouldn't gotten a truly awesome Dude flick, "Braveheart"
Jimmy Ray Purser is the technical co-host for Cisco's TechWise and BizWise TV. Jimmy Ray also conducts advanced training for engineers across North America and Europe and regularly speaks at industry conferences such as VON, CeBIT, N+I, and Networkers. As a field engineer, Jimmy Ray experiences networking first hand behind the console or in the rack. He is an active member in the IEEE and the Ethernet Alliance and has designed, installed and tested numerous networks for Fortune 500 companies, the United States military and other institutions worldwide. He holds 3 U.S. patents for Ethernet security algorithms with two others pending and one defensive publication, as well as numerous other vendor certifications in networking and security.
Purser holds a Bachelor of Science degree in electrical engineering from Southern Illinois University is currently pursuing a master of science degree in electrical engineering.