- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Network World - Saddled with increasing support costs and regulatory requirements, many companies may be aided by a tool to map users to IP addresses.
ETelemetry's Locate appliance correlates users with IP address, MAC address and port information, so that administrators can quickly track down the physical location of a device and the specific user associated with an IP address. In our Clear Choice Test, we found that while Locate fills a significant regulatory hole, it’s still got a few rough edges that need smoothing over.
We recently tested A10 Networks' IDSentrie, which provides some IP to ID mapping functionality. eTelemetry's Locate is dedicated to this service and expands the functionality we saw in IDSentrie by adding the ability to associate a network address to a physical network port, integrated support tools and real-time queries.
Deploying the 1U Locate appliance is a quick process. It sits on a mirrored switch port and passively monitors network traffic, watching specifically for logon information. It then associates the traffic to specific users by reading an imported flat-file staff list or polling an enterprise directory, such as Windows Active Directory or Novell eDirectory.
We installed the device in our test network by connecting the Locate appliance to a mirror port on our switch monitoring all network ports and configuring Locate to query Active Directory for user information and a Cisco Catalyst switch for network data (see How we tested Locate).
We ran into an issue on initial setup with the device not seeing the mirrored network traffic. Working with eTelemetry support, we found the installation instructions mislabeled the mirror port. According to support, hardware and system configuration changes frequently move the mirror port location and the documentation does not always keep up.
To map users -- that is, to associate them with such details as IP or MAC or e-mail address -- Locate monitors the traffic for logon information to services, such as IM, e-mail, and Active Directory. Locate also ties an IP address to a physical switch-port location by polling network devices.
Configuring Locate to communicate with Active Directory and the Cisco switch required creation of a comma-separated value file in a specific format, defined in the Locate documentation. This CSV file is then uploaded to the appliance through the admin interface to apply the configuration. While this gets the job done, overall ease of management could be improved by integrating this configuration setup directly into the administration interface.