Midtier management tools register high marks

Argent, HP earn top honors for sophisticated monitoring and flexible alerts

1 2 Page 2
Page 2 of 2

The Netmon device notified us via e-mail or pager when network activity exceeded previously set thresholds. However, it couldn't express threshold interrelationships and time of day/day of week situations in as sophisticated a manner as the other products reviewed.

Netmon lacks the ability to take corrective actions. It does produce uptime/availability reports, bandwidth-use reports and historical reports of network errors. Netmon comes with clear and comprehensive online documentation. It installs in a few minutes.

HP OpenView

Of the myriad of OpenView modules offered by HP, Network Node Manager is the key monitoring and managing component. It watches over devices, servers and applications, while other OpenView modules provide analysis services, produce additional reports and monitor specific environments, such as storage-area networks. Network Node Manager earned top honors in our test of more expensive midrange tools by accurately discovering our network, tracking device status, graphically displaying the network, alerting us to problems, automatically fixing problems, gathering statistics and processing incoming SNMP alerts from other monitoring products.

Network Node Manager's discovery feature took note of not only network devices, applications and servers but also virtual network services such as VPNs.

Network Node Manager uses Management Information Base (MIB) data from several sources, including routers, switches, bridges and repeaters, to reset devices or inquire about their health. It captures some Layer 2 data, such as connections and node addresses, but for the most part it maps easier-to-relate-to Layer 3 details. The impressive list of predefined MIBs includes utilization and error percentages, total packets by category, retransmits, Cisco memory utilization and full-duplex utilization percentage.

Network Node Manager collects network health data, stores it in a relational database, analyzes the stored device-status and event data, and reports results in useful charts and graphs. The system's root-cause problem analysis, dubbed Advanced Intelligent Diagnosis for Networks, was especially helpful for zeroing in on a specific device that was causing an outage or performance problem. When we substantially increased traffic or disconnected WAN links, its path-analysis capability was similarly helpful in pinpointing problems and performance degradations involving network pathways and linkages.

Network Node Manager's automatic baseline feature took just a day to become familiar with our network. It set alarm thresholds by analyzing collected device status and event data, thus giving it the ability to more realistically detect exceptions, faults and errors. After Network Node Manager created a baseline for our network, we manually added a few of our own thresholds. Network Node Manager generated prompt and highly informational alarms, via pager or e-mail, to notify us when the thresholds were exceeded.

Network Node Manager has a distributed architecture that scales well to handle larger and more complex network environments. Network Node Manager even monitors itself to make sure it's running normally. Network Node Manager has native Windows and Web-based versions of its user interface.

OpenView Operations Manager integrates with Network Node Manager to provide a central console for event management, performance monitoring and automated alert processing. OpenView Operations Manager has a high-level Visual Basic Scriptlike language for customers who want to tailor its processing. OpenView Operations Manager gave us additional dashboards beyond what Network Node Manager displayed, and it can show consolidated views of data from different OpenView modules.

The predesigned reports from HP highlighted items such as performance, alarms, availability and inventory trends. Many reports contrasted current and historical data, which helped us spot emerging problems, while other reports showed network utilization, top talkers and listeners, and inbound and outbound errors. A Ping Response Time and Ping Retry report showed us response times and the number of retries, to help measure latency across our network. The RMON Segment Utilization report revealed network bandwidth use, and a Frame Relay report tracked congestion rates to show bottlenecks. Reports also showed summary and detailed device availability, device inventory data, alarm histories and multiple-device reboot events.

OpenView Internet Services tracks Web-based transaction services. We used it to monitor e-commerce transactions and SOAP-based Web services transactions. For each Web site, it noted availability and response-time details, and Internet Services alerted us when the service-level agreement (SLA) parameters we set up were exceeded. Alerts took the form of pager calls, e-mail notices and SNMP traps. To fix problems automatically, we could tell the module to execute a command in response to an alert. OpenView Internet Services has a productive dashboard-metaphor user interface with tree-based navigation, SLA health indicators and a helpful troubleshooting and analysis tool.

HP OpenView documentation is only online. Despite its complexity, the software was easy to install and use.

Network General NetVigil Enterprise

NetVigil is especially good at relating business functions to network components, applications and servers. It uses the concept of business containers to show how network problems affect specific business workflows and groups of users.

NetVigil primarily uses SNMP to gather device statistics and health information. Each time NetVigil emitted an alert, it clearly displayed the business functions associated with the failing infrastructure components. Furthermore, NetVigil is geared to send notifications to both IT staff and business community staff.

Once we created a container for each business function in our simulated midsize company, we assigned network infrastructure elements to business functions by putting the elements into the containers. The process is a tedious one for a large company, but you can argue that it's a one-time arduous process that does offer obvious benefits. Thereafter, NetVigil presented us with highly useful correlations between network faults and the various workflow units of our simulated company. We could easily tell, for instance, that a WAN link outage had idled a particular sales office, or that the auditing department was causing high traffic levels at specific times of the day.

NetVigil's event management console offers status grouping, severity filters and one-click drilldown to help pinpoint network problems. We liked that NetVigil presents a separate dashboard for each container as well as summaries for multiple containers.

Quick, accurate discovery

NetVigil's discovery process was quick and accurate. It inventoried our devices, applications and servers and properly detected the relationships among the components. It correctly identified our servers, routers, printers and file systems as well as multiple redundant paths in the network. The discovery process notes the capabilities, size and capacity of each network component. It also identifies software processes running on each computer.

NetVigil notified us via e-mail or pager about detected issues. When we caused extremely brief error conditions, such as excessive CPU utilization, it was smart enough to suppress transient threshold breaches (such as momentarily exceeding a threshold but then returning to normal). NetVigil's problem escalation feature ensures that if front-line troubleshooters do not respond to a persisting problem, other IT staff and business community staff in the organization will be alerted.

NetVigil's reports show network event histories and problem resolutions, and provide useful data to capacity planners. Business community people will find the reports showing network events and activity levels for each business container (such as department or workflow unit) highly illuminating.

NetVigil comes with clear and comprehensive online documentation. It installed in less than an hour.

Nance runs Network Testing Labs and is the author of Introduction to Networking, 4th edition, and Client/Server LAN Programming. He can be reached at barryn@erols.com.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
IT Salary Survey: The results are in