Fave Raves is an annual feature from Network World that invites enterprise IT pros to share hands-on assessments of products they love. Several IT pros raved about their favorite network tools. Here’s what they had to say, in their own words. For more enterprise favorites, check out the full Fave Raves collection.
SD-WAN
Software-defined WAN promises a simplified, cost-effective way to simplify branch office connectivity, improve application performance, and better manage WAN expenses. While most enterprises today are only in the very early stages of piloting or implementing SD-WAN, Gartner predicts that by the end of 2019, 30% of enterprises will have deployed SD-WAN technology in their branches, up from less than 1% a year ago.
Among the early adopters is Triton Management Services, a retail service provider based in Carlsbad, Calif., that operates Two Jinn Insurance and Aladdin Bail Bonds.
“We have just a handful of IT personnel responsible for supporting more than 60 retail offices with different business and homegrown applications supported by a fractured hub-and-spoke network system made up of MPLS/T1 and DSL broadband connectivity,” says Carsel Bester, network administrator at Triton Management Services.
The company turned to VeloCloud for its SD-WAN offering, a cloud-based system for configuring and optimizing branch office networks that use a variety of transport connections.
Bester, along with Dave Edwards, director of IT at Triton, shared their reasons for naming VeloCloud a personal favorite: “We like VeloCloud because of its subscription-based pricing, the performance and network monitoring it gives us, and the fact that it provides a hybrid WAN solution that utilizes our two MPLS private links, AT&T U-verse with cable, or any of our broadband DSL links.”
Performance monitoring across disparate WAN links was a challenge for Triton before implementing VeloCloud’s technology. But “with VeloCloud, we went from near-zero to near-100% network visibility, giving our IT team 24/7 monitoring and troubleshooting across all 60+ stores, without our staff needing to be on premise,” Bester says.
VeloCloud’s SD-WAN also significantly mitigated Triton’s latency issues and allowed the company to retire some of its network hardware. “One VeloCloud box replaced a Cisco 5510 ASA, a Netgear router and other multiple boxes,” Bester says.
Network configuration manager
Triton isn’t the only enterprise that shared an indispensable network technology as part of Network World’s annual Fave Raves project. At Boise Cascade, Matthew Henderson depends on SolarWinds Network Configuration Manager.
“SolarWinds’ Network Configuration Manager makes backing up configurations from hundreds of our network devices a snap; allows us to easily search through all our device configurations for a search string we are looking for; and makes pushing bulk changes out to devices very simple,” says Henderson, network engineer at the building materials manufacturer.
In the past, if a device was corrupted, the network team would be forced to rebuild a configuration from scratch or hope someone had saved it to their laptop, Henderson says. “Now we have a central location for all configurations, both historical and current, and rebuilding a router or firewall takes only a couple minutes. We also can compare historical to current configs to determine if a configuration change caused a problem, something we were unable to do previously.”
Operational intelligence platform
For Larry Shatzer, operational intelligence engineer at Myriad Genetics, his tool of choice is Splunk Enterprise operational intelligence platform.
“I no longer have to write complicated Perl/Python/shell/grep commands to parse log files to pull out information from them. Being able to apply ‘schema at search time’ has been helpful in unlocking business value from log files that are collected from in-house-built apps, vendor log files, a relational database, sensor data for IoT-type things, or anywhere really,” Shatzer says. “We have used Splunk a lot to help find improvements in our lab process, find faulty machines, and replace parts to avoid costly rework.”
Network monitoring and management
At Pittsburgh Technical College, Philip Grabowski is a fan of Paessler’s PRTG network monitoring software.
“Within minutes you can begin monitoring your network and get a visual on the topology. Immediately you can start researching problems on your network and fix them,” says Grabowski, who is an IT, network, and security forensic instructor at Pittsburgh Technical College.
“I use PRTG in a botnet lab to show students an attack from a Low Orbit Ion Cannon (LOIC), which creates a denial of service on the domain controller. We are also monitoring traffic in the botnet lab to detect if client machines are downloading torrents,” Grabowski says. “Students get hands-on experience using the product in the classroom without fear of harming a production environment. This provides confidence in the product in the field.”
At the Council Rock School District (CRSD) in southeastern Pennsylvania, a range of network management and security tools from Infoblox have won over the district’s IT department.
CRSD initially tapped Infoblox’s DNS, DHCP and IP address management tools and NetMRI network configuration and change management product as part of an effort to replace outdated Microsoft DHCP servers and better manage the districts’ switches, says Matthew Frederickson, director of IT at CRSD.
“We found the centralized visibility and management so impressive that we decided to bring in Infoblox DNS Firewall to secure our DNS servers,” Frederickson says. “The result is a network that allows us to take full advantage of our fiber connection without worrying about day-to-day configuration or security issues.”
Before deploying the Infoblox gear, managing and securing the school district’s resources—including more than 5,000 devices connected to the network—was a complex task, Frederickson says.
“With the Infoblox solutions in place, we’ve not only prevented security compromises, such as curious students attempting an internal denial-of-service attack, but also enabled our IT department to identify ongoing issues, such as a machine infected with a botnet, which was resolved in five minutes of work,” Frederickson says. “Without Infoblox DNS Firewall, it would have taken three weeks of troubleshooting to solve the problem.”
Visibility and control are also greatly improved. “We can see the current state of all network switches at a glance, and the centralized DHCP control with role-based access gives technicians insight into current conditions without the possibility of accidental configuration changes,” Frederickson says.
For Mark Kaplan, Dynatrace Ruxit stands out as a favorite network monitoring solution. “It has helped simplify our monitoring and alert systems into one, all-inclusive package that provides full visibility into our environment,” says Kaplan, director of IT at national bar review provider Barbri. Benefits include “less downtime, less time identifying and resolving issues.”
Network protocol analyzer
Meanwhile, Stan Leszczynski, network practice lead at nfrastructure, touted the benefits of Wireshark network protocol analyzer.
“Wireshark is an excellent tool that enables deep analysis and packet inspection to help network engineers quickly monitor, diagnose, and fix most networking issues. It’s also a great tool to learn about how computer networks operate at a low level, and how different vendors implement the same protocols,” Leszczynski says. “It’s always the first tool I install on my laptop, and I often recommend its use to customers and fellow engineers. It has a great user community, with many people willing to help you learn and use the tool. Best of all, it’s free!”
Leszczynski relied on Wireshark recently to help a client whose users were having issues with poor voice quality. “We utilized Wireshark to first baseline the traffic, and then track down the errors. We found significant backup traffic was causing congestion on some of the uplinks between switches. We also found that the phone system was not properly tagging packets with the appropriate Quality of Service (QoS) values,” Leszczynski says. “Once we made the changes, we again utilized Wireshark to validate the right QoS tags were present, and that the voice quality issues were now resolved.”
For more IT pro favorites, check out the entire Fave Raves collection.