No More Headaches in Network Monitoring

No More Headaches in Network Monitoring


Keeping track of what's happening in the network is essential to network security, regulatory compliance, and day-to-day operations, but it's not an easy task. The newest release of ipMonitor from SolarWinds simplifies a lot of the work and offers powerful tools that collect more useful data. The bigger the network, the harder it gets to detect unknown and unauthorized devices. Complex networks mean a wide array of information and alerts to sift through. Version 9.0 brings together several kinds of monitoring tools into one powerful application and behind a single dashboard interface. A real-time network monitoring application, ipMonitor notices performance problems, checks for connectivity issues, and finds previously undiscovered devices. And that is just the tip of the iceberg.

As a management tool, ipMonitor recognizes network devices, applications, databases, and servers. Its list of supported products is pretty long and includes the usual suspects, such as Windows servers,Microsoft Exchange, Microsoft SQL Server, Oracle database servers, Dell and HP physical servers, and Cisco routers. It monitors a variety of protocols, including HTTP, secure HTTP, POP3, IMAP4, SMTP, and ICMP/ping, to name a handful. During testing, ipMonitor detected devices such as switches from Foundry Networks, power systems fromAPC, and the NetBotz 420 data center monitoring appliance.

For this review, ipMonitor 9.0 was deployed to monitor three different networks. The first test environment was a hybrid, with a mixture of assorted network devices, Linux servers, Windows workstations, and Mac OS desktops. The second test consisted of four Linux desktops. The third environment was the largest in the test, with over 40 machines, various power and switching equipment, assorted storage devices, and data center monitoring devices. Regardless of the network's size and complexity, ipMonitor was easy to configure and the information easy to read.

SolarWinds packed in a series of wizards to simplify a lot of the monitoring tasks. After installation, a first-run wizard collects basic configuration settings for the application. The Configuration Program assigns a LocalSystem account under which all ipMonitor services will run, assigns HTTP and HTTPS ports (8080 and 443, respectively) to the ipMonitor Web server, and creates an administrator account to access the application. By default, ipMonitor listens to all IP addresses on both ports, but this can be modified to add more ports or to limit. A combination of IP address and port number can also be entered for the SNMP Trap Listener.

Default monitors, such as drive space utilization (for all locally attached drives), CPU utilization, and memory usage, are created automatically at this point. The monitoring software is installed on one machine, but the dashboard application is browser-based. On first login, another wizard launches to discover all networked devices. If only a handful of devices will be monitored, then they can be entered manually, bypassing the wizard entirely.

There are several device discovery methods -- IP range, Network Neighborhood, DNS Zone, importing the Hosts file, or manually entering devices. The third network was scanned by defining different subnets. The IP scan can run repeatedly, adding newly discovered devices to the list of previously detected devices, generating a comprehensive list of devices regardless of their IP address. In fact, multiple methods can be run repeatedly in order to generate a comprehensive network map.

Results are grouped by IP address or domain name. After the scan, it performs an analysis check to find out what specific monitors should be created for each device, such as ping, IMAP, DNS, VMware bandwidth, services for anti-virus applications, looking at the graphics (NVIDIA) controller, and FTP. Monitors can be added manually, but the initial suggested list is helpful in figuring out what's needed to maintain proper network monitoring coverage. The User Experience monitor is handy and unique to ipMonitor, mimicking user behavior by making requests to the device and checking the response to verify everything is working properly. These synthetic transactions are available for database (making a SQL query), DNS, FTP, HTTP, IMAP4, MAPI, and even following web site links.

Another thing that makes ipMonitor different from all other solutions out there is the lack of external agent applications. "Credentials" -- username and password -- can be defined for devices on the network that require login information. Agent-based applications generally have external programs running on each device to be monitored, and send the collected data back to the main console. Using credentials, ipMonitor can remotely access these same devices and collect the same devices, without relying on a separate application.

SMS, e-mail, or numeric pager alerts can be created once the monitors have been selected for each device. Alerts can also be logged, such as in the Windows Application Event Log, in separate text files, custom alerts to a help-desk system, or SNMP messages to other management tools.

Once the network has been scanned and monitors selected for each device, the Admin dashboard becomes a mine of valuable information. The ipMonitor Dashboard provides an overall view of the network, status information on individual monitors and groups, and reports on devices and monitors. The dashboard for the Test Center network had several objects, giving an overview of network contents, devices with monitors that were down, summary counts for devices, devices and monitors grouped by properties, and the map editor. There were also three top 10 views -- devices by CPU utilization, devices by ping response time, and devices by disk utilization.

It's easy to customize the dashboard. Any dashboard widget can be dragged and dropped in a new location, and new widgets can be added to the layout using the "Add Web Resource" menu option.

There is a map editor that presents a network map of all the detected devices, providing a graphical representation of how they are connected. The map components can be organized in logical as well as physical groups.

The device manager displays attributes for all devices, monitors, and groups. There is a map view to look at the devices from a topographical display. From here, SmartGroups can be created to create logical groups based on monitors to manage devices. Monitors from a variety of group can be organized into a single SmartGroup, such as putting the CPU utilization monitors from all the machines into one group, in order to get a view of all the UPU usage on the network without getting distracted by information from other monitors. All the devices are also presented in NOC (Network Operations Center) view format.

There are some troubleshooting and corrective actions built into ipMonitor. The monitoring tool can remotely restart a Windows service or list of services, reboot a Windows machine, or run an executable script to restart failed applications, perform diagnostic scans, or backup files.

There are prebuilt reports, such as interface traffic, ping response time, and system status. The reports have a zoom feature that can be used to change the start time and length of the report. A wizard helps create custom reports.

Pricing for ipMonitor depends on the number of monitoring resources required, starting at $1,495 for 100 monitors. The number of monitors to be deployed also changes the minimum system requirements for the application. For smaller networks with 100 to 500 monitors, any single-core machine with at least 512 MBytes of memory and 240 MBytes of disk space can run the ipMonitor application. Networks requiring 501 to 5000 monitors will need at least one GByte of memory and 2.4 GByte disk space on a dual-core system to get the ipMonitor up and running.