Blind Networking

Currently, my network is missing some type of monitoring software(s). I feel like I am blind to the happenings on my network. I am in the reactive mode instead of the proactive.

Could someone share how you monitor your network? Here are the types of equiptment I have: ASA Firewall, Cisco switches, XP Workstations, HP printers, Windows 2003 Server, IIS 6.0, Exchange...

I was looking into enabling Layer 4 accounting software (NetFlow) on the Cisco switches. Has anyone done this? What type of information does it give? Which program are you using to collect the data?

Do most people use SMNP?

Please share your thoughts and ideas. Thanks!

You didn't state if you want to use open source or commercial software. That makes a big difference. And i'm not 100% sure exactly what you want it for... But...

On my home lab i'm working with www.zenoss.com/ . Not that I need it, but I think the experience is going to be beneficial. It is a pure monitoring tool, not really for analysis.

You might want to look at cacti.net/ if you want something more analytical. I only puttered around with it, but it looks like something really useful in a full network env. My lab doesn't have much traffic for it to look at.

Thanks for the reply. Well, of course if I can get the software open source (free) - that would be best.

I am not sure what I want either. I guess the first question that I should have asked is: What do people monitor on their network?

I would look at Solarwinds, its not free but its very simple to install and setup and monitors almost anything, there are a lot of preconfigured MIBS for a lot of the equipment you have highlighted. You can also get plugins to monitor applications running on servers (but not really looked into that because we are going with Microsoft System Centre for all that).

www.solarwinds.com

Cheers

Wayne

Sounds good Smurf. I will look into this.

Does anyone use any open source software?

As mentioned SNMP is the way to go as you can monitor all your devices fairly simply. You've had some good suggestions already as to software. If you want open source stuff then MRTG might be worth a look. It will let you trend and graph the traffic levels on interfaces. I'd go for the obvious ones such as the switch ports serving key servers, your internet router and also any uplink ports to the backbone on your edge switches. Whatever software you use, this is the kind of starting point to be thinking about