Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service
Outline Sample Network Topology Network Monitoring Tools ◦ Cacti ◦ WhatsUpGold ◦ NetFlow Comparisons among NMS tools
Sample Topology for Monitoring
Traffic Flow
Cacti: Graphical Monitoring Solution Cacti is a complete open source network graphing solution based on RRDTool's data storage and graphing functionality. Cacti uses template for creating customizable graph based on defined data source Frontend of Cacti is PHP driven and use MySQL as database
Cacti Features Performance Monitoring Device Health Monitoring Robust Interface Graph Trend Analysis Capacity Planning Long Term Data Storage Template Based Graph Generation
Monitoring CPU Utilization CPU Core-Router CPU Core-Firewall CPU Border-Router
CPU Utilization Trend Daily Usage Weekly Average Monthly Average
Internet Utilization Trend Daily Usage Weekly Usage
WhatsUpGold Network Performance Monitor IPSWITCH WhatsUpGold is a powerful network monitoring software that quickly detects, diagnoses and resolves network performance problems & outages.
WhatsUpGold NPM Feature Network Availability & Performance Monitoring Intelligent Network Alerting based on Statistical Network Thresholds & Baselines Hardware Health Monitoring Dynamic and Customizable Network Mapping Network Capacity Planning Automated Web-based Network Device Discovery
Top Interface Utilization
Top Nodes Response Time
Top Nodes CPU Load
Top Nodes Memory Utilization
Network Traffic Analysis using NetFlow Analyzer
NetFlow Features Reports on Network Bandwidth usage Traffic Applications, Conversations, Port, Protocol User monitoring Application monitoring Network planning and trend analysis Traffic engineering Accounting and billing Security monitoring and network forensic
NetFlow in the Network
Traffic Analysis
What is an IP Flow? Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. Traditionally, an IP Flow is based on a set of 7 IP packet attributes. IP Packet attributes used by NetFlow: IP source address IP destination address Source port Destination port Layer 3 protocol type Class of Service Router or switch interface
NetFlow Analyzer Report
NetFlow Report: Top Application
NetFlow Report: Top Source
NetFlow Report: Top Destination
NetFlow Report: Top Conversation
Common NMS Feature and Functionality Performance Monitoring Fault Management Security Monitoring Network Mapping Trend Analysis Capacity Planning Configuration Management Change Management Accounting Management Alert / Notification Syslog/ Trap
NMS Comparison NMS Business Size Deployment User Interface Feature/ Service Licensing Inter operability Platform Data Storage Price Cacti Mid-Large Enterprise Client- Server Graphical UI Performance Trend Analysis Capacity Planning Open Source (GPL) Yes - Plugin Linux Unix Windows RRDTool MySQL Free WhatsUp Gold Mid-Large Enterprise Client- Server Graphical UI Console Performance Trend Analysis Capacity Planning Topology Map Dashboard Alert, Syslog/Trap Commercial Yes, with native Packages WindowsMS SQL Medium Price NetFlow Analyzer Mid-Large Enterprise Client- Server Graphical UI Traffic Analysis Capacity Planning Dashboard Network Forensic Alert Commercial Yes, with native Packages Windows Linux MS SQL MySQL Medium Price
Q & A