[c-nsp] Network Monitor / Mgmnt App

[Michael Markstaller]

I have to comment on this ;) I implemented & maintained Ciscoworks for a customer some years and evaluated it for internal use really detailed, therfore I have to take a vote for OSS software here.
As other said, also my opinion: CiscoWorks is a bunch of lousy sticked together, typical java-crap - really big crap.
In case you need something "running" not delivering screens in minutes using below 2gig RAM on client & server go for something else.. really.
Also, Ciscoworks has no (usable) monitoring/alerting at all and consider taking a day off for installation when you buy a new router model. not kidding..

Although you mgmnt won't like it, if you've got some time to spend on setting up & customizing this thing (which is needed anyhow, regardless which product you use) go for OSS.
There's one drawback: for all of this you need to get in touch with SNMP, perl and some other things, buit there's nothing you can't google out or being answered on very responsive mailing lists - faster than most vendors..

I've sticked together quite some things monitoring & managing some hundred hosts and several thousand! services, interfaces, mem, cpu, etc.pp., I'll list as a starting point:
- nagios with *many* plugins for monitoring and alerting: flexible and performant, I even check wether the printer is out-of paper every 5 minutes, sending customers for their systems alerts to their cellphones (smstools) etc.
- mrtg (with some custom templates and scripts) for history & logging, graphing mem,interface,diskuse,buffermisses etc. and volume-based billing
- smokeping for RTT-stats (like IPM but working) using directly and using SAA/RTR (now "ip sla monitor") for checking site-tosite remotely, webserver responsetimes etc.
- rancid for automated config archiving & diffing
- ipplan for IP address management
- fwlogwatch for log-analysis
- cipaf for IP accounting reports (ok, this one is lousy)
- request-tracker3 for troubleticketing (although out of scope you need, I love it)
- as I already got OT, running freeradius for all AAA-purposes replacing ACS
- all with MIBs for sure, simply by copying them together

All of the above is running very smooth on a single dual P3-866, 1GB under Debian sarge and to most things my customers have direct access via web.
Besides that using Kiwi Syslog & Cattools on Windows for special purposes like bulk-config, debugging etc.

We even have customers for which we're monitoring their servers & switches (through VPN)..

BTW: Being MCSE, I've basically started running linux here mainly for the monitoring as the tools were simply ages better than anything I've seen before and flexible enough to satisfy any future need.

> -----Original Message-----
> I have been
> pushing for CiscoWorks from based on what I read but my boss 
> has come down
> against it saying he has heard of it resetting routers.... 

now, the routers are resetting due to faulty snmp implementation, that's another thing.. 
take care when doing snmpwalks, especially when running ipsec. 
take care with setting up any monitoring app - the advantage of an commandline snmp-walk, you know instantly what you OID you shouldn't walk again in this IOS :)


regards

Michael Markstaller

Elaborated Networks GmbH 
www.elabnet.de 
Lise-Meitner-Str. 1, D-85662 Hohenbrunn, Germany 
fon: +49-8102-8951-60, fax: +49-8102-8951-80