Sponsored by:

From Network World Fusion:

This story appeared on Network World Fusion at
http://www.nwfusion.com/news/2003/0331specialfocus.html

The price is right for these management tools

By Denise Dubie
Network World, 03/31/03

Smaller IT budgets don't necessarily translate into fewer projects or less work for network executives and managers. The opposite is often true, as network staffs are forced to work around not having the latest commercial tools.

One way network staffs are coping is by using freeware, available on the Internet or from commercial product vendors willing to give away software in hopes of enticing customers to buy products later. We informally polled readers to get their recommendations, listed here in no particular order.

Aida32

Aida32 should be in every network administrator's toolbox. Or so says Herb Read, network technician at International Solutions, an insurance industry investor and consultant in St. Petersburg, Fla.

"Aida32 provides direct and rapid access to a server's Event Viewer, User Manager, live lists of [Dynamic Link Libraries], open files, services in use and other hidden tools that even the operating system does not provide," Read says. "It's the greatest administration tool to maintain desktops and servers."

Developed, upgraded and maintained by Unlimited Possibilities in Budapest, Hungary, Aida32 works specifically on Win32 platforms and can be used to perform diagnostics and benchmarking. The software extracts data from servers and PCs, and lets network managers gather statistics on the health and status of machines. Also, Aida32 can be used to perform network audits and remotely access managed devices from any workstation.

Aida32 resides on a server, and network managers can use a built-in Java client or any standard terminal emulator to manage other servers and desktops.

Network Probe

Network Probe is a protocol analyzer designed to provide a real-time view of network traffic. Developed by ObjectPlanet of Oslo, Norway, the application works much like products from companies such as Agilent Technologies or Fluke Networks.

The software can track and isolate traffic problems and congestion on network lines. It monitors conversations between hosts and applications, and shows network managers from and to where the network traffic is traveling.

Java-based server software is installed on a dedicated server and collects network traffic statistics. The client software can run on a Java-enabled Web browser such as Internet Explorer, Netscape, Opera, Mozilla and Safari. Now in Version 0.4, the server software supports Windows NT/2000/XP, Linux, FreeBSD and Solaris operating systems.

"It's pretty cool and quick to learn for a network protocol analyzer," says Eric Zatko, security and telecommunications analyst at a county government agency in Ohio.

Cflowd and flowscan

Jim Kirby, senior network engineer/architect at Wells Dairy in Le Mars, Iowa, says cflowd and flowscan, "two very interesting freebies" from Cooperative Association for Internet Data Analysis, help him collect and monitor NetFlow data from Cisco routers.

Cflowd collects and correlates data from NetFlow, a part of Cisco's IOS that collects and measures data as it enters router or switch interfaces. The data can be used to monitor key applications, including accounting, billing and network planning, for corporate or service provider customers. The current release of cflowd includes collection, storage and basic analysis modules.

Flowscan works with cflowd to report on IP flow data exported by Cisco routers and connected by cflowd. Consisting of Perl scripts and modules, flowscan includes a flow collection engine (cflowd), a high-performance database and a visualization tool. It generates graph images that provide a continuous view of the network border traffic.

Kismet

Kirby also recommends Kismet, a network sniffer with a twist - it can spot unauthorized wireless access points.

Unlike a standard sniffer, Kismet can identify and separate wireless use on the IP network. Kirby also uses a freeware sniffer dubbed Ethereal to watch traffic and decode packets on his Ethernet network.

Kismet works with any 802.11b wireless card that can report raw wireless packets, including wireless cards from Cisco, D-Link Systems and Linksys (which Cisco is acquiring).

Conserver

Kirby also takes advantage of Conserver, freeware that helps network managers monitor servers via their serial ports - which lets them be accessed even if the IP network was down.

Conserver is an application that lets multiple users simultaneously watch a serial console. Connecting via the serial port lets network managers get health and status updates from the machine without relying entirely on the network connection. The software resides on a server and communicates with the serial cards and ports on the server to check availability when IP connections are down. Conserver lets users take write-access of a console (one at a time).

"By putting one of these in every communications closet and applying strong security to the private Ethernet, we have created an excellent out-of-band management network, which keeps us from needing to visit every rack unless we're physically moving equipment," Kirby says.

Conserver logs all serial traffic so network managers can review why something crashed, look at changes (if made on the console), or tie the console logs into a monitoring system.

"We can watch the console output as a router or switch reboots, or restore a device that came up in a bad state, so Conserver is almost necessary for disaster-recovery reasons," Kirby adds.

TightVNC

For those using Virtual Network Computing, TightVNC will come in handy. It is a remote control application derived from and designed to work with VNC, a remote display system that lets network managers view desktop environments from anywhere on the Internet.

Terry Evans, senior network specialist/project manager at Pacific Gas & Electric in San Francisco, says TightVNC eases remote client management via dial-up connections.

"It makes managing Windows systems, as well as Windows systems remotely over dial up, tolerable," Evans says. Features in TightVNC let network managers dial in, check on a system, close VNC and disconnect, and later reconnect to check on the jobs. "You don't kill the jobs when you go in and out of VNC," he says.

SNIPS

Network and system monitoring software System and Network Integrated Polling Software (SNIPS) runs on Unix systems and tracks device availability via monitors that must be configured and pushed out to managed devices.

SNIPS can monitor syslogs, Remote Authentication Dial-In User Service servers, Border Gateway Protocol peers, host performance, and DNS, NTP, TCP or Web ports. New monitors can be added via a C or Perl API.

SNIPS, like an enterprise network management product called NetVigil from start-up Fidelia, has its roots in technology called Nocol that is no longer in development.

Putty

Evans also says his staff uses Putty, an extension of OpenSSH, a free version of the Secure Shell (SSH) protocol suite of network connectivity tools. SSH is commercial software from SSH Communications Security, in Palo Alto, that provides secure logon for Windows and Unix clients and servers. SSH provides an encrypted alternative to Telnet, FTP and other remote logon utilities.

Putty combines SSH, Telnet and Rlogin in one client application for 32-bit Windows systems. SSH, Telnet and Rlogin are three ways of doing the same thing: logging in to a multi-user computer from another computer, over a network.

Evans says he prefers to use OpenSSH via Putty because it uses strong cryptography to protect Windows connections against eavesdropping, hijacking and other attacks.

AdRem Free Remote Console

Michael Brooks, a LAN administrator with King County in the Seattle area, says AdRem Free Remote Console helps him and fellow staff members more easily manage their NetWare environment.

Free for all
Here’s where to find the programs highlighted in this story.
Aida32
Network Probe
Cflowd
Flowscan
Kismet
Conserver
TightVNC
SNIPS

The free program from AdRem Software enables remote operation of NetWare servers across high-traffic WANs. It also provides security features available in commercial AdRem software. The company says the software works with IPX, TCP/IP and will not overload users' Windows networks.

Free Remote Console server software will push client modules to the servers to be managed upon connection with the console server. The software connects with servers using network control program connections. It is compatible with all NetWare versions.

"It's free, provides encrypted password and makes it easy to select a server to manage," Brooks says.

Related Links

Network and systems management research center
The latest news, reviews, how-tos and more.

Net management downloads
Shareware and trial versions

All contents copyright 1995-2002 Network World, Inc. http://www.nwfusion.com