Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Network Monitor and Managemnet tool advice

  • 07-11-2006 08:15AM
    #1
    Closed Accounts Posts: 24


    Could you kindly advise what is the best (or one of the best) management tool for an organization ( platform (servers) are hp, OSs are windows, and infrastructure are cisco devices ) for monitoring network and look at security vulnerabilities ? What I meant to say such a tool that does these two functions together. I am trying to use this one at work

    Thanks


Comments

  • Registered Users, Registered Users 2 Posts: 6,946 ✭✭✭SouperComputer


    you could do worse than backtrack for the security aspect of things.

    For network monitoring, there's nagios

    Frankly though if you have to ask the question and havent heard of these, it would be best to get in a security expert too look at things. By all means teach yourself as much as you can though.


  • Closed Accounts Posts: 24 zillah2004


    you could do worse than backtrack for the security aspect of things. For network monitoring, there's nagios
    I am looking to use it at work which windows paltform. backtrack is platform independent, because it runs from CD, and nagios is Linux platform.

    Regards


  • Registered Users, Registered Users 2 Posts: 2,195 ✭✭✭ondafly


    cisco network monitor - solarwinds.


  • Closed Accounts Posts: 24 zillah2004


    cisco network monitor - solarwinds.
    Does that mean i can not use specific monitor tool to monitor both servers and cisco devices ? because my interpretation (correct me if I am wrong please) to what you are saying that I have to use solarwindws for cisco devices, and I have to use something else for hp servers


  • Registered Users, Registered Users 2 Posts: 2,195 ✭✭✭ondafly


    You want to see what patches etc are missing on a machine. Use Nessus

    You want to see how your cisco devices are. Use Solarwinds

    You want to monitor your Windows Events. Use Snare

    You want to do all of the above in one tool - Use Compuware


  • Advertisement
  • Closed Accounts Posts: 132 ✭✭parliament


    GFI languard is a windows app that scans servers/pc's on you network for security vulnerabilities, it is also a patch management tool so if any vulnerabilities are found they can be automatically updated.Not to sure if it will work with any net devices though


  • Registered Users, Registered Users 2 Posts: 2,195 ✭✭✭ondafly


    parliament wrote:
    GFI languard

    Windows only app. A bit slugish at times too. Nessus is the best, and its free.


  • Closed Accounts Posts: 132 ✭✭parliament


    I said it was a windows app...best is a matter of opinion, what works in one set up does not necessarily work well in another


  • Registered Users, Registered Users 2 Posts: 3,105 ✭✭✭Static M.e.


    Nagios is a great tool once you get it configured even though its open source I would hire someone to come in and set it up for you. I've played around with it for a while now but I still ran into buckets loads of issues mostly due to the fact that I was learning linux as I went along.

    HP uses Openview or Network Node Manager, we also have this in place. Its very expensive to begin with and the support you get is useless at best. Its also very hard to configure and personally I found it difficult.

    I would go with Nagios and get someone to come and set it up for you.


  • Closed Accounts Posts: 132 ✭✭parliament


    Yip Nagios is impressive and has pretty helpful user forums as well, if you do want to try set up yourself


  • Advertisement
  • Closed Accounts Posts: 24 zillah2004


    Thanks guys for the feedbacks.
    But since I have got window paltforms (there isn't Linux nor Unix), I can not use Nagios,,,Am I right ?
    You want to do all of the above in one tool - Use Compuware
    Ok, I see. How is the support that you might need it from them (if you are aware) ?

    Regards


  • Registered Users, Registered Users 2 Posts: 1,411 ✭✭✭Dr4gul4


    zillah2004 wrote:
    Thanks guys for the feedbacks.
    But since I have got window paltforms (there isn't Linux nor Unix), I can not use Nagios,,,Am I right ?


    Ok, I see. How is the support that you might need it from them (if you are aware) ?

    Regards


    nagios is nix dependant yes, however why not setup a box with debian and install nagios on this ?

    It's not really that hard, and worse case you could just use a desktop to run it from.

    It has to be said it's one of the Best Freeware tools for monitoring,


  • Closed Accounts Posts: 24 zillah2004


    It's not really that hard, and worse case you could just use a desktop to run it from.
    It has to be said it's one of the Best Freeware tools for monitoring,
    It is good idea what about security vulnerabilities , does it handle it as well ?

    Thanks


  • Registered Users, Registered Users 2 Posts: 1,411 ✭✭✭Dr4gul4


    zillah2004 wrote:
    It is good idea what about security vulnerabilities , does it handle it as well ?

    Thanks


    Fraid not but BackTrack contains Nessus it's live CD, Free also.

    Tbh, if ure smart, u'll use the free stuff, Companies/It Managers like nothing better than when there employee's save the company money by implamenting free software that Does an amazing job.

    You will have to spend some time reading up on nagios a bit, and nessus, backtrack has a GUI interface so it should not be incredibly hard to use, but u will want to research it ok.


    As for security, the best cure is prevention, Maybe u should look into SMS updates on all machines, and scheduled Patch install on you're servers, if you're running 95/98/2000 machines Draw up a business case to have then upgraded, Windows Nt4 Server is no longer supported therefore there are no patches for it.


    Where do u work ? it sound like u need to get sum 1 in to help out who has done thing b4, dont take this the wrong way but u have a lot of work ahead of u.


  • Closed Accounts Posts: 24 zillah2004


    dont take this the wrong way but u have a lot of work ahead of u.
    Really, I have got alot of work ahead to do.


  • Closed Accounts Posts: 884 ✭✭✭NutJob


    For management of Nessus http://inprotect.sourceforge.net// (new ish)

    Then uses Nagios for the rest


  • Registered Users, Registered Users 2 Posts: 4,218 ✭✭✭_CreeD_


    If it's any use to you, with pretty much no budget to get some integrated monitoring tools this is what I've used so far:

    Windows:
    Performance monitor from my PC running Sysmonitors for each of the servers for the usual resources (CPU,RAM,HDD,Network/Server).
    Security is just handled by regular patching (yes this needs work, we're going to use WSUS soon and I'm thinking of putting an ASA 5505 before the Server switch in transparent mode).

    Cisco:
    PIX - PDM and Syslog (Kiwi free Syslog server). This is a pretty comprehensive and versatile mix.
    Routers - Syslog, and then manual Debug for anything serious. Doesn't really allow for easy resource analysis though.

    You can use a variety of SNMP based tools but the protocol does have vulnerabilities depending on the version.


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 96,138 Mod ✭✭✭✭Capt'n Midnight


    3com transcend supervisor, if you use their net gear, the free one up to 1500 device if other brand then not too much info, but can do clickable map link to http / telnet to manage

    if only windows platform then mbsa and msia are a good beginning


  • Registered Users, Registered Users 2 Posts: 786 ✭✭✭voodoo


    Depending on the size of your network and the reasons for actually doing this, you could look at an appliance based vulnerability management solution like McAfee Foundstone - http://www.mcafee.com/uk/enterprise/products/vulnerability_management/foundstone_appliances.html

    it would be really depending on your network size etc, if you are doing this for compliancy, how granular you are looking to get, whether you also want to include remediation against these vulnerabilities etc...


Advertisement