7 Best HP Device Monitoring Tools and Software

HP is by far one of the biggest names in enterprise computing. Since its modest beginnings as a maker of test instruments, the company has built a solid reputation for delivering top quality products at competitive prices. HP manufactures everything from computers to printers, network switches and routers, and servers. And just like any equipment from any other manufacturer, HP equipment should be monitored. This is why we’re reviewing the top HP monitoring tools.

HP Device Monitoring Tools

We’ll start off by exploring the monitoring of HP equipment in general and discuss the various type of monitoring that are typically available. And since network monitoring is one of the most popular types of monitoring, we’ll elaborate on the subject. We’ll then be ready to tackle the core of this post and review seven of the best tools we’ve found for monitoring HP equipment and networks.

Monitoring HP Equipment

Given the typical size of today’s IT environments, manually monitoring each and every HP equipment to ensure that all is running smoothly would require an army or administrators. When I first started as a network administrator, the company where I worked had about half a dozen servers and they were all located right next to me, in the same room where my desk was. It was easy for me and my two colleagues to constantly keep a watchful eye on everything. Whenever something went wrong, it wasn’t long before one of us noticed it. Fast forward some twenty-something years and things are very different. Many organizations have dozens if not hundreds of servers.

But HP does not only make servers. Between their servers, networking equipment, and other devices, keeping an eye on all of these means that administrators tend to have their hands full. This is where monitoring tools can come in handy. They sit in the background and become your eyes on every HP device on your network. And whenever something goes wrong or is out of its normal range of operation, alerting kicks in and sends some type of notification. This allows administrators to concentrate on more useful tasks while ensuring that they’ll be able to quickly react in case of trouble.

How About Network Monitoring?

Network traffic is very similar to road traffic. Just like network circuits can be thought of as highways, data transported on networks are like vehicles travelling on that highway. But as opposed to vehicular traffic where you just have to look to see if and what is wrong, keeping track of what’s happening on a network can be tricky. For starters, everything is happening very fast and data transported on a network is invisible to the naked eye.

Network monitoring tools let you “see” exactly what is happening on your network. With them, you’ll be able to measure each circuit’s utilization, analyze who and what is consuming bandwidth and drill down deep into network “conversations” to verify that everything is operating normally.

SNMP Explained

Most network monitoring tools rely on the Simple Network Management Protocol, or SNMP, to poll devices and get the amount of traffic on all–or some–of their interfaces. Every HP networking device does support SNMP. In fact, SNMP is so entrenched within HP devices that the company used to make a very popular SNMP management tool called HP OpenView. Despite its name, it’s not exactly simple, though, and implementing it can prove to be a daunting task. SNMP-enabled devices make a certain number of parameters–called OIDs–available. Some are modifiable configuration parameters, allowing one to change them while others are read-only counters.

When it comes to bandwidth monitoring, we’re specifically interested in two OIDs. They are called bytes in and bytes out. By reading these values at precisely timed intervals, The number of bytes per unit of time–which is exactly what bandwidth is–can be computed. Most networking devices, like switches and routers, have one such set of OIDs for each of their interfaces.

Typically, a network bandwidth utilization monitoring system will poll each device at 5 minutes intervals. It will then subtract the previous value of the counter from the current one to get the number of bytes transferred in five minutes. It will multiply that number by 8 to get the number of bits. And finally, it will divide it by 300 to get the bandwidth in bits per second.

In addition to the bits in and bits out counters, some bandwidth monitoring system will allow one to monitor other parameters. For instance, there are interface input errors and interface output errors OIDs that can be polled to compute the error rate.

Different Tools Are Available

When monitoring your HP equipment, there are different types of tools that network and system administrators can use. First, they need to monitor that the HP systems and/or devices they manage are up and running but also that they are performing within their normal acceptable range. This is what server monitoring tools are all about. At its most basic level, a good server monitoring tool will verify that your HP servers are up and running and that whatever ports which are supposed to be open actually are. For instance, a web server should be responding to requests on port 80. In addition to testing ports, monitoring systems use the Simple Network Management Protocol, or SNMP to read operational parameters from devices. The CPU load or percentage of available memory could be monitored just as CPU core temperature could. Different devices have different operational parameters available via SNMP. The best tools will let administrators which parameter of each device to monitor.

Another type of tool is the network monitoring tool. This type of tool uses SNMP to connect to HP networking equipment and read their bytes in and out counters to then calculate the average bandwidth utilization and typically plot it on a graph depicting its evolution in time. The technique is used to monitor bandwidth utilization of various parts of a network and is particularly useful for watching low-bandwidth circuits.

About Integrated Monitoring Tools

In order to make administrators’ lives easier, a few vendors offer integrated monitoring tools. These are tools that combine several types of monitoring tools. For instance, it is not rare to see tools that can monitor servers and the applications running on them. Some integrated tools will also monitor network traffic in addition to servers and their applications.

There are several advantages to these integrated tools, the main one being having all your monitoring data at the same place. Other advantages include an easier installation and not having to learn to install, configure, and use multiple tools. There’s also a definite cost advantage as integrated tools are often less expensive than purchasing individual tools.

But as nice as integrated tools are, they do have a few drawbacks too. Generally speaking, integrated tools tend to be poorer in terms of available feature. They can often do everything OK but not necessarily amazingly. They typically don’t go as deep in their monitoring. They can also tend to be somewhat counterproductive in larger organizations where different teams manage different types of equipment and each team would benefit from having its own dashboard.

The Top Tools For Monitoring HP Equipment And Networks

Now that you know all there is to know about monitoring HP equipment. The time has come to have a look at the top tools for that purpose. Our list includes a mix of server monitoring tools, network monitoring tools and integrated tools. While most tools are universal and will monitor equipment from any vendor, some include HP-specific monitoring features.

1. SolarWinds Server And Application Monitor (Free Trial)

The SolarWinds Server and Application Monitor is a great example of a rather complete server monitoring tool. The platform provides in-depth monitoring of your HP servers. It will monitor the server’s hardware, the operating system running on it as well as its applications. It’s an all-inclusive server monitoring platform.

SolarWinds Server and Application Monitor Dashboard

This tool was designed to help administrators monitor servers, their operational parameters, their processes, and the applications which are running on them. It can easily scale from very small networks to large ones with hundreds of servers—both physical and virtual—spread over multiple sites. The tool can also monitor cloud-hosted services like those from Amazon Web Services and Microsoft Azure.

The SolarWinds Server and Application Monitor is very easy to set up and its initial configuration is just as easily done with the help of its auto-discovery process. It is a two-pass process. The first pass will discover servers, and the second one will find applications. This can take time but can be sped up by supplying the tool with a list of specific applications to look for. Once the tool is up and running, the user-friendly GUI makes using it a breeze. You can choose to display information in either a table or a graphic format.

Prices for the SolarWinds Server and Application Monitor start at $2 995 and vary based on the number of components, nodes, and volumes monitored. A free 30-day trial version is available for download, should you want to try the product before purchasing it.

2. SolarWinds Network Performance Monitor (Free Trial)

Our next entry is another tool from SolarWinds, the Network Performance Monitor. This is probably SolarWinds’ best-known product. This one specializes in network monitoring. It will connect to your HP networking devices using SNMP and pull their metrics as well as usage data from their interfaces. The product shares the same Orion platform as the Server and Application Monitor we just reviewed, and they integrate seamlessly to provide a single solution for all your monitoring needs.

SolarWinds NPM - Network Summary

The SolarWinds Network Performance Monitor is a feature-rich professional SNMP monitoring system. It boasts an easy to use web-based dashboard, it is easy to set up and configure and, more importantly, it does a great job. The tool has customizable alerting features that can notify you whenever specific metrics exceed a predefined value.

An interesting advanced feature of this tool is how it can build intelligent maps of your network. It will also show you the critical path between any two points, allowing you to quickly troubleshoot issues. There’s also wireless network monitoring and management built right into the software. This software truly has too many features to be able to mention them all here. You might want to take advantage of the 30-day free trial and see for yourself what this great tool can do for you.

Prices for the It is not an integrated monitoring tool, though. starts at $2 955 and varies according to the number of monitored devices. It is highly scalable and upgrading its capacity in order to add more monitored devices is a simple matter of upgrading the license.

3. SolarWinds ipMonitor (Free Trial)

For smaller organizations that might have a hard time justifying the investment into two different platforms such as those we’ve just reviewed, SolarWinds offers a smaller integrated monitoring solution that goes by the name of ipMonitor. It is a relatively simple integrated tool that offers basic up/down and performance monitoring of HP networks, HP servers, and their applications. It is, of course, not limited to monitoring HP equipment and it uses industry-standard protocols and technologies, making it compatible with most devices.

SolarWinds ipMonitor - Dashboard

The SolarWinds ipMonitor will quickly discover infrastructure and will recommend SmartMonitor settings which are designed to make setup simpler and faster. It also provides an easy-to-use web interface and network maps for clear, at-a-glance views of your environment. The tool can send customizable alerts and reports to help ensure you are the first to know about issues or application failures. In addition to alerts, it also has automated remediation capabilities to minimize downtime.

On the application monitoring front, the system can simulate the end-user experience for web and other applications and it uses standard protocols such as SNMP and WMI for agentless, monitoring of applications and systems. The system includes its own embedded web server and database and it is designed for a simple, integrated installation experience without the need for installing separate components.

The SolarWinds ipMonitor’s web-based interface offers centralized and customizable summary views. It helps provide visibility into the health of your IT infrastructure. The tool supports drag and drop, and is designed to make it easy to add and remove elements from the view and help ensure you have the reports, statistics, and gauges you need—right at your fingertips. Furthermore, its dashboards make it easy to identify problem areas at a glance, letting you resolve issues quickly.

Prices for the SolarWinds ipMonitor start at $1 495 for up to 500 monitors. This one-time cost includes the first year of maintenance. For those who’d prefer to try the tool before purchasing it, a free 14-day trial is available.

4. Zenoss Core

Zenoss Core might not be as well-known as some other monitoring tools on this list but it truly deserves its spot mainly because of its dedicated HP monitoring features. The tool can monitor many things such as bandwidth utilization, traffic flows, or services like HTTP and FTP. It has a clean and simple user interface and its alerting system is excellent. One thing we particularly loved about it its rather unique multiple alerting systems. It allows a second person to be alerted if the first one does not respond within a predefined delay.

Zenoss Core Screenshot

When it comes to monitoring HP equipment, Zenoss Core has several plugins dedicated to monitoring HP devices. There is, for instance, the HP Monitor ZenPack. which collects SNMP data from HP devices. The data it fetches from your HP equipment includes hardware model, hardware serial number, operating system, and CPU information. Also available is the HP Proliant ZenPack. This one is specifically designed for monitoring HP Proliant servers. And there are also other ZenPacks designed for HP devices including the HP-UX Monitoring ZenPack, the HP Temperature Sensors Monitoring ZenPack, the HP Printer Trap Transforms ZenPack and more. Virtually every element of HP infrastructure you can think of is supported by Zenoss Core.

Not all is perfect though. Zenoss Core is one of the most complicated monitoring systems to install and set up. Installation is an entirely command-line driven process. Today’s network administrators are used to GUI installers, configuration wizards and auto-discovery engines. This could make the product’s installation seem a bit archaic. However, there is ample documentation available and the end result makes it worth the installation efforts.

5. PRTG Network Monitor

The PRTG Network Monitor, from Germany-based Paessler AG, is a Windows tool that is ideal for monitoring HP equipment. It is one of the easiest and fastest tools to set up and Paessler claims you could be up and running within minutes. It is true that setting up the product is impressively fast, thanks in part to its auto-discovery feature which scans your network and automatically adds the components it finds.

The user interface (or rather interfaces) is another one of the software’s strong suits. You can choose between a native Windows console, an Ajax-based web interface, or mobile apps for Android, iOS, and Windows Phone. One of the unique mobile apps features will let you scan a QR code label affixed to your equipment to quickly view its status.

PRTG Dashboard - Datacenter Monitoring

PRTG can monitor almost anything—not just HP equipment— thanks to its innovative sensor architecture. You can think of sensors are add-ons to the product. However, the sensors are already built into the product. Customized sensors can be used to monitor the critical metrics of your HP servers. Additional sensors are available to monitor the services that are running on the servers. Monitoring data is sent via a secure connection to prevent sensitive information from being compromised during the sending of monitoring data.

The PRTG Network Monitor’s pricing is based on the number of sensors you’re using where a sensor is any parameter or metric you need to monitor. For instance, each HP device interface monitored via SNMP uses up one sensor. Similarly, each HP server uses a sensor. The product is available in a full-featured free version which is limited to monitoring 100 sensors. For more sensors, paid licenses are required. Their price varies according to sensor capacity starting at $1 600 for 500 sensors. A free, sensor-unlimited 30-day trial is available for download.

6. ManageEngine OpManager

The ManageEngine OpManager is another all-in-one package that will monitor your HP servers’ (physical and virtual) vital signs as well as those of your HP networking equipment and alerts you as soon as something is out of its normal operating range. But since this tool is using industry-standard protocols, it will monitor equipment from other vendors just as well. It benefits from an intuitive user interface that will let you easily find the information you need. There is also an excellent reporting engine that comes loaded with pre-built reports while still supporting custom ones. The product’s alerting features are also very complete.

ManageEngine OpManager Dashboard

The tool runs on either Windows or Linux and is loaded with great features. One worth mentioning is its auto-discovery feature that can map your network, giving you a uniquely customized dashboard. The ManageEngine OpManager dashboard is super easy to use and navigate, thanks to its drill-down functionality. For those of you who are into mobile apps, client apps for tablets and smartphones are available, allowing you to access the tool from anywhere.

The ManageEngine OpManager is available in two versions. The Essential edition is intended for small and medium organizations with up to a thousand devices with prices starting at around $700 for 25 devices. For larger organizations, the Enterprise edition can scale up to ten thousand devices. Its price starts at under $20 000 for 500 devices. If you are interested in giving the tool a try, a free 30-day trial is also available.

7. Zabbix

Zabbix is known as one of the best free and open-source system monitoring platforms. This enterprise-grade system can scale from small to very big networks. It can monitor networks based on HP and other equipment as well as HP servers and the services running on them. That makes it a true integrated monitoring platform. Don’t let the fact that it’s free and open-source put you off, though. It would be a mistake as this tool has a lot to offer.

Zabbix Dashboard Screenshot

Zabbix uses SNMP as well as the Intelligent Platform Monitoring Interface (IMPI) for monitoring devices. You can use the software to monitor bandwidth, device CPU and memory utilization, general device health as well as configuration changes. The product also features an impressive and completely customizable alerting system. It will not only send email or SMS alerts but also run local scripts which could be used to fix some issues automatically.

Although Zabbix is free, extra services can be purchased. For instance, you can purchase support services. Five levels of technical support are available. There is also a complete certification training program that can be purchased. This is totally optional, though, as community support is available for free and it is very good. Finally, Zabbix’s alerting features are up to par with other products on our list and so is its reporting engine.

Zabbix has all you can expect in an enterprise-grade integrated monitoring tool except the high price tag. And the only thing you’ll need to spend to put it through a test run is your time.

Wrapping Up

Monitoring HP equipment and networks is no different from monitoring stuff from any vendor. As such, any monitoring tool will monitor HP devices. However, some tools do provide dedicated HP monitoring extensions. Whether these extensions bring any additional value is up for debate and I’ll let you be the judge. Just remember that, in essence, HP devices are just devices and any of the tools we’ve just reviewed—specialized or no—will fit the bill. Picking one will be, more than anything, a matter of personal preference and will largely depend on your specific monitoring needs.

The post 7 Best HP Device Monitoring Tools and Software appeared first on AddictiveTips.

Top Data Breach Detection Tools and Systems for 2020

In today’s world when we hear about cyberattacks on a regular basis, data breach detection is more important than ever. Today, we’re going to be reviewing the top data breach detection systems.

In a few quick words, a data breach is any event where someone manages to gain access to some data that he should not have access to. This is a rather vague definition and, as you’ll soon see, the concept of data breach is multi-faceted and it encompasses several types of attacks. We’ll do our best to cover all the bases.

Data breach detection tools and systems

We’ll start off by going into greater detail on what data breaching really means. After all, it can only help to start on the right foot. Next, we’ll explore the various steps involved in data breaching. Although every attempt is different, most follow a similar pattern that we’ll outline. Knowing these steps will help you better understand how different solutions operate. We’ll also have a look at the various causes of data breaches. As you’ll see, they’re not always the act of organized criminals. Our next order of business will be the actual protection against breaches, and we’ll explore the different phases of the breach detection and prevention process. A short pause will let us explore the use of Security Information and Event Management tools as a mean of detecting data breaches. And finally, we’ll review a few of the best products you can use to detect and prevent data breaches.

Data Breaching In A Nutshell

Although the concept of data breaching varies depending on your industry, the size of your organization, and network architecture, all data breaches share some common traits. A data breach is primarily defined as the unauthorized access to some otherwise private data. The reasons why hackers steal data and what they do with also varies a lot but again, the key here is that the information those hackers access does not belong to them. It is also important to realize that data breaches can include either what is referred to as the exfiltration of information by malicious users or data that was accessed regularly but disseminated without authorization. Obviously, that second type of breach can be much harder to detect as it stems from regular activity.

Although there are different types of data breaches—as we’ll see shortly—they will often follow a set pattern. Knowing the various steps that malicious users take to pull off their data breaches is important as it can only help better analyze your own vulnerabilities and prepare and set up better defenses that can make it much more difficult for cybercriminals to penetrate. It is often said that knowledge is power and it is particularly true in this situation. The more you know about data breaches, the better you can fight them.

Using SIEM Tools as Breach Detection Tools

Security Information and Event Management (SIEM) systems can turn out to be very good at detecting data breaches. While they do not provide any protection, their strength is in detecting suspicious activities. This is why they are very good at detecting data breaches. Each data breach attempt will leave some traces on your network. And the traces that are left behind are precisely what SIEM tools are the best at identifying.

Here’s a quick look at how SIEM tools work. They first collect information from various systems. Concretely, it often takes the form of collecting log data from your networking devices, security equipment—such as firewalls, and file servers. The more data sources there are, the better your chances of detecting breaches. Next, the tool will normalize the collected data, ensuring that it follows a standard format and that discrepancies—such as data from a different time zone—are compensated for. The normalized data is then typically compared against an established baseline and any deviation triggers some response. The best SIEM tools will also use some sort of behavioural analysis to improve their detection rate and reduce false positives.

The Top Data Breach Detection Tools

There are different types of tools for detecting data breaches. As we’ve just discussed, SIEM tools can help you with that while providing many more security-oriented features. You won’t be surprised to find a few SIEM tools on our list. We also have some dedicated data breach detection tools that can handle most of the steps of the detection cycle described above. Let’s review the features of a few of the best tools.

1. SolarWinds Security Event Manager (FREE TRIAL)

When it comes to Security Information and Event Management, SolarWinds proposes its Security Event Manager. Formerly called the SolarWinds Log & Event Manager, the tool is best described as an entry-level SIEM tool. It is, however, one of the best entry-level systems on the market. The tool has almost everything you can expect from a SIEM system. This includes excellent log management and correlation features as well as an impressive reporting engine.

SolarWinds Security Event Manager Screenshot

The tool also boasts excellent event response features which leave nothing to be desired. For instance, the detailed real-time response system will actively react to every threat. And since it’s based on behaviour rather than signature, you’re protected against unknown or future threats and zero-day attacks.

In addition to its impressive feature set, the SolarWinds Security Event Manager’s dashboard is possibly its best asset. With its simple design, you’ll have no trouble finding your way around the tool and quickly identifying anomalies. Starting at around $4 500, the tool is more than affordable. And if you want to try it and see how it works in your environment, a free fully functional 30-day trial version is available for download.

2. Splunk Enterprise Security

Splunk Enterprise Security—often just called Splunk ES—is possibly one of the most popular SIEM tools. It is particularly famous for its analytics capabilities and, when it comes to detecting data breaches, this is what counts. Splunk ES monitors your system’s data in real-time, looking for vulnerabilities and signs of abnormal and/or malicious activity.

SolarWinds Security Event Manager Screenshot

In addition to great monitoring, security response is another of Splunk ES’s best features. The system uses a concept called the Adaptive Response Framework (ARF) that integrates with equipment from more than 55 security vendors. The ARF performs automated response, speeding up manual tasks. This will let you quickly gain the upper hand. Add to that a simple and uncluttered user interface and you have a winning solution. Other interesting features include the Notables function which shows user-customizable alerts and the Asset Investigator for flagging malicious activities and preventing further problems.

Since Splunk ES is truly an enterprise-grade product, you can expect it to come with an enterprise-sized price tag. Pricing information is unfortunately not readily available from Splunk’s website so you will need to contact the company’s sales department to get a quote. Contacting Splunk will also allow you to take advantage of a free trial, should you want to try the product.

3. SpyCloud

SpyCloud is a unique tool from an Austin-based security company that offers organizations accurate, operationalized data they can use to protect their users and their company from data breaches. This includes normalizing, de-duplicating, validating, and enriching all the data it collects. This package is typically used to identify exposed credentials from employees or customers alike before thieves have a chance to use them to steal their identity or sell them to some third party on the black market.

One of the main differentiating factors of SpyCloud is its assets database, one of the largest of its king at over 60 billion objects as of this writing. These objects include email addresses, usernames, and passwords. Although the system makes use of scanners and other automated collection tools, most of the tool’s useful data—or should I say the tool’s most useful data—comes from its human intelligence gathering and advanced proprietary trade craft.

SpyCLoud Home Page

The SpyCloud platform offers a winning combination of unparalleled quality, clever automation and a super easy to use API to run automated and consistent checks of your organization’s user accounts against the SpyCloud database of credentials. Whatever match it finds quickly triggers an alert. As a result, a notification is sent out and , optionally, a remediation can be accomplished by forcing a password reset of the compromised account.

Malicious users seeking to take over personal and corporate accounts will definitely meet their match with this product. Several similar solutions on the market will find exposed accounts way too late in the process to let you do more than merely managing the consequences of a data breach. This is not the case with this products and it is obvious that its developers understand the importance of early detection.

This product is ideal for organizations of any type and size and from virtually every industry such as retail, education, technology, financial services, hospitality, and healthcare. Cisco, WP Engine, MailChimp, and Avast are examples of some of the prestigious clients that use SpyCloud to protect their accounts.

Pricing information is not readily available from SpyCloud and you’ll need to contact the company to get a quote. The company’s website states that a free trial is available yet clicking the link takes you to a page where you can register for a demo.

4. Kount

Kount is a Software as a service (SaaS) data breach detection platform. Based in Boise, ID and founded some twelve years ago, the company offers data security in addition to breach detection services to organizations throughout the world. Its patented machine learning technology operates by examining transactions at a microscopic level to detect stop malicious activities. While the service seems to be particularly well suited for online businesses, merchants, acquiring banks, and payment service providers, it can serve other types of businesses as well. It prevents account takeover, fraudulent account creation, brute force attacks while also detecting multiple accounts and account sharing.

Kount Home Page

Kount can provide your organization with enough data and toolsets to counter most online threats and protect the data of your customers, employees, and users from all kinds of cyberattack. The service has a huge customer base of more than 6 500 companies including some top-notch brands that rely on the service to guard against data breaches.

What we have here is an easy-to-implement, efficient solution that can be tailored to address the security concerns of various organizations operating in different segments. It makes the entire task of fraud detection much simpler. As a result, it empowers organizations to handle a greater transaction volume, thereby leading to better profits and overall growth.

Kount is available in three versions. First there’s Kount Complete. As its name implies, this is the complete solution for any business that interacts with its customers digitally. There’s also Kount Central, a service specifically tailored for payment solutions providers. And then there is Kount Central for digital account protection. The various solutions start at $1 000 per month, with prices varying depending on the number of transactions you plan to run through the service. You can get a detailed quote or arrange for a demo by contacting the company.

The Breaching Process Step-By-Step

Let’s have a look at what the typical steps of a data breach attempt are. While the activities outlined below are not necessarily the rule, they give you a valid overview of how your average data hacker works. Knowing about those will allow you to better prepare to fight attacks.

Probing

This first step in most attacks is a probing phase. Malicious users will often start by attempting to learn more about your network and overall digital environment. They could, for instance, probe your cybersecurity defences. They could also test passwords or evaluate how to launch an eventual phishing attack. Others will look for out-of-date software without the latest security patches, a sign that exploitable vulnerabilities could be present.

Initial Attack

Now that hackers have probed your environment, they will have a better idea of how to carry their attack. They will typically launch a first wave of attack. This could take many forms such as sending a phishing email to employees to trick them into clicking a link that will take them to a malicious website. Another common type of initial attack is executed by corrupting some essential applications, often disrupting workflow.

Expanded Attack

After a successful initial attack, cybercriminals will often quickly switch to high gear and evaluate their next steps. This will often mean leveraging whatever grip they got from their initial efforts to launch a broader attack that can target the whole environment to locate as much valuable data as they possibly can.

Data Theft

Although we’re listing it last, the actual theft of your data is not necessarily the last step of a typical attack. Hackers are often very opportunistic and will grab whatever interesting information they can get their hands on as soon as they find it. Others, on the other hand, may choose to lay dormant for a while in an effort to avoid detection but also to better understand what data is available and how it can best be stolen.

What exact information cybercriminals will take from any organization varies greatly. But since “money makes the work go ‘round”, it is estimated that at least three-quarters of all the data breaches are financially motivated. The stolen data may often involve trade secrets, proprietary information, and sensitive government records. It could also very well be centred on your customer’s personal data that could be used for the hackers’ own gain. Several hugely publicized data breaches have been reported in the past few years involving giants such as Facebook, Yahoo, Uber, or Capital One. Even the healthcare sector can be the target of attacks, potentially putting the public’s health at risk.

Causes Of Breaches

Data breaches can have multiple causes, some of which you may not even suspect. Of course, there’s the obvious cyberattack but those only account for a relatively small fraction of all data breaches. It is important to know about these various causes as this is how you’ll be able to better detect and stop them from happening. Let’s have a quick look at a few of the main causes.

Cyberattacks

The cyberattack—in which your organization is the direct target of hackers—is, as you would imagine one of the primary causes of data breaches. The annual cost of cybercrime is estimated to exceed $600 billion throughout the world so it’s no wonder that organizations are so concerned about it. Cybercriminals use a broad arsenal of methods to infiltrate your networks and exfiltrate your data. Those methods can include phishing to gain access through unwary users or ransomware to extort organizations after taking their data hostage. Exploiting various software or operating system vulnerabilities is another common way to rob organizations of their precious data.

Internal Breaches

Internal breaches can be more insidious than cyberattacks. Their goals are the same but they are carried out from within the network. This makes their detection much more complicated. They are often the fact of disgruntled employees or employees suspecting they are about to be terminated. Some hackers will even approach employees and offer them money in exchange for information. Another common cause of internal breach comes from employees that have been dismissed but whose access credentials have not yet been revoked. Out of spite, they could turn against their former organization and steal its data.

Device Loss

Although not as common a cause of data breach as the previous ones, device lost still plays a non-neglectable role in data breaches. Some users are simply careless and will leave various devices such as smartphones, laptops, tablets or thumb drives in insecure locations. These devices could potentially store proprietary data to provide easy and unfettered access to your network. A related cause of data breach is device theft where ill-intentioned individuals will steal user’s devices to either gain access to the data they contain or to use them as a gateway to your corporate data. And don’t think that the fact that all these devices are secured makes them any less of a risk. Once malicious users get their hands on your devices, cracking the security should be a piece of cake.

Human Error

The main difference between human error as a cause of data breaches and internal breaches is that the former is accidental. It can take many forms, though. For instance, some IT team may have accidentally exposed customer data to unauthorized employees as a result of misconfiguring access rights on a server. Another cause of breach related to human error has to do with employees falling victim to phishing or social engineering endeavours. Those are the kind of attacks where hackers trick your staff into clicking malicious links or downloading infected files. And you should not take human error lightly as research has shown that it accounts for more than half of the data breaches.

Protecting Against Breaches

Now that we know what data breaches are, what they look like and what their causes are, it’s time we have a closer look at protecting against them. With the various types and causes of data breaches, defending your organizations against them can be a daunting prospect. To assist you, we’ve assembled a list of the phases of protecting against data breaches. Together, they form the building blocks of any serious defense strategy. It is important to realize that this is an ongoing process and you should view the stages as part of a circle rather than a once-over linear approach.

Discovery

The discovery phase is where security professionals work through sensitive information in order to identify any unprotected or otherwise vulnerable or exposed data. This is important as that kind of information can be an easy target for malicious individuals. It is, therefore, very important to take the necessary steps to secure it. One way to do that is by reviewing who has access to that data and changing authorizations to ensure that only those who need to work with it can access it.

Detection

The next phase is the detection phase. This is where you should be monitoring for security threats that can provide cybercriminals with easy entry points into your network. This is a critical phase as it can be extremely easy for hackers to access your data if you don’t actively work on detecting and patching whatever vulnerabilities exist. For example, any application that hasn’t been updated with the latest security patches ca become an easy target for attackers who are free to exploit whatever vulnerabilities there are. This phase, more than all others, has to be an ongoing or recurring process.

Prioritization

Once you’ve gone through the previous phases and have pinpointed your risks, the last step before you can actually start fixing things is the prioritization phase. The idea here is to triage what assets are at risk in order to quickly secure the most exposed or those that would have the worst consequences should they be breached. This is where you’d typically use the combine intelligence of security information and data operations to pinpoint where you are at the greatest risk of being attacked. This phase is often conducted through audits that can help understand what needs to be prioritized.

Remediation

The remediation phase is where you resolve the threats that you’ve identified and prioritized during the previous phases. The exact remediation process varies according to the type of threat that has been identified.

Process Management

This whole process needs to be managed strategically and effectively. If you want the data breach prevention cycle to work for your organization, you’ll need to take control and use the proper tools. These are tools that can leverage data from your network and turn in into actionable insights. As we said before, this is more of an ongoing process than a one-time thing. And don’t expect this to be a set-and-forget kind of thing. Staying abreast of data breaches will require constant efforts. This is why investing in tools that can make all this easier is well worth it.

In Conclusion

Data Breach prevention is just about as important as it is a complex topic. I hope we’ve managed to shed to useful light on the subject. The key point to remember from all this is that the risk is real and doing nothing about it is not an option. Now, whether you choose to go with a SIEM tool or a dedicated breach detection and/or prevention solution is up to you and it largely depends on the specific needs of your organization. Look at what’s available, compare the specifications and features and, before you make your final decision, try a few tools.

The post Top Data Breach Detection Tools and Systems for 2020 appeared first on AddictiveTips.

5 Best Small Business Network Monitoring Tools in 2020

Just like large organizations, small businesses need to keep an eye on their networks to ensure that all is running smoothly. However, smaller enterprises don’t always have the resources—both financial and human—to deploy larger network monitoring tools. This is why we’re about to review the top small business network monitoring tools.

Network monitoring tools for small business

We’ll start off by discussing network monitoring in the specific context of small business. We’ll see how due to their limited resources, the challenges can be quite different. Next, we’ll briefly introduce the Simple Network Management Protocol as it is the most common technology used for network monitoring. And since it helps to have at least a basic understanding of how it works to implement it, this is what we’ll tackle next. And we’ll finish by reviewing the best network monitoring tools to be used by small businesses.

Network Monitoring Tools for Small Business

Network congestion is the number one enemy of all network administrators. If you compare a network to a highway where traffic is the network’s data, network congestion is similar to traffic jams. But unlike automobile traffic–where congestion can easily be spotted by simply looking at the road–network traffic happens within cables, switches, and routers where it’s invisible. Furthermore, it all happens at blazing fast speeds. Even if you could see it, it would happen too fast. This is why network monitoring tools are so important. They provide network administrators with the visibility they need to keep things running smoothly. This is especially true in small businesses where the typical administrator wears several hats and is the network guy, the server guy, and often the tech support guy all at the same time. This is why monitoring tools are so important to small businesses, they free their IT team—which is often just a single IT guy—to work on more important or pressing tasks while the tools monitor the status of the network.

Another major reason for monitoring networks is capacity planning. There doesn’t appear to be a way around the fact that network usage always grows over time. The current bandwidth of your network might be sufficient now, but they’ll eventually need to be increased. And in small businesses, you’ll want to delay the upgrade as much as possible in order to save costs. By monitoring bandwidth usage, you’ll be able to plan network updates before over-utilization becomes a problem.

Introducing SNMP

SNMP—which stands for Simple Network Management Protocol—is a complex system that can be used to remotely monitor, configure and control different types of networking equipment. Despite its misleading name, the only thing simple about this technology is its name, and implementing it can turn out to be a daunting task.

Fortunately, you don’t have to know everything about SNMP to use it to monitor your network’s bandwidth utilization. For now, suffice to say that SNMP is used by monitoring tools to read a device’s interface counters and use that data to calculate and graph network bandwidth usage over time. In the next section, we’ll go into more detail on the inner workings of this monitoring technique. Understanding SNMP will help you better appreciate the upcoming product reviews and help you configure and use any SNMP monitoring tool.

How SNMP Works

Most texts explaining SNMP will tell you about MIBs, OIDs, and several other TLAs (Three Letter Acronyms). We think this is overkill, especially in a post such as this one. Our goal today is instead to give you enough information so that you can understand, use, and configure SNMP network monitoring tools, not to make you an SNMP expert. That will come in due time, with experience.

The first thing you need to know about SNMP is how the connection to an SNMP-enabled device is established. On most SNMP devices, two parameters called community strings can be configured. You can think of these as the SNMP (very crude) passwords. By default, the two community strings are called public and private but you can name them anything you like. The public string is used for read-only access while the private string will let you modify parameters as well.

Once the connection is established between a monitoring tool and a monitored device, some parameters can be remotely read. Of particular interest when it comes to bandwidth monitoring are a couple of parameters called interface counters. There’s usually a pair of them for each network interface of an SNMP-enabled device, one counting the bytes in and one counting the bytes out of the interface. They are aptly called Bytes In and Bytes Out. By reading these values periodically at know intervals, the monitoring tool can compute the number of bits per unit of time—usually per second—which is exactly what bandwidth is.

Concretely, here’s how it’s done: The monitoring tool will poll a device and read its counters. A fixed amount of time later—five minutes is typical, it will read the same counters again. By subtracting the previous value of the counters from the current one, the total number of bytes transferred in and out over the interval is obtained. It is then a simple matter to multiply these numbers by 8—the number of bits in a byte—then divide the results by the number of seconds in the polling interval to get the bits per second bandwidth utilization figures. Those figures are typically stored in some sort of database and used to plot graphs or tables of utilization over time.

A few other SNMP values can be interesting for network monitoring. For instance, there are interface input and output error counters. Similar to what’s being done with bytes in and out, these values can be used to compute the number of errors per second, a figure that tells you a lot about the general health of a network link. CPU load and memory usage gauges can also be read through SNMP. In fact, several hundred parameters are typically available in any SNMP-enabled device.

SNMP Traps — Another Feature Of SNMP

While not directly related to SNMP network monitoring SNMP traps are another important element of the protocol. We won’t go into great depths about them, though. This is beyond the scope of this post. In a nutshell, SNMP traps are alert messages that are sent by SNMP-enabled devices to a “trap receiver”, a process running on a computer that receives the traps and perform various actions such as logging them, displaying on-screen alerts, sending out email or SMS alert messages, etc.

The Top Network Monitoring Tools For Small Businesses

Monitoring networks in small businesses is not much different from doing it in larger organizations. In fact, it is exactly the same, albeit on a smaller scale. But as for the best tools, they seem to be the same no matter what size of network you need to monitor. The main restriction that small businesses typically have when selecting a network monitoring tool is their budget. This is why we’ve tried to include a few free tools on our list.

1. SolarWinds Network Performance Monitor (Free Trial)

SolarWinds is one of the biggest players in the network administration tools field. The company has been around for some 20 years and has brought us some of the best tools. It also has a solid reputation for making excellent free tools that, even though they can be feature-limited, they are still excellent tools. The company’s flagship product is called the SolarWinds Network Performance Monitor, or NPM.

SolarWinds NPM - Network Summary

Like most network monitoring tools, the SolarWinds Network Performance Monitor uses SNMP to poll multiple network devices and gets traffic statistics from their interfaces. The results are shown visually on graphs depicting each interface’s usage statistics. The tool will let you add a device simply by specifying its IP address and SNMP community string. It will then query the device and list all the parameters that are available and let you decide which you want to include on your graphs. For example, a network switch will, among other parameters, expose each interface traffic and error counters.

There are many more features to the SolarWinds Network Performance Monitor. One of the main ones is its scalability, The tool will work with small business networks but will easily scale up to large networks consisting of tens of thousands of hosts spread out in multiple locations. If you set out to use this tool in your small business, you’ll be able to keep using it as your organization grows. A great feature of the product is how it can build network maps and display a visual representation of the critical path between two devices or services.

Prices for the SolarWinds Network Performance Monitor vary according to the number of monitored devices and starts at $2 955. If you would like to try the tool before purchasing it, a full-featured 30-day trial is available.

2. PRTG Network Monitor

The PRTG Network Monitor from Germany-based Paessler AG is known to be one of the easiest and fastest monitoring tools to set up. The publisher claims that you could be up and running within minutes. Although our experience shows that it can take a tad longer, setting up the product doesn’t take much time at all. Accessory to this fast installation and configuration is the product’s auto-discovery feature that will scan your network and automatically add the components it finds. And it’s not only fast, setup and initial configuration are also very easy.

PRTG Dashboard - Datacenter Monitoring

But the PRTG Network Monitor is not only fast to install, it is also loaded with great features. For instance, you can choose between multiple user interfaces. There’s a native Windows enterprise console, an Ajax-based web interface as well as mobile apps for Android and iOS. One feature of the mobile apps we particularly loved is the possibility to scan a QR code label that you can print from the Windows console and affix to your devices to be instantly taken to that device’s graphs. Talking about graphs, this is another area where the product excels.

The PRTG Network Monitor can not only monitor and graph bandwidth utilization. It can record many more parameters using SNMP, WMI, NetFlow, and Sflow, thanks to the clever use of sensors. You can think of them as add-ons or plugins, but they come bundled with the software. There are over 200 different sensors available, each providing a different type of monitoring. The tool also has some amazing reports which can be run on-demand or be scheduled and then be viewed as HTML or PDF. You can even export them to CSV or XML to be processed externally.

You can choose between two different versions of PRTG. There’s a free version that is limiting your monitoring ability to 100 sensors, with each parameter you want to monitor and each sensor you use counting as one sensor. For example, monitoring bandwidth on each port of a 48-port switch will require 48 sensors. And if you also want to monitor the switch’s CPU and memory loads, you’ll need two more sensors. For more than 100 total sensors, several levels of paid licenses are available, depending on the number of sensors you use.

3. ManageEngine SNMP Bandwidth Monitoring Software

ManageEngine has complete and easy solutions for even the most difficult IT management problems.” This bold statement is how the company self-describe itself, and with reason. ManageEngine is well-known for its high-quality software, including several network monitoring tools.

ManageEngine also has some free tools available. One that small businesses will undoubtedly like given its price is the ManageEngine SNMP Bandwidth Monitoring Software. It is part of the free ManageEngine OpUtils bundle, which includes a selection of some 16 network management utilities. The software runs on both Windows and Linux. You can get a free edition that lets you monitor up to 10 devices and their interfaces. There is also has a paid version available with no device limitation. Furthermore, ManageEngine offers a free 30-day evaluation version of its full OpUtils software. Actually, the free version is first installed as a 30-day trial which reverts to limited features on the thirty-first day.

ManageEngine SNMP Bandwidth Monitor

As far as configuring the tool goes, you simply specify a subnet to scan as well as the SNMP community string to use. The tool will then auto-discover devices on the specified subnet that are responding to the specified string. Once the devices are discovered, the inventory tab will let you view the status of each device’s interfaces. And of course, you can also display graphs of network bandwidth usage by unit of time. Reports are another of the tool’s strong suits, You can, for instance, create reports of bandwidth usage over the past 12 hours to one month. And finally, the tool’s alerting features leave nothing to be desired. You have the possibility to set thresholds and be notified by email or SMS text messages when they’re exceeded.

4. MRTG

The Multi Router Traffic Grapher, or MRTG, is considered by many to be the granddaddy of SNMP monitoring tools. It’s been around since 1995 yet it is still in widespread use. There’s a reason for this longevity: it simply gets the job done. It is not a fancy tool but it is a free and open-source system available at no charge. Although that tool might not be the prettiest, it is possibly the most flexible. It can monitor many parameters besides bandwidth. In fact, it can monitor, log, and graph any SNMP parameter.

MRTG Index Page Sample

The two main components of MRTG are a Perl script that reads SNMP data from target devices and a C program that takes the data, stores it in a round-robin database and creates web pages with bandwidth utilization graphs. Being mostly written in Perl, anyone should be able to easily customize the software to their specific needs or add any extra features they need.

The product is available for Windows or Linux. The initial setup and configuration might be somewhat more complicated than what you’d experience with other monitoring systems but documentation is readily available.

Installing MRTG requires that you first install and configure Perl. It won’t run without it. There’s also a way you can run the tool as a Windows service instead of an application but it requires some further manipulations including some registry modifications. Once installed, MRTG is configured by editing its configuration file in a true old-style Linux fashion. Administrators used to GUI configuration could face a steep learning curve.

MRTG is best downloaded directly from its developer’s website. It is available as a .zip file for windows or a tarball for Linux. As of this writing, the latest stable release is 2.17.4. This might not be the most user-friendly monitoring system but it is possibly the most flexible. And the fact that it’s the first monitoring system and that it is still around is certainly a testament to its value.

5. Cacti

Cacti is best described as MRTG on steroids. If you look at any of the tool’s graphs, you’ll find that the resemblance between the two is striking. This product is built upon RRDtool which is from the same developer as and is a direct descendant of MRTG.

Cacti is more polished than its predecessor with a web-based configuration interface that makes configuring it much easier and more intuitive. It is a complete network monitoring and graphing package. The tool boasts a fast poller, advanced device and graph templates, several acquisition methods, and user management features. It is excellent for smaller LAN installations but just as good for complex networks with thousands of devices over multiple sites.

Cacti Promo Screenshots

To better understand Cacti, you need to know about RRDtool. According to its developer “RRDtool is the Open-Source industry-standard, high-performance data logging and graphing system for time series data. RRDtool can be easily integrated into shell scripts, Perl, Python, Ruby, Lua or Tcl applications.” Do you recall how we said that MRTG uses a C program for data storage and graphing? Well, RRDTool is the evolution of that C program.

Simply put, Cacti is a front end to RRDTool. It stores the necessary data to create graphs and populate them with data in a MySQL database. It is entirely written in PHP. The software maintains its graphs, data sources, and round-robin archives in a database and also handles the data gathering, leaving the graphing to RRDTool. This product is a step up from its predecessor. In fact, many of its users are former MRTG users who made the switch when they needed to replace their monitoring tool with something that was easier to configure and use. Cacti can be downloaded directly from its website.

In Summary

While some tools we’ve just reviewed are scalable and can be used in larger organizations just as well as in small businesses, they are all a good fit for smaller networks. And if your monitoring budget is severely limited, the free tool we’ve described can provide excellent value at no cost other than the efforts you’ll spend deploying them which, considering the typical size of a small business network, do not necessarily amount to much.

The post 5 Best Small Business Network Monitoring Tools in 2020 appeared first on AddictiveTips.

What Is Network Latency and How to Measure It

Have you ever noticed how networks sometimes seem to slow down to a crawl? You most certainly have. When that happens, it is often a sign of high latency. Latency, one of the biggest plagues of networks, is unavoidable but it must be kept within reasonable values. Today, we’ll be having an in-depth look at what is network latency and how to measure it. We’ll also make sure to include a few reviews of the best tools you can use for that purpose.

What is network latency and how you measure it
Our exploration will begin by having a good look at latency, what it is, why it exists, and why it is such an important metric to monitor closely. We will next discuss what can concretely be done to improve latency and how it can be measured. And armed with all this knowledge about latency, we’ll finally explore the best tools you can use to measure latency in your own environment.

Network Latency In A Nutshell

Network latency is easy to describe. It is a measure of the time it takes for a data packet to get from its source to its destination. Understanding what it is and why it is a relevant metric is a different story. In an ideal world, there wouldn’t be any network latency. But in reality, there will always be some. No matter how hard we try, there is no way that data can travel through a network instantly. But although latency is unavoidable, one must always ensure that it doesn’t get so high that it starts affecting the normal operation of the network.

There are several factors that contribute to latency. First, there is propagation time—the unavoidable factor. Although networks are fast and bits travel at the speed of light (not exactly, but they travel really fast), it still takes some time for data to reach its destination. The longer the path, the more time it will take, just like it takes longer to travel 100 miles than to travel 50. For that reason, the latency between two computers located thousands of miles from each other will always be higher than that between two computers in the same room. Another factor contributing to latency is referred to as the transmission delay. This is a delay that can be introduced by the medium itself. It varies as a function of the size of the data packets. Larger packets will have higher latency as they take more time to serialize and deliver.

Router and various other processing delays are also contributing factors to network latency. Even on barely used circuits where queuing is absent, each router needs to manipulate data. For example, the TTL header field of each packet must be decremented. Also, most networking devices will wait until a packet is completely received before sending it. Again, bigger packets will entail longer delays. These are just a few examples but there are several other ways that latency can be introduced in network transmission. We can think of queuing delays that happen when data cannot be sent immediately or storage delay when it has to be cached to disk or memory and then retrieved. We could write a lengthy post on just that subject but you probably get the picture.

The Importance Of Latency

It is relatively easy to understand that, when latency gets too high, it can affect the usability of networks and cause perceived performance degradation. This is what makes it such an important metric to watch. High—or higher than usual—latency is often a sign that something is wrong with the network or on the network. More often than any other cause, high latency will be the consequence of network congestion. Networks are like highways and when there’s too much traffic, things slow down and you get higher-than-normal latency.

But measured latency is not necessarily a sign of congestion or another network issue. Since latency is typically calculated by measuring the round-trip time, a common source of latency could be the distant device itself. If the remote device is very busy doing whatever it is that it has to do—and that might have nothing to do with the network, it might not respond right away to the requests it receives from the latency measurement tool. When that happens, it will be perceived as network latency but it has, in fact, nothing to do with the network and latency measurement won’t give you a clue about this.

Similarly, users could experience latency that has nothing to do with the network. Application latency is possibly just as common as network latency. When servers get overloaded, the start responding more slowly. Just like networks do when they get congested. Unfortunately, as important as it may be, server and application latency is not on today’s agenda.

Improving Latency

Imagine that your network is suffering from latency and the measurement tools you’ve put in place have detected it and alerted you. Now you need to find ways to reduce network latency. There are several ways you can go about doing this but how to fix high latency depends on what is causing it. With network over-utilization being the most common cause of network latency, let’s see what can be done about that.

Network circuits are not unlimited and when they get over-utilized, congestion occurs and users experience high latency. It works exactly like highway traffic. This is particularly true with WAN circuits which often have more limited bandwidth that your typical LAN. When this happens, the best way you can improve latency is by reducing network usage. This, in itself, is a whole domain of network administration that deserves its own post. And in fact, we already did a post on improving network performance, and there are many tools you can use to assist with this task.

Measuring Latency

Measuring network latency can be more complicated than it looks. This is particularly true when measuring the latency between very distant points. There are a few reasons for that but it’s mostly due to the fact that even huge latency is still relatively short, in the order of a few thousandths of a second. You can’t really call your friend at the other end and tell him “OK, I’m sending you a packet, tell me when it arrives” and measure the delay. Chances are the packet will arrive before you’re even done talking. So, forget manually about timing it.

Typically, latency is measured by sending a packet that is returned to the sender and measuring the time it takes for the response to come back. It is this round-trip time is considered to be the latency. There are a few disadvantages to this evaluation method. For instance, if the return path is different, the latency figure won’t tell you which of the forward or return paths is experiencing latency.

Another possible issue is that the types of packets used for measuring latency—typically ICMP requests and replies—are not always treated by the network devices with the same priority as some other network traffic. In fact, some routing devices will simply drop these packets and most firewalls will do that too.

The Top Latency Measurement Tools

There is not one universal way of measuring network latency. Consequently, there are various types of tools that can be used for that purpose. Latency measurement (often called round-trip delay) is a metric that all the tools reviewed below incorporate. Some will just measure latency while others will help you pinpoint it. Others yet measure bandwidth utilization rather than latency. They can still help since we know that over-utilization is the main cause of high latency.

1. SolarWinds Network Performance Monitor (Free Trial)

SolarWinds is one of the best-known makers of network administration tools. The company has been around for about 20 years and it has a solid reputation for making some of the best network and system administration tools as well as several simpler free tools.

The SolarWinds Network Performance Monitor is the company’s flagship product. Arguably one of the best SNMP bandwidth monitoring tools, it is packed with so many features that we could write about it for ever. One of the tool’s best advantages is most likely its simplicity which, fortunately, does not come at the price of flexibility. Dashboards, views, charts, and reports can be fully customized to your preferences or needs. The tool can be set up in minutes and it can scale from the smallest of networks to huge ones with thousands of devices.

SolarWinds NPM - Network Summary

The SolarWinds Network Performance Monitor won’t directly measure network latency, though. But by giving you detailed information on the bandwidth usage of every part of your network, it will let you quickly identify trouble spots where congestion might be the cause of high latency.

The SolarWinds Network Performance Monitor uses the Simple Network Management Protocol (SNMP) to periodically poll your devices and read their interface counters, computing bandwidth utilization and displaying it as graphs. Configuring the tool only requires that you specify a device’s IP address and community string. Advanced features let you build network maps and display the critical path between two devices, a great feature when troubleshooting latency.

Prices for the SolarWinds Network Performance Monitor vary according to the number of monitored devices and starts at $2 955. If you would like to try the tool before purchasing it, a full-featured 30-day trial is available.

2. SolarWinds NetFlow Traffic Analyzer (Free Trial)

Another excellent product from SolarWinds, the NetFlow Traffic Analyzer can give administrators a more detailed view of network traffic. It will not only show you utilization and potential latency but it will also show you where it’s taking place and what is causing it. The tool provides detailed information on what the observed traffic is. For instance, the tool will let you find out what type of traffic or what user is consuming the most bandwidth. The tool’s dashboard has plenty of useful views available such as top applications, top protocols or top talkers.

SolarWinds NTA - Dashboard Summary

As you’d guess from its name, the SolarWinds Network Performance Monitor uses Cisco’s NetFlow protocol to gather detailed usage information from network devices. Originally created by Cisco, the NetFlow protocol allows devices to send detailed information about each network “conversation”, or flow, to a NetFlow collector and analyzer such as this tool. This information contains several elements that can be used to analyze the traffic. Many manufacturers other than Cisco also include NetFlow functionality or an equivalent in their equipment, sometimes calling it a different name. Recently, the NetFlow protocol has been standardized as IPFIX, or IP Flow Information Exchange, by the IETF. The SolarWinds NetFlow Traffic Analyzer will work with all variants of the protocol, making it an excellent choice.

The SolarWinds NetFlow Traffic Analyzer is an additional module that installs on top of the Network Performance Monitor reviewed above. Pricing starts at $1 915 and varies according to the number of hosts. And just like with most SolarWinds paid products, a 30-day free trial is available.

3. PRTG Network Monitor

The PRTG Network Monitor from Paessler AG is another bandwidth monitoring tool. It is known to be one of the easiest and fastest to set up. Paessler claims that you could be up and running within minutes and truly, setting up the product doesn’t take much time albeit quite a bit more than what is claimed. This is, in part, due to the product’s auto-discovery feature which means that it will scan your network and automatically add the components it finds.

PRTG Dashboard - Datacenter Monitoring

The PRTG Network Monitor comes with several user interfaces, allowing you to pick the one that best suits your needs. There’s a native Windows console application, there’s also an Ajax-based web interface, and there are mobile apps for Android and iOS. And it makes great use of each platform’s capabilities. For instance, the mobile apps will allow you to access any device’s details by simply scanning a QR code label affixed to it. Of course, the Windows console will let you print those labels.

The PRTG Network Monitor uses a combination of technologies for its monitoring. It will use SNMP monitoring but also WMI for Windows devices and NetFlow and Sflow, two similar but competing flow analysis technologies. And the tool has several sensors specifically designed to measure latency. There’s a QoS sensor that will measure the round trip delay, a Cisco IP SLA sensor and a Ping sensor.

4. ManageEngine NetFlow Analyzer

The ManageEngine NetFlow Analyzer is another NetFlow-based monitoring tool that features some advanced latency monitoring features. The tool provides a detailed view of network utilization and traffic patterns. Its web-based user interface will let you view traffic by application, by conversation, by protocol, and more. The tool’s comprehensive dashboard is one of its best features. It offers some of the best versatility and will let you include any data you want. And for on-the-go administrators, there are mobile apps available.

ManageEngine Network Traffic Analyzer Dashboard

The ManageEngine NetFlow Analyzer supports several flow technologies including NetFlow, IPFIX, J-flow, NetStream and a few others. As a bonus, the too has excellent integration with Cisco devices, with support for adjusting traffic shaping and/or QoS policies right from the tool. And for latency measurement, this tool features a WAN Round Trip Time (RTT) monitor which allows you to monitor WAN availability, latency, and quality of service.

5. PingPlotter

Despite a somewhat misleading name, PingPlotter is actually a graphical Traceroute software that can help solve network problems. This diagnostic tool graphs latency and packet loss between your computer and a target. It allows you to visualize the information, thereby accelerating your troubleshooting process, and can help build a case should you need to convince anyone a problem exists on their end.

PingPlotter Professional Screenshot

PingPlotter graphs network performance at every hop between the computer where you run it and a target website, server, or device. The tool will test the path to any network-reachable device and it will show where latency happens, saving you a lot of diagnostic time.

While having performance statistics is useful, they only tell you that the network failed—or didn’t fail—during the test and where the failure is. PingPlotter has a useful timeline feature that provides a deeper level of understanding by showing exactly when issues occur. This allows you to differentiate between a consistent failure throughout the test and a short period of severe failure. It can also help correlate the failure with other simultaneous events.

6. MultiPing

MultiPing is another product with a misleading name. Although it primarily uses Ping to accomplish its feat, this is really a monitoring system, somewhat like a smaller SolarWinds Network Performance Monitor. Of course, using Ping rather than SNMP means that the information you’ll get is very different. You can’t expect to see bandwidth utilization with this tool but the one thing you will see is latency. And just like bandwidth monitors will plot graphs of bandwidth over time, this one will plot graphs of latency over time.

MultiPing Screen Capture

MultiPing will show you packet loss in percentage as well as minimum, average and maximum latency. It has auto-discovery making setting it up is a super easy task. The product’s user interface can be configured to your liking by placing its different components as you see fit. The system also features alerting that can notify you when parameters get out of range. In addition to notifications, programs can be launched on alerts.

7. Ping

You don’t have to download or install anything to test latency, though. Ping is a command that is built right into most modern operating systems. In a nutshell, Ping sends a series of ICMP echo requests to the target IP address and waits for it to respond with corresponding ICMP echo replies. The delay between the request and the reply is called the round-trip delay which is also referred to as latency. And when it fails to receive a response to one of its requests, the utility assumes that either the request or the response got lost in transit and compiles the packet loss information which is displayed once the command finishes executing.

8. Traceroute (Or Tracert)

Similarly, Traceroute—or Tracert if you’re living in a Windows world—can also be used for latency testing purposes. This is another command that is built into most operating systems. It uses the same type of ICMP requests and replies as Ping but it does it in a way that allows it to individually test the response time—or latency—of each network segment along the path. This is even better than Ping as it can give you a pretty good idea of where most of the latency is happening. So this tool can not only measure but also locate latency.

In Conclusion

We’ve seen how latency can wreak havoc with your network’s performance and how important it is to keep it under control. We’ve also looked at how to improve latency and how to measure it. But most importantly, we’ve provided you with reviews of a few of the very best tools you can use to measure latency. All the tools we’ve introduced are excellent and any of them will help you measure latency. They are, however, very different from one another and you should have a closer look at each tool’s detailed feature set before picking one as most of the tools presented will actually do much more than just measure latency.

The post What Is Network Latency and How to Measure It appeared first on AddictiveTips.

Open-Source and Closed-Source Monitoring Tools Compared (2020 Edition)

Today, we’re comparing open-source and closed source monitoring tools. Our goal is not to start a never-ending debate but to give you an idea of what’s available. Although proponents of one are typically enemies of the other, our take on the subject is that there is good and bad software in each category. We’ll be reviewing some of the best products of either type. As you’ll see, there are plenty of good options in either category.

Open-Source and Closed-Source Monitoring Tools

We’ll start by explaining what open-source software is and follow by comparing several aspects of each distribution model. We’ll see how they compare on price but also on support, performance & reliability and customization. Then, we’ll address some security concerns related to open-source software before we complete our tour by reviewing some of the best free and open-source monitoring tools and some paid alternatives that you may prefer.

About Open-Source Software

When talking about open-source software, we are usually referring to a broader concept called free and open-source software. The free here is referring to freedom rather than the absence of cost. With free and open-source software, anyone is freely licensed to use, copy, study, and change the software in any way, and the source code is openly shared so that people are encouraged to voluntarily improve the design of the software. This is different from proprietary or closed-source software, where the software is generally under restrictive copyright licensing and the source code is typically hidden from users.

Some benefits of using free and open-source software include decreased software costs, increased security and stability, protecting privacy, education, and giving users more control over their own hardware. Today, free and open-source software is everywhere. For instance, operating systems such as Linux and descendants of BSD are in widespread use and are powering millions of servers. Free-software licenses and open-source licenses are also used by many software packages. Furthermore, the free-software movement and the open-source software movement are online social movements that are accessory to the widespread adoption of free and open-source software.

Comparing Open-Source and Closed-Source

There are several factors to consider when deciding whether to go with an open- or closed-source monitoring solution. While the cost—or lack thereof—factor may be a major draw, one should always consider all the angles. Let’s compare the advantages and disadvantages of both approaches on various factors such as price but also support, performance and reliability as well as customization. It will help you decide if you want to go one route or the other.

Price

Most open-source monitoring tools are available free of charge. They can, therefore, provide an obvious cost-saving benefit to organizations because they don’t appear to require any financial investment. This is not always the case, though, and it is not uncommon to see an open-source monitoring solution require users to pay for extra features or added functionalities.

Although not directly related to the cost of monitoring tools, other factors to consider are legal issues and compliance regulations. Some regulatory frameworks specifically prohibit the use of open-source software. Also, some open-source software can only be used for non-commercial applications. Keep that in mind as infringements could end up costing you more than you expected.

As for closed-source monitoring tools, many vendors—if not all—offer a free trial period that allows you to test the products and ensure they meet your needs. Once the trial period is over, most paid monitoring tools will offer different levels or tiers of payments, typically based on the number of interfaces, nodes, or devices to be monitored.

The market has changed a lot in recent years. A while ago, one would typically purchase a monitoring tool from a reseller. Today, many vendors have moved to a direct e-commerce model and sell directly to customers through their websites. One advantage of this business model is that you can often benefit from various promotions the vendors may be offering. You should do a quick internet search for any applicable promotion codes you can use, especially towards the end of each quarter when vendors are looking to meet their sales goals.

Support

Support is often the area where open-source software has the worst reputation. Without a big organization backing it up, it is true that “official” support is often tragically lacking in open-source software. However, community support is where the model shines. Online community-supported support forums are often available and, although you certainly won’t get any Service Level Agreement (SLA), the support you get from these sources is often adequate.

Be aware that the support you get with open-source software—not just monitoring tools for that matter—varies greatly. If you absolutely need rock-solid support, make sure you do your homework and verify that you’ll get the support that you need.

Paid solutions, on the other hand, typically come bundled with support that is backed by an organized structure with agents, SLAs and often round the clock availability. You can reasonably expect that any issue you might encounter will be quickly addressed and resolved to your satisfaction. However, the support offered varies quite a bit from vendor to vendor and this is an area that you should examine closely if support is one of your priorities.

Furthermore, makers of closed-source monitoring tools tend to offer better documentation that their open-source counterparts, somewhat alleviating the need for support in the first place. And just like in the open-source arena, several closed-source software platforms will also have community-driven forums where users can share tips and help each other.

Performance and Reliability

Performance and reliability is probably the area where there are the least differences between open- and closed-source software. Some will argue that the performance of open-source tools is largely dependent on community input and, as such, cannot possibly be as good as closed-source which is typically driven by commercial interests. Others will say that open-source software needs more frequent updating and patching.

My experience shows that none of this has any credence. I’ve seen rock-solid open-source software and absolutely crappy commercial one. Being backed by a large commercial organization in no way warrants quality, performance, or reliability. There is good software and bad software just as there is open-source and closed-source software but there is absolutely no correlation between the two.

Of course, closed-source commercial software tends to be easier to use and more polished than the open-source one. After all, their makers need to have something to convince customers to shell out important sums of money. But even that is not necessarily true.

Customization

Open-source software gives end-users access to the source code. That, in turn, allows them to modify the software to their specific needs. At first glance, that may appear to be the ultimate level of customization. But it’s actually a double-edged sword. Customizing open-source software will often entail writing code which is often beyond the reach of most users.

On the contrary, closed-source software often offers various levels of customization that can be applied without having to write any code. You won’t be able to add some extra functionality to such tools but if the level of customization you need deals with adapting the dashboard to your needs or preparing a report with some specific data, many of the commercial monitoring tools will let you do that.

How About Security?

Whether open-source—or closed-source, for that matter—software is more secure is an ongoing and probably never-ending debate. Detractors of open-source software will often argue that by virtue of making source code available, such software is more exposed to attacks, However, experience shows that open-source software generally has less malware written for it. Furthermore, supporters of open-source software argue that there are fewer exploits due to more frequent patches and the number of developers that are constantly contributing to the project’s security.

Many professionals will agree that closed-source software is more secure. This is partly due to its development model in a controlled environment by a trusted vendor. And whenever a vulnerability is discovered, reliable vendors will quickly work at developing and providing patches and updates to keep their customers out of trouble. Open-source resources often can’t compete with the security effort put into closed-source solutions.

The Best Open-Source Monitoring Tools (And Some Closed-Source Alternatives)

We’ve scoured the market looking for some of the best open-source monitoring tools. Our idea was to give you a good sample of what is available. But to make things more interesting, we’ll also be reviewing some commercial alternatives. Don’t expect a feature-for-feature match in any of the commercial alternatives we pin against open-source suggestions. Monitoring tools are all different and no two packages can support such a comparison. Instead, our comparisons are in terms of the general quality of each tool.

1. Zabbix

First on our list is Zabbix, a free and open-source product but that has a highly professional look and feel, much like what you’d expect from a commercial product. But the good looks of its user interface are not its only assets. The product also has an impressive feature set. It will monitor most network-attached devices in addition to networking equipment. It would be an excellent choice for anyone in need of monitoring servers in addition to network bandwidth utilization.

Zabbix Dashboard Screenshot

Zabbix uses SNMP as well as the Intelligent Platform Monitoring Interface (IMPI) for monitoring devices. You can use the software to monitor bandwidth, device CPU and memory utilization, general device health and performance as well as configuration changes, a rather unique feature within this list. This tool does way more than simple network bandwidth utilization monitoring. It also features an impressive and completely customizable alerting system that will not only send email or SMS alerts but also run local scripts which could be used to fix some issues automatically.

Alternative: SolarWinds Network Performance Monitor (FREE TRIAL)

SolarWinds, the maker of the Network Performance Monitor has been around for about 20 years and it enjoys a solid reputation for having made some of the best network and system administration tools. Many of the company’s products have received rave reviews and are considered among the very best in their respective fields. The company is also famous for its free tools, each addressing a specific need of network administrators.

The SolarWinds Network Performance Monitor is primarily an SNMP bandwidth monitoring but it can do a lot more. At its core, the product offers comprehensive fault monitoring and performance management using SNMP and it is thereby compatible with most equipment. The tool’s NetPath feature lets you view the critical network path between any two monitored points on your network, In addition, it can also auto-generate intelligent network maps.

SolarWinds NPM - Network Summary

Other strengths of the product include advanced alerting and the tool’s PerfStack performance analysis dashboard. Another exclusive feature is the Network Insights functionality which allows for complex device monitoring. The tool can also monitor Software Defined Networks (SDN) and has built-in Cisco ACI support as well the ability to monitor wireless networks and to generate network performance baselines.

The SolarWinds Network Performance Monitor has a rather simple pricing structure. Licensing is based on the number of monitored elements. Five licensing tiers are available for 100, 250, 500, 2000, and unlimited elements at prices ranging from $2 955 to $32 525, including the first year of maintenance. If you’d rather give the tool a test run before committing to a purchase, a free, element-unlimited 30-day trial version can be obtained.

2. Nagios Core

There are two versions of Nagios available. There’s the free and open-source Nagios Core and then there’s the paid Nagios XI. Both share the same underlying engine but the similarity stops there. Right now, let’s have a look at Nagios Core, the open-source monitoring system that runs on the Linux operating system. This is a completely modular system with the actual monitoring engine—the actual Nagios core—at its core. This powerful engine is complemented by dozens of available plugins that can be downloaded to add functionality to the system, with each plugin adding some features to the core.

Nagios Core Screenshot

The modular approach goes well beyond the tool’s back end, though. The tool’s front-end is just as modular, if not more. Different community-developed front-end options are also available for download. The Nagios Core, the plugins and the front end combine and make for a rather complete monitoring system. There is, however, a drawback to this modular concept, though. Setting up Nagios Core can turn out to be a challenging task. This is somewhat compensated by the community-based support that is available.

Paid Alternative: Nagios XI

Nagios XI is an enterprise-grade server and network monitoring software which provides comprehensive application, service, and network monitoring in a central solution. The product is a direct descendant of Nagios Core and it uses the same core engine. This product lets you monitor all mission-critical infrastructure components such as applications, services, operating systems, network protocols, systems metrics, and network infrastructure.

Nagios XI’s powerful dashboards provide at-a-glance access to powerful monitoring information and third-party data. Various views provide users with quick access to the information they find most useful. The tool’s GUI is highly customizable and its layout, design, and preferences can be modified on a per-user basis, giving your team members the flexibility they want.

Nagios XI Dashboard

Nagios XI is very easy to use, thanks to its integrated web-based configuration interface which lets administrators manage monitoring configuration, system settings, and more. The platform also offers configuration wizards to guide users through the process of monitoring new devices, services, and applications without having to understand complex monitoring concepts.

Nagios XI is available in a Standard Edition and an Enterprise Edition. The Enterprise Edition offers additional functionality and includes features designed to aid in large-scale configuration, forecasting, and scheduled reporting. Each license includes twelve months of maintenance and email support. Licensing is based on the number of monitoring hosts and starts at $1 995 for the Standard Edition and $3 495 for the Enterprise Edition. If you’d like to give the product a test run, a free 60-day trial version is available.

3. LibreNMS

LibreNMS is an open-source port of Observium, a very potent commercial network monitoring platform reviewed below. It is a full-featured network monitoring system that provides a wealth of features and device support. Among its best features is its auto-discovery engine which doesn’t only rely on SNMP to discover devices. It can automatically discover your entire network using CDP, FDP, LLDP, OSPF, BGP, SNMP and ARP. Talking about the tool’s automation features, it also has automatic updates so it will always stay current.

LibreNMS Screenshot

Another major feature of the product is its highly customizable alerting module. It is very flexible and it can send alert notifications using multiple technologies such as email, like most of its competitors but also IRC, slack, and more. If you’re a service provider or your organization bills back each department for their use of the network, you’ll appreciate the tool’s billing feature. It can generate bandwidth bills for segments of a network based on usage or transfer.

For larger networks and for distributed organizations, the distributed polling features of LibreNMS allow for horizontal scaling to grow with your network. A full API is also included, allowing one to manage, graph, and retrieve data from their installation. Finally, mobile apps for iPhone and Android are available, a rather unique feature with open-source tools.

Paid Alternative: Observium Professional

Observium is a low-maintenance monitoring platform with auto-discovery. It supports a wide range of device types, platforms and operating systems including, among others, Cisco, Windows, Linux, HP, Juniper, Dell, FreeBSD, Brocade, Netscaler, NetApp. I doubt that you can find a WAN router that’s not supported. The tool’s primary focus is providing a beautiful, intuitive, and simple yet powerful user interface showing the health and status of your network.

Observium Screenshot

Observium has more than just bandwidth monitoring. For instance, there’s an accounting system that will measure total monthly bandwidth usage in the 95th percentile or in total transferred bytes. It also has an alerting function with user-defined thresholds. Furthermore, this product integrates with other systems and can pull their information and display it within its interface.

Observium users love how easy it is to set up and how it almost configures itself. Although there doesn’t appear to be a download section on the publisher’s website, there are detailed installation instructions for several Linux distributions that do include the links to get the right package for each distribution. The instructions are very detailed and installing the software should be easy.

4. Icinga

Icinga is another excellent monitoring platform. It has a simple and clean user interface and, more importantly, a feature set that rivals some commercial products. Like most bandwidth monitoring platforms, this one uses SNMP to fetch and compute bandwidth utilization data from network devices. But one of the areas where this tool particularly stands out is its use of plugins. There are thousands of community-developed plugins that can perform various monitoring tasks, thereby extending the product’s functionality. And in the unlikely event that you couldn’t find the right plugin for your needs, you can write one yourself and contribute it to the community.

Icinga Screenshot - Tactical Overview

Alerting and notification are also among Icinga’s best features. Alerts are fully configurable in terms of what triggers them and how they are transmitted. The tool also features what is referred to as segmented alerting. This feature will let one send some alerts to one group of users and other alerts to different people. This is nice to have when you monitor different systems managed by different teams. It can ensure that alerts are transmitted only to the proper group to address them.

Paid Alternative: PRTG Network Monitor

The PRTG Network Monitor from Paessler AG is another great product. It is, at its base, an SNMP monitoring tool. However, thanks to a concept called sensors—a type of functionality plug-ins that are already built into the product—additional metrics can be monitored. There are about two hundred sensors available with the product. Installation speed is another strength of the product. According to Paessler, you can set it up in a couple of minutes. While it may not be that fast, it is indeed faster than most competitor’s thanks in part to the tool’s auto-discovery engine.

PRTG Dashboard - Datacenter Monitoring

PRTG is a feature-rich product that lets you choose between a native Windows enterprise console, an Ajax-based web interface and mobile apps for Android and iOS. Alerting and reporting are both excellent and the product boasts a wide range of reports that can be viewed as HTML or PDF or exported to CSV or XML to be processed externally.

PRTG is available in a free version which is limited to monitoring no more than 100 sensors. Each parameter you want to monitor counts as one sensor. For example, monitoring bandwidth on each interface of a 4-port router will use up 4 sensors and monitoring the CPU and memory on that same router will use up 2 more. Each additional sensor you install also counts. For more than 100 sensors—which you will most likely need—you’ll need a license. Their prices start at $1 600 for up to 500 sensors, including the first year of maintenance. A free 30-day trial version is also available.

Wrapping Up

Whether you choose to go towards an open-source or a closed-source monitoring tool is up to you. We’ve explained the differences between the two and described each type’s advantages and disadvantages. We’ve also reviewed some of the best free and open-source tools we could find and some commercial counterparts so you can see what’s available. Paid or free, we can easily recommend any of the tools we’ve just reviewed and the best for you is the one that best matches your specific needs.

The post Open-Source and Closed-Source Monitoring Tools Compared (2020 Edition) appeared first on AddictiveTips.