Network Monitoring tools Presentation to CIO Cabinet May 5, 2014
What’s needed? • The NOC needs a package that can do alerting, monitoring and event correlation. • Network engineers need a package that will aid with troubleshooting, root cause analysis, capacity planning, and measure performance. • Security needs network information to do threat analysis, see top talkers, and misbehaving applications.
Lancope Stealthwatch • Troubleshooting • Slow networks, Quality of Service • Nets and Apps • Round trip time • Server response time • Quality of Service • Top Talkers • Bandwidth Utilization • Capacity Planning • Charts traffic volume and composition over time
perfSONAR @ USC • perfSONAR is an infrastructure for network performance monitoring, making it easier to solve end-to-end performance problems on paths crossing several networks. It contains a set of services delivering performance measurements in a federated environment. • Global Service and data view • Measurement tools • Bandwidth Test Controller (bwctl), Network Diagnostic Tool (NDT), Network Path & Application Diagnostics (NPAD,) One Way Active Measurement Protocol (OWAMP), Phoebus (protocol for GridFTP), Ping, Traceroute • Services • PingEndtoEndReporting (PingER), perfSONAR-BUOY (archive for measurements), Simple Network Management Protocol (SNMP) • Visualization • Can show real-time picture of network and traffic utilization.
What resources are needed? Lancope PerfSONAR To aid in testing performance end-to-end globally as well as internally, ITS would need to deploy devices to major locations. Plans already underway to install as part of the TEN-II project. Los Nettos and USC have installed instances. Staff already allocated to support. • To aid in network analysis and trending, ITS would need to purchase collectors and pay for flows. • We can leverage initial purchase and use it on high asset value parts of the network first. • Can later expand to other uses.
Other Recommendations • Make better use of existing Spectrum package. • Purchase additional Spectrum functionality to aid in capacity management. • Expand team supporting network tools. • Internal training for staff to make better use of tools and shorten mean-time-to-repair by predicting failures and getting out ahead of them. • Investigate other tools/packages • For example: “Statseeker” being investigated for Jimmy Iovine and Andre Young Academy and possible University-wide license.
According to website…. • Statseeker is highly scalable, industrial strength, network monitoring software that delivers 100% visibility of every interface, on every device, on any sized network, every 60 seconds. • Statseeker scales up to 500,000 interfaces per server, installs as an appliance, is configured in minutes, reports in any time zone and never rolls up the data. • Monitoring of Network Interfaces and Devices, NetFlow, sFlow, LAN Traffic, Traps, NBAR, Syslog, IP SLA, Disk, Memory, Temperature, CPU, Servers, Printers, UPS and more... • According to their website, NetFlow, sFlow, etc. are free and unlimited. • Easy to maintain • One PC based-server scales up to 500,000 network interfaces. • No need for additional pollers.