Network Performance/Monitoring Tools

In your opinion, what are some of the better network performance/monitoring tools out there to monitor a network and to find bottlenecks and problems?

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

apd123

I have always wondered this too I imagine it will be a pretty tough one to answer. I have used SNMPc and Solarwinds. Too be honest these tools were decent for catching errors on interfaces or overutilization, but I never really used them to much beyond that. Solarwinds did have a nice wireless portion where I could view all users even though my AP's were standalone. I am sure there are huge capabilities of these tools which I never had time too touch. We had something like 4000 devices and no organization to the SNMP traps so they were fairly useless for proactive stuff. The routers and switches themselves will give you a wealth of information for troubleshooting most problems.

kryolla

we use HP openview on a sun box for our BPX/MGX complex

DerekAustin26

Netcool is great. We use it in our Network Operations Center.

Plus Todd Lammle -(Author of CCNA Sybex Study Guide) likes it too.

Forsaken_GA

Nagios is wonderful for monitoring. Cacti (or any rrdtool based suite that uses SNMP to gather data) is great for tracking bandwidth usage and trends. Rancid is wonderful for tracking configuration changes. iperf is excellent for testing load

mikej412

http://www.techexams.net/forums/ccie/26782-cisco-admin-tools-must-have-cisco-engineers.html

whatthehell

What about Wireshark (formally Ethereal) or Snort?

Used both and they have been pretty helpful. Also "the dude" is pretty good as well.

Good luck!

Forsaken_GA

mikej412 wrote: »

http://www.techexams.net/forums/ccie/26782-cisco-admin-tools-must-have-cisco-engineers.html

I guess it depends on the environment you work in. I can't see living without Rancid, and if I'm going to run a Unix server for that, it can fulfill all of the other needs like syslog (syslog-ng), ntp peer, tacacs+, etc. Depending on the size of the environment that needs to be monitored, nagios and cacti (or mrtg, though I prefer RRDtool based graphers, as they're a natural evolution from mrtg) all on the same server.

A few other tools I find incredibly nifty are mtr (much better than standard traceroute) and the nanog variation of traceroute. It's pretty nifty to have it pull up AS numbers and things like MPLS labels while you're doing a traceroute.

I've also cobbled together my own scripts that will do things like parse whois information from the relevant sources to give me who a netblock is allocated to (and whether it's been SWIP'd out to someone else), the AS an IP belongs to, which country it's from, the contacts, etc. And of lesser use is another script that will generate either ACL statements or iptables statements that give me summary addresses for when I want to block entire countries (I don't like Russian or Chinese IP's touching certain machines)

And then there's netflow....

Edit: Oh, and how could I possibly forget nmap!