Monday, 19 January 2009

Network Analysis

At the moment I am researching which is the best tool to buy for an enterprise network in terms of discovering network performance and so I thought I would ask any readers of this blog for their recommendations.

First a bit of background I work in a support team in a large enterprise and we often get calls reporting the "network is slow". Now we have some tools that help us monitor the utilization of the links but they cannot show us the top talkers across the links. Our current tool set also does not allow us to see what protocols are being used across the link and we have no chance of being able to prove what application is causing the problem. It always turns out to be an application or patch deployment that causes the problem, however we usually have to let the users suffer from a "slow network" until the problem goes away. To me this is unacceptable service and I have started investigating products that can give us a bit more visibility into the network.

Ideally what I would like is an application that can pull NetFlow stats from the routers and via some sort of probe be able to investigate switched traffic. I would require the product to determine application responsiveness and ideally be able to build a baseline over time. We may also be consolidating data centres fairly soon and so discovering the relationships between servers would be a great bonus. As I want to make sure we migrate all the servers that talk heavily to each other as a package and we do not leave a server behind that then hammers the WAN link by talking to it's peers in the new data centre. Finally I would be interested in how the various products cope when WAN optimization is introduced into the network.

I have been looking at tools from MAZU, OpNet, NetScout and NetQoS but if anyone else has any recommendations I would be most grateful.

8 comments:

liquid6 said...

I have used a few products using Netflow and the best I have found is Netflow Tracker (http://www.flukenetworks.com/fnet/en-us/products/NetFlow+Tracker/) The interface is amazing and the diagnosis you can do from this is really second to none. The only downside is that the reporting is a little tedious, but if you have a problem and want to find out exactly what is causing it, this is the solution. I have also used the netflow plugin for Solarwinds Orion, but didn't use it for long. It seemed to be a great start and especially if you were already using Orion it would make sense.

Good Luck,
Liquid

admin said...

hi,
i suggest you to use the MRTG tool, search about it, it's very useful in term of traffic statistics that pass through a router, give me your feedback in a comment

Shaffeel said...

We use Netflow analyzer from Adventnet. The product is cheap but very much worth its money.
http://manageengine.adventnet.com/products/netflow/index.html

Anonymous said...

We are starting to use a product called CorvilNet (made by Corvil) in a very large (ie: 100's of sites) enterprise network to solve the exact issues you are dealing with. We bought it through Cisco as they are a partner of Corvil. It measures one-way loss, latency and jitter, top talkers, conversations, utilization down to microsecond resolution, tcp stats to identify slow servers, QoS analysis to make recommendations on QoS policies, and smart packet captures that tag packets with performance meta data to help solve issues. Definitely worth a look.

Network Ninja said...

Network Instruments is very unique in providing a seamlessly integrated holistic layer 2-7 deep-packet management solution
with embedded intelligence for business critical application analysis, Voice & Video over IP analysis, Expert analysis, and in-depth performance reporting with tight drill-down correlation to the packets associated with the problems impacting the end-user experience.

Custom high performance capture cards for LAN's (up to 10G) and WAN's (up to OC-12c) have also been designed in-house
for a truly seamless user experience that provides comprehensive real-time and retrospective visibility across the enterprise application
infrastructure.

The cost and complexity of what you get from Network Instruments is so much less than from the other vendors who grow through acquisition.

Anonymous said...

Cacti/MRTG and Nagios can handle all your needs, for free!

Anonymous said...

Have you looked at Compuware Vantage?

miranda said...

I have used Vitalnet and Netqos. I think Netqos is the best for this situation.. you can analyze top talkers, specific flows,ect.