dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1422
share rss forum feed


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1

Enterprise monitoring

We currently use CA's Spectrum Monitoring solution. We would like to phase that out since its so espensive with its per node pricing.

We use it to monitor Servers, and network devices.

I like Extrahop for performance monitoring as I have seen it product demo'ed infront of my meaty palms.

I don't wanna loose the current Host Configuration Change Managment that CA Provides.

So what isn't so cost restrictive? Im thinking combine Solarwinds products + Extrahop

nosx

join:2004-12-27
00000
kudos:5
My advice would be dont mix the configuration backup need with the node health monitoring and trending. Spectrum is several half-products sewn together. There are plenty of better (and cheaper) ways to manage large network configuration repositories (and do a MUCH better job of alerting on config deviations from standard, revision control, etc.)

Solarwinds makes an acceptable small to mid-sized network monitoring solution, however I would not waste the time or cash on the configuration management piece (Is it still called Sirus?)

Remember that the ability to manage incidents is as important as the ability to detect them, you dont want a link failure to generate 300+ tickets to OPS when all the unreachable devices could be automatically childed up to one parent ticket. Having poor integration with your ticketing system results in delayed time to repair, lost revenue, increased support cost, etc.

So with that in mind, can Extrahop integrate with the rest of the operational toolset? Or does the vendor that makes your other pieces also make a node monitor? etc.


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1
the more that i've been around these types of issues, the greater my frustration grows with vendor lock-in. most monitoring/config management/all-in-one vendors don't adequately (or at all) document their apis and how you can hook systems into them. its their way of locking you in to their software suite.
we hock solarwinds -- a lot. i can see where it has its place in that commercial-select/small enterprise market where you don't necessarily have the vision at the top that spurs the opex in manpower for things like homebrew provisioning and config management systems. these solutions are often "all-in-wonder" in the sales slicks, but it doesn't give you the flexibility to change what you don't like.

i'm starting to think more and more that you find a ticketing/incident management system that you like and has an open api -- then you put together some perl/php-fu to homebrew your provisioning system and config management -- then tie it into a system with expect, ciscocmd, or the like -- potentially using some of the modules provided through rancid (clogin for example) and then hooking your config management/backup system into its own archive but tie it via some nifty web frontend with some egrep functionality.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1
reply to Bigzizzzle
This is so epic-ally frustrating. Currently CA's Spectrum does everything we want from a 1 Console product. I have looked at solar winds stuff but that means like 3-4 different consoles need to be up to accomplish stuff we have current functionality in Spectrum.

Its clear we need a software that can pulling RFC MIBS, SNMP traps, syslog stuff, build a good graphical topology of how stuff interconnects. Without the absurd per node pricing we are currently charged.

To be more precise we are very IBM 1970 Mainframe with SNA networks we use Tivoli monitoring (thinking at looking at their network mon stuff), We kinda of function like a service provider as in we provide Managed Router gear and Frame relay/MPLS/etc connections back to us so they can send transactions back to our mainframes for processing.

Yes we could add the Extrahop unit which is simply a network based Application Performance Management unit with Elite levels of monitoring and t-shoot capabilites.

We host critical website infrastructure with payment solutions and that stuff is currently on Coridant. Lately we have lots of clients who have problems with their POS or transaction software getting errors when trying to process to us. So we really on my team to setup our edge based wireshark sniffers to do filtered analysis of traffic coming from their hosts to our network so our Web teams and Prod analyst can debug stuff for them.

We using Service Now for ticketing system (slow shit) but it gets auto generated alert traps from our CA's Spectrum which intern auto populates Ticket numbers in that application.

Help me solve this an Ill buy ya beers /dinner if you go to this Years CES in Las Vegas


Tyson S

@qwest.net
reply to Bigzizzzle
[Vendor jumping in here ... I'm the technical marketing manager at ExtraHop.]

From a price-per-device standpoint, ExtraHop is going to beat the heck out of CA Spectrum. However, it's a bit of an apples-to-oranges comparison because the two products are doing different things. Concerning ecosystem, we can send alerts or events to managers-of-managers through rsyslog and SNMP traps.

Where it sounds like ExtraHop could really help is with the POS scenario you described. For one thing, we scale much better than Coradiant (sustained 10Gbps) and offer custom-defined transaction analysis that does a great job of giving you just the data that you need to look at. We can inspect the HTTP payload to extract transactions matching a specific account ID, for example. This demo given at Splunklive shows how easy it is to run this type of customized analysis and answer questions. The demo part starts at 14:00:

»www.youtube.com/watch?v=5ixhr_Hbm2M


ExtraHop also recently introduced precision packet capture that enables IT teams to set policy on automatic packet captures. What's really cool about this is that it not only triggers the packet capture, but pulls the packets from the buffer that preceded and caused the event. So you could see what request caused an application error, for instance. Here's a four-minute demo of the precision packet capture functionality:

»www.youtube.com/watch?v=1eG-rfo4vQM


Bedroc is our reseller based in Tennessee. We also are working on a case study with Medsolutions, based in Franklin, that hopefully will be published soon.

Best of luck!


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1
Ironically Bedroc is where I attended this demo for the Nashville Cisco Users Group .


carp
Rejected

join:2002-10-30
reply to Bigzizzzle
Although I like the cost of Solarwinds, I can't say I'm all that happy with it. Cirrus is long gone as a name, it's NCM now, mediocre.


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1
said by carp:

Although I like the cost of Solarwinds, I can't say I'm all that happy with it. Cirrus is long gone as a name, it's NCM now, mediocre.

What else is out there that is worth a look at? HP Node manager?

nosx

join:2004-12-27
00000
kudos:5
HP NNM is a competitor, so is the cisco prime suite although both are a tad on the pricey side. You might try out a trial/demo of the Manage Engine stuff.


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1
said by nosx:

HP NNM is a competitor, so is the cisco prime suite although both are a tad on the pricey side. You might try out a trial/demo of the Manage Engine stuff.

Any experience with Dells (Quest) Foglight Network Managment? Im am digging the UI so far.

aryoba
Premium,MVM
join:2002-08-22
kudos:4
Have you checked Cisco Event Manager feature? If not, I'm sure it will be at least intriguing or giving you ideas in building low-cost monitoring system

Here is a link.
»www.cisco.com/en/US/docs/ios/net···cli.html


Bigzizzzle
Premium
join:2005-01-27
Franklin, TN
kudos:1
I think we want a solution that combines both Network/Server Monitoring with our existing SNMP events / MIBS we have configured.

accordg

join:2013-01-17
reply to Bigzizzzle
Have any one used Nagios? it's free