I often get asked “How do you guys handle this?” or “How do you manage that?” Unfortunately, I haven’t found a single tool with a reasonable price that handles every aspect of network management. There are just so many different requirements: Outage reporting, performance monitoring, traffic analysis, device tracking, configuration file management, and IP address management are a few of them.

I’ve implemented a suite of tools that I feel does a really good job. I’m going to start with a list, and follow up every day or two with a spotlight on each product.

• Solarwinds Orion - Orion is the heart of our network management tools. It monitors key interfaces on all of our network devices and provides detailed performance metrics as well as outage notification emails. Everything is presented on nice graphical maps depicting the physical layout of our network.
• Scrutinizer - Scrutinizer is a netflow traffic analyzer. It takes a stream of netlow data from various router interfaces and breaks down traffic by source and destination as well as protocol. I monitor all of our uplinks from each IDF to the core router as well as the point to point circuits to remote sites with scrutinizer.
• Nedi - Nedi is a really cool tool. It goes out and polls every network device every few minutes and retrieves the ARP and CAM tables as well as various other data. It allows me to do some really neat and useful things. For example, if I identify and IP address or MAC address that’s doing something bad, I can search in Nedi and identify exactly which building, switch, and port number that machine is located on.
• Rancid - Rancid manages backing up the configuration of all of our network devices as well as tracking changes. Every switch and router gets polled every hour and, if the configuration has changes, the new configuration is committed to a CVS repository. A web-based viewer allows me to view all of the versions as well as do diffs to determine what changed.
• Infrastructure Search - This is a search utility developed by a friend. It integrates with Rancid and allows me to search every configuration file on every network device for a specific string. This tool is awesome if you’re trying to find, for example, every switch a specific VLAN exists on.
• IPPLan - IPPLan is a IP address management system. It allows me to view each subnet and see what device each IP is assigned for. At last count between all of our internal and external blocks and remote sites, etc., we have 31 different subnets. A tool like IPPLan is essential for keeping up with all of that.
• Future: Snort - I haven’t actually implemented Snort yet, but it’s on my list. Snort is an open source Intrusion Detection and Prevention system.

Over the next few days, I’ll be making a separate post with more details and screenshots of how I’m using each of the above tools.