Highly Focused

Item

Name

Area

Description

Candidate for Study

Next Steps

Notes

open source

platforms

Packaging (tar, configure?)

Ease of Installation and Configuration

If open source, what about development details? (libs, languages?)

Pros

Cons

Notes

IPlanet LDAP Directory Service Resource

Opensource

The iPlanet™ Directory Server Resource Kit (iPlanet DSRK) provides tools and APIs for deploying, accessing, tuning, and maintaining your iPlanet Directory Server. These utilities will help you implement and maintain more robust solutions based on LDAP, the Lightweight Directory Access Protocol.

None

Yes

Iplanet (Unix, Windows NT)

Zipped binaries

Easy

API in C and Java

Focused on LDAP

SiLK

Opensource

SiLK is a collection of netflow tools developed by the CERT/AC to facilitate security analysis in large networks. SiLK consists of a suite of tools which collect and examine netflow data, allowing analysts to rapidly query large sets of data. SiLK was explicitly designed with a tradeoff in mind: while traffic summaries do not provide packet-by-packet (in particular, payload) information, they are also considerably more compact and consequently can be used to acquire a wider view of network traffic problems.

Yes - Track it

Track development, keep it in periphery

Yes

UNIX, Linux

Tar, autotools (./configure,make, make install)

Moderately easy

C, Perl, Python

Nice tools for router analysis

Application-based, Broad focus, Security, Event

AirCERT

Opensource

Automated Incident Reporting (AirCERT) is a scalable distributed system for sharing security event data among administrative domains. Using AirCERT, organizations can exchange security data ranging from raw alerts generated automatically by network intrusion detection systems (and related sensor technology), to incident reports based on the assessments of human analysts. The infrastructure is designed around several formats for exchanging reports, including IODEF ,IDMEF , and SNML , and provides a set of configurable data normalization tools for transforming data to the AirCERT framework. This framework automates the process of sanitization, normalization, and sharing -- enabling cooperation and coordination on an otherwise impractical scale, and making possible a whole new class of analyses.

Yes - High Priority

Install, read docs/code, test capabilities

Yes

UNIX, Linux

Tar, autotools (./configure,make, make install)

Moderately easy

C, apache

Has practically everything we need in it, from file formats to transfer methods

Library can only be used from C/C++ programs

Application-based, Broad focus, Security, Event

IPDR

Opensource/Consortia

IPDR.org is an open consortium of leading service providers, equipment vendors, system integrators, and billing and mediation vendors collaborating to facilitate the exchange of usage and control data between network and hosting elements and operations and business support systems by deployment of IPDR standards.

None

Yes

Not software. Network-oriented, overly narrow focus

Experience and Trends in AI for Network Monitoring and Diagnosis

Academic paper

In this paper, we outline two practical Artificial Intelligence (AI) systems that we have developed for use in network monitoring and fault diagnosis. Based on this experience, we discuss the factors that were important to the success of these systems, and highlight our direction for future research in this field.

Yes - Low Priority

Read for possible methodological interests

Useful for analysis stage, methods focus

WIldPackets

Commercial

These analysis tools represent our core product line. From the desktop to the datacenter, wired to wireless, both distributed and local, these products enable IT organizations to monitor, troubleshoot, and secure their network systems. Providing precise, contemporary analysis of the problems facing today's networks, WildPackets' analyzers are the first and only analyzers to offer both Expert network diagnostics, statistical monitoring, and frame decoding in real-time, during capture.

Yes - High Priority

Read more docs, contact company for possible product evaluation

Windows

Binaries

Discovery, Network-oriented, broad focus, security and management uses

eProbe

Commercial

ePROBE is a combined hardware and software solution for distributing network management capabilities to remote networks, such as DMZs (firewall protected network). ePROBE is an intelligent network appliance that provides root cause analysis, performance reporting, mapping, and trap forwarding on all monitored devices.

None

OpenView, NetView

Binaries

Really fits under all 3 categories. Hardware component

Cricket

Opensource

Cricket is a high performance, extremely flexible system for monitoring trends in time-series data. Cricket was expressly developed to help network managers visualize and understand the traffic on their networks, but it can be used all kinds of other jobs, as well.

None

Yes

Apache/Perl

Tar, perl modules

Easy

Perl, requires apache and some perl modules

Provides some analysis of data

Focused, Network oriented, Analysis oriented

Redcell Assure

Commercial

Redcell Assure provides all the tools necessary to manage complex, multi-service, multi-technology networks and services across a heterogeneous network. It includes real-time fault management ,event management ,performance monitoring ,root cause analysis ,network inventory database and SLA management as well as auto-topology and device discovery .

Yes - High Priority

Read more docs, contact company for possible product evaluation

Windows NT, Solaris

Binaries

Lots of features

Costs $16,000

Broad scope, security, network-oriented

Intermapper

Commercial

Server, SNMP monitoring. Real-time and historical data analysis. Failure notification options.

None

Mac, Solaris, Windows, Linux

Binaries

Focused, Network Lots of published papers

Codima Technologies

Commercial

Probe-based network analysis. Passive and SNMP-based active modes.

None

Windows 2000 or XP

Binaries

Network

ExtraLan Solarwinds

Commercial

Network analysis, largely for security evaluation. A number of stress tests are included. Real-time analysis does not seem to be the focus

Yes - Track it

Read docs as time allows

Windows

Binaries

Lots of tools

Looks a bit unprofessional

Network and Security oriented

GGF

Consortia Document

A proposal for a grid network monitoring system.

None

Grids we can worry about post 1.0

Remote Network Monitoring Group

Industry Consortia

The RMON MIB Working Group is chartered to define a set of managed
objects for remote monitoring of networks. These objects will be the
minimum necessary to provide the ability to monitor multiple network
layers of traffic in remote networks; providing fault, configuration,
and performance management, and will be consistent with the SNMP
framework and existing SNMP standards.

None

Yes

Application/Grid focus

GridMon

Academic

These are the web pages of GridMon, the UK e-Science Grid network performance monitoring toolkit. Here you will find an introduction to the project, beginning with the purpose of the work, which is essentially network performance monitoring. The pages also look a little at monitoring itself: why we monitor, what we monitor (what we measure) and how. Progress to date is also covered, as well as planned future work.

None

Application/Grid focus

End to End Performance Monitoring Workgroup

Workshop presentations

Workshop presentations given in May 2003

None

Methodological

UNIX Network Monitoring tools

Government

DOE's security folks and their recommendations for how to best monitor a network

None

UNIX, Linux

NEBULA Network Management

Commercial

Optimize the performance and management of your network with NEBULA Performance Monitor or NEBULA Enterprise PM the network monitoring software solutions powered by Linmor Technologies Inc.

None

Solaris, Linux

Binaries

Risk analysis component is unique among the surveyed efforts

Netscout

Commercial

Comprehensive end-to-end network performance management. Historical and real-time analysis possible.

None

Less interesting version of other packages

Windows, Solaris

Binaries

Less interesting version of other packages

Stanford IEPM-BW Project

Academic

The purpose of the IEPM-BW project is to develop and use an infrastructure to make active end-to-end application and network performance for high performance network links such as are used worldwide by Grid applications and other academic and research (A&R) applications deployed over high performance network such as ESnet ,Internet2 and other (A&R) networks in the developed world.

Yes - Track it

Track development, keep it in periphery

Broad scope, grid and application focus. Seems like the best grid stuff to track

Yes

UNIX, Linux

Tar, perl files

Easy

Perl, requires apache and some perl modules

Broad scope, grid and application focus. Seems like the best grid stuff to track

eHealth-Network

Commercial

eHealth—Network provides a valuable baseline of your network by documenting normal behavior of millions of elements. Within days, you'll be able to: quantify Frame Relay ROI, measure QoS and bandwidth usage, resolve router problems before they affect service, and reduce call failures to minimize costs.

None

Application oriented

Solaris, HP-UX, Windows NT

Binaries

Application oriented

Insurance and Technology Tech Library

Commercial

A listing of network performance management software and reports

None

none by themselves looks all that interesting, but as a group the data is useful to consider for trends

InfoVista

Commercial

InfoVista helps organizations maximize the business value of their IT services. We extract, organize, and present information that enables decision makers at every level to continuously align IT services with business priorities. Our fully personalized and interactive portal provides visibility into real-time and historical information essential to optimize the service experience for end-users.

None

Not very consistent with e2ed's plans

Windows

Binaries

API in C, Perl, Java

Not very consistent with e2ed's plans

NetBoss

Commercial

NetBoss Optimize.IT, the NetBoss Performance Management Solution, permits network operators to build detailed, quantitative views of network performance to support short and long-term network decision making and enable Service Level Agreement Management. Optimize.IT is a capability of the NetBoss Application Suite, a comprehensive set of software-based capabilities that run on the NetBoss integrated communications management platform.

None

Network oriented, Performance

Windows, web client

Binaries

Network oriented, Performance

Packeteer

Commercial

Performance Management application that is also application-aware

None

Application, Performance

Hardware

Binaries

Application, Performance