Broad Scope

Name

Area

Description

Candidate for Study

Next Steps

opensource

platforms

Packaging (tar, configure?)

Ease of Installation and Configuration

If opensouce, what about development details? (libs, languages?)

Pros

Cons

Notes

Netlogger

Research/Educational

The Netlogger Toolkit includes a number of separate components. You may find one or more of these components useful for your end-to-end monitoring needs.

NetLogger message format and data model: A simple, common message format for all monitoring events which includes high-precision timestamps
NetLogger client API library: C/C++, Java, and Python calls that you add to your existing source code to generate monitoring events. The destination and logging level of NetLogger messages are all easily controlled using an environment variable.
NetLogger visualization tool (nlv) : a powerful, customizable X-Windows tool or viewing and analysis of event logs based on time correlated and/or object correlated events.
NetLogger host/network monitoring tools: a collection of instrumented system monitoring tools: nl_vmstat, nl_netstat, nl_tcpdump, an interface to Ganglia, etc.
NetLogger storage and retrieval tools, including:

netlogd: a daemon that collects NetLogger events from several places at a single, central host
Archive: An event archive system for NetLogger data, based on mySQL
nlforward: forward all netlogger files in a specified directory to a given location

Yes - High Priority

Maintain relationship with Netlogger folks, download source, install and test it, read over code

Yes

UNIX, Linux

Tar, autotools (Make, Make install)

Pretty easy

API in Java, C, Python. Tools primarily written in python

Suits our needs very nicely, integrates into other tools that look useful. API for every language we care about (minus perl, perhaps), most code in Python, so it is pretty easy to read. Tools immediately useful to us, ready to use.

Autonomic Computing

Open Source/Research

BM's vision of autonomic computing embraces the development of intelligent, open systems capable of managing themselves, adapting to varying circumstances in accordance with business policies and objectives, and preparing their resources to most efficiently handle workloads. Autonomic computing is part of IBM's e-business on demand strategy.

Yes - High Priority

Read more docs, download source, install, read code over

Yes

Java2

Zipped Jars, Eclipse Modules

You need Eclipse devel environment

Written in Java2, need Eclipse and other IBM tools

Nifty research tool

Not suitable for production environments

IBM Tivoli Netview

Commercial

NetView discovers TCP/IP networks, displays network topologies, correlates and manages events and SNMP traps, monitors network health, and gathers performance data. Tivoli NetView meets the needs of managers of large networks by providing the scalability and flexibility to manage mission-critical environments.

Yes - High Priority

Read more docs, contact vendor about evaluation period

UNIX, Windows, Linux

Binaries

Very powerful, lots of features, lots of customers

Proprietary

Network Fault Diagnosis : a Model Based Approach

Academic Paper

This paper presents a model-based approach to fault diagnosis in computer networks. The idea behind a model based approach is to have a complete description of the local area network: the topology, type of equipment, routing tables, and so on. Given this information, one can perform model based reasoning on the network.

Yes - Track it

Read as time/priorities permit

Distributed, Agent-based Network fault detection system

Thesis Paper

The aim of this project is to create an agent-based system which will monitor network and host conditions which are to be monitored, can encompass the entire OSI model; detecting faults situated on the network hardware of hosts and network to the errors by host software-based services. Once a sufficient amount of work has been achieved in the construction of this system, it will be subject to testing and evaluation.

None

Entuity

Commercial

Eye of the Storm identifies your network infrastructure assets, with a complete and automatic inventory discovery. Eye of the Storm identifies how your assets are performing; where assets are over-utilized, where they are under-utilized. Eye of the Storm identifies where faults are occuring, and just as importantly where faults will occur.

Yes - Low Priority

After high priority action items complete, evaluate product further

Server:Solaris,Windows; Client: Java

Binaries

Proprietary

Discovery, Network

NetIQ Systems Management

Commercial

Monitoring, Diagnostics, Reporting, and Automation for the enterprise network.

Yes - Low Priority

After high priority action items complete, evaluate product further

UNIX, Windows, Linux

Binaries

Features look good

Proprietary

Really fits under all 3 categories

NMIS

Open Source

Network Management system that deals with all 3 parts of OSI model. Monitors network, stores data for statistical analysis, and issues alerts as needed,

Yes - High Priority

Read more docs, download source, install, read code over

Yes

UNIX, Windows, Linux

Tar, perl files

Moderately easy – lots of things need to be configured

Perl. Needed libs/programs are: perl5, apache, korn shell, rrdtool, snmp session, various perl modules

Collects lots of data, the perl is well-commented and pretty easy to follow

Functionality overlaps a fair amount with other projects, mainly for monitoring routers

Lucent VitalNet

Commercial

VitalNet™ Network Performance Management software provides on-demand access to data you need to pre-empt problems, improve capacity utilization and meet service quality commitments. This market-leading software delivers end-to-end, Web-based visibility into your wireless or wireline multi-vendor network for DSL, VPN, IP Centrex, streaming video, GigE and diverse 3G wireless services. It delivers a uniform method for tracking, analyzing, managing and predicting performance across diverse technologies — including mobility, IP/MPLS, ATM, Frame Relay, LANs and WANs — from one centralized location.

Yes - Low Priority

After high priority action items complete, evaluate product further

UNIX, Windows, Netware

Binaries

Many features, powerful analysis engine

Proprietary

IBM Performance Management Research

Commercial/Research

The adaptive systems department within the IBM T.J. Watson Research Center develops technologies and methodologies for managing change in computing systems, an area that is critical to IBM's efforts in on-demand computing. The scope is broad. Examples of changes include: subscriber overloads, software memory leaks, application deployment, and system re-purposing.

None

Lots of published papers

Aprisma

Commercial

Network Root Cause Analysis software

None

Solaris, Windows NT

Binaries

Java, XML API

Root-cause analysis engine, interface to program against

Proprietary

Fidelia

Commercial

Real-time network managemant application that works with distributed software components

None

UNIX, Windows, Linux

Binaries

Perl, C, Java API

Has an interface to program against

Proprietary

Fluke Networks

Commercial

Real-time application performance monitoring and network management tools.

None

Web server

Binaries

HP OpenView

Commercial

The HP OpenView suite of market-leading software products and solutions provide a centralized point of control for efficiently managing heterogeneous computing environments and ensuring that infrastructures operate at maximum availability and efficiency. Through Real-time performance measurement, IT organizations can immediately understand whether applications and systems are overloaded, and creating a negative experience for its users. Historical data collection and trending allows IT to spot utilization trends that, left unnoticed, will create performance and availability problems down the road. By identifying where the future "hot spots" are, IT can make more intelligent infrastructure purchasing decisions

Yes - High Priority

OpenView will play a major role in all of this. We want to establish a relationship with them if possible

UNIX, Windows

Binaries

Very powerful, lots of features, lots of customers

Proprietary

IP Network Performance Management

Commercial/Research

AT&T's network analysis group. Emphasis is on protocol-level work rather than applications.

None

Telcordia

Commercial

Performance Management Suite . Network Performance Monitor is a data collection, performance management, and analysis system that monitors the service quality of a network. This automated process is based on network management "by exception."

None

No Information

Unisys Application Analysis

Commercial

Predict the results of extending applications to off site end-users, prior to roll out. Our simulated environment lets you expose performance risks before they impact actual productivity.

None

Windows

Binaries

ARCSight Reporting System

Commercial

Unlike other offerings that appear to address this space, only ArcSight provides a complete solution that includes the three critical elements of enterprise security management:

-Precision Intelligence: Providing the right information to the right people at the right time so that threats and attacks are efficiently and effectively detected.
-Closed-loop Incident Response Management: A complete set of tools to reduce the impact of an attack to an absolute minimum
-Enterprise Scope: The ability to install quickly and scale to full enterprise deployment across a wide variety of platforms so that results are realized immediately and expansion is easily managed. Microsoft Windows and multiple versions of Unix and Linux are supported across a variety of hardware platforms including Pentium and RISC.

Yes - High Priority

Investigate Risk Analysis component, and see how we might use it

UNIX, Windows, Linux

Binaries

Very powerful visualization

Proprietary

Risk analysis component is unique among the surveyed efforts

Intellitactics, Inc

Commercial

Intellitactics™ Network Security Manager™ enables security teams to rapidly and comprehensively identify information security incidents, deploy resources on the threats that pose the greatest risk to the business, assess and resolve these incidents with the strongest security team productivity and capability, and affordably scale security coverage enterprise-wide. You get a clear picture of your security situation in real time—and over time—so you can deliver the most effective information security possible. Point your enterprise at NSM:, it provides you with real-time integrated threat management , it allows you to track your enterprise-scale event activity, it shows you what's important according to your business priorities. With NSM, you leverage the infrastructure you've already built. NSM correlates massive amounts of data for you—gathered from your full range of security devices and other information sources throughout the enterprise. Then, in a single-pane-of-glass, NSM provides a graphical visualization of threats, anomalies and trends. Your security operations center can now respond more effectively to real security threats than with any other security product — in moments instead of days, with fewer resources.

Yes - High Priority

None

Windows, UNIX, Linux

Binaries

Supports lots of devices/software

Proprietary

Microsoft Operations Manager (Mom)

Commercial

MOM 2000 directly monitors the event, health, and performance information of a Windows Server™ infrastructure and Windows®–based application environment, using Management Packs. Management Packs provide ready-to-use intelligent operations management knowledge and monitor a wide array of server health indicators that enable them to call attention—often preemptively—to many critical events that require administrator intervention. This information is made available through MOM 2000’s open and scalable server infrastructure and a powerful operator console.

Windows but can exccept external data is one is willing to write an agent

Binaries

Deeply intregrated into the Windows infrastructure. It can scale to the enterprise level

Security, Application and System events