By Cameron Sturdevant  |  Posted 2004-05-17 Print this article Print

Oculan Corp.s flagship Oculan 100 is a small but capable network management and security package that can streamline operations in small and midsize enterprises.

The Oculan 100s integrated console provided more than enough data to keep the eWEEK Labs test network humming, but the appliances vulnerability assessment component skimps on basic "fix-it" directions—and these directions are vital for a security tool designed for overworked IT employees in small companies.

The Oculan 100, which started shipping last month at a cost of $4,995, is an easy-to-install 1U (1.75-inch) appliance that hangs off a switch monitor port to collect network performance data. Once we configured our Cisco Systems Inc. Catalyst 3550 XL switch to mirror network traffic to its monitor port, the Oculan 100 processed the data into concise reports.

The Oculan 100 is loaded with reports that we configured to provide precise information about a wide range of network performance conditions, as well as the state of network device, server and desktop PC conditions. Upcoming versions of the product, which will be paid upgrades to the existing appliance firmware, will focus on Linux systems.

The Oculan 100 competes with Interloci Inc.s NetworksAOK and SilverBack Technologies Inc.s Professional network monitoring appliances. There are some differences: Interlocis system includes the same vast array of performance-alert thresholds that are available in the Oculan 100 but also includes a basic trouble-ticketing system. SilverBack can easily augment its Professional product with knowledge from the companys extensive service offerings. In contrast, Oculan does not provide a managed service offering.

These are worthwhile distinctions for IT managers to consider when evaluating these products. Nevertheless, we believe the Oculan 100s clean interface and extensive alerts and reports will likely make it a compelling choice for harried IT managers.

One characteristic we liked best about the product was that it provided sophisticated network performance and security features with minimum configuration. We could install the device and get useful information about system and desktop vulnerabilities in a matter of hours.

Nevertheless, IT managers should allocate several days to getting the product up and running. This is because the wide variety of monitoring and security tools provide so much information that the components must be fine-tuned to readily provide alerts about real problems.

For example, our initial work with the Oculan console and e-mail alerting system was overwhelming when we directed the system to send us e-mail for configuration events. Every time the Oculan 100 found a new piece of information about our network, it dutifully sent us an e-mail message. After receiving 72 e-mail messages about mundane discovery information, we spent almost an hour fine-tuning the alerts.

When we narrowed down the number of events that would trigger an e-mail message, the system worked well in keeping us apprised of significant changes to our network and systems.

We were particularly impressed with the Oculan 100s outage reports. Using the default polling intervals, we generated precise reports about when network devices such as a switch or router went offline and when the devices became available. As expected, we were able to configure the alerting system to send us an e-mail message or a text page when critical systems went offline.

We could integrate messages from the Oculan device into other network management systems, such as Hewlett-Packard Co.s OpenView Network Node Manager, using SNMP trap forwarding. However, this created an awkward hodgepodge of management systems. We therefore dont recommend using the Oculan 100 to manage distributed networks at large enterprises.

Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ziffdavis.com.

Check out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis.
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page:  

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at csturdevant@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel