NetSleuth Adept at Mapping, Device Discovery

By Cameron Sturdevant  |  Posted 2001-02-05

NetSleuth Adept at Mapping, Device Discovery

Gensym corp.s newly minted NetSleuth network discovery and monitoring tool will tempt IT managers with its detailed port-level network mapping, expanded device-discovery skills and refined integration with Hewlett-Packard Co.s OpenView Network Node Manager.

However, those who want to pinpoint the causes of network problems are still better off with such products as System Management Arts Inc.s InCharge, even though that product is much more expensive and harder to install and set up than NetSleuth.

For example, in eWeek Labs tests, we found it easy to use NetSleuths simple root-cause analysis wizard to set up rules that uncovered a downed router interface as the source of network connectivity problems. However, it was much harder to use NetSleuth to diagnose problems caused by traffic congestion or a flapping interface.

The $1,995 NetSleuth 1.1, which shipped last month, runs on Windows NT 4.0 (our main test platform) as well as Solaris 8. Windows 2000 is not yet supported.

Get to work

Most network managers needing to keep tabs on various network infrastructure devices will find the product immediately useful because of its quick network discovery ability. This is despite NetSleuths plodding Java-based user interface, which kept us waiting for information at every turn. During tests, the topology discovery engine identified all the equipment in our test network, including some dated NICs and switches, but there is no way to add devices to its identification database. Fortunately, the database is comprehensive.

Managers will find NetSleuth most useful for mapping networks that theyve inherited rather than built. In this regard, NetSleuth nicely complements OpenView NNM, which is saddled with a slow and cumbersome network discovery utility. We could finely control the rate of discovery and the types of devices included in the search.

We started the network discovery process by seeding NetSleuth with the IP address of a central router, and it found all the devices on the network.

Interestingly, NetSleuth—unlike most other network discovery tools—does not ping-sweep the network looking for unknown devices. Company officials would say only that the product uses a proprietary discovery method. We carefully monitored our network during the discovery process and found little additional traffic, so whatever its method, we can say that it likely wont noticeably dampen overall network performance.

NetSleuth is a surprisingly full-featured network management utility that should benefit managers long term. We used its SNMP-based Management Information Base browser to extract troubleshooting information from network devices.

In addition, NetSleuth has an event notification manager that made it easy to spot network problems. We were somewhat disappointed to see that NetSleuth does not support VPNs (virtual private networks); thus, managers of remote offices that are connected via this technology will not be able to glean availability data from the product.

Although the feature is not new in this version, the product does a good job of mapping network topologies and device relationships. After we ran its discovery tool, NetSleuth correctly diagrammed our network and could display a map showing connectivity. For instances when NetSleuth is unable to identify connectivity, a drawing utility is provided that includes all the standard logical network connections.

NetSleuth 1


NetSleuth 1.1


Notwithstanding its poky user interface, Gensyms NetSleuth is a fast-acting network-discovery tool that can help IT managers locate equipment and simple network faults.

SHORT-TERM BUSINESS IMPACT // NetSleuth should immediately yield extensive data about what network infrastructure devices are linked to the network and how, for the most part, they are connected to one another. Simple wizards can help set up diagnostic routines that will locate some network faults.

LONG-TERM BUSINESS IMPACT // NetSleuths nimble network-discovery ability means that, over time, managers can be confident that they have an accurate, up-to-date map of the network that does not chew up too much network bandwidth in its maintenance.

Detailed, port-level mapping; quick network discovery; low bandwidth impact.

Underpowered fault correlation tools; slow Java-based user interface; no VPN support.

Gensym Corp., Cambridge, Mass.; (800) 896-3030 ;

Rocket Fuel