With the CommandCenter NOC 250, Raritan now provides a virtual version of its hardware appliance-based system, network and fault-management platform.
IT managers of small and mid-size shops that primarily run Windows systems will likely get the most out of running the CommandCenter. While Linux systems can be monitored at the most basic levels using ICMP pings, the CommandCenter doesnt provide specific Linux monitoring capabilities. Company officials told me that more Linux-centric tools might be offered in future versions of the product.
The CommandCenter began shipping Aug. 20. There are four virtual appliance models, all of which are designed for the small and mid-size enterprise. The low-end NOC50 can inventory up to 50 nodes and monitor 10 devices. The NOC250 I tested, which costs $5,495, could inventory up to 1,000 systems and was licensed to monitor 50 devices. The high-end NOC 500 can also inventory 1,000 systems and can monitor up to 100 devices.
Register today for Ziff Davis Enterprises Sept. 20 Virtual Tradeshow: Virtualization: Taking Control, Managing Growth, Exploring Opportunities.
New in this version of the CommandCenter are topology maps that are automatically created based on data discovered by the product. Related to the topolopgy maps, the CommandCenter now has a rudimentary root-cause analysis capability that suppresses downstream alerts—for example, when a router interface goes down. Also new is the ability to export event, performance and inventory data through an ODBC connector for use with reporting products such as Crystal Reports.
The CommandCenter takes an ambitious approach to network and systems monitoring. The product uses open-source tools and management protocols included in networks and operating systems. My CommandCenter tracked all of the system and network components on my network with satisfactory results.
The system comes as a VMware virtual appliance and can run on the no-cost VMware Player. I used a generic pizza-box server with a 2GHz processor and 2GB of RAM, along with two NICs to support my installation. Two NICs are needed because one of the NICs has to be connected to a monitor port on a switch to monitor the network for intrusion attempts.
The actual installation process was a simple matter of extracting the compressed files that were shipped to me on a CD from Raritan. The product can also be downloaded. The virtual appliance runs on a hardened Linux OS. The virtual appliance opens with some simple command-line instructions for configuring the IP settings on the system. After providing these values, I didnt need to touch the Linux system again. The rest of the CommandCenter NOC250 configuration took place via a Web browser. IT managers with even a modest background in management tools should be able to get CommandCenter NOC250 up and installed in a matter of hours.
The CommandCenter NOC 250 is built on the bones of technology Raritan bought when the short-lived system management maker Ocluan went out of business. I like to see some history behind network and system management tools. For one thing, all management systems use thresholds to determine acceptable behavior, and products with at least some history usually come with these thresholds preconfigured, which is the case with the CommandCenter NOC 250.
The new subnetwork connectivity maps provide a useful overview of the network topology but arent as useful as the topology information anomalies maps that were available in previous versions of the CommandCenter. The address, route and subnet anomaly maps all revealed problems, which is what a good network and systems management tool should aim to do.
The event management console tracked the usual activities on the test network, including service discovery, administrative log-on and log-off from the management system, and whether events were acknowledged or still waiting for action. I was able to sort events based on severity so that the most important problems were always at the top of the management screen. It would have been nice to be able to suppress all “normal” events from the display (in keeping with the established notion that management system should focus only on problems), but, with a bit of persistence, I was able to keep these events cleared off the console.
The Nessus-based vulnerability assessment system worked well. Compared to results I got from running a new installation of Nessus 3 against the same systems, both products reported roughly similar vulnerabilities. The cleaner interface, integration with other system management tools and additional work that Raritan technical staff provide to associate Nessus plugins with operating systems discovered on the network, make the CommandCenter vulnerability assessment tool a winner.
The CommandCenter also includes the open-source Snort intrusion detection capability. All of my systems were behind a Mistletoe SlimLine firewall. There were no reported security sweeps by the CommandCenter during the time I used the product in my test network.
Traffic reports showed the usual collection of application traffic breakdowns along with top talkers and top sessions, most requested Web sites and most frequently resolved host names. I was able to see the information broken down by the last day, last week and last month. This type of information is what I expect IT managers will use the ODBC export capability for—to save for comparison over a greater period of time than that currently enabled by CommandCenter.
Finally, CommandCenter contains a collection of basic network and system administration tools, including ping and traceroute. All the tools can be used conveniently from inside the management interface to help diagnose problems. The combination of diagnostic tools, traffic reports, inventory collection and management, and vulnerability assessment and security monitoring make this virtual appliance a hot ticket for small shops.
Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.
