network protocols

It’s obviously easy to tell when two humans are communicating with one another. It’s not as easy for some folks to get how two machines communicate with each other. They do. It’s just a less obvious. Hint: they don’t Snapchat. Instead, components within your IT infrastructure, like routers or applications, use network protocols to chat with each other.

Network protocols get kind of important when it comes to their sharing information about your company. When machines don’t communicate with each other properly, vital information is lost.

Moreover, network protocols alert sysadmins to the status of IT health and performance. If you’re not paying attention to what your network protocols are trying to tell you, devices on your network could be failing and you don’t know about it.

In order to better understand the importance of network protocols, you should become familiar with the ones which are most commonly used.

SNMP (Simple Network Management Protocol)

IT pros use SNMP to collect information as well as to configure network devices such as servers, printers, hubs, switches, and routers on an IP network. How does it work? You install an SNMP agent on a device. The SNMP agent allows you to monitor that device from an SNMP management console. SNMP’s developers designed this protocol so it could be deployed on the largest number of devices and so it would have minimal impact on them. Also, they developed SNMP so that it would continue to work even when other network applications fail.

WMI (Windows Management Instrumentation)

WMI is the Microsoft implementation of Web-Based Enterprise Management, a software industry initiative to develop a standard for accessing management information in the enterprise. This protocol creates an operating system interface that receives information from devices running a WMI agent. WMI gathers details about the operating system, hardware or software data, the status and properties of remote or local systems, configuration and security information, and process and services information. It then passes all of these details along to the network management software, which monitors network health, performance, and availability. Although WMI is a proprietary protocol for Windows-based systems and applications, it can work with SNMP and other protocols.

SSH (Secure Shell)

SSH is a UNIX-based command interface that allows a user to gain remote access to a computer. Network administrators use SSH to control devices remotely. SSH creates a protective “shell” through encryption so that information can travel between network management software and devices. In addition to the security measure of encryption, SSH requires IT administrators to provide a username, password, and port number for authentication.

Telnet

Telnet is one of the oldest communications protocols. Like SSH, it enables a user to control a device remotely. Unlike SSH, Telnet doesn’t use encryption. It’s been criticized for being less secure. In spite of that, people still use Telnet because there are some servers and network devices still require it.

Monitoring Your Infrastructure

Like almost every other IT team out there, yours probably is dealing with an infrastructure composed of a mish mash of servers, network equipment, mobile devices, and applications. Being able to automatically discover, manage and monitor this all requires unified infrastructure and application monitoring technology that uses all four of these protocols.

 

 

 

best practices network mapping

In this blog, part of our series on IT best practices, I’ll share how network mapping works and how it will give you a complete vantage point of your entire network.

Modern networks are full of connected devices, interdependent systems, virtual assets and mobile components. Monitoring each of these systems calls for technology that can discover and map everything on your network. Understanding and enacting the best practices of network mapping will guarantee successful network monitoring.

An Overview of Network Mapping

Most forms of network management software require what’s known as “seed scope,” which is a range of addresses defining the network – a network map. Network mapping begins by discovering devices using a number of protocols such as SNMP, SSH, Ping, Telnet and ARP to determine everything connected to the network.

Adequately mapping a large network requires being able to make use of both Layer 2 and Layer 3 protocols. Together, they combine to create a comprehensive view of your network.

The Two Types of Network Maps

When discussing network protocols, they are broken up into two categories, or layers:

  1. Layer 2: Defined as the “data link layer,” these protocols discover port-to-port connections and linking properties. Layer 2 protocols are largely proprietary, meaning the universal Link Level Discovery Protocol (LLDP) must be enabled for every network device.
  2. Layer 3:  Defined as the “network layer,” these protocols explore entire neighborhoods of devices by using SNMP-based technology to discover which devices interact with other devices.

Surprisingly, most IT infrastructure monitoring solutions rely solely on Layer 3 protocols. While this succeeds in creating a comprehensive overview of the network, successful network mapping practices call for using Layer 2 protocols as well. Layer 2 protocols provide the important information about port-to-port connectivity and connected devices that allow for faster troubleshooting when problems arise.

Conveniently enough, Ipswitch WhatsUp Gold uses Layer 2 discovery with ARP cache and the Ping Sweep method, combined with Layer 3 SNMP-enabled discovery methods to provide all the information needed to quickly identify and address problems.

Creating Network Diagrams

Network diagrams make use of the data generated by Layer 2 and Layer 3 protocols, and are super helpful for visualizing the entire network. One important best practice for network mapping is using network diagrams to ensure that the existing networks and IT processes are fully documented – and updated when new processes are added.

Microsoft Visio is the leading network diagramming software on the market. When data is imported, Visio allows for creation of robust, customizable diagrams and easy sharing of them between different companies. Yet, network managers who rely on Visio quickly discover that the lack of an auto-discovery feature severely limits its use.

Ipswitch WhatsConnected was created to solve this problem by auto-generating topology diagrams, which can be useful on their own or exported to Visio, Excel and other formats with a single click. WhatsConnected makes use of Layer 2 and Layer 3 protocols to provide Visio with everything in needs to generate the powerful diagrams its known for.

Instituting solutions that follow these suggestions should provide the foundation needed for real-time network monitoring. Coming up next in our best IT practices series, we’ll review network monitoring. Learning how to make the most of network discovery and network mapping will give your organization cutting-edge network monitoring capabilities.

Related articles:

Best Practices Series: Network Discovery

Best Practices Series: IT Asset Management

WhatsUp Gold
Click here for a free 30-day trial of WhatsUp Gold

Last week I got about halfway through writing my “deep dive” into what’s new in WhatsUp Gold version 16.4 and realized this was going to have to be a two-parter. So consider this post a “part 2 of 2” and enjoy the swim in the pool as you check out the new features and what they mean to you. Here’s a link to part 1 of this blog, in case you missed it.

SNMP Extended Monitor

SNMP  (simple network management protocol) is a fundamental part of any network monitoring product, and as you’d expect, WhatsUp Gold speaks SNMP fluently. We have active SNMP monitors, performance SNMP monitors, and Alert Center Threshold SNMP monitors.  But, keeping all your SNMP monitors straight can be a challenge for a network administrator.

To help with this, in WhatsUp Gold 16.4 we have added the SNMP Extended Monitor. This is a new active monitor that allows you to consolidate many SNMP monitors into one.  If, for example, you want to monitor 10 different SNMP OIDs (object identifiers) on a certain device, but don’t want to clutter the device with all these individual monitors, then simply add a single SNMP Extended Monitor and consolidate your OIDs there.  Within the single monitor, you get to set thresholds on each OID.  Tripping any of the thresholds will trigger whatever alerts you have setup for the device.  You can get the details of which OID triggered the alert via the State Change Log, or in an email alert.

Another great feature of the SNMP Extended Monitor is the ability to load and reuse the multi-OID configurations from a standard XML file. This allows you to re-use the OID definitions and their associated thresholds across many devices.

Application Performance Monitor

Application Performance Monitor is a powerful plugin for WhatsUp Gold. It allows you to systematically monitor servers on your network a higher up the stack, and look at critical statistics that relate directly to the performance of your running applications.  And, it comes with a bunch of pre-defined application profiles that let you get up and running quickly.  With the release of WhatsUp Gold 16.4 we have added some new monitoring profiles as we continue to add value to this product.   We’ve added profiles for Linux, Apache Web Servers, Windows DNS, SharePoint 2013, and Microsoft SQL named instances.

I’m particularly excited by the addition of Linux and Apache profiles. We already had a profile for MySQL, so now, we’ve pretty much got the LAMP stack covered.  As enterprises start to rollout Linux and other open source technologies, there’s no reason to change your monitoring environment.  Keep it all in the single pane of glass with WhatsUp Gold.

JMX Monitoring

Related to my excitement about monitoring the LAMP stack in our Application Performance Monitor, I’m also thrilled about our new ability to monitor JMX, or Java Management Extensions. JMX is a technology that is used in Java application servers, many of which are open source, like Apache Tomcat or Apache ActiveMQ.  JMX allows these application servers export various measurements and statistics related to the Java application.  Think of it like SNMP, but for Java apps.

In WhatsUp Gold 16.4, we’ve added the ability to create active JMX monitors, and performance JMX monitors, so you can get alerts when a monitor is out of threshold, as well as chart the performance over time. And, because navigating JMX can sometimes be difficult (just like SNMP), we’ve provided a JMX browser in the product, so that you can quickly figure out what measurements your app server is exporting (just like our SNMP browser).

These three new features, plus the ones I went over in last week’s post (aka part 1 of 2) make it plain that we continue to innovate and add customer value. Give 16.4 a try!

And for those of you who want a super deep dive, check out this video that provides an 11 minute technical overview of WhatsUp Gold 16.4.

A new year is cause for celebration. It’s also an excuse for a fresh start. With resolutions made, you enter January with all the potential of becoming a better version of yourself.

While we can’t promise you’ll keep your resolutions and improve your life, we can promise the improvements to WhatsUp Gold 16.4 are here to make your life a little easier. These additions and developments expand the reliability and usefulness of WUG. It’s the specific things that will help you accomplish your 2016 goals, and it’s these specialized things that have improved WUG 16.4.

SNMP Extended Monitor

This feature allows you to consolidate several SNMP monitors into one. Within the one monitor you can watch a number of SNMP counters, each with its own threshold. And you can alert accordingly. This helps organize your monitors in a way that makes sense to you. Better clarity and readability will save time by preventing repetitive monitoring configurations.

You can even save configuration files so you can reuse the configurations on multiple devices.

v16 4screenshot 2
Consolidate several SNMP monitors into one. (click to enlarge)

 

File Content Monitor

The file content monitor scans for the occurrence of specific text. If you have an in-house application that you haven’t been able to configure a monitor for simply scan its log file for a term like ‘error’ or ‘thread count exceeded’ .

WUG monitors make it easy to do this, say, every 10 minutes. You will be alerted accordingly and find any problems. The file content monitor is one more tool in your belt to make proactive management simple.

SSL Certificate Monitor

Ever had the nightmare of coming into work on Monday morning to find out your SSL certicate expire on Saturday? Yep, 3000 visitors received the scary message that your website shouldn’t be trusted.. This blight is not only embarrassing, but you likely just lost a large number of customers for your business.

The new SSL certificate monitor in WUG 16.4 checks remaining days to expiry and alerts you when you cross a user defined threshold. So depending on how you configure your monitor, you can get alerts even months before an expiration. This proactive feature keeps your certificates up-to-date and your business running smoothly.

Flow Monitor Improvements

The existing flow monitor plug-in provides a comprehensive view of your network, giving insight about the top applications, protocols and interfaces from a bandwidth consumption perspective. We’ve improved our flow monitor with a new endpoints report and improved report sorting and filtering. The Top Endpoints report shows the total incoming and outgoing traffic from and interface to give you a top talkers perspective. The improved sorting and filtering make it easier for customers to deal with large numbers of flow sources.

WhatsUp Gold aims to give complete visibility of a network, and every upgrade to the program further enhances that capability.

With a new 12 months ahead, a new year is brimming with possibility. You are the writer of your story, and WUG is the driver of unified . It’s your resolutions that complement your goals for the year, and it’s these new features that strengthen WUG to its fullest potential.

Do the improvements to WUG 16.4 align with your new year’s resolutions? Let us know!

 

Related article:

WUG Ninja: Enable and Configure SNMP for Network Monitoring

snmp blog 3

It doesn’t take a ninja to know that Simple Network Management Protocol allows administrators to monitor network-attached devices. With that noted, you might actually need to be a ninja to enable and configure SNMP on Windows, Linux/Unix, Cisco, and ESXi.

Have no fear. Here’s a step by step guide on how to enable and configure SNMP on Ipswitch WhatsUp Gold infrastructure monitoring software so you can administer with ease.

Windows

The first step is adding the feature (Server 2008 and above) or “Add/Remove Windows Components” (Server 2003 or below). Once the feature/component is added, open your services.msc. [Start > Run > services.msc], find the SNMP service and double-click it.

There are two important areas in the SNMP service configuration. The “Traps” tab determines where SNMP traps from the Windows host will be sent and which community name those traps will use. The “Security” tab allows you to setup your read/write community names and grant access to the WhatsUp Gold server. Once you apply your settings, restart the SNMP service for those settings to take effect. Then, you’re done.

Some interesting things I’ve stumbled upon:

Linux/Unix

On Linux/Unix, you will need to configure snmpd.conf. You can read more about it at SNMP CONFIG and SNMPD.CONF. Below is a basic sample configuration — although you can get much more complex and do a lot more with it. Once you update your /etc/snmp/snmpd.conf properly, restart snmpd:

snmp blog 1

Cisco

Configuration of SNMP on Cisco devices will vary slightly depending on the type, but in general they are nearly identical.

Here are some links to helpful Cisco documents:

ESXi

Depending on your version of ESXi, the setup steps will change. For the purpose of sanity, I have included only ESXi 5.0, 5.1+. Prior to 5.0, the steps were significantly different.

ESXi 5.0: VMware documentation

ESXi 5.1+: VMware documentation

The commands below will setup SNMP and allow it through the firewall. If you prefer, you can setup the firewall rules using the vSphere Client GUI under Configuration > Security Profile. Replace “YOUR_STRING” with your community string:

snmp blog 2

 

That’s our lesson for today. Use your knowledge wisely.

Learn why SNMP is the most versatile and comprehensive protocol in your toolkit >> Read More

CTA-BANNER-SNMP

Customers frequently ask questions about the necessity of Syslog. “I have turned SNMP on and am collecting SNMP stats and alerts. Isn’t that enough?” It depends.

The first answer is relatively simple; if you are monitoring solely for up/down status, well known error conditions, some performance parameters and high-level troubleshooting, then SNMP will address your needs.

However, to understand individual device to device or user to device transactions at a highly detailed level then it is advisable to enable Syslog and collect the messages generated by each device.

While most networking devices support SNMP and virtually all network management solutions use SNMP as their main mechanism to provide status of networked devices, SNMP can be limited in scope compared to Syslog. For example, a large Cisco switch may have over 6,000 different Syslog event messages and the specific SNMP MIB for the device supports approximately 90 trap notifications.

Would you rather have 6,000 different types of events to monitor through Syslog or 90 through SNMP?

While 6,000 different events may seem daunting, some of the lower level informational or debug messages can be filtered out for reporting and analysis, but still stored as part of a Syslog log management strategy. The good news here is that customers can now have the best of both worlds.

Check out WhatsUp Gold for your SNMP needs and for Syslog try WhatsUp Gold Event Log Management Suite.

Ever wonder how other IT professionals use WhatsUp Gold?

Marston’s, Britain’s largest brewer of cask beer, has a cool use-case story. The brewers were interested in growing their business to become known for more than great beer and pubs. They wanted their evolving clientele to know them for also providing a fun public WiFi hotspot and the place to play the latest internet-connect gaming products.

In order to do this they needed to not only enhance both front of house and back-office infrastructure but also improve communications and reliability of connection between the individual pubs and head office so they could start offering these new services to clients.

To achieve this, Marston’s took on the ambitious and innovative step of moving into the telecoms industry in its own right, allowing it to package and deploy its own customized services to various parts of the business.

But creating its own broadband network and taking responsibility for the infrastructure of its 500+ managed pubs meant that Marston’s needed to invest in a scalable networking monitoring solution to provide visibility across the new telecoms network and to help identify problems with hardware and connectivity.

Luckily, their partner, Level 8 Solutions, stepped in and recommended Ipswitch’s WhatsUp Gold.

This wasn’t Marston’s first experience with WhatsUp Gold. They’d been using within their head office for several years. They then deployed a separate WhatsUp Gold installation to monitor routers and WiFi hotspots installed at its managed pubs, as well as to support home workers also served by Marston’s Telecom.

 

“Using Ipswitch WhatsUp Gold, we are able to monitor the remote infrastructure installed at our estate of managed pubs across the country, ensuring that equipment is functioning correctly and that the connectivity we are providing through Marston’s Telecom is also performing as expected,” McMinn explained.

Plus sides to using WhatsUp Gold over other products like HP Insight were WhatsUp Gold’s clear and easy to follow feedback on the state of the network and the devices connected to it; its single point of view over the health of the network being monitored; and the clear visual guidance when a device encounters a problem.

As in . . . Green is Good, Red is Bad.

So what about you? Do you use WhatsUp Gold to monitor something even more interesting that beer? If you do, let us know about it in the comments!

As technology evolves so does the ability for people to hack it.

Ipswitch WhatsUp Gold is staying ahead of the game with its versatile network traffic analyzer, Flow Monitor.

Did you know it’s rarely an apocalyptic hack, like the ones depicted in SyFy films, of which businesses should be weary? Instead – according to a recent report on the Black Hat Briefings by SearchSecurity.com– – it’s the persistent, targeted attacks that weaken a company’s IT infrastructure and compromise its business.

SearchSecurity.com reported last week on two researchers who demonstrated examples of hacks at the Black Hate Briefings. The duo’s hacks ranged from zero-day PDF attacks to memory-based rootkits.

The presenters, Nick Percoco, senior VP at Trustwave’s SpiderLabs and Trustwave senior forensic investigator Jibran Ilyas pointed out what WhatsUp Gold Flow Monitor customers already know:

That attackers are hiding in plain sight and that they are moving data out of organizations using tried-and-true means, such as FTP, HTTP and SMTP.

Firewalls are of little use in these situations. They won’t flag HTTP traffic as an anomaly.

What you need is the ability to monitor traffic moving over TCP port 31337. WhatsUp Gold Flow Monitor, in conjunction with Alert Center, provides this ability and alerts users in real-time when a security breach happens.

In addition, the new release of WhatsUp Gold Flow Monitor allows users to set up monitors on multiple TCP ports (80.8080, etc) so by setting up an alarm specifically for port 31377, you can monitor in real-time and detect the kinds of attacks that Black Hat is reporting.

To download a free trial of Flow Monitor click here.

Ipswitch, Inc. hasn’t forgotten its humble beginnings. In fact, we’re proud of our past.

Roger Greene founded Ipswitch, Inc. in 1991.  We started off small, but thanks to his vision and business savvy and the support of our customers, it’s been nearly twenty years and we’re still private and profitable!

MoxieStarting a small business takes moxie. As passionate people ourselves we appreciate that trait in anyone.

It’s for that reason we’re proud to announce that Ipswitch Network Management will donate $1 for every download of its WhatsUp Gold software to Accion USA through May 31st. 2010.

Accion USA, a leader in U.S. microfinance, provides affordable small business loans to microentrepreneurs.

If you’ve been putting off giving WhatsUp Gold a try, Stop and download today. Not only will you make your life easier, you’ll be making the life of a small business owner somewhere in the U.S. easier too!

Software should make your life simpler.

That’s been the mantra of our WhatsUp Gold developers from year one, nearly 20 years ago.Today, this dilegence and commitment to our customers was vindicated by NetworkManagementSoftware scribe, Aaron Leskiw.

Leskiw conducted an in-depth review of WhatsUp Gold Premium, focusing on the usability and simplicity of the product in relation to the robust feature set that it delivers.

Leskiw’s bottom line on the review of WhatsUp Gold Premium Edition was: “The big question is: Does WhatsUp Gold deliver on its promise of making your job easier? Yes it does – and very well! All of the features tested performed superbly and the software was simple to install.

Share in our success (afterall, it’s with your feedback that we’ve successfully developed our user-friendly IT Managemetn solution!) and check out the full review here: http://www.networkmanagementsoftware.com/whatsup-gold-premium-review

Check out the full review here: http://www.networkmanagementsoftware.com/whatsup-gold-premium-review

A recent review of WhatsUp Gold Premium Edition from Aaron Leskiw on networkmanagementsoftware.com poses the question: Does network management have to be complicated?

Obviously, we think it should be just the opposite, and build our network management solutions with the goal of making the life of a network administrator that much easier. Leskiw conducted a pretty in-depth review of WhatsUp Gold Premium, focusing on the usability and simplicity of the product in relation to the robust feature set that it delivers.

The bottom line on the review of WhatsUp Gold Premium Edition? Well Leskiw had this to say: “The big question is: Does WhatsUp Gold deliver on its promise of making your job easier? Yes it does – and very well! All of the features tested performed superbly and the software was simple to install.

Check out the full review here: http://www.networkmanagementsoftware.com/whatsup-gold-premium-review

WUG_Bell_300dpiWhatsUp Gold v14 Premium was recently added to the U.S. Department of Navy’s Application and Database Management System (DADMS) list. Previous versions of WhatsUp Gold have been on the list since v11. As a member of the DADMS list, WhatsUp Gold v14 Premium has been rigorously tested to ensure compliance with the Navy’s application reduction initiative.

Other members of the WhatsUp Gold Family are frequently used by government offices and Federal agencies. For instance, WhatsUp Gold Event Log Management Suite is not only used by the U.S. Navy, but also the Federal Aviation Administration (FAA), Department of Homeland Security, Department of Veterans Affairs (VA), and all branches of the U.S. military.

Having the newest and most up-to-date versions of WhatsUp Gold allows government organizations to be confident in the availability, health, and security of their critical infrastructures. It is our hope at Ipswitch to continue to provide powerful network management solutions that maintain the high standard of performance and adherence to regulations the U.S. Navy and other Federal branches have come to expect. WhatsUp Gold v14 Premium and WhatsUp Gold Event Log Management Suite continue this tradition.

In early March, Alessandro Porro, our International Sales Director, traveled throughout Asia to visit some of our WhatsUp Gold partners.  The first two stops of this tour were Japan and Korea, where Alessandro met with Vinetech.  Next, he visited our partner ZeroOne Technology in both China and Taiwan.  ZeroOne Technology, recently named “Distributor of the Year” in Taiwan, hosted a reseller event in both China and Taiwan.  Alessandro was able to share the product management strategy, roadmap, and provide details on our exciting upcoming releases with resellers in these regions. Finally, Alessandro wrapped up his travels in Hong Kong with a visit to Asiasoft.  Also while in Hong Kong, Alessandro met with representatives from AsiaVAD (from Singapore) to discuss current business.  We are so fortunate to have dedicated partners who are committed to making our APAC visit successful!

This trip was a great opportunity to visit our partners at their offices.  It is always exciting to visit with partners and hear from their customers; it helps achieve our mutual success. This was a great trip and we look forward to future visits!

Alessandro Porro during his presentation