When you embark on a new adventure, including purchasing new software, it is a whirlwind of excitement and relief that is often combined with confusion and anxiety. Clearly, this apprehension isn’t going to prevent people from buying new products and services, so what’s the solution to help minimize their concern? The answer is simple – training. For more information on the benefits on training check out a blog post from Andy Couture, one of the Sales Directors here.

Training can be received in three ways – online, onsite at your office, or in an open classroom – and each option offers unique features. Read more about the WhatsUp Gold Certified Hands-on Training now.

Customers frequently ask questions about the necessity of Syslog. “I have turned SNMP on and am collecting SNMP stats and alerts. Isn’t that enough?” It depends.

The first answer is relatively simple; if you are monitoring solely for up/down status, well known error conditions, some performance parameters and high-level troubleshooting, then SNMP will address your needs.

However, to understand individual device to device or user to device transactions at a highly detailed level then it is advisable to enable Syslog and collect the messages generated by each device.

While most networking devices support SNMP and virtually all network management solutions use SNMP as their main mechanism to provide status of networked devices, SNMP can be limited in scope compared to Syslog. For example, a large Cisco switch may have over 6,000 different Syslog event messages and the specific SNMP MIB for the device supports approximately 90 trap notifications.

Would you rather have 6,000 different types of events to monitor through Syslog or 90 through SNMP?

While 6,000 different events may seem daunting, some of the lower level informational or debug messages can be filtered out for reporting and analysis, but still stored as part of a Syslog log management strategy. The good news here is that customers can now have the best of both worlds.

Check out WhatsUp Gold for your SNMP needs and for Syslog try WhatsUp Gold Event Log Management Suite.

The WhatsUp Gold IT Management family is excited to announce an easy to use tool for reading, gathering and understanding traffic readings in real-time from a single interface with our free Interface Bandwidth tool. This application will allow you to specify a target device and connect via SNMP to return a list of available interfaces. Just select the interface that you want to monitor and quickly access two gauges, one for receive traffic and the other for transmit traffic. Features include:

• Scan devices for interfaces and select up to eight to monitor for percent bandwidth usage (both transmitted and received data).
• View configurable polled intervals as analog graphic gauges, in chart format, or as a table.
• Control the poll frequency, gauge thresholds, and the number of data points graphed at one time.
• Edit the detected interface speed and to gain more meaningful results.
• Use advanced filtering capabilities to locate interfaces.
• Print and export polled data in PDF, HTML, and TXT formats.

Get the Interface Bandwidth tool today!

In my current role I speak to a lot of network engineers trying to automatically map their network topology. Actually it’s more than that, they don’t just want to discover devices, the want a port level diagram of exactly how all their switches, routers, servers, workstations, phones, firewalls . . . you get the point. Some engineers I speak to practically ask:

“Can this tool provide a detailed topology and physical map illustrating the rack number and space in the rack for all the devices in my environment without configuring SNMP?”

Seriously? Really?? While I may be dramatizing a bit, the reality is that network engineers regularly walk into hostile environments where the responsibility for the documentation and organization of equipment on the network has been sorely neglected. In some cases these engineers are filling a role that never existed before so nobody took these responsibilities seriously, and in others . . . let’s just say their predecessor may have left in less than amicable circumstances. In these situations engineers need tools that will flexibly discover and map the environment by any means necessary and provide them with the information they need to make sense of this strange new world they’ve thrown themselves into.

I feel for these engineers. I’ve been one of those professional services road warriors walking into a new environment every week and seen everything from well organized, well labeled, cable managed, SAS 70 certified datacenters where the greatest risk is getting stuck in the mantrap or having your coffee confiscated when you accidentally carry it onto the raised floor, to the cable spaghetti general purpose wiring closets where copper network cables are picking up EMF cross-talk from 240V electrical wiring that was dangerously close to a leaky roof. That’s no dramatization, and the point I’m trying to make is no matter how well funded, organized, or configured an environment may be, without a map to illustrate the physical and logical relationships between systems every engineer I’ve met would be lost.

Getting those maps early on and keeping them updated is a critical part of every network engineer’s role and a tool that will automate the process of discovering and drawing those maps is invaluable. That said we can’t expect miracles, tool developers are not the brothers Grimm, there are no networking fairies that will console into all your switches while you sleep and enable SNMP/CDP. There’s always going to be some amount of legwork to enable the environment to tell you what you need to know and it will be an iterative and ongoing process to keep that environment properly configured, documented, and mapped. The tools that minimize that legwork and maximize the value of our efforts as engineers is something truly worthy of legend.

WhatsUp Gold Guru Video

Need to Enable SNMP on your Windows Devices?
There is a wealth of information about your Windows devices available via SNMP – from CPU, memory and disk utilization to internal temperature – but configuring Windows to let you at it can be a challenge. In this short SNMP video, WhatsUp Guru – Jason Williams, shows you how to quickly and easily harness this valuable information.  

From Network World’s Network/Systems Management Newsletter

Security products over the past decade have considerably hardened networks and systems exposed to public or other high- or elevated-risk environments. Firewalls have effectively limited connectivity to specific services and protocols, while systems exposed in elevated-risk zones have been streamlined down to their essentials, with discovery and remediation of vulnerabilities and exposures in such environments aggressively maintained on an ongoing basis. Security has been addressed in virtually every aspect of the elevated-risk environment. Every aspect, that is, except in some management protocols themselves.

Standard network management tools such as SNMP – the Simple (!) Network Management Protocol – enjoy wide penetration in trusted networks, for the flexibility and efficiency they provide for communicating a broad range of monitoring, event, and control information. Yet – like so much of IT – early implementations of SNMP addressed security almost as an afterthought, if at all. Versions 1 and 2 of SNMP, for example, natively employed only the most rudimentary form of group authentication: community strings, and those were not even encrypted. This renders SNMP v1 and v2 all but moot in elevated-risk network environments such as the DMZ, where the discovery of these early versions of the protocol could be readily exploited by attackers not only to effectively build a map of a potential target network, but to infiltrate and disrupt networks behind the firewall.

Despite such shortcomings SNMP v1 and v2 continue to be widely employed. Not only because their flexibility is highly valuable but also because, in many cases, a widespread upgrade of SNMP to a more secure implementation of v3 is simply unrealistic, given the expense and potential impact of an upgrade on the cost of entrenched but often incompatible management systems. This means that many enterprises either limit their use of SNMP and thereby limiting its effectiveness to networks assumed to be trustworthy (although that assumption may be flawed, as we’ll discuss shortly).

In other words:

* SNMP may not be used at all in elevated-risk networks such as the DMZ, which means that managing exposed network points may be reduced to more rudimentary or less cost effective techniques.

* Where network management protocols such as SNMP are considered valuable – or vital – in elevated-risk environments, an upgrade to SNMP v3 is often weighed and just as often, rejected due to the impact of an upgrade or outright incompatibility of existing management systems that would be far too expensive or risky to overhaul.

* As a compromise, some enterprises go to some lengths to secure management protocols, putting together complex combinations of communications security such as tunneling or secure remote access in order to enable the use of tools such as SNMP. This, however, does nothing to mitigate the potential exposure of inadequately secure versions of SNMP, or to promote the deployment of more secure versions when management incompatibilities make an upgrade unattainable.

Why is this issue significant? For one thing, SNMP is arguably the most commonly used network management protocol, yet its security issues make it a challenge to use in elevated-risk environments, if at all. This limits the use and effectiveness of efficient tools such as SNMP in such environments, forcing enterprises to adopt alternatives they wouldn’t otherwise use in lower-risk environments.

Of increasing significance is the fact that assumptions of trust within the internal network are undergoing a serious revision, as insider risks become more evident. Without a more secure approach to managing the protocols and tools that manage the network – including the “trusted,” internal network – enterprises may be exposing themselves to more risk than they realize.

With these facts in mind, I’d like to ask our readers two questions: If you could use network management protocols with higher confidence in less trustworthy environments, would you? Would tools such as SNMP make the administration of, for example, today’s increasingly complex enterprise DMZ environment more manageable if they could be used in a more trustworthy way? Would you use SNMP v3 in such environments if it didn’t mean forcing an upgrade of the rest of your management regime?

How concerned are you about the risks insiders within the trusted network pose to the use of management protocols with known security issues such as SNMP v1 and v2? Are these issues making you weigh an upgrade to v3 more than before? Would you use v3 where you could, provided a solution that enabled the use of v3 in certain environments wouldn’t force you to upgrade other aspects of your network?