In this article we provide an “Overview NetFlow software tools” available on the market. This includes paid (commercial tools) and open source NetFlow tools. There are also free NetFlow tools that are used as a bait to link to a commercial tool. Continue reading
We will be covering a blog post on event log management. This is an announcement where some key systems like splunk, eventsentry, graylog and more will be discussed.
It will also look into the log manager from SolarWinds. Besides the SIEM tool (LEM), and the Kiwi syslog system, SolarWinds will release a new product that hooks into the SolarWinds Orion platform.
Stay tuned for the updates and subscribe to the mailing list.
What to expect in this PRTG review?
Note: this review will be updated soon (next update: mid June 2018)
Version tested: 18.1.38
PRTG is a network and systems monitor with an extensive number of sensors types. It does a lot more out of the box than just PING and SNMP. It is aimed at SMB and entry level MSP’s. Typical between 50 and 1.000 devices.
In this PRTG review the following topics:
- The PRTG Architecture
- SolarWinds versus PRTG benchmark
- Application Performance and Chain Monitoring
- Licensing and pricing
- Questions & Suggestions
In the world of network and systems monitoring, every vendor enters the market from its own origin. This could be Linux, Windows, networks or DCIM. There are also vendor specific Network & System Management solution. PRTG’s philosophy is an all-in-one solution for smaller companies and MSP’s.
01. PRTG Architecture
PRTG has its own build-in webserver, the monitoring capabilities are broad. Supported sensor types are: PING, SNMP, HTTP, SSL, POP3, IMAP, DNS, WMI, SSH, SQL and many more. Also, a trap and syslog receiver are available. Those can be added as a sensor type. They are typically added to the core probe.
All the information is stored in its own database. This is a flat file system. This is good and bad. It limits the cost and time of setting up a database server but it has limitations on reporting, scalability and speed.
PRTG supports a distributed architecture with so called remote probes. This will also help to scale the system.
The concept of PRTG is different than most other systems. PRTG uses a tree structure with groupings and tags. Based on that principle you can populate the settings like schedules, alerting and credentials. All objects in a PRTG monitoring configuration are arranged in a treelike hierarchy to create an easy to navigate list and to give the user the possibility to arrange them in groups that monitor similar devices, services, or particular locations. This hierarchical order is also used to define common settings for larger groups of objects, for example, settings of the Root group apply by default to all other objects underneath. You can create very flexible tree shapes. You can have multiple groups and sub groups
02. PRTG Web interface
The web interface of PRTG is good. It runs its own webserver and installs a self-signed certificate. Everything is accessible from the web interface.
03. System administration
There are two ways to do the system administration: WEB and GUI. The GUI is the enterprise console where multiple PRTG installations can be managed. For a single installation, all the administration can be done from the webinterface
In a few words the functionality is an all-in-one package for smaller organizations that do not need a full-blown framework of tooling.
- Integrated webserver
- Integrated database
- Optional high availability (cluster without additional cost)
- Distributed architecture
- Apps for smartphone and tablet with push technology
- Broad set of monitoring sensors available (more than 250)
- Embedded ticketing system for follow-up
- Direct upgrades
Just a little wordt about upgrades. These are really easy. You will always have the latest version if you have a maintenance contract.
The PRTG database is a flat file structure. It doesn’t require a separate database to run. Due to flat file database the scalability is limited per probe.
The reporting is basic because of the flat file system. Making your own reports is limited if you are used to the bigger framework monitoring systems. Compared to other network management systems, the amount of out of the box reports is less.
4.3 Dashboard and views
PRTG gives its own views (tree view of devices, sunburn and heatmap). You can select a specific page and make it your home page.
There is a Map designer. This gives basic mapping. You can use a background and add your components. Nesting maps is possible to provide a visual drill down. The Map designer uses a number of prebuild views and then you can attach groups or monitors to it.
You can build several maps and link them to specific user groups.
4.4 Rich feature set
Also included in the license are a high availability (cluster), remote probes, remote access for smartphone’s and tablets. The integrated ticket system can also be functional for smaller shops. Those features, if you can find them, are mostly paid modules in other monitoring systems.
05. PRTG Limitations
PRTG has a rich feature set but also a number of limitations. In this PRTG review also the limitations are discussed.
The major limitations are:
- No back-end database
- Active Directory integration not (yet) available
- Limited scaling capabilities (5.000 to 10.000 monitors)
- Basic reporting (it is not extensive, compared to other larger systems)
- Doesn’t retrieve extensive information from SNMP enabled devices (software version etc.)
- Dashboards are more or less fixed. The Mapping is limited (*1).
(*1) PS: If you are experienced, you can do a lot more but it is not out of the box.
A back-end database would help to add more information to the devices (information enrichment). This would enable adding custom properties to devices (nodes). With those elements added it would be possible to extend the reporting.
Some features could be added by Paessler that quickly enhances the PRTG functionality.
- Direct link from device to web interface
- Direct link from device to SSH (if enabled)
- Watch status (PING) without triggering an alarm
- Clone and adapt sensors (e.g. PING -> PINGACK)
07. SolarWinds versus PRTG Benchmark
SolarWinds is a good reference for functionality and pricing. If you need a strong focus on networking, SolarWinds is a good choice. If you are going to add other sensors (other than PING and SNMP), SolarWinds becomes very expensive if you need the so-called Services and Application Monitoring (SAM) Module. List price is around 30.000 euro for just this module. This does not include the basic module NPM. For smaller organizations PRTG is a great alternative.
This section will be updated soon, SolarWinds has a topic: SolarWinds versus PRTG and you may expect, . . . .
YES, PRTG has also a topic on their website: PRTG versus SolarWinds
08. Application Performance and Chain Monitoring
Because of the extensive amount of monitors, you can build specific clusters of metrics that tells you something about the Application Performance. You can even extend this with Chain Monitoring. More about this topic will be published. Stay tuned and subscribe to the newsletter.
This part will also be updated with the relation to Business Service Monitoring. Stay tuned for this PRTG review and subscribe to the newsletter.
09. Licensing and pricing
Pricing starts at € 1.200 for 500 monitors. That is € 2,40 per monitor. Buying more monitors? The good news: the price per monitor goes down.
Other license packs are: 1.000, 2.500, 5.000 and XL1 (unlimited on one core server). The unlimited version does not have a software sensor limit. Limit is dependent on the server hardware.
A trial license is available for 30 days. The system is fully functional without limitation.
10. Conclusion of this PRTG review
For smaller organizations that do not have budgets starting from 30.000 US$. PRTG is a great commercial and affordable (all in one) monitoring tool with a very rich feature set. The system is elegant and stripped from all the fuzz. It is a lean and mean system that does the job.
PRTG does not have inventory enrichment features. This means PRTG is not suited as a central building block for ITAM reporting or validation. The good news, for smaller shops there are a lot of good tools out there that do a great job for a fraction of the price that can be found in the framework tools.
As with every monitoring tool, you have to tune it to your needs. The initial discovery looks nice but PRTG is very hungry for chasing all kind of monitors. This will eat your license counters very quickly. Once you know what is important for you, you can define your own discovery templates.
If you have security systems in place, be careful. PRTG probes a lot of ports, anonymous accounts and certificates. In my case several systems triggered security measures and a few applications were blocked.
11. Questions & Suggestions
If you have questions or suggestions about this PRTG review, please let me know. You can contact me
Stay tuned for updates on this PRTG review and subscribe to my newsletter.
In the NetFlow SolarWinds versus Plixer review, a structural approach has been applied to remove all the (marketing and technical) smoke.
If you are going to look into NetFlow solutions, you will be overwhelmed by all the marketing material, sales and other (technical) Buzz. How to make a good selection? Continue reading
In this SolarWinds Orion NPM review we have tested version 11.5 and 12.01; The latest version is 12.1
Orion NPM has all the traditional architecture components that we would expect from a network performance management system. A Polling engine, Alerting Engine, Webserver, Reporting Engine and a database. It installs on a Windows server and requires IIS.
One of the key benefits (and selling success) of Orion is that it has a flexible (visual) map that can be integrated into the web-console. Drill down of maps is possible.
Cable Management Software is essential for any organisation and is part of a configuration repository.
In theorie: Everything is documented and up to date with a minimum of effort. Everyone who needs acces will have a real time view of the configuration. Projects (that will claim resources) are visible in the system as reserved (space).
In practice: In a large organisation, every local administrator probably will have his own set of documentation (spreadsheets and diagrams). Continue reading
The Statseeker review: A network monitoring system that is pretty unknown to a lot of network engineers and IT managers is called Statseeker. What is the position of this network monitoring system in the area of the highly competitive market of network management systems and tools? Continue reading
In this article: Reducing the noise of false positives in alerts and events, we will give a little overview of how to reduce the overload of alerts and events in the area of network and system monitoring.
Target audience: Larger enterprises with different monitoring systems.
The biggest problem in a large (enterprise) IT infrastructure is bringing logic (read: sense) to all the Events and Alerts (E&A) being generated by the different systems and monitoring systems.
Below a poll from a large network management software vendor Continue reading
In this Top 10 Network Mapping Software review we will also focus on the relation with Microsoft Visio. Lets be honest: Creating and maintaining Visio diagrams is really time consuming. Especially in large and complex IT environments.
In this article we will focus on the commercial Top 10 network mapping software tools with a main focus on Layer 2 mapping. We exclude Layer 3 mapping for the moment.
- There a number of good open source mapping tools available but for this article it is out of scope.
- Alle monitoring systems that have a very basic integrated mapping facility.
There are basically two types of categories:
- entry level and
- enterprise level
Kick of with entry level
Most entry level Network Mapping Software relies on a few network discovery mechanisms and will create some very basic network diagrams. There are some problems with these entry level software tools. Just to name a few:
- If the Network Mapping Software creates Visio Diagrams, they have to be maintained manually.
- Creating different views of one set of IT components is not possible. E.g. just give me the fiber connections between all the core switch devices.
- Specific components in a switch or router are difficult to map. E.g. dual or multiple power supplies, specific cards (Fiber Optics, Copper, Gigabit).
- Network Mapping Software that do more becomes hard to handle, is very expensive and still shows a lot of gaps.
- Not integrated with cable management and other management systems like data center floor plans.
- Rich data of IT component (like firmware version, vendor, Status: test /live /development) can’t be added and therefore not made visible.
- Limited import and export possibilities.
In this Scrutinizer review: the basic topics of a NetFlow (and other flows) collector and reporter.
The name is carefully chosen, according to the merriam-webster translation it means: to examine (something) carefully especially in a critical way. Continue reading