Funkschau Review 2014


See how it works

Network Monitoring Software - network monitoring is a must for every network administrator. Even the smallest of companies nowadays need to ensure they don't let network and device issues creep up on them unannounced. funkschau put several solutions to the test to determine which network monitoring software would be best suited for implementation in small to mid-sized companies.

Many manufacturers offer network monitoring solutions for enterprise networks. However, a product that works well for corporations with large IT departments and several specialist staff may be overkill for smaller companies. Too often,companies simply lack the personnel to focus exclusively on network monitoring and troubleshooting. Ideally, they need a product that can be set up quickly and easily. They want something that delivers instant, valuable metrics without having to configure countless monitors, sensors and agents and then distribute them manually out to the various devices they want to monitor. funkschau tested three standard network moni toring products to determine whether they are suitable for companies with IT departments made up of two or three "all-rounders". The following products were in the running: Ipswitch's Whats Up Gold Premium, Paessler's PRTG Network Monitor and SolarWinds' Network Performance Monitor.

PRTG Network Monitor

PRTG Network Monitor (PRTG for short) is a highly-integrated Windows-based network monitoring application that that was included as a Niche Player in Gartner's 2014 Magic Quadrant for Network Performance Monitoring and Diagnostics (NPMD). In itself, this achievement means that PRTG completed a series of tasks that go above and beyond basic network monitoring. For example, a NPMD solution must be able to analyse network performance and behaviour both in real time as well as historically, and provide predictive data using operational analysis tools. It must also be able to monitor network end points, components and links as well as the delivery of dynamic, end-to-end network services, whilst executing diagnoses and creating automated alerts. PRTG fulfills all of these requirements, but the core competence of the product is the collection of information from the network and network devices. To gather this data, the system uses SNMP polling, WMI, Packet Capture and Flow Connection (Netflow, sFlow, etc.).

 

FIGURE: PRTG's configuration guru allows the administrator to create an operational monitoring system quickly and effciently.
prtg1.png

 

A PRTG setup essentially consists of a core server and one or more probes. The core server is the heart of the PRTG installation. It contains the database, a web server, the reporting engine and a notification system and is responsible for everything from general configuration management, configuration and management of the probes, clustering and automated notification to user account management and data cleansing. A single core server can cover off all of these tasks for the entire network. The actual monitoring, however, is performed by the probes. The probes use device-specific, pre-configured sensors to monitor whatever you like - PCs, routers, firewalls or even individual virtual machines for example. PRTG contains more than 200 pre-defined sensor types for (pretty much) every imaginable monitoring requirement, making it unlikely that the typical requirements of small and mid-sized companies would not be met off the shelf. In the unlikely event of a sensor not being available as standard however, well-documented programming interfaces and user-defined custom sensors can be written fairly easily. The probes receive their individual configuration from the core server, execute monitoring processes with the help of the sensors and deliver the results back to the core server.

Both the core server and the probes run as permanent Windows services, without requiring administrator or user login. A local probe is automatically installed on every host running a core server. This architecture is usually sufficient to monitor the entire (local) corporate network, although IT can set up additional (free) remote probes in order to extend network monitoring over multiple locations or to distribute load for example, if necessary.

This multi-layered architecture, consisting of core server, probes and sensors, makes PRTG extremely flexible and scalable. An additional cluster setup with up to four failover nodes (this is even included in the freeware version of the product) provides high availability.

The PRTG sensors use the programming interfaces of each device wherever possible. This means the administrator does not have to install additional client applications or agents on each device, thus simplifying and accelerating the setup and keeping the devices free of additional performance overhead.

 

FIGURE: The device view in the PRTG web interface has a logical, clear layout and is easy to use.

prtg2.png

 

 

PRTG's setup is incredibly fast. The entire application is downloaded and installed on a Windows machine in just a few minutes. The ‘Configuration Guru' requests a few bits of information (such as admin username/password) and takes the administrator through the basic configuration.

One of the reasons the installation completes so quickly is that Paessler stores all monitoring data in their own proprietary data system, while most other providers use large SQL databases, for which separate setup and configuration becomes necessary. This extends the whole process and makes things a lot more complicated. Using a proprietary, bespoke database system has many advantages: it is better suited to storing lots of small data records that mostly only require read access, it offers access to the raw data, not averages and, quite simply, it is faster - at least, the way Paessler implements it.

As the final step in the setup process, the Configuration Guru recommends a network search. On the face of it, this appears to be the typical network discovery procedure that most monitoring or network management applications provide.

PRTG characteristics

The search begins with the typical questions: the group name that the devices should be added to, the base address for IPv4 as well as the start and end addresses. But what happens after clicking on ‘Save and Continue' is anything but typical network discovery. The process not only creates entries for the devices it finds in the specified group, it also identifies what type of device it is and automatically installs the corresponding sensors.

This means the administrator can go straight into the dashboard view as soon as the auto-discovery is complete, start up real time monitoring and receive the first alerts without having to mess around configuring or distributing sensors, agents and the like. The sensors are all pre-configured with what Paessler regard as typical settings and thresholds; the fine tuning can be done later.

PRTG is not restricted to monitoring within the local network, but can also be used to monitor websites as well as cloud and online services. To set up monitoring for a website, for example, the administrator simply enters the URL and the guru does the rest - it really doesn't get much easier.

PRTG's standard user interface is a very fast, easy-to-use Ajax browser application that contains multiple preconfigured - but customisable - dashboards. It offers speedy access to all the information that has been and is being collected - alarms, diagrams, reports, logs etc.

The product even includes a complete ticketing system. Several useful reports come already preconfigured by Paessler; the administrator can create additional reports - even time sensitive or scheduled reports - in no time. A traditional Windows Client application and mobile apps are also included.

Ipswitch WhatUp Gold 16.2

WhatsUp Gold is a popular monitoring product that, like PRTG, monitors the status of network devices and services, creates alerts, executes instructions and generates reports. Contrary to PRTG, it does not offer all functionalities in a single package. This product comes in three editions - Standard, Premium and Distributed, which have varying function ranges (and prices). The premium edition compares well with PRTG in terms of the price-performance ratio, although it doesn't offer monitoring for distributed networks. Regardless of the WhatsUp edition, some functionalities are only available as separate plugins. These include, for example, flow monitoring, application performance monitoring and high availability with failover. All these different options obviously complicate product selection and calculating an accurate final price is difficult.

At 412 MB, the WhatsUp Gold Premium installation package is pretty large. This means that there is a lot to unzip and install during setup. However, the reason the standard setup installation in our test took so long, was probably that the installation routine includes several other additional tasks - for example, installation, preparation and configuration of Microsoft SQL Server Express 2008 and Internet Information Services (IIS) configuration. As mentioned, we initiated the typical setup and selected SQL Server Express. Of course, the administrator could also use their own pre-installed MS SQL Server if they have one.

 

FIGURE: WhatsUp Gold's network discovery quickly finds all devices in the network segment and resolves names flawlessly.

wg1.png

 

What we did like was the system check, which starts the setup routine before the actual installation begins. This way, the administrator doesn't have to wait for the program to push data back and forth for half an hour before finding out that the installation has failed because an important system pre-req had not been fulfilled. After the setup routine has been completed, a wizard of sorts starts up and requests various things from the user such as email settings and what the administrator password should be.

However, after installation, nothing actually happened. There was no guidance on how to get going and no new icons appeared on our desktop. So we restarted the computer and fired up the WhatsUp Gold Admin Console from the Windows Start menu. The first step was the intuitive network auto-discovery. This uses IP address ranges or SNMP Smart Scan. The vendor presets are sufficient for quickly finding all the devices in a network segment and resolving device names, but the discovery does not install or activate appropriate performance or active / passive monitors according to the role a device has. The administrator has to assign these manually, but fortunately they can be executed as a bulk operation. Alternatively, the administrator can edit the list of devices that are supported by WhatsUp before starting the network discovery and adjust the device roles accordingly.

 

FIGURE: WhatsUp Gold's dashboards show monitoring information in widgets. Administrators can easily adjust this view to suit their needs.

wg2.png
WhatsUp Characteristics

 

You can then select the performance and active / passive monitors that need to be activated automatically according to device role. Instructions can be configured here too - for example, how an administrator should be notified if WhatsUp discovers an error on a device. The device role method is practical, but Paessler's method for setting up monitoring system in a live environment is much quicker: install all meaningful monitors or sensors for a specific device type using the standard settings. Of course, this only works if - as in PRTG's case - the monitoring solution's performance is up to the task.

WhatsUp's main user interface is web-based, with a ribbon menu that's easy to use, once you get used to it. As with PRTG, several pre-configured dashboards are available. These make use of widgets to display various performance information and diagrams. The dashboards are easily customisable and widgets can be added, deleted or removed quickly. Navigation between dashboards is simple however the system does react significantly slower than PRTG.

WhatsUp Gold polls devices in the network regularly in order to catch any status changes that might occur using the monitors mentioned above. Performance monitors keep an eye on the resources of a device, like drives, interfaces or memory. Examples of active monitors might be ping, DNS, HTTP or interface monitors, while passive monitors include SNMP traps, Syslog and the Windows Event Viewer. WhatsUp Gold executes actions depending on the responses received from the poll - for example, notifying the administrator or restarting a service.

As you would expect, WhatsUp Gold contains many pre-configured reports, which can be executed automatically at defined intervals. However, we couldn't figure out how to create a custom report during our test.

SolarWinds Network Performance Monitor 11

SolarWinds targets enterprise networks with its Network Performance Monitor (NPM) more than small and mid-sized companies. As the product name states, the solution is also primarily designed to monitor network performance. NPM's installation package is 800 MB, nearly twice the size of WhatsUp Gold's. Neither PRTG nor WhatsUp Gold required installation of such a huge amount of data, services and applications. NPM is certainly not a lightweight solution. The solution requires Microsoft SQL Server 2005 SP3 or higher, .Net Framework 3.5 or higher as well as a Windows server 2003 or 2008 (32 or 64 Bit) with IIS in 32 Bit mode. It is recommended that the SQL database is installed on a separate server. In the typical installation, the setup routine installs SQL Server Express.

When starting the installation, the set-up routine checks all the pre-requisite system requirements are in place. The program is rather pedantic as far as this is concerned. For example, we had to update the SolarWinds IP Address Manager (which was already installed) from version 3 to 4 before we could begin the installation. And despite the checks, we only received notification that there was a problem with the IIS after the installation had been running for half an hour.

 

FIGURE: The Network Performance Monitor’s web interface is modern and easy to navigate.

sw1.png

 

Network discovery started immediately after finishing the setup. In our test, the discovery worked flawlessly, identified every single network interface as well as all protocols running over the interfaces and resolved names accurately. NPM then starts working straight away, so the interfaces are already up and running when the system manager or web console is started up for the first time. The first tranches of performance data are available immediately, including average response times and packet loss, availability, CPU load and memory usage as well as network adapter information (error and traffic charts). The initial network-wide summary charts and top 10 summary charts are also available.

Similar to PRTG and WhatsUp, two user interfaces are available: the system manager as a Windows GUI and a web console. Most administrators use the web console. The console is very simple to navigate and makes it easy for the user to view and adjust data in graphs, tables, maps and top 10 lists. The interface is a lot of fun - it reacts quickly and is straightforward to use and easy to adjust. Network status queries are answered easily and quickly.

 

FIGURE: The Network Performance Monitor's web interface is modern and easy to navigate.

sw2.png
Network Performance Monitor characteristics

 

As mentioned previously, NPM is focused on monitoring network performance. If a company needs to monitor application performance or manage network configuration as well, they would need to use a different product or module. Optional expansions (available for purchase) include modules for NetFlow traffic analysis, IP address and IP SLA management and many other functions. Even without these, NPM is a complex product that requires a lot of patience, even during setup. It takes a long time to install and configure even the basic system.

NPM's alert system is flexible, easy to use and worked flawlessly in our test. Like both other products, NPM generates alerts when events occur or a threshold is crossed. The program offers various options in response to an alert, including the usual notification options, automatic script or program execution and an escalation sequence. The message centre acts as a control centre and presents all network alerts as well as events, Syslog entries and traps.

The standard NPM installation on a single machine is capable of monitoring more than 2000 elements, as long as the hardware is configured appropriately. One element can be a node, interface or volume. If you want to monitor more than 8000 elements, additional polling engines may be necessary. Additional web servers can be installed and may also be necessary, depending on the size of the network. Alternatively, multiple instances of NPM can be managed via the interface in the optional Enterprise Operations Console for distributed monitoring. SolarWinds merges additional polling engines, web servers and a failover engine in so-called scalability engines - which actually cost more than the basic product.

Conclusion

The purpose of this test was to determine whether these monitoring products fulfill the requirements of mid-sized companies. Important factors for these type of organisations are speed of installation, ease of use and the quality and usefulness of the information being provided. Based on these requirements, PRTG Network Monitor is the best solution for small and mid-sized companies. It can be operated by IT "all-rounders and doesn't require specialist knowledge (although even the most advanced techies often prefer a simple, uncomplicated solution). WhatsUp Gold is generally a good solution as well, but it does not deliver all the functionality in a single package, meaning it falls behind the much more comprehensive (and faster) PRTG. The same goes for SolarWinds Network Performance Monitor which fits better in the enterprise market,something which is reflected by its complexity and price.

Copyright © 1998 - 2017 Paessler AG