However, in a production environment these factors would likely not receive as high of a weight and more weight would be allocated to functionality. Therefore, I placed a significant weight on the above two factors. The weighting is important because I needed to make sure the areas of installation and user interface were well represented given the short time-period of this assignment and course. ![]() Each requirement has a relative weight of importance and received a score from 1 to 5 based on my evaluation of the tool across the following four areas functionality, OS compatibility, ease-of-installation and finally, ease-of-use. I did this to ensure an objective analysis of the different packages against a pre-determined set of requirements. The approach I took to this assignment was that of a request for proposal (RFP). Selection of the Network Visualization Tool ![]() Therefore, I put this on pause for the near-term and will consider revisiting in the future as it does appear to be a viable solution. In addition to the concerns regarding the immediate installation requirements, it lacked some features that I suspected I may need like SNMP monitoring and the ability to interrogate the data directly against an RDBMS system. I had everything working perfectly in my lab environment with Wireshark and ntopng monitoring traffic on all three nodes. The proposed use-case would use Wireshark for in-depth packet analysis and ntopng to handle permanent monitoring.Ĭacti is a tool with great graphics, however, I immediately disqualified it due to the risk and hassle to install it on my working CentOS environment. Specifically, Wireshark has been traditionally used for in-depth packet analysis while Wireshark cannot be used as a long-term, permanent monitoring tool, but rather as a tool used to analyze specific issues. There are use-cases where Wireshark and ntopng can work together. Ntopng moved from a monolith, closed architecture to three different and self-contained components, communicating with clean API calls. One of the main improvements was to the architecture. Ntopng addressed many of limitations of ntop through a complete re-write of the code, new UI standards (HTML 5) and real-time processing of traffic. Ntop was effectively obsolete for a number of reasons Its original LAN-oriented design prevented ntop from handling more than a few hundred Mbit, the GUI was an old (written in 1998), could not be used as web-less monitoring engine to be integrated with other applications and finally, many components written in 1998 and lots of spaghetti code. This is a complete re-write from its predecessor ntop. It is clear that it has been well tested in the field and continues to improve with its large following. Wireshark appears to be the dominant tool given the number of online instructional videos and search results. Does not support RDBMS for storing information.Extremely involved installation process with many.Use of templates allows more convenience for.Graphical UI graphs can toggle between list view and.The open-source, industry-standard data logging tool RRDtool. Network monitoring and graphing tool designed as a front-end application for Complete rewrite over its predecessor – ntop.UI updated to HTML 5 excellent graphics.In order to virtually run on every Unix platform, MacOS and on ntopng is based on libpcap and it has been written in a portable way Of the original ntop, a network traffic probe that monitors network Can only collect info from a network, not send.Notifications do not make it known if there’s an.Millions of instructional videos available on-line.It is used for network troubleshooting, analysis, softwareĪnd communications protocol development, and education. This consists of a Host running a virtual environment with three nodes, each running a specific operating system and application. This tool needs to monitor the network end-to-end for my topology (see Appendix A – Network Topology). The criteria I used to select the network visualization tool for my lab environment was based on a number of factors that would ensure I could monitor the network for performance, traffic usage, faults and availability. In addition to functional requirements ease-of-use and ease-of-installation will be included in the criteria. The traffic will be evaluated in packets, bytes, bandwidth, latency, responsiveness and the CPU use of hosts (Tittle & Lindrose, 2017). The primary use-case will be to understand the network traffic across the three nodes within the virtual environment. The section will include a simulated procurement process to select the right tool based on a defined criteria. ![]() In this section, I will be sharing the process I used to set-up the environment to monitor and visualize network traffic.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |