Troubleshooting or Management tool? Which is the right Networking tool for me?
Read our guide to make sense of the different types and how they help. Networking tools generally fall into two basic groups:
- Troubleshooting tools for engineers and support staff
- Management/Planning tools for long term reporting, managing hardware, capacity planning etc.
It sounds simple enough, but is often not fully understood with many companies trying to find the “Right” tool that ticks all the boxes for a good value price. The nature of the problem is as follows, Management personnel like to see data over time, summaries of performance and spot whether trends are getting better or worse. Whereas Engineering staff require more detailed information in real time to solve problems.
Basically these two requirements are opposites, many manufacturers may claim their tools do it all, however in 20 odd years of looking we have yet to find this to be true! Putting it another way, Engineers want to look at 1 second chunks or smaller, but Management want to look at weeks/months or longer. A single data set can’t cover all these options and if someone did build one, would it be usable?
Typically with Management holding the purse strings, the solution tends to be what they want to see first and the Engineers have to make do. Most issues occur when management style tools are used to try and solve day to day issues and as a result no one gets the answers they need and the tool is left under-utilized, usually stopping future investment.
The basic aim of a troubleshooting tool is to provide information quickly. As a generally rule, the more money you spend, the more layers of detail become available.
At the bottom end they are simple port tests, at the higher end network testers that cover the Ethernet, TCP/IP and response time issues in a single unit. Troubleshooting tools need updating as new technologies evolve (e.g. wireless & 10Gig). The reports they produce will be snap shots of a particular situation in time, with lots of detail, which suits a troubleshooting role or help desk ticket but is relatively meaningless in the overall picture of the network health.
Classically engineers put some sort of analysis software on their laptops for investigating issues, but experience has shown that this is not an efficient way to solve issues. Cable, NIC card, duplex and IP configuration problems to name a few are not solved with packet captures, yet these take up most of the support calls people receive.
Freeware products in these fields are available but these have less capability for analysing the data, hence take longer and require more skilled staff to get to the bottom of the problems. More skilled staff are generally kept away from these types of issues as they have more value elsewhere, so this approach tends to be very ineffective. Tools that cost money tend to be quicker due to better interfaces, better diagnostics and better reporting thus appeal to a wider staff ability range. However although valuable, these tools are only part of the tool set required.
Troubleshooting tools in this area range from £1K for handheld port testers (LinkRunner), through to £5K laptop software analysers at the packet level (Observer Analyzer) with all-encompassing tools that cover the field from top to bottom at £20-25K (OptiView).
One of the main differentiators with management tools is that fact they have databases to store information through time. Generally speaking the more sources of data (SNMP, NetFlow, WMI, Packet analysis) from more places, the more they cost. The problem with using these tools as a troubleshooting products is the granularity of the data sources available to them. See the different layers broken down below:-
Popular SNMP tools do not read the packets themselves, but look at counters in the switches/routers/servers and calculate metrics from there. Typically this information is summarised into 2 minute chunks and does not provide any information on the content of the frames, just the number of frames passing through each port. The value of such tools is the recording of many popular metrics such as utilisation, CPU & memory, plotted through time to establish patterns. More expensive tools in this area have more advanced data collation by summarizing groups of devices into single metrics, whilst cheaper tools tend to report just on a per device basis. Budget price £5k - £50K (such as Solarwinds).
NetFlow tools get TCP/IP based information from the Layer 3 devices in the network, adding top user and protocol information which is very useful. Unfortunately the granularity is technically limited to 1 minute chunks, hence has restrictions solving many issues. However this technology is very good for WAN bandwidth management. Budget price £5K - £25K (such as Plixer).
Transaction monitoring tools make requests of key devices at regular intervals and monitor the response times they receive. They are able to split the response time into network delay and server processing elements, hence are better at monitoring the sort of response times that users actually experience. These tools are good for monitoring realistic numbers but give less detail on the actual causes. They also plot the effects of network changes from a user/desktop point of view which can be very revealing. Budget £25K (such as Observer Apex).
Packet Analysis (with storage) solutions have the ability to measuring real traffic streams and can look at any aspect of the traffic. The main advantage of having storage based packet analysis is that it allows you to go back and look at problems that occurred in the past, rather than waiting for problems to re-appear. These solutions are potentially the most powerful, but require high skill level to operate and extract the information required. Individual units can be deployed into key parts of the network and left monitoring for days and weeks until the disks are full and the data starts to over-write. As standalone units there are lots of detailed reports available and some summary reports may be generated. Budget £20-£40K (such as Observer GigaStor).
The Packet Analysis solutions can be upgraded into all-encompassing management solutions which have a master unit storing summary information from one or more probes deployed in the network. This does give a more or less complete solution, as the probes provide huge amounts of detailed information on the traffic whilst the master reporting server summarises all this data into a small number of key metrics which are more management based. These solutions are excellent, but are not perfect. They can only work for the areas that are covered by a probe, they do need more skilled and experienced staff to get the most from them and they don’t provide the mobile engineer in front of customers that the end user likes to see. Pricing for these solutions varies on the number of probes you want to cover, but a single solution requires a budget of £50K, going up to £250K for one with 6 probes and upwards from there as you increase coverage.
Engineers and managers require different information for different reasons and hopefully we have gone some way to explain why. At the very top end solutions do start to bring the technologies together but these are six figure solutions, so not exactly available to the masses. Our advice is to look at your requirements separately and don’t be afraid of buying more than one tool. With each tool being associated with a specific job, it's perhaps more simple to use and allows users more confidence!