Network Monitor and Managemnet tool advice
Results 1 to 10 of 10

Thread: Network Monitor and Managemnet tool advice

Hybrid View

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    139

    Network Monitor and Managemnet tool advice

    Could you kindly advise what is the best (or one of the best) management tool for an organization ( platform (servers) are hp, OSs are windows, and infrastructure are cisco devices ) for monitoring network and look at security vulnerabilities ? What I meant to say such a tool that does these two functions together

    Thanks
    Last edited by zillah; November 5th, 2006 at 03:18 PM.

  2. #2
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    Are you familiar at all with Linux? Using open source tools like Nessus and Nmap will allow you to scan your network for vulnerabilities and open ports.

    There are also things out there like "IPaudit, and Snort, and other Intrusion Detection Systems that can give you an understanding of whats happening on the network.

    Google any of the tools and check them out.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  3. #3
    Senior Member
    Join Date
    Dec 2004
    Posts
    139
    Thanks kr5kernel
    Are you familiar at all with Linux?
    Yes I am , but I am trying to use this one at work which has got windows platform, and cisco infrastructure and hp hardware.

  4. #4
    Member
    Join Date
    Oct 2003
    Posts
    62
    i believe what kr5kernel is alluidng to, is using these tools in your production environment to help identify potential issues and i do note your concern that perhaps it should be your enterprise environment compliant. you are using cisco, heard of cisco works/solarwinds? there is also concord's (ca) ehealth suite, microsoft baseline analyser and microsoft operations manager (mom), to an extent wsus to help offset. your hp sims should also help with hardware management that in conjunction with mcafee's av and what they have done with foundstone whould hold you in good stead. i see in other posts you ask another question along single sign on and related to this post for me is a concern. what i would like to know is, where is your ict strategy in all of this? what role does ict governance/strategy play in purchases in your company/organisation? also, tools dont necessarily in themselves solve problems without the correct processes and procedures in place. hey before i forget, cisco trust agent (cta) and secuirty agent (csa) if you have the bread. otherwise, ethereal running on freebsd of course (hahaha) and the like will do nicely with proper filtering in place.
    HO$H Pagamisa. Pro Amour Ludi....

  5. #5
    Senior Member
    Join Date
    Dec 2004
    Posts
    139
    cisco trust agent (cta) and secuirty agent (csa) if you have the bread.
    We have got Cisco Security Agent-CSA- (has not been used) only.

    1- Can CSA do both jobs (monitoring network and look at security vulnerabilities ) ?

    2- Is CSA compatible with hp server ? i.e. Can I use it for hp servers as well ?

  6. #6
    Member
    Join Date
    Oct 2003
    Posts
    62
    1:a) network monitoring not as far as i know. u need a monitoring tool/ solarwinds ehealth and the like
    1: b) csa afaik can help identify sec vulns and virii(uses). it is part of an ids/ips suite
    2: csa is indeed compatible with hp servers.

    remember though that this is part of cisco network access control and for use in conjunction with your av like mcafee who helped develop the nac with cisco no matter what that cisco rep told you about it being able to stop blaster without an av etc etc. i bring again to your attention, your ict strategy? what is it you wish to achieve, where is your cobit, itil, tort, sox compliance etc?!
    HO$H Pagamisa. Pro Amour Ludi....

  7. #7
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    742
    I dont think you are going to find one application that will do everything you need (at least not do it well).

    The applications above are great suggestions to use. kr5kernel was suggesting if you can use Linux, despite the fact what you have is windows and cisco, Linux has a lot of free applications that are security based that are amazing at doing what you want to do.

    EG: Nagios is an excellent application for monitoring devices
    Whats up Gold is another application that can be used for this (windows side)
    Cisco Works
    Insight Manager (should have come with your HP servers)
    MRTG for monitoring network activity.

    There are a lot out there but as mentioned you should look at what your corporate policies and procedures will let you do and what direction your company is taking. Make sure you assess what you really need before you start dropping money left and right on these solutions. Make sure its worth the time and money investment.
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  8. #8
    Banned
    Join Date
    Mar 2002
    Posts
    968

    Exclamation

    I'm no Network Admin or anything so my suggestion could be worth pennies but...


    On the topic of using Linux, could he not just use a Live Linux CD like SLAMPP LiveCD and boot into it without having to install Linux and use the included network monitoring/testing tools? This way he can avoid affecting any company computers with Windows installed and use the free tools that Linux users enjoy?
    Last edited by tyger_claw; November 7th, 2006 at 04:02 PM.

  9. #9
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    You don't really say if you're looking commercial or OSS... so let me point you towards http://www.ncircle.com/index.php?s=products_ip360

    It's a vulnerability and risk management solution (and yes.. I work for them so you can think what you want)... but it's a great product... fits into the same category as Nessus/Tenable, Qualys, etc..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  10. #10
    Junior Member
    Join Date
    Jan 2008
    Posts
    1
    Using open source tools like Nessus and Nmap will allow you to scan your network for vulnerabilities and open ports.

    There are also things out there like "IPaudit, and Snort, and other Intrusion Detection Systems that can give you an understanding of whats happening on the network.
    Thank you. Nessus it is just what i wanted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides