Embed Size (px)
Citation preview
Axence nVision 3.5
“You can’t manage what you can’t see” – this was the motto of Axence Software while designing nVision. So the main focus in this product is on visualization and that makes nVision stand off the crowd of network monitoring solutions – from interactive network maps to clear real-time and historical performance charts – the administrator has all aspects of his network and user activity at a glance.
nVision automatically discovers the network and monitors servers, applications, routers, as well as user activity; collects hardware and software inventory. Additionally provides alerts and reports concerning the performance of all assets.
Image 1. nVision main window (with interactive network map)
Network discovery
nVision deploys quickly – within a few minutes the program will automatically discover every host in your entire network (including neighbor networks behind the router), then scan for services running on them and network interfaces.
nVision has a very advanced network scanner allowing you to discover all the hosts in your network. It also detects all routers and "goes through" them to scan all neighbor networks. It discovers all hosts and then scans for services and applications running on them, such as HTTP, FTP, mail & database servers, etc.
The scanner uses ICMP and SNMP to detect hosts and determine their type: router, switch, Windows, NetWare, Linux, network printer, etc.
Routing map - nVision creates a routing map to reflect your network logical organization. This map is created on the basis of the information held in your router’s routing tables.
You can add as many networks to the atlas as needed. When adding a network, it will be scanned for hosts, so you first have to go through the network discovery wizard to define your scanning options.
Network visualization
Hosts are presented on interactive maps – displaying all critical information (leading service response time, services & host down time, alerts etc.), so the administrator could quickly find out problems and focus on them instead of investigating what's wrong.
Host icon presents a wide range of information right on the map – displayed in these examples:
Host type: Windows XP
Leading service (usually PING) response time is 10ms
Host status <Warning> (yellow icon) because service HTTP is down since 4min 1s
Leading service response time & percent packet lost is visualized on the chart
This is SNMP manageable host
Host type: Linux server
Host status <Down> (red icon) since 1 day 2h
There are 3 currently open (unresolved) alerts.
Maps are easily customizable. The user can arrange icons, link them, place bitmaps in the background etc. nVision also automatically creates a routing map to reflect the network topology.
Monitoring the network infrastructure
Using either TCP/IP, SNMP or WMI (Windows Management Instrumentation) and several other specialized probes the program can identify and monitor critical network elements:
Systems
Windows, Linux, Unix servers; routers, switches, VoIP, and firewalls
SNMP devices supporting SNMP v1/2
TCP/IP services
HTTP, POP3, SMTP, FTP and 50 other; you can monitor their response time and percentage of lost requests. You can also define new services.
Mail Servers
Mail server is one of the most critical systems for any company. nVision can monitor server for both incoming and outgoing mail services. nVision not only checks whether mail services respond to simple requests. It also performs real test operations like sending and receiving e-mail. The time required to log in and check for a mail list can be monitored and presented on a chart. nVision can send test e-mails and log the time of this operation.
Whenever a mail server is experiencing any problems, you will be notified.
Web servers and URLs
You can monitor page load time and content change.
Web site is one of the most important mediums for any company. nVision monitors web page load time. This is measured as if a user would work with the page. All objects are loaded – even flash, dynamic content etc. The load time can be later
presented on the chart and alerts may be raised when this time rises unexpectedly.
You can also set up alerting when a page changes content. If you have a page with partly dynamic content, that’s not an issue because nVision shows you the percentage of change (not just a changed/unchanged option).
Windows services
Windows service monitor alerts in case of a service going down and allows to start/stop/restart it.
Image 2. Windows services monitoring
Routers and switches (MRTG)
Interface status changes and network traffic; connected computers and traffic generated by them.
Image 3. Routers and switches monitoring
Windows and SNMP device performance
Performance counters - Windows and SNMP - like CPU utilization, memory, disk space, network transfers and many more. Information about performance and down services is indicated right on the map, so it’s easy to quickly locate problems. There is also host info window which presents information about the host: status, charts, etc.
Image 4. Host info window – general information
MS SQL, Exchange, IIS and other applications
nVision allows monitoring the health of applications like: MS SQL, MS Exchange, MS IIS, Windows system and many other. Monitoring is performed with WMI and SNMP. This way the administrator can setup multiple counters to watch status of all systems and be alerted whenever such parameters like CPU utilization, cache memory, cache hits, number of sessions etc. will go out of range.
Image 5. Host info window - performance chart for POP3 & HTTP servicesYou can set up multiple alerts to monitor the status of your systems and receive an alarm whenever they go down or experience problems, like important parameters going out of range.
nVision uses smart monitoring technology which ensures that every service and counter is monitored as often as possible. It automatically manages the monitoring interval based on the number of nodes. This means that, in small networks, hosts may be monitored as often as every 2-5 seconds.
The dependency feature allows to suppress alerts from devices located behind the router. If the router goes down, the dependent devices will not be polled.
The program can be installed as a Windows service to ensure continuous monitoring.
Network inventory
nVision automatically collects information about node hardware and software:
Computer hardware details: model, CPU, memory, main board, drives, cards, etc.
Rys. 6. Inwentaryzacja (audyt) sprzętu
Installed applications and Windows updates. It allows license usage auditing and verification.
Image 7. Software inventory
nVision will alert you in case of a program installation or any configuration change. So you don't have to check the database periodically to know that a user has installed illegal software - you will get an e-mail.
Image 8. License auditing
Inventory can be collected with WMI or nVision agent. This way, you can use the method, which best suits your network security configuration (many administrators want to keep
WMI closed). WMI method does not require anything to be installed on remote machines while agents actively send the information to the server, so it does not weaken firewall and node security.
User activity monitoring
Optional nVision agents can monitor user activity on Windows computers:
User login and activity/inactivity time
Image 9. User monitoring (activity/inactivity time)
Application usage grouped by the activity type (work, gaming, chatting, web browsing, etc.)
Rys. 10. Monitorowanie użytkowników Visited web pages
Workstation remote control (VNC compatible).
Reporting
nVision provides a wide range of charts and reports. It also allows to create new reports.
Every event (alert) raised in the program is logged in the database, providing analysis of the performance of all hosts or the whole network. This will help you to access reports about the most problematic hosts in the network, frequent problems, etc.
Reports can be fully customized. It's also very easy to create new ones.
Real-time and historical charts
Very clear charts presenting all monitored services, parameters, interfaces and applications.
Such charts can be presented over the desired time range selected right in the program – there is no need to prepare a report. The charts can easily be scrolled, providing fast access to the historical data at anytime.
System performance reports
Reports showing CPU, memory and disk utilization; network interface utilization and traffic.
Service and host availability
Reports showing ping and other service response time, lost requests and state change timeline.
Application performance
Specialized reports showing performance of applications like MS SQL, Exchange, IIS.
Interface traffic and utilization
Charts and reports presenting in/out traffic and utilization of node network interfaces.
Inventory
Lists hardware and software installed on the computer.
User activity
Presents user work time, used applications and visited web pages.
Alerting
You can define a wide range of events when an alert should be raised. Events may be defined based on any monitored parameter and service: host or service down, service response slowdown, application performance degradation, slow page load or wrong page content, e-mail server problems, and much more.
Each event may trigger one or more of the notification and corrective actions, such as desktop notification, e-mail, SMS, ICQ message. Alerts are stored in the event log, so you can analyze them later.
Alert actions can be delayed and escalated. Available notifications & actions: e-mail, ICQ, SMS via e-mail and GSM device and Syslog message, desktop notification, sound, text-to-speech, system restart/shutdown, Windows service start/stop/restart, running external programs, writing to file. All alerts are stored in the eventlog for future analysis.
You can set up several actions to be executed for an alert – for example, notify administrators alternately to ensure that the problem is solved.
Alerts can be defined as global (atlas level) on a map, or even as host level.
Alerts can easily be configured to be valid for specific nodes only (i.e. server or routers only, or important nodes only). For example, this allows you to define just one “host down” global alert that arises only for your servers – and not when users switch their workstations at the end of each day.
Image 11. Event log - list of all alerts (events)
Environmental monitoring
nVision is a great base to setup IT or production environmental monitoring (temperature, humidity, flood etc.). Probes can check for temperature (from -139°F / -95°C), humidity, flood, fire, voltage etc. This ensures that the production processes or a server room will not be exposed to the risk of wrong operating conditions. nVision will alert in such case and provides real-time charts presenting current values as well as long-term trends.
To monitor environmental parameters, nVision uses hardware based probes that you just connect to the Ethernet network. So the installation is very fast and simple.
Image 12. Probes
Agentless
nVision monitors the network without any agents (except user activity monitoring, which is optional), so there’s nothing to install on nodes that need monitoring. No agents to install, maintain or update in order to scan and monitor your network.
NetTools
Available in both Professional and Standard version; a set of handy tools, which consist of NetWatch, graphical ping, fast trace, lookup, bandwidth, NetCheck, host & port/service scanner and SNMP browser.
Why nVision?
There are other similar network monitoring products, but nVision has several unique advantages, which can’t be found elsewhere. The most important are real-time charts & visualization, performance allowing to monitor 10,000-node networks and the ability to track alerts (events) currently in progress.
Performance. Ability to monitor major networks. There is no difficulty in monitoring 10,000 hosts with more than 5 services & counters on EACH of them. The program can collect history and statistics and display them in real-time.
Alerts (events) in progress. You can see which alerts are still open and which are already closed (ended). This means you don’t have to crawl through multiple entries in the event log to check whether they are still unresolved. You will have a list of ongoing events at a glance.
Monitoring balancing. When monitoring a large number of nodes/services nVision monitors each service as often as possible without overloading the system and the network. This is especially important for Windows XP, which limits TCP requests to 10 per second.
Real-time visualization & trending. Even while monitoring large networks, the user can see real-time charts of every service response time and counter being monitored. He can also display charts by any time period needed – in the same place (there is no need to generate any reports or use any external program).
Host status over time. nVision visualizes host status on the chart to verify when a host has been down or had any warnings.
Roadmap
Axence solution is one of the fastest developing. The company is going to add many new features within a few months , such as: web access, new advanced reports, more advanced network discovery and much more.
New features in v3.5 (September 2007):
Web access
Completely new network discovery. It will discover not only device types, but also applications running on them and automatically turn on the appropriate monitors (applications, web and mail servers, network interfaces etc.)
Network scanner will be run periodically to discover new nodes, services and applications.
User bandwidth usage in the user activity
New reports
Improved software inventory with the disk scanner
MIB Compiler.
