Network Management
Tools Presentations
Saturday-Monday, Sept. 18-20, 2004, 6:30 PM
CSE 552 – Network Management
Fall 2004 (Term 041)
Assignment 1
Schedule of Presentations
Speaker(s)
Tool
Bandar Al-Saifi
PRTG
Mohammed Aijaz Mohiuddin
windump
Abdullah Basalamah & Saeed Bawazir
CyberGauge
Baher Y Al-Ramady
MRTG
Husain Al-Saeed
Visual Route
Saad Ibrahim Al-Howaymel & Wael Abdul -Jalil Hamri
jffnms
Adel S. Al-Shahrani
NetRAT
Khaled Al-Utaibi
LANsurveyor 8.5
Fahd Abdul Hameed
ManageEngine opManager
Khaled Al-Motairi
CommTraffic
Fawaz M. Alhazemi
Graph.pm Chart::Graph
Hassan Al-Matouq
Simple Router Grapher
http://snmprg.sourceforge.net/
Mazhar Ali Iqbal
LANsurveyer
http://www.neon.com/LSwin.html
Yasser Al-Sawy
SNMPc
http://www.castlerock.com
Network Management Tool with PRTG




What is PRTG.
What PRTG can do for you.
How PRTG works.
How to configure PRTG.
1. Add a new sensor.
2. Access Sensor Data.
3. Sensor Settings.
4. Setting PRTG Program Options.
Network Analyzer(WinDump)
By
Mohammed Aijaz Mohiuddin
#230417
Brief Overview of Network Analyzer
• It is GUI interface to command line tool windump(on windows).
• Functions:1) Capture and display network packets
2) Display packets stored in a file
3) Capture network statistics
4) Perform real-time network monitoring
• Requirement:WinPcap Driver. This driver allows most types of network
cards to be placed in promiscuous mode.
• Input:- user activity.
Output: Display of Packet Information
Output: Network Statistics
Output: Real-time Network monitoring
What more can be done……
Some of Many are as follows..
1) Can capture the traffic of a specific host or specific subnet
2) Some PCs may have multiple interfaces. Traffic on a specific
interface can also be obtained.
3) Incoming traffic to a host or Outgoing traffic from a host or
Both can be captured.
4) Can store the result to a dump file for later purpose.
Thank you.
CyberGauge
Network Management Tool
By
Saeed Bawazir
Abdullah Basalamah
CSE 552
Agenda
• Overview of CyberGauge Network Management Tool
• Uses of the Tool and Examples
• Conclusion
Overview
 Windows-based Application Neon Software, Inc
 Monitor switches, routers, hubs, servers…. Etc.
 SNMP and MIB II
 Automatically create:
 utilization graphs
 daily, weekly, and monthly quality of service (QoS),
 Receive alerts for both non-responsive devices and traffic thresholds
 Monitor 5, 10, 20 or 100 devices
How it works
 sends an SNMP query over network to router's MIB
 Several SNMP queries were sent to the router to compile a list of
the network interfaces present on that router, along with each
interface's maximum speed and its type.
 another SNMP query was sent to obtain the router's name, type,
location, how long the router had been running, and the person
responsible for maintaining the router.
 determine how much bandwidth was consumed during the
Monitoring Rate interval, and calculates the percentage of the
total bandwidth available
Input
Output
Output
Uses of the Tool and Examples
Uses of the Tool (Device Information)
• CyberGauge Provides the troubleshooter:
Name, Type & Location of network device
Uptime
Number of interfaces.(useable/unuseable)
Party responsible for device
Uses of the Tool (Interface Information)
•For each interface:
 Interface name
 VLAN
 IP address
 Type of network connection (Ethernet,..)
 Max. speed (not actual)
 Status
Uses of the Tool
By CyberGauge: CCSE Primary Switch
Device & Interfaces Information
Uses of the Tool (Performance Management)
Monitor Network Connectivity:
Throughput
 Link Utilization
Statistics Collection
Examples (CCSE – ITC)
The IP address used: 196.1.65.253
Interfaces Statistics
Examples (CCSE – ITC)
CyberGauge: IN/OUT Throughput for Up Link CCSE-ITC
MRTG: IN/OUT Throughput for Up Link CCSE-ITC
Examples (CCSE – ITC)
All Interfaces Can be Monitored
Examples (Local Company)
IN/OUT Utilization for 128K Leased Line
Examples (Report Generation – CCSE Interface)
 Report can also be generated as the device
and interface is specified.
 Sample Test for an interface in CCSE Switch:
Date
Time
IN (Kbps)
OUT (Kbps)
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
09/15/04
11:33:28
11:33:43
11:33:58
11:34:13
11:34:28
11:34:43
11:34:58
11:35:13
11:35:28
11:35:43
11:35:58
252.9
236.1
161.9
184.8
67.6
202.2
283.9
336.3
179.0
223.8
615.9
82.4
61.1
48.8
36.7
108.4
28.2
134.3
66.5
119.6
52.1
39.4
Conclusion
• CyberGauge…
 Utility for monitoring bandwidth
information from any SNMP-based device
 Answer critical questions:
·How much of my Internet bandwidth am I
currently using?
·Are slowdowns in Internet access related to
increased use of my Internet connection?
·Am I getting the bandwidth promised by my
Internet Service Provider (ISP)?
MRTG
Baher Al-Ramady
978504
OUTLINE
What is MRTG
How it works
How to use it.
Example 1 
Example 2. 



Multi Router Traffic Grapher
Monitor the traffic load on network-links.
Open Source Code. Perl & C.
SNMPv1 & SNMPv2.
Visual representations of the traffic.




How MRTG Works
SNMP request.
Log the response.
File size does not increase.
Graph the polled data.




How to use it
IP, Community & OID.
SNMP Agent.
perl cfgmaker [options] [community@]router1
cfgmaker public@10.221.0.65
Make .cfg file.
Workdir: d:\inetpub\wwwroot\
Interval: 5
RunAsDaemon: Yes








Example 1 (Cat3550-335-1145 in 22335-1 )
Standard Interface MIB
Example 1 (Graph)
Example 2
1.3.6.1.2.1.31.1.1.1.6.index
Example 2 (Graph)
Conclusion
Visual Route Server
Function
This VisualRoute Server provides a graphical
traceroute from this server to any other network device
you choose, useful for pinpointing network
connectivity problems and identifying IP
addresses.
VisualRoute Personal Edition combines essential
networking utilities, including traceroute, ping, WHOIS,
and reverse DNS, to determine precisely where and
how traffic is flowing on an Internet connection,
providing a geographical map of the route and the
performance of each segment.


VisualRoute Features
See actual IP address locations - identifies the
physical city/country location of IP addresses -- which is
often quite different from the IP registration location -and shows the path of an Internet connection on a global
map.
Worldwide WHOIS reporting - get instant domain and
network registration information from worldwide
databases, so you can easily report a network problem
or investigate an IP address.


VisualRoute Features
Internet connectivity analysis - answers the question "Why can't I
get there from here?" by providing an analysis of the Internet from
where you are to where you want to go. VisualRoute will help you to
determine if a connectivity problem is due to your ISP, the Internet,
or the host you are trying to reach, and pinpoints which network (ie.
WorldCom, Verio, Ebone, MSN) a problem is in.

Automated ping reporting - the Ping Grapher tool
continuously monitors the response time of a network
host.
Application port testing - reports the availability of
popular IP services including POP3, FTP and SMNP.


VisualRoute Features
eMailTracker - traces an email address to its email
server, providing helpful information for resolving email
problems. For identifying the source of emails that have
been received, use VisualRoute together with the
popular eMailTrackerPro product.

VisualRoute Outputs
VisualRoute provides three types of data: an overall
analysis, a data table, and a geographical view of the
routing.
The analysis section provides the number of routing
hops, where problems occurred, the web server software
running at the destination site, and identifies any routing
loops.
The data table lists information for each hop, including
packet loss, IP address, node name, geographical
location, ping response and the major Internet backbone
where each server resides.



VisualRoute Outputs
The zoomable world map gives a graphical
representation of the actual path of an Internet
connection.

VisualRoute Outputs
Example 1:www.ibm.com
Example 1:www.yahoo.com
JFFNMS
Saad Alhowaymel
Wael Hamri
Introduction
JFFNMS is a Network Management
System designed to maintain
SNMP / Syslog / Tacacs+ Networks.
It can be used to monitor any
standards compatible SNMP
devices, Servers, or TCP ports.
JFFNMS can take input from
syslog
SNMP traps
poll a network element for its status






Features
Alarming of syslog and SNMP trap events
SNMP polling of router, switch and network
interface status
Graphing of various statistics of network
device interfaces
Graphing of host information such as CPU,
memory and disk info.
Notification via email based upon complex
alarm filtering
Configurable Event Types and Security
Levels






Features
Advanced Event Filter 
Interface Auto-discovery 
Open Source 
http://sourceforge.net/project/sho
wfiles.php?group_id=46041
Total Administration via web 
Etc.. 
www.jffnms.org/features.php 
Installation:
Install Apache Windows
Install MySQL
Install PHP
Install JFFNMS
Integration Packages:





Install RRDTOOL 
Install NMAPWin 
Configuration

Demo
http://jffnms.netzwerker.net/

Thank you…
Network Management Tool
By
Al-Shahrani, Adel S.
986074
September 18,2004
Outline
Introduction
Tool’s Features
Downloading, installation
Using tool
Conclusion





Introduction
NetRAT Software provides network
discovery and analysis software that
Discover, analyze and compare assets –
found across the enterprise.
It can compare historical reports; –
highlighting changes, additions and
deletions to the network

Tool’s Features
Discovery of resource types (provider,
domains, workgroups, computers or
terminal shares)
SNMP: analysis displays devices and details
if filled out on the box in a network tree
view or network diagrams.
LDAP & E-mail
Customized: ping, portscans, Traceroute and
WHOIS




Tool’s Features (Cont.)
Detailed discoveries can be run against:
Servers
Accounts
Groups
Privileges
File Security
Registry Viewing
Files/Keyword Searches
Differential Analysis
Log Analysis
Reports, Charting and Diagramming
Data Protection
–
–
–
–
–
–
–
–
–
–
–

Downloading & Installation
By downloading
trial version from
NetRAT Site.
Run Setup.exe and
complete installing
the tool


Conclusion
NetRAT is network discovery tool

Reports

Compare Historical Data

Protecting Data

Thank You
LANsurveyor 8.5
Introduction
LANsurveyor is a network management software .
Use to automatically map networks of any size.
Provide a graphical interface so you can manage
your network from anywhere on the network.
Provide software and hardware inventory reports.




Enter Map Parameters
Draw Your Map
Create Poll Lists
Verifies that map objects are responsive
Provides statistics on how quickly the object
responds.


Poll List Window
Conclusion
Trail period one week.
$495.
www.neon.com.



CSE 552
Network Management
Name: Fahd Ahmad Abdulhameed
ID# 978509
ManageEngine™ OpManager 5
18 September 2004
ManageEngine™ OpManager 5

System Requirements

Features

How is it work?

Samples
ManageEngine™ OpManager 5

System Requirements
Any 32-bit x86 compatible Processor
running above 700 MHz
 512 MB RAM
 200 MB Hard disk space
 24-bit color display

ManageEngine™ OpManager 5

OpManager Features
 WAN Monitoring
 Server Monitoring
 Switch Monitoring
 Printer Monitoring
 CPU, Memory & Disk Monitoring
 Fault & Performance Monitoring
 Adaptive Management
 Networking Tools
 Client Options
ManageEngine™ OpManager 5
ManageEngine™ OpManager 5
ManageEngine™ OpManager 5
CommTraffic
CSE 552 – Network Managment
Name: Khaled Al-Motairi
ID#: 983072
Overview
 Displays statistics in graphical and
numeric form
 generate an array of reports that
reflect the network traffic volume and
Internet connection expenses
 view the traffic statistics by local
hosts, remote hosts, IP protocols and
remote/local TCP/UDP ports
Example
 WWW: http://www.tamos.com
WHAT IS Perl?
• Perl is a language like C/C++, C#,
JAVA…etc.
• Open Source.
• Can be run over most existence platforms.
Perl & Network Management
• Two ways to implement SNMP in Perl:
 Call command-line programs
 (e.g. UCD-SNMP)
 Need a community name on the command line.
 Using Perl SNMP module.
 Net::SNMP by David M. Town
 SNMP_Session.pm by Simon Leinen
 SNMP Extension Module v.3.1.0 for UCD SNMPv3
library (or SNMP)by G.S. Marzot.
Perl SNMP modules
Net::SNMP SNMP_Session
.pm
SNMPv1

SNMPv2

SNMPv3

SNMP *



Perl SNMP modules (cont.)
• SNMP need to be linked against a separate
pre_built UCD-SNMP library, while
Net::SNMP and SNMP_Session.pm can
work with Perl alone.
• UCD-SNMP library can be built in your
platform.
• Best selection is SNMP.
Examples
Check handout given
Questions
Simple Router Grapher (SRG)
By
Hassan M. Al-Matouq
Outline
Introduction to SRG
Overview of SRG
Applications
Examples




Introduction
Delphi Applic.

Monitors SNMP device/local computer

Displays info as a graph/text

Overview
Local Computer: asks Windows for values
Host name
Local IP
Upload/download
CPU usage
Free/used RAM
Uptime
Free disk space
–
–
–
–
–
–
–

Overview
SNMP Device: sends SNMP queries (OID)
Host Name
IP
Download/upload…etc.
–
–
–

Overview
Overview
Overview
Applications
Monitoring traffic

Collecting statistics

Examples
Examples
LANsurveyor
CSE-552 Network Management
Overview & Features




LANsurveyor is easy to use, proven
network and desktop management
software.
Draws network map showing the logical
connectivity of your network
Make queries to network objects
Scan your network for intruders.
(Intrusion Detection System)
Overview & Features




Real-time Network Monitoring using
alerts
Generates Managed Hub/Switch Reports
Asset Management
Desktop Management (Shutdown,
Restart, synchronize clocks)
Draw Logical Network Map



Select the protocols
to use for searching
Provide community
strings for SNMP
devices if any.
Provide IP Address
range to saerch
Draw Logical Network Map

Sends



SNMP Requests
ICMP Request
Searches




Subnets
Nodes
Routers
Switches
Draw Logical Network Map
SNMPc from Castle Rock
Computing
Yasser Alsawy
Features
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Monitors SNMP devices, WAN Links, Servers and Applications
Supports SNMP v1, v2 and secure SNMP v3
Scalable, Distributed Architecture
Email/Pager Event Notification
Vendor Independent - Manages any SNMP device from any vendor
Key Network Metrics (e.g. Utilization)
Automatic WEB & Printed Trend Reports
Live/Standby Servers with automatic failover
Automatic Baseline Alarms
Runs as Windows Service
Remote Console & JAVA Access
Real-time MIB Displays
Automated Network Discovery
Programming Interfaces
OEM Version Available
Two types offered
• SNMPc Enterprise Edition employs a distributed
polling agent architecture to provide a high
performance solution capable of monitoring networks
from several hundred devices to tens of thousands.
Remote software and Web based consoles provide
network information to everyone who needs it.
• SNMPc Workgroup Edition is an affordable version
of SNMPc suitable for a single user and small to
medium sized networks.
Scalability
Multiple Login Consoles
SNMPc Enterprise provides remote access consoles through JAVA or
Windows based client software. Each remote user is assigned a security level
and unique view of the network based on their user login. The ability to
provide individual network views is useful in large corporate or MSP/ISP
environments.
Manager of Managers
SNMPc Enterprise can be deployed as a hierarchical management
system providing a single view for multiple branch level SNMPc installations.
A full peer-to-peer architecture is supported where each SNMPc
Enterprise can be both a branch and top level manager simultaneously. This
lets you to deploy a scalable fault tolerant management system. Existing
customers have used this architecture to deploy solutions monitoring
networks in excess of 200,000 devices.
Reliability
Live/Standby Servers
To ensure a reliable 24/7 network monitoring
solution SNMPc Enterprise supports live/standby
management servers. The backup SNMPc server
continually monitors the primary server and in the
event of a failure automatically takes over all network
management functions. An automated failover process
includes the reconfiguration of any distributed polling
agents in the network. Through the standby server
feature, users can continue to monitor their network if
the primary system is disabled through system failure,
human error or other unforeseen circumstances.
Console options
•
JAVA Console
The SNMPc Remote Access
Extension supports a JAVA based remote
console. The JAVA console can be used
from any Internet or Intranet connected
computer, including Apple, Linux and
Windows systems. The SNMPc Java
Console is optimized for low speed WAN
lines, making it well suited for use by
outsourced Network Service and Help Desk
personnel.
Basic functionality includes user
specific topology map displays, event log
views, and real-time MIB table/graph
displays. Long-term trend reports can be
viewed after selection with a calendar
control. Also included is a JAVA proxy
Telnet application for configuration of
Cisco routers and other devices.
Network mapping
Advanced Network Mapping
SNMPc supports a multi-level hierarchical map.
Each hierarchy can represent cities, buildings, or
subnetworks. Imported bitmaps of geographic maps or
floor plans, along with manual or automatic network
placement, lets you create a layout that closely matches the
actual network.
SNMPc can automatically lay out each map
network as a tree, ring, or bus topology. Each map object
uses a device specific or user selected icon, and the object
color indicates the device status. You can start any device
specific application by double clicking map icons.
The Map Navigation Tool Window displays the
map as a tree for direct selection of objects. The
Navigation tree also displays the current alarm status of
each subnet to quickly locate failing devices.
The map window Full Zoom feature
automatically moves and zooms the view so that all devices
are always visible in the window. The Pan/Zoom feature
lets you select a region to zoom into from the complete set
of devices in a view.
Monitoring & Alerts
•
•
•
Availability and Status Polling
SNMPc automatically discovers and polls SNMP/ICMP, WEB, FTP, SMTP, and TELNET services, as
well as up to 16 user-selectable TCP services per node. Each application can also be configured to match on
"success strings" returned by the service. Along with real-time service status, SNMPc Enterprise also provides
WEB-based Availability Reports.
Automatic Threshold Alarms
Once Trend Reporting is setup, Polling Agents monitor all report variables for a learning period and
calculate a baseline for typical patterns.
Thereafter, the Polling Agents compare the actual polled data to the baseline and generate alarms when
variables deviate excessively from the baseline. Polling Agents automatically adjust baselines as traffic patterns
change. You can also manually configure alarm thresholds for any polled variable.
Alerting
SNMPc changes the color of map objects and performs other actions based on received events. Event
Action Filters select the action to take when an event occurs. An "easy event" filter option lets you to create
event filters directly from log file entries.
SNMPc offers a wide range of event actions including:
–
–
–
–
–
Email, Page
Play WAV Sound
Execute Application
Forward SNMP Trap
Pop-up Alarm Window
Trend Reporting
•
Scheduled Printed and WEB Reports
SNMPc Enterprise automatically
generates scheduled daily, weekly, and monthly
statistic reports. Report formats include graph, bar
chart, distribution, and summary. They can be
exported to a variety of destinations, including
printers, files, or a WEB server.
SNMPc Enterprise report setup is very
simple. After selecting a group of nodes, simply
select the report, the reporting style, destination,
and schedule. SNMPc Enterprise automatically
collects the data and gererates the reports. You can
use the included TrendView application or a WEB
browser to view reports from any workstation.
•
ODBC Export
SNMPc Enterprise can automatically
export all saved long-term statistics to industry
standard ODBC databases. Use familiar tools such
as Seagate Crystal Reports or Microsoft Access to
generate customized trend reports.
Setup
Discovery seed
Manage console
Active events
Hub view