Most of us have come across tools that discover the devices on our networks, or act as a central repository for receiving and alerting us to SNMP-originated signals about problems with our networks. NetMRI takes a slightly different tack by taking information about how the network’s devices are configured, combining it with activity and error information discovered from those devices, and some additional cleverness within the NetMRI analysis system.
The unit itself is an appliance that you sit in your server room rack and connect to remotely via a web GUI. Like most monitoring appliances, it does indeed communicate with the various devices on the network and pull their configuration and activity/error stats out of them.
It also pulls this data together into a set of reports which can be viewed on-screen or, in most cases, exported as CSV data or a PDF graphical report. And no surprises, when you log into the unit, the first screen you see is a kind of “overall network health” picture that has some pretty graphs (with entries painted different colours based on severity) and a “health score” out of ten – along with the ability to drill down into the various issues that are listed in order to get more detail about what’s going on.
These summary reports are split into headings to give an idea of what areas of your network have problems of each severity – whether your issues are mainly security-related, for instance, or whether they’re VoIP-related. Additionally you can alter the granularity of the display – so you could look at the last day’s information or zoom out to the last week, or the last month. And a simple but clever inclusion is the ability to bounce to a vendor’s website and search its knowledgebase – so if you’re looking at an HSRP issue on a Cisco device, for instance, you’ll be given a link looking something like “Cisco Search: Blah blah HSRP blah blah” which will open a browser window to Cisco’s website and bash that string into their search page.
NetMRI is more than your basic SNMP monitoring gadget, though, because it collates the data it’s found in the various devices. VoIP monitoring is a good example – where it spots a VoIP problem it’ll figure out the path that was taken by the traffic flow, draw a diagram showing all the devices involved, and paint each box red or green to show whether the problem came about because of a problem with a given device. Then there’s the built-in database of known issues: if it knows that a particular version of a given vendor’s router firmware has a particular bug, then it’ll flag this fact should it come across a device with that version of the firmware.
Next we have a rather clever feature in the shape of the config file comparison tool. If you have a collection of similar devices on your network, it’s not ridiculous to think that they might be configured similarly. After all, many of your devices will have a lot of stuff in common – even if it’s things like login prompts, SNMP community strings, default routes or DNS server identities. NetMRI will compare config files for you, alert you when two devices’ settings differ, and show you where the differences are. (Incidentally, it’ll keep a chronology of config files from day to day – so you can compare a single device’s various configurations and see how changes have been made as time goes by).
Back to the stuff you’d expect from this kind of device and we have the usual capability to generate SNMP traps, send Syslog alerts and throw emails around in the event of a serious problem. You can also tell it to suppress issues that you know about but deem acceptable for specified machines – so if there’s a device that has no connectivity on a given port because you’ve deliberately unplugged it for a while, you can tell NetMRI not to bother telling you this. The concept of device groups is supported, as you’d expect; the system groups things together into pre-defined collections (eg voice-related items or security-related devices) but you can define your own groups to match the physical or logical setup of your network.
The last neat trick we’ll mention is the policy analyser. This is another clever little gadget that takes a computer-readable (but human-comprehensible) policy file and checks the settings of relevant devices to make sure they conform. So for something with a vendor of “Cisco” and a type of “Router”, it might do stuff like checking the admin password is set, and that the console port has sensible protection defined in its configuration.
As I’ve looked at NetMRI, I have to admit it’s been difficult to decide whether I like it or not – it is, after all, rather an unusual beast. It’s clearly intended to be more than just a stats collection and analysis tool, but then much of what it tells you is down to stats collection and analysis. I can’t help thinking that it’s been built over quite some space of time by techies, because the GUI design is functional rather than slick. The configuration file comparator is a neat idea, but then I find myself thinking: “yeah, but isn’t it just doing a ‘diff’ on two lumps of text?” – particularly because you can’t compare configs of similar devices from different vendors because the file formats are different and it doesn’t know how to pick the semantics out of the syntax. Furthermore, I can’t help thinking whether I really care about the policy analyser.
The more I think about it, though, the more certain I am that yes, I do in fact like it. As soon as a network becomes much more than a couple of routers and a few switches, managing it soon becomes non-trivial. The network manager’s life becomes a never-ending drudge of apparently trivial but actually bloody fiddly tasks – keeping versions of stuff in sync, ensuring changes are propagated correctly around the entire network and not missed on one or more devices, having failover devices communicating correctly with the devices they’re the failover candidate for, avoiding duplex/speed mismatches on switch ports that didn’t quite auto-negotiate correctly, and so on.
So yes, I think the GUI could do with the attention of someone graphically talented. And yes, much of what it does is mundane. And yes, the facts of networking life are that you’re always going to get more detailed and complete figures if you have big-brand kit than if you have rare devices whose private MIBs the monitoring gear knows nothing about. And wouldn’t it be nice to have an extra layer of cleverness that pulls the meaning out of the text-based config files from your routers in order to tell you that you’ve set the console password in your Cisco boxes but forgotten in two of your Juniper ones?
But what NetMRI gives you is the ability to look into your network from a variety of angles, and always click through the data to get at the detail. An any-to-any linking approach means that you can start anywhere and finish anywhere, and easily get at what you want on the way past. And even if the GUI’s not the best, it’s still pretty intuitive. And even if the config file comparator doesn’t do cross-vendor comparison, it’s a start to be able to check intra-vendor stuff. Add to this the niceties such as the policy analyser, and you have a pretty nice network management tool.
As the vendor’s brochure admits, you’re unlikely to use NetMRI as your only network management system – it’s likely to sit beside some vendor-specific tools.