The thinking behind Deltalert is that you can simply have too much information to hand. As Techworld points out in its article on configuration management
, it's very useful to have tools like CiscoWorks, OpenView, or Tivoli to hand. The trouble with these, however, is that these applications generate disk arrays’ worth of information - and that can be very hard to manage.
Deltalert is only interested in changes on the network – you know, the “not me guv, I didn’t alter the config” moments – and ensuring that minor problems don’t escalate into major ones, so the data remains manageable in every sense.
Deltalert actually consists of three separate modules – the server, the SNMP module and the Telnet Tracker. The server focuses on the network as a whole, whereas the SNMP module raises change messages when an interface changes on an SNMP Interface. Also the interface throughputs can be monitored and any deviations from a preset profile will raise messages. The Telnet Tracker connects to a switch/router via a Telnet connection, checks for changes in configurations and lets you compare old with new, side by side. These can all be downloaded directly from the Deltalert website
The server module we’ve primarily tested here is only a 1.1MB download and the whole suite takes up fewer than 5MB, so it’s not a case of waiting hours for the software to arrive. The installer prompts you for an installation location and allows you to check for disk space on all available drives before committing; a nice touch.
After completing the install routine, the Deltalert Server requests a code via the Internet, transferring you to the Deltalert website to complete a simple information form. The install key is sent to your e-mail address within a few seconds of completing this form, you can then cut and paste the install key before Deltalert finishes loading. It’s a neat way of protecting software licences and better than the infamous hardware dongles of old.
With the key in place, Deltalert Server completes loading to present you with a main screen. Along the top are buttons for “help” (a single html document, well illustrated), “about” and “exit”. Below these are buttons for “discovery”, “message log”, “data db” and “settings”. Under “settings” you can enable syslog messages to be sent to a specified server and set the ping response policy. You can also change the default response time and set how many times Deltalert should receive a failed response within that threshold before raising an alert.
With settings decided, the first thing you do is run a discovery. At the top right corner are the discovery options, allowing you to enter the IP address range to discover. You can also set which TCP ports to search for on the devices to be discovered. By default Deltalert checks for ports 21,23, 80 and 443, but you can add any others manually. It also searches for SNMP support using default community strings, public and default, but again these can be added to.
The discovery process consists of four sweeps – first for IP addresses, then for DNS information, then for TCP port information and finally for SNMP data. Once all data for a discovered node has been accumulated, it is then automatically stored in the database. Thereafter, any change discovered by Deltalert is reported. As network nodes are discovered, on the left hand side of the screen – MS Explorer-like – a list is developed, which can be viewed by IP address, DSN info or name. By default these fall into a single group but can be moved into new groups you create by dragging and dropping. A right click on any node pops up a window showing node details, ping details and ping response.
Colour coding is used extensively to define the state of any element within Deltalert itself – such as a discovery in progress – or of the network nodes discovered, a failed ping response, for example. This makes it very easy to quickly spot any problem areas.
As data is accumulated, so you can then filter it accordingly. Under “data db” – the central database where all Deltalert information is stored - you can search for any database entries by general or specific filters, such as a particular IP address, or in relation to a specific time and date – the Epicentre – and within a particular timescale, such as plus or minus 30 minutes, of that Epicentre. This is a very logical and human way of resolving problems, based on when that problem occurred, rather than starting with the technical breakdown and working backwards, as is more common. The “message log” contains all the alerts that have been generated during a Deltalert session and, again, can be filtered, such as by “discovery” or “ICMP Pinger” sourced alerts.
Future plans for the Deltalert server include generating emails from alerts, a graphical LAN/WAN map, creating online web services and applications for browser rendition of data, which will be platform independent and globally accessible, and additional agents for reporting changes in PC configurations/status, such as disk space and warnings of possible Trojans/worms.
At a starting price of just £99, anyone looking for a quick and simple means of tracking changes on his network – even if they do have something like OpenView already in place – should consider Deltalert. A demo version is downloadable, so it really is something of a no-lose situation. The well-defined limits of the product are actually its selling points. It does what it says on the tin, well website actually…
You may see it as “yet another” management product to add to an already over-full toolbox, but it may well replace far more complex applications and do the job you are really looking for your management software to do.