Automated network/system monitoring can be problematic for small-to-medium businesses (SMBs) for any combination of the following reasons:
- The need to balance features vs. license costs
- The need to monitor several platforms (Windows, OS X, Linux, Cisco IOS, etc.)
- The need to run the monitoring server inside a virtual machine (VM)
- The need to avoid agent installation
As you might suspect, AdRem Software’s NetCrunch fulfills all of the previously listed requirements and more. AdRem (pronounced ADD-rim) Software released NetCrunch 9 network monitoring solution on November 3, 2015.
Over the next 1,000 words or so, I’ll briefly describe how this product works and how it might benefit you.
The elevator pitch ^
NetCrunch says that a single NetCrunch server can monitor thousands of nodes. By “nodes,” we mean disparate devices such as:
- Windows servers and clients (via native protocols)
- OS X servers and clients (via SSH)
- Linux servers and clients (via SSH)
- VMware ESX/I (via SOAP Web services)
- SNMP-compatible network devices (up to and including SNMP v3)
Data storage is handled via its own SQL/NoSQL databases. NetCrunch surfaces its data in many ways, the most impressive being gorgeous dashboards such as those you see in the following screenshot that summarizes network traffic patterns:
NetCrunch’s monitoring dashboards are perfect for network operations center (NOC) control rooms.
It’s worth mentioning that NetCrunch’s data views represent live, real-time information. In other words, you never see “snapshot” data that may be seconds or minutes old.
Speaking of NetCrunch reports, version 9 includes a fork of the Grafana open-source project. The business benefits are that GrafCrunch can pull in data from multiple data sources and create richer live performance dashboards than you can get with the native reporting interfaces. Look at this stunning example from AdRem’s image repository:
GrafCrunch, included in NetCrunch v9, greatly enhances your ability to visualize your monitoring data.
You monitor your NetCrunch server either locally or remotely; remote access options include the “thick” admin console client or HTTP(S) Web access. The Web access has separate style sheets for desktop or mobile views.
The remote access piece is especially important for SMB clients who rely upon managed service providers (MSPs). All you have to do is give the MSP a copy of the remote management console and they can monitor your environment with the same interface you use on premises.
Installation and initial configuration ^
Make sure you download the free 30-day evaluation so you can take time to “kick the tires” and see with your own eyes how NetCrunch 9 works.
At base, NetCrunch says you need a 64-bit Windows Server box (Windows Server 2008 through Windows Server 2012 R2) with 4 GB RAM and 4 CPU cores to monitor up to 1,000 nodes. Read AdRem’s System Requirements page for additional details if you need to scale up your monitoring requirements further.
Installing the server, which also includes its own Web and database servers, took less than five minutes on one of my Windows Server 2012 R2 virtual machines. Oh yeah—you can install any NetCrunch component on physical or virtual hardware.
At first launch, the administration console asks if you want to run a network scan to detect nodes or use a simulated dataset. I’d suggest you start with the latter so you can get comfortable with more features right away.
NetCrunch includes a sample dataset to ease your learning curve.
The simulated environment is awesome because you can click through the admin console to your heart’s content without the hazard of messing up production settings. As you can see in the following screenshot, you can always leave the simulation to return to your own network environment.
The sample data set is an easy way to learn NetCrunch. Click the link to exit the simulation.
You add new nodes to the NetCrunch “atlas” by running the network discovery wizard or by importing a comma-delimited-value (CSV) file containing the relevant hostnames and/or IP addresses.
NetCrunch searches Active Directory using Windows Management Instrumentation (WMI) and various other protocols (mainly Simple Network Management Protocol, or SNMP) to detect non-Windows nodes.
By default, the NetCrunch scanner looks for the following services:
However, you can search for a number of additional services, including RADIUS, Oracle, and Lotus Domino.
Depending on the services that NetCrunch detects, the product then prompts you to associate monitoring packs with each service. The monitoring packs allow NetCrunch to gather ongoing data related to each service, alert you if a service misbehaves, and even proactively take action on your behalf (such as restarting a stopped service automatically).
Of course, you’ll need to supply administrative credentials to support NetCrunch monitoring and alerting.
The NetCrunch monitoring workflow ^
NetCrunch monitors the following three data types:
- Events: Windows Event Log, syslog, SNMP traps
- Performance Counters: Numerical data
- Status: Service status, system uptime, etc.
As you can see in the following screenshot, there’s a lot to look at in the NetCrunch administration console. I’ve annotated the picture and will describe each part next.
The NetCrunch administration console provides a huge amount of data for your analytical pleasure.
A: The Network Atlas tab reveals summary dashboards, node details, and software inventories.
B: The Event Log tab shows all event log entries from managed nodes and allows you to reassign or resolve them.
C: The External Events tab shows you syslog and SNMP trap data from nodes that are not monitored in the NetCrunch atlas (this feature set requires the NetCrunch Premium XE license).
D: These controls provide a quick way to view high-priority alert and status messages.
E: You can customize the Views pane to see the data elements that are most important to you.
Let me show you how easy it is to check and configure node status. First, I’ll browse to Network Atlas > Nodes in the admin console and double-click my dc1.company.pri server. I see the following interface, which again I’ll annotate and explain.
The NetCrunch Node Details window
A: Quick access to the Event Log screen
B: At-a-glance dashboard
C: Detailed system performance statistics
D: Network protocol performance statistics
E: Network bandwidth statistics
F: Full control over Windows services (status, start, stop, restart, etc.)
G: Which admin console views include this node in their output
H: Node-specific alert messages
To monitor a specific service on the server, navigate back to the node’s Summary page and double-click the appropriate monitoring pack. On my dc1 domain controller, I opened the Active Directory monitoring pack as shown in the next screenshot.
Here we configure the monitored services on a node.
By double-clicking the Active Directory pack in the Node Monitoring window, I can (a) view current alert thresholds; (b) modify their threshold values and auto-remediation actions; and (c) create new alert/remediation rules.
NetCrunch is built to take care of most alerting and remediation without administrator intervention.
Licensing model ^
I admire NetCrunch in their commitment to simplicity and transparency. A good example of both is their product licensing model, which is based on simple node count. They don’t care how many elements, counters, or sensors you’ve deployed in your monitoring infrastructure—you pay for the number of monitored nodes and that’s it.
This means you don’t get hit with hidden costs such as having to pay extra to unlock particular features. Here are AdRem’s NetCrunch license package options:
- NetCrunch 50: Up to 50 nodes: $1,755
- NetCrunch 125: Up to 125 nodes: $2,855
- NetCrunch 300: Up to 300 nodes: $4,395
- NetCrunch 600: Up to 600 nodes: $6,700
- NetCrunch 1000: Up to 1,000 nodes: $8,245
- NetCrunch 2000: Up to 2,000 nodes: $13,190
- NetCrunch Unlimited: No limit on node numbers (licensed per NetCrunch server): $17,590
- NetCrunch Corporate: Unlimited number of NetCrunch servers: on request
Finally, you receive a one-year maintenance agreement with your license; this includes unlimited technical support and upgrade protection.