Review: 4 open-source network management tools improve usability, performance
- 22 January, 2019 22:00
Network management tools have come a long way from the early command-line products with arcane, text-based configuration files that kept everyone except the resident (typically Linux) guru in the dark. Today’s management tools, replete with desktop or web-based GUIs, easy installs and configuration wizards, are far more accessible. With each iteration vendors find ways to make these tools more powerful and easier to use.
For this review, we evaluated newer versions of three established open-source network management products – OpenNMS, Zenoss Core and NetXMS – as well as a relative newcomer, Sensu Core. All four products are free and open source.
Here’s what we found:
OpenNMS provides a range of management options, from simple to complex, and it's available for both Windows and Linux environments. Customizable dashboard options are a plus, but configuration can be tricky.
Zenoss Core stands out for its flexible reporting and wide range of preconfigured plugins, however it's only available for two versions of Linux.
The multi-platform NetXMS runs on Windows, Linux and UNIX versions including BSD and Solaris. It's easy to install but lacks a commercial version.
Sensu Core, too, features a wide range of available plugins along with a flexible architecture that scales well. Its dashboards and reporting capabilities leave room for improvement, however.
Individual reviews of each product follow (scroll past product chart).
OpenNMS network management software
OpenNMS is open-source software available for installation on both Linux and Windows servers. It’s available in two different versions, Meridian and Horizon. Horizon is released on a more rapid schedule and contains the latest available features, while Meridian is a longer-term release (about every 12 months) that does not incorporate the latest features until they have proven stable in prior Horizon releases. Horizon is free to use, Meridian is subscription based and geared towards organizations that require a stable, long term release and professional support.
For this review we tested Horizon version 22.0.3. Although the installation steps vary depending on the operating system, we found it easy to install on both Windows and Linux. The only prerequisites are the Java SDK and, for Windows, also the PostgreSQL database. The system requirements call for a dual-core CPU, with 2 GB of memory and 20 GB free disk space, although this is obviously the bare minimum and would likely be insufficient for enterprise use. For our Linux installation, we opted for the quick install, but OpenNMS also provides step-by-step instructions for a more customized installation.
After installation we launched the Web interface. On first launch, the user is presented with a well-organized start page with multiple "dashlets," which graphically represent information about the network infrastructure. Alternatively, the start page can be customized as a single panel, or you can create multiple panels or boards to organize information into logical or geographical groups. Although initially we found the vendor’s terminology a bit confusing with dashlets, ops boards and panels, eventually it made more sense.
Dashlets are available in different formats such as alarms, topology, charts, maps, and images. There is also a heat map feature that can be configured to display ongoing outages and alarms, sorted by entity and service impact. OpenNMS also provides a surveillance overview that delivers an aggregated matrix of all nodes and their status. You can group nodes into categories such as servers, routers and switches. The surveillance overview is color coded with green for normal, yellow for warnings or minor issues, and red for critical issues.
OpenNMS Horizon provides a myriad of monitoring options, and at first glance, the configuration options might seem a bit overwhelming. Thankfully, there are ways to get started without the need to wander too far into the configuration weeds. We started with a couple of basic monitoring items, which can be provisioned without the need to deploy agents or configure the node being monitored. One of our initial tests was to make sure our test Web server was running correctly, and the other was a simple PING test to see if a file server responded. By shutting down the various services, we were able to confirm that alerts were immediately triggered.
OpenNMS has a discovery feature that is especially helpful when working with larger infrastructures. The discovery feature provides some granularity, so you can easily determine which nodes and services should be included or excluded by IP range. This feature discovered our test environment with less than 50 nodes fairly quickly but did take quite a bit longer to fully discover our production environment spread out over several geographic locations.
While the discovery feature will give you some basic information about the infrastructure, a deeper dive is often necessary to get more details. For these scenarios, OpenNMS can use other protocols like JMX, WMI, Syslog and SNMP traps. In addition, OpenNMS provides agents called "pollers" that can be deployed to nodes and end points. These are installed using a link from the main OpenNMS server, which launches a wizard to configure the end point. Many of the configurations can be performed using the Web interface, with details stored in XML files that can also be created and customized directly.
A big part of any network management system is the ability to receive timely and informative alerts. In addition to the onscreen alerts, OpenNMS allows alerts to be sent via text and email. There is also an option to integrate with custom or third-party issue ticket systems. OpenNMS provides several pre-built reports that can be saved as PDFs or CSV. Custom reports can also be created using JasperSoft Studio.
Free support for OpenNMS is available through online user manuals for installation, administration and development. There are also a few online video tutorials along with a Wiki that provide comprehensive step-by-step instructions for various management cases. The OpenNMS commercial version, Meridian, is available as an annual subscription at $6,000 for the first server instance with discounts for multiple instances. Support packages are available starting at $20,000.
We found OpenNMS to be quite comprehensive with most of the features required for practically any enterprise environment. We particularly liked the flexibility in monitoring options from the very basic to more complex rules. We would have liked to see a less expensive subscription option for smaller commercial installations, but for most network installations we suspect the free Horizon version along with free online tutorials will be more than adequate. The one caveat is the frequency of updates with Horizon, which could potentially disrupt a running production environment.
NetXMS multi-platform network management
NetXMS, like OpenNMS, is multi-platform, open-source network management software. It's available for installation on Windows and Linux along with UNIX versions such as BSD and Solaris. In addition, the NetXMS Management Console can be installed on Linux, Windows, Mac and Android devices.
For this review, we tested version 2.2.10 on both Windows Server and Ubuntu. The minimum system requirements call for a dual-core CPU at 1GHz, 1GB RAM and 1GB disk space, with additional disk space required for data collection. Both installations were easy to perform, but as is often the case, the Windows executable made it particularly easy to install. There are only a few options to pick during the install, such as selecting which database drivers to install and choosing the administration tool options. NetXMS can use most common databases, including Oracle MySQL, MS SQL Server and PostgreSQL. As part of the install you can also configure the network auto-discovery options, a feature we enabled on one of our installs.
The management console installed on our Windows server was a desktop application. We were first presented with what NetXMS calls the "workbench window." This provides different views, which are basically different ways to view the network infrastructure, ranging from a 30,000-foot macro view down to the details of a particular network device or event. By arranging a set of views on the ‘workbench window’, you can create and save custom perspectives. The perspectives can then be loaded from a quick access menu, providing custom displays of the network infrastructure. The NetXMS Object Browser, which displays the entire network as a tree structure, makes it easy to quickly drill down into the network infrastructure. It also displays a status indicator, ranging from ‘normal’ to ‘critical’ status, making it easy to identify problematic nodes or protocols.
At first, the auto-discovery of our network infrastructure did not yield much in the way of results, with just one lonely Windows desktop computer discovered. However, by switching from passive to active discovery, NetXMS was able to easily discover additional network nodes. Together with custom scripts and application specific extensions, NetXMS can use all versions of SNMP along with SSH and ICMP protocols to collect data. For additional firepower, administrators can deploy the NetXMS agents when feasible.
Agents are available for Linux, UNIX, Windows and other platforms, and can be deployed to a variety of devices. Depending on the type of device, the agent can be installed with various sub-agents. For example, with the Windows agent you can add sub-agents that provide UPS or log monitoring. Once installed, the agent will start uploading information to the NetXMS server. The agents can be reconfigured if needed, either directly on the client machine or remotely from the server. For most settings, the agent configuration details are stored in XML format. It should be noted that our tests found the NetXMS agent to have a small footprint, using only a fraction of available memory and CPU resources on our test machines.
As mentioned, NetXMS provides multiple ways to view the network infrastructure status on screen. Problem areas are easily identified using color coding; green for all systems go and red for critical issues. When a problem occurs, NetXMS can take various actions, such as sending notifications via email and text with detailed information about the problem. In addition, processing rules can be configured to take various actions, such as running a script to remedy a problem. There is great granularity in how these rules are configured and how issues can be escalated if not acknowledged and corrected in a timely fashion.
NetXMS has a powerful network mapping feature that can be used to create custom maps of the network infrastructure. This allows administrators to see the status of a section or the entire infrastructure at a glance. By connecting the various nodes, details regarding network bandwidth and other resource utilization can identify potential bottlenecks. For networks with more than one physical location, the nodes can be drawn on a geographical map. You can also create custom dashboards with graphs, speedometer type dials, and other visual aids to represent network performance. For additional reporting, there is an optional reporting module built on the commonly used Jasper Reports library.
NetXMS provides up to date and easy to use online user manuals, available both as HTML and downloadable PDFs. There is also an online forum and Telegram-based messaging group. Unlike other products we tested, NetXMS is only available as free software with no commercial version available. Paid support options give customers access to expedited technical support via phone or email. Paying customers also receive custom hotfixes as needed along with priority bug fixes. NetXMS also offers custom training classes.
While the NetXMS management console is well organized and very responsive, there are some navigation features that are not optimal. For instance, when making changes to some of the settings, there is a tiny "disk" icon to save your changes. This is hard to see, and there's no warning if you forget to save your settings. These items could easily be remedied to make NetXMS an even better product than it is. In conclusion we found that NetXMS provides a complete network management application with a wide range of features that should fit most organizations’ needs.
Sensu Core network monitoring and management
Sensu Core is a fairly recent addition to the network management scene, with its first enterprise release available in 2015. It utilizes a RESTful JSON API to monitor data collection and resolve events. The free and open-source version is currently in version 1.6, which was used for this review. Sensu Core provides various installation options including stand-alone, distributed and high availability. There is also a "5-minute" install that can be used for testing and small environments, but it is only available for CentOS. For our review we focused on the stand-alone installation options for both Linux and Windows.
The system requirements start at 2GB (4GB recommended) for a stand-alone installation. Our main installation was on an Ubuntu server, but Sensu Core can also be installed on other versions of Linux, macOS, and Windows, which we tested. The Enterprise version is currently in version 3.3 while Core is on 1.6.
The online user manuals are good, but in our view, they jump a bit too much between the different versions, both Enterprise and Core, as well between the types of installation. In our view, the Windows installation is far easier than the Linux install. The Linux installation requires too many steps and the instructions are somewhat vague as to which of the many add-ons are needed to run the core installation. Also, we weren’t readily able to discern from the documentation whether the Enterprise and Core releases are similar and on the same schedule.
With the basic installation in place, we needed to complete some configuration tasks, since Sensu does not come with any default configurations. We found this a bit puzzling; including a set of default configurations would cover many common installation scenarios and give users at least a starting point. Sensu Core configurations involve JSON and XML files that are created or edited with a UTF-8 capable text editor or by using a third-party configuration management tool such as Puppet or Ansible.
Sensu Core uses service checks and event processing as the main building blocks of its monitoring solution. The services checks monitor resources usage such as memory, CPU utilization and bandwidth, and confirm whether a service such as a Web or database server is running. To accomplish this, Sensu Core utilizes agents, which could be the Sensu client, or SNMP and other protocols. The services checks utilize the same specifications as Nagios, allowing the use of Nagios plugins. Event processing is performed by the Sensu Server and provides a way to take various actions in response to alerts created by the service checks.
Sensu Core uses handlers to perform actions, ranging from basic text/email alerts and log entries to creating and resolving incidents using ServiceNow or PagerDuty. The communication between the clients, servers and APIs is accomplished using a message bus, the default being RabbitMQ. The Sensu Core server and APIs utilize Redis, an in-memory data structure store, for persistent data storage. In addition to creating your own custom service checks, you can also download pre-built plugins from the Sensu Community. There are hundreds of Sensu plugins available, ranging from basic ones that provides Twitter alerts to more complex plugins for monitoring database health or the status of hosted cloud applications. Additionally, you can use most of the more than 4,000 available Nagios plugins.
Initially, Sensu Core was developed to provide monitoring and data collection APIs that would integrate with existing third-party or custom dashboards. Over time, Sensu realized that a dedicated Sensu dashboard was necessary, and the Uchiwa dashboard was developed for this purpose. Uchiwa is a separate install and unlike some of the other components, is currently only available for Ubuntu/Debian and Red Hat/CentOS. The Uchiwa dashboard is basic, providing essentially an on-screen list of events with the ability to perform some filtering by type and severity. It can also be used to silence alerts and resolve events. There is a Sensu data source for Grafana, a commonly used third-party product for analytics and reporting, which provides additional ways to access and visualize events collected by Sensu. There are also some third-party dashboards available online that can be used to display Sensu event data.
While the Sensu Core includes many of the same features as the Enterprise version, there are some features left off, notably Active Directory and LDAP integration, multi-tenancy, user audit logging and various API options. Support for the Core version is limited to what is available in the online documentation and the community forum.
For those who need these additional features, along with professional support, there are a couple of commercial options. The SMB (small medium business) version clocks in at $899 per month, and the Enterprise version is a hefty $2,499 per month. This includes Web, email and phone (Enterprise only) support plus installation assistance. The Enterprise version also comes with a more feature-rich dashboard built on the Uchiwa dashboard used by Sensu Core.
While Sensu Core provides a robust way to monitor and, to some extent, manage a network infrastructure, it is still lacking in some areas. Our main complaint with Sensu Core is the byzantine approach to installation and configuration. There are simply too many parts and configurations needed to get the ball rolling. While we understand a vendor’s desire to provide installation flexibility, or to steer customers to their commercial products, it seems to us that a basic one- or two-click command install would make the product much easier to evaluate. Making installation difficult serves no purpose except to act as a barrier to entry for new customers. For those who do make it through the install, Sensu Core rewards with a flexible solution that scales well, and its open architecture allows users to integrate it with existing tools they may already be using.
Zenoss Core multi-platform network management
Zenoss Core is open-source network management software currently available for Red Hat and CentOS versions of Linux. It has some limitations compared to its commercial counterparts, most notably a limit of 500 nodes monitored. For those wishing to install Zenoss Core, you first must fill out a form on their website and wait for an email with download instructions. This is a bit different than typical open-source applications, which do not track users. Nevertheless, to complete our test we filled out the form and shortly received an email containing all the information we needed to continue, including links to downloads and online support resources.
Zenoss Core offers several installation options, including a bootable installation, a virtual appliance and files for offline installations. For this review we tested version 6.2.1. At a minimum, Zenoss Core requires 4 real or virtual CPU cores along with 24 GB RAM for a single host installation or 16 GB for a multi-host installation. Storage requirements vary with the size of the installation and the type of data collected. For some reason, Zenoss is pretty memory-intensive compared to the other products we tested, and we ended up needing 32 GB of memory on our Hyper-V server in order to install and launch a single host.
Installation was very straightforward when using one of the virtual appliances. We did need to make some changes to our DNS settings for everything to work properly, but other than that we were good to go. With the virtual machine up and running, we then loaded the Resource Manager. This is typically accessed using a recent version of any Web browser and after the initial login, running a short optional setup wizard. The wizard provides options for setting up users, configuring auto-discovery of the network and/or adding devices manually, before loading the Resource Manager dashboard. The Zenoss Web interface is well designed and easy to use. The default dashboard provides a basic overview of the status of the network infrastructure with any alerts and problem areas highlighted.
The Web interface has several configuration options, including what the vendor calls portlets. These are widgets that display different network information such as event views, device issues and network maps, including custom Google maps that can be arranged into custom dashboards. By using drag and drop as well as resizing, you can create one or more custom dashboards that provide the best layout for monitoring your infrastructure.
Devices can be added by using the auto-discovery feature or manually using a host name or IP address. Auto-discovery worked well on our test network, and we were also able to add several devices residing on other networks using IP addresses. The infrastructure tab displays each device with information about its current status with any warnings displayed using the universal yellow, orange and red color scheme. To see more detail about a device, you can drill down or use the handy type-ahead feature to search by host name or other device information. Commonly used searches can also be saved for easy future use.
Zenoss Core uses a variety of open-source technologies, including Python, Net-SNMP, a MySQL database for storage, Docker and D3.js. Unlike some other network management products, Zenoss does not use agents and instead leverages existing protocols such as SNMP, SSH, WMI, together with network services such as POP, FPT, HTTP and NTP for network monitoring and management purposes.
When an event occurs, custom triggers and notifications can be created using the events menu. This can be as simple as a short SMS message to email messages with custom variables describing the event in detail. The system can also perform tasks such as executing commands in response to an event to resolve the problem. For each event you can also perform various manual actions from the browser; acknowledge, reclassify, add note to log, issue a command, and open or close the event.
Zenoss Core provides several nice reporting features, including ready-to-use reports along with the option to create your own custom reports. In addition to the standard line-by-line status reports, there are also several graphical reports. Reports can be viewed both on screen and exported in Adobe PDF format, a very handy feature when you need to save reports for later use or share with others.
Zenoss uses something it calls ZenPacks, which are preconfigured plugins that can be used for a wide variety of monitoring and management tasks. There are hundreds of ZenPacks available that utilize a standard API and protocols without the need to deploy agents to each device. ZenPacks are generally available as either free and open source, or commercial versions created by Zenoss or third parties.
We found the documentation to be very good, available as both as a PDF or downloadable HTML, which is helpful for those who want to set up their own online support portal.
For larger organizations with many nodes or who require additional support and features, Zenoss has two commercial offerings, Zenoss Cloud and Zenoss On Premises. These are paid options for those who require additional support and/or features. Zenoss does not publish prices for these offerings online.
Zenoss Core provides robust monitoring capabilities, but it does require a bit of fire power, especially in the memory department. Since the Zenoss Core version only supports up to 500 devices, it seems that it would make sense to lower the system requirements a notch or two for the free version. That being said, the 500-device limit should be enough to cover many small to medium size businesses. The user interface is easy to read and customize. That feature, along with solid reporting for export/print and on-screen use, makes Zenoss Core a good choice for those who don't need to monitor thousands of devices.