Cisco is the largest networking company and probably needs no introduction. Most organizations have at least some Cisco equipment on their network and many have nothing else. Through multiple acquisitions, the company now offers a full complement of equipment and services that go well beyond networking. It is not uncommon for larger organizations to have dozens if not hundreds of Cisco devices. Making sure all this equipment is running smoothly requires some sort of monitoring tool. This is what has prompted us to search the Internet for the best Cisco network monitoring tools. Although all our suggestions will monitor Cisco equipment, most will also monitor hardware from other vendors. Some will even monitor other types of devices such as servers.
Before we reveal the results of our search for the top five network monitoring tools, we’ll have a brief discussion about the need and requirements of monitoring Cisco devices. We will then briefly introduce some of the protocols used in monitoring Cisco devices. Finally, we’ll reveal our list of the top five Cisco monitoring tools. For each one, we’ll have a brief review of the product and its best features. But before we begin, let’s clarify something. When we’re talking about Cisco monitoring tools, we do not mean monitoring tools made by Cisco but rather tools made to monitor Cisco equipment.
The Need And Requirements Of Monitoring Cisco Devices
The problem with monitoring Cisco devices is that most of them don’t have a local user interface. Many devices have all sorts of LEDs on their front panel but, when they’re located on a different floor–or in a different country–that doesn’t help much. And even if it was possible to see each and every device, it would be next to impossible to visually monitor them in all but the smallest of networks. You could remotely connect to each device to monitor their status but that would be very tedious and time-consuming. This is where monitoring tools are useful. They will take care of watching your equipment, monitor vital signs, and alert you when something does not look right.
Monitoring tools have other uses too. They are of precious assistance with capacity planning by showing you what circuits and paths are about to be overloaded. They can also be invaluable as a troubleshooting tool, helping administrators quickly pinpoint the location–and sometimes even the root cause–of networking issues.
To a certain extent, monitoring tools can also improve security. Some will, for instance, alert administrators when they see excessive failed login attempts, a probable sign that some intruder is trying to get in.
Protocols Used in Monitoring Cisco Equipment
Many different networking protocols and systems can be put to use when monitoring Cisco equipment. Not all tools use them all but they all have their use. Some of these protocols are Cisco-proprietary while others are industry-standard protocols.
SNMP: The Simple Network Management Protocol is built into most networking equipment. In the context of monitoring, it lets monitoring tool remotely read operational parameters of the devices that support it. It is typically used to fetch CPU and memory loads as well as interface bandwidth utilization.
ICMP: The Internet Control Message Protocol primary use is to test the reachability of a network device. Ping, a utility well-known to most administrators, uses ICMP. The protocol can also be used to provide other information such as delay.
Syslog: This protocol is used to send logs data–which is detailed data about events happening on a device–to a Syslog server. Some monitoring tools include a syslog server and will trigger alerts when specific events are received.
NetFlow: This protocol can be used to collect information about traffic flows in a network. NetFlow-enabled devices will send detailed flow information to a NetFlow collector and analyzer. Some monitoring tools can act as a NetFlow collector and analyzer. Although it was developed by Cisco, NetFlow is supported by several other vendors where it sometimes goes by another name such as IPFIX or J-Flow.
IP SLA: IP Service Level Agreement is a proprietary feature of Cisco IOS software that can simulate different types of network data between devices to measure performance such as jitter, delay, connectivity, or packet loss.
CDP: The Cisco Discovery Protocol can be used to gain information about directly connected devices. Some monitoring tools use it to automatically build a map of the network showing the different devices’ interconnections.
Our Top 5 Cisco Monitoring Tools
Now that we know why we need network monitoring and how it can help any administrator manage the ever-growing networks of typical organizations, we’re ready to have a look at the top five Cisco Monitoring tools. All of our suggestions will do an excellent job of monitoring your Cisco devices but most will also let you monitor equipment from other manufacturers.
SolarWinds is one of the best publishers of network administration tools and its flagship product called the Network Performance Monitor or NPM takes the well-deserved first place on our list. This tool uses SNMP to read operational parameters from Cisco and other devices. It has a web-based GUI that makes using and configuring it a pleasant experience.
Adding a device to NPM is a simple matter of specifying its IP address or hostname as well as its SNMP community string and let the software do the hard work. A list of all the available parameters will be displayed where you can pick those you want to include in your monitoring. And don’t worry about adding devices. This tool is easily scalable from a very small network to a huge one with thousands of devices on multiple sites.
The alerting system in the Network Performance Monitor is among the very best. It is ready to use out of the box with minimal configuration. And if you have specific alerting and notification needs, you can also configure every detail manually. The alerting engine is pretty smart and it will not send notifications for non-service-impacting events in the middle of the night or send hundreds of notifications for as many unresponsive servers when the actual issue is a down router or network switch handled by a different person or group.
Network Insight For ASA
Recent releases of NPM include a sub-product called Network Insight for ASA. The Cisco Adaptive Security Appliance, or ASA, is Cisco’s firewall. The Network Insight for ASA module will give you more detailed and broader view of your Cisco ASA devices directly on the NPM dashboard It will give you a total visibility of your ASA devices while monitoring their health and performance. The module will check the interfaces, contexts, ACLs, and more.
Pricing for the SolarWinds Network Performace Monitor starts at just under $3 000 and varies according to the number of monitored devices. With a complex pricing structure, you should contact the SolarWinds sales team for a detailed quote. If you prefer to see or try the product before committing to purchasing it, both a demo site and a free 30-day trial version are available.
2. Paessler Router Traffic Grapher (PRTG)
Usually, the Paessler Router Traffic Grapher is simply called PRTG. This is another excellent and full-featured monitoring system. Like most products on our list, it is not limited to just monitoring Cisco equipment. Paessler claims that PRTG can monitor all systems, devices, traffic, and applications. PRTG has all its options built-in and doesn’t rely on add-ons or plugins. This makes the product faster and easier to install than many competing ones.
PRTG includes a few different user interfaces to interact with it. You first have a Windows enterprise console. There’s also an Ajax-based web interface. And if you’re into mobile devices, there are apps for Android and iOS. The apps are well done and use all the capabilities of mobile devices. For instance, PRTG will let you print QR code labels to affix to your equipment. When scanned using the mobile apps, the device’s details are immediately displayed.
One of PRTG’s best feature is the network auto-discovery that will scan network segments, recognize a wide range of devices and systems, and create sensors from predefined device templates. PRTG also has a pretty good map feature allowing you to create custom maps with your monitoring data. And when it comes to alerting, PRTG is highly flexible and customizable. When using a mobile app on your smart device, you can get notifications pushed directly to it. And of course, PRTG can also send notifications via email or SMS according to your needs. An API is available if you’d rather write your own notification scripts.
PRTG’s pricing structure is as easy as its installation. A free, full-featured version will limit your monitoring ability to 100 sensors. Also available is a 30-day trial version which reverts back to the free version once the trial period is over. And if you want to keep monitoring more than 100 sensors beyond 30 days, you’ll need to purchase a license. Pricing varies according to the number of sensors from $1 600 for 500 sensors to $14 500 for unlimited sensors. And about sensors, they correspond to individual monitored parameters rather than devices. For example, monitoring the bandwidth on each port of a 48-port switch will require 48 sensors.
3. ManageEngine OpManager
ManageEngine is another company that specializes in network management tools. The OpManager is a platform that you can use to monitor network equipment from Cisco and other vendors as well as all sorts of network-attached devices. It can run on Windows or Linux operating systems and comes loaded with features. One of those features is its auto-discovery engine that can not only find devices but also map your network, for a customized dashboard.
Talking about the OpManager dashboard, it’s one of the easiest to use and navigate. It has drill-down functionality so you can click on a dashboard item to see more details about it. And in addition to the traditional, web-based dashboard, you’ll also find mobile apps that will let you access the system from anywhere using a smartphone or tablet. Overall, this product from ManageEngine has a very professional look and feel.
As for the alerting capabilities of OpManager, they certainly match what we’ve come to expect from a product of this quality. Built right into the product is a full array of threshold-based alerts that will help you proactively detect, identify and fix networking issues. Thresholds and notification methods can be entirely customized to your specific needs.
Although there doesn’t appear to be a free trial version available to try the product before buying, there is a free version which is not time-limited. That doesn’t mean it has no limitations, though. This free offering won’t let you monitor more than ten devices which is insufficient for all but the smallest of networks. You can also pick the Essential or the Enterprise plans. The Essential plan can monitor up to 1,000 nodes while the Enterprise plan can go up to 10,000. You’ll need to contact ManageEngine’s sales for pricing information.
4. ipswitch WhatsUp Gold
WhatsUp Gold from ipswitch has been known for years as an up-or-down type of monitoring tool. This is how it made its name. But the tool has now evolved into a full-featured platform for the proactive monitoring of network devices and traffic, applications, virtual environments, and device configurations. WhatsUp Gold has everything you can expect from an enterprise-grade monitoring tool, and it’s all managed and displayed on its user-friendly graphical user interface.
Like most products in this category, WhatsUp Gold has auto-discovery that will find your devices and add them to the monitoring console. It will not only find Cisco networking equipment but also physical servers, virtual servers, cloud servers, and applications. A clickable map view will allow you to pull more details about each device.
When it comes to alerting, WhatsUp Gold is right up there with its competitors. Its alerting system will often let you know about problems before users call. Using the system’s Alert Center, you have the possibility of using out-of-the-box alert thresholds. These will be perfect in most situations. Optionally, you can also adjust thresholds to your specific needs, providing customized alerting. The system also has action policies. They define actions to perform when a state change–such as an interface or a device going down–occurs. The actions go well-beyond simple notification and could include restarting services or triggering web alarms. And talking about notifications, they can be transmitted by email, SMS, Slack, or IFTTT posts.
There is a free edition of WhatsUp Gold available–there always was–but nowadays, it is limited to monitoring a maximum of five devices. If you need more than that, you’ll need to purchase a license. They are available in three levels of increasing functionality with a pricing structure based on the number of devices to be monitored. There’s also a free, full-featured and device-unlimited trial version that you can use for a limited time.
5. Cisco Network Assistant
Our last entry is a nice free tool from Cisco. Given its origin, needless to say that this one will only handle Cisco devices. But as far as Cisco devices go, it will handle routers, switches, access points, IP phones and the Cisco ASA. The Cisco Network Assistant, as its mane suggests, will do more than just monitor devices. It assists in the management of networking devices with an intuitive GUI and a task-based menu. With its limit of 80 devices, it is better suited for the small and medium businesses.
Feature-wise, the product leaves nothing to be desired. It has network discovery using CDP and display as a topology map. It can also be used to manage the configuration of many Cisco products intended for small and medium businesses. From the tools interface, you can quickly connect to devices using Telnet or the device manager. Another nice feature is the possibility to view a virtual representation of your devices, clusters, and stacks front panels.
Of course, this tool wouldn’t be on our list if it didn’t have device health monitoring and event notifications of network errors and alert thresholds. Its monitoring features can assist in the troubleshooting of common network issues. Some other features worth mentioning include drag-and-drop software upgrades of managed devices, network device inventory management, and direct access to lifecycle information using the Cisco Active Advisor.
The Cisco Active Advisor is another free, cloud-based tool from Cisco that finds security alerts that apply to your devices. It also analyzes contract coverage and end-of-life status and can compare your network against Cisco validated designs.
Both tools are available from the Cisco website. All they require is that you have a Cisco account. But if you manage Cisco equipment, chance are you already have one.
If you’re tasked with managing a number of Cisco devices, any one of the tools we just reviewed will be a welcome addition to your arsenal. The one that is best for you largely depends on your specific needs such as the size of your network, the presence of non-cisco devices or the alerting and notifications you require. With each tool available in a free or trial version, nothing stops you from trying a few before making a final selection.