Raritan CommandCenter NOC 100 review
A company best known for its extensive KVM solutions, Raritan now takes a leap into network management and monitoring. Its CommandCenter NOC family comprises three appliances; the NOC 100 reviewed here is aimed at SMBs and designed to manage and monitor up to 100 clients, ten servers and ten network devices such as switches.
We’ve seen more than a few of these types of device pass through our labs, so what makes the NOC stand out? Instead of just monitoring the network and nudging you when something is amiss, the NOC 100 provides network traffic monitoring and analysis, inventory, asset tracking, intrusion detection and security vulnerability scans. It comprises a reasonably specified all-Supermicro 1U mini-rack server complete with a pair of Gigabit interfaces. One is used for dedicated remote management, the other for network monitoring and scanning.
Installation starts with a serial connection, where you provide the appliance with a fixed IP address, and then it’s over to the tidy web browser interface. Using a wizard, you specify the IP address ranges you want the appliance to monitor, then run discovery and add IP addresses and ranges to be excluded. We left the NOC 100 running on our test network, and after a few minutes it located our managed switches and printers, along with all Windows servers and workstations. The licensing system used by the NOC 100 means each system must be assigned a role. Switches are classed as infrastructure devices, which can be managed via SNMP, while those designated as servers would be Windows systems that can be managed using SNMP and WMI.
As the appliance runs Linux, you need to have a Windows system running a WMI proxy server. Raritan provides an installation utility on the appliance, and we successfully installed this on an XP workstation. Once WMI was available, we found the level of inventory detail about each system to be reasonably good, with all key components and main software products identified. However, asset tracking is highly unsophisticated, as it doesn’t tie in with the WMI inventory at all. In order to populate the database, you have to manually enter details or import them from CSV files.
Traffic monitoring is very informative, though, with application, IP and Ethernet protocol usage graphs, along with lists of the chattiest nodes, the most popular websites and the most resolved DNS names. For vulnerability tests, the appliance can run four levels of scan on selected systems or network address ranges. Be careful which ones you choose, as the Level 3 and 4 scans are intrusive and can bring systems down. Furthermore, we ran a full scan on eight systems, which took more than three hours to complete. We can’t see the point in a DoS test, as the network environments the NOC 100 is monitoring will likely be behind a decent firewall.
The NOC 100 delivers a mixed bag of network facilities. The web interface is cluttered and the asset management isn’t of any real value. However, reporting is good and the network traffic monitoring, alerting and vulnerability scans could prove useful.