Ntop provides easily digestible graphs and tables showing current and past network traffic, including protocol, source, destination, and history of specific transactions, as well as the hosts on either end. You'll also find an impressive array of network utilization graphs, live maps, and trends, along with a plug-in framework for an array of add-ons such as NetFlow and sFlow monitors. There's even the Nbox, a hardware monitor that embeds Ntop.
Ntop even incorporates a lightweight Lua API framework that can be used to support extensions via scripting languages. Ntop can also store host data in RRD files for persistent data collection.
One of the handiest uses of Ntopng is on-the-spot traffic checkups. When one of my Cacti-driven PHP Weathermaps suddenly shows a collection of network links running in the red, I know that those links exceed 85 percent utilization, but I don't know why. By switching to an Ntopng process watching that network segment, I can pull a minute-by-minute report of the top talkers and immediately know which hosts are responsible and what traffic they're pushing.
That kind of visibility is invaluable, and it's very easy to come by. Essentially, you can run Ntopng on any interface that's been configured at the switch level to monitor another port or VLAN. That's it.
Zabbix is a full-scale network- and system-monitoring tool that combines several functions into a single Web-based console. It can be configured to monitor and collect data from a wide variety of servers and network gear, offering service and performance monitoring of each object.
Zabbix works with agents running on monitored systems, though it can also run agentless using SNMP or other monitoring methods such as remote checks on open services like SMTP and HTTP. It explicitly supports VMware and other virtualization hypervisors, producing in-depth data on hypervisor performance and activity. Special attention is also paid to monitoring Java application servers, Web services, and databases.
Hosts can be added manually or through an autodiscovery process. An extensive set of default templates apply to the most common use cases such as Linux, FreeBSD, and Windows servers; well-known services such as SMTP and HTTP, and ICMP and IPMI devices for in-depth hardware monitoring. In addition, custom checks written in Perl, Python, or nearly any language can be integrated into Zabbix.
Zabbix also offers customizable dashboards and Web UI displays to focus attention on your most critical components. Notifications and escalations can draw on customizable actions that can be applied to hosts or groups of hosts. Actions can even be configured to trigger remote commands, so a script can be run on a monitored host if certain event criteria are observed.
Sign up for Computerworld eNewsletters.