How to cut costs is an eternal challenge for IT executives, and ensuring that everything in the enterprise meets service-level agreements can be extremely challenging for resource-constrained IT departments. Open source software offers the dawn of cost savings for businesses and offers an attractive alternative to more expensive commercial products, but can open source products deliver enterprise-level results?
To answer this question, we tested five open source products: OpenNMS, Pandora FMS, NetXMS, SugarNMS, and Zabbix. All four products have solid user bases and have been updated recently. Our testing focuses on installation, management tools, interfaces, and monitoring capabilities of each product, with or without agents, auto-discovery, and more.
We tested these five products on Windows , and of course it's not that these five products can't run on Linux. It's worth noting that every time we reviewed network monitoring tools, we found that they have seen major improvements across the board, and vendors have begun to mine customers' monitoring needs and make them a management focus.
Although these five products are all very good, in terms of overall performance, SugarNMS may be better. SugarNMS is easy to install, the user interface is clean and modern, the information is easy to read, and it supports the use of smaller devices such as tablets. In general, SugarNMS is more intuitive and easier to configure than its competitors, which is sure to appeal especially to busy sysadmins. NetXMS can be ranked second, it has many similarities with PSugarNMS, beautiful user interface, easy to configure rules and practical user manual, but its navigation and saving functions need to be strengthened.
So, are these products all enterprise-grade products? Overall, we found all five products suitable for use in small and medium businesses, with SugarNMS being usable in large netgroups, but we did not test them for high volume or geographic distribution.
All five products have commercial paid versions, but there are differences, for example, NetXMS and Zabbix are only available in an open source version with an optional paid support plan. OpenNMS is distributed in two different versions, both based on the same open source code, providing a commercial version of LTS. PandoraFMS offers several commercial editions that contain many additional features and support for higher volume environments. SugarNMS provides a platform-level version that supports custom extensions and development integration. If it is to be used in a large enterprise or a highly complex environment, it is best to consult the vendor and conduct a commercial evaluation.
| product |
OpenNMS |
Pandora FMS |
NetXMS |
SugarNMS |
Zabbix |
| advantage |
Cross-platform, monitoring plugin, extensible |
Intuitive interface with good notifications |
Easy to install, lightweight proxy |
Good operability, scalable integrated development, intuitive topology, good discovery and fault functions |
The interface is simple and the regulations can be set |
| shortcoming |
The interface needs to be improved, the graphics rendering is slow |
Reporting and navigation needs to be improved |
Navigation is not intuitive |
More functions, more navigation columns, not concise enough |
Cumbersome configuration steps |
The first: NetXMS
NetXMS is a network monitoring and management tool that runs on Windows and Linux. We installed version 2.06 in the Windows server environment, and the installation process is relatively simple, just follow the wizard. Once installed, the NetXMS server runs as a service and provides a desktop management console, which the vendor calls Workbench.
Workbench is laid out like a Windows Explorer class, with a navigation tree on the left and details in the right panel, and its top menu has over 50 choices that can be organized into different tabbed views or dashboards.
Network monitoring with NetXMS requires SNMP or a NetXMS proprietary agent. First, we ran the auto-discovery function in the test network without the agent, although it took a long time to acquire nodes, and some nodes were not acquired, but we could add them manually from the Workbench.
When our network nodes are all added to the Workbench, we can start adding some data collection points. The first is a simple network interface monitor to see how much traffic is going through; we can then set up CPU alerts on one server to notify us when usage crosses a certain threshold.
After creating and testing a few basic rules, we decided to deploy the NetXMS agent to a few nodes on our network. Agents are available for most platforms, such as Linux and Windows common x86 64-bit systems. There are many benefits to using a NetXMS proxy, such as encryption of traffic between the proxy and server, centralized configuration, and the ability to execute commands on the management system. The addition of SNMP and NetXMS agents gave us a deeper understanding of each node, with the ability to quickly add multiple predefined data collection parameters.
NetXMS offers multiple modes of action when an alarm threshold is reached. For example, by email or text message to one or more people. You can also automate the execution of commands or scripts on nodes or management servers, providing an unattended failover option. In addition to real-time on-screen reporting that includes various types of graphs and geographic maps, NetXMS integrates with the Jasper reporting engine, has over 300 pages of administrator's guide and a user's guide.
Most users like NetXMS because of its ease of installation, configuration is mostly straight forward, but in some menus the configuration is easy to lose, in a few cases we had problems where changes would not be saved. The user interface is intuitive, and the server and proxy footprint is relatively small, with the proxy we measured using around 2MB of memory on average.
The second: OpenNMS
We have OpenNMS 18.0.1 installed on Windows Server 2012. OpenNMS runs on Java (version 1.8 or higher), but can also be installed on Linux and OS X systems. While the vendor suggested that Windows installation would be harder than Linux, we actually found the opposite to be true. Windows installation steps: 1. Install the latest Java SDK; 2. Set the JAVA_HOME path; 3. Install PostgreSQL and run the OpenNMS installation script. We then started the service using the batch file provided by the vendor, and once the service started, we connected through the web interface and immediately started finding and monitoring network nodes.
After getting it up and running on Windows, we found the management interface to be cleanly laid out, with the home screen showing a summary of network availability and notifications about outages and other pending issues. A client agent is not required to run basic monitoring tasks on autodiscovered or manually added nodes. After startup, you need to manually add one or more nodes to monitor, or you can use autodiscover to find nodes on the network. We configure auto-discovery to find servers on the local test network and subnets in remote locations.
OpenNMS is event-driven, and events are displayed on easy-to-read dashboard-type pages. The dashboard provides a summary overview of the status of your infrastructure by categories such as web, database, and DNS servers, and you can see if activity is outaged and availability percentages. The dashboard allows you to drill down to the level of detail to view current or recent outages, depending on the type of service and the type of monitoring performed. This practice makes troubleshooting and bottleneck identification easier.
On our local test network, it didn't take too long to automatically discover nodes, but some firewall adjustments were required at the remote data center location to allow traffic in and out of OpenNMS. Several of our servers run auto-discovered services such as DNS and HTTP services that are detected and added to monitoring. Autodiscovery is more detailed, nodes on the network can be easily included or excluded, and it also allows nodes to be added or removed.
Data collection and monitoring covers simple ping commands or more advanced methods such as SNMP traps, JMX, WMI and Syslog events. Many configurations are stored in XML files, and we can modify them directly in the file without entering the user interface to modify them. Remote pollers can be deployed to off-site locations to track infrastructure availability.
The poller can be installed from a URL on the OpenNMS server, and it will have a simple wizard providing some basic information (such as the OpenNMS server IP and user information). The topology map is sluggish but still useful, as our test server is limited in memory so it doesn't have much effect, but it's definitely a useful feature for businesses with distributed infrastructure.
OpenNMS's alarm devices are more comprehensive. In addition to on-screen alarms, SMS or email notifications are also configured, and existing third-party trouble ticket systems or custom solutions are integrated. Powerful support for Jasper reporting, it offers pre-built and custom reporting options, and the ability to export to common formats such as PDF and CSV.
The built-in search function makes it easy to search various parameters such as name, IP, MAC, and my favorite, provides a node-by-node search for specific services such as DNS or POP3, and an asset search function that allows you to search for laptops, Search on related fields such as server or phone. In addition to this, we also found that some pages have quick explanations of the terms and functions of the page itself, for example, the reports page has a short description of each report type.
OpenNMS supports two payment models, one is a service of $19,995 and the other is a service of $49,995.
The third: SugarNMS
We installed the latest version of the SugarNMS installation package. The installation steps are relatively simple. Click Next to install it. The installation package integrates the SQL database and does not need to be installed separately. In the installation directory, we found a relatively comprehensive user manual, and initialized the software according to the user manual.
After the installation is complete, the startup interface of the C/S side and the web side appears on the desktop. We mainly tested the web side of SugarNMS. The main interface is concise and comprehensive, showing the general information in the network, and can intuitively understand the current network status.
In the process of device, resource and link discovery, we mainly choose the automatic discovery method to obtain the network topology. Of course, the directly discovered topology is not beautiful and clear, so we choose the manual adjustment method. We found that SugarNMS has built-in monitoring strategies for faults, performance, etc., which can be used directly or configured individually. The methods of alarm notification are basically comprehensive, and the forms of internal sounds and icons, emails, and text messages in the software can be supported.
SugarNMS mainly uses the topology diagram as the display method, and can basically complete most of the operations on the topology. Devices, links, and the most serious alarm information are directly displayed on the topology map. After double-clicking a device or link, you can view detailed information such as resources. There is a special equipment performance management interface, built-in statistical reports of the year, month and week, which can be generated directly.
We found that the devices of the SugarNMS Zhihe network management platform are well supported, and the devices of the basic SNMP protocol can be monitored, including: network devices, hosts, servers, middleware, databases, virtualization, etc. The monitoring indicators include: CPU, disk , memory, network interface, system process, network port, electrical port, optical interface, etc. At the same time, after communicating with the supplier, I learned that devices of other protocols can be developed, but the user has to pay for the development fee. In general, the type and quantity of monitoring equipment and monitoring fineness of SugarNMS are more prominent. The charging model of SugarNMS is charged according to the number of devices and platform functions, which can be afforded by general enterprises.
The fourth: Pandora FMS
After we installed CentOs 6.0 SP3 and loaded the web-based interface, we were greeted by the Pandorin assistant, but instead of using Pandorin, we chose to send the Pandorin package separately. Overall, the web interface is clean and modern, the information is easy to read, and the welcome screen provides an overview of the network status, which lists all open alerts, the number of deployed agents, and a list of recent tasks performed in the console.
First, we draw our test network using Pandora FMS. After reviewing the user manual, we found that we need to create a monitoring template first. You can choose a monitoring template that is already in the system or create a custom one. After the template is built, you can execute the recon task. As the name suggests, it is suitable for searching network devices that meet a certain criterion, such as all Linux servers running on a certain subnet. Once it finds these devices, it will apply a monitoring template to those devices, which in our case are a small set of Windows servers.
Our first configuration template report contains some basic SNMP information as well as static information such as BIOS and Windows version information. Pandora FMS can collect information by deploying basic TCP probes, SNMP, WMI or agents available for most Linux and Windows operating systems.
The recon tasks can be run automatically, but here we chose to run manually for the medium-scale test network, and the whole process was completed in a minute or two, and the default network view uses green, orange and red to indicate the severity of the problem. Other views include group view and tree view, both of which display operations by node type (server, workstation, router, etc.). Most upper displays support drilling down to view more details about a node.
Once installed, we added two nodes to the console and applied various modules to start collecting data. Once this information is saved, we can see proxy reports alerting us to potential problems, such as HTTP services not running on our server. At this point, the agent also starts collecting performance data such as CPU, memory, and network usage statistics.
Next, we created several alerts that would send us emails when certain thresholds were met. To test, we created an alert if the workstation CPU load exceeded 50%, and when triggered, we received an email with the alert details. In addition to sending emails, the alerting feature can perform actions such as restarting agents and logging events to a database, creating custom alerting scripts using built-in wizards. But remote configuration via proxy is not available in the open source version.
The report options on the Pandora FMS screen can basically support our daily use, support the printing of HTML reports on the screen, and have XML export, and provide some raw data that can be processed by third-party tools. Support for custom reporting capabilities and SLA thresholds. We noticed that the commercial version of Pandora FMS has additional reporting features, including a more powerful report generator and the ability to export to PDF.
Pandora FMS is a mature product with a lot of nice features. From a capacity perspective, the vendor claims to be able to provide monitoring services for customers with more than 10,000 nodes, with good granularity of monitoring and convenient search capabilities. But the fly in the ointment is that the left navigation bar only displays icons, no prompts will appear when the mouse is over, and right-clicking will expand other drop-down lists. Pandora FMS has several commercial versions of the product with support for additional features, starting at around $2750.
Item 5: Zabbix
We installed Zabbix Version 3.2 on an Ubuntu server with a MySQL backend database. The server is available for several Linux versions, Mac OSX, but not Windows. Agents are available for most versions of common operating systems, such as Linux, Windows, and Mac OSX. In addition to providing its own data collection agent, Zabbix employs traditional monitoring methods such as SNMP and TCP/IP as well as availability checks for other protocols such as JMX and IPMI.
Although Zabbix can be used from the command prompt, we chose the browser as the front end. Once logged in, the dashboard will display some common items: overall system status, open alerts, pending tasks and graphs. Users can customize the dashboard, such as dragging and dropping sections on the screen, while adding/removing other sections based on what is being monitored is also supported. The layout of Zabbix is that most of the navigation is at the top and the rest of the screen can be used to monitor details.
To get Zabbix up and running, we decided to add a host manually, this is done in the configuration page, you basically just add the host's IP address or name, add the host's group (this is required), configure the method to use ; Agent, SNMP, JMX or IPMI all have predefined fields for entering information applicable to each. Our host is set to SNMP, then create a project.
A project is essentially a unit to monitor, such as CPU load. Projects are added from a separate configuration page, providing details to enter, depending on the type of project being added. Our first project was just a simple ICMP ping to see if our server responded.
To get more granular data collection, we decided to install several agents. As mentioned earlier, the agent is available for Linux and Windows, and similar to the agents of other products, the Zabbix agent runs like a service. A configuration file is required to start the agent, but our installation package did not include one, so we looked for one online, and third-party installers can provide the required configuration file. Some parameters in the configuration file may need to be modified, such as the Zabbix server IP address and the name of the host to be monitored.
Finally, run network to see which hosts it finds. To see the effect of the discovery, we specified some inspection options such as SNMP, Zabbix proxy, specific services such as FTP, HTTP and SMTP. The results showed that the server was able to find nearly 100 different hosts and services running on our test network.
Zabbix has a built-in reporting function, and the report view is customizable, but currently there is no way to print the report to PDF or export the data for viewing in a third-party viewer. In addition to displaying network problems on the screen, Zabbix can send problem notifications via several predefined methods such as email or text message. Administrators can also create custom scripts or use third-party methods such as Jabber for notification.
Summarize
The applicability of a product depends on the relationship between many variables of the enterprise, such as platform, resources, etc. The most important point in choosing open source products is good management practices, and secondly, it is necessary to do some research on the supplier's background. If the supplier can provide certain technical support, it will be very beneficial to the use of the product.
Proper use of open source products can save businesses thousands of dollars, but open source products often lack vendor support, can be prone to frequent upgrades that can disrupt a service, and community support can be incomplete or slow to respond. So choose a paid model and have access to reliable customer service at any time, and businesses can get better service.