Entuity grants network admins a third Eye

Shortcomings and high price hinder Eye of the Storm 4.5's potency

Far too many enterprise networks today lack an essential tool: comprehensive monitoring. Most have some form of connectivity monitoring, such as simple ping tests to ensure that remote sites and Internet access are functional, but the proactive monitoring commonly stops there.

Entuity’s Eye of the Storm 4.5 offers a turnkey solution to this problem. Eye is a Web- and Java-based monitoring package designed to get deep inside a network’s routers and switches, inspecting device metrics such as memory and CPU utilization, and port data, such as bandwidth usage, errors, and more.

In practice it functions well, but it is occasionally obtuse in navigation, reporting, and file-based configuration; it’s also light on advanced functions, which is puzzling given the product’s $50,000 price tag.

The biggest problem Entuity faces is that there’s a plethora of comparable open source network-monitoring solutions out there, from MRTG (Multi Router Traffic Grapher) and Cacti, to Big Sister and Nagios. This is largely due to the fact that network monitoring is easy pickings for Perl and PHP, with modules and classes written specifically to gather and parse data from a variety of network devices, and the ubiquitous nature of SNMP.

That said, many open source tools require slightly more elbow grease to install and deploy, which may be a stumbling block for smaller companies or for admins without the skills or desire to invest the time in an open source solution. And of course, there’s no company behind those products -- which can be good or bad, depending on your point of view.

A definite feather in Eye’s cap is its broad device support, ranging from Cisco, HP, and Nortel through much less popular (or even discontinued) devices from companies such as Netopia, Marconi, Timestep, and Xyplex. The full list of supported devices numbers well over a thousand.

Eye has roots in open source. The database back end is MySQL 3.23.58, leveraging the cross-platform nature of that database whether deployed on Windows or Linux. Eye can be installed under Windows or certain Linux versions, including Red Hat Enterprise Linux 3.

I installed Eye on a dedicated RHEL (Red Hat Enterprise Linux) 3 server with 512MB RAM and a single 1.7GHz Pentium 4 CPU, which is near the minimum recommended spec. I hooked up the appliance to a production network with several fully populated Cisco 6509 Layer 3 switches and a large array of Cisco routers connecting several remote sites and handling several connections to the Internet.

Installing the tool on Linux is fairly straightforward. Eye isn’t useful immediately, however: It takes a few days for the polling processes to gather enough data on the network. After installing Eye on the RHEL 3 system, I left it alone for several weeks, collecting data from the routers and switches I’d added to the system.

This is one of Eye’s weaknesses. To begin monitoring the network, all of the switches and routers need to be manually populated in the Web UI, or uploaded as a CSV file. Given that Eye can’t support every managed switch or router available, the list of these devices and their manufacturers, although extensive, is finite. This means that Eye should have the capability of discovering other switches and routers on the network via protocols such as CDP (Cisco Discovery Protocol). Many open source packages have this capability, so the lack of this feature is rather glaring.

Also, the Linux installation is oddly structured. The company has done very little to integrate the application, which resides in an Entuity directory, with the OS. For instance, Entuity provides no startup scripts.

Another knock against Eye is that licensing is tied to the IP address of the server, a method that’s sure to cause headaches down the road. Additionally, when a license key expires, the server will start but then quit after a few minutes with little in the way of notification.

The Web UI for Eye is surprisingly lean. Adding and modifying devices offers astonishingly little more than an IP/hostname field and an SNMP community field. The rest of the UI follows suit, and it seems rather neglected and obtuse. I also had a hard time using the Web UI with anything but Internet Explorer -- even Entuity’s support Web site doesn’t function in Firefox.

The meat of the solution isn’t in the Web UI, however. The Eye of the Storm EWC (Early Warning Center) is a Java application that drills into the data gathered by Eye and presents admins with a hierarchical display of all the discovered switches and routers, and all the ports available on those devices. The EWC UI is relatively well laid out, and it’s possible to quickly find what you’re looking for manually in addition to employing the search feature. For instance, if you have labeled ports within a 6509 switch, you can search on port names, or portions of port names to generate a short list of ports across all switches that match.

From here, admins can view all the relevant data pertaining to a single device, from uptime to CPU utilization, software revisions, module population, VLANs, and more. Also, admins can drill into a specific VLAN or port and generate utilization graphs for those entities. History and trending information is available, reporting how long a port has been connected, for instance. The ticker feature is quite handy, presenting a list of monitored variables such as utilization percentage and error rates, and generating counters and graphs on the fly for those variables.

Eye can also act as a network device event notifier. When it detects switch problems at the chassis, software, or port level, it can send notifications to admins or fire off audible alerts from the workstation.

Overall, I liked Entuity Eye of the Storm 4.5. Despite some design shortcomings with configuration, reporting, and file organization, it has some neat tricks for delivering admins the insight they need to keep their networks running. However, I would have a hard time justifying the $50,000 price tag for most networks.

InfoWorld Scorecard
Management (15.0%)
Interoperability (20.0%)
Value (10.0%)
Configuration (10.0%)
Performance (25.0%)
Reporting (20.0%)
Overall Score (100%)
Entuity Eye of the Storm 4.5 7.0 9.0 7.0 7.0 8.0 7.0 7.7