See correction at end of review
Managing 50 network devices can be a challenge; managing 5,000 is nigh impossible, and many networks today exceed even that figure. If all the devices are from a single vendor, the job becomes somewhat simpler, but how many network managers have that luxury? In most large network environments, heterogeneous hardware is the rule, and simple tasks such as changing SNMP strings, implementing and verifying best-practice guidelines, and managing configuration changes across the enterprise become enormous headaches.
Many network administrators rely on custom tools -- perhaps a collection of Perl scripts -- to manage devices en masse. Although this may be appropriate for some enterprises, others are clamoring for a better mousetrap. Three companies are looking to provide that very thing.
Rendition Networks' TrueControl 3.0, AlterPoint's DeviceAuthority Suite 2.0, and Tripwire’s TND (Tripwire for Network Devices) 3.0 all aim to be the network device management tool of choice. All three offer centralized management of heterogeneous network devices, supporting network devices from multiple vendors.
This is no easy feat. The management tools for different vendors vary wildly. From Cisco-style command-line interfaces to Web-based configuration tools, every vendor has its own view of how a device should be managed. Making a tool that brings all these disparate configuration paradigms together is a challenge.
Tripwire for Network Devices
TND follows similar rules to Tripwire’s system-configuration control offerings. The overriding concept is configuration baselining. When a device is added to the inventory, its current configuration is downloaded and marked as a baseline configuration. Administrators add devices manually or by building and importing a CSV (Comma Separated Value) or XML file.
By polling devices and receiving SNMP traps, TND detects configuration changes and takes the appropriate action. You can configure TND to send notifications of changes to administrators by e-mail, pager, or console, and you can have it restore the baseline configuration to the device when a change is noted, all but preventing unauthorized changes to a device. TND's device compatibility is limited compared to the other offerings, but it accurately inventoried all the devices in the lab with the exception of a Dell PowerConnect 3300 switch.
After you have determined a baseline configuration, TND lays out subsequent deviations from that baseline for further inspection by administrators. TND focuses on making it easy to restore a device to its baseline status rather than having to step back through configuration changes, although this is also possible. Furthermore, TND doesn’t offer many features found in DeviceAuthority and TrueControl, such as the ability to script configuration changes and to generate detailed reports. You must resort to database queries to display data on changes to network devices.
| Test Center Scorecard | ||||||||
|---|---|---|---|---|---|---|---|---|
 |  |  |  |  |  |  |  | |
| 20% | 20% | 20% | 10% | 10% | 10% | 10% | ||
| DeviceAuthority Suite 2.0 | 7 | 9 | 8 | 9 | 8 | 8 | 8 |
8.1
Very Good
|
| 20% | 20% | 20% | 10% | 10% | 10% | 10% | ||
| Tripwire for Network Devices 3.0 | 6 | 6 | 7 | 7 | 6 | 7 | 7 |
6.5
Fair
|
| 20% | 20% | 20% | 10% | 10% | 10% | 10% | ||
| TrueControl 3.0 | 8 | 8 | 9 | 8 | 10 | 8 | 8 |
8.4
Very Good
|
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Recommend This
