Network Instruments Observer Suite 14 Review London
Network Instrument's Observer celebrates its 15th year and in this review we find out why this network monitoring and troubleshooting software has lasted where many others have faded away.
Computer Precision Ltd
020 7359 9797
020 7359 9797
185, Upper St
Islington
Islington
Maxima plc
020 7383 3537
020 7383 3537
385, Euston Rd
Camden
Camden
Myriad Audio Visual Sales Ltd
020 7380 0191
020 7380 0191
106, Hampstead Rd,
Camden
Camden
Focus PC Support Services
020 7242 9099
020 7242 9099
25, Stonefield Street,
Islington
Islington
Largest Collection of Online Media Resources
9180 65707944
9180 65707944
2nd Floor, 145-157, St. John Street
London
London
ADSL Systems Ltd
020 7837 2333
020 7837 2333
243, Caledonian Road,
Islington
Islington
Eurocom Healthcare Communications
02077178435
02077178435
Garrick House
London
London
Fuel
020 7554 2200
020 7554 2200
41, Chalton St
Camden
Camden
ITLabs
0845 359 0044
0845 359 0044
Cardinal Tower, 12
Farrington Road, London
Farrington Road, London
Gaiasoft
020 7387 1745
020 7387 1745
137, Euston Rd
Camden
Camden
Provided By:
Network Instruments Observer Suite 14 Review
Introduced 15 years ago, Observer was one of the first software-only network analysis products. At the time it bucked the trend as its sensible price tag made it highly affordable for smaller businesses.
[IMG 79150/]
This still holds true today but the features on offer are now if anything even more impressive as Observer delivers a full network analysis toolbox that rivals many more costly alternatives.
The Standard version offers all the key core components including network discovery, real-time traffic analysis, packet capture, decoding and network trending. The Expert version brings in advanced trending, VoIP analysis, data stream reconstruction and expert analysis tools for applications and servers.
[i][b]The main interface can get busy but Observer is clearly capable of providing a wealth of network information.[/b][/i]
The Observer Suite on review ties everything together and augments them with support for SNMP and RMON, the new auto-baselining feature and extra web reports. The majority of other new features are aimed at larger businesses and include application transaction analysis, full support for ATM and better integration with NetFlow.
Installation is a swift affair and you can start monitoring your network immediately. Observer uses a combination of local and optional remote probes and you can also add SNMP and RMON devices such as switches and access them directly to view utilisation data.
The network discovery routine finds all devices on the monitored subnets and makes this list available to all Observer tools. General network usage can be checked using a choice selection of statistical tools so you can easily view general bandwidth utilisation, protocol distribution, errors and router activity.
[i][b]Packet capturing can be scheduled or started manually and the buffers saved for further analysis.[/b][/i]
Network gluttons can be spotted immediately with the Top Talkers window. This shows all devices and the amount of bandwidth they’re gobbling up and each device is accompanied by a breakdown of their traffic in packets, bytes and overall utilisation.
Observer’s packet capture and decoding tools are first rate and you can start manual capture sessions from the main menu or directly from a selected device in any of the statistics screens. Scheduled capture sessions can be run at regular intervals and the buffers stored locally. [pb/]
If you expect to be capturing vast amounts of network data then consider the Observer GigaStor, which is a separate rack mount storage device dedicated to Observer and accessed remotely from its main interface. The price tag indicates this is aimed firmly at enterprises with the 2TB version costing a hefty £14,450.
However, whichever method used, you’ll find Observer’s decoding capabilities are of Bletchley Park quality. The Expert Analysis shows utilisation during the capture period, a summary of detected error conditions and an analysis of each one along with suggestions for remedial actions.
[i][b]Packet decoding is very intuitive and the Expert Analysis makes light work of understanding the information presented.[/b][/i]
From the same tab you have a range of events such as TCP, NetBIOS and UDP and the Expert will give its prognosis on each one. For each capture session, you can see who the top talkers were, what the protocol distribution was and much more.
From the TCP option you can select a line of data and call up Observer’s slick stream reconstruction feature. For web browsing it’ll show you the sites visited and associated IP address pairs for the source and destination. Any files downloaded can be viewed and email reconstruction extends to revealing the contents of a selected message along with the sender and recipient plus the option to view any attachments.
[i][b]The separate web console provides access to baselining tools and complete reports on server and application performance.[/b][/i]
The VoIP functions are particularly impressive as Observer has tools specifically for handling H.323 and SIP traffic. VoIP is included in the packet decoder. This provides a full summary along with jitter and lost packets plus wise words in the panel below from the Expert if it detected a problem.
We tested using SIP and liked the feature that enabled us to view all VoIP calls made and see the phone numbers of the caller and the recipient, the call start time and the duration. Observer can rate VoIP calls for quality by calculating a MOS (mean opinion score) from the dropped packets and jitter, which is a prediction of how a real user would rate the call. [pb/]
This latest version has a number of additional VoIP features with support for a greater number of signalling protocols including H.248 and SCCP (Cisco Skinny). This means you could, for example, look at specific SIP call invitations and track SIP server performance.
One area where Observer falls down is SNMP device monitoring. The SNMP device discovery routine found all our enabled devices but it was unaware of what each one was so only provided a standard set of monitoring options.
[i][b]Observer’s Application Transaction Analysis allowed us to keep a close eye on one of our servers running web and FTP services.[/b][/i]
You can edit each entry and change the device type but the choice is very limited. Network Instruments suggests its separate Link Analyst for these duties but we would also put forward the [i]IT PRO[/i] Recommended NHSIpswitch WhatsUp Gold 14 as it is very sophisticated in this area.
Observer scores well with its network trending and baselining features. You need to leave this running for a few days to enable it to get a good feel for general network usage but afterwards it can provide plenty of information about server and application performance. This is accessed from Observer’s separate web console and drilling down into selected entries provides metrics comparing the baseline values with current and past performance.
The days when network packet capture and analysis was a dark art only available to those with deep pockets are long gone. Observer offers a wealth of network monitoring and decoding features at a very reasonable price and it’s for these reasons that it continues to grow whilst most other solutions have fallen by the wayside.
[IMG 79150/]
This still holds true today but the features on offer are now if anything even more impressive as Observer delivers a full network analysis toolbox that rivals many more costly alternatives.
The Standard version offers all the key core components including network discovery, real-time traffic analysis, packet capture, decoding and network trending. The Expert version brings in advanced trending, VoIP analysis, data stream reconstruction and expert analysis tools for applications and servers.
[i][b]The main interface can get busy but Observer is clearly capable of providing a wealth of network information.[/b][/i]
The Observer Suite on review ties everything together and augments them with support for SNMP and RMON, the new auto-baselining feature and extra web reports. The majority of other new features are aimed at larger businesses and include application transaction analysis, full support for ATM and better integration with NetFlow.
Installation is a swift affair and you can start monitoring your network immediately. Observer uses a combination of local and optional remote probes and you can also add SNMP and RMON devices such as switches and access them directly to view utilisation data.
The network discovery routine finds all devices on the monitored subnets and makes this list available to all Observer tools. General network usage can be checked using a choice selection of statistical tools so you can easily view general bandwidth utilisation, protocol distribution, errors and router activity.
[i][b]Packet capturing can be scheduled or started manually and the buffers saved for further analysis.[/b][/i]
Network gluttons can be spotted immediately with the Top Talkers window. This shows all devices and the amount of bandwidth they’re gobbling up and each device is accompanied by a breakdown of their traffic in packets, bytes and overall utilisation.
Observer’s packet capture and decoding tools are first rate and you can start manual capture sessions from the main menu or directly from a selected device in any of the statistics screens. Scheduled capture sessions can be run at regular intervals and the buffers stored locally. [pb/]
If you expect to be capturing vast amounts of network data then consider the Observer GigaStor, which is a separate rack mount storage device dedicated to Observer and accessed remotely from its main interface. The price tag indicates this is aimed firmly at enterprises with the 2TB version costing a hefty £14,450.
However, whichever method used, you’ll find Observer’s decoding capabilities are of Bletchley Park quality. The Expert Analysis shows utilisation during the capture period, a summary of detected error conditions and an analysis of each one along with suggestions for remedial actions.
[i][b]Packet decoding is very intuitive and the Expert Analysis makes light work of understanding the information presented.[/b][/i]
From the same tab you have a range of events such as TCP, NetBIOS and UDP and the Expert will give its prognosis on each one. For each capture session, you can see who the top talkers were, what the protocol distribution was and much more.
From the TCP option you can select a line of data and call up Observer’s slick stream reconstruction feature. For web browsing it’ll show you the sites visited and associated IP address pairs for the source and destination. Any files downloaded can be viewed and email reconstruction extends to revealing the contents of a selected message along with the sender and recipient plus the option to view any attachments.
[i][b]The separate web console provides access to baselining tools and complete reports on server and application performance.[/b][/i]
The VoIP functions are particularly impressive as Observer has tools specifically for handling H.323 and SIP traffic. VoIP is included in the packet decoder. This provides a full summary along with jitter and lost packets plus wise words in the panel below from the Expert if it detected a problem.
We tested using SIP and liked the feature that enabled us to view all VoIP calls made and see the phone numbers of the caller and the recipient, the call start time and the duration. Observer can rate VoIP calls for quality by calculating a MOS (mean opinion score) from the dropped packets and jitter, which is a prediction of how a real user would rate the call. [pb/]
This latest version has a number of additional VoIP features with support for a greater number of signalling protocols including H.248 and SCCP (Cisco Skinny). This means you could, for example, look at specific SIP call invitations and track SIP server performance.
One area where Observer falls down is SNMP device monitoring. The SNMP device discovery routine found all our enabled devices but it was unaware of what each one was so only provided a standard set of monitoring options.
[i][b]Observer’s Application Transaction Analysis allowed us to keep a close eye on one of our servers running web and FTP services.[/b][/i]
You can edit each entry and change the device type but the choice is very limited. Network Instruments suggests its separate Link Analyst for these duties but we would also put forward the [i]IT PRO[/i] Recommended NHSIpswitch WhatsUp Gold 14 as it is very sophisticated in this area.
Observer scores well with its network trending and baselining features. You need to leave this running for a few days to enable it to get a good feel for general network usage but afterwards it can provide plenty of information about server and application performance. This is accessed from Observer’s separate web console and drilling down into selected entries provides metrics comparing the baseline values with current and past performance.
The days when network packet capture and analysis was a dark art only available to those with deep pockets are long gone. Observer offers a wealth of network monitoring and decoding features at a very reasonable price and it’s for these reasons that it continues to grow whilst most other solutions have fallen by the wayside.
Author: Dave Mitchell