End-user complaints that "the network is slow" ring constantly in the ears of network managers. But all too frequently, the user gives no specific
description of "slow" – instead, the statement is simply a clue that something, somewhere, might be wrong.
When faced with this kind of problem, a network-analyser program, such as Neon Software’s recently released NetMinder Ethernet 5.0, can quickly provide the insight required. Now available as an OS X-native app, NetMinder Ethernet is an appealing and extremely useful tool
that provides administrators with easily accessible and understandable information concerning the nuances of Ethernet packet
Neon’s focus on ease of use lets any network manager – not just wireheads – quickly monitor a network. When you launch NetMinder Ethernet, it opens four windows that allow you to control data
collection and view Ethernet packets, analyse IP usage by address and protocol, analyse bandwidth-usage, and discover problems with specific packets.
Once you start collecting information, you can use the TCP/IP Analysis window to see which nodes and protocols are consuming the most bandwidth on the
Another common question network managers get is: "How much network bandwidth is consumed by Web browsing?" The TCP/IP Analysis window can quickly
show what percentage of network traffic is HTTP or HTTPS, the two primary IP protocols used in Web browsing. Likewise, you can use the Trend Analysis window to see how many packets are being transmitted, and what percentage of the theoretical amount of bandwidth this represents. And NetMinder Ethernet’s Packet Inference window displays messages that alert you to possible aberrant traffic on the network.
The Packet Inference feature compares Ethernet traffic with a predefined set of rules, and sounds the alarm when noteworthy events occur, such as an attack by a network worm (Code Red, for example)
or the appearance of a duplicate IP address on a network. These alerts can prompt you to disable switched ports, or isolate susceptible servers until the attack or problem can be mitigated.
NetMinder Ethernet decodes a variety of packet types; double-clicking on any packet in the NetMinder Ethernet window displays the headers and data contained in the packet. (You can define additional Ethernetbased protocols for identification, but this manual process requires a detailed understanding of the packet header and
other characteristics.) Reviewing network
conversations on a packet level is often useful when trying to see whether a host or application is functioning properly.
When monitoring a very busy segment of a network, finding the right packets among the thousands that are collected in a few seconds can be very time-consuming. Using NetMinder Ethernet’s filters, it’s possible to zero-in on problematic traffic by specifying a source, destination, and
protocol – including granular details specific to each protocol, such as flags or packet size. You can apply filters during the datacollection
process or use them on data you’ve already collected, to sift through raw data – including captures made with the command-line utility TCPdump.
Reports of problems on a network are often intermittent and anecdotal – and therefore difficult to fix. For example, a user may say that he always has trouble with an application late in the afternoon. Unless you’re watching the network when the problem occurs, it’s hard determining
the possible causes. NetMinder Ethernet’s ability to automatically begin data capture based on a time or a network event allows you to begin triage without sitting in front of your workstation.
NetMinder Ethernet can also alert you when specified conditions or events occur on a network. For example, you may be trying to track down a rogue computer that’s intermittently causing problems on the network. You tell the application to send an alert – via pager, email, or SNMP trap – when the event occurs. Just about any condition can trigger these alerts, which can incorporate filters and Packet Inference messages, giving real flexibility in troubleshooting tactics.
NetMinder Ethernet requires either OS X 10.1 (or later) or System 7 (or later) – that is, it will run on just about any Mac that has an Ethernet interface. There are some limitations on pre-OpenTransport platforms, because packet collection requires dedicated use of the Ethernet
Though not mentioned anywhere in the documentation, NetMinder Ethernet can also be used on 802.11b wireless networks. The application treats a wireless interface – for example, an AirPort Card – as another Ethernet interface.
No network manager should be without a network analyser. Other analysers, such as Network Associates’ Sniffer, don’t run on a Mac and can cost thousands more, but thanks to lower-cost offerings such as NetMinder Ethernet 5.0, it’s not necessary to spend a fortune to know more about your network. Whether troubleshooting a problem or performing a simple baseline study of network traffic, NetMinder Ethernet’s depth and ease of use make it ideal for any Mac-network administrator.