Paul,
Since this is a firewall list, I'm assuming you'd like to monitor
DMZ boxen safely. My rule of thumb is to avoid anything that
requires an agent running on your servers. Such a beast's existence
is a tell tale sign that:
o The software follows a push model, which means that there will
be one huge security weak point, the data acquisition server
o There is a high probability that the agent will have to run
with elevated privileges.
For DMZ boxen, what you're really after is service availability,
not details about the health of each individual component. Get a
product that can track SLA's and simulate users going through
your website. Netcool for example does this nicely. Bigbrother
is nice and simple but I don't think it will provide you with
a history of say response times. In summary:
o Look for a product that will perform service level monitoring
o Discard anything that requires an agent on the boxen
With the above two covered, something like a single box on the
inside network polling your servers is simple and secure. Don't
forget that if you have to track bandwidth availability, you'll
need something like Keynote checking your servers from the
internet itself.
Later,
Kos
--
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
