I actually have a very similar problem, and wrote some software to solve it. I am a consultant, and want to proactively monitor my customer's systems for all kinds of performance problems. Like your situation, my monitoring requires access to private data that is not published outside the firewall.
What I did was write TNTMonitoring (for Windows) and a one-off script that does basically the same thing (for Linux). Check out http://www.tntmonitoring.com for more information on the Windows version. It is an agent that installs on the server you want to monitor, runs the various checks, and then submits them via https (it also used to support SSH - if you prefer that, let me know, and I can easily put SSH support back in). These checks are always outbound, so you usually do not need to modify the firewall at all. To Nagios, these checks are passive checks. Now I have to caution you: if a client is reluctant to open their firewall, they probably would be just as reluctant to allow you to install software that sends internal data off site, no matter how secure I promise them that it would be. The other option you have is to use an SSH tunnel to send active checks from your Nagios server. This will require that your client open the firewall for SSH, and that they set up an SSH daemon somewhere. The existing VPN may also be an option if you can write a script that establishes the connection before running your checks. Michael Arney wrote: > I have been tasked by my company to compare system monitoring tools. We are > a small Java software development shop. Our product runs on several servers > (Windows or Unix) at each of our clients, and has a web front end, file > system storage, and database (PostgreSQL, Oracle, or MS SQL Server). We > support our software remotely: the clients agree to provide VPN or Telnet > access. The VPN access may not be permanent (ie we may have to use a Cisco > or Juniper vpn client each time we remote desktop to them). At present we > have fewer than 50 clients. We want to monitor basic up/down and disk free > type metrics, but also to issue a variety of custom queries against our > database and application to check its status. > > So, my question is: How much network access would Nagios require for us to > use it to monitor our application? Our clients are sometimes reluctant to > open their firewall to a vendor like us. I'd like to know what's the minimum > we need to ask of them so we can get good proactive monitoring of our > installations. Ideally we would not even need to ask for more than we have > now, but that may not be realistic. We have even toyed with the idea of > buying a dual-NIC machine at each client to put inside their firewall just to > communicate with our central monitoring server. I don't know if that would > help. > > We are currently evaluating Nagios. But we are also looking into other > products (OpenNMS, Zenoss, Hyperic). So any comparisons with them in this > regard would be helpful too. > > Thanks in advance, > Mike > -- Kevin Keane Owner The NetTech Find the Uncommon: Expert Solutions for a Network You Never Have to Think About Office: 866-642-7116 http://www.4nettech.com This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof. ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null