Making an effort to be familiar with the open source tool community is important, because good software is generally the product of community development. These tools may be part of your core infrastructure as needs arise.
Open source tools in some capacity find their way into the enterprise IT environment. While some open source efforts will stall over time, others will continue to thrive and have commercial offerings based on the open source roots. One particular example where a popular open source tool has led to a commercial offering is the ntop tool. The nmon.net series of products is a commercial spin-off from the ntop movement. One product that is a result of many open source products and their graduation to a collective commercial offering is the nBox Recorder, which was released on August 3, 2008. The nBox series of products have offered traffic flow analysis but lacked disk recording of the network packets in an appliance offering. The nBox Recorder will record network packets from a network interface and archive them to a local file. The nBox Recorder has three hardware configurations that provide storage between 1 and 8 TB for network capture recordings. Depending on the packet size and throughput, various recording packet per second levels can be achieved. These range from 155,000 packets per second to 440,000 packets per second on general purpose equipment. Figure A shows the typical usage of the nBox Recorder product in between two networks.
This utilizes existing open source tools in an appliance model and can provide thorough packet capture and playback in standard PCAP file format. The files can be viewed from the appliance by ntop, Wireshark, or Snort. Having a familiarity with these tools and their evolution to the commercial offerings can present compelling alternatives to the traditional network products at an attractive price point.
Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.