I found Bruce Boardman's recent review of network-monitoring software ("More Ping, Less Bling," Oct. 1, 2004) very useful. I will likely acquire my monitoring suite from his shortlist.
It appears that you can divide network-monitoring systems into two classes: those that rely on SNMP and those that require proprietary agents.
I was leaning toward SolarWinds.Net's Engineer's Edition Toolset 7, so I did a little research into the SNMP protocol. The results weren't encouraging. CERT issued a vulnerability notice, and Microsoft advises not to use SNMP at all if the machine is exposed to the Internet.
Is a system like Neon Software's LANsurveyor, which uses proprietary agents, inherently more secure? Or am I safe with an SNMP-based system, as long as the SNMP services are running behind a firewall?