Network management can be a tall task without the right statistics and data about traffic flows, device configurations and user activities. The following utilities offer visibility into various aspects of network activity without breaking the bank. Utilizing these free tools gives network managers a better foothold for improving performance, spotting potential problems and nipping security incidents in the bud.
A network analyzer designed for monitoring, troubleshooting and analysis, Capsa Free from Colasoft provides the capability to identify and monitor more than 300 different protocols. Users can record network profiles, create customizable reports and set customizable alarm trigger combinations. Additionally, Capsa offers MSN and Yahoo Messenger monitoring statistics, email monitoring and auto-saving of email content and an easy-to-use TCP timing sequence chart.
An integrated network and systems management platform, Zenoss Core brings together metrics on availability, performance, events and configuration of systems and devices across the network. With data streaming in through SNMP, SSH, WMI, JMX and Syslog, the platform provides a flexible base for monitoring logs and managing events. In addition, the tool provides features specifically geared at virtual and cloud infrastructure, including VMware ESX monitoring.
Network traffic isn't the only thing that needs analyzing sometimes. A network forensic analysis tool for Windows, NetworkMiner by security software company Netresec is designed to collect data about the hosts on the network as opposed to the traffic. It sniffs for packets and even parses PCAP files in order to help its users detect the OS, hostname and open ports of hosts on the network. This can prove an excellent tool for incident response teams seeking to reassemble transmitted files and certificates without adding additional traffic to the network.
Providing automatic scanning of devices within specified subnets, this tool with the catchy name will draw a map of the network, monitor services running on those devices and automatically alert users to problems with those services. MikroTik's The Dude runs on Windows, Linux Wine, Darwine and MacOS, and supports SNMP, ICMP, DNS and TCP monitoring of devices.
Angry IP Scanner
A lightweight, simple IP scanner, Angry IP Scanner uses a multi-threaded scanning technique to offer speedy scans with results that can be saved to CSV, TXT, XML or IP-Port list files. Offering a flexible Java-based framework, the tool can be easily extended through plug-ins to gather additional information about scanned IPs.
Wireshark is a network protocol analyzer that allows users to drill down deeply into network activity, across hundreds of protocols and many major platforms, including Windows, Linux, OS X, Solaris, FreeBSD and NetBSD. With read/write functionality into dozens of capture file formats and data browsing via a GUI or TTY-mode utility, it offers tons of flexibility on its own or tied into other security tools and distributions.
While log search and analysis tool Splunk is offered in a free version, its enterprise functionality doesn't come cheaply. Organizations that can't come up with the cash may be able to build out a similar approximation of features using Fluentd as a foundational open source log collector and chaining that together with ElasticSearch and Kibana, a pair of open source tools that offer search engine and Web UI functionality and which together with Fluentd can create a comprehensive way to collect data, analyze it and visualize it for free.
Organizations willing to barter in information may be able to get themselves a huge boost in network visibility via a tool called TC Console. Offered by the nonprofit security research firm Team Cymru, TC Console offers historical views of malicious network activity and data-driven summaries of network traffic on the network, cross-referenced with global statistics about malicious activity on the Internet that's collected by the group. The tool is free but only if an organization is willing to share network information that gets fed back into the Team Cymru community database.
One of the best free network security tools in the land, Nmap is made all the easier to use through the GUI provided by Zenmap. Designed to be accessible for beginners while still allowing Nmap veterans to tap into advanced features, Zenmap will save frequently used scans as profiles to make it easier to set up scanning routines. Scan results can be saved for comparative analysis across time through a searchable database.
JDSU Network Analyzer Software Standard Edition – Free
This network analyzer tool, from JDSU, makes it easier for networking pros to troubleshoot network problems by providing information about who is on the network, who is using bandwidth and where errors are occurring. The JDSU Network Analyzer provides insight into potential performance issues and offers both real-time analysis as well as more in-depth offline analysis of collected data.