OpticNerve automatically discovers nodes within a specified network range using ICMP sweeps. Once it finds a node, the node is probed for supported services by Service Pollers, which simulate transactions for DNS, DHCP, FTP HTTP, IMAP, POP3, SNMP, SMTP, SSH and other protocols, and applications and databases, including Lotus Notes, Informix, Oracle, SQL, Sybase and Postgres. Discovered nodes and associated services are added to OpticNerve's SQL database. Services are polled every five minutes and nodes are rescanned periodically for new services.
OpticNerve's Iris Agents run on Microsoft Windows 98, Me, NT4, 2000 and XP. Using less than 500 KB of memory, these agents run in the background and report system health and configuration information to OpticNerve. Iris Agents are event-driven: They detect window creation, file operations, faults and exceptions as well as application installations and launches. They also generate information regarding the OS, CPU, memory, network adapter, drives and installed applications. After creating users and associating them with management groups, we installed the optional Iris Agents 2.0 on Windows 2000 servers and Windows 98 and XP workstations by downloading the installation file from the OpticNerve.
Synthetic transactions poll network services.
Configurable event notifications.
Filters screen out unwanted notifications.
Thresholds are not configurable.
Set polling periods (approximately 5 minutes).
SSL not supported.
To see events from polling information, SNMP traps and Iris Agents, you simply access a Web interface, supply a user name and password, and the home page draws all the events reported by devices on your network (see screen at right). An eventd subsytem processes all events and classifies them according to a rules engine. If an outage--any event that impacts an end user's ability to access a resource--occurs, it is registered and an actiond process notifies users.
Using both preconfigured and customized pollers, OpticNerve detected node and service outages on multiple subnets in our labs. We tested this by suspending FTP, HTTP, SMTP and telnet services on a Sun Microsystems SunFire 280R. OpticNerve detected the event and notified users that the services were unresponsive though the port was still available. It successfully detected FTP, HTTP, SMTP and SQL database outages on a Windows 2000 server as well. OpticNerve also scanned open ports to determine available services and report on known vulnerabilities. It found remote DCE services and anonymous FTP sites in our tests.