• Comparison
  • Solarwinds NPM & Indeni: Firewall Monitoring 

Solarwinds NPM & Indeni: Firewall Monitoring 

Monitoring and Tracking Attendees: New Methods | Ungerboeck

Many Indeni customers are current SolarWinds customers or previously used SolarWinds Network Performance Monitor (NPM) for firewall monitoring. As a result we get asked a lot “how do you compare to NPM?”. The short answer is: NPM is a powerful monitoring tool which provides great network visibility across different networks including LAN, WAN, data center and WiFi networks. Indeni complements NPM network visibility with its automation capabilities for security infrastructure. 

In this blog, we will provide a high level comparison of Solarwinds NPM and Indeni security infrastructure automation. We will answer the question “why do customers use Indeni to supplement NPM network visibility for their security infrastructure?” We will also identify key automation use cases to ensure smooth operations of firewalls. 

Comparing Solarwinds NPM with Indeni

It is important you know that NPM has a broader coverage of networks and device types than Indeni. In the spirit of comparing apples to apples, we will mainly focus on NPM’s capabilities for monitoring firewalls.  

NPM Indeni
Device Coverage Broad coverage of many device types
– Routers
– Switches 
– Wireless access points
– WAN optimization controllers
– Firewalls 
– Load balancers
Security Infrastructure only
– Firewalls
– Security appliances (secure web gateways, IPS/IDS)
– Load balancers
Data Source Use SNMP as primary datasets, particularly effective for routers and switches Supplement NPM by using device-specific SSH/CLI commands, API and syslog
Firewalls Monitoring Firewalls health & performance monitoring

Deeper visibility with Network Insights for Cisco ASA & Palo Alto Networks NGFW 

Site-to-site VPN tunnels visibility

Remote client connections

High Availability & connections statistics for Cisco ASA

Unmatched visibility to firewalls. Indeni typically supports 50% more alerts and metrics compared to any network monitoring tools since it is not limited to SNMP

In addition to monitoring,  Indeni automates repetitive validation tasks such as high availability readiness, organization standards, ongoing maintenance, security risks identification (see more later)

Troubleshooting Analyze availability, fault and performance issues through historical tracking

Network path visualization

With 50% more alerts and metrics, Indeni achieves faster root cause analysis and less outages

Automatically triage device issues resulting in reduced escalations. Run investigative steps, the same ones that are normally run manually to identify the root cause, without any human intervention

5 Reasons to supplement NPM with Indeni

#1 – Firewall problems go undetected

Too often there are blind spots where problems go undetected. NPM uses SNMP monitoring to gather data from devices. While routers and switches have comprehensive MIB instrumentation, it is not always the case with firewalls. For example, if a FortiGate enters conserve mode, new sessions can be dropped. Worse yet, if the problem persists, the device would have to be reloaded. This important event is not supported by SNMP.

Firewalls have evolved to very complex designs with advanced technologies, it is important to supplement SNMP monitoring with additional key performance indicators. This is where Indeni comes into the picture. Indeni collects hundreds of metrics per device using a combination of CLI, API, SNMP and syslog to provide unmatched visibility. 

#2 – Beyond just monitoring the device

Firewalls have dependency on many services. For example, a firewall needs to continuously get policies from its device manager. It needs continuous access to Active Directory for identity awareness to make forwarding decisions. It requires access to external servers hosting external dynamic lists of IP addresses and URLs for policy enforcement. It needs up-to-date threat intelligence feeds about potential sources of attacks. While it is essential to monitor the device, it is equally important to monitor the connection to these critical services. Indeni has many automation elements that ensure communication to these critical services are available all the time by testing them regularly.

#3 – High Availability (HA) presents unique requirements

Unlike routers and switches, firewalls use a high availability configuration for redundancy. Cluster configuration out of synchronization is the most common issue with HA. Indeni can proactively identify these issues to ensure seamless switchover in the event of a failure. Besides checking for synchronization issues, it also ensures best practices are followed such as ensuring preemption is not enabled in a cluster environment. 

#4 – From reactive to proactive

To ensure a firewall is working optimally, it starts with proper configuration based on best practices. This is a great first step towards proactive monitoring. Many problems can be traced to lurking configurations that can cause outages. Indeni ensures best practices to configure various features are being followed, so that the devices are set up properly and securely. It also provides advanced notifications for potential issues so they can be corrected before service is disrupted. 

#5 – The need to quickly remediate a problem

When problems occur, NPM reports the issues and stops there. With the rising cybersecurity skills gap impacting a growing number of enterprises, you want your monitoring tool to tell you how to remediate a problem so you can quickly restore services. Indeni provides step by step remediation steps to get you up and running quickly. With Indeni, IT operations teams can gain specific knowledge from the descriptions and recommended remediations built from real world experience of certified firewall experts.

Network Automation Use Cases

Network automation will help improve your security infrastructure to cope with the growing complexity. As more repetitive operation tasks become automated, your IT teams can become more productive and capable. Ultimately, your security infrastructure becomes more resilient. The primary use case for Indeni is to automate repetitive tasks for operating firewalls and other network security devices. We can accelerate your automation initiative so your precious security engineers can focus on higher order tasks.

What does Indeni automate?

  1. High availability readiness to ensure seamless switchover for a clustered environment
  2. Best practices validation to minimize outages 
  3. Organization standards verification 
  4. Security risks identification by applying baseline standards across your security infrastructure as a foundational practice 
  5. Ongoing maintenance such as device configuration backup, certificate or license expiration, end of support, etc.
  6. Automated troubleshooting for root cause analysis and gathering pertinent information about the problem 

Summary

Between automation and unique firewall requirements, we hope this offers some insights into why it is important to supplement NPM network visibility with additional key performance indicators beyond what SNMP can offer. If you have a complex security infrastructure environment, and are experiencing issues that could be avoided through automation, check out Indeni’s capabilities or test drive the platform today.

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.