With the security issues associated with SolarWinds - are people switching to other vendors? Which ones are you switching to and why?
chamepicartWe’ve switched from Solarwinds to Centreon even before the issue occurred. It’s way cheaper and is a good alternative and very flexible to your needs. You can play with it yourself.
Tjeerd SaijoenRiverbed is also a great solution very easy to install and a great dashboard.
IanMacfarlaneI have used both and have to say my experience with Connectwise was very good. Design for MSP's and when used with IT Glue and My It Process nice, accurate seamless.
Abhirup Sarkar (EverestIMS Technologies)Please check out InfraonIMS from EverestIMS Technologies.
(https://www.everestims.com/inf...)
The major advantage is an integrated solution which not only monitors the complete IT Infra but also provides complete visibility into the ticket lifecycle for any issues detected via the PINK-Certified InfraonDesk ITSM engine.
From a security standpoint, the tool is OWASP Certified for higher levels of protection against malicious attacks.
reviewer775476 (Network Engineer at a government with 51-200 employees)@reviewer1140534 What experience do you have with this tool? I'm looking for NCM alternative for a medium size network (3000 network devices like routers and switches)
Bernd HarzogThe hackers targeted SolarWinds because SolarWinds has many customers. To minimize the risk of being hacked through one of your vendors, this suggests choosing unpopular vendors with few customers. Which is completely irrational.
Summary - this is a really hard problem and switching vendors does nothing to reduce your risk of this type of hack.
Jim Greenway (ITRS)@Bernd Harzog I believe the switching of vendors can reduce this type of risk, considering the hack was accomplished through the supply chain process. Businesses need to find vendors that protect their supply chain with multiple layers of intrusion and anomaly detection stacks, which should be augmented by AI-powered networks, machine learning algorithms as well as human-supervised security protocols. Finding a vendor that maintains the end-to-end ownership of its supply chain process should be a necessity. There is also the conversation of products that run within the Windows environment verses Unix, which has it's advantages considering the hackers were able to take control of several windows tools via the hack.
Bernd Harzog@Jim Greenway So let's assume that you do all of the things that you listed above to protect your supply chain process. Do you then legally guarantee to your customers (via a contract with penalties) that you will not get hacked, and if you do then you will pay penalties to the customer as outlined in the agreement?In my opinion, solving this problem will either require the painful approach outlined directly above, or security solutions that customers can purchase and operate that are guaranteed to be able to detect and prevent these types of hacks.To the best of my knowledge, right now, there is no good answer.
David Collier@Bernd Harzog I agree that protecting a supply chain is key in any type of manufacturing (and I include software development in that). Massive investment such as Jim suggests needs to be balanced against business, reputational and financial risk. Whilst it is wrong to "sacrifice the boat for a penny of tar" it is equally wrong to protect a penny of tar with a nuclear warhead. A balance must be made. I'm sure Solarwinds (e.g. Centreon) and others are now feeling the effects of that assessment.May I respectfully suggest that if there was some sort of midway solution whereby certain security sensitive components of proprietary software are made open source then the entire industry benefits.
Having source code available to the widest possible audience for analysis and review tends to reduce the security risk of such software. We only need to look at vast swathes of Linux and Apache projects to see the effect.
I'm not some sort of Linux evangelist, just someone who believes that "Security through obscurity" is doomed to eternal failure.
Tjeerd SaijoenIBM Netcool is a great alterative, also available as a SaaS solution from https://rufusai.com
Darryl TheronHi Henry,
Infosim, Stablenet is a very good alternative.
Regards,
Darryl Theron
reviewer775476 (Network Engineer at a government with 51-200 employees)@Darryl Theron What experience do you have with this tool? I'm looking for NCM alternative for a medium size network (3000 network devices like routers and switches. And what about this german company?
Darryl Theron@reviewer775476 Hi, I have extensive experience with this solution, I am one of there partners and I am setting it up as an MSP.
Rafal MatusiakAll you are talking about are good solutions but what do you think about Zabbix?
Simple integration with a huge base of official and used integrations; open-source and ...for free with global support services.
Any ideas for integrations?
Hani KhalilHi, Yes we moved from Solarwinds to MF NNMi - a good tool if it's implemented in a proper way.
Abhirup Sarkar (EverestIMS Technologies)@Hani Khalil : You should definitely try out Infraon IMS.
I am looking for a tool or device that can be used to measure upstream bandwidth utilization. Any recommendations?
Thanks.
