Choose your tool and keep your Web server from sprawling wildly

As intranets sprout like weeds on the fringes of government networks, LAN managers are
figuring out how to manage new intranet services when their LAN management tools aren't
adequate anymore.


Intranets let almost anyone who has the skill turn a PC into a World Wide Web server.
This Web sprawl can quickly get out of hand. Network response degrades, but you may not
have the tools or knowledge to see the broadcast storms raging around your routers.


You may need several new skills to manage the bandwidth requirements, packet traffic,
security, storage needs and Web server content. Here are some steps to take to get things
under control.


Deal with the sprawl first. Talk with your supervisors and firmly establish what you
are responsible for on the network. It may be that your office has a free-flowing
environment that encourages users to maintain their own Web servers. If not, prune
liberally.


Count the Web servers on your intranet. You can probably prune them back to just five
or so dedicated to business-critical applications and Web page hosting. This will make it
easier to tighten security and track network resources.


But the pruning is a policy decision that will have far-reaching consequences, so make
sure management is on your side first.


Next, pick up some new management tools. You may already have good ones such as Novell
Inc.'s LANalyzer, but how do you monitor intranet-specific services such as Hypertext
Transport Protocol, File Transfer Protocol, Telnet and Network News Transport Protocol?


Take a look at Sniffer from Network General Corp. of Menlo Park, Calif., at http://www.networkgeneral.com/ or Xni from
Fastlane Systems Ltd. of Sunnyvale, Calif., at http://fastlane101.com.
These tools will help you isolate and analyze intranet-specific usage.


Whatever tool you choose, make sure it supports remote monitoring extensions to the
Simple Network Management Protocol. Conventional SNMP queries devices. RMON monitors
conditions and can find certain errors.


If you're serious about taming the beast, check out a full intranet management tool set
such as WebXRay from Cinco Networks Inc. of Atlanta. Visit http://www.cinco.com/.


This $1,995 package tracks TCP/IP traffic and identifies who is abusing protocols or
consuming too much bandwidth.


One of the cool things WebXRay can do is discover all TCP/IP nodes on subnetworks. It
will add them to a topology map and list the available services. This is a great way to
track down illegal Web servers.


Then there's Enterprise Web Manager, an intranet management tool from the Aziza unit of
Objectivity Inc. of Mountain View, Calif. See http://www.aziza.com/.
This tool centralizes control of Web servers to regulate security, check link integrity
and improve performance and availability.


Before you buy, be sure the tool can detect broadcast storms. Storms swamp a TCP/IP
network by repeating broadcast-type packets unnecessarily. Broadcast packets multiply as
routers work to resolve IP addressing requests that have a destination Data Link Control
address of "all stations."


The storms build up fast when you have a mix of routers on your network with different
TCP/IP protocol releases. The routers may send multiple broadcasts to other routers, which
in turn repeat with their own multiple broadcasts. These traffic bursts compete with other
traffic and slow down or crash the network.


Finding the storm is the easy part. To calm it, you may have to upgrade your routers so
they're all running the same version of TCP/IP. Or look into something like SmartSwitch
6000 from Cabletron Systems Inc. of Rochester, N.H., which can squelch broadcast storms.
Visit http://www.cabletron.com/.


Shawn P. McCarthy is a computer journalist, webmaster and Internet programmer for GCN's
parent, Cahners Publishing Co. E-mail him at smccarthy@cahners.com.


inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above