PRTG
Traffic
Grapher
Paessler's PRTG Traffic Grapher takes
much of its history
from the original,
open-source multirouter traffic grapher
(MRTG) project,
adding a considerable amount of user
friendliness to the
solution. In this freeware version, you can
enumerate only three
sensors, but given the
simplicity of PRTG's
setup process and
the useful data it can
provide, most administrators will find the
tool valuable even
with only three interfaces.
PRTG offers advanced capabilities that
simplify the logging and graphing of performance data over time. Performance data
can include bandwidth utilization, any
SNMP-instrumented data, end-to-end LAN/
WAN latency monitoring, and traffic utilization per protocol type. PRTG collects the
information on a set interval and logs it to
its data stores so that you can easily monitor
current and over-time network performance. Figure 4 shows PRTG's main screen while the
tool is running and collecting data.
PRTG's sensors have varying capabilities. For
example, you can use SNMP—a low-overhead
solution on the monitoring station and on
target devices—for
lightweight WAN-bandwidth monitoring or for monitoring
a number of other
easily obtained SNMP
counters (e.g., CPU
utilization, memory
utilization). However,
if you need more
traffic data, packet
sniffing lets you log
utilization data and
break it down by protocol type. Outside of
the bandwidth, PRTG can also collect data from any SNMP-based
counter and log it over time. PRTG also supports
the concept of an "aggregate sensor," which you
can use to aggregate data for multiple individual
sensors (e.g., measuring bandwidth utilization,
but only across switch ports 2-7 instead of the
entire switch).
The installation process is quick and painless. Within five minutes, you can have the
application downloaded and plotting data in
your network.
Security Tools
Obviously, security of data and assets is
vital to any IT organization. The free utilities I discuss here certainly don't represent
a complete set of solutions to tackle all the
data- and asset-protection complexities that
organizations face today, but they're helpful
tools for solving specific problems you might
typically face.
TrueCrypt
Back in my consulting days, I usually managed
simultaneous projects across a half dozen
active clients. Plus, I needed to retain data and
files for numerous additional clients. I had
all this information on my laptop, and much
of it was confidential. But even if it wasn't all
confidential, it was my obligation to protect my
clients' data if I took copies of it beyond their
walls. I turned to TrueCrypt, another open-source project at SourceForge, as the answer for
my data-encryption needs. The tool remains a
rock-solid solution that I depend on today. Figure 5, shows TrueCrypt's interface.
TrueCrypt, which is available for Windows
and several flavors of Linux, offers two types
of encryption. First, TrueCrypt can create a
virtual encrypted disk on your system that's
stored in a .tc file somewhere on a file system.
To Windows, the TrueCrypt disk image looks
like just another file on the drive. You can back
it up, copy it around your network, or carry it on
a USB thumb drive. But once TrueCrypt is running, you can mount and dismount these files
as new volumes within Windows, then seamlessly work on the files as easily as manipulating
files on your C drive. All encryption occurs on
the fly, with no other prompting or tweaking necessary. You can even format the
encrypted volumes with NTFS so
that you can hold large files in an
encrypted volume.
The second type of encryption
is to have TrueCrypt automatically
encrypt an entire device (e.g., hard
drive, floppy drive, USB thumb
drive)—although all data currently
on the target device will be wiped
out. In this scenario, all data on
the target device will be encrypted
and decrypted when TrueCrypt
is running, and unusable when it
isn't running.
TrueCrypt supports a number of advanced encryption
algorithms, including some algorithms that are approved for US
government classification levels—all the way up to Top Secret.
The tool offers several helpful dialog boxes
in each of its interfaces, removing a lot of the
mystery and guesswork involved with encryption. TrueCrypt is an extremely well-designed
Windows application, supporting both 32-bit
and 64-bit Windows, Vista User Access Control
(UAC), and is digitally signed and certified by
GlobalSign.
LocatePC
I often wonder why I never thought of writing the LocatePC utility myself. It's a simple
application with just one purpose: to email
you whenever any private
or public IP address in
your system changes and
to otherwise remain quiet
and hidden.
Why is that functionality so useful? You would
use LocatePC primarily
to aid in the recovery of
stolen systems. Because
LocatePC simply sits in
the background and sends
out email whenever an IP
address changes, it can
be beneficial if you're trying to track down a laptop
that has been lost or confiscated from one of your
employees during a business trip. The faster you get
that asset back, the less risk of exposure you have.
Every time Windows detects a possible change in a system's IP information,
LocatePC—which you can see in Figure 6—
sends a detailed email message to an address
that you predefine. This message includes
information about every IP address in the
system, the resolved public IP address of the
system (which the tool gets by sending a
test query to a public Internet site), a trace-route mapping to that same public system,
logon details for any dial-up networking connections on the system (including phone numbers
and usernames), and any hard-coded identifying information you configure for the host.
You need to understand a few caveats.
First, if a thief is smart enough to completely
wipe out Windows before hooking up to
the Internet, you're out of luck. Second, if the
thief doesn't connect to the Internet or doesn't
connect to a location that permits outbound
SMTP connections, you're also out of luck.
No solution is guaranteed. But considering
LocatePC's simplicity and small size, it's a great
security measure that takes only two minutes
to set up.
Register
