The choices may not be obvious to the casual observer, but they're tried-and-true. Your data centre may have top-of-the-line networking equipment, big-ticket apps, the latest OS, and every patch ever released. But when the chips are down, your staff had better be equipped with the software arsenal it needs. When all else fails, these are the tools that get the job done.
No one can offer a Swiss army knife to cover every contingency, but our analysts and a cross section of InfoWorld contributors have come up with the next best thing: a list of the most useful, powerful tools they've used to make things work. You won't find technology that changes the world here. But your staff may be better equipped to handle the slings and arrows of everyday IT.
PERL: Perhaps there has never been a more malleable, yet simple language than Perl - traits that have made it indispensable on Unix systems. Combining the portability of a shell language, simple database interfaces, surprising speed, and a world-class regular expression engine, Perl has become the duct tape that holds networks together. It's that most important type of tool: one for building other tools.
Perl isn't limited to the Linux/Unix world, either; plenty of time and effort has been put into making it run on Windows. ActiveState's ActivePerl implementation is generally regarded as the best available for the Win32 platform. Its PPM (Perl Package Manager) emulates the Unix version's CPAN (Comprehensive Perl Archive Network) access, pulling add-on modules from the Internet on request. Plenty of Windows-specific functions are also available. For example, Perl can interface with Microsoft's Active Directory to automate object creation and modification. It can even be statically compiled into log-in scripts, for those requiring more flexibility than KiXtart can provide. Best of all, as are all versions of Perl, ActivePerl is fully open source and available at no charge, although ActiveState's commercial ASPN (ActiveState Programmer Network) Perl package includes a variety of value-added components and support options.
ETHEREAL: From simple packet sniffing to thorough network performance analysis, software that can peer between the layers and pull out important information about a network is a mainstay of network administration. Of the many network analysis tools available, the most malleable and easily procured is the open source package Ethereal - which explains why it made the top 10 lists of so many of the techies we spoke to.
Available for Windows and most Unix platforms, Ethereal provides an instant view into the network. Although its filtering capabilities can seem somewhat esoteric to the uninitiated, they are very powerful. It can be configured to monitor either a single server or an entire VLAN, with custom filters that display only traffic to or from certain hosts or that narrow the view down to specific protocols. Ethereal can trace captured packets from handshake to FIN (finished), generate summary reports on protocol streams, and analyze TCP streams for round-trip times and throughput. Furthermore, Ethereal's advanced tools pull apart and inspect every packet seen on the wire, color-coded for easy viewing.
For a deep and instant look into current network traffic, Ethereal can't be beat. After all, when diagnosing trouble networks, knowing isn't half the battle; it's nine-tenths.
HP: JetAdmin Hewlett-Packard Co. printers are popular on enterprise networks. Given multiple printers to manage, there's no better tool than the newest incarnation of HP's JetAdmin management software. JetAdmin 7.5 runs as a secure Web application, is accessible from any browser, and allows administrators to query and perform myriad changes to networked printers, either singly or in groups.
For instance, with JetAdmin, a tedious job such as upgrading the firmware on 20 HP 4100N printers can be accomplished with just a few mouse clicks. JetAdmin can display a list of available firmware images for that printer series, provide a link to the latest image on HP's Web site, and then queue that update for distribution to every matching printer on the network.
Similarly, whereas tasks such as standardizing printer names and reconfiguring printers for DHCP might normally take dozens of Telnet sessions, JetAdmin's Web interface gets the job done quickly and easily. JetAdmin can create queues on print servers for printers discovered on the network. It can also copy drivers to the appropriate locations, identify printers by model and specified name, and enable printer sharing.
Together, these features result in a truly massive reduction in time, hassle, and stress.
SYMANTEC GHOST: When setting up a department network means deploying tens or even hundreds of systems, there's really only one way to handle the load: drive imaging. By spending time up front to build a master reference image, the staff hours required to deploy and maintain desktops, laptops, and even servers can be significantly reduced.
Although a number of imaging solutions are available, the admins we spoke to agree that Ghost, from Symantec, is the top choice. Its powerful combination of drive imaging and support for Intel's PXE (Preboot Execution Environment) installation services means a single tech can build a dozen laptops, configure them with the required applications, and deploy them -- all within a few hours. Although it began as a Windows-only product, Ghost Corporate Edition now includes the ability to image partitions that have been partitioned with Linux's ext2 and ext3 file systems. Ghost can also be used to take snapshots of a server during the build process, making it easy to roll back to an earlier step should problems occur later in the build. When it comes to reducing the burden of repetitive installation and maintenance tasks, this handy tool is hard to beat.
RSYNC SAMBA: developer Andrew Tridgell originally conceived of Rsync as a file tree mirroring utility, usable either locally or across a network. Today, that simple idea has grown into a truly indispensable tool for administering servers.
At its most basic, Rsync is used for many disk-to-disk backup solutions; for instance, synchronizing the main file store to a cheap IDE disk for easy file recovery, or restoring files to production locations from online mirrors. But Rsync is more than just a glorified copy tool. Its comparison algorithm determines not only whether a file has changed on the source side but also what specific parts of the file have changed. It then copies only those parts of the file, accelerating the synchronization of large files significantly. This makes Rsync particularly attractive for tasks such as synchronizing data stores across WAN links, where bandwidth may come at a premium.
In addition, Rsync supports SSH (secure shell) tunnelling to provide data stream encryption and is available for Windows through the Cygwin Project. "In 50 years' time, I doubt anyone would have ever heard of Samba," says Tridgell of his earlier project. "But they'll probably be using Rsync in one way or another." Odds are, he's right.
MICROSOFT VISIO: If there's a single invaluable tool for network and system architects, it's Visio. As we all know, a picture is worth a thousand words, and accurate network diagrams can greatly assist troubleshooting efforts and speed problem resolution when time is of the essence.
Once careful diagramming is introduced into the process, more and more uses for Visio will be revealed. For example, Visio 2003 Professional introduced built-in rack diagramming templates, which can be of invaluable assistance when laying out today's dense data centres. Forget "I hope this fits"; when combined with scale-level product stencils provided by hardware manufacturers, Visio's templates make it simple to specify whole racks and verify that there will be room enough for everything, without lifting more than a finger.
SSH QUICK: and reliable data stream encryption is a must for moving sensitive data over unprotected networks. Configuring an IPSec VPN takes time and coordination, but SSH and its related tools provide the same protection while eliminating the cost and overhead of more complex packages.
Both commercial and free SSH packages are available, on both Unix and Windows systems. In addition to facilitating remote shell access, they typically include secure versions of a variety of file-transfer tools, such as SCP (secure copy) and SFTP (secure FTP). Using these, even automated file transfers can be secured simply and stably; no VPN required.
But SSH has many more uses beyond simple shell access and file copy operations. Remote port forwarding facilitates secure troubleshooting and administration of remote site systems and applications. In this fashion, it's possible to create temporary encrypted tunnels for other protocols, allowing network applications to communicate with protected systems without modifying the applications to support encryption. With SSH, incorporating encryption into a network is so easy that there's seldom a reason to leave valuable data traffic unprotected.