Chesapeake NetCraftsmen

 Network Assessment Using Periscope

Introduction

We've found a solid niche for Periscope along with the other consulting services we offer. Sometimes potential customers haven't heard of Netcraftsmen, and are uncomfortable doing business with a firm they don't really know. In these circumstances, we find it useful to do a low-risk consulting engagement with predictable value to the customer.  This allows us to learn about the customer's network and spot ways we might help out, while still delivering value. By using Periscope, we can provide everyone involved with a baseline reading on how solid the examined network is, where it might have issues, and so on. 

Periscope automates a number of tasks that would be time-consuming for the consultant to perform on-site. It also alleviates the need for the consultant to be familiar with obtaining data from whatever network management tools exist at a given site. That provides two benefits: it reduces the cost to the customer, and frees up the consultant to do more useful and interesting things than raw data collection. Manual data collection is, at best, an intermittent snapshot of network conditions. The ongoing polling in Periscope produces a much more comprehensive view of what's happening on in the network. Periscope also allows one to walk away from the customer's network with data in hand for further analysis and writeup off-site. That saves travel costs and wear and tear on consultants. If appropriate, we can go back a few months later, load the relevant database, and pick up where we left off. This gives us and the customer a chance to clean up their network problems, and then see if anything was missed, or if other problems have shown up once the basics were fixed.

So far, every time we've used Periscope we've found some interesting problems in examined network. It's rare to find a 100% perfect job of configuring and deploying switches and routers. But there's always the possibility of a network so clean that Periscope just doesn't spot any issues. That's why we feel it's important to supplement Periscope with an on-site consultant to do what humans do well. It's not sufficient to just plug in the Periscope box and then tell the customer what it said. When we do a Network Health Assessment, we typically gather other information, starting with maps and diagrams, and we include network management reports, if available. We also listen very carefully. We want to hear how the customer staff views their network, what they think the problem areas are, and so on. Often folks know their problem areas, but sometimes they have selective blind spots. Those are usually the best places to look for trouble. We also collect Cisco device configurations, especially where they've already been collected by staff or by CiscoWorks. Sometimes having the additional information can help confirm issues spotted by Periscope. We also try to obtain information from other on-site tools, where we can do so efficiently.

This dual approach (Periscope plus human info-gathering) allows us to comment at a high level on any design or security issues we see. For example, if we see large Layer 2 VLAN's spanning a campus, that's a design choice, and we can comment on the pros and cons of that choice. The same applies to Single Points of Failure and other issues the consultant spots. A good part of the value the consultant brings to the table is depth of experience and knowledge. Periscope lets us bring that to our customers while holding costs down by rapidly and easily collecting useful information.

One of our lessons learned is to make sure up front that we get a good set of CIDR blocks of addresses for Periscope to use. We try to verify that with maps and other information early on in the consulting engagement. If Periscope isn't told about part of the network, it's not going to be able to collect data and report on it. Discovering you've missed part of the network at a later time, after you've pulled Periscope off the network, is not a good use of your time. That's a human procedural detail, not a problem with Periscope.

Periscope deftly avoids one issue we've encountered with other network management tools, e.g. CiscoWorks. Some networks have never really been set up for network management. Those are often the ones where a tool like Periscope can be the most  beneficial. In such networks, passwords and SNMP community strings may be somewhat randomized. It's painful and time-consuming for the site staff to try to homogenize these credentials.  Tools like CiscoWorks RME require careful matching of credentials between the network management tool and the actual devices. With Periscope, you can just enter a bunch of SNMP community strings and it will figure out and remember which ones work for  which devices. You plug Periscope in, give it some basic info, and walk away, with a fairly high degree of confidence it will collect data and be useful. That compares favorably with spending a couple of days fooling around with scripts or manually reconfiguring devices to be network management friendly. 

We've been seeing various network management and performance tools at our customers' sites. A couple have even been doing a good job of keeping the freeware MRTG current on network devices, with a good set of polled variables. Others have had other low-end network management tools for  performance data. If the tool is not already set up and collecting info, our experience is that it's potentially too time-consuming to tune their tool to collect the variables we want to see across the entire network. Often this has to be done one interface at a time. Periscope handles all that automatically.

The Issues area of Periscope is especially useful here. With other tools, the problem faced is the classic one of finding the needles among all the haystacks. If there are 100 interfaces, which is a fairly small network, it takes time to pull up the data for each and think about what you're seeing. Doing that for 5-10 variables means looking at 500 to 1000 graphs. Not only is that time-consuming, it is also mind-numbing, so you'll miss things. Periscope renders all that easy. Look through the Issues and you can quickly begin checking out what are likely to be real problems in the network. Look at the Summary reports and you can see how many devices are lightly versus heavily loaded, etc. 

For example, the following graph quickly tells us in two different ways that utilization is low across all interfaces. Even the maximum utilizations observed are low.

In a number of cases, we've seen that the Issues have provided objective evidence for design problems the savvy consultant spotted in listening to staff describe the network, examing network diagrams, etc. This is invaluable in presenting to the customer, since combines objective evidence with what might be taken as the consultant's subjective opinion criticizing of the network. Periscope provides the objective data that backs up the consultant's expertise.

I know I sometimes want to plod through some performance data, just to get a feel for the network and its traffic patterns. Periscope also makes that relatively easy. It already has the data I want. And that's saying something: last year, for various reasons, I spent some time thinking about what performance data I'd collect given the perfect tool and enough time. It turns out Periscope already collects all that!

One can go into the Results area and pull up the Interfaces table. That provides a summary where one can quickly drill down to get more detailed graphs, without a whole lot of fuss. Take a look at the following two screen captures for the sort of data you get:

Clicking on the utilization cell for the first device in the table above brings up the following graph:

In summary, Periscope is a low-hassle network management tool that you can plug in, do some simple setup, and then walk away from. Check how it's doing at the end of the first day or two, in case you missed something or mis-typed something. Stop its polling and take it back to the home office, and analyze the data. Write up a report. That's terrific value for the customer because of how efficient it makes the consultant.

If you run a network, but are hesitant to buy a Periscope system, you might consider having us in to do a Network Health Assessment. That would give you a chance to see how Periscope works and what sorts of things it finds. Having us do the work saves you time, and allows us to supplement the Periscope results based on our extensive experiencing designing, modifying, and managing networks. You might also consider having your network "Periscoped" periodically, say every four, six, or twelve months. For more information, please email This e-mail address is being protected from spambots. You need JavaScript enabled to view it . And if you have comments or questions about this article, please email me at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

For more information about Periscope, see  http://www.netcordia.com/.

Dr. Peter J. Welcher (CCIE #1773, CCSI #94014) is a Senior Consultant with Chesapeake NetCraftsmen. NetCraftsmen is a high-end consulting firm and Cisco Premier Partner dedicated to quality consulting and knowledge transfer. NetCraftsmen has eleven CCIE's (4 of whom are double-CCIE's, R&S and Security). NetCraftsmen has expertise including large network high-availability routing/switching and design, VoIP, QoS, MPLS, network management, security, IP multicast, and other areas. See http://www3.netcraftsmen.net for more information about NetCraftsmen. Pete's links start at http://www3.netcraftsmen.net/about-us/bios/staff-articles-and-blogs/pete-welcher.html . New articles will be posted under the Articles link. Questions, suggestions for articles, etc. can be sent to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

1/04
Copyright (C)  2004,  Peter J. Welcher