Here are 20 of the best free tools for monitoring devices, services, ports or protocols and analyzing traffic on your network. This list is intended to supplement 101 Free SysAdmin Tools. Even if you may have heard of some of these tools before, I’m confident that you’ll find a gem or two amongst this list.
Mac OS X Server relies on shared Open Directory domains to provide network user accounts that can be used to log into computers that are bound to a shared domain. It can be used for digital chain of custody, to access the remote or local devices, forensics of Windows or Linux OS, recovery hidden of deleted files, quick search for files’ meta data, and various other things. On the Mac, the equivalent location is the Applications folder, also found in the root directory of the Mac's startup drive (loosely equivalent to the Windows C: drive). Unlike the Program Files directory, the Applications folder is a simple place from which to access and launch applications. Easy to Find – You want your system to make it easy to find the file or folder you need, either by poking through folders or using search. Reusable – Where possible, you want to use re-usable templates and naming conventions, both of which support the previous two goals. You can use it to scan both small and large networks, in search of software vulnerabilities and unpatched or unlicensed applications. Information coming from up to 60,000 devices, running on Windows, Mac OS or Linux, will be shown in a centralized web console, so you’ll be able to see the state of your whole network at any moment and from any location.
1. GFI LanGuard (our award-winning paid solution)
People say it’s good to be modest and not to brag, but we’re so proud of our network management tool that we had to start the list with GFI LanGuard. You can use it to scan both small and large networks, in search of software vulnerabilities and unpatched or unlicensed applications. Information coming from up to 60,000 devices, running on Windows, Mac OS or Linux, will be shown in a centralized web console, so you’ll be able to see the state of your whole network at any moment and from any location.
With centralized patch management and network auditing, GFI LanGuard prevents potential compliance issues, but if you’re a sysadmin the fact that all machines are patched and secured will surely seem like a more important advantage. But, don’t take our word for it, download the free 30-day trial and try it out.
2. Microsoft Message Analyzer
Microsoft Message Analyzer, the successor to Microsoft Network Monitor 3.4, has an intuitive and flexible UI with effective filtering options that allow you to break down and drill into captured packets (or ‘messages’ as they are called in Message Analyzer). By adding ‘Color Rules’ to different protocol traffic, you can make scanning through areas of interest easier and faster.
Some of its highlighted features include automated data capture (using PowerShell cmdlets to start or stop traces based on a particular trigger), TLS/SSL decryption support and customizable filter expressions.
Microsoft Message Analyzer allows you to assess multiple log data sources from a single pane of glass. You can capture, view and analyze network protocol traffic side-by-side with other system or application events (e.g., Event Logs or SQL Tables), making it a valuable addition to your network toolkit.
When you launch Microsoft Message Analyzer, click ‘Start Local Trace’ to immediately start capturing traffic from the local machine, or ‘New Session’ to add a Data Source to capture.
3. Nagios
Nagios is a powerful network monitoring tool that helps you to ensure that your critical systems, applications, and services are always up and running. It provides features such as alerting, event handling, and reporting. Nagios Core is the heart of the application that contains the core monitoring engine and a basic web UI. On top of Nagios Core, you can implement plugins that will allow you to monitor services, applications, and metrics, a chosen frontend as well as add-ons for data visualization, graphs, load distribution, and MySQL database support, amongst others.
Once you’ve installed and configured Nagios, launch the Web UI and begin to configure host groups and service groups. Once Nagios has had some time to monitor the status of the specified hosts and services, it can start to paint a picture of what the health of your systems look like.
4. OpenNMS
OpenNMS is an open source enterprise-grade network management application that offers automated discovery, event and notification management, performance measurement, and service assurance features. OpenNMS includes a client app for the iPhone, iPad or iPod Touch for on-the-go access, giving you the ability to view outages, nodes, alarms and add an interface to monitor.
Once you successfully login to the OpenNMS web UI, use the dashboard to get a quick ‘snapshot view’ of any outages, alarms or notifications. You can drill down and get more information about any of these sections from the Status drop-down menu. The Reports section allows you to generate reports to send by e-mail or download as a PDF.
5. Advanced IP Scanner
Advanced IP Scanner is a fast and easy to use network scanner that detects any network devices (including wireless devices such as mobile phones, printers, and WIFI routers) on your network. It allows you to connect to common services such as HTTP, FTP and shared folders if they are enabled on the remote machine. You are also able to wake up and shut down remote computers.
The installer allows you to fully install the application on your machine or run the portable version. When you launch Advanced IP Scanner, start by going to Settings > Options to select which resources to scan and how fast/accurate you want the results. You can then choose which subnet to scan and proceed with pressing the “Scan” button. Once the scan is complete, expand the results to see which resources you can connect to for each discovered device or export your results to XML/HTML/CSV.
![]() 6. Capsa Free
Capsa Free is a network analyzer that allows you to monitor network traffic, troubleshoot network issues and analyze packets. Features include support for over 300 network protocols (including the ability to create and customize protocols), MSN and Yahoo Messenger filters, email monitor and auto-save, and customizable reports and dashboards.
When you launch Capsa, choose the adapter you want it to bind to and click “Start” to initiate the capture process. Use the tabs in the main window to view the dashboard, a summary of the traffic statistics, the TCP/UDP conversations, as well as packet analysis.
7. Telerik Fiddler
Fiddler is a web debugging tool that captures HTTP traffic between chosen computers and the Internet. It allows you to analyze incoming and outgoing data to monitor and modify requests and responses before they hit the browser. Fiddler gives you extremely detailed information about HTTP traffic and can be used for testing the performance of your websites or security testing of your web applications (e.g., Fiddler can decrypt HTTPS traffic).
When you launch Fiddler, HTTP traffic will start to be captured automatically. To toggle traffic capturing, hit F12. You can choose which processes you wish to capture HTTP traffic for by clicking on “All Processes” in the bottom status bar, or by dragging the “Any Process” icon from the top menu bar onto an open application.
8. NetworkMiner
NetworkMiner captures network packets and then parses the data to extract files and images, helping you to reconstruct events that a user has taken on the network – it can also do this by parsing a pre-captured PCAP file. You can enter keywords which will be highlighted as network packets are being captured. NetworkMiner is classed as a Network Forensic Analysis Tool (NFAT) that can obtain information such as hostname, operating system and open ports from hosts.
In the example above, I set NetworkMiner to capture packets, opened a web browser and searched for “soccer” as a keyword on Google Images. The images displayed in the Images tab are what I saw during my browser session.
When you load NetworkMiner, choose a network adapter to bind to and hit the “Start” button to initiate the packet capture process.
9. Pandora FMS
Pandora FMS is a performance monitoring, network monitoring, and availability management tool that keeps an eye on servers, applications and communications. It has an advanced event correlation system that allows you to create alerts based on events from different sources and notify administrators before an issue escalates.
When you login to the Pandora FMS Web UI, start by going to the ‘Agent detail’ and ‘Services’ node from the left-hand navigation pane. From here, you can configure monitoring agents and services.
10. Zenoss Core
Zenoss Core is a powerful open source IT monitoring platform that monitors applications, servers, storage, networking, and virtualization to provide availability and performance statistics. It also has a high-performance event handling system and an advanced notification system.
Once you login to Zenoss Core Web UI for the first time, you are presented with a two-step wizard that asks you to create user accounts and add your first few devices/hosts to monitor. You are then taken directly to the Dashboard tab. Use the Dashboard, Events, Infrastructure, Reports and Advanced tabs to configure Zenoss Core and review reports and events that need attention.
11. PRTG Network Monitor Freeware
PRTG Network Monitor monitors network availability and network usage using a variety of protocols including SNMP, Netflow, and WMI. It is a powerful tool that offers an easy to use web-based interface and apps for iOS and Android. Amongst others, PRTG Network Monitor’s key features include:
(1) Comprehensive Network Monitoring which offers more than 170 sensor types for application monitoring, virtual server monitoring, SLA monitoring, QoS monitoring
(2) Flexible Alerting, including nine different notification methods, status alerts, limit alerts, threshold alerts, conditional alerts, and alert scheduling
(3) In-Depth Reporting, including the ability to create reports in HTML/PDF format, scheduled reports, as well as pre-defined reports (e.g., Top 100 Ping Times) and report templates.
Note: The Freeware version of PRTG Network Monitor is limited to 100 sensors.
When you launch PRTG Network Monitor, head straight to the configuration wizard to get started. This wizard will run you through the main configuration settings required to get the application up and running, including the adding of servers to monitors and which sensors to use.
12. MiTeC Network Scanner
MiTeC Network Scanner is a modest yet feature rich network scanner for detecting network devices which include remote command execution and shutdown functionality, as well as Active Directory scanning and a bunch of in-built network tools as some of its key features.
When you launch MiTeC Network Scanner, start by selecting one of the scans to run from the Scan section on the top ribbon.
13. Splunk
Splunk is a data collection and analysis platform that allows you to monitor, gather and analyze data from different sources on your network (e.g., event logs, devices, services, TCP/UDP traffic, etc.). You can set up alerts to notify you when something is wrong or use Splunk’s extensive search, reporting, and dashboard features to make the most of the collected data. Splunk also allows you to install ‘Apps’ to extend system functionality.
Note: When you first download and install Splunk, it automatically installs the Enterprise version for you to trial for 60 days before switching to the Free version. To switch to the free version straight away, go to Manager > Licensing.
When you login to the Splunk web UI for the first time, add a data source and configure your indexes to get started. Once you do this, you can then create reports, build dashboards, and search and analyze data.
14. Angry IP Scanner
Angry IP Scanner is a standalone application that facilitates IP address and port scanning. It is used to scan a range of IP addresses to find hosts that are alive and obtain information about them (including MAC address, open ports, hostname, ping time, NetBIOS information, etc.).
When you execute the application, go to Tools > Preferences to configure Scanning and Port options, then go to Tools > Fetchers to choose what information to gather from each scanned IP address.
15. Icinga 2
Icinga is a Linux based fully open source monitoring application which checks the availability of network resources and immediately notifies users when something goes down. Icinga provides business intelligence data for in-depth analysis and a powerful command line interface.
When you first launch the Icinga web UI, you are prompted for credentials. Once you’ve authenticated, use the navigation menu on the left-hand side to manage the configuration of hosts, view the dashboard, reports, see a history of events, and more.
16. Observium Community
Observium Community is an intuitive SNMP-based network management and monitoring tool that auto-discovers devices on your network and reports back on their status. It runs on Linux and supports a multitude of device types, platforms and operating systems including Cisco, F5, Citrix, Juniper, Windows, Linux and more.
Start by adding devices to monitor either manually or via the auto-discovery feature, which probes the network looking for SNMP configured devices. After devices have been added, go to the Overview page to review the status of each device.
17. NetXMS
NetXMS is multi-platform network management and monitoring system that offers event management, performance monitoring, alerting, reporting and graphing for the entire IT infrastructure model. NetXMS’s main features include support for multiple operating systems and database engines, distributed network monitoring, auto-discovery, and business impact analysis tools, amongst others. NetXMS gives you the option to run a web-based interface or a management console.
Once you login to NetXMS you need to first go to the “Server Configuration” window to change a few settings that are dependent on your network requirements (e.g., changing the number of data collection handlers or enabling network discovery). You can then run the Network Discovery option for NetXMS to discover devices on your network automatically, or add new nodes by right-clicking on “Infrastructure Services” and selecting Tools > Create Node.
18. WirelessNetView
WirelessNetView is a lightweight utility (available as a standalone executable or installation package) that monitors the activity of reachable wireless networks and displays information related to them, such as SSID, Signal Quality, MAC Address, Channel Number, Cipher Algorithm, etc.
As soon as you execute WirelessNetView, it automatically populates a list of all reachable Wi-Fi networks in the area and displays information relevant to them (all columns are enabled by default).
Note: Wireless Network Watcher is a small utility that goes hand in hand with WirelessNetView. It scans your wireless network and displays a list of all computers and devices that are currently connected, showing information such as IP address, MAC address, computer name and NIC card manufacturer – all of which can be exported to an HTML/XML/csv/txt file.
19. Riverbed Xirrus Wi-Fi Inspector
Riverbed Xirrus Wi-Fi Inspector can be used to search for Wi-Fi networks, manage and troubleshoot connections, verify Wi-Fi coverage, locate Wi-Fi devices and detect rogue Access Points. Riverbed Xirrus Wi-Fi Inspector comes with a built-in connection, quality and speed tests.
Once you launch Wi-Fi Inspector and choose an adapter, a list of available Wi-Fi connections is displayed in the “Networks” pane. Details related to your current Wi-Fi connection are shown in the top right-hand corner. Everything pretty much happens from the top ribbon bar – you can run a test, change the layout, edit settings, refresh connections, etc.
20. Wireshark
This list wouldn’t be complete without the ever-popular Wireshark. Wireshark is an interactive network protocol analyzer and capture utility. It provides for in-depth inspection of hundreds of protocols and runs on multiple platforms.
When you launch Wireshark, choose which interface you want to bind to and click the green shark fin icon to get going. Packets will immediately start to be captured. Once you’ve collected what you need, you can export the data to a file for analysis in another application or use the inbuilt filter to drill down and analyze the captured packets at a deeper level from within Wireshark itself.
Are there any free tools not on this list that you’ve found useful and would like to share with the community?
You may also like:
Deploying and supporting Macs presents distinct challenges, particularly in organizations where Macs are in the minority or are being introduced for the first time. As with many aspects of IT, having the right tool for the job is the key to managing a new or existing population of Apple desktops and notebooks.
The good news is that there are many tried and true solutions for handling common Mac deployment and management tasks. The better news is that many of the best are available for free, whether from Apple, as open source projects, or as free/donationware creations of other Mac administrators and IT professionals.
[ See InfoWorld's slideshow tour of Mac OS X Lion's top 20 features. | Learn why IT won't like Mac OS X Lion Server. | Keep up with key Apple technologies with the Technology: Apple newsletter. ]
Here you will find the top 22 tools -- most of them free -- for managing the Macs in your IT environment. As you'd expect, the list focuses on the core areas of systems administration: deployment, client management, and directory integration. If I missed a favorite free Mac tool, please highlight it in the comments below.
Essential Mac tools Nos. 1 and 2: Disk Utility and Apple Software Restore
If you have more than a couple of Macs to deal with, you'll need an easy way to configure them. For monolithic imaging, the process by which you create a snapshot of one workstation and copy it to others, nothing beats Apple's Disk Utility and Apple Software Restore, both of which are included free with every Mac OS X install.
Disk Utility comes as both a GUI tool and the diskutil command-line option. It is equipped with plenty of local disk management functions, including partitioning, formatting, integrity checking, and repair. It also offers the ability to clone volumes and create disk images using the .dmg format, which makes it perfect for capturing a configured volume for monolithic imaging.
Apple Software Restore, which is available only from the command line as asr, allows you to locally or remotely deploy disk images to one or more clients. It can be used to image a Mac from a disk image on a local drive, a network share, or a multicast stream (the best option for mass deployments). When used for multicast streaming, one Mac hosts the stream via asr commands for others to join. As you might expect, any client imaged using asr must be booted from a source other than the destination volume, such as an external hard drive, a flash drive, or a bootable network volume.
While Disk Utility and ASR provide the backbone for Mac deployment, either individually using an external drive/unicast network connection or a multicast stream, there are several tools to speed up, automate, and improve your workflow for capturing a source image, preparing it for use with ASR, and initiating deployment. Be sure to check out SuperDuper and Carbon Copy Cloner for image capture and basic single-Mac deployment, and Blast Image Config for setting up ASR sessions.
Essential Mac tools Nos. 3 and 4: NetInstall and NetRestore
Building off of Apple's free image-based offerings are two features of the company's Mac OS X Server: NetInstall and NetRestore.
Network booting has been a staple since OS X Server debuted, and Apple has built off the NetBoot concept with NetInstall and NetRestore, both of which allow servers to host boot volumes, thereby enabling clients to boot directly from the network based on your deployment options.
NetInstall is designed for booting into the OS X installer utility and allows admins to configure options for a traditional OS X install. (It is not monolithic imaging per se, though that is possible.) It also performs pre- and post-install tasks such as disk partitioning, directory binding, and application installation.
NetRestore is designed around ASR and provides a broader range of options for monolithic imaging. It can be configured to automatically deploy specific images or to allow clients to select from available images. As with NetInstall, many deployment-related tasks can be included in the NetRestore process.
Both NetInstall and NetRestore come with the current release of Lion Server and require no client or usage license beyond the cost of Lion Server (a $49 add-on to the $29 Lion).
Essential Mac tool No. 5: DeployStudio
Heterogeneous organizations looking to standardize on a single deployment tool should check out DeployStudio, a freeware monolithic imaging solution for Mac and Windows clients.
DeployStudio offers local disk deployment, network deployment, and multicasting. It comes equipped with solid image management and client selection tools, integrates with Apple's NetBoot, and provides excellent deployment monitoring, all of which make it a great deployment workflow management solution. The biggest drawback -- if you can consider it a drawback -- is that it relies on OS X Server to create a complete network-based solution, including both boot and deployment.
Essential Mac tools Nos. 6 and 7: StarDeploy and Munki
Apple's package (.pkg) and metapackage (.mpkg) files are the primary software installation mechanisms in OS X. While these are typically installed by a user, OS X supports package deployment without user intervention -- for example, by adding packages to a NetInstall workflow.
Organizations looking to deploy packages over a network should check out donationware StarDeploy and open source Munki. These network-based solutions, along with the commercial Apple Remote Desktop, allow admins to deploy packages in the background; they're excellent updating tools as well.
![]()
Because packages are simply a series of files along with instructions for their ultimate location in a Mac's file system, you can easily configure non-application packages for deploying configuration files and documents. Coupled with StarDeploy or Munki, this method makes it easy to add, remove, or update almost any item over the network, including browser bookmarks, security certificates, and default system or application settings.
(Note: Adobe doesn't use Apple's package format, but Munki does support remote install of Adobe applications.)
Essential Mac tools Nos. 8, 9, and 10: PackageMaker, InstallEase, and Iceberg
If you're going to deploy non-application packages, you'll need a tool to create them. Apple's PackageMaker is a great tool for this, and it is included with the company's Xcode developer suite, which is free and available via the Mac App Store.
Intended for use by developers to create install packages, PackageMaker provides admins with an easy way to build packages to push out to clients on their network. As noted above, these packages can be almost anything you want to deploy to a range of client devices, including documents.
Two free alternatives are openly available, but not quite as developer-friendly: the open source Iceberg and the free InstallEase, which was developed as a companion to the Absolute Manage client management suite.
Essential Mac tool No. 11: Property List Editor
Admins looking to edit system and applications preferences will want to turn to Property List Editor, a GUI tool for editing the XML .plist preference files. A similar free tool, Plist Editor, is available for modifying these files from Windows machines. You may, however, find modifying preferences from within an app and copying the resulting .plist files an easier process than using these tools.
Essential Mac tool No. 12: File Distributor
File Distributor is a slightly different form of deployment tool. It allows admins to replace files at various locations within a file system. You can even make use of wild cards to specify multiple locations. This is particularly helpful if you are using network home directories and need to deploy documents or configuration files across multiple user accounts.
Essential Mac tool No. 13: FileWave Samsung tool pro download for mac.
Another deployment tool worth investigating is the commercial FileWave. This Mac/Windows tool can be used to dynamically manage application installations across your network. FileWave's approach has advantages for license compliance and reclamation, as well as flexibly deploying and redeploying applications as needed.
Essential Mac tools Nos. 14 and 15: Apple's Active Directory Client and Directory Utility
Creating a functional, secure environment requires more than just rolling out computers and software. Global accounts stored in a secure directory service, single sign-on, the ability to secure network and local resources, and the ability to preconfigure and manage the user experience on any workstation is critical. The undisputed leader in directory services, even in Mac environments, is Microsoft's Active Directory. Thankfully, many worthwhile tools for integrating with Active Directory are available, beginning with Apple's Active Directory client and Directory Utility.
OS X's built-in Active Directory client allows you to join an Active Directory domain, and it supports secure access to resources and single sign-on via Kerberos. Moreover, it doesn't require downgrading security levels, and it allows account synchronization for off-network access.
The client can be accessed using the Users and Groups pane of OS X Lion's System Preferences app (called the Accounts pane in older OS X releases). Detailed configuration, including account and home directory sync, preferred domain controllers, and so forth, can be performed using the included Directory Utility.
It's worth noting, however, that Apple's AD client has limitations. For example, it doesn't support client management of any kind beyond basic password policies. It also doesn't support DFS browsing. There are some issues specific to various releases, including Lion.
Essential Mac tools Nos. 16, 17, and 18: OS X Server, Apple's Open Directory, and Profile Manager
OS X may support Active Directory, but Apple's native directory is an LDAP-based solution called Open Directory.
Open Directory domains, hosted by OS X Server, afford centralized accounts all the advantages that Active Directory delivers for Windows, including secure Kerberos single sign-on and client management. This system, referred to as Managed Preferences (or abbreviated MCX), is entirely LDAP-based and allows for user/group/computer-based client management that rivals the capabilities of Group Policies in Active Directory for Mac clients.
In a dual-directory setup, Mac clients can be joined to both Open Directory and Active Directory, allowing for secure access to AD accounts and resources but with complete Open Directory client management applied.
In Lion Server, Apple introduced a new Profile Manager feature that supports iOS device management and Mac client management without the need for a directory service. This alternative offers the core security client management features with a simplified setup, though it is device/client-specific rather than more granular at the user or group level.
Essential Mac tools Nos. 19 and 20: Microsoft Active Directory Schema Analyzer and Apple Workgroup Manager
If adding a second directory isn't an option (it can often be a challenge), the fact that Apple's MCX architecture is completely LDAP-based offers an alternative: extend the Active Directory schema to support the Apple-specific attributes.
Microsoft's Active Directory Schema Analyzer is a great tool for generating the needed LDIF files. Once the schema is extended, Apple's free Workgroup Manager tool (part of OS X Server's administration utilities) can be installed on a Mac and pointed to an Active Directory domain, where it can manage some basic user account details and configure the full range of Apple's Managed Preferences.
Essential Mac tools No. 21: Third-party Active Directory Suites (free and commercial)
Apple's solutions are good for Active Directory integration, but they aren't perfect. In some cases, Apple's AD client may have issues with a specific Active Directory environment, while in others, some features just don't have full parity or may not even be available (DFS is a great example). For these situations, there are worthwhile third-party options, some of which are available for free.
Which Tool Can Be Used To Search For Both Files And Applications On A Mac
For more basic needs, you may want to consider Centrify Express and PowerBroker Identity Services Open Edition for broader authentication and basic access capabilities at no or limited cost.
If you want to integrate client management capabilities without the complexity of using either a dual-directory setup or schema extensions, Centrify's Direct Control and PowerBroker Identity Services Enterprise Edition are worth considering, along with Thursby's ADMit Mac. ADMit may be particularly appealing for small Mac populations because it is a solely client-side solution that includes DFS support.
Which Tool Can Be Used To Search For Both Files And Applications On A Mac
Essential Mac tool No. 22: Apple Remote Desktop
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |