SolarWinds Network Configuration Manager is network diagnostics and troubleshooting technology, from Austin-based SolarWinds.
N/A
Splunk Enterprise
Score 8.4 out of 10
N/A
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
SolarWinds NCM solution is more flexible and GUI is from my point of view more intuitive, from the other hand Manage Engine solution is [a] cheaper solution which has almost [the] same functionality but suffers of luck of deeper integration with other Manage Engine modules.
All of the SolarWinds solutions stack up against their competition. The customer support is excellent, KB articles are details, and the community (Thwack) is the best when it comes to working through complex configurations/monitors. These are the things that make them the right …
I actually prefer the ManageEngine Network Configuration Management engine product but switched to SolarWinds Network Configuration Manager to standardize to our Orion deployment.
If your IT team isn't proficient in automation and scripting, Solarwinds NCM can fill that gap (assuming your company's security team signs off on approving SW in your environment given the hack.) Basic device configuration, pushing mass changes reliably and backups are NCM's strong suites. If you have a complex scenario where if/then cases are needed, NCM is a bit lack luster. Auto discovery isn't as easy either as certain parameters need to be met for that feature to work 100% of the time
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
For our use case, it does everything great and some of the features we underutilize but I would like to be able to set a configuration baseline when initially adding a node instead of after the configuration is pulled but it's not a particularly big deal to let it pull the configuration then set it as the baseline.
Medium complexity to set up in the beginning if using any non-standard devices or configurations, else fairly easy (e.g. Cisco Nexus or IOS-based devices). Reports are fairly straightforward to set up. Updates to the platform are fairly straightforward and don't take a major effort. Easy to add or remove devices.
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
The user interface is lacking. It is difficult to navigate at times and things can be done multiple ways. Quite often I am confused by how their notification structure works. It is not very intuitive. They do offer a free Academy. They also offer a community of other technical folks. I have enjoyed both.
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
To be fair, I have not had to involve Support in a number of years, but when I did, I was greeted with enthusiastic engineers who wanted to understand and solve the issue. It was a fairly complex scenario and I have discovered in my most recent implementation that engineering included that option as a standard now.
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Solarwinds has actually produced new training since I last used it that is available on their site at any time. Their previous training was more than enough to get us started but now there is significantly more content. Since I'm comfortable with the Orion platform and the products we use I haven't checked the new training out yet but we have new staff go through portions of that training and they always come away with an understanding of the platform and ready to use it
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.
it was a fairly easy implementation and everything was pretty straightforward. only challenge we had was getting all the snmp communities updated on the networking equipment
Red Hat Ansible Automation Platform is a great tool and matches much of the functionality of SolarWinds Network Configuration Manager. Nothing about Ansible will likely be overwhelming to an engineer with a little time to spare, but that spare time combined with SolarWinds already being our monitoring tool made the decision easy. Time is at a premium in small teams and SolarWinds Network Configuration Manager is very easy to use right out of the box without all the tweaking required by powerful command line driven tools like Ansible.
I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.
I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
Splunk is very easy to learn and very useful to any program or business application.
