I have several buildings I want to be able to manage. I don’t want to need to remote into consoles or into firewalls to get a feel of whats going on. Anything that can give me a status and the ability to monitor, find issues, and give me buttons and dials I can use in resolving issues would be awesome. I don’t want to be stuck with a massive monthly fee for 3rd party software or licenses. I would like to monitor VPN tunnels, firewall, connected devices, get notifications on outages and newly attached devices. Also a sense of how much bandwidth devices are pulling from the network. For additional information on managed clients, I can use our end point protection software to dig deeper.
our locations have have general office equipment and a 300Mbps-1Gb internet connection. We do not run on-prem servers. I will start this journey by doing a ground up re-engineering of a warehouse. 42 end points. All equipment between the modem and client will be on the table to be replaced. It is going to be a Firewall, 4 vlans, a main switch ~16 ports, small scattered 12-24 port switches, and access points capable of creating a mesh network that will get very little use but coverage needs to be good.
I am not Linux savvy, but I can follow good documented instructions. I can manage configuring your average small business equipment and UI based enterprise equipment reasonably well. I can follow well documented CLI commands. I have a good grasp of the network stack. Most other things I can Google.
I am going to try TP-Link Omada at first. I might try and use Zabbix and SNMP to add additional monitoring. If I feel I need more from the firewall, I might look to replace the TP-Link firewall with pfSense.
I ended up going Omada and the interface, vlans, firewall, WiFi, firmware updates, and the price was all great. I even replaced my modem/router with VPN router and access point for ~$100 bucks. Benefits those work from home days. They sit quietly in racks and is configured to reboot once a week, run updates when available during off-hours. I check it once or twice a month. I read patch updates and play with my home unit to try new features before deploying it at work and it works great.
I guess Omada is a cloud offering and has a price tag.
Zabbix is excellent, can be used for free, at least for non-commercial use cases, and it does monitor anything that (a) comes with SNMP, (b) can run their agent (multi-platform), or (c) can be pinged - there are further options for IPMI and ESXi but I am not sure if you can benefit from them. Both, SNMP and the agent give you a a plethora of information about the device, running agent version 2 even up to monitoring of docker containers. It also has SLA monitoring, which I never have used though.
There are actually at least a handful of other open source network monitoring frameworks you could use.
The actual major cost is the initial setup of the tool, rollout of the agents, integration of all monitored devices and then the initial tuning of the trigger thresholds for alerts. It will drive you mad if you do not tune the trigger thresholds. A monitoring tool is like a glove you fit on your network. you want it to only alert you if something is out of the normal. The “normal” is something you need to tune as every network is different.