Review: ScriptLogic PacketTrap IT

There are two distinct types of network monitoring: the nitty gritty of low-level packet capture and analysis, and the higher-level monitoring made possible by the likes of SNMP and Cisco's NetFlow. Scriptlogic's goal is to combine these two levels into a comprehensive—though lightweight—package. PacketTrap IT pursues this goal with its mantra of Monitor, Alert, Report, Remediate.

The product's 15-minute initial deployment claim is well founded. Installation proceeds with little fuss, having modest requirements of Windows Server 2003 or later, 2GB of RAM, and a 2GHz CPU for as many as 250 devices.

After an initial device scan, a set of filters and displays assist in the identification of detected devices, and—more important—what probes those devices are responding to (e.g., Ping, SNMP v1-3, WMI). Most devices are automatically slotted into groups according to a policy, which is a set of predefined probes and alerts that are determined to suit each type of device. You can deploy agents to enable remote monitoring on an individual basis or in a hierarchical fashion. The latter option builds in some handy resiliency against Internet issues; the local agent will continue to collect stats on devices assigned to it and will reconnect with the main server when connectivity is restored. All this functionality helps make device addition particularly easy and straightforward.

After the initial scan, the product imports devices into the Device Management tab, which provides basic information tables and single-level drill-downs for details. This tab also offers a network-mapping feature that is quick and interesting to view but isn’t terribly useful. This feature could use some beefing up.

If I have one complaint about the Devices tab, it's the litany of listed tools. These are free downloads—not included in the package—that will enhance your toolkit. Unfortunately, most users might never experience such enhancement because the product doesn't adequately address the tools, and in fact PacketTrap triggers an error message when you click on a listed tool, referencing the system's lack of licensed software—further confusing the issue. While I appreciate the desire to reduce bloat, the inclusion of these tools would greatly flesh out the PacketTrap experience. They’re already free, so why not include them by default and save customers the added hassle of another download and licensing gauntlet?

Reporting is a simplified task in PacketTrap, organized into the top offenders in each category, which range from VoIP call paths to NetFlow/JFlow/SFlow to WMI attributes. In its agent software, PacketTrap includes its own NetFlow generator, which it tweaks slightly to create ptFlows. These ptFlows are fed back to the central server over the local network or via the agent’s ability to maintain connections with the PacketTrap server over the public Internet (as opposed to a VPN).

Following this notion of simplicity, the dashboard offers a real-time view of similar data in many areas including—surprisingly—virtual machine (VM) status monitoring at the hypervisor level. A solid, typical bundle of display widgets, meters, charts, and graphs are available as well. Figure 1 shows PacketTrap identifying bandwidth hogs.


Figure 1: Identifying bandwidth hogs
Figure 1: Identifying bandwidth hogs



When you access the Administration tab, you'll notice two unique features. First, PacketTrap can perform an automated statistical analysis to establish baselines for your network. Doing so helps PacketTrap avoid notifying you unnecessarily about conditions you already know exist. Second, there's a large management information base (MIB) library available for download to augment its SNMP engine, but this feature can't import custom MIBs—an ever-present concern of many mainstream programs.

PacketTrap boasts a few features that, strangely, didn't make an appearance in my testing. After several hours of experimenting with the product, making every attempt to at least access every feature, I found—for example—no sign of the SNMP trap or router configuration backup interfaces. Combined with the aforementioned “missing” tools in the device view, PacketTrap gives the perception that its design lacks completeness, particularly given its determination to be an all-in-one solution.

PacketTrap places itself in the same league as packages from SolarWinds and Ipswitch. Compared with these products, it performs quite well, offering an honest set of primary features with some interesting twists. PacketTrap's ability to leverage the potential of agent-based monitoring is also impressive. The product's minor flaws can be ironed out; they merely irk users like me who look for logical leaps from the information provided on right-click menus. Nonetheless, PacketTrap will work for most organizations looking for a good core performer with forward-thinking innovations under the hood.


Scriptlogic PacketTrap IT 

PROS: Simple, stable, lightweight monitoring that extends agent-based monitoring beyond its traditional roles; compares admirably with others in its class

CONS: Some features seem extraneous or under-developed; the product's simplicity sometimes makes features seem isolated because it lacks right-click interweave

RATING: 3.5 out of 5

PRICE: Less than $2,000 for 50 devices; licensing is per device

RECOMMENDATION: If your monitoring and alerting needs are modest, I recommend PacketTrap IT, which takes on the challenge of implementing or facilitating initial corrective steps. However, the product needs a bit more focus and cohesion.

CONTACT: ScriptLogic • 561-886-2400 •

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.