The most secure browser for your Mac is the one that comes with your Mac. Built-in privacy features in Safari, like Intelligent Tracking Prevention, help keep your browsing your business. Automatic strong passwords make it easy to create and use unique passwords for all. It will be able to provide network administrators, security professionals a comprehensive set of tools for protecting the network. The advanced web user interface can be used for system administration and network monitoring. Analysis of the system and configuration can be done easily. PureVPN for Mac. Best WiFi security tools for your Mac What You Need To Know About WiFi Security on a Mac Nearly everyone has used a WiFi network at some point in their life to connect to the Internet or send an email. The Network Detective Security Assessment module is the #1 tool used by MSPs to identify internal and external security threats for their clients and prospects. The network scanner is non-intrusive - no probes, agents or software to install.
Way back in 2015, we reviewed the must-have top free networking tools. And honestly, those reviews have stood the test of time. But now that time has passed, the landscape has changed, and we think it’s worthwhile to review those old choices and possibly add a few new ones.
Laying the Foundation
To build a network, you start with an architecture, draw the design, and analyze and choose the hardware that meets your requirements. Because many organizations need their network to be up and functioning to generate revenue, having the right set of tools to monitor and manage the one you so lovingly created is critical.
But how do you find the best network monitoring tools when there are hundreds of commercial products, freeware tools, and open-source software to choose from? While the debate about free versus commercial goes on, there are tried and tested, free network monitoring tools that many network admins swear by. Below, we will share some of our favorites with you.
Fight malware and protect your privacy with security software for Windows, Mac, Android, and iOS. An antivirus app is a great place to start, but you should also look at.
But first…
Open-source choices are good and can even match commercial tools, but you should know that using open-source monitoring requires a high level of involvement with the tool, which may not perfectly suit your needs. As the saying goes, “Open-source is only free if your time is worthless.”
Open-source monitoring solutions often require a significant investment in time and resources. Missing features may have to be built with the help of community support or an in-house IT team. The second consideration is security, which may become an issue, depending on the tool you select and your enterprise’s security guidelines. Additionally, immediate custom fixes may not be available unless you spend time developing and maintaining them yourself.
When we need a network monitoring tool that is easy to install, and supports monitoring and reporting out of the box, we like SolarWinds® Network Performance Monitor (NPM). NPM acts as a single pane of glass to provide complete and comprehensive network monitoring capabilities that complement some of the essential free tools you may already use.
Knowledge Base
Because enterprise networks are becoming bigger and more complex, it’s important to put network monitoring and managing solutions in place early in the implementation phase.
What’s on the list?
If you do decide to go the free/open-source route, you should check out the following. It’s our list of the best free network monitoring tools available today.
Nagios Core
Nagios® is the great-grand-daddy of monitoring tools, with only ping being more ubiquitous in some circles.
Nagios is popular due to its active development community and external plug-in support. You can create and use external plugins in the form of executable files or Perl® and shell scripts to monitor and collect metrics from every hardware and software used in a network. There are plugins that provide an easier and better GUI, address many limitations in the Core®, and support features, such as auto discovery, extended graphing, notification escalation, and more.
Cacti
Cacti® is another of the monitoring warhorses that has endured as a go-to for network monitoring needs. It allows you to collect data from almost any network element, including routing and switching systems as well as firewalls, and put that data into robust graphs. If you have a device, it’s possible that Cacti’s active community of developers has created a monitoring template for it.
Cacti supports SNMP polling, which itself covers a wide range of network devices. You can also extend Cacti’s capabilities to use scripts, queries, or commands for data collection, and save it as a template to use for polling other devices for similar datasets. Cacti leverages the power of RRDTool, an open-source data logging and graphing system for creating graphs from the stored datasets. RRDTool’s data consolidation lets you store collected data forever and is limited only by the size of your storage. Cacti also allows you to add multiple users and give them access with or without edit permissions, which is perfect for service providers and enterprises with a large NOC team.
Zabbix
Admittedly complex to set up, Zabbix® comes with a simple and clean GUI that makes it easy to manage, once you get the hang of it. Zabbix supports agentless monitoring using technologies such as SNMP, ICMP, Telnet, SSH, etc., and agent-based monitoring for all Linux® distros, Windows® OS, and Solaris®. It supports a number of databases, including MySQL®, PostgreSQL™, SQLite, Oracle®, and IBM® DB2®. Zabbix’s VMware® monitoring capabilities allow you to customize using any scripting or programming language, which is widely regarded as its best feature.
Zabbix is probably the most widely used open-source network monitoring tool after Nagios.
ntop
ntop, which is now ntopng (ng for next generation), is a traffic probe that uses libpcap (for packet capture) to report on network traffic. You can install ntopng on a server with multiple interfaces and use port mirroring or a network tap to feed ntopng with the data packets from the network for analysis. ntopng can analyze traffic even at 10G speeds; report on IP addresses, volume, and bytes for each transaction; sort traffic based on IP, port, and protocol; generate reports for usage; view top talkers; and report on AS information. This level of traffic analysis helps you make informed decisions about capacity planning and QoS design and helps you find bandwidth-hogging users and applications in the network. ntopng has a commercial version called ntopng pro that comes with some additional features, but the open-source version is good enough to quickly gain insight into traffic behavior. ntop can also integrate with external monitoring applications such as Nagios for alerting and provide data for monitoring.
ntopng has some limitations, but the level of network traffic visibility it provides makes it well worth the effort.
Icinga
Built on top of MySQL and PostgreSQL, Icinga is Nagios backwards-compatible, meaning if you have an investment in Nagios scripts, you can port them over with relative ease.
Icinga was created in 2009 by the same group of devs that made Nagios, so they knew their stuff. Since then, the developers have made great strides in terms of expanding both functionality and usability since then. As the Nagios pedigree might imply, its primary focus is monitoring infrastructure and services.
Spiceworks
Spiceworks offers many free IT management tools, including inventory management, help desk workflow, and even cloud monitoring, in addition to the network monitoring solution I’m focusing on here. Built on agentless techniques like WMI (for Windows machines) and SNMP (for network and *nix systems), this free tool can provide insights into many network performance issues. You can also set up customizable notifications and restart services from within the app.
Note that Spiceworks is free because most of its revenue comes from the sale of ad displays in its network. It’s a small price to pay for a free solution, but it’s something to think about before you install.
Observium Community
Observium follows the “freemium” model that is now espoused by most of the open-source community—a core set of features for free, with additional options if you pay for them. While the “Community” (i.e., free) version supports an unlimited number of devices, Observium is still careful to say that it’s meant for home lab use. This is bolstered by the fact that the free version cannot scale past a single server. Run this on your corporate network at your own risk!
The free version also enjoys a 6-month patch and update cycle. If you want fixes any faster than twice a year, you’ll have to pay for them. One of the most painful features held back from the free version is the lack of alerting capabilities. Those caveats aside, you get a full auto-discovery of your devices and metrics (using SNMP and standard protocols, as usual).
Related Top Tools for Network Monitoring
There are a few tools that aren’t monitoring solutions per-se but are so incredibly useful to the monitoring professional that we didn’t feel right leaving them out.
Wireshark
Wireshark® is an open-source packet analyzer that uses libpcap (*nix) or winpcap (Windows) to capture packets and display them on its graphical front-end, while also providing good filtering, grouping, and analysis capabilities. It lets users capture traffic at wire speed or read from packet dumps and analyze details at microscopic levels. Wireshark supports almost every protocol, and has functionalities that filter based on packet type, source, destination, etc. It can analyze VoIP calls, plot IO graphs for all traffic from an interface, decrypt many protocols, export the output, and lots more.
Wireshark provides unlimited opportunities to study packets, which makes it a solid go-to for network, system, and security admins.
Nmap
Nmap uses a discovery feature to find hosts in the network that can be used to create a network map. Network admins value it for its ability to gather information from the host about the Operating System, services, or ports that are running or are open, MAC address info, reverse DNS name, and more.
Scalability is the other big reason why network admins love Nmap. It can scan a single host or an entire network with “hundreds of thousands” of machines.
When you need to quickly map the hosts in your network, Nmap is your tool.
Free Network Monitoring Tools
Most of the tools we’ve focused on in this post have been of the “freemium” variety—a limited set of features (or support) for free, with additional features, support, or offerings available for a cost.
But there is a whole other class of tools which are just free-free. They do a particular task very well, and there is no cost (with the exception of the odd pop-up ad during installation). We wanted to take a moment to dig into a few of the tools that are in “network_utilities” directories on our systems and frequently use.
Also, we want to be clear that the list below isn’t meant to be (or even appear) exhaustive. There are many, MANY useful free network monitoring tools out there, and which ones an IT pro uses is often up to personal preference or the specifics of their work environment. We’re listing out the ones we’ve found in our travels and use often.
Traceroute NG
Ping is great. Traceroute is better. But both fall short in modern networks (and especially with internet-based targets because the internet is intrinsically multi-path). A packet has multiple ways to get to a target at any moment. You don’t need to know how a SINGLE packet got to the destination; you need to know how ALL the packets are moving through the network across time. Traceroute NG does that and avoids the single biggest roadblock to ping and traceroute accuracy—ICMP suppression—at the same time.
Bandwidth Monitor
If you are doing simple monitoring, the first question you’re going to want to know is, “is it up?” Following closely on the heels of that is, “how much bandwidth is it using?” Yes, it’s a simplistic question and an answer that may not really point to a problem (because let’s be honest, a circuit that’s 98% utilized most of the time is called “correctly provisioned” in our book), but that doesn’t mean you don’t want to know. This tool gets that information quickly, simply, and displays the results clearly.
Response Time Viewer for Wireshark
We mentioned Wireshark over in the non-monitoring monitoring tools section because of its flexibility, utility, and ubiquity. But the “-ity” that was left out was “simplicity.” That sucker can be HARD to learn to use, especially for new network engineers fresh on the job. This utility will take Wireshark data and parse it out to show some important statistics simply and clearly. Specifically, it collects, compares, and displays the time for a three-way-handshake versus the time-to-first-byte between two systems. Effectively, it shows you whether a perceived slowdown is due to the network (three-way handshake) or application response (time to first byte). This can be an effective way to narrow down your troubleshooting work and focus on solving the right problem faster.
IP SLA Monitor
Network Security Tools For Mac Computers
IP SLA is one of the most often-overlooked techniques in a monitoring specialist’s arsenal. Relegated to being “that protocol for VoIP,” the reality is that IP SLA operations can tell you much more than jitter, packet loss, and MOS. You can test a remote DHCP server to see if it has addresses to hand out, check the response of DNS from anywhere within your company, verify that essential services like FTP and HTTP are running, and more.
So, this free tool is something of a secret weapon for engineers who need to get miraculous tasks done on the cheap.
What have we learned?
Here in 2020, monitoring professionals have almost an embarrassment of riches when it comes to free and open-source solutions to help us do our jobs. While none of these free tools are exactly push-button simple to install, maintain, or use, if your budget for tools is close to non-existing and you have the time to invest, they may fit the bill. Otherwise, we’d recommend using a tool like SolarWinds NPM, which is easy to install and supports motioning and reporting right out of the box.
Nearly everyone has used a WiFi network at some point in their life to connect to the Internet or send an email. You may take for granted that your data and privacy are secure when accessing wireless networks. Unfortunately, in many cases, nothing could be further from the truth.
WiFi networks are inherently more dangerous than a wired network where you need to directly connect with a cable. The ubiquitous nature of wireless networks adds additional security concerns which are not an issue with traditional wired implementations. We are going to investigate the various security problems that need to be addressed by users and owners of WiFi networks. We will also show you some of the ways you can thwart individuals who may attempt to compromise the wireless network and its users.
What is Meant by WiFi Security?
There are two general types of WiFi security that need to be considered in order for you to safely operate and use a wireless network. Let’s take a closer look at these two different, yet related, aspects of wireless security.
Personal WiFi Security
The first type of security to be concerned with if you are a WiFi user is that of your personal information and identity while accessing the network. There are many WiFi hotspots located in cafes, restaurants, airports, and libraries around the world. They are there as a convenience to the establishment’s customers and can be an indispensable resource if you need to access the Internet while on the go. The problem is that most of these networks are not secure.
Sending unencrypted data over an unsecured network is simply tempting fate. Anyone can be accessing the network with packet sniffers designed to steal your personal information. That nice gentleman sitting across from you at the coffee shop may be attempting to gain access to your device or be trying to capture sensitive information such as a password to a banking site. Individuals sitting in a vehicle in the parking lot may also be able to access the network if the range is sufficient.
Network Security Tools For Macbook Pro
For this reason, you should never use a public WiFi hotspot to conduct sensitive business related to your finances. Using a VPN with strong encryption can minimize the ability of thieves to steal your personal information. You need to take the risk of your personal information being stolen seriously. The bad guys certainly do.
WiFi Network Security
The second type of security related to WiFi networks concerns the measures taken to protect the network itself. Minimizing or eliminating unauthorized access is the prime goal in securing your WiFi network. Public WiFi hotspots generally do not implement security measures as it makes accessing the network more complicated by requiring a password in order to connect. You should not make the same mistake with your home or office WiFi installation.
In addition to requiring a password to access your network, you need to ensure that the data is encrypted if you want to be sure it is not being misappropriated. Since someone can access your network from outside your building, you may not even know that the network is under attack. We will discuss how you can achieve better WiFi security in the next section of this article.
What You Can Do To Improve Your Wireless Security
Increasing the security of your data when accessing WiFi networks is mostly a matter of using common sense and being aware of the potential dangers that exist. Any network that you can attach to without using a password is not secure. It’s up to you to limit the information that you transmit over this type of open network. As previously mentioned, you should never perform banking or other tasks that might allow unscrupulous individuals to gain access to your accounts or passwords.
That is really all you can do when using open and unsecured WiFi networks. There is no way for you to control who is on the network, nor to know their intentions. It is your responsibility to keep your data and personal info safe.
Securing Your Own WiFi Network
You have much more control over how your own home or business WiFi network handles security. Limiting access to your network and ensuring that the data it transmits is protected by strong encryption techniques can be accomplished by performing a few fairly simple tasks. The first thing you need to do is access your WiFi router and make sure that you have encryption turned on. You should also change the default credentials on all of your WiFi peripheral equipment.
There are various types of encryption protocols that are available on most WiFi routers. They offer different levels of encryption that make them increasingly more difficult to crack. Here is an overview of the encryption methods you can use to protect your WiFi network.
Wired Equivalent Privacy (WEP) – When WiFi was first introduced in the late 1990s this was your only encryption option. It is easy to crack and difficult to configure. While it is better than no security at all, you should avoid using WEP unless you have no other option.
WiFi Protected Access (WPA) – Using stronger algorithms improves the strength of WPA encryption and makes it harder to hack than a network protected by WEP.
WiFi Protected Access 2 (WPA2) – Significant improvement in the level of security is afforded by employing WPA2 encryption on your network router. Data integrity and encryption are based on the Advanced Encryption Standard (AES). This is currently the highest level of security available on the majority of today’s routers. This should be your first choice when selecting the type of encryption you use to protect your WiFi network.
WiFi Protected Access 3 (WPA3) – This is the next step in the evolution of WiFi security and is set to become available beginning in late 2018. It enables more complex encryption and makes it possible to encrypt public network connections.
In addition to enabling encryption, your network should be secured by requiring a strong passphrase or password for access. A combination of password length and complexity is your best bet, according to resources.infosecinstitute.com. The password should only be shared with authorized users and if you think it has been compromised, you should change it immediately.
Some of the Best WiFi Security Tools
WiFi security is currently one of the top issues facing cybersecurity experts. There are tools that can be used to monitor and scan your network to determine if unauthorized users are attacking it or attempting to gain access. These come in the form of WiFi scanners and analyzers which can alert you to issues with your network. Let’s take a look at a few that will run on your Mac.
KisMAC
KisMAC is a freeware application that was intended to be used by network security professionals. It does not offer the most intuitive interface but will allow you to scan and monitor your WiFi network. Using this tool you can display exactly who is on your WiFi network. You can see the Mac and IP addresses as well as the signal strength for all connected clients. This information assists in identifying security breaches of your network so you can make improvements if needed.
NetSpot
NetSpot is a WiFi tool which can be used to survey and secure your network. It features an intuitive interface that makes it easy to monitor your wireless network. Performing a survey of your WiFi can help you to identify rogue access points that might permit an attack on your network. Find leaks in your WiFi network that pose potential security issues.
Homedale
This tool will also let you survey your network to locate unintended access points and to monitor the devices that are connected. It’s available as a free download and can be a great tool to help secure your WiFi from intruders.
Who’s On My WiFi
This software tool allows you to display any devices that have connected to your network over a period of time. Analyzing this information will tell you if access is being gained by unauthorized users so you can take action to increase network security.
Using any of these tools will enable you to determine if your signal is accessible in undesirable locations and if there are devices connected to your network that just don’t belong there. If you value the security of your home or office WiFi network, using a scanner or analyzer can help you find gaps in the protection that you are providing. It’s in your best interest to address this potential security lapse as soon as possible.
Related articles: