Network monitoring/IDS rant - What's hot what's not?

["Christopher J. Wolff" <chris () bblabs com>]

Tivoli, Openview, Unicenter, ipmonitor, mrtg, nagios?

There are many network monitoring options but each option has its
pitfalls.  I'm rapidly coming to the conclusion that any software
Computer Associates publishes is designed for the criminally insane.
However, there 'has' to be something that offers more visibility into a
major WAN than MRTG/RRDTOOL.  

Perhaps I'm on a Computer Associates rant today but can anyone share any
positive experiences with E-trust intrusion detection?  5 MB of traffic
flow paralyzes a dual P3 with gobs of ram and it still misses signatures
that Snort does not miss.  Originally I was going to blame this lousy
performance on application tuning; however, it was a CA engineer that
set this box up.

Any IDS suggestions would be greatly appreciated as well.

Regards,
Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
http://www.bblabs.com