Network monitoring is a sub-area of network management and it monitors the various components, events and protocols of a network and the services it provides. A basic distinction can be made between external and internal network monitoring. As the central nerve strand of the company's internal work processes and communication, a network has to do one thing above all: it has to function smoothly. This applies equally to an international group as it does to a medium-sized industrial company or a small web shop. Different methods have to be distinguished depending on how the network monitoring is carried out and which devices are used for this. While passive monitoring only listens in on the network and, for example, carries out a protocol analysis, active monitoring sends additional packets into the network. With the help of these analysis packages, extended monitoring functions can be implemented. Services monitored by network monitoring can be web servers, e-mail services, FTP services or DNS services. External monitoring methods also use devices connected to the network. Internal monitoring carries out the monitoring directly on the individual network components. Networks are becoming more and more complex and the smooth functioning of a network is not a sure-fire success. Ensuring it is the challenging task of IT network management. Network monitoring functions as an elementary component: ie the continuous monitoring of the network hardware from the server to the switch as well as the network services themselves, from email traffic to web applications. But how does network monitoring work in detail? What are your tasks, your goals? And who is it useful for?
Modern network monitoring: spectrum, tasks & goals
Network monitoring covers a wide range of tasks that serve various purposes. The key function of network monitoring is to ensure the functionality of the respective network. Problems need to be identified, analyzed and fixed in the shortest time: before failures occur. In most companies, networks are now the backbone through which not only communication but also internal collaboration takes place. At the same time, sensitive business and customer data are stored in a network. It is therefore crucial to always be informed about what is going on in your own network. This enables companies to react quickly to problems a prerequisite for an effective internal workflow. Low downtime increase service quality and customer satisfaction at the same time. Another advantage is: If you know your network, you can protect yourself more efficiently against hackers (DDoS attacks, data theft, etc.). In addition to ensuring service quality and security, network monitoring also serves as a planning tool. With the information collected, bottlenecks can be identified early on and avoided early - an essential prerequisite for the continued prosperity of the company.
The core network monitoring functions in detail
From this general objective, some specific tasks can be derived that belong to the basic catalog of modern network monitoring: 1. The ongoing checking of availability: both those of the central network devices (servers, switches, hubs, routers, etc.) as well as those of the most important network services (e-mail communication, databases, web applications such as Microsoft SharePoint, VoIP applications, etc.) 2. The monitoring of the critical hardware components and their most important performance data: These include, among other things, the server memory space allocation, the data throughput on routers and the average CPU and memory usage. 3. Ensuring the functionality of the security tools: namely the firewall, software updates, anti-virus and malware protection. 4. Monitoring and evaluating event logs. 5. The regular updating of the computer software (Linux and especially Windows) and the monitoring of the applications running on them. 6. Performing backups with which the systems can be restored in an emergency. 7. Control of the web presence, such as the accessibility of the online shop.
Network monitoring as a task for specialists and special software
The outlined range of tasks for network monitoring is equivalent to a Herculean task in implementation especially given the heterogeneity and complexity of modern networks. It requires a) specialists and b) correspondingly versatile tools such as network performance software. In recent years it has become clear that network monitoring - step by step - is changing from a sub-task of the administrator to a specialty. Monitoring is now too complex and time-consuming to be done on the side. It requires its own workstation, which should be staffed by an experienced network monitoring administrator (depending on the size of the network, an entire team or a department).
Selection criteria for network performance software
Basically, network performance software should be able to continuously monitor all systems and elements connected to the network and also present the information obtained in a clear and transparent manner. Modern monitoring tools now cover a wide range of functions that go beyond the simple monitoring of bandwidths and availability. They provide detailed information on servers and routers, but also on individual applications, the status of databases and virtualized systems, the availability of websites and maintenance and planning. When making your selection, you should pay particular attention to a few criteria. The network performance software should be adapted to the size and complexity of your own network. It is also important that the monitoring tool can not only monitor the application services and servers as a whole; the performance of individual applications is easily lost. This can be prevented if the monitoring tool can also be used to monitor individual services. However, monitoring the network is only one thing, responding to potential problems is another. It is therefore also important how the data and information are processed; and how problems can be reported (alerts) or eliminated. For example, direct intervention by the administrator is not always necessary. Many services such as rebooting servers can also be automated with the help of scripts .
For whom is network performance software useful?
When it comes to the importance of networks for modern companies, one thing is clear: powerful network performance software is not only important for companies in the e-commerce sector. Anyone who has a company whose revenue depends on the smooth functioning of the network benefits from high-quality network monitoring. A network failure can cause immense damage both financially and for the company's image. In order to carry out the monitoring tasks from a central point, remote monitoring uses the network to transmit the required information to central network management control centers. With the help of monitoring, faulty components or problems with the transmission of data can be identified. In the event of a fault or failure of network components, operators or administrators are informed by alarm, e-mail or SMS messages. While intrusion detection and intrusion prevention systems (IDS and IPS) detect and fend off external threats to the network, network monitoring takes care of hardware and software problems on network components and servers as well as overloads and connection interruptions. For example, the status of a web server can be monitored by actively sending HTTP requests to it at regular intervals . If responses do not arrive in the expected form or time, this indicates a problem in the network or on the server. Measurements of run trip delays, data rates and end-to-end transmission times are also essential functions of network monitoring. They ensure that the quality of service specifications to be provided by the network are adhered to.
The various methods and operating principles of network management
Depending on the observation period, a distinction can be made between historical monitoring and real-time monitoring. Historical monitoring provides past measured values. long-term observation of the network. This data can be used to determine expected developments and trends in the network and to carry out long-term capacity planning. Systematic problems in the network, for example due to the commissioning of new lines, hardware or software updates, can also be analyzed with historical monitoring. An administrator or network planner can act proactively with the data provided by historical monitoring. With real time monitoring, on the other hand, the administrator is reactive. Network monitoring collects the data for monitoring the network and its services in real time and transmits it directly to the network management. If irregularities arise, the administrator can react immediately. In the best case scenario, problems or malfunctions can be rectified before they are noticed by the user. With end-to-end monitoring, network services can be monitored from a user or end customer perspective. If, for example, the availability and functionality of an online shop is to be monitored, the monitoring systems carry out test transactions (test purchases) at regular intervals. Deviations from normal behavior are recognized by monitoring response times and indicate problems in the network or on the server. In the event of a fault, further monitoring and analysis methods are used to precisely distinguish between network and server problems.
Simple Network Management Protocol
The SNMP protocol (Simple Network Management Protocol) of the IETF (Internet Engineering Task Force) exists especially for the monitoring of network components and their control. Network devices report their status to an SNMP receiver at regular intervals using SNMP traps. If these status messages are missing, the receiver generates specific alarms. SNMP also offers the option of calling up specific information using SNMP requests or actively setting parameters in a network device. To use SNMP for network management and monitoring, so-called SNMP agents must be activated or installed on the network components. On Windows systems, WMI (Windows Management Instrumentation) is usually used to monitor network functions. Compared to SNMP, WMI offers greater flexibility. Virtual machine monitoring is mostly based on additional agent software such as Hyperic. Hyperic can be used for cloud monitoring and the monitoring of virtualized network structures.
Which factors can network monitoring capture?
Network monitoring can capture numerous factors and parameters of a network. This includes the status of lines and virtual links, the topography and routing in the network as well as the transmission properties for individual protocols such as HTTP, FTP, POP3 , IMAP , DNS, SIP, SSH, TCP and UDP. There are also transmission times, delays, jitter and error rates. The utilization of network components or lines is also recorded by the monitoring. Alarms and status reports from network components and devices connected to the network complete the information recorded.
Cloud monitoring vs. On-premises monitoring
On-premises monitoring provides all devices and functions that are required for monitoring directly in your own network infrastructure. This offers maximum flexibility and control over the monitoring, but requires personnel and financial expenditure for the installation, configuration and operation of the monitoring system. High security requirements for the protection of data can be met through on-premises monitoring. Cloud monitoring delivers network monitoring as a service from the Internet. It can be set up quickly and easily and can be expanded flexibly. In the network to be monitored, only the software agents required for cloud monitoring need to be provided on the individual components. Additional hardware or software resources are not required for monitoring and are provided by the cloud provider. Remote monitoring of your own network is basically possible from any location. If the network connection to the cloud service fails, however, current network monitoring is not available.
We have discussed all aspects of network monitoring and how it functions in an IT environment. You can check out this article for choosing a reliable network management software. And also you can look at the risks involved in network monitoring here. We hope you have learned what network monitoring is and have a good grasp of why it is an important feature. We also wish you learned the more technical with ease. Follow the blog for weekly network monitoring / management articles.