Remote network monitoring is not that different from regular network monitoring. You either monitor network traffic on a remote device running the monitoring program, or you can use tools to monitor network traffic. Devices on your network are constantly sending traffic back and forth to connect to other devices and access online services. The traffic exchanged between devices says a lot about your network. By monitoring network traffic, you can identify cyberattacks and network events that are affecting the stability of your connection. This article describes how to monitor remote network traffic.
Why do I need to monitor network traffic?
Monitoring network traffic is important to monitor the performance of your network and connected devices. Everyday devices and applications use network traffic to operate, and it is important to ensure that network resources are evenly distributed to support all of these services.
For example, if you have an application that is consuming excessive bandwidth, other services will suffer from latency and interruptions. By monitoring network traffic, you can determine which application is causing the problem and get the connection back to normal.
If the check box is not selected, bandwidth bottlenecks can take away network resources from other devices. In other words, regularly monitoring traffic is critical to ensuring that network performance is kept up to date.
Use the router to monitor traffic
When monitoring network traffic, you can choose to monitor directly through the router or with a third-party network monitoring tool. This section explains how to use a router to monitor network traffic. Before we begin, it should be noted that the process will vary depending on the make and model of your router. That being said, there are a number of similarities between providers:
- If you want to use your router to monitor network traffic, you must first find out your router's local IP address. If you haven't changed the IP address, it is likely **192.168.1.1. **
- In Windows, if you don't know the IP address, open a command prompt and type the following command:
C: \ Users \ Comparitech> ip config
You can find your IP address next to Default Gateway , which looks something like this:
Standard gateway. . . . . . . . . . . . . . . . : 192.168.1.6
- After getting the IP address, open your web browser and enter the IP address in the search bar. Now press Enter .
- A page will appear asking you to enter your router's administrator username and password . If you have not configured a unique username and password, refer to the router's documentation for the default credentials. (You can also search online for information about a manufacturer's factory settings.)
- Once logged in, you can interact with the router's interface. The performance data you can view at this point depends on the manufacturer who created it. Look for a device list or status section (some modern routers have bandwidth monitoring sections).
- Once you've found an area that shows network traffic, you can see which devices are using the most bandwidth. If you can't find this information or if you don't have enough detail, you'll need to use a network monitoring tool instead.
Monitoring network traffic with a packet sniffer (Wireshark)
Monitoring networktraffic with a network monitoring tool is the best way because you have a number of monitoring options. Wireshark is one of the most popular WLAN analyzers or packet sniffers in the world. Many companies use this tool to monitor their network traffic.
Wireshark is widely used because it is free and it can reliably monitor network performance. This section explains how you can use Wireshark to monitor your network.
Before we start, you need to download and install the program from this link here. During the installation process, make sure that you install WinPcap when prompted, you can capture live network traffic.
After installing the program, it is time to configure your monitoring settings.
As soon as you start Wireshark, click under Acquisition.You will see various connection types: Bluetooth network connection, Ethernet, VirtualBox host-only network and Wi-Fi.
- The first thing you just have to do is choose what type of network you want to monitor. WiFi is used in this example (use the Shift or Ctrl keys to select multiple networks).
- Press the capture button at the top of the screen.
- Once the drop-down menu appears, press Start to begin packet capture (or double-click on the network you want to capture data from).
- To stop recording, click the red Stop button next to the Shark Fins on the toolbar.
Read packet data in Wireshark
Now that you've captured packages in Wireshark, it's time to review them. In Wireshark, the data from captured packets is divided into three different sections. Each of these sections contains different information about how to monitor network traffic. These sections are:
- Package List - Located below the search bar. Displays the number, time, source destination, log, and information of the logs collected. The package list contains the most important information that you need during monitoring.
- Package Details - Located under the Package List Area . Displays the logs within the selected package. You can click the arrow next to the package details to view more information.
- Packet Bytes - Located at the bottom of the screen under the Packet Details field. Displays the internal data of the packet in hexadecimal format.
These are the three areas to look out for when monitoring packet captures. It is important to note that Wireshark uses color coding to aid the user in distinguishing between detected package types. To find out which color denotes which package, click View > Painting Rules . You can create new rules by pressing the + or delete rules using the - key.
Using filters in Wireshark
When you collect data in Wireshark, you must configure a collection filter to limit the information you collect. To filter packets on Wireshark, click the Filter box below the toolbar and type in TCP ( or any other protocol you want to filter on). The TCP search criteria ensure that only packets that use the TCP protocol are recorded. You can also use the Bookmarks icon to the left of the input field to activate other popular filters.
You can also apply filters to filter data that has already been recorded. These are called Show Filters .
The top three tools and software to monitor remote network traffic*
While Wireshark is a good tool, it doesn't offer the variety of features or the refined user experience that many other proprietary tools offer. This section introduces the three main alternative tools for monitoring network traffic:
1. SolarWinds NetFlow Traffic Analyzer (FREE TRIAL)
SolarWinds NetFlow Traffic Analyzer is an infrastructure monitoring tool used to monitor network traffic for a wide variety of software providers. The program provides bandwidth and performance monitoring that can be managed through the performance analysis dashboard . The performance analysis dashboard allows the user to drag and drop performance metrics onto a timeline that shows general trends in network data on the network.
SolarWinds NetFlow Traffic Analyzer uses NetFlow , J-Flow , sFlow , NetStream , IPFIX , and SNMP to monitor your network. For bandwidth monitoring, the platform can identify applications or devices that are overloading the bandwidth. All of this information can be viewed through the dashboard. You can view pie charts from top 10 applications and NetFlow sources .
If you're looking for a detailed but accessible bandwidth monitoring feature , SolarWinds NetFlow Traffic Analyzer is a great Wireshark alternative. The software starts at $ 1,945. There is also a 30 day free trial version that you can download.
Download SolarWinds NetFlow Traffic Analyzer 30-Day FREE Trial
2. Paessler PRTG Network Monitor (FREE TRIAL VERSION)
Paessler PRTG Network Monitor is another network monitoring tool that can be used to monitor data traffic. PRTG Network Monitor Uses SNMP , NetFlow , sFlow , and jFlow to monitor network performance . This tool allows the user to measure the bandwidth consumption of devices on the network to ensure that no device is using too many resources.
The SNMP traffic sensor comes pre-configured to show traffic data, traffic in , traffic out , and traffic overall . These can be expanded: Error in and out , discards in and out , unicast packets in and out , non-unicast packets in and out , multicast packets in and out , packets in and out , and unknown protocols . You can choose between live data and historical data over a period of your choice.
PRTG Network Monitor is free for fewer than 100 sensors. If you want more, you'll need to purchase an upgrade. Paid versions of PRTG Network Monitor start at USD 1,600 for 500 sensors and one server installation and up to USD 60,000 for unlimited sensors and five server installations. There is a 30 day free trial .
3. ManageEngine NetFlow Analyzer
ManageEngine NetFlow Analyzer is a bandwidth monitor that analyzes network traffic in real time . The software supports flow data in the form of NetFlow , sFlow , IPFIX , Netstream , jFlow , and AppFlow . All of this information can be viewed through the dashboard. This gives you a complete picture of network performance. For example, you can display pie charts for the most important applications and protocols on the network.
To monitor changes in your environment, ManageEngine NetFlow Analyzer has threshold-based alerting . You can configure your own thresholds to decide which activity will trigger an alert. For example, you can set a bandwidth usage threshold and specify how often the usage can be exceeded before an alert is forwarded.
ManageEngine NetFlow Analyzer is available for Windows and Linux and is available as an Essential or Enterprise version. The Essential version costs $ 595 (£ 477) with 10 licenses for interfaces and support for up to 50,000 flows.
Monitor remote network traffic with a network monitor
While there are tons of ways to monitor remote network traffic, we recommend that you download a network monitoring tool for the best results. Even the best routers can only give you so much information. By using a special network monitoring solution, you will get much better visibility.
Tools like Wireshark , SolarWinds NetFlow Traffic Analyzer , PRTG Network Monitor , and ManageEngine NetFlow Analyzer are all ideal for monitoring network traffic in today's business.