This post is also available in: Spanish
Some of the features about Network Monitoring System that you must know: Characteristics required for a Good Network Monitor System
For any company networks are now a fact of life. They are one of the most important elements of your business so a network monitoring system able to oversee and provide feedback on your network is absolutely imperative. If the network goes down for whatever reason your data won’t be transmitted and your company won’t be offering any service to its clients, your SLAs will suffer, your brand will be tarnished, and your customer complaints lines will be red hot with incoming grievances.
For all these reasons and more, a monitoring system can make all the difference to your business. The main objective of any systems administrator is to ensure that the network is in tip-top shape, performing as required, 100% of the time. Choosing the right tool for the job is going to help you detect problems before they provoke a general network collapse or at least some serious downtime.
To be clear about terms, we should first distinguish between network monitoring and network management. Monitoring is what allows you to analyze and get feedback on your network’s status. Network management, on the other hand, goes further, as it not only allows you to manage your systems but also to take actions to alleviate network problems and provide global oversight of all your systems.
In this article we’re going to take a look at carrying out some basic network monitoring, and go on to look at the principal characteristics that any network monitoring system should have.
Basic Network Monitoring
Network monitoring 101, where syslog messages and bandwidth control are fundamental.
What are syslog messages?
Syslog messages are generated by communication hardware and are sent to a central server where they are saved. Once on the server they can be easily monitored, analyses can be performed and alarms configured. For example, a syslog server can collect all failed login attempts and launch an alarm when more than ten failed attempts have been made in one minute, warning you that that something is wrong and needs to be fixed.
Windows Syslog. Used on Windows operating systems http://windowssyslog.codeplex.com/releases/view/617649
Tftpd32. For Windows systems. In addition to a syslog server it has DHCP, FTP, DNS and TFTP servers
Visual Syslog Server. For Windows systems. http://maxbelkov.github.io/visualsyslog/
Syslog Server. For Linux and Windows
What is bandwidth?
Bandwidth refers to the quantity of information that passes through a network link during a specific time period, regardless of whether the data is passing through a physical connection or via Wi-Fi. The information is measured in bits/second and being able to measure the flow of data correctly is what tells you how busy your network is.
When a network is at 90% of its bandwidth it will start to have a knock-on effect on systems that are on the network. Using monitoring software it is possible to get accurate feedback on the status of your bandwidth, and whether it is saturated and why.
Tools for bandwidth measuring
Bandwidthd: Valid for Linux and Windows. http://bandwidthd.sourceforge.net/
Band WIdth Monitor NG. Beta. To measure network traffic and analyze protocols such as TCP, http, UPD, etc. http://sourceforge.net/projects/bwmng/
These two tools, correctly configured, give you the basics on your network’s health and allow you to configure and trigger alarms, as well as record and measure network activity, but do not let you manage the network. For that you will need a platform you can configure to take action when specific parameters are met or thresholds passed. This is the next step for network management.
Advanced network monitoring
What to keep in mind when choosing network monitoring software
- Alert notifications.
- External server integration.
- Utility and proper representation of data on your panels.
- Flexibility to adapt to specific tools or software.
- Access to API from external systems.
- Automated device detection.
- Database integration.
- Support for the greatest number of data acquisition protocols possible.
- Virtual machine integration.
- Hardware integration.
- Remote control.
- Hardware and Software inventory.
- Cloud monitoring.
When it comes to alerting users and administrators about network incidents it’s always best to have as many options at your disposal as possible. Just as important as the speed of delivery is the message’s format and compatibility. Firstly, messages have to be legible (HTML) and deliverable to smartphones, tablets, PCs, even wearables like your smartwatch or relics from the past like the dumbphone you use on Saturday night because you don’t want your iPhone to get trashed. They also need to be compatible with as many messaging formats as possible; WhatsApp, Telegram, email, SMS, push, etc
Integration with external systems.
Apart from bandwidth and network link status, a monitoring system needs to be able to monitor different servers: email, web or CRM application servers, among many others, allowing you to get statistics on your datacenters vital signs.
Visualizing data on the control panel
A picture tells a thousand words, they say and visual information is easier to understand than reams of paper covered in digits, which is why it is a no-brainer to present the information in as visual a way as possible. Your control panels should be configurable and customizable. They should allow the user to define roles, and access by role, because your CTO and your CFO need different information, even though it comes from the same source.
Flexibility to adapt to specific tools or software
It’s so important that your monitoring system can adapt to different environments and technologies that we wrote it in green. Not only must it adapt to the communication protocols already mentioned, but it must also be able to adapt to applications not found on every installation. If you think of something like a piece of business intelligence software created in-house, it is of maximum importance that your monitoring system is able to detect and monitor it.
Accessing APIs from external systems
Nowadays your applications are communicating among themselves. In order for an application to share its information with your monitoring system and with other applications its data and operations need to be accessible, via API. Bear in mind that the applications are usually located on different networks, so the API has to have broad compatibility (REST protocol, using libraries imported during software compiling, etc.).
Automated device detection
The monitoring tool you use should be able to automatically detect all the different elements and components that make up the network in order to save you time and give you information on how they are being used, their status, etc.
In a previous article we saw how important databases are in the IT infrastructure so your monitoring solution needs to be able to integrate your database into the monitored park.
Devices are proliferating as more and more appliances become Internet-enabled, including tablets, TVs, smart watches and even fridges! So why not demand that the software that is going to monitor your network be accessible from any of them (except the fridge, for the time being)?
The key to handling growth in your organization is to ensure your monitoring solution is designed to scale and handle larger and more complex machines and applications, etc. Take a look at the software that you are currently running and ask yourself how it will run if your system scales up and your datacenter expands.
Does it support the widest range of data acquisition protocols?
You want to collect as much data about your network as possible so your system needs to capture messages from network protocols such as Netflow, sFlow, jFlow, etc.
Information is the currency of the digital age, and if you store sensitive information on your network you will be thinking about security. Monitoring tools need tight security regarding third party passwords, for example (most security breaches are due to human error, or negligence, rather than complicated hacks). Solutions should include encryption, double access protocols, etc.
Networks are not only cables and nodes, but are fundamentally composed of machines and applications, so don’t underestimate your hardware. You don’t have to dig down to layer 1 nuts and bolts (but if you can, so much the better!), but monitoring temperature, disc space, or memory are all essential elements of good monitoring practice.
A nice extra for any monitoring platform to include is the ability to remotely operate another PC, to intervene, troubleshoot, fix a problem, whatever.
Hardware and software inventory
Related to point number six, network discovery, but this time referring specifically to hardware and software. No one wants to waste time manually checking for new devices; your monitoring tool should be able to run those checks by itself, discover new hardware and software and give feedback on the status and location of each new element, plus inventorize them.
The most important data to be inventorized are:
- OS, IP, bios, memeory, CPU and drivers
- Installed programs, patches and versions.
Networks occupy physical, as much as cyber, space and it is essential to locate components of your network in case you need to physically access them, if they fail, need replacing, if they are offsite or even mobile, keeping track of your IT assets is never not a good idea.
Say it loud, I’m Cloud and I’m proud! No one is afraid of the Cloud anymore, and more servers and applications are migrating there, taking advantage of the services offered by Amazon, and other hosting companies, not only to store gargantuan, incomprehensible amounts of data, but also to run services and applications. Your monitoring tool should most definitely be able to monitor any applications you have running on the Cloud.
A network monitoring tool is much more than a silent watchman, endlessly pinging devices and doing general plumbing and troubleshooting. In fact, they are an integral part of any business strategy, allowing you to use your resources – both human and technological – in a more effective way, reducing costs and times in many areas. Unsurprisingly, we recommend our own product, Pandora FMS, a monitoring tool designed for maximum flexibility and customizability that covers all the above requirements and many more, including UX, transaction monitoring and IOT monitoring.
Have we forgotten anything? Let us know if there is any item missing from our list, or if you have experience using Pandora FMS to monitor any of the above areas.