Documents  
Survey of Network Monitoring Tools   
Here's a survey of monitoring tools and techniques to help keep your network healthy. It includes a discussion of operating system tools and third-party products.
Author:
Marr Madden
Date Posted:
4/26/04
@Copyright 2003 - The Bill & Melinda Gates Foundation

What is network monitoring and how can it help me?

There are tools, both freeware and not, which you can install on your network to monitor the health of your connections, servers and services. These tools can be classified by the services they provide.

  • Reachability. Check for live hosts at predetermined intervals.

  • Bandwidth utilization. Determine your bandwidth and data transfer rates.

  • Host performance. Monitor services, applications and ports on devices.

  • Traffic analysis. Determine protocols running on the network.

How does network monitoring work?

There are two network monitoring models, and the lines between the two can be blurry; some client/server apps use SNMP.

  • Client/Server. The server can poll a device running client software or receive information from the client at predetermined intervals. The server may still collect some data from non-software enabled clients, but it won't be as complete. The software-enabled clients are often called agents.

  • SNMP. Simple Network Monitoring Protocol enabled devices can send information to a monitoring application, or the app can poll the device for SNMP information. Most hardware vendors have SNMP MIB's (Management Information Base) extensions that can be enabled on network devices like routers, printers, hosts and servers. SNMP enabled devices can require passwords before any information will be released. There are two techniques for relaying information: (1) polling - the management station queries the device; this is preferred because error conditions are more quickly detected, and (2) traps - the device sends information, which may not make it back to the management station if the connection is down.

What a good monitoring program should do

There are user-configurable aspects of network monitoring, and several aspects that all good applications should cover.

  • The program should map the network.

  • Users should be able to set alerts and logging preferences.

  • Users should be able to determine baseline activity levels and polling preferences

  • Users should be able to set threshold levels before monitoring application responds

  • The program should monitor and graph results. More advanced programs will monitor in real-time and present historical graphs.

How does the monitoring application respond to threshold levels being reached?

There are many ways an application can respond when certain events occur, or upon reaching threshold levels.

  • Send email

  • Send an SMS mobile phone message

  • Generate a screen pop-up

  • Run a script (for example, to shut down a service)

  • Create a telephone page

Other monitoring options

Server monitoring with OS tools already installed

While not network monitoring per se, most operating systems have monitoring tools already installed which have networking aspects. Machines running Windows have Event Viewer to monitor application, system and security logs. This displays errors, warnings, information, success audits and audit failures. Another useful tool is Performance Logs and Alerts, which allows you to monitor system, service and application data. Depending on the application or hardware installed, you can monitor several aspects of its performance. Some examples are:

  • Network interface

  • HTTP, FTP and ASP pages

  • Redirector

  • RAS port

  • TCP and ICMP

  • IP datagrams and fragments

  • Processes

  • Processor

These tools run on local machines but can be accessed by using a remote control application like pcAnywhere, or VNC, or by setting up remote sessions thru Windows.

Network monitoring applications

There are hundreds of network monitoring applications, some costing thousands of dollars. Listed below are several open source solutions with good track records and installation instructions. Most applications now have Windows and Unix/Linux downloads.

ntop - http://sourceforge.net/projects/ntop/

Big Brother - http://bb4.com/

Mrtg - http://people.ee.ethz.ch/~oetiker/webtools/mrtg/

Nagios - http://www.nagios.org

Network Probe - http://www.objectplanet.com/Probe/

A list of tools can be found here: (though some of them are outdated): http://www.cotse.com/tools/netman.htm

This site also lists network management software package and allows you to sort for commercial or freely available software:

http://www.simpleweb.org/software/

Contribute to this topic
Do you have an article, presentation, or other content to share on this topic?
You can post it on this topic page. Find out more about submitting documents in the Member Center.
Ratings You must be signed in to rate this item
Average (0 Votes)
Comments