Network monitoring is a set of automatic processes that help to detect the status of each element of your network infrastructure.

We are talking about routers, switches, access points, specific servers, intermediate network elements, and other related systems or applications (such as web servers, web applications, or database servers).In other words, network monitoring can be understood as taking a look at all the connected elements that are relevant to you or your organization.

What is a network monitoring system?

A network monitoring system is that set of software tools that allows you to program those automatic polls.

That way you may constantly monitor your network infrastructure, doing systematic tests so that, if they find a problem, they notify you.

These systems makes monitoring the network easy, as they also allow you to see all the information in dashboards, generate reports on demand, see alerts and, of course, see graphs with the monitoring data relevant to you.

How does network monitoring work?

Network monitoring can be as simple as seeing devices respond to a simple command like ping. So you will see whether they are connected, switched on and “alive”.

If you do that every five minutes, you’ll be actively monitoring those machines.

We don’t care if they’re servers or routers. We’ll know that, at least, they’re there and they’re responding. When one stops responding, you’ll know something happened to it.

It can also be as basic as periodically interrogating a router for the number of bytes it has transferred, both up and down.

With that you may create network traffic graphs.

We could even add more data to it, like the number of lost packets, latency times…

These data can be combined in graphs that visually compare some values with others and even set thresholds that warn you whether a data exceeds a certain value, for example, if packet loss exceeds 10%.

If you apply that same philosophy to monitoring other data, such as the temperature in a power supply, the process will be the same: obtain the data every X time, draw it on a graph and set thresholds to generate alerts.

This is network monitoring and, as it is evident, it can be easily extended to server, application or database monitoring.

Usually network monitoring is done using remote methods, so that from one place, you may scan the network and get information from your devices.

What is a network monitoring protocol?

In order to perform these network surveys, you need what are known as network monitoring protocols. They define how communication inside a network (in order to monitor systems and devices) can be done.

There are several different monitoring protocols that allow these types of surveys to be carried out.

1. SNMP Protocol

The best known monitoring protocol is SNMP (Simple Network Management Protocol) which allows you to probe a computer and ask for different values. For example, the number of bytes you have transmitted or the temperature of your power supply.

These values are identified by a numeric code, called an OID.

For example, the OID for obtaining the temperature of a power supply on a CISCO computer is as follows:

2. ICMP Protocol

Another basic protocol is the ICMP, which allows to know whether the machine responds (commonly known as “pinging” or ping test).

This protocol can also be used to calculate latency times (find out how long it takes for a packet to arrive from one machine to another).

Certain network applications, such as IMAP, DNS or SMTP have their specific ports and finding out whether a service is working properly is directly related to protocol design, so more complex testing is needed.

Generally any service that is offered over the network exposes a TCP port, so monitoring that those ports are active and responsive can already be basic monitoring.

Network Monitor Basics

We could say that, in addition to the aforementioned pings, there are three methods for monitoring a network.

1. Bandwidth Monitoring

Network bandwidth is the amount of information that circulates through a network link at any given time.

This information is usually measured in bits per second and allows you to know how overloaded or underutilized your networks are.

In order to measure it, there are several tools that analyze the network bandwidth, the communication protocols used, and so on.

2. TRAP Monitoring

TRAPS are urgent notices that circulate through the network, thanks to a protocol that allows it and an emitter/collector that generates and/or collects them.

Virtually all network devices allow these urgent warnings to be sent to a trap collector.Be careful! The SNMP survey should not be mistaken with the SNMP traps.

The first is a server that asks the device regularly, using SNMP, and in the second case, it is the device that occasionally, when something happens, sends a trap to the server. Both devices can be seen as network monitors, as they perform monitoring tasks using network monitoring protocols.

3. Syslog monitoring

Another method used is log or report collection (usually via syslog).

For this, as with the traps, you must set in motion a syslog collection server that will collect logs from all the devices that you configured for this purpose.

What are the benefits of a network monitoring system?

Knowing the status of all equipment at a glance allows you to know if there are any problems and anticipate as much as possible their impact.

If something goes wrong, you’d better be the one to warn your clients or bosses, not the other way around.

If something goes wrong, in addition to knowing what went wrong, you will be able to answer questions such as:

  • Since when does it fail?
  • What other things are failing?
  • What was the normal performance?

What network monitoring tools are there?

From Pandora FMS we have done an analysis of the best network monitoring tools there are. We have compared them and here are our conclusions:

Best network monitoring tools