What is network monitoring?
Network monitoring is the process of regularly checking on systems, applications, services and devices (or having them check in) to ensure they are healthy, productive and error-free. Quality network monitoring techniques and products can alert you when systems or resources have failed or are in a partial state of failure, as well as predict and warn against upcoming IT catastrophes.
Network monitoring doesn’t just help you plan for or prevent outages, it’s also a veritable Swiss Army Knife of functionality. The benefits of network monitoring may include:
- Gathering detailed data over time to measure and maintain system health and analyze historical performance trends to get the most out of your investments in systems and resources.
- Indicating that one out of two redundant “active/active” systems is taking the brunt of the processing work, hinting that the redundancy configuration may need adjustment.
- Informing you how much bandwidth switches and routers are consuming to alert you that perhaps another device needs to be brought into service alongside them.
- Telling you if a certain soon-to-be-retired system is being accessed or used, helping to pave the way for either its retirement or replacement if still needed.
- Showing you peak times in which critical systems are most heavily or least often accessed, helping you formulate maintenance windows for planned downtime to conduct repair or replacement work.
These business benefits of using network monitoring software can pay big dividends. For instance, network performance monitoring tools can help you ensure services and resources are available, rapidly address problems or outages, identify where to allocate further investments and most importantly, achieve the maximum possible uptime and subsequent user and customer satisfaction.
Without network monitoring software in place, businesses might pay more in financial losses and downtime, not to mention jeopardizing their company reputation, than investment in such products might have entailed.
What are network monitoring techniques?
Network monitoring techniques involve client/server scenarios where a dedicated, centralized system (or set of systems) serves as a sort of beacon to assess device health and performance. Often the target systems or devices run a client application, which then communicates with the monitoring server to report on health and status. The monitoring server collects the data for alerting and trend analysis and is configured to notify individuals or groups which problems or events occur, such as through email, SMS or some other means.
SEE: Hiring kit: Network administrator (TechRepublic Premium)
Network protocols such as simple network management protocol and internet control message protocol are often used to communicate these details. For instance, clients might transmit data via SNMP and servers might use ICMP to ping clients and send out email alerts via simple mail transport protocol or text alerts via SMS when ping attempts fail, as this can indicate a network or system failure.
Advanced network monitoring features such as auto-scanning of network subnets to detect new devices and add them into the monitoring dashboard, setting “maintenance windows” for devices so they will not be monitoring during planned outages (and therefore avoiding unnecessary alerts) and reporting mechanisms to provide data on single or multiple hosts are often commonplace and add to the efficacy of these products.
What is network monitoring software?
Network monitoring software involves products that perform an array of the functions described above. It can be open source or paid software and in either scenario is often tailored to meet the specific needs of the organization, from most critical to least critical. This software must be run on systems that are redundant and included in their monitoring spectrums to ensure they remain stable and functional.
Best network monitoring software
The first three products showcased here are open source, which means not only free but fully customizable. This can be both a blessing and a challenge, as the learning curve is sometimes steeper with open source products, and support options might be less common. Some vendors also offer paid options with more robust features and support offerings. I’ve worked first-hand with each of these three open source products.
Cacti was the first open source network monitoring software I worked with, and its primary focus was monitoring and performance management. Thanks to additional plugins, it can track faults, create logs, discover devices, map networks, collect and display network data and back up router configurations. However, Cacti is pretty much a “starter” network monitoring tool.
Cacti uses device templates largely based on the SNMP protocol (many common templates, such as for Cisco routers, Linux servers and other operating systems, can be found online), which then are associated with the devices to be monitored. Autodiscovery allows you to automatically add hosts by scanning network subnets for new clients.
I recommend Cacti for small businesses with basic environments and needs. Not to denigrate the product, but I feel Cacti is best suited as a learning environment to get familiar with the simple core aspects of network monitoring software.
Nagios is fundamentally the industry standard for open source network monitoring. It can cover all your typical bases by monitoring servers, applications, services, logs, databases, hardware, virtual environments and network devices.
All operating systems are supported along with both agent-based (e.g., local clients) and agentless monitoring. Security monitoring is also included with intrusion detection, website content checking and firewall analysis, and alerting/reporting components are robust. Autodiscovery allows you to automatically add hosts by scanning network subnets for new clients.
I can attest to the feasibility and ease of use of Nagios, though it’s important to be aware that the dashboard is used for reporting and actual configuration is done through text files and to access graphs you must utilize a plugin called NagVis.
We configured it to alert our rotating on-call staff member of any critical issues, while also receiving standard email alerts for warnings or informational notifications. It also worked well interfacing with our help desk ticketing system to automatically open tickets for support personnel in the event of outages.
I recommend Nagios for small to midsize businesses without complex environments or needs.
Zabbix offers the same feature set as Nagios in terms of functions and monitoring capabilities (autodiscovery being a noteworthy inclusion), and it adds more powerful capabilities, such as a dashboard that can be used to directly customize monitoring options. You can customize and escalate your alerts with Zabbix to provide more information on what is occurring and notify a sequence of on-call personnel if the first attempt to reach a technician goes unanswered. (Zabbix requires you to acknowledge problems in order to halt the escalation process.)
Zabbix is a template-based product that can easily apply a basic set of monitoring/alerting options across a broad array of systems, for instance to notify personnel if a host is not pingable, has excessive resource consumption, is experiencing disk space issues or other typical problems.
The issue I found with Zabbix is that it can be tricky to set individual monitoring options for just one host or a small subset of hosts. If your monitoring needs are standard across the board, you’ll find Zabbix fairly easy to administer once you get the essentials in place, but for complex settings it would be best to rely on their support community, even if it means paying for the service. This is a clear-cut case of time being worth more than money, so for unique setups my advice is to rely on the experts and save time spent spinning your wheels searching for customizable options.
I recommend Zabbix for large businesses with complex environments and needs.
WhatsUp was the first paid network monitoring software I worked with at a small shop with about 20 servers and 100 workstations. WhatsUp’s strengths lie in monitoring devices and applications, handling configuration backups and restores, and measuring network traffic, as well as mapping network layouts (some features are available only in the advanced offering).
Since I worked with the product, Progress added cloud monitoring capabilities to WhatsUp, although it’s important to note the server component runs on Windows and must be an on-premises system.
Progress offers a WhatsUp Gold product comparison page to determine pricing via a requested quote.
The standard WhatsUp Gold offering is the Premium edition, and it can be either subscription-based or perpetual and includes device/server monitoring, discovery, maps, availability and performance charting, alerts/notifications, custom dashboards/reporting, and wireless network, cloud and storage monitoring.
The advanced WhatsUp Gold offering is the Total Plus edition, and it is perpetually based and includes the above features, adding network traffic analysis, application/virtualization monitoring, configuration and log management and scalability pollers.
I recommend WhatsUp Gold for any size business, as it includes a diverse array of features that can meet all needs.
SolarWinds is something of a unique entry in this roundup, in that its monitoring focus is exceptionally geared toward networks and network devices. SolarWinds Network Performance Monitor can handle host monitoring and performance, but it’s really an advanced tool for multiple complex network layouts with a vast and diverse array of apps.
SolarWinds offers network traffic analysis and optimization, discovery, mapping, latency testing, alerts and reporting, packet capturing and sniffing and Wi-Fi analysis. Comprehensive network performance monitoring is really the bread-and-butter component of this product.
SolarWinds Network Performance Monitor works for on-premises, hybrid and cloud environments.
I recommend SolarWinds Network Performance Monitor for large businesses with complex network environments and needs.
Pricing for SolarWinds Network Performance Monitor is based on “elements monitored” (e.g., the item, service or process you want to track), and each package includes one year of support and maintenance.
ManageEngine is a powerful platform that provides all of the common monitoring aspects discussed previously, including host and network analysis, discovery, alerting, performance trends and mapping. It also features VoIP monitoring to analyze VoIP call quality to help streamline communications performance, Hyper-V, Citrix XenServer and Data Center environment monitoring.
The standard edition includes the basics, such as discovery, generic monitoring, custom dashboards and notifications. The professional and enterprise editions add application-specific monitoring, such as for Active Directory, Exchange and SQL, as well as more authentication options, reports and troubleshooting tools.
Pricing varies depending on the desired features, with the standard edition costing $245 for 10 devices, the professional edition $345 for 10 devices and the enterprise edition $11,545 for 250 devices.
The full list of pricing options and associated features can be found here.
I recommend ManageEngine for large businesses with complex environments and needs.
Datadog seems a bit fun and quirky at first glance, and yet it’s a serious powerhouse with a plethora of options. Aside from the common monitoring aspects, including host and network analysis, discovery, alerting, performance trends and mapping, it includes container monitoring, a cloud workload security platform, incident management, user monitoring/session replay to establish trends and improve customer experiences, API integration as well as integration with Kubernetes, Oracle, Google Cloud, AWS, Azure and much more. The full integration list can be found here.
Pricing is easy: The product is free for up to five hosts with basic “core collection and visualization features.” The pro version is $15 per host per month and adds “monitoring of systems, services and serverless functions.” The enterprise edition costs $23 per month and adds “advanced features and administrative controls,” such as machine learning-based alerts.
I recommend Datadog for any size business, but due to the breadth of diverse options the product offers I think it would be best suited for companies utilizing complex and highly technical, elaborate processes rich in dependencies.
Last but not least, Paessler’s PRTG Network Monitor gets the job done with the standard features and the inherent ability to monitor all aspects of your infrastructure, including IoT devices, cloud services, Active Directory, SharePoint, Citrix, email servers, Hyper-V, IIS, VMWare, FTP, VPN, VoIP, Windows and Linux operating systems, databases, storage area networks, data center environments, backup processes — everything, including the proverbial kitchen sink. I find this to have the most potential options of any product reviewed here.
A couple of unique features: RTG remote probes can monitor networks in multiple locations and unlimited probes are included in the license. Additionally, a monitoring server cluster failover solution, which is included in the license, can help protect your monitoring environment by maximizing uptime.
Pricing is fairly straightforward, based on “aspects of your devices in your network,” which boils down to the specific details you want to monitor.
|Average hosts covered
I recommend Paessler PRTG Network Monitor for any size business, as it includes a diverse array of features that can meet all needs.
How to choose the right networking monitoring software for your business
Network monitoring software selections will likely depend on the company size, industry, function, business requirements and so forth. I highly recommend first establishing the systems, applications, services and other elements worthy of monitoring/collecting data for, as well as the severity/criticality levels for each to determine which issues should be considered urgent, which are less critical, and which have the least level of significance.
Determine what constitutes a successful implementation; is it a focus on multi-party alerting for catastrophic events, the ability to graph performance data and determine scalability needs, assistance with troubleshooting issues or some other factor?
SEE: 5 programming languages network architects should learn (free PDF) (TechRepublic)
All of the above network performance monitoring products have strong features and capabilities, and they are either free or offer a free trial. Establish a proof of concept for the two or three options that appeal the most to try them out, see how they handle the circumstances involving your environment (start by utilizing test systems you can manipulate as needed to analyze the monitoring results), and which one fares the best for you.
Once the network monitoring software is implemented, make sure your monitoring environment is sufficiently redundant such that it can monitor itself and examine operational trends to identify what works well and what needs improvement, then engage support where applicable to remediate any gaps in the product.