Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Cisco all but kills Cius tablet computer
Windows 8 Update: Steve Ballmer's 80-inch Windows 8 tablet
Gartner: Don't trust cloud provider to protect your corporate assets
Take me out to the ballgame, with 4G
Most OpenOffice users run Windows
Smartphones with quad-core chips and 4G LTE coming soon
Government alarm over cyberattacks validated by terrorists
Lawmakers call on DOJ to reopen investigation into Google Wi-Fi spying
Researchers propose TLS extension to detect rogue SSL certificates
IaaS: Renting on-demand technology
Yahoo Axis may be game changer for search and the troubled company
Android, Apple Own 80% of Global Smartphone Market; Microsoft's Share, 2.2%
Managing Mobile Mania
Proposed New York Legislation Would Ban Anonymous Online Comments
Supercomputer to connect to 400PB of storage via Ethernet
/

Reviews /

Network patrol

Today's breaking news
Send to a friendFeedback

Network monitoring and alerting tools can keep you in the network know zone. But choose wisely: The market is big, and feature sets vary widely.

By Martha Young
Network World, 08/23/99

It's tempting to throw more bandwidth or bigger boxes at a sluggish network, but it's often not prudent. A better approach is to first see if there's a way to reallocate existing resources to improve performance. To do so, you need to understand traffic patterns and device capacities. Network monitoring can get you started.

Hand in hand with long-term monitoring, you need alerting tools to act on immediate problems. Our review focuses on how well six products monitor network services and devices, alert users to system failures, and even correct some problems without user intervention (see review ).

The most effective monitoring and alerting tools are based on real-time and historical data. Real-time or near real-time monitoring provides a snapshot of current network activity and identifies device failures and potential hot spots. Historical data establishes a track record or baseline of what is normal for the network and provides the foundation for defining thresholds and balancing loads across the network.

The combination of real-time and historical data allows you to visualize the impact of changes as the network expands by users, applications and devices. Identifying increased load capacities provides tangible justification for altering a network design or adding resources.

A number of companies have developed monitoring and alerting tools - 39 vendors contributed to our online Buyer's Guide. Browse it carefully to find a product with the features you need. The right tool can quickly provide a full return on investment, while the wrong tool only adds to the stress of managing a network.

Understanding a network's "signature" is key to understanding the whole network and establishing what is normal behavior for any point in time in the monitoring cycle. A network's signature is a profile of the peaks and valleys of utilization and everything in between. It's composed of network baselining and application baselining information.

Network baselining depends on topology maps obtained from an underlying SNMP management platform. A management station imports information collected by network devices and monitoring probes to automatically create an integrated snapshot of network traffic flows, protocol distribution and application activity on a user-by-user basis. A good monitoring tool provides this information in a graphical format upon request and at predefined intervals.

Application baselining measures application response time and is performed using one of four methods: single client, multiclient, Remote Monitoring using embedded or external probes, and APIs.

It is not uncommon to exceed thresholds during system backups, software upgrades or month- and quarter-end fiscal periods. To exceed thresholds at these times does not suggest a network is in dire straits. It only illustrates the impact that certain processes and applications have on a network as a whole and allows you to plan for such peaks.

By comparing baselines at regular intervals, you can identify and act upon bandwidth creep and hot spots before they reach a critical state. This is the essence of proactive vs. reactive network management.

Alerts come into play at the next level of network monitoring, as problems escalate. Audible alerts are handy if a management console is monitored 24-7. If that's not the case at your site, you'll want to look for more flexible notification techniques, such as user-defined scripts capable of dialing a pager or cellular telephone number.

The most useful user-defined scripts can sort alerts based on the nature of the problem and immediately direct the most critical alerts to senior support staff, for example.

Many monitoring and alerting tools go even further, offering suggestions for correcting the network fault that triggered an alert.

Look for monitoring software that offers Web-based reporting with secured logon access. This saves time by providing access from any location using a common browser. Make sure the program can produce reports that correlate information from diverse sources into a meaningful presentation that will let you trace a cascade of faults to a specific segment or device; a pile of disconnected reports based on defined thresholds and service-level agreements is nearly useless.

Report formatting and distribution is another feature to review closely. Customized reports, developed with wizards, let you tailor information to different recipients. Information required by a network administrator is typically more detailed and focused than that required by the executive staff, for example. In addition, an administrator may need to see reports daily, while upper management may only need to see data on a monthly or quarterly basis. Automated report distribution via e mail or to a print file makes it easy to get the reports to the right people in the time frame and format they prefer. Such flexibility will help you get the most out of your monitoring and alerting software.

Application baselining techniques
When a user complains the network is slow, application baselining is one tool you can use to identify the root cause of delays.

Switch monitoring standard handles multiple switched segments better than RMON
Nearly half of the products we surveyed support remote monitoring (RMON), which watches traffic flow at Layer 2, the logical link layer of the OSI model in a shared-media environment.

RELATED LINKS

Young is principal of Cutting Edge Information Group, an industry analyst firm. She can be reached at martha@ceig.com.

Application baselining techniques
When a user complains the network is slow, application baselining is one tool you can use to identify the root cause of delays.

Switch monitoring standard handles multiple switched segments better than RMON
Nearly half of the products we surveyed support remote monitoring (RMON), which watches traffic flow at Layer 2, the logical link layer of the OSI model in a shared-media environment. Buyer's guide
Database of detailed specs on 46 apps. Use the search form to find the ones that best meet your criteria or compare two or more in a variety of categories.

Review
We take a detailed look at six of the tools.

Forum: Network monitoring and alerting
Discuss the topic with Travis Berkley in this online discussion.

Buyer's guide
Database of detailed specs on 42 apps. Use the search form to find the ones that best meet your criteria or compare two or more in a variety of categories.

Response to RFP
With the Tolly Group, we sent out an RFP to network monitoring vendors. Read our RFP and their responses.

User study: Raising the red flag
We interview users of these tools. See what how they put them to work.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.