Three Techniques to Help Solve the Mystery of Network Monitoring

For federal government agencies, network monitoring has evolved into something extremely important, yet unnecessarily complex. For instance, according to Gleanster Research, 62 percent of respondents use on average three separate monitoring tools to keep their networks safe and functioning properly.

It doesn’t take a famous detective to unveil the secrets behind the growing popularity of network monitoring tools. They’ve become an integral part of government agencies’ IT infrastructures, as they allow administrators to more easily track everything that’s happening on their networks – from overall network availability and performance, to device discovery, and more. All of this can be handled in real-time and with accompanying alerts, making network monitoring a must for agencies seeking to bolster their security postures.

The challenge is that there are so many options available that it may feel as though you have to don a Sherlock Holmes persona in order to unearth the right solutions to ensure your network is properly secured. But don’t put on your detective hat so fast – perhaps those solutions are simpler than once thought.

Read on, my dear IT administrator, as we break down three monitoring techniques that will help you get a handle on how effective network monitoring can solve numerous problems for your agency. These points address unexpected system crashes, slow Internet complaints, and requests for performance statistics – all threats to productivity and security that network monitoring solutions help actively address.

Slay Problems Through IP SLA

IP SLA – or short for Internet Protocol Service Level Agreements – sounds complex. But in reality its function is a simple one: ensuring the voice-over-IP (VoIP) environment is healthy. IP SLA allows IT administrators to set up certain actions to occur on a network device and have the results of that operation reported back to a remote server.

For example, the operation may include checking if a Web page or DNS server is responding, or whether a DHCP server is responding and handing out IP addresses. This is a huge asset because it uses the existing devices within the network infrastructure rather than requiring you to set up separate devices (or agents on existing PCs or servers) to run tests.

Trace the NetFlow of “Conversations”

You don’t have to put a glass to the door to hear ongoing dialogues within your network. NetFlow has the ability to capture those “conversations” for you. NetFlow data is captured by one or more routers operating near the center of the network.

Simply put, if DesktopComputer_123 is sending a file to Server_ABC via FTP, that is one conversation. The same PC browsing a webpage on the same server using HTTP is another conversation. That same PC streaming a video from YouTube (also HTTP) creates a third conversation. NetFlow operates in the middle of these conversations to collect data so that the monitoring server can then aggregate, parse, and analyze the data.

Hook Into API Monitoring

You may feel a bit like Watson trying to grasp the underlying meaning behind this process, as using a network monitoring Application Protocol Interface (API) can be the murkiest, if you will, of all of these techniques. In essence, to understand how API is used, you must realize that there are hooks built into applications that allow for data requests. Each time this type of request is received, a response is sent back to the monitoring software, giving you a better understanding of how your network is performing. Microsoft System Center Operations Manager (SCOM) is a proprietary example of a network monitoring API, while VMware’s API is published and generally available.

Make no mistake -- maintaining network security in today’s environment is more complex and crucial than ever. Having the tools in place – and understanding what tools are out there for federal government agencies – is a must.  But the good news is that these tools do exist.  And with a slight bit of detective work – and maybe a little reading up – you can quickly understand and appreciate what you can do to crack the case of network security.

By Joel Dolisy, CIO, SolarWinds