cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

3 Techniques to Help Solve the Mystery of Network Monitoring

Level 12

For government agencies, network monitoring has evolved into something extremely important, yet unnecessarily complex. For instance, according to Gleanster Research, 62 percent of respondents use on average three separate monitoring tools to keep their networks safe and functioning properly.

Network monitoring tools have become an integral part of agencies’ IT infrastructures, as they allow administrators to more easily track overall network availability and performance. All of this can be handled in real-time and with accompanying alerts, making network monitoring a must for agencies seeking to bolster their security postures.

Below, we’ll break down three monitoring techniques that will help you get a handle on how effective network monitoring can solve numerous problems for your agency.

Slay Problems through IP SLA

IP SLA – or short for Internet Protocol Service Level Agreements – sounds complex. But in reality its function is a simple one: ensuring the voice-over-IP (VoIP) environment is healthy. IP SLA allows IT administrators to set up certain actions to occur on a network device and have the results of that operation reported back to a remote server.

For example, the operation may include checking if a Web page or DNS server is responding, or whether a DHCP server is responding and handing out IP addresses. This is a huge asset because it uses the existing devices within the network infrastructure rather than requiring you to set up separate devices (or agents on existing PCs or servers) to run tests.

Trace the NetFlow of “Conversations”

NetFlow has the ability to capture network “conversations” for you. NetFlow data is captured by one or more routers operating near the center of the network.

Simply put, if DesktopComputer_123 is sending a file to Server_ABC via FTP, that is one conversation. The same PC browsing a webpage on the same server using HTTP is another conversation. NetFlow operates in the middle of these conversations to collect data so that the monitoring server can then aggregate, parse, and analyze the data.

Hook Into API Monitoring

Using a network monitoring Application Protocol Interface (API) can be the murkiest of all of the techniques we’ve discussed. In essence, to understand how API is used, you must realize that there are hooks built into applications that allow for data requests. Each time this type of request is received, a response is sent back to the monitoring software, giving you a better understanding of how your network is performing. Microsoft System Center Operations Manager (SCOM) is a proprietary example of a network monitoring API, while VMware’s API is published and generally available.

Make no mistake — maintaining network security in today’s environment is more complex and crucial than ever. Having the tools in place – and understanding what tools are out there for federal government agencies – is a must.  But the good news is that these tools do exist.  And with less work than you may have expected, you can quickly understand and appreciate what you can do to crack the case of network security.

Find the full article on our partner DLT’s blog, TechnicallySpeaking.

9 Comments
MVP
MVP

This true and complicated even more if it's an air gapped network you have to "visit" to keep an eye on.

Don't be confused by what SLA's are for in general, what they can do.  They are capable of MUCH more than just "ensuring the voice-over-IP (VoIP) environment is healthy."  SLA's and IP SLA are two very different animals, and it's easy to confuse the two.

Use SLA's to get better rates from ISP's and ASP's, to get reimbursements for outages, or to verify your customers are getting the uptime they contract for.

MVP
MVP

One issue can be the "best of breed" strategy that really messes with available tools.

Its great if you standardize on a single vendor, then put up with substandard capabilities but sacrifice monitoring.

Good example would be Palo Alto - awesome firewall and capability, extremely limited monitoring in NPM.

MVP
MVP

I would really like to see Palo Alto f/w support once the ASA update comes in next NPM update... Many of us are using Palo Alto f/w now and not just ASA's.

MVP
MVP

API's are a bit more than described...

They allow you to interface programmatically to other running software. Not only can you use it to query status of said software, but you can in some cases tell it to do things depending on the features and capabilities of the API...

Level 14

Always keep an eye on your network traffic.  Establish a base line so you know what is normal.

Level 21

I would love to see some studies that show the difference in both tool cost  and MTTR for places that use multiple tools versus places that use one consolidated tool-set like Orion.  I would love to see this charted on a graph to see how the cost and MTTR change as the number of tools used increases.

I'm with you--seeing that info (especially the cost of paying for and supporting multiple tools, and also seeing the inefficiencies in not being able to resolve issues quickly because you don't have access to the big picture, the single pane of glass) would be great.  It might make enough difference that it could be used to lever a crack in the silo walls and get SW in and other tools moved to the back burner, maybe even removed.

Level 21

Exactly!  That is the type of data you can show executives and decision makers to help show the value of a consolidated tool-set like Orion.

About the Author
Joseph is a software executive with a track record of successfully running strategic and execution-focused organizations with multi-million dollar budgets and globally distributed teams. He has demonstrated the ability to bring together disparate organizations through his leadership, vision and technical expertise to deliver on common business objectives. As an expert in process and technology standards and various industry verticals, Joseph brings a unique 360-degree perspective to help the business create successful strategies and connect the “Big Picture” to execution. Currently, Joseph services as the EVP, Engineering and Global CTO for SolarWinds and is responsible for the technology strategy, direction and execution for SolarWinds products and systems. Working directly for the CEO and partnering across the executive staff in product strategy, marketing and sales, he and his team is tasked to provide overall technology strategy, product architecture, platform advancement and engineering execution for Core IT, Cloud and MSP business units. Joseph is also responsible for leading the internal business application and information technology activities to ensure that all SolarWinds functions, such as HR, Marketing, Finance, Sales, Product, Support, Renewals, etc. are aligned from a systems perspective; and that we use the company's products to continuously improve their functionality and performance, which ensures success and expansion for both SolarWinds and customers.