networkingA93179721There are multiple aspects to network monitoring. Most networks can be monitored by device, by segment, or by a combination of the two. Managers can locally monitor devices or network segments by collecting activity statistics with SNMP or by using the extended functionality of a protocol analyzer. Remote network device or segment monitoring is also easy to accomplish. This type of monitoring uses SNMP-based polling of devices for designated values to compare with Network Management Station (NMS) thresholds.

Network Management Station (NMS) can access the 94 counters and 2 gauges in SNMP’s Management Information Base II (MIB-II) to establish baseline values and monitor traffic on the managed network. Beyond MIB-II, there are 95 MIB-II extensions and over 40,000 private MIBs to support separate vendors’ equipment offerings and organizational needs.

Alternatives. Network managers rarely rely solely on information retrieved by SNMP for monitoring a network and analyzing its trends. The most commonly used alternatives are protocol analyzers, traffic graphers, software offerings, and remote monitoring solutions.

Protocol Analyzers. Many analyzers have a network-monitoring mode. While in this mode, instead of capturing packets, the analyzer focuses on collecting statistics such as utilization, frame sizes, protocol distribution, error events, broadcasts, multicasts, etc. Using the monitoring function of the analyzer is a good way to collect trend statistics. When the analyzer is not using the capture and display functions, it should be monitoring the network and collecting statistics.

Multi Router Traffic Grapher (MRTG). A tool used for monitoring the traffic load on network links. MRTG generates HTML pages containing graphical images that offer a live visual representation of network traffic. MRTG is based on Perl and C, and works with UNIX and Windows (from NT). This tool is being successfully used on many sites around the Internet.

Paessler Router Traffic Grapher (PRTG). A Windows software that monitors bandwidth usage and other network parameters via SNMP. It lets a manager quickly set up and run a monitoring station on an SNMP-enabled network. It can log the amount of data flowing through routers, monitor CPU utilization, or check disk space usage. PRTG keeps track of the data for up to one year and shows a usage graph for the last 8 to 96 hours, 14 days, and 52 weeks.

The netstat command offers statistics about the view of the network from the local system. These statistics include information on interfaces, routing, current connections, and protocol activity. The specific arguments used in the netstat command may vary from one operating system or vendor to another.

By adding -e (-i for UNIX systems) to the netstat command, the manager can gather network statistics of the local interface. The -r option calls up routing information about the network from the point of view of the local system. To examine the active sockets that are in use on a system, add the -a option to the netstat command. Adding the –s option to the netstat command yields the UDP, TCP, ICMP, and IP statistics.

