5 elements of advanced network monitoring
- By Joel Dolisy
- Dec 07, 2015
Evolution is not just for science conversations; it is a critical aspect of effective IT management. As federal technology environments become more complex, the processes and practices used to monitor those environments must evolve to stay ahead of -- and mitigate -- potential risks and challenges.
Network monitoring is one of the core IT management processes that demands growth in order to be effective. In fact, there are five characteristics of advanced network monitoring that signal a forward-looking, sophisticated solution:
- Dependency-aware network monitoring
- Intelligent alerting systems
- Capacity forecasting
- Dynamic network mapping
- Application-aware network performance
If you’ve implemented all of these, you have a highly evolved network. If you have not, it might be time to start thinking about catching up.
1. Dependency-aware network monitoring
Network monitoring is a relatively basic function, sending status pings from devices on your agency’s network so you know they’re operational. Some solutions offer a little bit more with the ability to see connectivity -- which devices are connected to each other.
A sophisticated network monitoring system, however, provides all dependency information: not only which devices are connected to each other, but also network topology, device dependencies and routing protocols. This type of solution then takes that dependency information and builds a theoretical picture of the health of your agency’s network to help you effectively prioritize network alerts.
2. Intelligent alerting system
While dependency-aware network monitoring will provide detailed information about the health of your network, the key to implementing an advanced network monitoring solution is having an intelligent alerting system that triggers alerts on deviation from normal performance based on dynamic baselines calculated from historical data. An alerting system that understands the dependencies among devices can significantly reduce the number of alerts being escalated.
For example, an intelligent alerting system will automatically check the interaction of dependent devices -- parent and parents’ parent devices -- to pinpoint the root cause of specific issues. It also will perform event correlation and deduplication. Additionally, it will coordinate with your agency’s ticketing system to ensure that if there is already a ticket open for a particular device that fails again, it will modify the existing ticket instead of creating a new one.
Intelligent alerting will also allow an organization to “tune” alerts so that admins get only one ticket when there is a storm of similar events, or that alerts are sent only after a condition has persisted for a significant period of time. It will allow teams to create alerts that consider multiple separate elements that are significant only in combination -- such as when CPU spikes, user connections are high and bandwidth utilization is pegged “all” for more than 15 minutes.
3. Capacity forecasting
An agencywide view of utilization for key metrics, including bandwidth, disk space, CPU and RAM, plays two very important roles in capacity forecasting:
- No surprises. You must know what’s “normal” at your agency to understand when things are not normal. When you have that baseline, you can see how far above or below normal the network is functioning; you can see trends over time and can be prepared in advance for changes that are happening on your network.
- Because procurement can be a lengthy process, having the ability to forecast capacity requirements months in advance will give you the opportunity to initiate the procurement process and have a solution in place in advance of when the capacity is needed.
4. Dynamic network mapping
It is critical to understand how your network devices are connected. If you’re already implementing dependency-aware network monitoring, you already have this information. Dynamic network mapping allows you to take this information one step further and display it on a single screen, with interactive, dynamic maps that can display link utilization, device performance metrics, automated geolocation and wireless heat maps. This way, you can see trouble spots; you can see where there are good and bad signals; if a user complains that things are running slowly, you can see how everything is connected and find the source of the slowdown.
5. Application-aware network performance
When users complain that things are running slowly, they often blame the application. But is it really the application? Maybe it’s the server, maybe it’s the network, maybe it really is the application. Application-aware network performance monitoring collects information on individual applications as well as network data and correlates the two to determine what is causing an issue. You can not only see if your user is correct in saying his application is slow, but you’ll also be able to see if it is the application itself causing the issue or if there is a problem on the network.
As I mentioned at the start of this article, federal technology environments are getting more complex; at the same time, budgets remain tight. Evolving your network monitoring solution will help with both of these challenges -- it will keep you ahead of the technology curve and help meet budget challenges by providing more in-depth information to ensure your monitoring is proactive and strategic.
Joel Dolisy is the CIO at SolarWinds.