What skills should modern network performance monitoring tools possess? Network and application monitoring, modern monitoring

What skills should modern network performance monitoring tools possess? Network and application monitoring, modern monitoring

Network performance monitoring tools are essential for the it industry. However, you must also consider the skills required for network performance monitoring tools, the following small series will explain the skills that modern network performance monitoring tools should possess.

In the past, enterprise network engineers had to provide network access and sufficient bandwidth for various connected servers, applications and terminal devices. From the perspective of the OSI model, these tools focus primarily on layer-1-4 networks. Because all traffic and data streams through a network share all the bandwidth and queue resources, the higher OSI level is ignored.

Slowly, network devices become more and more complex. Now, different data streams in the network can be identified and treated differently. Various QoS and application-layer process forming technologies can also be used to achieve this goal. In addition, with the growing dependence on key business applications, network engineers also urgently need to understand the higher level of the OSI model, in this way, they can discover performance problems or other problems in networks, server operating systems, virtualization software, and applications. However, to solve these problems, they need some tools.

In many scenarios, network performance monitoring tools have evolved from traditional and simple network monitoring software. These monitoring tools usually use ICMP ping and SNMP polling/traps to check the network status. More modern supplements include monitoring, baseline, and smart analysis of all the statuses of the application itself. The most advancedNetwork monitoring toolsYou can also execute the following5 features:

1. Network and application monitoring

2. Network Problem Analysis

3. Application Data and stream interception Analysis

4. Detection of virtualization and operating system problems

5. Root Cause Analysis

Different network performance monitoring vendors have different granularities in performing these tasks. In addition, the more accurate the task is, the more complicated it is to implement and manage. Therefore, we must accurately understand the needs of our organizations, and then properly balance the granularity and complexity. Next, we will continue to analyze the five common functions of the modern network performance monitoring tool.

Network and application monitoring

As mentioned above, modern network monitoring tools have evolved from network monitoring using ICMP ping and SNMP protocols to more complex tools. General ping commands from network monitoring servers are sent to different networks, servers, and other terminal devices to be monitored. If the monitored device does not respond to the ping request, the monitoring tool may mark the device as "down" and then alert the support staff.

SNMP collects and organizes different types of data from networks that support this protocol and server components.

For network devices, this usually means constantly monitoring the interface status and data throughput of specific devices. It also monitors the hardware status, including power supply, fan, and memory usage.

Some network performance monitoring tools can also collect and respond to different system log (Syslog) messages. System logs are a general standard for logging messages of infrastructure devices. These messages are sent and stored in a centralized network monitoring tool. After analysis, these messages are used to notify the support engineers when a system fault occurs.

The network monitoring tool provides comprehensive monitoring capabilities. It not only monitors availability and performance statistics, but also monitors the entire application layer. Such monitoring usually relies on the configured software plug-in or operating system settings to send monitoring data back to the central monitoring server.

Detection of virtualization and operating system problems

Some problems may occur between the network and the application. This includes virtualization, server operating systems, and various middleware on which applications depend. The Virtual Machine hypervisor needs to be monitored separately, which may cause a reduction in Application Layer performance. The main operating system and middleware responsible for managing communication between distributed systems also have the same problem. Network Performance Monitoring vendors use different methods to monitor these problems, some of which also support more virtual machine management programs, operating systems, and middleware software.

Network Problem Analysis

In addition to providing simple online/disconnected status and usage information, the network performance monitoring product can perform more complex automated network fault repair tasks. This includes Route Protocol Monitoring and unplanned route change alerts. In addition, some products can use smart technologies to understand how WAN technology, virtual stack, and QoS features work. In addition, they can be set to automatically send alerts when a problem occurs, and even perform automatic repair operations.

Capture and Analysis of Application Data and stream

The most important task of modern network performance monitoring tools is to parse and analyze data and streams. In the network, data packets can be captured in different regions in different ways, and then automatic and/or manual analysis can be performed. The most common methods are:

1. Deploy a distributed data collection agent on all critical network locations.

2. Use the data packet capture function of the specific router/switch hardware.

Analysis of data packets and execution of more detailed application analysis are more and more important requirements of many organizations. By using the deep packet detection technology, the network administrator can identify more closely related communication problems with applications, otherwise these problems are difficult to detect.

Network Flow Collection sorts out the IP network statistics of data entering and exiting the network card. Once the data is sent to a centralized server and analyzed using the network performance monitoring streaming analysis tool, the network support administrator can identify the traffic source information and target information, and detailed QoS policies that traffic will encounter when it passes through the network. Eventually, the data is used to identify configuration problems between network devices or network path congestion problems.

Root Cause Analysis

Integrating and analyzing various event data on a network performance monitoring tool can form an automated root cause analysis function. If a problem occurs on the network and Multiple Component events are triggered, many network performance monitoring tools will use artificial intelligence technology to analyze the relevance of these events, finally, determine the root cause of the problem. This is a complex feature that needs to be configured because it requires that all devices and monitoring systems be correctly configured. For example, if the device Time is not synchronized through the Network Time Protocol, the Time detected by the event will go wrong. This will negatively affect the accuracy of the problem source analysis engine. However, once proper maintenance measures are created and taken, the automated root cause analysis tool can save a lot of time in troubleshooting.

Recommended articles:

How to Use the DOS command to scan open ports

How to disable port 135/139/445 in Windows

Tips for using a router to limit others' network speeds