Author: Neftaly Malatjie

  • 114054 LG 1.35 DATA ACQUISITION USING SNMP

    • When this technology is used PRTG queries the devices (e.g. routers, switches, and servers) for the traffic counters of each port. This option creates the least CPU load and network load of the three methods.

    • PACKET SNIFFING IN LANS

      If you need to know what applications or IP-addresses are causing the traffic in your network you can use a Packet Sniffer which looks at every single data packet travelling in your network for accounting purposes. PRTG can analyze the packets passing the network card of a PC or it can be connected to a so-called monitoring port of a switch.

      DATA ACQUISITION USING PACKET SNIFFING (LAN)

      In order to calculate bandwidth usage PRTG inspects all network data packets either passing the PC’s network card (shown on the left side) or the data packets sent by a monitoring port of a switch (right side) with its built-in Packet Sniffer. From the three technologies shown here this one creates the most CPU and network load. For larger networks PRTG offers remote probes that distribute the load and assure maximum performance.

    • NETFLOW PROTOCOL

      Professional routers and switches from vendors like Cisco, HP, Juniper, and others support NetFlow or sFlow export for bandwidth usage monitoring. It is the most powerful monitoring method, suitable for high traffic networks.

      DATA AQUISITION USING CISCO’S NETFLOW PROTOCOL

      Cisco devices with NetFlow support track the bandwidth usage of the network internally and then only send pre-aggregated data to the PRTG system for accounting purposes. This way the computing load for

    • The following table shows the differences between PRTG’s four methods available for bandwidth monitoring:

    • WMI

      SNMP

      PACKET SNIFFER

      XFLOW (IPFIX, NETFLOW, SFLOW, JFLOW)

      Setup

      Medium

      Easy

      Easy to complex (depending on filter rules used)

      Can be complex (e.g., the switch must be configured)

      Traffic can be filtered

      No

      No

      Yes

      Yes

      Differentiate bandwidth usage by protocol or IPs

      No

      No

      Yes

      Yes

      PRTG can show Toplists (Top Talker, Top Connections, Top Protocols, custom)

      No

      No

      Yes

      Yes

      Filter bandwidth usage by IP

      No

      No

      Yes

      Yes

      Filter bandwidth usage by MAC address

      No

      No

      Yes

      No

      Filter bandwidth usage by physical network port

      Yes

      Yes

      No

      No

      Monitor network parameters other than bandwidth usage

      Yes

      Yes

      No

      No

      CPU load on the machine running PRTG

      Low

      Low

      Higher, depends on the amount of traffic

      Higher, depends on the amount of traffic

      Excess bandwidth usage of monitoring

      Small

      Small

      None (except when monitoring switch ports are used)

      Depends on the traffic


  • 114054 LG 1.34 COLLECTING NETWORK PERFORMANCE DATA

    • The following are ways of collecting network performance data;

      SNMP-MONITORING

      The Simple Network Management Protocol (SNMP) is the most basic method of gathering bandwidth and network usage data. It can be used to monitor bandwidth usage of routers and switches port-by-port, as well as device readings like memory, CPU load, etc.


  • 114054 LG 1.33 Setting network performance baseline

    • By setting a network performance baseline, network administrators can define what is normal for enterprise networks and identify patterns that indicate signs of trouble down the road. Network performance baselines also enable network managers to plan for growth.

      In the simplest terms, a network performance baseline is a set of metrics used in network performance monitoring to define the normal working conditions of an enterprise network infrastructure. Engineers use network performance baselines for comparison to catch changes in traffic that could indicate a problem.

      Setting a network baseline also provides early indicators that application and network demands are pushing near the available capacity, giving the networking team the opportunity to plan for upgrades. Aligning network performance baselines with existing network service-level agreements (SLAs) can help the IT organization stay within capacity parameters and identify problem areas that are falling out of compliance.

       

  • 114054 LG 1.32 What should we monitor

    • The ultimate measures of performance are the users’ perceptions of the performance of their networked applications (e.g. WWW, email, a distributed RDBMS, a spreadsheet accessing a distributed file system etc.)

      This performance is affected by the performance of the complete Distributed System, which includes:

      • physical network plant
      • communications devices (e.g. routers, switches) , computers and peripherals attached to the network plant
      • host resource utilization
      • software from device interfaces, thru operating systems to applications running on computers and devices To set and meet user expectations for distributed system performance, we must monitor all of the above

  • 114054 LG 1.58 Document server names, roles and IP addresses

    • While the information included in a network topology diagram is not necessarily specific, there is certain information that you should include for each server, even if that information has to be placed in an appendix. For each server, list the server’s name, its IP address and the role that the server is performing (DNS, DHCP, mail server, etc.). Keep in mind that a server may be assigned multiple IP addresses or have multiple NICs, so you should document that information too.