Using analysis on network devices can make us know information about “who, what and when” is active in the network. This information can be used to improve performance, maintain security, and manage networks in general (network management).
Not all analysis on network devices provides sufficient and effective information to solve network problems. This is because the tools to help network traffic analysis based on data flow only provide top-level information. For example, such as IP address (internet protocol) and traffic volume. To be able to monitor activities and analyze network traffic thoroughly, you need special tools, including:
1. SNMP (Simple Network Management Protocol)
Through a simple, specially designed protocol, users can monitor and manage a computer network remotely using a control center. We can obtain network device data or information about status and conditions in a network when using SNMP.
This protocol uses UDP transport, precisely on port 161. Network management is operated by collecting network device data and determining variables in the network used. The network management monitoring process is carried out from a PC that acts as a network management station from an SNMP agent.
Furthermore, the results of network management monitoring will be displayed in a graphical form that shows traffic or network traffic fluctuations. SNMP is indeed a very important mechanism in network monitors, and has several components:
1. Managed devices: Nodes on networks that support SNMP and access to specific information.
2. Agent: Software that is part of the monitored device. An agent has access to the MIB (database information management) device and allows the NMS system to read and write to MIB.
3. Network Management System (NMS): An application on a system that monitors and controls devices managed through agents using the SNMP command.
2. Web GUI
The Web GUI is used to monitor and monitor graphics views in the form of graphical fluctuations and network traffic. Web GUI can be easy to use because they are easy to read and understand because of the website-based interface.
We don’t need to type special commands or syntax that can only be understood by a number of reliable network engineers, because the website-based interface makes everything look easier to use and read.
If a network engineer wants to test the range and availability of hosts in an IP (internet protocol) network, then the tool that can be used is Ping.
Through one of the basic instructions that must be mastered by the network admin, the ping results can be seen to determine whether a host in the network is active or not. In addition, ping can be used to measure transmission time and packet loss when communicating with the host.
Syslog is different from Windows Eventlog. Syslog is a messaging system that allows devices to send event notifications to an IP (internet protocol) network. Information from these messages can be used for network management and monitor network security. Syslog can support a variety of devices. Starting from the printer, router, and firewall.
5. Utilizing Script Strength
On a network where there is no Network Management System (NMS), or the Network Management System (NMS) does not have certain features, the network administrator can use scripts. Scripts utilize commands commonly used in the world of IT networks.
For example, ping, lynx, snmp walk, and others. Scripts are supported by most network elements to run certain programs. For example, collecting information, making changes to devise configurations, or performing special programs that have been scheduled. Bash scripts, Perl, etc. are tools for writing scripts that are commonly used by network admins.
Based on these special tools, TITS uses SNMP in its web-based application, namely network monitoring tools called NetMonk. Using SNMP makes NetMonk able to find the latest information about the condition of the device. Want to know more about NetMonk? Read the convenience article NetMOnk.