How Network Monitoring Works And Implementing Network Monitoring System?

Source : https://ak4.picdn.net/shutterstock/videos/31712014/thumb/1.jpg


   Network monitoring is an effort to conduct ongoing monitoring when the network system is active. The purpose of monitoring this network is to find out the performance of the network, if a problem arises it will be faster to be known. In network monitoring, there is also the term NSM or Network Security Monitoring. NSM is an attempt to collect, analyze and escalate various indications, threats, and dangers that disturb the network. NSM also applies measures to detect and respond to information security incidents that are in the system and organization. Within the scope of the organization to carry out various actions, there is usually a special team. The team that handles NSM is usually known as the Computer Incident Response Team. Companies and organizations in a small scope can form a SOC or Security Operation Center.


   Activities undertaken in Network monitoring are collecting several data from the network and various security devices. This device can be a router, switch, IDs, firewall, and others. Computer network monitoring is at the level to observe the performance of network components that are slow or even fail to operate. The next stage can notify the network administrator if a blackout occurs or further action is needed. Network monitoring is in the network management section. The other part is in the form of intrusion or intrusion detection system which is tasked to monitor the network which is likely to get threats from outside and network devices that have crashed. An activity that is also an important part is a server monitoring


Difference Between Network Monitoring And Server Monitoring

Source : https://www.besttechie.com/wp-content/uploads/2019/04/servers-data-center.png

   Server monitoring and network monitoring aims to monitor the condition of a computer network. The monitoring process is carried out continuously when the computer network system is active so that handling can be done quickly when a problem occurs. Analyzing the feasibility of server and computer network performance to avoid downtime. Network devices and servers that have good performance are the desires of companies and organizations. However, various factors can interfere with the performance of the network and server performance in the infrastructure used. The decrease in network quality can affect the business processes of companies and organizations. Thus, network monitoring and server monitoring are important. Both of these things seem like two things in common, but in reality different. The difference between network monitoring and server monitoring is as follows:

Source : https://wp.flash-jet.com/wp-content/uploads/2015/06/linux-os.jpg
  1. Network monitoring is a systematic effort to detect network components that have decreased performance so that it becomes slow. Network monitoring can be done using tools commonly known as "network monitoring tools". Network monitoring using tools makes detection and resolution of problems faster. Other activities carried out in network monitoring are managing network device updates, identifying possible threats that can occur, and avoiding network outages.

  2. Server monitoring is an activity that aims to review and analyze server performance, availability, operation, and security level. This activity is done by the administrator. The expected benefit of doing server monitoring is that it can reduce the risk of problems that might arise on the server. So that the problem can be overcome immediately before it gets worse. Server monitoring can be useful to get complete visibility of the performance of the computer network used.
    In brief, in-network monitoring that is monitored is the condition of network devices used, such as; routers, switches, hubs, and others. Meanwhile, the monitoring server that is monitored is related to the server, such as; event logs that are on the Windows server, Syslog on the Unix or Linux server, and also the key performance indicators of the server.
 
Benefits Of Implementing Network Monitoring

Source : https://www.abdn.ac.uk/study/images/prospectus/assets/de9/43Ghfz4876ANPN4RER8smgh23TmP.jpg

   Network monitoring is a strategy that aims to monitor the condition of the Information Technology (IT) network that is in the company or organization. Network monitoring can save you time, time and money on network maintenance activities. Managing company assets properly is important and needs to be put together in the right strategy. However, the implementation of Network Monitoring can also be supported by other strategies that will also have a good impact on the company. An example is applying the various first-hand handling standards when incidents occur related to network conditions. The application of this monitoring does have many benefits, including:
  1. The company can predict the lifetime of the network device used,
  2. Network engineers will be assisted in doing their work in understanding the workings and components that can influence each other in the network monitoring system;
  3. Improving User Experience / UX for internal and external parties related to the company;
  4. Get good visibility and coverage in all services. The use of applications in network monitoring can indeed categorize each component separately or unequal, to increase visibility.
  5. Increasing pro-active monitoring because the strategy of monitoring a computer network will help companies see the activities of all services and applications used by the company.
  6. The company can identify problems before experiencing downtime or problems in system performance;
  7. Maximizing ROI or Return of Investment. ROI conditions can always be reduced if the company makes extensive repairs to each business application. The workable way to deal with this is to ensure a high percentage of system availability;
  8. Reducing the risks and costs required when experiencing downtime because it can estimate problems that may be encountered throughout the company's infrastructure so that the IT team can immediately take action. This can save time and money needed for repairs due to problems and problem-solving can be formulated in advance so that the solution becomes faster;
  9. Network monitoring tools will show information about network infrastructure so that by looking at network traffic it can detect and prevent attackers from accessing computer network servers and important services;
  10. Easier to detect viruses that can attack the network;
  11. The network monitor system will immediately give a warning when a specific problem occurs, even some problems can be fixed automatically by a network monitoring tool that already has features that are full power;
  12. Optimization of network performance;
  13. Easier planning for computer network capacity.

How It Works In Network Monitoring?


   Network monitoring uses the SNMP protocol, the Simple Network Management Protocol to manage data monitoring from various computer resources. Companies that have systems for monitoring networks and servers that are used can make it easier for administrators to maintain servers, devices, and problems that might occur. A network administrator must understand how to work in monitoring a computer network, namely:

  1. Ensure that the DNS Server settings are correct;
  2. Oversee the server work system can function properly or not;
  3. Able to analyze server traffic;
  4. Determine actions quickly when a problem occurs with a network server;
  5. Monitor the condition of the server space used.
   Simple Network Management Protocol has indeed become the most frequently used way of monitoring a network. The following is an advanced explanation of various techniques for monitoring computer networks:
  1. Simple Network Management Protocol (SNMP)
    SNMP is a protocol designed to monitor and manage computer networks systematically in one control center and over long distances. Management is carried out by collecting data and setting variables of network elements. Elements in the Simple Network Management Protocol, among others:
    • Agent, which is software that is run in every network element. Each agent has a database of variables that explains the state, activity file, and the effect that can have on the operation;
    • Managers, namely implementing and also managing computer networks that are managed. This manager is a computer contained in a network that functions to run the software for computer network management. Managers can consist of one or more processes that will communicate with agents and in the network. The manager will collect various information from agents in the network requested by the network administrator only, which means not all information is owned by the agent;
    • Manager Information Base (MIB), which is the database structure of network elements. This structure has rules and is hierarchical so that each variable can be set and managed easily.

  2. Proprietary
    The second technique is done by monitoring the network using certain software or tools.
     Network Monitoring Tools or Network Monitoring System
    The system used for monitoring computer networks is called the Network Monitoring System or NMS, which is a tool for monitoring the elements in the network. The function of the Network Monitoring System is to monitor the quality of the SLA or Service Level Agreement of the Bandwidth used. NMS tool or software acts as a system that manages the process of monitoring functions and also network performance in traffic congestion and bandwidth usage. The network monitoring process can be expanded to the stage of resource use, including; CPU utilization, memory utility, system up/down condition, and port management. The results of network monitoring can be used as the material in company management decisions. Another function is that it can be used by network administrators to analyze problems and strangeness in network operations. Examples of NMS are:
    • Wireshark;
    • Sniffer-Pro;
    • The Multi Router Traffic Grapher (MRTG), is an application used to monitor traffic loads that exist on a computer network. This application will create HTML pages containing images in GIF format. The figure will present network traffic on an annual, monthly, weekly and daily basis;
    • Loriot;
    • Round Robin Database Tool that functions to store, present graphics, and collect data through Net-SNMP. Data collection is done periodically;
    • Net-flow Analyzer;
    • Lan Viewer, VNC, which is used to monitor LAN or Local Area Networks;
Disadvantages Of Network Monitoring

   An action must have positive values as benefits and disadvantages. The following are some of the shortcomings in implementing network monitoring:
  1. Errors in configuration can cause problems. Examples that often occur are the use of a public community in the configuration of SNMP or Simple Network Management Protocol;
  2. Problems are related to privacy or confidentiality. Therefore, the network administrator must have a code of ethics and rules or work procedures that are appropriate because it relates to privacy traffic in the form of traffic patterns, routing tables, or the contents of the network traffic itself;
  3. Integrity, this problem is a continuation of the privacy issue, which is a concern that network routing can be changed through SNMP;
  4. Vulnerability, one vulnerability that can occur is DoS or Denial of Service. This DoS is a type of attack that consumes server resources in the network, so users cannot access the server services of the computer being attacked. The techniques used in this DoS attack include:
    • Flooding the computer network with many service requests provided by the host, so requests from legitimate users cannot be processed. This technique is commonly called request flooding;
    • Flooding network traffic with excessive data, so that data coming from legitimate users cannot be processed. This technique is called traffic flooding;
    • Interferes with communication between the host and the client or legitimate user by changing the system configuration information. This technique is also sometimes complemented by destructive actions on the physical components of the server.
Source : http://www.gae.id/userdata/uploads/category/Datacom1.jpg

   The initial form of DoS attack is SYN Flooding Attack which exploits weaknesses in TCP or Transmission Control Protocol. Subsequent attacks are then further developed by attacking the operating system, system applications, network services so that they experience crashes or cannot be accessed by authorized users. However, the most common type of DoS attack is indeed the TCP attack technique. That is because some types of advanced attacks require network penetration.

   Network monitoring does have some weaknesses or shortcomings, but network monitoring remains an important thing and needs to be done by companies and organizations that have computer network infrastructure. Implementing network monitoring can find out problems or errors in the network more quickly. Network management is easier to do. An example is changing routine when an error occurs on a certain path.

   Network monitoring is very important because prevention is better than repair. Continuous network monitoring is also the first step in securing servers, service types, and overall infrastructure. What would you choose? Spend less money on network monitoring or spend more on repairs? If the first choice you choose, then what needs to be done to minimize the risk of Network Monitoring? One answer is that you can choose a trustworthy technical person to become a network administrator. In addition, you also need to enforce standard procedures that must be met by the network administrator.

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel