Home 
 1. Overview 
 What is Network Monitoring? 
 Why use Network Monitoring? 
 Who uses Network Monitoring? 
 How does Network Monitoring work?  
 How does Network Monitoring software work? 
 What does Network Monitoring cost? 
 2. Network monitoring implementation guide 
 What needs to be done  
 Prepare to implement 
 Implementing network monitoring 
 Reviewing the implementation 
 Resources 
 3. Network monitoring operations guide 
 What needs to be done  
 When does it need to be done 
 Who does it 
 How is it measured 
 Resources 
 4. Toolkit 
 5. Review of Network Monitoring 
 Recap of Network Monitoring 
 Checklist 
Implementing network monitoring
Step one - Documenting the network Step two - Checking the quality of the network cabling Step three - Choosing a monitoring method Step four - Establishing a baseline

Step one - Documenting the network
Step 1 - Document the network
The single most important element of monitoring a network is to know what it is you are monitoring. The following table details some of the elements to consider when documenting your network:


Item
Requirement
Further information
Physical topology
Create a map of the physical topology of your network. This document should describe each physical component and illustrate the ways in which the different components are connected.
Example physical map
Logical topology
Create a map of the logical topology of your network. This may or may not match up with the physical layout of the network. The logical map shows the relationships between components and the flow of information through the network. For anything but the smallest network an application designed specifically for creating network maps should be considered.
Example logical map
Cabling and patch panel information
Record your cabling and patch panel information. Documenting should include equipment and component labels, electronic and physical records, drawings, work orders, and reports. Every piece of network hardware should be labelled. This includes cables, patch panels, equipment racks and anything else that will help you develop a meaningful view of the system.
FITS Release Management
Default settings
It is good practice to standardise and document settings for computers, file servers and other configurable equipment in the infrastructure.  A standard process is outlined in Release Management and this section should be used to help you define, test and document default settings.
FITS Release Management

Software information
List all the applications on all the computers, as well as software versions, patch levels and so on. Keeping track of which applications are in use and how they are configured will help you plan for upgrades as you will more easily be able to see which applications (and the operating system particular versions are often tied to) might interact when changed. Applications and other software should have a standardised and documented set-up.  A standard process to achieve this is outlined in Release Management.
FITS Release Management
Network administration
Record information about the user accounts and the associated permissions and rights, for the users and user groups on the network.  It is good practice to define and document standard rules for creating network accounts.  The Release Management process enables this. 
FITS Release Management
User guides
Describe the network overview.  You may wish to include this in a user handbook, which could cover all aspects of ICT information as required.
User handbook
Incidents and problems
Keep track of incidents as they arise. Make sure that cause and resolution are recorded on incident/request forms. Also monitor incidents to spot recurrences and trends that may indicate an underlying problem and use the diagnostic sheet. Always document the solution.
Incident Management
Incident/request form
Problem Management
Incident diagnostic sheet
Storing documentation
All documentation including maps should be stored as configuration items in the configuration-management database.
Configuration Management
Example physical map
graphic
Example logical map
graphic
Step two - Checking the quality of the network cabling
Step 2 - Check the quality of the network cabling
The quality of the network cabling has a considerable effect on network performance. If the cabling is not of high enough quality, monitoring the network may be problematic and you may have difficulty in obtaining accurate results from even the best network monitoring software. The following factors determine how signals are degraded as they travel around the network:
graphic
Cable length
The physical network topology restricts the length of certain segments in the network.
graphic
Resistance
This is the loss of the electrical signal as it passes down the cable.
graphic
Poor connections
Poor connections at cable ends will almost certainly result in noise and interference to the signals and may in time cause the network signal to be completely lost. If the fault is intermittent it is often extremely difficult to locate and fix the cause.
graphic
Noise
Interference may come from other cables that are bundled together or from outside sources such as fluorescent lighting.
graphic
Attenuation
As the cable encounters resistance travelling down the cable and part of the signal radiates outwards the signal weakens.
graphic
Near-end cross-  talk (NEXT)
Because the insulation has to be removed from the cable where a connector is added to make a connection to another device there is a greater potential for interference between the wires at the end of the cable where the signal is generated.

The best way to test the cabling is to use a cable tester. But there are three options here, as the table below illustrates:

Option
Pros
Cons
Buy a cable tester
  • The tester is available any time for regular testing whenever a cabling fault is suspected.
  • you can hire out the tester to local schools to recoup some of the cost.
  • You and your staff will know best where your network hotspots are likely to be.
  • This is the most expensive option. Cables testers vary in price from a few hundred to a few thousand pounds.
Hire a cable tester
  • Hiring the most expensive tester is a fraction of the cost of buying.
  • You will need to hire the tester every time the cabling needs testing.
  • If the model you are used to is not available, you have to learn a different set of instructions.
Have the cabling tested by a professional testing company
  • The company will test the entire network with state-of-the-art equipment.
  • There is no need to buy or hire a cable tester.
  • The company’s report should be a professional document that will give you a thorough understanding of the network capabilities and weaknesses.
  • This is not a cheap option.
  • You need to find and vet potential testing companies.

Which option you go for may depend on such factors as:
  • the budget available
  • how much cable there is on the network (or, conversely, how much of the network is wireless)
  • the age and state of the cable installation
  • the quality of cable and connectors used
  • whether the cabling is suspected of causing network dropouts and so on.
Step three - Choosing a monitoring method
Step 3 - Choose a monitoring method
The first level of network testing consists of making sure that the underlying physical cabling structure is performing as expected. The next level is to monitor and test the network traffic and messages generated by the network protocols to be sure that you have a healthy network. There are a number of ways of achieving this:

Option one - Doing it manually
Option 1: Do it manually
  • Network monitoring products operate by monitoring the network at the data link and transport layers in the OSI reference model (see overview How does network monitoring software work? in the Network Monitoring overview). It is difficult to perform this task manually, but activities that can be performed manually include:
  • drawing logical and physical maps of the network and implementing a system of keeping them up-to- date (these tasks are supported by configuration management, which is used for storing records of infrastructure items, including documentation, and change management which is the update method for configuration management)
  • learning to interpret simple network management protocol (SNMP), which can be used to interrogate network devices and check on their status
  • checking the server logs and using the data to manually produce usage charts for the network.
Option two Built in Server utilities
Option 2: Use the built-in server utilities
Most servers have built-in utilities that will aid in monitoring the state of the network. These vary depending on whether the server runs Microsoft, Novell, Apple or UNIX networking software. The available tools may also depend on which version of the operating system is installed. It is worth checking the online documentation on the server to find out which utilities are available as it maybe that some of these were not loaded during the installation of the server operating system.
Note: This method relies on the network consisting of at least one server. It is not possible to monitor peer-to- peer networks in this fashion.

Option three - Using a LAN protocol analyser
Option 3: Use a LAN protocol analyser
A LAN protocol analyser is a stand-alone hardware monitoring tool. It can be connected almost anywhere on your network and allows you to intercept network traffic as it passes through the network in real time and save the data for later analysis. A good analyser should be able to produce useful statistics about the traffic on the network, decode the protocols used into meaningful results and filter the data so that only the relevant information is displayed.

LAN protocol analysers are not cheap, but have the advantage that they need not be installed on the network and need virtually no setting up. LAN analysers are small, robust devices and can be hired out to other schools to offset some of the purchase cost.

This option should be considered where a number of schools want to share network monitoring costs and where each networks involved is small enough not to need constant monitoring.
Option four - Buying Specialist Network Monitoring Software
Option 4: Buy specialist network monitoring software
There is a wide selection of network monitoring software available. These tools, which have been developed specifically to monitor networks, represent the most thorough method of monitoring and controlling a network.
Packages range from free up to £50,000 or so. The free packages are usually limited in scope but may represent a worthwhile download for schools on a tight budget or those running a simple network. The more sophisticated packages used by major corporations are capable of managing global networks - they have prices to match.
A school that already has a fairly complex network, or that is planning to get one, should seriously consider purchasing one of the mid-price ranged products.

Factors to consider when choosing a network monitoring tool include the following.
  • How much is the school prepared to spend on a network monitoring tool? Consider the ongoing costs, too, such as training and upgrade and licensing fees.
  • Do you want to run the software on the server or on a workstation
  • Is your network interface 10BASE-T or FDDI (or token ring
  • Does your network need to support more than one protocol
  • What level of statistical reporting will be required?
  • Do you need extra memory and buffers You may need extra buffering capabilities if you have a gigabit Ethernet
  • Does the analyser provide sufficient filters to allow you to look through large volumes of data efficiently?
  • Can you import and export files to a disk to transfer to and from other workstations for analysis?

Download the evaluation form from the toolkit and criteria to help create a shortlist of suitable monitoring tools. First identify two or, at most, three candidates. Then, before making your final choice, consider testing the packages to see which one works best for you in practice. Most commercial network monitoring packages are available as a downloadable free trial version. Download the ones you are interested in and test them in situ on your network.

This can be done one at a time or by comparing the products side by side (most will co-exist quite happily). This should give you an idea of how the products will work on your particular network and allow you to decide which has the most appropriate features. The trial will also allow you to get a feel for how intuitive the user interface is for each product - an important factor, as these are generally quite complex pieces of software.

Once you have made your choice, if the software is running from a trial version, it is usually possible to upgrade to a full version using a key provided by the supplier without needing to reinstall the software. It is important to remove any free-trial software from other manufacturers, though.

Note that these programs have steep learning curves and usually require you to have a good understanding of network structure and protocols in order to set up the software or make meaningful judgements about the data you collect.
Step four - Establishing a baseline
Step 4 – Establish a baseline
Once you have chosen the network monitoring method and installed it to the manufacturer’s instructions, you will need to establish a baseline for your network. This means collecting and documenting information about the network to establish a starting point for interpreting the results of monitoring the network from day to day, giving you something with which to compare future measurements.

Baseline data is used to define the normal operating environment for a system and provides a reference for monitoring and troubleshooting efforts. Remember that you documented the network set-up in step 1, so here you are adding to that information using the network monitoring tools.

Most tools will collect the necessary data automatically. Some will even draw a logical map of network devices for you. The tools are not foolproof, however, and it is worth checking the output against local knowledge of the network. In addition the following information should be collected manually and added to the baseline data:
  • location of equipment in the network
  • type of equipment in use
  • the number and distribution of users
  • protocols in use.

The Configuration Management process deals with the gathering and storing of information about the infrastructure. You may wish to take this relationship into account when gathering the above data and consider either implementing configuration management first to help with the implementation of network monitoring or using the data you gather here in any subsequent implementation of Configuration Management.
Top