Fragments

Proactive monitoring

January 7th, 2009 | by Andraz Piletic |

In my previous posts I wrote about how monitoring your network can help you to detect anomalies such as infected PCs sending spam, or illegal peer-to-peer traffic in your network.
These examples have two things in common. First, such behavior in your network is unwanted, and the task of every network administrator is to prevent it. Second, in both cases the number of network address translations exceeds normal network behavior by a few orders of magnitude.

When we say that NIL Monitor’s Service Management is a proactive monitoring service, we really mean it! Observations from previously mentioned examples led us to monitor additional parameters such as the number of NAT-ed connections. which can be a great help in hunting down network anomalies.

Such graphic information can now provide additional information about remote locations.

On a daily scale, normal network usage such as Web browsing can cause high peaks on a graph, triggering false alarms, but such graphic information is still very useful. Remember, “the trend is your friend”—after a week or two of normal network usage, threshold values can be defined correctly so that the number of possible false alarms is reduced to a minimum.

Network monitoring should be treated as a process, not as a one-time activity. To avoid wasted investment in unnecessary crew, infrastructure and time, having a service like NIL Monitor available can be a great solution for most companies.