Network Monitor Success in 8 Easy Steps | Spiceworks

Effective network monitoring is important to help ensure that your IT infrastructure is up and running for the users that depend you. Network monitoring software like the Spiceworks Monitor can help you quickly spot and fix issues on servers, switches, VoIP phones, security cameras, and more… but what’s the best way to start keeping an eye on your critical network devices?

Whether you’re a total beginner or a seasoned pro, here are 10 steps to follow for network monitoring success. Check out these tips to make sure you’re adequately keeping tabs on your important devices and infrastructure.

1) Identify the critical devices on your network
Is there a server that props up one of your mission-critical applications? Or a switch that if it started acting up, would become a bottleneck that prevents anything from getting done? Perhaps your customer support staff simply can’t do their jobs unless they’re VoIP phones are functioning properly.

Effective monitoring starts with identifying these types of devices – the ones you just can’t live without – and setting up network monitoring software to keep a close eye on them. Look for devices that support vital business functions or run applications that are heavily utilized.

2) Define your network monitoring policies
The scope of your network monitoring activities should be well-defined. Policies provide a way to keep everyone in the loop. Some guidelines for creating a policy include defining:
• What devices and equipment will be monitored
• What information will be collected
• Who will have access to that data
• When an alert will be triggered
• Who will be notified
• What the expected action(s) will be when something happens

3) Configure WMI and SSH on Windows and Linux servers
Setting up servers to work with WMI and SSH network will allow your network monitoring software to pull detailed information about your Windows and Linux systems to keep you in the know. However, to get access to data such as CPU, memory, and disk utilization, you’ll need privileged credentials for the machine you’re trying to access.

Usually it’s as simple as providing a username and password through LDAP or Active Directory, but sometimes authentication or firewall issues can arise. If that happens you may need re-configure anti-virus or open a port in your firewall, troubleshoot authentication on Windows devices or verify your SSH credentials.

4) Configure SNMP on network devices
Like WMI and SSH, SNMP provides valuable data about the status of your networked devices. Network switches, routers, hubs, and printers commonly use SNMP, but the protocol may be disabled by default for security reasons.

If this is the case, you’ll have to enable SNMP and set the community string, which is similar to a password. For example, here’s a quick example of how to enable SNMP on a Cisco switch. Once you define the community string on the device, you’ll also want to update your network monitoring software to reflect that change too. Another useful application for debugging connectivity issues is snmpwalk, which can provide detailed information about the device you’re trying to reach.

5) Set a baseline for network performance
What counts as “normal” on your network? Baselining helps you figure it out, by determining and defining typical ranges for device resource utilization. Measuring connectivity, CPU and memory usage, disk utilization and other key network metrics or just taking a mental model of usual behavior gives you the context to understand whether an activity spike a device is experiencing is unusual or simply expected.

You should also know about exception cases, where there might be regular, expected spikes in activity. For example, you might take nightly backups after everyone goes home or run scheduled jobs every Friday at 3PM. Some servers might use more memory than usual by-design. For example, it’s actually desired behavior for a SQL server to run at 90% utilization all the time because you want the best performance possible.

Baselining is also useful for performing device-to-device comparisons. For example, if one device is suddenly experiencing unusual behavior, are other similar ones doing the same thing? Finding this out can help you get to the root of issues.

Alert thresholds in the Spiceworks Network Monitor

6) Set up alerts and customize thresholds levels
Network monitoring software can simplify your workflow by giving you the info and alerts you need to make smart decisions. For example, an alert can notify you if a disk is low on space. Or you could find out if a switch is experiencing unusual packet loss.

In general, you will want alerts to inform you of potentially problematic behavior, but not routine events because you don’t want to be overwhelmed by meaningless notifications that can lead to “alert fatigue” when everything is running smoothly. In other words, excessive notifications could cause you to ignore alerts about actual emergencies, like in the story of the boy who cried wolf.

So you don’t receive “false alarm” or “false positive” notifications for routine blips on the network, tweaking your thresholds and aligning them with baselines you’ve established is the key to getting relevant alerts. For example, say you’ve set a baseline for 50% CPU utilization on a particular server. If the server suddenly jumps to 95% usage for a period of time, you’ll get an email alert telling you to check out the potential issue.

Another trick best practice to reducing alert fatigue is to disable certain types of default alerts that don’t matter to you. Maybe you’re using another tool to monitor your storage, someone else in IT responds to server alerts, or checking the network activity is not your job (leave that to the overpaid network admin). Not getting unwanted notifications in the first place is much preferred to cluttering your inbox and tweaking your settings only takes a couple of minutes.

7) Create a plan for when you receive alerts
Getting the right alerts is just the start of putting out fires around your network. You’ll also need a plan for prioritizing and handling these notifications whether you’re a jack-of-all-trades or if you’ve got a big team of escalation staff. When an alert comes in, you should know which person (network admin, help desk tech, etc.) should be contacted for what type of event and what the next steps and processes are depending on the situation.

For example, if you run into something relatively simple, you could send the issue to a new employee as a training exercise. In contrast, a more complex technical issue involving a mission-critical device might require the immediate attention of a more senior staff member.

8) Keep an eye on your devices
The main point of network monitoring is to keep a watchful eye on your critical devices so you can minimize or prevent the disruption of critical services such as business email, applications or websites your company relies on. Once you’ve configured your alerts, you can also monitor the current status of all of your resources in a dashboard that can help you visually spot trends before they turn into big issues.

Many IT pros like to keep a real-time dashboard open on a second screen so they can stay informed of activity on their network. Think of it as mission control for your IT infrastructure. After the initial set up of your network monitoring software, make sure to keep everything current. Remember to update your alert thresholds if something changes in your environment or if you add new devices to ensure that you continue to get relevant alerts.