A program for monitoring devices on a network. Monitoring computers on a local network

Monitoring local network is a continuous process that involves monitoring the production network. The process performs the following functions:

1. Timely detection of errors and malfunctions.
2. Adequate and quick response to errors and malfunctions.

The system administrator monitors the network status.

For ease of use, various software alerts. One such application is the following development — Total Network Monitor from Softinventive Lab.

Monitoring systems

The main requirements that should be in network monitoring software are highlighted:

1. Support all types network connections, including wifi networks.
2. Monitoring network activity.
3. Determination of the detail of system and network services.
4. Analysis of remote computers and web servers.

Monitoring systems must provide reports about events over certain time periods. It is important to retain all activity listings and archive them in an appropriate log.

It is necessary to distinguish between tools that provide control over external access to the network and software, which is important for monitoring internal network processes.

Network activity monitoring is defined as follows:

1. An application with a certain period sends requests according to the necessary ip network addresses.
2. If the result of such a request is incorrect or unsuccessful, a signal is sent to the system administrator.
3. Automatic detection of actions that are regulated by the network protocol.

Monitoring methods

There are many methods and tools for monitoring network connections. Features of their use depend on the goals of the process, network configuration, file system etc.

Basic methods:

1. Protocol analyzers. These systems are needed solely to control network traffic.
2. Integrated management and analysis systems. Used for software and hardware environments. Provide control of certain programs, sections of communications and individual devices on the network.
3. Network management. This includes software that collects data about network processes and the state of the hardware unit. All network traffic is monitored.
4. Cable equipment. Certifies and tests cable networks.

Total Network Monitor is now one of the most relevant monitoring applications work network. The software provides timely tracking of problems, checks the software for relevance and works with anti-virus databases.

Today, the success of many enterprises and organizations depends to a great extent on the reliability and quality of the networks and network applications used. Network monitoring, which refers to the systematic monitoring of key indicators of the functioning of the network and network applications, helps to detect and eliminate emerging and emerging problems in their operation to maintain the quality of user service at the proper level. In addition, network monitoring is essential to ensure information security, since it allows you to identify dangerous user actions and malware.

Types of network monitoring

There are passive and active network monitoring. With passive monitoring, key indicators of the functioning of the network and network applications are monitored by analyzing the real traffic of the operating network, “observed” at its various points, and with active monitoring, specially generated test traffic is used to determine these indicators.

In turn, there are three main types of passive monitoring: packet-based monitoring (capture and analysis of network packets using monitoring tools), SNMP monitoring (interrogating SNMP devices to obtain information about their status and traffic) and flow-based monitoring (collecting information about traffic flows using xFlow protocols, etc.).

A type of passive monitoring, packet-based network monitoring is performed by passive (not transmitting test traffic) monitoring devices that analyze captured packets.

Optimal connection of passive monitoring devices

IT professionals use various devices Passive monitoring devices (including protocol analyzers, RMON probes, NetFlow collectors, IDS/IPS systems, and probes capable of recording large volumes of network traffic) designed for in-line or out-of-band connection to network lines.

Kaspersky Internet Security

For out-of-band connection of monitoring devices, it is best to use special network taps.

The network tap is connected to the network line break. Passing duplex traffic transmitted over the line through itself, the network tap copies its halves (counter packet flows) into its monitoring ports intended for connecting monitoring devices (see figure). Unlike an Ethernet switch with SPAN ports, a network tap never discards any packets, including defective ones, and thus provides 100% (!) control of traffic on the line.

Network taps do not impact or reduce network reliability because during a power failure, a copper tap remains transparent to monitored traffic, while a fiber tap is a passive device that requires no power at all. Additionally, since a monitoring device connected via a tap does not require an IP address, it is isolated from the network, greatly reducing its exposure to hacker attacks.

A wide range of copper and fiber network taps are available, supporting a range of maximum data rates from 10 Mbps to 100 Gbps. In addition to conventional taps, regenerating taps are produced, which are used when the same traffic needs to be monitored using several different monitoring devices at the same time. The regenerating coupler differs from a conventional tap in the increased number of monitoring ports. If the number network channels If you need to monitor more than the number of monitoring devices available, you can use an aggregation tap that combines traffic from several monitored channels and outputs the total flow through several of its monitoring ports (see figure). However, the rate of this flow may exceed the capacity of the monitoring device port, resulting in unacceptable packet loss. To reduce the likelihood of packet loss, you need to select an aggregation tap model with a sufficiently large buffer memory.

Operation of aggregation and network taps

Overloading of the monitoring device can also occur when it is connected to a faster network channel (for example, if an analyzer with a 1GE port is connected to a 10GE channel using a 10-Gigabit tap). To reduce the load on monitoring devices, pre-filtering of spur traffic is widely used so that the device receives only the data it needs to perform its primary functions (for example, related to network intrusion detection). Also, using a load balancing device, high-speed traffic can be divided approximately equally between multiple monitoring devices. In this case, it is often important that the integrity of the transmitted packet streams is maintained, that is, all packets belonging to the same stream must arrive at the same monitoring device in a group of load-balanced devices.

Traffic filtering and load balancing help protect investments in existing monitoring devices as increasingly high-speed network technologies are implemented. The functions of aggregation, regeneration, traffic filtering and load balancing are available in network packet brokers. Thus, if monitoring devices must frequently switch from one monitored channel to another and/or require traffic filtering and load balancing functions, you should connect these devices to network taps or SPAN ports through network packet brokers, rather than directly.

Use a bypass switch if you need to implement a trouble-free inline connection to a monitoring or information security device (for example, IPS). If this device stops functioning for any reason, the bypass switch will direct traffic around it and thereby preserve (for users) the availability of critical services and applications (for more details, see “Solutions for inline connection of monitoring devices”).

Ixia, a Keysight Business, produces a wide range of taps, bypass switches, and network packet brokers in the Vision family. Vision devices switch, aggregate, regenerate, filter and evenly distribute traffic to be monitored across monitoring devices connected to them. The most intelligent broker models in this family - Vision ONE and Vision 7300 - perform a broader set of functions, including deduplication and truncation of packets, providing them with highly accurate timestamps, identifying and monitoring application traffic (for more information, see “Functionality of Ixia monitoring solutions”). To centrally manage Vision network packet brokers installed on a controlled network, Ixia releases the Ixia Fabric Controller (IFC) solution.

The market for network monitoring systems offers a comprehensive new generation Intelligent Monitoring Fabric (IMF) solution from cPacket Networks. Compared with traditional network monitoring systems, the IMF solution has improved scalability, increased productivity, provides a more in-depth analysis of network operation, reduces operating and capital costs. The IMF includes monitoring nodes that have the functions of a network packet broker and a network analyzer.

Cloud control

With cloud computing exploding in popularity, IT professionals must ensure data and application security, optimize cloud performance, and resolve cloud performance issues as quickly as possible. To perform the above tasks, cloud traffic control is required. Such control is provided by the Ixia CloudLens platform, designed to monitor the operation of private, public and hybrid clouds. In the process of monitoring the operation of a public cloud, the CloudLens platform operates in this cloud and provides a monitoring service with traffic filtering capabilities. CloudLens has a unique peer-to-peer architecture that retains all the benefits of cloud computing, including flexibility and on-demand scalability. Peer-to-peer architecture provides direct connections between cloud instances generating controlled traffic and virtual devices monitoring. Competing solutions use a central node that aggregates and filters traffic. Such a monitoring system is less scalable, more expensive, and less flexible.

CloudLens peer-to-peer architecture

Part of the CloudLens platform is the CloudLens Private solution, focused on monitoring private clouds. This solution forks traffic from virtualized networks, processes the traffic, and delivers monitored packets to virtual or physical monitoring devices.

Take care of monitoring in advance

It is recommended to initially plan the implementation of the monitoring infrastructure as an integral part of the future network and, when building it, to install equipment for connecting monitoring devices along with other network equipment.

When organizing a network monitoring system, it is necessary to provide for the ability to monitor the traffic of critical network channels at the access, distribution and network core levels, as well as in the data center where the enterprise servers are located.

Since many high-speed lines are concentrated in the data center and in the network core, it is recommended to install multiport aggregation taps and network packet brokers there. The use of this equipment will reduce the number of network monitoring devices, since if it is possible to aggregate and switch traffic from key network points, there is no need to install a monitoring device at each of them.

Currently, high-speed network technologies, providing data transfer rates up to 100 Gbit/s. The use of these technologies can significantly reduce the number of lines in the network core and reduce the cost of its maintenance, but at the same time, the requirements for the reliability of each high-speed line increase, since its failure will affect the work of a larger number of users and applications. Obviously, during the operation of a data center or corporate network, the trunk line cannot be disconnected even for a few seconds in order to insert a fiber-optic tap into it to feed the traffic of this line to the monitoring device. Therefore, it is better to install taps on trunk lines initially (even at the stage of deployment of the cable system). This will allow you to quickly connect the necessary monitoring or diagnostic devices to the lines of interest without disconnecting them.

Our programs for system administrators will help you keep abreast of everything that happens in the computer park and enterprise network, respond in a timely manner to equipment failures and software problems, and minimize costs and downtime. This page presents programs for monitoring the network, servers and hosts, for PC inventory, accounting for installed programs and licenses, creating reports on computer hardware, for accounting traffic on the network, for studying the network topology and creating graphical diagrams of local networks.

A network administrator may also find useful programs for searching files on local networks and auditing user access to file resources of servers over the network. All these programs will help the system administrator improve the performance of network devices and servers and ensure the proper level of security in the enterprise network.

10-Strike programs are included in the unified register of Russian computer programs of the Ministry of Communications and can participate in government procurement.

Programs for network administrator, network utilities

Computer Inventory (Pro) 8.5

— a program for inventory and accounting of installed software and hardware on computers on local networks. “Computer Inventory” allows system administrators to keep track of computers on the enterprise network, view the configurations of remote computers and lists of installed programs over the network, and track configuration and software changes. The program contains a powerful report generator. For example, you can create . At planning upgrades can be created report containing computers with insufficient disk space or random access memory . Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

10-Strike LANState (Pro) 8.8r

— program for monitoring servers and computers on the network, allowing you to visually observe the current state of your network at any time. LANState monitors hosts on the network, monitors connections to network resources, monitors traffic, and signals various events. LANState contains many functions useful for network administrators: sending messages, shutting down remote computers, scanning hosts and ports, obtaining various information from remote computers (access to the registry, event log, etc.). Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Network Monitoring (Pro) 5.5

— program for monitoring servers and other network devices, monitors the performance of the network and notifies the administrator of problems. Find out in time about a failure that has occurred (connection loss, server disk space running out, service stop, etc.) and fix the problem with minimal loss of time. The program signals problems using sound, on-screen messages, by e-mail, and can launch external programs and services, as well as reboot computers and services. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

"Software Accounting" 8.5

— a program for inventory and accounting of installed software on computers in local networks. "Software Accounting" allows network administrators to maintain a database of installed programs on network computers and track changes. The program contains a report generator. For example, you can create reports on the presence of certain programs on computers and their quantity.

Local network monitoring: systems and methods of operation

Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Network Diagram 3.33

— program for constructing a local network diagram, which allows you to discover network devices and place them on a map. If your switches support the SNMP protocol, the program will draw connections between devices automatically. All that remains is to move the device icons with the mouse and your network diagram is ready. You can modify the diagram using powerful built-in editing tools, add connections, apply inscriptions, draw areas, fill them with different colors. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Traffic Accounting 3.7

— network traffic accounting program, monitors the volume of downloaded data and the speed of information transfer on the network. You can monitor traffic both on user computers and on switch ports. Alerts allow you to find out in time about traffic overload on any port. You can monitor the distribution of loads on the channel in real time, build graphs, diagrams and reports. All collected traffic consumption data is stored in a database for statistical analysis and reporting. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Remote Access 5.0

— program for managing remote computers over the network. You can configure access to computers of network users and administer their PCs remotely. The program provides a Helpdesk mode for providing technical assistance. support for remote clients via the Internet. You can connect to PCs and servers within the network, or access computers on the Internet using accounts or hardware IDs. In this case, there is no need to forward ports through the router/router. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

10-Strike Network File Search (Pro) 2.3r

— program for searching files on local network computers(via NetBios and FTP protocols). Enter a phrase or file masks and find the information you need. When viewing search results, found files can be immediately opened, saved to disk, or generated a report. The search uses multi-threaded technology, which significantly speeds up the work. You can set filters by file size and modification date. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

10-Strike Connection Monitor (Pro) 4.8r

— program for monitoring network connections of users over the network to a shared folderand files, allows you to find out in time about connections of network users to your computer. The program beeps, displays alerts on the screen, and keeps a detailed log of connections, which records information about who connected to the network and when. network folders computer, what files were opened, etc. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

10-Strike: Network Scan 3.0 FREE!

— scanner of local networks, IP addresses and hosts. This free program allows you to scan your local network and detect active hosts, computers and servers. Supports scanning of IP address ranges and many protocols for detecting network devices (ICMP ping, searching for open TCP ports, NetBios, SNMP, UPnP, ...). If you have administrator rights with Windows computers there is a lot of useful information to be found. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Sets of network programs for system administrators

Software suites for system administrators allow you to save money when purchasing several of our network programs or all at once. Get three programs for the price of two and so on. For example, when purchasing Full set of administrator programs in option " for the organization"(without restrictions on the number of workstations), consisting of all our programs for network administrators, you can save up to 100,000 rubles or 45%!

Other utilities

10-Strike SearchMyDiscs 4.43r

— CD cataloger (CD, DVD).

With its help you will quickly find necessary files on CD and DVD discs your collection. SearchMyDiscs helps you organize your CD and DVD collections, allowing you to find the disc you need in a few seconds. If you are tired of searching for the right disk every time, this program is for you! Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

10-Strike Log-Analyzer 1.5

— Apache web server Raw log file analyzer. Creates various reports and histograms. The program has many settings and filters that will allow you to get accurate information about your site, downloaded files, and who is coming to you and from where. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Payment and delivery

When ordering programs by legal entities, payment by bank transfer is accepted. Invoices are issued in in electronic format, a contract is concluded. Electronic delivery: the distribution kit is downloaded from our website, registration keys are sent after payment by e-mail. After payment, the original contract and documents for accounting are sent to the buyer by mail.

Issue an invoice (indicate the required programs and types of licenses, your details and the name of the director for the agreement)

All our programs are also presented in the Softkey and AllSoft online stores (follow the “buy” links from our website).

Network monitoring

Introducing ZABBIX - a program for monitoring and analyzing all the main parameters of a local network.

Why do you need a local network monitoring system?

Local network monitoring

The ZABBIX solution allows you to quickly assess and diagnose the state of the local network as a whole, carry out express monitoring of the main parameters of local network servers, and monitor network equipment and workstations.

Server monitoring

The system administrator will always know how much free space remaining on the hard drives, how much the processors and RAM are loaded. Thus, based on objective data, decisions can be made on redistributing the load between servers, on upgrading existing servers, or on the need to purchase additional ones.

Prompt notification of emergency situations

The most important function of ZABBIX is to notify personnel of any impending or emerging problems. The operational notification mechanism includes services for sending electronic mail messages (e-mail) and SMS via mobile communication channels. Using remote monitoring of your company's local and computer network, the system administrator, even while away from the office, will be able to prevent possible failures and troubleshoot problems that arise.

Emergency prevention

Zabbix can warn the system administrator, for example, that the server's hard drive is about to run out of space, about increased CPU load, or about RAM loading. Thus, the system administrator can take measures to prevent it even before an emergency occurs.

What interface does the local network monitoring system have?

For operational online monitoring of network status, diagnostics and analysis of load parameters of server equipment, ZABBIX provides a convenient WEB interface. Thus, thanks to advanced monitoring and analysis of the basic parameters of the local network, network and server equipment, the system administrator from any location will have access to such critical parameters as decreasing volume disk space, increased load on local network server processors, RAM overload and much more.

What is network monitoring and why is it needed?

How much does the ZABBIX local network remote monitoring system cost?

Why is it profitable for you to order the implementation of a local network monitoring system from us?

Setting up ZABBIX, like any complex software product, requires high qualifications and experience; the work on setting up ZABBIX is very responsible and painstaking. Our system administrators have extensive experience in configuring and supporting remote monitoring systems and are fluent in the technology of its installation and configuration.

Implementation of the ZABBIX network monitoring system includes:

How much does it cost to install and configure a local network monitoring system?

* For a large number of similar units, a discount is provided

You can also contact us by phone. Call us!

7 (495) 665-2090

ZABBIX is a completely free application

Zabbix is ​​written and distributed under the GPL General Public License version 2. This means that its source code is freely distributed and available to an unlimited number of people.

Express audit of the local network and preparation of technical specifications

Installing the ZABBIX system on your equipment

Configuring ZABBIX to monitor key local network nodes

Installing ZABBIX clients on the main nodes of the local network

Setting up notifications to the system administrator's email

You most likely know that it has a built-in firewall. You may also know how to allow and block access of individual programs to the network in order to control incoming and outgoing traffic. But did you know that the Windows firewall can be used to log all connections passing through it?

Windows Firewall logs can be useful in solving specific problems:

• The program you are using cannot connect to the Internet, although other applications do not experience this problem. IN in this case To troubleshoot the problem, you should check whether the system firewall is blocking the connection requests of this program.
• You suspect that your computer is being used to transmit data by malware and want to monitor outgoing traffic for suspicious connection requests.
• You have created new rules for allowing and blocking access and want to ensure that the firewall correctly processes the given instructions.

Regardless of the reason for use, enabling event logging can be challenging as it requires a lot of fiddling with the settings. We will give a clear algorithm of actions on how to activate the registration of network activity in the Windows firewall.

Access to firewall settings

First, you need to go to advanced settings Windows Firewall. Open the Control Panel (right-click on the Start menu, select “Control Panel”), then click the “Windows Firewall” link if the view mode is small/large icons, or select the “System and Security” section, and then “Windows Firewall” ”, if the viewing mode is category.

In the firewall window, select the option on the left navigation menu “Extra options”.

You will see the following settings screen:

This is the internal technical side of the Windows Firewall. This interface allows you to allow or block access of programs to the Internet, configure incoming and outgoing traffic. In addition, this is where you can activate the event logging feature - although it is not immediately clear where this can be done.

Accessing log settings

First, select the “Windows Firewall with Advanced Security (Local Computer)” option.

Right-click on it and select the “Properties” option.

A window will open that may confuse the user. When you select three tabs (Domain Profile, Private Profile, Public Profile), you will notice that their content is identical, but relates to three different profiles, the name of which is indicated in the tab title. Each profile tab contains a button to configure logging. Each log will correspond to a different profile, but which profile are you using?

Let's look at what each profile means:

• The domain profile is used to connect to the wireless Wi-Fi networks when the domain is specified by a domain controller. If you're not sure what this means, don't use this profile.
• The private profile is used to connect to private networks, including home or personal networks - this is the profile you are most likely to use.
• The public profile is used to connect to public networks, including restaurants, airports, libraries and other institutions.

If you are using a computer in home network, go to the “Private Profile” tab. If you are using a public network, go to the “Public Profile” tab. Click the “Configure” button in the “Logging” section on the correct tab.

Activating the event log

In the window that opens, you can configure the location and maximum size of the log. You can set an easy-to-remember location for the log, but the actual location of the log file doesn't really matter. If you want to start event logging, set both the “Log missed packets” and “Log successful connections” drop-down menus to “Yes” and click the “OK” button. Running this feature all the time can cause performance issues, so only enable it when you really need to monitor connections. To disable the logging feature, set the value to “No (default)” in both drop-down menus.

Studying logs

Now the computer will record network activity controlled by the firewall. To view the logs, go to the “Advanced Settings” window, select the “Monitoring” option in the left list, and then in the “Logging Options” section click the “File Name” link.

The network activity log will then open. The contents of the log may be confusing to an inexperienced user. Let's look at the main contents of the log entries:

1. Date and time of connection.
2. What happened to the connection? The status “ALLOW” means that the firewall allowed the connection, and the status “DROP” indicates that the connection was blocked by the firewall. If you encounter network connection problems separate program, you can determine for sure that the cause of the problem is related to the firewall policy.
3. Connection type - TCP or UDP.
4. In order: IP address of the connection source (computer), destination IP address (for example, a web page), and the network port used on the computer. This entry allows you to identify ports that require opening for the software to work. Also watch out for suspicious connections - they could be made by malware.
5. Whether the data packet was successfully sent or received.

The information in the log will help determine the cause of connection problems. The logs can record other activity, such as the target port or TCP acknowledgment number. If you need more details, check out the “#Fields” line at the top of the log to identify the meaning of each metric.

Don't forget to turn off the logging feature when you're done.

Advanced network diagnostics

By using Windows Firewall logging, you can analyze the types of data being processed on your computer. In addition, you can determine the causes of network problems related to the firewall or other objects disrupting connections. The activity log allows you to familiarize yourself with the work of the firewall and get a clear picture of what is happening on the network.

Found a typo? Highlight and press Ctrl + Enter

We've put together another list of great free server and network monitoring tools. They are very important for any business operating through a website or network. Server and network monitoring allows you to be aware of all issues as they arise; and this, in turn, allows you to take the right actions.

Ganglia is a variable monitoring system for high-performance computing systems such as clusters and cells. It is built hierarchically and is aimed at combining clusters.

Total Network Monitor 2 is a program for constant monitoring and administration of a local network, individual computers, Internet resources, network and system services. TNM will notify you in advance of problems using a variety of means and generate a detailed report of what happened and when.

Network monitoring

you create monitors- objects that periodically check one or another aspect of the operation of a service, server or file system. The monitors are flexibly configured and display the network status in real time.

If any indicators deviate from the norm, the monitor executes the script described in advance actions: for example, a sound signal, notification via e-mail or IM with detailed description incidents, rebooting a remote computer, launching an application, etc.

Turning to network monitoring log, you can always see the history of readings from all monitors and a list of completed actions.

Download for free and start using right now without any functionality limitations!

Health and problem checks

Checks- communication of Total Network Monitor 2 with the outside world. They provide monitors with data for analysis. In our network monitoring utility you will find many checks for all occasions. Queries via network protocols to monitor servers, check services, event logs and keys Windows registry, searching for a string in a file on a remote computer and much more - TNM does all this with ease.

Check list

Internet: ICMP TCP HTTP FTP SMTP POP3 IMAP Telnet

Windows: Event Log Service Status Registry Status System Performance

File: File existence File size File comparison Number of files CRC32 file File content Disk space

Alerts and event history

Actions are triggered as soon as something goes wrong. They notify you so that you can fix everything in time. They can provide first aid in administering the local network: restart the service or remote computer, launch the application, execute the script. Or they can simply add an entry to a separate journal.

List of actions

Warnings: Message box Notification Sound signal Write to file

Alerts: Email Jabber Event Log

Measures: Run the application Execute the script Restart the service Restart the computer

All actions performed and all changes in observed parameters are continuously recorded in the log, forming a clear picture of the state of the network.

Recording checks in the monitor log

Total Network Monitor 2 monitors all running monitors and records the necessary information about the operation of the checks. Any change in the monitor state is recorded in Monitor log:

Statistics and activity chart

Statistics include startup and last check times of the selected monitor, total count, and the number of green, red, and black monitor states. A separate tool can be called activity diagram, which graphically displays the results of checking the selected monitor.

Monitoring actions in the log

TNM records every completed and uncompleted action in Action log, showing the timecode as well as the name and IP address of the target equipment:

Convenient map of network devices

Build a visual plan for your monitoring project with network maps: Place icons of computers, devices, and servers on an enterprise diagram or world map, and depict the network structure using connections.

Color indication next to each device on the network map allows you to quickly determine their status.

Network monitoring programs- These are the indispensable assistants of every system administrator. They allow you to quickly respond to anomalous activity within the local network, be aware of all network processes and, thus, automate part of the administrator’s routine activities: primarily those related to ensuring network security. Let's see which local network monitoring programs are the most relevant in 2019.

This top opens with our own development TNM 2 - an extremely affordable and effective software solution for network monitoring of the activities of server machines, which displays the ideal balance between convenience (in most free solutions there is no GUI) and extensive functionality. One of the main programmable components of Total Network Monitor 2 are monitors, which perform checks at the frequency you require. The list of available checks is impressive. They allow you to track almost any parameter, from the availability of servers on the network to checking the status of services.

It is noteworthy that these objects are capable of independently eliminating the primary consequences of problems (that is, all this happens without the direct participation of the system administrator) - for example, restarting individual services or user devices, activate the antivirus, supplement the event log with new entries, etc. - in general, everything that the system administrator initially performed manually.

As for reporting, it stores all the information associated with each test that was carried out by the selected monitor. The cost for 1 copy of this application is only 5,000 rubles.

Observium

The Observium application, which is based on the SNMP protocol, allows you not only to examine the status of a network of any scale in real time, but also to analyze its performance level. This solution integrates with equipment from Cisco, Windows, Linux, HP, Juniper, Dell, FreeBSD, Brocade, Netscaler, NetApp and other vendors. Featuring a well-designed graphical interface, the software gives system administrators a ton of customization options, from ranges for auto-discovery to SNMP data needed to gather network information.

They also get access to information about technical specifications all equipment that is currently connected to the network. Observium can present all reports that are generated by analyzing the event log in the form of charts and graphs, clearly demonstrating the “weaknesses” of the network. You can use either a demo version (which in our experience is underpowered) or a paid license that costs £200 per year.

Nagios

Nagios is an advanced monitoring solution that is managed via a web interface. It is by no means easy to learn, but thanks to its fairly large online community and well-researched documentation, it can be mastered in a few weeks.

Using Nagios, system administrators have the opportunity to remotely regulate the load on user or higher-level equipment in the network hierarchy (switches, routers, servers), monitor the level of load on memory reserves in databases, monitor physical indicators parts of network equipment (for example, temperature motherboard, combustion of which is one of the most common breakdowns in this area), etc.

When it comes to detecting network anomalies, Nagios automatically sends alarm notifications to an address preset by the system administrator - be it an email address or a phone number mobile operator. A free demo version will be available to you for 60 days.

PRTG Network Monitor

PRTG software component, compatible with devices based on Windows OS, is designed for network monitoring. It is not free (only a 30-day trial period is free), it is used not only for scanning devices that are currently connected to the local network, but can also serve as an excellent assistant in detecting network attacks.

Among the most useful network services PRTG: packet inspection, analysis and saving of statistical data to the database, viewing a network map in real time (the ability to obtain historical information about network behavior is also available), collecting technical parameters about devices connected to the network, as well as analysis of the load level on network equipment. Note that it is very easy to use - first of all, thanks to an intuitive graphical interface that can be opened using any browser. If necessary, the system administrator can also gain remote access to the application via a web server.

Kismet

Kismet is a useful open-source application for system administrators that allows you to comprehensively analyze network traffic, detect anomalies in it, prevent failures and can be used with systems based on *NIX/Windows/Cygwin/macOS. Kismet is often used specifically for analyzing wireless local networks based on the 802.11 b standard (including even networks with a hidden SSID).

With its help, you can easily find incorrectly configured and even illegally operating access points (which attackers use to intercept traffic) and other hidden devices that could be potentially “harmful” to your network. For these purposes, the application has a very well developed detection capability various types network attacks – both at the network level and at the level of communication channels. As soon as one or more attacks are detected, the system administrator will receive an alarm and can take action to eliminate the threat.

WireShark

The free open-source traffic analyzer WireShark provides its users with incredibly advanced functionality and is rightfully recognized as an exemplary solution in the field of network diagnostics. It integrates perfectly with *NIX/Windows/macOS based systems.

Instead of confusing web interfaces and CLIs that require you to enter queries in a special programming language, this solution uses a GUI (although if you need to upgrade WireShark's standard set of features, you can easily program them in Lua).

By deploying and configuring it once on your server, you will receive a centralized element for monitoring the smallest changes in network operation and network protocols. This way, you can detect and identify problems occurring on your network early on.

NeDi

NeDi is completely free software that scans the network by MAC addresses (also among the valid search criteria are IP addresses and DNS) and compiles its own database from them. To operate, this software product uses a web interface.

Thus, you can monitor online all physical devices and their locations within your local network (in fact, you will be able to retrieve data about any network node - from its firmware to its configuration).

Some professionals use NeDi to find devices that are being used illegally (eg stolen). This software uses the CDP/LLDP protocols to connect to switches or routers. This is a very useful, although not easy to learn solution.

Zabbix

Zabbix monitoring system is a universal open source network monitoring solution that can be configured for individual network models. Basically, it is intended for systems that have a multi-server architecture (in particular, Zabbix integrates with Linux/FreeBSD/Windows servers).

This application allows you to simultaneously manage hundreds of network nodes, which makes it an extremely effective tool in organizing the work of system administrators working in large-scale enterprises. To deploy Zabbix on your local network, you will need to either run software agents(daemons), or use the SNMP protocol (or another protocol for secure remote access); and to manage it you will have to master the web interface in PHP.

In addition, this software provides a complete set of tools for monitoring the status of network hardware. Please note that in order to fully experience all the benefits of this solution, your system administrator will have to have at least basic knowledge Perl or Python languages ​​(or any other languages ​​that can be used together with Zabbix).

10-Strike: Network Monitoring

“Network Monitoring” is a Russian-language web-based software solution that fully automates all aspects of network security. With its help, system administrators can prevent the spread of virus software over a local network, as well as determine the cause of various technical malfunctions associated with broken cables or failure of individual units of the network infrastructure.

In addition, this software online monitors temperature, voltage, disk space and other parameters via SNMP and WMI. Among its disadvantages are a fairly heavy load on the CPU (which the developer himself honestly warns about) and a high price.

Network Olympus

And our list is completed by another program of ours. Unlike TNM, Network Olympus runs as a service and has a web interface, which gives much more flexibility and ease of use. The main feature is the scenario designer, which allows you to move away from performing primitive checks that do not allow you to take into account certain circumstances of the operation of devices. With its help, you can organize monitoring schemes of any complexity in order to accurately identify problems and malfunctions, as well as automate the process of eliminating them.

The scenario is based on a sensor from which you can build logical chains that, depending on the success of the check, will generate various alerts and actions aimed at solving your problems. Each element of the chain can be edited at any time and will be immediately applied to all devices to which the script is assigned. All network activity will be monitored using an activity log and special reports.

If you have a small network, then you do not need to buy a license - the program will work in free mode.

How to choose a network monitoring program: summary

Unambiguously choose the winner and name the best program monitoring a local network is difficult. But we are of the opinion that our Network Olympus product has many advantages and a very low barrier to entry, because it does not require special training in order to start working with it. In addition, it does not have the disadvantages of open-source solutions, such as lack of updates and poor compatibility (both with OS and TX devices). Thus, thanks to similar decision you will be able to monitor all events occurring within your local network and respond to them in a timely manner.