With the end user dependence on complex network applications and architecture makes it more important then ever that network managers understand what, how, and when traffic is traversing the network. Network monitoring is the increasingly powerful connected set of tools used in controlling, maintaining, and optimizing networks.

 A network management system #NMS is a set of tools that allow a network operator to supervise the individual components of a network.

Network management system components assist with:

• Device discovery – identifying what devices are present on a network.
• Device monitoring – monitoring specific devices to determine their health and performance capacity.
• Performance analysis – tracking indicators like bandwidth utilization, packet loss, latency, availability, and uptime.
• Intelligent notifications – collecting or sending alerts that respond to set network scenarios.

Network monitoring is the cornerstone of network management, especially when troubleshooting and understanding performance of network applications and services. Network monitoring allows an operator to harness the rich information available via direct inspection and analysis of network packets.

So what is needed to integrate effective monitoring with a network management system (NMS)? The first recommendation is to add a Network Packet Broker (NPB), to optimize the interconnection and flow of data to the monitoring tools that will be used. The second recommendation is to determine the type(s) of monitoring tools required. A variety of monitoring tools and technologies exist which leverage this approach, spanning network management, application performance management, as well as security management.

In general, the most prevalent tools used are:

• Packet Analyzers. A packet analyzer (also known as a network analyzer, protocol analyzer, or packet sniffer, an Ethernet sniffer, or wireless sniffer) is a device or applications that intercepts and logs traffic passing through a network. The sniffer captures traffic and exposes the values of the packet fields. It then analyzes its content according to the appropriate RFC or other specifications.
• Intrusion Detection / Prevention. An intrusion detection system (IDS) is a device or application that monitors the network for suspicious traffic or activity. Intrusion detection and prevention systems (IDPS) focus on identifying incidents, recording them, and reporting the detection. In addition, organizations use IDPSes to identify security policy issues, document existing threats, and deterring policy violations.
• Data Loss Prevention. A data loss/leak prevention system is designed to detect and halt potential data breaches by monitoring, detecting, and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). During such incidents sensitive data is captured by unauthorized personnel, usually through covert incursions. Examples of sensitive data include private or company information, intellectual property (IP), financial or patient information, credit-card data, and other types depending on the market the industry.
• Application Performance Management. Application performance management (APM) is the oversight of network application performance and availability. APM detects and diagnoses application performance problems in order to maintain the user’s expected level of service.

Two sets of performance metrics are closely monitored: the end user application performance experience and the stress placed on the network while running the application.

• An example of the first metric would be the average response times under peak network load, where “response time” is the time required for an application to respond to user actions. Without load, most of the applications are fast enough, which is why programmers may not catch performance problems during development.
• The second metric establishes whether there is adequate capacity to support the application load, while determining where there may be performance bottlenecks. Measurement of these quantities establishes an empirical performance baseline for the application.]
• Data Recorder. A data logger (also a data recorder) records data over time. They are usually small, battery powered, and equipped with a microprocessor and internal memory for data storage. Some data loggers interface with a personal computer and use software to activate the data logger and view and analyze the collected data, while others have a local interface device (keypad, LCD) and can be used as a stand-alone device.
• Compliance. Compliance monitoring verifies that whatever regulations and/or limitations that are in force from some governing agency (such as government institutions) are being followed and maintained.
• VoIP / Unified Communications / Video analyzers. Multi-media analyzers assess the quality of real-time communication services like instant messaging, video conferencing, data sharing, VoIP, video playback, and speech recognition with non-real-time communication services such as unified messaging.

Another aspect of network management on the rise is automation. The automation of network management tools and technologies offers increased efficiency, decreased errors due to manual tasks, and is a hedge against rising complexity due to growth, virtualization, and cloud services – it is a buffer against the steady increase and expansion of applied automation in selective tasks and workflows. 

Generally speaking, the need for improved and more comprehensive network management resources is needed due to the complexity of networks.