A centralised approach to network monitoring

As production networks grow in size and scope, so does the demand for achieving total network visibility. One hundred percent visibility is essential to realising five-nines uptime standard.


Failing to monitor all points on the network can lead to costly outages or increase the time to resolution -- resulting in revenue losses as well as customer dissatisfaction.

In response, enterprises are investing in farms of monitoring and analysis tools such as analysers, sniffers, archiving systems and intrusion-detection systems (IDS). To most enterprises, these tools are not an option, but a requirement to maintain a healthy network and meet security and compliance regulations. However they also represent a significant capital investment.

While it is cost prohibitive to put these devices at every network monitoring point, it is equally unwise to have them sit idle until needed. The ideal solution is to deploy devices in a way that allows them to be shared to maximize coverage and utilization. With the adoption of matrix switching technology, efficient device sharing is becoming more common. However, effectively managing this infrastructure from a single, centralised point has remained a challenge.

At its most basic, network monitoring requires the ability to connect a SPAN, Tap or mirror port to an analysis or security device for the purpose of diagnosing network issues. The matrix switch has become a key way to efficiently monitor tool farms -- with all devices wired to the matrix switch and then connections from there made electronically via software.

This did away with the conventional (and expensive) approach of sending someone to the datacentre to manually patch and re-patch connections between devices. Yet even the electronic patching could be time-consuming, requiring logging into each switch to complete the end-to-end connection. In a complex network featuring an expanded switch matrix, you might need to log into four, five or six screens to manage connectivity.

Now, however, software is available that offers seamless, end-to-end connectivity between devices from a single screen in about six mouse clicks. This "device-centric" software enables you to focus on the devices you want to reach while the tool works behind the scenes to manage all of the port-to-port, inter-device connectivity.

So what might a device-centric interface look like? Look for tools that on one screen list data sources (SPANs, Taps, mirror ports) and destination devices (analyzers and IDSs) and make it possible to select a source and destination with two clicks (more if the user wants to multicast to additional destinations). The tool should also let you apply a rate, add a job code or message if desired, and click to make the connection.

"Recommended For You"

Enterasys steps up datacentre fight with Cisco, Brocade Extreme looks to manage network 'edges'