1 / 17

Monitoring Network Resources & Performance

Monitoring Network Resources & Performance. IT:Network:Apps. Monitoring Network resources and Performance. What’s happening on the network Network Traffic Performance Logging Auditing Monitoring. What’s happening on the network?. Need to keep track of many things Traffic (packets)

theta
Télécharger la présentation

Monitoring Network Resources & Performance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Monitoring Network Resources & Performance IT:Network:Apps

  2. Monitoring Network resources and Performance • What’s happening on the network • Network Traffic • Performance • Logging • Auditing • Monitoring

  3. What’s happening on the network? • Need to keep track of many things • Traffic (packets) • Network load • Server load • Disk space • Log files • Availability of Servers/Services

  4. Network Traffic • Protocol Analyzer • Network Monitor • http://www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en • Wireshark • Need to see all packets • Promiscuous ModeIn a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. • Management port on switch

  5. Network Traffic • Network Monitor

  6. Network Traffic • Administrative Tools > Performance Monitor • IPv4 – Datagrams (sent/received) / sec • Network Interface – Bytes (sent/received/total) / sec

  7. Network Traffic • Administrative Tools > Performance Monitor • IPv4 – Datagrams (sent/received) / sec • Network Interface – Bytes (sent/received/total) / sec

  8. Logging • System keeps log files with important info • System; Application; Security; Others • Look at them!!! • EventRoverhttp://www.eventrover.com/ • EventAlarmhttp://eventalarm.com/

  9. Auditing • Security Policy (Local, Domain, DC) • Local Policies – Audit Policy • What to watch • Account Logon Events – domain user auth by DC • Account Mgmt – • Logon Events – user auth by local machine • Object access – file system/reg key/ printer • (ntfs security – Adv – audit) • Policy Change • Privilege use • Process Tracking • System Events

  10. Auditing • What should we audit? It Depends… • Security – watch for what “shouldn’t” happen • Tracking – watch for what “is” happening • Do we need to know Mary successfully logged in? • Do we need to know the server restarted? • Why did it restart? • When did it restart • Do we need to know a user was created? • who created it and why? • Watch Log File

  11. Monitoring • Performance Monitor • Resource MonitorStartSearch All Programs and Files Resource monitor • NetProbehttp://www.net-probe.com/Net-Probe/Index.html

  12. System Monitoring • SpiceworksDownloadable network inventory system…for free. • Manage all systems on your network from one portal

  13. System Monitoring • Timeline views • Printer information • Software patch information

  14. System Monitoring • VM Aware! • Select VM or device to get a detailed view of system.

  15. System Monitoring • Network device support

  16. System Monitoring • Configuration, interface, vlan views

  17. Summary • Network monitoring should be a part of IT strategy. • Automated flagging systems reduce wasted time filtering through logs. • Audit what you are going to review. The more you log and audit the bigger the impact on system resources. Start small, and manage. • System monitoring/inventory systems can reduce workload dramatically when configured properly. • Reporting and documenting capabilities should be a primary need.

More Related