Network Performance Monitoring: An Introduction
When you think about maintaining visibility into your IT environment, your mind perhaps first goes to monitoring applications and the servers or other infrastructure that hosts them.
Infrastructure and application monitoring is indeed two important components of an overall monitoring strategy. But an equally vital part - and one that is easier to overlook - is network monitoring. If your network fails or underperforms, your applications will also experience problems. You must therefore monitor your network's performance and availability as closely as you monitor other aspects of your IT resources.
This article explains why network performance monitoring is important and what you need to know to plan a network performance monitoring strategy.
How Does Network Performance Monitoring Work?
Network performance monitoring, or NPM, collects data about network traffic as it flows across your IT environment.
The data can include basic network-related performance metrics such as bandwidth and throughput, as well as more complex information like which routes packets take as they travel between endpoints.
In addition, network performance monitoring may allow you to contextualize monitoring data by analyzing how traffic patterns or metrics vary across different subnets, VPNs, cloud regions, and other network segments that exist within your IT architecture.
By tracking all of this information, network performance monitoring allows teams to find and investigate networking issues that could cause applications to become unavailable or slow to respond. Network monitoring is also important because it helps engineers to determine whether the root cause of a performance problem lies in the network or in an application or host infrastructure.
Network Performance Monitoring Goals
When properly implemented, network performance monitoring allows teams to achieve a variety of goals:
- Tracking devices: See which devices are available on the network and what their state is.
- Networking equipment configuration: Ensure routers, gateways, and other physical or virtual networking equipment are properly configured.
- Use behavior analysis: Tracking the traffic on the network can provide some insights into what users are doing and how they are interacting with your IT environment.
- Network quality assessment: Understand how well the network performs as a whole, and what its impact on end-users is.
- Network capacity assessment: Determine the maximum bandwidth, throughput, and other parameters that you can expect to achieve reliably on your network.
- Correlate events with network performance: Identity how events in your environment (like an application failure or server crash) relate to or correlate with activity on the network.
Compared to other types of monitoring, network performance monitoring poses some special challenges.
One is that, because network monitoring centers on tracking the traffic that is constantly moving, it is sometimes difficult to pinpoint the cause of a networking issue. If packet transmission between two endpoints is slow, for example, it may be hard to determine whether one of the endpoints is the problem, or if it's an issue with a network router, configuration, protocol, or another parameter. This doesn't mean you can't identify the root cause of networking problems. You can, but it takes careful work.
Another challenge is that you sometimes need to monitor networks in IT environments that you don't directly control, such as the public cloud. If you don't have direct access to the physical servers and networking equipment that hosts your applications, you need to be more creative in your approach to collecting network performance data. This challenge can be overcome by adopting a network monitoring technique that works in environments where you can't access the physical networking infrastructure; see below for details on monitoring techniques.
Figuring out how to fit network performance monitoring into your existing monitoring routine can be a challenge, too. You may already be spending a lot of time (and juggling multiple tools) to monitor applications and infrastructure. To add network monitoring to your workflows, it's important to find ways to collect and analyze network performance data efficiently, so you don't become overburdened.
Finally, because networks grow and change over time, network monitoring strategies need to be adaptable. This also poses a challenge, especially in situations where networks evolve quickly.
How to Implement Network Performance Monitoring
To put network performance monitoring into practice, you must first select a monitoring technique (or techniques), then determine which metrics you will collect and analyze.
Network Analysis Techniques
There are three main monitoring techniques:
- Flow monitoring: You can collect what is known as flow data, which means data about connections made on the network and related contextual information (such as which IP addresses and protocols are used to make the connections). This data helps you track what is happening within your network, regardless of how the network is configured or whether you have direct access to networking equipment.
- SNMP monitoring: Most networking devices can expose performance data using the SNMP protocol. SNMP monitoring allows you to discover endpoints on your network and analyze traffic flowing within them. The major limitation is that SNMP monitoring doesn't work well in public clouds or other environments where networking equipment cannot be accessed. (It is sometimes possible to perform SNMP monitoring in the cloud by setting up so-called SNMP traps, but this approach doesn't work with all cloud services or configurations.)
- Packet capture: You can collect and analyze individual packets as they move across your network in order to determine which data they contain and analyze them for possible security vulnerabilities. Because each packet contains only a small amount of data, however, it can be difficult to reconstruct large volumes of network traffic based on packet capture alone.
These techniques can be used simultaneously; you need not deploy just one at a time.
Network Analysis Metrics
Whichever monitoring techniques you use, you'll want to focus on core network metrics to track the performance of your network:
- Bandwidth: The overall data transfer capacity of your network.
- Throughput: The amount of data transferred over the network in a given time period.
- Uptime: The overall time the network remains up and available.
- Packet loss: How many packets fail to reach their intended destination?
- Latency: The delay between a data request and delivery over the network.
You can collect a variety of other network performance metrics as well, but these basic ones are a good starting point.
You can't guarantee a positive experience for your users if you don't monitor the network in addition to monitoring applications and infrastructure. Although network performance monitoring poses some special challenges, especially in modern, cloud-centric environments, a number of monitoring approaches and metrics are available for tracking what happens within your networks.