Warakorn - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How to select the best network monitoring tool

Learn the criteria for choosing the best network monitoring tool for your enterprise.

An important part of any network administrator's job is to monitor the network for performance, traffic usage, faults and availability, and to respond quickly to issues. A network monitoring tool is either software-based or a software-hardware combination that watches the network from end to end, collecting data on hundreds of performance metrics, including bandwidth, latency, responsiveness and CPU use of hosts. The tool tracks a network's behavior and issues alerts when it exceeds some performance thresholds -- whether that means dipping below an acceptable level or when network traffic spikes.

How network monitoring works

At its core, a network monitoring product detects, monitors and analyzes a network. It also examines applications and devices in real time, enabling an admin to respond to warnings and alerts. It will diagnose most issues and determine root causes.

Many network monitoring products work well for the typical small or midsize network, whether wired or wireless. But more complex networks -- enterprise networks and distributed environments -- need a comprehensive platform that offers visibility into physical and virtual servers, WAN links, a software-defined network infrastructure, cloud-based services, network-based applications and the increasing number of mobile devices that connect to the network.

In addition to keeping tabs on the overall health of a network, careful network monitoring can facilitate proactive strategies, such as justifying the cost of hardware or infrastructure upgrades required to eliminate chronic network bottlenecks. This capability can also save money over the long term by enabling an enterprise to avoid repetitive troubleshooting issues.

Organizations that rely on a service provider to oversee portions of their network connectivity can use network monitoring to enforce service-level agreements (SLAs), which state the level of service a provider agrees to meet. Without clear insight into how a network is truly performing, customer enforcement of an SLA is difficult to impossible.

Finally, a properly functioning network provides higher user satisfaction that, in turn, reduces calls to the help desk and subsequent follow-ups.

Types of network monitoring tools

You can categorize network monitoring tools as those aimed at SMBs versus enterprise, but also on-premises versus cloud-based. SMBs typically need performance and availability monitoring that's easy to use -- tools that work with little configuration and tell you when something is wrong. Enterprises benefit from highly comprehensive and scalable tools.

All kinds of good SMB-level monitoring tools are available. For example, PRTG Network Monitor comes in a free version for small networks and a paid version for larger networks. Spiceworks Network Monitor and Nagios Core -- both free -- are also popular with SMBs.

On the cloud front, SaaS-based platforms like Kaseya Traverse and LogicMonitor include network, server, website and application monitoring, as well as network configuration and network flow analysis, among other features.

Some comprehensive network monitoring tools aimed at the enterprise include offerings from NetScout, SolarWinds and Riverbed, as well as Cisco.

Networking monitoring tool features

A network monitoring tool should be at least moderately easy to implement and configure, and it should support multiple vendor devices.

The comprehensive product you choose -- at minimum -- should include autodiscovery, node and device inventorying, automatic and configurable trouble alerts and warnings, and they all should be tied together through a web-based centralized management interface. The interface should include a dashboard with easy-to-read graphs and tables that provide different views of network status; it should also have a network topology map -- or the ability to generate one -- as well as commands for modifying network settings and troubleshooting issues. Some interfaces provide viewing and reporting only.

Most network monitoring approaches today are application-aware, which means they can detect and monitor all applications and services operating across a network. This is an important capability, because it enables administrators to understand if a performance problem stems from either the network or the application itself. An application-aware network monitoring tool lets IT staff track an application's response time in detail, including server processing, network request and network response.

With the transition to IPv6 well underway, your choice of network monitoring tools must also be able to detect and analyze IP version 4, as well as IPv6 traffic and protocols.

Another feature to consider is whether to pursue an agent-based or agentless monitoring approach. A network monitoring tool typically uses agents or sensors that collect and transmit data to a management console for analysis. Agents require some resources to run, which can affect performance.

An agentless product, on the other hand, is designed to have little to no effect on current processes.

Finally, the ability to spot trends -- both historical and what's expected -- is a highly useful resource for technical staff. Trend data lets an admin look back at network performance data, whereas trend predictions provide a glimpse into the most likely future of network performance based on past behavior. Admins should be able to drill down into either type of data to examine and analyze the metrics of their choice.

Nice-to-have network monitoring features 

Automatic capacity planning is a handy feature, but it's not needed in every type of environment. It facilitates network infrastructure management and optimization by sending an alert to a network administrator whenever available memory, bandwidth or network capacity is about to be exceeded.

Asset and configuration management with ticket-based controls is another nice-to-have feature, mainly for larger environments.

The bottom line

Look for a comprehensive network monitoring product that meets your needs today and provides scalability for future network expansion. You have plenty of choices, whether you're an SMB or enterprise, or want an on-premises or cloud-based product.

Next Steps

Arm yourself with app performance monitoring tools and learn the importance of APM technology in providing a good user experience.

As networking evolves, the future of monitoring remains the same, making the networking engineer role a critical one.

Which monitoring tools suit your enterprise network design? Find out in this Buyer's Guide handbook.

This was last published in November 2017

Dig Deeper on Network management and monitoring

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What network management and monitoring features do you think are the most necessary for your particular network?
If all off a sudden every node start facing a slowness then how to pin point such problem. Its cause and its remedy. Detection of  culprit nodes/s.

Daily i monitor the network using omd tool unlike nagios.it is easy and good tool.some things default router page goes to cisco switch page. Can I know how to prevent it? Please suggest and help us.
How have your network monitoring requirements changed in the wake of cloud computing?
Thanks for the helpful article.
Pesonally for me, there are a few points that I pay attention on when choosing the network monitoring software: features that my company needs, friendly interface, ease of use, support, and the price. Sometimes, it's better to spend some money and get what covers your needs, than to make a lot of settings with open source. Usually, when you buy software, you buy support. It's very important.
Another topic to consider is how you are going to connect the tool to the network. If you connect it straight into the network, you may have problems down the road. Especially if you need to take it out service and it’s an inline security tool (IPS, NGFW, etc.). I’d put a tap and a packet broker in first and then connect the tool to the network packet broker (NPB). The packet broker let’s you aggregate multiple inputs to a particular tool, load balance across multiple tools (especially if you have lower rate 1 GE tools that you want to keep using in a higher speed network), perform packet de-duplication (which improves the CPU efficiency of your tool), and allows you to filter out only the relevant data (packet and application level) to be sent to your tool(s).
Really good information. We wrote an article on our five favorite network monitoring tools, and I'd be curious to see how similar your own list would be: https://www.libertycenterone.com/blog/five-of-the-best-free-network-monitoring-software-tools/
I think every organization has its own set of requirements. The first thing for us was network visibility and simple alerts of what is up/down for thousands of geographically distributed IP nodes. We needed to see all of them on hierarchical maps. We needed both server monitoring and network devices monitoring, and at some level application monitoring with e-mail/SMS alerts. We needed ability to securely monitor remote sites without VPN. All this we found in CloudView NMS. It scaled OK for us: we started using it as a small desktop app and the same software install slowly evolved for us to being multi-user multi-profile distributed system with remote access.