User Guide:Introduction
From Netmon
What is Netmon?
Netmon is a full featured network monitoring solution for small to midsize networks. It provides administrators with a complete perspective of their networks, services and devices from a variety of vantage points:
- Network traffic and activity monitoring
- Bandwidth monitoring
- Service monitoring
- Protocol activity monitoring
- Device monitoring and device management
- Web activity monitoring
- SYSLOG monitoring and event log monitoring
- Website and web application monitoring
- Performance monitoring and reporting
- Cisco NetFlow collection, analysis and reporting
- Email and pager notification / alerts
- Environmental monitoring (optional)
With Netmon’s integrated email and pager notification system, you and your network management team will be the first to know when urgent situations arise.
What does Netmon do?
Netmon provides a wealth of information on network activity and network-connected devices. This information can be used to identify immediate issues on the network, and it can also be used as a proactive management tool, giving you a clear perspective into your network’s health, usage patterns and growth.
Netmon exposes an enormous amount of useful information for your SNMP-capable network devices, with a fully integrated Management Information Base (MIB) browser. Tens of thousands of devices support the SNMP protocol, and Netmon even allows you to upload your own custom MIBs to work with proprietary devices.
Netmon can monitor the up/down status of any device or network service (such as an SMTP server or POP3 server) at an interval which you choose. When a service stops responding for your specified period of time, visual, email and pager alerts can be activated. Netmon can even show you latency trends and uptime statistics for each of your business critical services.
Monitor usage of your Internet bandwidth with Netmon’s built in bandwidth monitoring tools. Easily spot bandwidth trends, such as the busiest times of the day, and receive an alert if bandwidth usage exceeds your defined thresholds.
Netmon can also help you to locate spyware, adware and other types of malicious software on your network. Using Netmon, you can also identify many other kinds of malware, including worms and viruses.
Perform sophisticated data mining with powerful reporting tools. Analyze your network activity to virtually any level of detail, across any time frame, and focus on specific activities using Netmon’s powerful reporting toolset. Key Features and Benefits
Automatic Discovery Features
- Automatic discovery of SNMP capable devices
- Automatic NetBIOS and reverse-DNS name resolution
- MAC Address detection with ARP Probe Service
- Background port scanner automatically identifies new services which appear on your network
- Automatic discovery of devices which send NetFlow data to Netmon
- Automatic interface rediscovery on routers, switches and other managed devices
Network Monitoring Features
- Integrated Layer 2 (Ethernet) Frame Analyzer
- Integrated Layer 3 and 4 (IP Services) Protocol Analyzer
- Integrated NetFlow Collector (v1, v5 and v7)
- Raw packet capture utility for low-level packet analysis in compatible client software (i.e. Ethereal)
- Automatic NetBIOS and DNS name resolution
- Real-time network activity monitoring with the Visual Network Explorer (VNE)
- Capture and monitor live network activity on remote networks with NetFlow protocol support
- Instantly narrow live activity views to specific hosts and/or protocols with easy to use filters
- Identify the type and nature of all connections to a particular host with a simple double-click
- Monitor internal and external bandwidth utilization
- Built-in port label database identifies thousands of commonly used protocols
- Create and label your own custom protocols
- Protocol Dictionary features detailed information on over 125 IP-layer protocols
- Capture local network activity on up to two (2) separate physical networks with dual onboard Gigabit network cards
Device Monitoring Features
- Assign friendly names and icons to individual hosts for simplified reporting and visibility
- Monitor Windows Services
- Monitor Windows NT/2000/XP/2003 shared folders and volumes
- Monitor Linux/UNIX and Solaris disks and partitions
- Monitor SYSLOG data from routers, firewalls, switches and other SYSLOG-capable systems
- Monitor Windows Event Logs with supplied SNARE Agent software
Email and Pager Alert Features
- Fully integrated email and pager alert system
- Customizable alert message templates
- Support for alert escalation
- Prevent false alerts with Alert Conditionals
- Service or device UP / DOWN notifications
- Bandwidth utilization alerts (in, out or sum of both)
- SNMP Trap Handling / Relaying Service
- ICMP “ping” availability alerts
- Full TCP handshake monitoring (for specific IP network services such as FTP, Telnet, HTTP, SSH and others)
- Service/connection latency alerts (100ms to 1500ms)
- Protocol activity notifications (i.e. P2P traffic)
- Disk capacity & availability alerts (Windows/Linux/UNIX)
- New network service alerts (i.e. opened TCP/UDP port)
- New host detection alerts (based on MAC identification)
- Event log message alerts based on a specific text or regular expression pattern match
SNMP Device Monitoring Features
- Automatic SNMP device discovery service with customizable Community string
- SNMP MIB Browser - Monitor hundreds or thousands of management information points exposed by SNMPv2 capable devices.
- SNMP Trap Alert Service. Relay SNMP trap messages sent from your managed devices through your Netmon server appliance.
- Upload custom SNMP MIBs for proprietary devices
Security Monitoring Features
- On-demand port scanner identifies open ports / services
- Background port scanning service identifies new network services as they appear
- ARP Probe Service identifies new MAC addresses which have appeared on your network
SYSLOG and Event Log Server Features
- Fully integrated SYSLOG server - collect and store logs from all SYSLOG-capable devices in a single location
- Organize syslog/event log data by host, facility and severity level
- Powerful built-in reporting and search capabilities, including support for regular expression pattern matches as well as standard text search
- Integrated email and pager alert facilities, including support for text and regex matching for alerts
- Monitor Windows event logs with supplied agent software.
Environmental Monitoring Features [1]
- Monitor datacenters, server rooms, wiring closets and other locations for temperature or humidity changes
- Detect the presence of water with the included water sensor
- Monitor door contacts and motion sensors
- Detect vibrations and movement with specialized sensors
- Monitor environmental conditions at multiple remote locations, including datacenters, branches and field offices, and process alert messages from a centralized console in your Netmon system.
- ↑ Requires optional Enviromon add-on unit(s), see www.enviromon.net for more information.
Reporting and Data Analysis
- Historical database of virtually all monitored activities
- Network, protocol and host activity reports
- Uptime/downtime and service latency reports
- Bandwidth utilization reports
- Sophisticated traffic and protocol analysis toolset
- Build and save custom reports for later one-click delivery
- Printer-friendly report designs
- Snapshot Reports - almost any application panel can be printed directly in a printer-friendly format
- Customizable protocol and host filtering lets you narrow reports to specific hosts and/or network activities
- Customizable logging verbosity settings for each monitored device and service
- Analyze Netmon data in third-party reporting packages such as Crystal Reports.
Administration and Management
- Netmon security groups allow you to assign distinct capabilities and permissions to Netmon user accounts
- Full control over each distinct monitoring service. Turn off services which aren’t needed or required.
- Specify historical data retention policies for each monitoring service. For example, you can tell Netmon to keep 8 weeks of network traffic data, and unlimited SYSLOG data.
- Data backup facilities, from quick configuration-only backups to complete database archiving
- Label your own protocols by adding, editing or removing entries in Netmon’s protocol index
- Customize email and pager message templates
What's New in Netmon 4.8?
Initial support for sFlow
Netmon now supports sFlow-enabled network infrastructure devices such as switches and routers. Your sFlow-capable device can now provide protocol distribution graphs for the network traffic it handles. In Netmon 4.8 the sFlow protocol receives initial support, which in future releases will be supplemented with new reports taking advantage of the sFlow protocol.
NetFlow v9 support
Netmon now adds v9 support to the NetFlow functionality already built into Netmon. Devices using the NetFlow v9 export format are now supported by Netmon.
Re-designed Device Explorer
A more capable Device Explorer has consistently been one of our most-requested features. In Netmon 4.8 the Device Explorer receives a welcome overhaul. Devices can now be placed in folders (including support for nested sub-folders) using a drag-and-drop interface.
Device Report
A centralized report where you can view your device utilization within Netmon. Primarily for Netmon SE users, this report shows the device slots currently in use along with the Netmon facility where those devices are configured.
Domino Server Dashboard
A new SNMP dashboard for Lotus Domino servers has been implemented for Netmon 4.8
IP Resolution Improvements
- A new asynchronous approach to resolving IP addresses to names resolves scaling issues for some customers.
Navigation
