Program for monitoring the Internet in Russian. Programs for system administrators, programs for the network

home

Adviсe

The mantra of the real estate world is Location, Location, Location. For the world of systems administration, this sacred text should read like this: Visibility, Visibility and Visibility. If you don't know exactly what your network and servers are doing every second of the day, you're like a pilot flying blind. A disaster inevitably awaits you. Fortunately for you, there are many good programs available on the market, both commercial and open source, that can set up your network monitoring.

Because good and free is always more tempting than good and expensive, here's a list of open source software that proves its worth every day on networks of all sizes. From device discovery, monitoring network equipment and servers, to identifying network trends, graphically displaying monitoring results, and even backing up switch and router configurations, these seven free utilities are likely to surprise you.

Cacti

First there was MRTG (Multi Router Traffic Grapher) - a program for organizing a network monitoring service and measuring data over time. Back in the 1990s, its author, Tobias Oetiker, saw fit to write a simple graphing tool using a ring database originally used to display router throughput on a local network. So MRTG gave birth to RRDTool, a set of utilities for working with RRD (Round-robin Database, ring database), allowing you to store, process and graphically display dynamic information such as network traffic, processor load, temperature, and so on. RRDTool is now used in a huge number of open source tools. Cacti is the current flagship open source network graphics software and takes MRTG principles to a whole new level.

From disk usage to fan speed in the power supply, if the indicator can be monitored,Cacti will be able to display it and make this data easily accessible.

Cacti is a free program included in the LAMP suite of server software that provides a standardized software platform for plotting virtually any statistical data. If any device or service returns numeric data, then it can most likely be integrated into Cacti. There are templates for monitoring a wide range of equipment - from Linux and Windows servers to Cisco routers and switches - basically anything that communicates using SNMP (Simple Network Management Protocol). There are also collections of third-party templates that further expand the already huge list of Cacti-compatible hardware and software.

Although the standard method for collecting Cacti data is SNMP, Perl or PHP scripts can also be used for this. The software system's framework cleverly separates data collection and graphical display into discrete instances, making it easy to reprocess and reorganize existing data for different visual representations. In addition, you can select specific time frames and individual parts of the charts simply by clicking on them and dragging.

So, for example, you can quickly look at data from several past years to understand whether the current behavior of network equipment or a server is anomalous, or whether similar indicators occur regularly. And using Network Weathermap, a PHP plugin for Cacti, you can easily create real-time maps of your network, showing the congestion of communication channels between network devices, implemented using graphs that appear when you hover your mouse over the image of a network channel. Many organizations using Cacti display these maps 24/7 on wall-mounted 42-inch LCD monitors, allowing IT teams to instantly monitor network congestion and link health information.

In summary, Cacti is a powerful toolkit for graphically displaying and trending network performance that can be used to monitor virtually any monitored metric represented in a graph. The solution also supports virtually limitless customization options, which can make it overly complex for certain applications.

Nagios

Nagios is an established network monitoring software system that has been in active development for many years. Written in C, it does almost everything that system and network administrators would need from a monitoring application package. The web interface of this program is fast and intuitive, while its server part is extremely reliable.

Nagios can be a challenge for beginners, but the fairly complex configuration is also an advantage of this tool, as it can be adapted to almost any monitoring task.

Like Cacti, Nagios has a very active community behind it, so various plugins exist for a huge range of hardware and software. From simple ping checks to integration with complex software solutions, such as, for example, WebInject, a free software toolkit written in Perl for testing web applications and web services. Nagios allows you to constantly monitor the status of servers, services, network links and everything else that understands the IP network layer protocol. For example, you can monitor the use of disk space on the server, RAM and CPU load, the use of the FLEXlm license, the air temperature at the server outlet, delays in the WAN and Internet channel, and much more.

Obviously, any server and network monitoring system will not be complete without notifications. Nagios does this well: the software platform offers a customizable mechanism for notifications via email, SMS and instant messages of most popular Internet instant messengers, as well as an escalation scheme that can be used to make smart decisions about who, how and when what circumstances should be notified, which, if configured correctly, will help you ensure many hours of restful sleep. And the web interface can be used to temporarily pause receiving notifications or confirm a problem has occurred, as well as for administrators to make notes.

In addition, the mapping feature shows all monitored devices in a logical, color-coded representation of where they are on the network, allowing problems to be shown as they occur.

The downside to Nagios is the configuration, as it is best done through the command line, making it much more difficult for newbies to learn. Although people familiar with standard Linux/Unix configuration files should not experience any special problems.

The capabilities of Nagios are enormous, but the effort to use some of them may not always be worth the effort. But don't let the complexity intimidate you: the early warning benefits this tool provides for so many aspects of the network can't be overstated.

Icinga

Icinga began as a fork of the Nagios monitoring system, but has recently been rewritten into a standalone solution known as Icinga 2. At the moment, both versions of the program are in active development and available for use, while Icinga 1.x is compatible with a large number of plugins and configuration Nagios. Icinga 2 was designed to be less clunky, more performance oriented, and easier to use. It offers a modular architecture and multi-threaded design that neither Nagios nor Icinga 1 offers.

Icinga offers a complete monitoring and alerting software platform that is designed to be as open and extensible asNagios, but with some differences in the web interface.

Like Nagios, Icinga can be used to monitor anything that speaks IP, as deep as you can using SNMP, as well as custom plugins and add-ons.

There are several variations of the web interface for Icinga, but the main difference between this monitoring software solution and Nagios is the configuration, which can be done through the web interface rather than through configuration files. For those who prefer to manage their configuration outside of the command line, this functionality will be a real treat.

Icinga integrates with a variety of monitoring and graphing software packages such as PNP4Nagios, inGraph and Graphite, providing robust visualization of your network. In addition, Icinga has advanced reporting capabilities.

NeDi

If you've ever had to Telnet into switches and search by MAC address to find devices on your network, or you just want to be able to determine the physical location of certain equipment (or perhaps even more where it was previously located is important), then you might be interested in taking a look at NeDi.

NeDi constantly scans the network infrastructure and catalogs devices, tracking everything it discovers.

NeDi is free LAMP-related software that regularly scans the MAC addresses and ARP tables on the switches on your network, cataloging each detected device in a local database. This project is not as well known as some others, but it can be a very useful tool when working with corporate networks where devices are constantly changing and moving.

You can run a search through the NeDi web interface to identify a switch, switch port, access point, or any other device by MAC address, IP address, or DNS name. NeDi collects all the information it can from every network device it encounters, pulling from them serial numbers, firmware and software versions, current timings, module configurations, etc. You can even use NeDi to mark MACs. addresses of devices that have been lost or stolen. If they reappear online, NeDi will notify you.

Discovery is run by a cron process at specified intervals. Configuration is simple, with a single configuration file that allows for much more customization, including the ability to pass devices based on regular expressions or specified network boundaries. NeDi typically uses the Cisco Discovery Protocol or Link Layer Discovery Protocol to discover new switches and routers and then connects to them to collect their information. Once the initial configuration is established, device discovery will occur quite quickly.

NeDi can integrate with Cacti to a certain level, so it is possible to link device discovery to the corresponding Cacti graphs.

Ntop

The Ntop project—now better known as Ntopng to the “new generation”—has come a long way over the past decade. But call it what you want - Ntop or Ntopng - the result is a top-notch network traffic monitoring tool paired with a fast and simple web interface. It is written in C and is completely self-contained. You start one process configured to a specific network interface, and that's all it needs.

Ntop is a web-based packet analysis tool that shows real-time data about network traffic. Information about the data flow through the host and the connection to the host is also available in real time.

Ntop provides easy-to-digest graphs and tables showing current and historical network traffic, including the protocol, source, destination, and history of specific transactions, as well as the hosts on both ends. Additionally, you'll find an impressive array of real-time network utilization graphs, charts, and maps, as well as a modular architecture for a huge number of add-ons, such as adding NetFlow and sFlow monitors. Here you can even find Nbox, a hardware monitor that is built into Ntop.

In addition, Ntop includes an API for the Lua scripting programming language, which can be used to support extensions. Ntop can also store host data in RRD files to enable continuous data collection.

One of the most useful uses of Ntopng is to control traffic at a specific location. For example, when some network channels are highlighted in red on your network map, but you don’t know why, you can use Ntopng to get a minute-by-minute report on the problematic network segment and immediately find out which hosts are responsible for the problem.

The benefits of such network visibility are difficult to overestimate, and it is very easy to obtain. Essentially, you can run Ntopng on any interface that has been configured at the switch level to monitor a different port or VLAN. That's all.

Zabbix

Zabbix is a full-blown network and system monitoring tool that integrates multiple functions into a single web console. It can be configured to monitor and collect data from a wide variety of servers and network devices, providing maintenance and performance monitoring for each site.

Zabbix allows you to monitor servers and networks using a wide range of tools, including monitoring virtualization hypervisors and web application stacks.

Basically, Zabbix works with software agents running on controlled systems. But this solution can also work without agents, using the SNMP protocol or other monitoring capabilities. Zabbix supports VMware and other virtualization hypervisors, providing detailed data on hypervisor performance and activity. Particular attention is also paid to monitoring Java application servers, web services and databases.

Hosts can be added manually or through an automatic discovery process. A wide range of default templates apply to the most common use cases such as Linux, FreeBSD and Windows servers; Widely used services such as SMTP and HTTP, as well as ICMP and IPMI for detailed monitoring of network hardware. In addition, custom checks written in Perl, Python or almost any other language can be integrated into Zabbix.

Zabbix allows you to customize your dashboards and web interface to focus on the most important network components. Notifications and issue escalations can be based on custom actions that are applied to hosts or groups of hosts. Actions can even be configured to run remote commands, so your script can run on a monitored host if certain event criteria are observed.

The program displays performance data such as network bandwidth and CPU load in graphs and aggregates it for custom display systems. In addition, Zabbix supports customizable maps, screens, and even slideshows that display the current status of monitored devices.

Zabbix can be difficult to implement initially, but judicious use of automatic discovery and various templates can alleviate some of the integration difficulties. In addition to being an installable package, Zabbix is available as a virtual appliance for several popular hypervisors.

Observium

Observium is a program for monitoring network equipment and servers, which has a huge list of supported devices that use the SNMP protocol. As LAMP software, Observium is relatively easy to install and configure, requiring the usual Apache, PHP and MySQL installations, database creation, Apache configuration and the like. It installs as its own server with a dedicated URL.

Observium combines system and network monitoring with performance trend analysis. It can be configured to track almost any metrics.

You can go into the GUI and start adding hosts and networks, as well as set auto-discovery ranges and SNMP data so Observium can explore the networks around it and collect data on each system it discovers. Observium can also discover network devices via CDP, LLDP or FDP protocols, and remote host agents can be deployed on Linux systems to assist in data collection.

All of this collected information is available through an easy-to-use user interface that provides advanced capabilities for statistical data display, as well as charts and graphs. You can get anything from ping and SNMP response times to graphs of throughput, fragmentation, number of IP packets, etc. Depending on the device, this data may be available for every detected port.

As for servers, Observium can display information about the state of the CPU, RAM, data storage, swap, temperature, etc. from the event log. You can also enable data collection and graphical display of performance for various services, including Apache, MySQL, BIND, Memcached, Postfix and others.

Observium works well as a virtual machine, so it can quickly become the primary tool for obtaining information about the health of servers and networks. This is a great way to add automatic discovery and graphical representation to any size network.

Too often, IT administrators feel limited in what they can do. Whether we're dealing with a custom software application or an "unsupported" piece of hardware, many of us believe that if the monitoring system can't handle it right away, it won't be possible to get the data we need in that situation. This is, of course, not true. With a little effort, you can make almost anything more visible, accounted for, and controlled.

An example is a custom application with a database on the server side, for example, an online store. Your management wants to see beautiful graphs and diagrams, designed in one form or another. If you're already using, say, Cacti, you have several options to output the collected data in the required format. You can, for example, write a simple Perl or PHP script to run queries on the database and pass those calculations to Cacti, or you can make an SNMP call to the database server using a private MIB (Management Information Base). One way or another, the task can be completed, and done easily, if you have the necessary tools for this.

Most of the free network equipment monitoring utilities listed in this article shouldn't be difficult to access. They have packaged versions available for download for most popular Linux distributions, as long as they are not included with it initially. In some cases they may be pre-configured as a virtual server. Depending on the size of your infrastructure, these tools can take quite a bit of time to configure and configure, but once they're up and running, they'll be a solid foundation for you. At the very least, it's worth at least testing them.

No matter which of these above systems you use to keep an eye on your infrastructure and hardware, it will provide you with at least the functionality of another system administrator. Although it can’t fix anything, it will monitor literally everything on your network around the clock, seven days a week. The time spent up front on installation and configuration will pay off in spades. Also, be sure to run a small set of standalone monitoring tools on another server to monitor the main monitoring tool. This is a case where it is always better to watch the observer.

Always in touch, Igor Panov.

Monitoring Windows servers using the Nagios family

7. Nagios

Nagios has been the most popular infrastructure monitoring tool for several years (for Linux and Windows). If you are considering Nagios for Windows, then install and configure the agent on the Windows server. NSClient++ monitors the system in real time and provides outputs from a remote monitoring server and more.

8. Cacti

Typically used in conjunction with Nagios, it provides the user with a convenient web interface to the RRDTool utility, designed to work with Round Robin Databases, which are used to store information about changes in one or more quantities over a certain period of time. Statistics on network devices are presented in the form of a tree, the structure of which is specified by the user; you can plot channel usage, HDD partition usage, display resource latency, etc.

9. Shinken

A flexible, scalable, open source monitoring system based on the Nagios core written in Python. It is 5 times faster than Nagios. Shinken is compatible with Nagios, you can use its plugins and configurations without making adjustments or additional configuration.

10. Icinga

Another popular open monitoring system that checks hosts and services and reports their status to the administrator. As a fork of Nagios, Icinga is compatible with it and they have a lot in common.

11. OpsView

OpsView was originally free. Now, unfortunately, users of this monitoring system have to shell out money.

Op5 is another open source monitoring system. Plotting, storing and collecting data.

Alternatives to Nagios

13. Zabbix

Open source software for monitoring and tracking the status of various computer network services, servers and network equipment, used to obtain data on processor load, network usage, disk space and the like.

14. Munin

A good monitoring system that collects data from several servers simultaneously and displays everything in the form of graphs, with which you can track all past events on the server.

15.Zenoss

Written in Python using the Zope application server, data is stored in MySQL. With Zenoss you can
monitor network services, system resources, device performance, the Zenoss kernel analyzes the environment. This makes it possible to quickly understand a large number of specific devices.

16. Observium

A monitoring and surveillance system for network devices and servers, although the list of supported devices is huge and is not limited to network devices; the device must support SNMP.

17. Centreon

A comprehensive monitoring system allows you to monitor the entire infrastructure and applications containing system information. Free alternative to Nagios.

18. Ganglia

Ganglia is a scalable distributed monitoring system used in high-performance computing systems such as clusters and grids. Monitors statistics and computation history in real time for each of the monitored nodes.

19. Pandora FMS

Monitoring system, good productivity and scalability, one monitoring server can monitor the work of several thousand hosts.

20. NetXMS

Open source software for monitoring computer systems and networks.

21.OpenNMS

OpenNMS monitoring platform. Unlike Nagios, it supports SNMP, WMI and JMX.

22. HypericHQ

A component of the VMware vRealize Operations suite, it is used to monitor OS, middleware and applications in physical, virtual and cloud environments. Displays availability, performance, usage, events, logs, and changes at every level of the virtualization stack (from the vSphere hypervisor to guest OSes).

23. Bosun

Open source monitoring and alert system from StackExchange. Bosun has a well-thought-out data design, as well as a powerful language for processing it.

24. Sensu

Sensu is an open source alert system similar to Nagios. There is a simple dashboard, you can see a list of clients, checks and triggered alerts. The framework provides the mechanisms needed to collect and accumulate server operation statistics. Each server runs a Sensu agent (client), which uses a set of scripts to check the functionality of services, their status and collect any other information.

25. CollectM

CollectM collects statistics about system resource usage every 10 seconds. It can collect statistics for several hosts and send it to the server, the information is displayed using graphs.

28. Performance Analysis of Logs (PAL) Tool

34. Total Network Monitor

This is a program for constantly monitoring the operation of a local network of individual computers, network and system services. Total Network Monitor generates a report and notifies you about errors that have occurred. You can check any aspect of the operation of a service, server or file system: FTP, POP/SMTP, HTTP, IMAP, Registry, Event Log, Service State and others.

35. PRTG

38.Idera

Supports multiple operating systems and virtualization technologies. There are many free tools that you can use to monitor your system.

39. PowerAdmin

PowerAdmin is a commercial monitoring solution.

40. ELM Enterprise Manager

ELM Enterprise Manager - complete monitoring from “what happened” to “what is happening” in real time. Monitoring tools in ELM include - Event Collector, Performance Monitor, Service Monitor, Process Monitor, File Monitor, PING Monitor.

41.EventsEntry

42. Veeam ONE

An effective solution for monitoring, reporting and scheduling resources in VMware, Hyper-V and Veeam Backup & Replication infrastructure, monitors the health of your IT infrastructure and diagnoses problems before they interfere with user experience.

43. CA Unified Infrastructure Management (formerly CA Nimsoft Monitor, Unicenter)

Monitors the performance and availability of Windows server resources.

44. HP Operations Manager

This infrastructure monitoring software performs proactive root cause analysis, reducing recovery time and reducing operations management costs. The solution is ideal for automated monitoring.

45.Dell OpenManage

OpenManage (now Dell Enterprise Systems Management) is an all-in-one monitoring product.

46. Halcyon Windows Server Manager

Management and monitoring of networks, applications and infrastructure.

Below is a list of (most popular) network monitoring tools

54.Ntop

55.NeDi

Nedi is an open source network monitoring tool.

54. The Dude

The Dude monitoring system, although free, is, according to experts, in no way inferior to commercial products; it monitors individual servers, networks and network services.

55.BandwidthD

Open source program.

56. NagVis

An extension for Nagios that allows you to create infrastructure maps and display their status. NagVis supports a large number of different widgets and icon sets.

57. Proc Net Monitor

A free monitoring application that allows you to track all active processes and, if necessary, quickly stop them to reduce the load on the processor.

58. PingPlotter

Used to diagnose IP networks, it allows you to determine where losses and delays of network packets occur.

Small but useful tools

The list wouldn't be complete without mentioning a few hardware monitoring options.

60. Glint Computer Activity Monitor

61.RealTemp

A utility for monitoring temperatures of Intel processors, it does not require installation; it tracks the current, minimum and maximum temperature values for each core and the start of throttling.

62. SpeedFan

A utility that allows you to control the temperature and fan speeds in the system, monitors the performance of sensors on the motherboard, video card and hard drives.

63.OpenHardwareMonitor

Good network monitoring and management programs help the administrator:

identify conditions that lead to problems;

solve network problems;

prevent network failures.

Since this approach saves time and money, saves equipment, data and user nerves, in the long run it will be preferred over finding out the causes of the failure after it has occurred.

If network management is done correctly, it can also be seen as a proactive solution to problems. ISO has identified five categories of network management that are directly related to proactive problem solving.

1.Manage accounts for registering and issuing reports on the operation of network resources.

2.Configuration management to control network components and their parameters.

3. Failure prevention to find and isolate network problems.

4.Performance management to monitor, analyze and control data flows in the network.

5.Security management to track and control access to network resources.

Controls are means of solving problems. At first, it will take you some time to understand what statistical information you should receive on a regular basis. You will have to collect data in order to then draw conclusions about the characteristics of normal network operation. By knowing how the network should operate normally, you can monitor changes in this data (they often indicate potential problems in the network).

Modern network operating systems have built-in network monitoring utilities. They will help you monitor the operation of the network, build a reference graph of its behavior (as part of a program for early troubleshooting). These tools use three types of information:

event logs, which record errors, actions and situations affecting

security system, or other facts important for diagnosing problems;

resource access statistics, which stores information about who uses network resources and how;

performance statistics that reflect CPU load, server throughput and memory usage.

MicrosoftWindowsNTServer, for example, has a PerformanceMonitor utility that provides an overall picture of the state and activity of the system.

A network administrator can use PerformanceMonitor:

to analyze network operation both in real time and in recording;

identifying trends in its work;

identifying bottlenecks;

recording the effects of changes in the system and configuration;

determining system capacity;

monitoring local or remote computers;

notifications to administrators about critical events;

monitor the performance of processors, hard drives, memory and processes;

viewing key parameters of the system as a whole.

Reference chart

Knowing how the network behaves during normal operating conditions is just as important as knowing how to troubleshoot the problems that caused the network to fail. Monitoring and documenting in detail the normal operation of your network will give you information from which you can create a reference graph of its behavior. And in case of any problems, you will compare the current behavior of the network with the reference one.

The reference schedule is created in advance when the network is functioning normally. It will help you determine:

general picture of network congestion during the day;

narrow places;

an overall picture of network usage by individual computers;

an overall picture of the schedule of various protocols.

The PerformanceMonitor utility is designed to monitor computer performance in real time, which allows you to find almost all bottlenecks. Figure 8.4 shows the %ProcessorTime curve, which reaches 100 percent. If this happens frequently (over a long period this figure is close to 100 percent), the bottleneck is the processor.

By analyzing the system behavior graph, you can prevent problems from arising, since it will tell you:

the network must be divided into several segments;

the number of file servers should be increased;

it is necessary to replace network adapters with more efficient ones.

Network management programs and proactive troubleshooting

Modern network management software offers a number of measures that will lead to proactive resolution of network problems.

Cross-checking and continuous monitoring of interacting network components (to ensure that a failure in one component does not appear to be a failure in another, healthy one).

Identifying invalid or erroneous packets.

Periodic inspection of network components, testing of interfaces and monitoring of network activities.

Notification of the need to expand the network with new computers (or other components) and technologies.

Maintain a log (file) of errors (in adapters, cables and other components) and notify the administrator about them. Advanced management programs may even offer you one of the solutions to the problem.

Monitoring the operation of servers (including print servers and gateways), recording the results and notifying the administrator in case of network problems.

Maintaining network traffic history and error statistics. This includes information about the status of routes between computers and between LANs.

The management program can save all the interesting information in its log and import it into other files or databases. To present this information in a different form, the administrator must use other application programs.

In a large network, good management programs transmit this information to a central computer, where the administrator typically stores a detailed history of the remote LAN.

Summary

Network management is a multifaceted process. It also includes monitoring network behavior, which can be seen as a way to proactively troubleshoot problems. If planning, monitoring and management are carried out correctly, then problems will arise much less frequently. When planning a network, an administrator must implement concepts and procedures designed with one goal in mind: preventing a problem before it occurs. These plans include backup, unification, continuous improvement, and documentation.

Special utilities help the network administrator solve these problems. WindowsNT has built-in network monitoring and management programs that keep statistics on performance and resource access, as well as event logs.

An important part of network management is a reference graph of its behavior. It is created gradually, and very carefully and in detail. If the network begins to fail, the administrator should first refer to this graph. It compares current workload graphs with it, looks for potential bottlenecks, analyzes the number of errors and general performance statistics.

Solving network problems

Methodology

Despite the most sophisticated plans, monitoring and support, network problems will still arise. A network administrator or support engineer will be able to identify and resolve them more quickly if they take a structured approach rather than trying to apply all possible solutions one at a time.

Structural approach

The structured approach consists of five steps.

1. Determining the priority of the problem.

2.Collect information to identify symptoms.

3.Development of a list of possible causes.

4. Isolation of the problem.

5.Analysis of inspection results to develop a solution.

Determining Priority

The first step in a structured approach is to categorize problems according to their importance. Every user naturally wants his computer to be “fixed” before others. Therefore, first, the administrator or support engineer, having received a signal about a problem, must set its priority.

Setting priorities for solving network problems means determining the degree of impact each problem will have on the network. For example, the board in the monitor burned out and it stopped working. The board simply needs to be replaced, which is much less interesting for the administrator than dealing with someone's CD-ROM drive or sound system. But it's probably more important to fix the user's monitor than the gamer's CD-ROM.

You cannot solve all problems at once. And do they all require an immediate solution? What problems need to be solved first?

Collection of information

Collecting information is the foundation for error-free problem isolation. The administrator must have a reference graph of network behavior to compare its current behavior with. In addition, while gathering information, you need to inspect the network and identify obvious causes of the problem. A quick review should include an inspection! network documentation to find out if this problem has occurred before and what solution was adopted.

User survey

If you ask users the right questions, their answers will help clarify the situation. The engineer should ask, “Why do you think the network is not OK?” The following user observations may tell you the symptoms of the problem.

"The network is slow."

"I can't contact the server."

"I was connected to the server, but the connection was lost."

"One of my apps isn't working."

"I can't print on the printer."

An experienced administrator or support engineer, taking into account the user's observations, asks him a series of questions like or or And Not really, to narrow down the possible causes. For example:

Who was affected by the failure: everyone, someone in particular, or randomly one or another user?

Is the entire network down or just one computer?

Did this problem occur before the upgrade?

Does this problem happen all the time or does it happen from time to time?

Does this problem occur with all applications or with just one?

Has there been anything similar before?

Have new users appeared on the network? Has new equipment appeared on the network?

Was there any application installed before the problem occurred? Has any equipment been moved recently?

Which suppliers' products are involved?

Is there a pattern of problems with a specific vendor or specific components (cards, hubs, disk drives, applications, or networking software)?

Has anyone tried to solve this problem?

In addition, the network administrator or support engineer should consider the following factors:

versions of applications, operating systems and other software;

changing the configuration of network components or the network operating system.

As you become a network administrator or support engineer, you will become more familiar with your network's components and applications and have a better idea of where to look first for possible causes of problems.

Dividing the network into segments

If a preliminary inspection of the network does not reveal the cause of the problem, the administrator or support engineer should mentally break the network into as many segments as possible so that they are dealing with a small portion of the network rather than the entire network.

Having identified the segment in which the problem is supposedly hidden, the administrator or support engineer should check all the components of this segment in turn:

adapters;

concentrators;

cables and connectors;

connecting components (repeaters, bridges, routers and gateways);

protocols.

Particular attention should be paid to network protocols: they are designed precisely to try to overcome any network errors.

Most protocols have a built-in mechanism for retrying failed operations, which tries to automatically restore the network's functionality. The launch of this mechanism is immediately noticeable as the network slows down due to a large number of retries.

This mechanism increases network reliability, but at the same time makes it difficult to identify the causes of some network problems, since the same symptom sometimes indicates several problems.

Here again, a list of questions aimed at narrowing down the range of possible causes will come in handy. At this stage, it is important to understand how each component is supposed to work and what the consequences of its failure may be. A reference graph of network behavior will also be useful.

Questions could be:

What computers can operate on the network?

Can a computer that is not connected to a network work autonomously?

Does the network adapter work on a computer that is not on the network?

Is there normal traffic on the network?

Possible reasons

After summing up all the information you have collected, develop a list of possible causes of the problem. Try to rank them in descending order of likelihood.

Isolating the problem

Having chosen the most likely cause, test the “suspected” component and find out how valid your guesses are. For example, if you suspect that one of your computers has a faulty network adapter card, try replacing it with another one that is known to work.

Analysis of results

If the test confirms your assumption, then the reason (or one of the reasons) has been found. If testing does not produce results. You should do it all over again. And if the list of possible reasons has dried up without revealing the problem. You will either have to return to the information gathering stage or ask for help.

Outside help

Most network administrators and support engineers pride themselves on being able to identify and fix network problems without outside help. They strive to gain respect and authority as excellent specialists. However, there are situations when it is impossible to do without someone else's intervention.

Firstly, there are other specialists in your company who will certainly help you. Secondly, you can contact the technical support of the hardware or software manufacturer. It would be a good idea to contact the supplier who sold you the network components for information.

The best administrators and support engineers are the ones who know when and where to ask for help (these are the ones that users respect the most).

A hack employee is a disaster for any enterprise or company. Therefore, the question constantly arises of how to monitor an employee’s work computer and ensure that there are no unauthorized actions.

Let us immediately note that the employee must be informed (in writing, with a signature) that covert surveillance of the computer on the local network is being conducted. Perhaps only this fact will help to avoid violations and put the employee on the path of a “hard worker.” If not, then here is a solution for complete control over computers on your local network.

Local network monitoring program

So, the software is called “Mipko Employe Monitor” - a version specifically for corporate networks.

After installation and launch, and you can run it from the desktop or by pressing “ctrl+alt+shift+k”, you need to configure the user interface - what exactly needs to be monitored and controlled on the local network.

1. At the top left is a section where you select a user from your network whose log is currently being monitored: when expanded, a list of recorded actions will be displayed (depending on the settings).

2. Now directly about the functionality of “Tools” - “Settings”. For each user, the tracking parameters can be configured individually.

Monitoring allows you to track the following actions:

- keystrokes;
- screenshots;
- activity on social networks;
- messaging on Skype;
- websites visited;
- saving the clipboard;
- program activity;
- pictures from a webcam;
- call recording;
- operations with files.

Quite extensive functionality. The main thing that an employer is usually interested in when monitoring users on a local network is screenshots and websites visited.

In order not to face claims of interference with personal information (for example, if you set up viewing of visited web pages and saw personal correspondence on social networks), set a block on all social networks and chats, as well as a ban on installing third-party software - only what is required for the job.

Remote monitoring of a computer on a local network

As a rule, the employer is interested in only two aspects - a screenshot of the local network user’s computer and his viewing of web pages (as mentioned above, employees are familiar with this information).

3. Screenshot settings include the following components:

- choice of time interval, indicated either in minutes or seconds;
- take a photo when opening a window;
- take a photo with a mouse click;
- do not take a photo when you are not active;
- snapshot mode (full screen, window);
- and the quality of the image.

4. In the “visited websites” section, it’s even simpler: select the “interception type” and whether to save a screenshot.

5. Now about where all this will be saved or sent. In the settings section “Sending”:

- first, set the “Log type” and the pop-up list;
- set in what format the report “HTML” or archive “ZIP” will be saved;
- select the sorting type and time interval for sending the report;
- the most basic thing is where the report will be sent: to email/ftp/folder on your computer.
- then enter your username and password and click “Apply”.

That’s it, now the employees are, as they say, “Under the hood” - you can monitor the users of the local network.

Sections