Top Five Things to Monitor in Your Network

  1. Your Website. If your network was the A-Team, then your website would be your Face. This what your clients see and respond to. When it’s running smoothly, your marketing stays on track. If it goes down, it gives your business an unprofessional appearance, and could cause the loss of new clients. We recommend that you monitor your network from outside of your internal network (your LAN). The external (WAN) monitor would give you a true sense of whether your website is reachable and responsive. There are many services that offer this for a small fee. One great service that can do it for free is Pingdom. Pingdom will ping your website at a set interval, five minutes for example, and notify you via email and text if there is a problem.
  2. Uninterruptible Power Supplies (UPS). A UPS is a battery backup that seamlessly kicks in when the power goes out, much like a laptop battery. The first step in solidifying your network against interruptions is having a UPS behind your major equipment. This includes your demarcation point, primary internal switch(es), primary domain controller, and any users’ computers who you would want to be able to continue to function during a brief power outage. A UPS that has the extra Ethernet port is worth the extra price tag, since it can alert you when the power goes out. While having one or more uninterruptible power supplies is a great start, knowing when the power is out is often just as crucial.
  3. Primary Active Directory Server. If you use Active Directory, or another logon server, it is crucial to know when it is down. If the logon server can’t authenticate requests then users will not be able to log in. In active directory, the only users who are able to log in are users who are a part of the Domain and Enterprise admin group. Monitoring this however can be more challenging, just because the server has power and has booted doesn’t mean it will authenticate users properly. One key service to monitor is the Netlogin service. Another key sign that your LDAP server is not behaving properly is if there are replication errors between servers.
  4. Firewall. Your firewall acts as the security center in your network, and as such has a huge role to play in keeping your data safe. Your firewall also connects your internal network to the outside world, so machines behind it can’t use the internet if the firewall goes down. Monitoring your firewall, however, can be challenging; there are many different metrics that can play a factor into knowing whether you have been compromised or the network is running normally.  Failed login attempts can be a large indicator as to whether you are getting attacked and by whom. Another metric that could indicate a problem is high CPU or memory usage, this means that the firewall is either doing a task it shouldn’t be or it is being used beyond capacity which could cause degradation in core network performance.
  5. Your Switches and Routers. Your switches and routers make up the very base of your core infrastructure. As such, it is very important to know when anything abnormal is occurring with these devices the moment it happens. While there are numerous ways to secure your routers and switches, monitoring those implementations is just as critical. The top areas to monitor are login attempts (successful and unsuccessful), port up/down changes on ports that are not dedicated to users (such as servers), trunk or unused ports, and your core router CPU Load can be key indicator of issues arising.

Leave a Comment