Is Your Network Monitoring System Catching Everything?

November 7th, 2012

Our company has tried and used many of the leading network management tools that are on the market. We’ve had to switch vendors a few times, either because of service and support issues, or product functionality. One of the biggest issues we see tends to be something that gathers event logs and trending from servers, but also SNMP information from devices and can generate reports on this information.

We have configured and deployed a special tool called a Remote Monitoring and Management (RMM) platform for ourselves to manage across all our clients. We’re happy now with the SPOT platform we have configured, but we learned something the hard way:  no tool, no matter how comprehensive, is going to do an adequate job of identifying certain kinds of network configuration or security problems.

What these tools do (and don't do) best
Most management tools do a great job of monitoring network operational trends and generating alerts when a device on the network – or the network itself – needs attention.  What the these tools WON’T tell you is, what users have access to the network that shouldn’t, what devices have been decommissioned but are still a part of the domain, what devices have been added to the network but have no agents running on them, and other potential security issues.

That’s why, even if you currently have one of the industry-leading network monitoring systems installed with agents running looking to detect issues, you still may be at risk. I always advise my clients to run a separate special network assessment tool that was designed specifically to catch issues that the typical management tools weren’t designed to do.

Other considerations
There are a number of important security and maintenance issues related to end-user access and security settings that your monitoring agents are not looking at. Ask your network administrator if he or she has recently conducted an internal network assessment that focused on Windows permissions, group memberships and old users. If not, send your administrator my way and I’ll help get this test done quickly and inexpensively.

How else would you know everything you need to know about your network?