Menu
homeWindows 7

Windows 7 network activity monitor. Programs for system administrators, programs for the network

In the previous article, a list of 80 tools for monitoring Linux systems was compiled. It also made sense to make a selection of tools for the Windows system. The following is a list that serves as a starting point only, there is no ranking.


1.Task Manager

The well-known Windows Task Manager is a utility for displaying a list of running processes and the resources they consume. But do you know how to use its full potential? As a rule, it is used to monitor the state of the processor and memory, but you can go much further. This application is pre-installed on all Microsoft operating systems.

2. Resource Monitor

A great tool to estimate CPU, RAM, network and disk usage in Windows. It allows you to quickly obtain all the necessary information about the status of critical servers.

3.Performance Monitor

The main tool for managing performance counters in Windows. Performance Monitor, known to us as System Monitor in earlier versions of Windows. The utility has several display modes, displays performance counters in real time, and saves data to log files for later study.

4.Reliability Monitor

Reliability Monitor - System stability monitor, allows you to monitor any changes in computer performance, you can find the stability monitor in Windows 7, in Windows 8: Control Panel > System and Security > Action Center. Using Reliability Monitor, you can keep a record of changes and failures on your computer, the data will be displayed in a convenient graphical form, which will allow you to track which application and when caused an error or froze, track the appearance of the Windows blue screen of death, the reason for its appearance (the next Windows update or program installation).

5.Microsoft SysInternals

SysInternals is a complete set of programs for administering and monitoring computers running Windows OS. You can download them for yourself for free on the Microsoft website. Sysinternals utilities help manage, troubleshoot, and diagnose Windows applications and operating systems.

6. SCOM (part of Microsoft System Center)

System Center is a complete set of tools for managing IT infrastructure, with which you can manage, deploy, monitor, configure Microsoft software (Windows, IIS, SQLServer, Exchange, and so on). Unfortunately, MSC is not free. SCOM is used for proactive monitoring of key IT infrastructure objects.

Monitoring Windows servers using the Nagios family

7. Nagios

Nagios has been the most popular infrastructure monitoring tool for several years (for Linux and Windows). If you are considering Nagios for Windows, then install and configure the agent on the Windows server. NSClient++ monitors the system in real time and provides outputs from a remote monitoring server and more.

8. Cacti

Typically used in conjunction with Nagios, it provides the user with a convenient web interface to the RRDTool utility, designed to work with Round Robin Databases, which are used to store information about changes in one or more quantities over a certain period of time. Statistics on network devices are presented in the form of a tree, the structure of which is specified by the user; you can plot channel usage, HDD partition usage, display resource latency, etc.

9. Shinken

A flexible, scalable, open source monitoring system based on the Nagios core written in Python. It is 5 times faster than Nagios. Shinken is compatible with Nagios, you can use its plugins and configurations without making adjustments or additional configuration.

10. Icinga

Another popular open monitoring system that checks hosts and services and reports their status to the administrator. As a fork of Nagios, Icinga is compatible with it and they have a lot in common.

11. OpsView

OpsView was originally free. Now, unfortunately, users of this monitoring system have to shell out money.

Op5 is another open source monitoring system. Plotting, storing and collecting data.

Alternatives to Nagios

13. Zabbix

Open source software for monitoring and tracking the status of various computer network services, servers and network equipment, used to obtain data on processor load, network usage, disk space and the like.

14. Munin

A good monitoring system that collects data from several servers simultaneously and displays everything in the form of graphs, with which you can track all past events on the server.

15.Zenoss

Written in Python using the Zope application server, data is stored in MySQL. With Zenoss you can
monitor network services, system resources, device performance, the Zenoss kernel analyzes the environment. This makes it possible to quickly understand a large number of specific devices.

16. Observium

A monitoring and surveillance system for network devices and servers, although the list of supported devices is huge and is not limited to network devices; the device must support SNMP.

17. Centreon

A comprehensive monitoring system allows you to monitor the entire infrastructure and applications containing system information. Free alternative to Nagios.

18. Ganglia

Ganglia is a scalable distributed monitoring system used in high-performance computing systems such as clusters and grids. Monitors statistics and computation history in real time for each of the monitored nodes.

19. Pandora FMS

Monitoring system, good productivity and scalability, one monitoring server can monitor the work of several thousand hosts.

20. NetXMS

Open source software for monitoring computer systems and networks.

21.OpenNMS

OpenNMS monitoring platform. Unlike Nagios, it supports SNMP, WMI and JMX.

22. HypericHQ

A component of the VMware vRealize Operations suite, it is used to monitor OS, middleware and applications in physical, virtual and cloud environments. Displays availability, performance, usage, events, logs, and changes at every level of the virtualization stack (from the vSphere hypervisor to guest OSes).

23. Bosun

Open source monitoring and alert system from StackExchange. Bosun has a well-thought-out data design, as well as a powerful language for processing it.

24. Sensu

Sensu is an open source alert system similar to Nagios. There is a simple dashboard, you can see a list of clients, checks and triggered alerts. The framework provides the mechanisms needed to collect and accumulate server operation statistics. Each server runs a Sensu agent (client) that uses a set of scripts to check the functionality of services, their status and collect any other information.

25. CollectM

CollectM collects statistics about system resource usage every 10 seconds. It can collect statistics for several hosts and send it to the server, the information is displayed using graphs.

28. Performance Analysis of Logs (PAL) Tool

34. Total Network Monitor

This is a program for constantly monitoring the operation of a local network of individual computers, network and system services. Total Network Monitor generates a report and notifies you about errors that have occurred. You can check any aspect of the operation of a service, server or file system: FTP, POP/SMTP, HTTP, IMAP, Registry, Event Log, Service State and others.

35. PRTG

38.Idera

Supports multiple operating systems and virtualization technologies. There are many free tools that you can use to monitor your system.

39. PowerAdmin

PowerAdmin is a commercial monitoring solution.

40. ELM Enterprise Manager

ELM Enterprise Manager - complete monitoring from “what happened” to “what is happening” in real time. Monitoring tools in ELM include - Event Collector, Performance Monitor, Service Monitor, Process Monitor, File Monitor, PING Monitor.

41.EventsEntry

42. Veeam ONE

An effective solution for monitoring, reporting and scheduling resources in VMware, Hyper-V and Veeam Backup & Replication infrastructure, monitors the health of your IT infrastructure and diagnoses problems before they interfere with user experience.

43. CA Unified Infrastructure Management (formerly CA Nimsoft Monitor, Unicenter)

Monitors the performance and availability of Windows server resources.

44. HP Operations Manager

This infrastructure monitoring software performs proactive root cause analysis, reducing recovery time and reducing operations management costs. The solution is ideal for automated monitoring.

45.Dell OpenManage

OpenManage (now Dell Enterprise Systems Management) is an all-in-one monitoring product.

46. ​​Halcyon Windows Server Manager

Management and monitoring of networks, applications and infrastructure.

Below is a list of (most popular) network monitoring tools

54.Ntop

55.NeDi

Nedi is an open source network monitoring tool.

54. The Dude

The Dude monitoring system, although free, is, according to experts, in no way inferior to commercial products; it monitors individual servers, networks and network services.

55.BandwidthD

Open source program.

56. NagVis

An extension for Nagios that allows you to create infrastructure maps and display their status. NagVis supports a large number of different widgets and icon sets.

57. Proc Net Monitor

A free monitoring application that allows you to track all active processes and, if necessary, quickly stop them to reduce the load on the processor.

58. PingPlotter

Used to diagnose IP networks, it allows you to determine where losses and delays of network packets occur.

Small but useful tools

The list wouldn't be complete without mentioning a few hardware monitoring options.

60. Glint Computer Activity Monitor

61.RealTemp

A utility for monitoring temperatures of Intel processors, it does not require installation; it tracks the current, minimum and maximum temperature values ​​for each core and the start of throttling.

62. SpeedFan

A utility that allows you to control the temperature and fan speeds in the system, monitors the performance of sensors on the motherboard, video card and hard drives.

63.OpenHardwareMonitor

You most likely know that it has a built-in firewall. You may also know how to allow and block access of individual programs to the network in order to control incoming and outgoing traffic. But did you know that the Windows firewall can be used to log all connections passing through it?

Windows Firewall logs can be useful in solving specific problems:

  • The program you are using cannot connect to the Internet, although other applications do not experience this problem. In this case, to troubleshoot the problem, you should check whether the system firewall is blocking the connection requests of this program.
  • You suspect that your computer is being used to transmit data by malware and want to monitor outgoing traffic for suspicious connection requests.
  • You have created new rules for allowing and blocking access and want to ensure that the firewall correctly processes the given instructions.

Regardless of the reason for use, enabling event logging can be challenging as it requires a lot of fiddling with the settings. We will give a clear algorithm of actions on how to activate the registration of network activity in the Windows firewall.

Access to firewall settings

First, you need to go to the advanced settings of Windows Firewall. Open the Control Panel (right-click on the Start menu, select “Control Panel”), then click the “Windows Firewall” link if the view mode is small/large icons, or select the “System and Security” section, and then “Windows Firewall” ”, if the viewing mode is category.

In the firewall window, select the option in the left navigation menu “Advanced settings”.

You will see the following settings screen:

This is the internal technical side of the Windows Firewall. This interface allows you to allow or block program access to the Internet, configure incoming and outgoing traffic. In addition, this is where you can activate the event logging feature - although it is not immediately clear where this can be done.

Accessing log settings

First, select the “Windows Firewall with Advanced Security (Local Computer)” option.

Right-click on it and select the “Properties” option.

A window will open that may confuse the user. When you select three tabs (Domain Profile, Private Profile, Public Profile), you will notice that their content is identical, but relates to three different profiles, the name of which is indicated in the tab title. Each profile tab contains a button to configure logging. Each log will correspond to a different profile, but which profile are you using?

Let's look at what each profile means:

  • A domain profile is used to connect to a Wi-Fi wireless network when the domain is defined by a domain controller. If you're not sure what this means, don't use this profile.
  • The private profile is used to connect to private networks, including home or personal networks - this is the profile you are most likely to use.
  • The public profile is used to connect to public networks, including restaurants, airports, libraries and other institutions.

If you are using a computer on a home network, go to the “Private Profile” tab. If you are using a public network, go to the “Public Profile” tab. Click the “Configure” button in the “Logging” section on the correct tab.

Activating the event log

In the window that opens, you can configure the location and maximum size of the log. You can set an easy-to-remember location for the log, but the actual location of the log file doesn't really matter. If you want to start event logging, set both the “Log missed packets” and “Log successful connections” drop-down menus to “Yes” and click the “OK” button. Running this feature all the time can cause performance issues, so only enable it when you really need to monitor connections. To disable the logging feature, set the value to “No (default)” in both drop-down menus.

Studying logs

Now the computer will record network activity controlled by the firewall. To view the logs, go to the “Advanced Settings” window, select the “Monitoring” option in the left list, and then in the “Logging Options” section click the “File Name” link.

The network activity log will then open. The contents of the log may be confusing to an inexperienced user. Let's look at the main contents of the log entries:

  1. Date and time of connection.
  2. What happened to the connection? The status “ALLOW” means that the firewall allowed the connection, and the status “DROP” indicates that the connection was blocked by the firewall. If you encounter problems connecting to the network of a particular program, you can definitely determine that the cause of the problem is related to the firewall policy.
  3. Connection type - TCP or UDP.
  4. In order: IP address of the connection source (computer), destination IP address (for example, a web page), and the network port used on the computer. This entry allows you to identify ports that require opening for the software to work. Also watch out for suspicious connections - they could be made by malware.
  5. Whether the data packet was successfully sent or received.

The information in the log will help determine the cause of connection problems. The logs can record other activity, such as the target port or TCP acknowledgment number. If you need more details, check out the “#Fields” line at the top of the log to identify the meaning of each metric.

Don't forget to turn off the logging feature when you're done.

Advanced network diagnostics

By using Windows Firewall logging, you can analyze the types of data being processed on your computer. In addition, you can determine the causes of network problems related to the firewall or other objects disrupting connections. The activity log allows you to familiarize yourself with the work of the firewall and get a clear picture of what is happening on the network.

Found a typo? Press Ctrl + Enter

Network monitoring programs- These are the indispensable assistants of every system administrator. They allow you to quickly respond to anomalous activity within the local network, be aware of all network processes and, thus, automate part of the administrator’s routine activities: primarily those related to ensuring network security. Let's see which local network monitoring programs are the most relevant in 2019.

This top opens with our own development TNM 2 - an extremely affordable and effective software solution for network monitoring of the activities of server machines, which displays the ideal balance between convenience (most free solutions do not have a GUI) and extensive functionality. One of the main programmable components of Total Network Monitor 2 are monitors, which perform checks at the frequency you require. The list of available checks is impressive. They allow you to track almost any parameter, from the availability of servers on the network to checking the status of services.

It is noteworthy that these objects are capable of independently eliminating the primary consequences of problems (that is, all this happens without the direct participation of the system administrator) - for example, rebooting individual services or user devices, activating an antivirus, supplementing the event log with new entries, etc. - in general, everything that the system administrator initially performed manually.

As for reporting, it stores all the information associated with each test that was carried out by the selected monitor. The cost for 1 copy of this application is only 5,000 rubles.

Observium

The Observium application, which is based on the SNMP protocol, allows you not only to examine the status of a network of any scale in real time, but also to analyze its performance level. This solution integrates with equipment from Cisco, Windows, Linux, HP, Juniper, Dell, FreeBSD, Brocade, Netscaler, NetApp and other vendors. Featuring a well-designed graphical interface, the software gives system administrators a ton of customization options, from ranges for auto-discovery to SNMP data needed to gather network information.

They also get access to data on the technical characteristics of all equipment that is currently connected to the network. Observium can present all reports that are generated by analyzing the event log in the form of charts and graphs, clearly demonstrating the “weaknesses” of the network. You can use either a demo version (which in our experience is underpowered) or a paid license that costs £200 per year.

Nagios

Nagios is an advanced monitoring solution that is managed via a web interface. It is by no means easy to learn, but thanks to its fairly large online community and well-researched documentation, it can be mastered in a few weeks.

Using Nagios, system administrators have the opportunity to remotely regulate the load on user or higher-level equipment in the network hierarchy (switches, routers, servers), monitor the level of load on memory reserves in databases, and monitor the physical indicators of parts of network equipment (for example, the temperature of the motherboard , combustion of which is one of the most common breakdowns in this area), etc.

When it comes to detecting network anomalies, Nagios automatically sends alarm notifications to an address preset by the system administrator - be it an email address or a mobile operator phone number. A free demo version will be available to you for 60 days.

PRTG Network Monitor

PRTG software component, compatible with devices based on Windows OS, is designed for network monitoring. It is not free (only a 30-day trial period is free), it is used not only for scanning devices that are currently connected to the local network, but can also serve as an excellent assistant in detecting network attacks.

Among the most useful PRTG network services: packet inspection, analysis and saving of statistical data to the database, viewing a network map in real time (the ability to obtain historical information about network behavior is also available), collecting technical parameters about devices connected to the network, as well as analysis load level on network equipment. Note that it is very easy to use - first of all, thanks to an intuitive graphical interface that can be opened using any browser. If necessary, the system administrator can also gain remote access to the application via a web server.

Kismet

Kismet is a useful open-source application for system administrators that allows you to comprehensively analyze network traffic, detect anomalies in it, prevent failures and can be used with systems based on *NIX/Windows/Cygwin/macOS. Kismet is often used specifically for analyzing wireless local networks based on the 802.11 b standard (including even networks with a hidden SSID).

With its help, you can easily find incorrectly configured and even illegally operating access points (which attackers use to intercept traffic) and other hidden devices that could be potentially “harmful” to your network. For these purposes, the application has a very well-developed ability to detect various types of network attacks - both at the network level and at the level of communication channels. As soon as one or more attacks are detected, the system administrator will receive an alarm and can take action to eliminate the threat.

WireShark

The free open-source traffic analyzer WireShark provides its users with incredibly advanced functionality and is rightfully recognized as an exemplary solution in the field of network diagnostics. It integrates perfectly with *NIX/Windows/macOS based systems.

Instead of confusing web interfaces and CLIs that require you to enter queries in a special programming language, this solution uses a GUI (although if you need to upgrade WireShark's standard set of features, you can easily program them in Lua).

By deploying and configuring it once on your server, you will receive a centralized element for monitoring the smallest changes in network operation and network protocols. This way, you can detect and identify problems occurring on your network early on.

NeDi

NeDi is completely free software that scans the network by MAC addresses (also among the valid search criteria are IP addresses and DNS) and compiles its own database from them. To operate, this software product uses a web interface.

Thus, you can monitor online all physical devices and their locations within your local network (in fact, you will be able to retrieve data about any network node - from its firmware to its configuration).

Some professionals use NeDi to find devices that are being used illegally (eg stolen). This software uses the CDP/LLDP protocols to connect to switches or routers. This is a very useful, although not easy to learn, solution.

Zabbix

Zabbix monitoring system is a universal open source network monitoring solution that can be configured for specific network models. Basically, it is intended for systems that have a multi-server architecture (in particular, Zabbix integrates with Linux/FreeBSD/Windows servers).

This application allows you to simultaneously manage hundreds of network nodes, which makes it an extremely effective tool in organizing the work of system administrators working in large-scale enterprises. To deploy Zabbix on your local network, you will need to either run software agents (daemons) or use the SNMP protocol (or another protocol for secure remote access); and to manage it you will have to master the web interface in PHP.

In addition, this software provides a complete set of tools for monitoring the status of network hardware. Note that in order to fully experience all the benefits of this solution, your system administrator will need to have at least basic knowledge of Perl or Python (or any other languages ​​that can be used together with Zabbix).

10-Strike: Network Monitoring

“Network Monitoring” is a Russian-language web-based software solution that fully automates all aspects of network security. With its help, system administrators can prevent the spread of virus software over a local network, as well as determine the cause of various technical malfunctions associated with broken cables or failure of individual units of the network infrastructure.

In addition, this software online monitors temperature, voltage, disk space and other parameters via SNMP and WMI. Among its disadvantages are a fairly heavy load on the CPU (which the developer himself honestly warns about) and a high price.

Network Olympus

And our list is completed by another program of ours. Unlike TNM, Network Olympus runs as a service and has a web interface, which gives much more flexibility and ease of use. The main feature is the scenario designer, which allows you to move away from performing primitive checks that do not allow you to take into account certain circumstances of the operation of devices. With its help, you can organize monitoring schemes of any complexity in order to accurately identify problems and malfunctions, as well as automate the process of eliminating them.

The scenario is based on a sensor from which you can build logical chains that, depending on the success of the check, will generate various alerts and actions aimed at solving your problems. Each element of the chain can be edited at any time and will be immediately applied to all devices to which the script is assigned. All network activity will be monitored using an activity log and special reports.

If you have a small network, then you do not need to buy a license - the program will work in free mode.

How to choose a network monitoring program: summary

It is difficult to definitely choose a winner and name the best local network monitoring program. But we are of the opinion that our Network Olympus product has many advantages and a very low barrier to entry, because it does not require special training in order to start working with it. In addition, it does not have the disadvantages of open-source solutions, such as lack of updates and poor compatibility (both with OS and TX devices). Thus, thanks to such a solution, you will be able to monitor all events occurring within your local network and respond to them in a timely manner.

Our programs for system administrators will help you keep abreast of everything that happens in the computer park and enterprise network, respond in a timely manner to equipment failures and software problems, and minimize costs and downtime. This page presents programs for monitoring the network, servers and hosts, for PC inventory, accounting for installed programs and licenses, creating reports on computer hardware, for accounting traffic on the network, for studying the network topology and creating graphical diagrams of local networks.

A network administrator may also find useful programs for searching files on local networks and auditing user access to file resources of servers over the network. All these programs will help the system administrator improve the performance of network devices and servers and ensure the proper level of security in the enterprise network.

10-Strike programs are included in the unified register of Russian computer programs of the Ministry of Communications and can participate in government procurement.

Programs for network administrator, network utilities

A program for inventory and accounting of installed software and hardware on computers in local networks. "Computer Inventory" allows system administrators to keep track of computers on the enterprise network, view the configurations of remote computers and lists of installed programs over the network, and track configuration and software changes. The program contains a powerful report generator. For example, you can create reports on the presence of certain programs on computers and their quantity. At planning upgrades can be created report containing computers with insufficient disk or RAM memory. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


- program for monitoring servers and computers on the network, allowing you to visually observe the current state of your network at any time. LANState monitors hosts on the network, monitors connections to network resources, monitors traffic, and signals various events. LANState contains many functions useful for network administrators: sending messages, shutting down remote computers, scanning hosts and ports, obtaining various information from remote computers (access to the registry, event log, etc.). Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


- program for monitoring servers and other network devices, monitors the performance of the network and notifies the administrator of problems. Find out in time about a failure that has occurred (connection loss, server disk space running out, service stop, etc.) and fix the problem with minimal loss of time. The program signals problems using sound, on-screen messages, by e-mail, and can launch external programs and services, as well as restart computers and services. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


- program for searching files on local network computers(via NetBios and FTP protocols). Enter a phrase or file masks and find the information you need. When viewing search results, found files can be immediately opened, saved to disk, or generated a report. The search uses multi-threaded technology, which significantly speeds up the work. You can set filters by file size and modification date. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


- program for monitoring network connections of users over the network to a shared folder and files, allows you to find out in time about connections of network users to your computer. The program produces sound signals, displays alerts on the screen, and keeps a detailed log of connections, which records information about who and when connected to the computer’s network folders, what files were opened, etc. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


3.0 FREE!

- scanner of local networks, IP addresses and hosts. This free program allows you to scan your local network and detect active hosts, computers and servers. Supports scanning of IP address ranges and many protocols for detecting network devices (ICMP ping, searching for open TCP ports, NetBios, SNMP, UPnP, ...). If you have administrator rights, you can read a lot of useful information from Windows computers. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Sets of network programs for system administrators

Software suites for system administrators allow you to save money when purchasing several of our network programs or all at once. Get three programs for the price of two and so on. For example, when purchasing Full set of administrator programs in option " for the organization"(without restrictions on the number of workstations), consisting of our seven programs for network administrators, you can save up to 85,000 rubles or 30%!

Other utilities

- CD cataloger (CD, DVD). With its help, you will quickly find the files you need on the CDs and DVDs of your collection. SearchMyDiscs helps you organize your CD and DVD collections, allowing you to find the disc you need in a few seconds. If you are tired of searching for the right disk for a long time every time, this program is for you! Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.


- Apache web server Raw log file analyzer. Creates various reports and histograms. The program has many settings and filters that will allow you to get accurate information about your site, downloaded files, and who is coming to you and from where. Windows XP/2003/Vista/2008/7/8.1/2012/10/2016 are supported.

Payment and delivery

When ordering programs by legal entities, payment by bank transfer is accepted. Invoices are issued electronically and an agreement is concluded. Electronic delivery: the distribution kit is downloaded from our website, registration keys are sent after payment by e-mail. After payment, the original contract and documents for accounting are sent to the buyer by mail.

Issue an invoice (indicate the required programs and types of licenses, your details and the name of the director for the agreement)

All our programs are also presented in the Softkey and AllSoft online stores (follow the “buy” links from our website).


Our clients: small and medium-sized businesses, government and budget institutions, hospitals, schools, colleges and institutes, banks, oil industry, telecoms.