Menu
homeGames

A program for monitoring network activity. Network monitoring using TCPView and netstat utilities

The most important tasks for system administrators are monitoring the performance of communication nodes, servers and services necessary for the reliable operation of the entire enterprise, as well as maintaining the computer park entrusted to them in proper condition. Nowadays, high-quality monitoring of computers on an enterprise’s local network is provided by multifunctional programs, many of which are distributed as open access.

An effective monitoring application allows IT specialists to monitor the status of network hosts, also in a visual form - on graphical diagrams and diagrams. The program periodically scans the network, studying its topology, and independently creates a diagram of device connections.

Monitoring hosts and network services

In addition to visual monitoring of the status of network devices, the software makes it possible to organize testing of hosts and services (including local resources or Internet servers) using a variety of network protocols and configure and use a convenient way to notify system administrators about positive or negative test results. The methods can be different: the appearance of a message on the computer screen of an IT specialist, a special sound, sending an email or SMS to the phone. In some cases, an application for monitoring computers on an enterprise's local network can restart some remote service or execute a script pre-written for it (then some failures will be resolved automatically).

If the program implements such a function, then all devices connected to the network will be clearly displayed on its diagram. Just by looking at their icons, a specialist will understand which of them are working normally and which are not functioning correctly. This feature makes it easier to diagnose group failures. The obtained test results are entered into a single database; As statistical information accumulates, it will be possible to build graphs to study changes in device response and track other parameters being tested.

Modern programs for monitoring computers on a local network make it possible to create a kind of control panel for the enterprise’s network infrastructure, with the help of which the employee responsible for the network can both monitor its important elements and check equipment parameters, and effectively manage remote hosts. Using the hosts context menu, you can view various data about remote hosts on the network: check SNMP information from switches, access the registries of remote computers, view running processes and event logs, restart services, and perform other actions.

Some programs not only monitor computer resources, but also help keep track of devices and software applications on network PCs. Thanks to them, the system administrator has the opportunity to obtain almost any information about the hardware and software on computers on the corporate network. Data collection takes place remotely, this allows not to interfere with the work of enterprise employees and saves the working time of system administrators.

PC monitoring programs on a local network allow you to keep accurate records of hardware. IT specialists will be able to quickly find out about the loss or malfunction of any component or about its replacement. When changes are detected, they are logged and the network administrator is notified. If you need to monitor certain parameters on user workstations at a specific frequency and receive alerts when they change, it may be possible to set up data collection on a schedule. In this case, computer resources will be monitored automatically.

Many programs not only generate reports on computer components, but also monitor their performance - the functioning of hard drives and their temperature are monitored. When a drive overheats or an application predicts that it may fail, the system administrator will see a report containing criticism of the PC's performance with a warning.

Accounting for software and licenses

If necessary, software monitoring software in local enterprise networks allows you to track changes in installed programs. In cases where user rights are not strictly limited, one of the company's employees may install an unwanted or unlicensed application on their computer. When monitoring, when software is installed or removed, any change is recorded and logged. This means that the system administrator will always know which programs were installed and where they were installed or removed from.

Often when monitoring computer resources, serial numbers and program licenses are tracked, the number of software installations is counted, and the correct use of serial numbers is monitored. All these measures really help to avoid problems when checking corporate software for licensing purity. In order to increase the level of security and fault tolerance of computers, a number of special monitoring programs have the functions of viewing completed software and system updates and drawing up a report on the operation of anti-virus software and the relevance of its databases.

Data collected by the program from network computers and displayed on the screen of the system administrator's PC can be included in a report. They can then be printed or exported to a specific database. In addition to automatically collected information, many applications for monitoring computer resources allow you to manually enter equipment serial numbers, office numbers of their users and their contact information.

If the program has a function for generating pivot tables, this will allow the IT specialist to find out which device is outdated and it’s time to replace it. The presence of special filters will allow you to set the necessary conditions for including a PC in the table. For example, make a list of workstations with processors of a specific brand or certain software applications, memory capacity, with a small amount of free disk space and other parameters.

Program selection

When deciding on the choice of specific software, you should take into account not only its functionality, but also the complexity of the setup procedure. Often, installing free systems is accompanied by enormous difficulties, as a result of which the setup can last for months and even never end. Therefore, when choosing, you need to carefully weigh all the pros and cons of a particular solution: often not too expensive and not very well-known developments can bring more benefits due to the ease of setup, and therefore saving the system administrator’s working time, which, especially in a large enterprise, requires. there will always be something to spend.

A hack employee is a disaster for any enterprise or company. Therefore, the question constantly arises of how to monitor an employee at his work computer and ensure that there are no unauthorized actions.

Let us immediately note that the employee must be informed (in writing, with a signature) that covert surveillance of the computer on the local network is being conducted. Perhaps only this fact will help to avoid violations and put the employee on the path of a “hard worker.” If not, then here is a solution for complete control over computers on the local network.

Local network monitoring program

So, the software is called “Mipko Employe Monitor” - a version specifically for corporate networks.

After installation and launch, and you can run it from the desktop or by pressing “ctrl+alt+shift+k”, you need to configure the user interface - what exactly needs to be monitored and controlled on the local network.

  1. 1. At the top left is a section where you select a user from your network whose log is currently being monitored: when expanded, a list of recorded actions will be displayed (depending on the settings).
  1. 2. Now directly about the functionality of “Tools” - “Settings”. For each user, the tracking parameters can be configured individually.

Monitoring allows you to track the following actions:

  • - keystrokes;
  • - screenshots;
  • - activity on social networks;
  • - messaging on Skype;
  • - websites visited;
  • - saving the clipboard;
  • - program activity;
  • - pictures from a webcam;
  • - call recording;
  • - operations with files.

Quite extensive functionality. The main thing that an employer is usually interested in when monitoring users on a local network is screenshots and websites visited.

In order not to face claims of interference with personal information (for example, if you set up viewing of visited web pages and saw personal correspondence on social networks), set a block on all social networks and chats, as well as a ban on installing third-party software - only what is required for the job.

Remote monitoring of a computer on a local network

As a rule, the employer is interested in only two aspects - a screenshot of the local network user’s computer and his viewing of web pages (as mentioned above, employees are familiar with this information).

  1. 3. Screenshot settings include the following components:

  • - selection of time interval, indicated either in minutes or seconds;
  • - take a photo when opening a window;
  • - take a photo with a mouse click;
  • - do not take a photo when you are not active;
  • - snapshot mode (full screen, window);
  • - and the quality of the image.
  1. 4. In the “visited websites” section, it’s even simpler: select the “interception type” and whether to save a screenshot.

  1. 5. Now about where all this will be saved or sent. In the settings section “Sending”:

  • - first, set the “Log type” and the pop-up list;
  • - set in what format the report “HTML” or archive “ZIP” will be saved;
  • - select the sorting type and time interval for sending the report;
  • - the most basic thing is where the report will be sent: to email/ftp/folder on your computer.
  • - then enter your username and password and click “Apply”.

That's it, now the employees are, as they say, “Under the hood” - you can monitor the users of the local network.

Good network monitoring and management programs help the administrator:

    identify conditions that lead to problems;

    solve network problems;

    prevent network failures.

Since this approach saves time and money, saves equipment, data and user nerves, in the long run it will be preferred over finding out the causes of the failure after it has occurred.

If network management is done correctly, it can also be seen as a proactive solution to problems. ISO has identified five categories of network management that are directly related to proactive problem solving.

1.Manage accounts for registering and issuing reports on the operation of network resources.

2.Configuration management to control network components and their parameters.

3. Failure prevention to find and isolate network problems.

4.Performance management to monitor, analyze and control data flows in the network.

5.Security management to track and control access to network resources.

Controls are means of solving problems. At first, it will take you some time to understand what statistical information you should receive on a regular basis. You will have to collect data in order to then draw conclusions about the characteristics of normal network operation. By knowing how the network should operate normally, you can monitor changes in this data (they often indicate potential problems in the network).

Modern network operating systems have built-in network monitoring utilities. They will help you monitor the operation of the network, build a reference graph of its behavior (as part of a program for early troubleshooting). These tools use three types of information:

event logs, which record errors, actions and situations affecting

security system, or other facts important for diagnosing problems;

resource access statistics, which stores information about who uses network resources and how;

performance statistics that reflect CPU load, server throughput and memory usage.

MicrosoftWindowsNTServer, for example, has a PerformanceMonitor utility that provides an overall picture of the state and activity of the system.

A network administrator can use PerformanceMonitor:

    to analyze network operation both in real time and in recording;

    identifying trends in its work;

    identifying bottlenecks;

    recording the effects of changes in the system and configuration;

    determining system capacity;

    monitoring local or remote computers;

    notifications to administrators about critical events;

    monitor the performance of processors, hard drives, memory and processes;

    viewing key parameters of the system as a whole.

Reference chart

Knowing how the network behaves during normal operating conditions is just as important as knowing how to troubleshoot the problems that caused the network to fail. Monitoring and documenting in detail the normal operation of your network will give you information from which you can create a reference graph of its behavior. And in case of any problems, you will compare the current behavior of the network with the reference one.

The reference schedule is created in advance when the network is functioning normally. It will help you determine:

general picture of network congestion during the day;

narrow places;

an overall picture of network usage by individual computers;

an overall picture of the schedule of various protocols.

The PerformanceMonitor utility is designed to monitor computer performance in real time, which allows you to find almost all bottlenecks. Figure 8.4 shows the %ProcessorTime curve, which reaches 100 percent. If this happens frequently (over a long period this figure is close to 100 percent), the bottleneck is the processor.

By analyzing the system behavior graph, you can prevent problems from arising, since it will tell you:

the network must be divided into several segments;

the number of file servers should be increased;

it is necessary to replace network adapters with more efficient ones.

Network management programs and proactive troubleshooting

Modern network management software offers a number of measures that will lead to proactive resolution of network problems.

Cross-checking and continuous monitoring of interacting network components (to ensure that a failure in one component does not appear to be a failure in another, healthy one).

Identifying invalid or erroneous packets.

Periodically check network components, test interfaces and monitor network activities.

Notification of the need to expand the network with new computers (or other components) and technologies.

Maintain a log (file) of errors (in adapters, cables and other components) and notify the administrator about them. Advanced management programs may even offer you one of the solutions to the problem.

Monitoring the operation of servers (including print servers and gateways), recording the results and notifying the administrator in case of network problems.

Maintaining network traffic history and error statistics. This includes information about the status of routes between computers and between LANs.

The management program can save all the interesting information in its log and import it into other files or databases. To present this information in a different form, the administrator must use other application programs.

In a large network, good management programs transmit this information to a central computer, where the administrator typically stores a detailed history of the remote LAN.

Summary

Network management is a multifaceted process. It also includes monitoring network behavior, which can be seen as a way to proactively troubleshoot problems. If planning, monitoring and management are carried out correctly, then problems will arise much less frequently. When planning a network, an administrator must implement concepts and procedures designed with one goal in mind: preventing a problem before it occurs. These plans include backup, unification, continuous improvement, and documentation.

Special utilities help the network administrator solve these problems. WindowsNT has built-in network monitoring and management programs that keep statistics on performance and resource access, as well as event logs.

An important part of network management is a reference graph of its behavior. It is created gradually, and very carefully and in detail. If the network begins to fail, the administrator should first refer to this graph. It compares current workload graphs with it, looks for potential bottlenecks, analyzes the number of errors and general performance statistics.

Solving network problems

Methodology

Despite the most sophisticated plans, monitoring and support, network problems will still arise. A network administrator or support engineer will be able to identify and resolve them more quickly if they take a structured approach rather than trying to apply all possible solutions one at a time.

Structural approach

The structured approach consists of five steps.

1. Determining the priority of the problem.

2.Collect information to identify symptoms.

3.Development of a list of possible causes.

4. Isolation of the problem.

5.Analysis of inspection results to develop a solution.

Determining Priority

The first step in a structured approach is to categorize problems according to their importance. Each user naturally wants his computer to be “fixed” before others. Therefore, first, the administrator or support engineer, having received a signal about a problem, must set its priority.

Setting priorities for solving network problems means determining the degree of impact each problem will have on the network. For example, the board in the monitor burned out and it stopped working. The board simply needs to be replaced, which is much less interesting for the administrator than dealing with someone's CD-ROM drive or sound system. But it's probably more important to fix the user's monitor than the gamer's CD-ROM.

You cannot solve all problems at once. And do they all require an immediate solution? What problems need to be solved first?

Collection of information

Collecting information is the foundation for error-free problem isolation. The administrator must have a reference graph of network behavior in order to compare its current behavior with it. In addition, while gathering information, you need to inspect the network and identify obvious causes of the problem. A quick review should include an inspection! network documentation to find out if this problem has occurred before and what solution was adopted.

User survey

If you ask users the right questions, their answers will help clarify the situation. The engineer should ask, “Why do you think the network is not OK?” The following user observations may tell you the symptoms of the problem.

"The network is slow."

"I can't contact the server."

“I was connected to the server, but the connection was lost.”

"One of my apps isn't working."

"I can't print on the printer."

An experienced administrator or support engineer, taking into account the user's observations, asks him a series of questions like or or And Not really, to narrow down the possible causes. For example:

Who was affected by the failure: everyone, someone in particular, or randomly one or another user?

Is the entire network down or just one computer?

Did this problem occur before the upgrade?

Does this problem happen all the time or does it happen from time to time?

Does this problem occur with all applications or with just one?

Has there been anything similar before?

Have new users appeared on the network? Has new equipment appeared on the network?

Was there any application installed before the problem occurred? Has any equipment been moved recently?

Which suppliers' products are involved?

Is there a pattern of problems with a specific vendor or specific components (cards, hubs, disk drives, applications, or networking software)?

Has anyone tried to solve this problem?

In addition, the network administrator or support engineer should consider the following factors:

versions of applications, operating systems and other software;

changing the configuration of network components or the network operating system.

As you become a network administrator or support engineer, you will become more familiar with your network's components and applications and have a better idea of ​​where to look first for possible causes of problems.

Dividing the network into segments

If a preliminary inspection of the network does not reveal the cause of the problem, the administrator or support engineer should mentally break the network into as many segments as possible so that they are dealing with a small portion of the network rather than the entire network.

Having identified the segment in which the problem is supposedly hidden, the administrator or support engineer should check all the components of this segment in turn:

adapters;

concentrators;

cables and connectors;

connecting components (repeaters, bridges, routers and gateways);

protocols.

Particular attention should be paid to network protocols: they are designed precisely to try to overcome any network errors.

Most protocols have a built-in mechanism for retrying failed operations, which tries to automatically restore the network's functionality. The launch of this mechanism is immediately noticeable as the network slows down due to a large number of retries.

This mechanism increases network reliability, but at the same time makes it difficult to identify the causes of some network problems, since the same symptom sometimes indicates several problems.

Here again, a list of questions aimed at narrowing down the range of possible causes will come in handy. At this stage, it is important to understand how each component is supposed to work and what the consequences of its failure may be. A reference graph of network behavior will also be useful.

Questions could be:

What computers can operate on the network?

Can a computer that is not connected to a network work autonomously?

Does the network adapter work on a computer that is not on the network?

Is there normal traffic on the network?

Possible reasons

After summing up all the information you have collected, develop a list of possible causes of the problem. Try to rank them in descending order of likelihood.

Isolating the problem

Having chosen the most likely cause, test the “suspected” component and find out how valid your guesses are. For example, if you suspect that one of your computers has a faulty network adapter card, try replacing it with another one that is known to work.

Analysis of results

If the test confirms your assumption, then the reason (or one of the reasons) has been found. If testing does not produce results. You should do it all over again. And if the list of possible reasons has dried up without revealing the problem. You will either have to return to the information gathering stage or ask for help.

Outside help

Most network administrators and support engineers pride themselves on being able to identify and fix network problems without outside help. They strive to gain respect and authority as excellent specialists. However, there are situations when it is impossible to do without someone else's intervention.

Firstly, there are other specialists in your company who will certainly help you. Secondly, you can contact the technical support of the hardware or software manufacturer. It would be a good idea to contact the supplier who sold you the network components for information.

The best administrators and support engineers are the ones who know when and where to ask for help (these are the ones that users respect the most).

Network monitoring programs- These are the indispensable assistants of every system administrator. They allow you to quickly respond to anomalous activity within the local network, be aware of all network processes and, thus, automate part of the administrator’s routine activities: primarily those related to ensuring network security. Let's see which local network monitoring programs are the most relevant in 2019.

This top opens with our own development TNM 2 - an extremely affordable and effective software solution for network monitoring of the activities of server machines, which displays the ideal balance between convenience (most free solutions do not have a GUI) and extensive functionality. One of the main programmable components of Total Network Monitor 2 are monitors, which perform checks at the frequency you require. The list of available checks is impressive. They allow you to track almost any parameter, from the availability of servers on the network to checking the status of services.

It is noteworthy that these objects are capable of independently eliminating the primary consequences of problems (that is, all this happens without the direct participation of the system administrator) - for example, rebooting individual services or user devices, activating an antivirus, supplementing the event log with new entries, etc. - in general, everything that the system administrator initially performed manually.

As for reporting, it stores all the information associated with each test that was carried out by the selected monitor. The cost for 1 copy of this application is only 5,000 rubles.

Observium

The Observium application, which is based on the SNMP protocol, allows you not only to examine the status of a network of any scale in real time, but also to analyze its performance level. This solution integrates with equipment from Cisco, Windows, Linux, HP, Juniper, Dell, FreeBSD, Brocade, Netscaler, NetApp and other vendors. Featuring a well-designed graphical interface, the software gives system administrators a ton of customization options, from ranges for auto-discovery to SNMP data needed to gather network information.

They also get access to data on the technical characteristics of all equipment that is currently connected to the network. Observium can present all reports that are generated by analyzing the event log in the form of charts and graphs, clearly demonstrating the “weaknesses” of the network. You can use either a demo version (which in our experience is underpowered) or a paid license that costs £200 per year.

Nagios

Nagios is an advanced monitoring solution that is managed via a web interface. It is by no means easy to learn, but thanks to its fairly large online community and well-researched documentation, it can be mastered in a few weeks.

Using Nagios, system administrators have the opportunity to remotely regulate the load on user or higher-level equipment in the network hierarchy (switches, routers, servers), monitor the level of load on memory reserves in databases, and monitor the physical indicators of parts of network equipment (for example, the temperature of the motherboard , combustion of which is one of the most common breakdowns in this area), etc.

When it comes to detecting network anomalies, Nagios automatically sends alarm notifications to an address preset by the system administrator - be it an email address or a mobile operator phone number. A free demo version will be available to you for 60 days.

PRTG Network Monitor

PRTG software component, compatible with devices based on Windows OS, is designed for network monitoring. It is not free (only a 30-day trial period is free), it is used not only for scanning devices that are currently connected to the local network, but can also serve as an excellent assistant in detecting network attacks.

Among the most useful PRTG network services: packet inspection, analysis and saving of statistical data to the database, viewing a network map in real time (the ability to obtain historical information about network behavior is also available), collecting technical parameters about devices connected to the network, as well as analysis load level on network equipment. Note that it is very easy to use - first of all, thanks to an intuitive graphical interface that can be opened using any browser. If necessary, the system administrator can also gain remote access to the application via a web server.

Kismet

Kismet is a useful open-source application for system administrators that allows you to comprehensively analyze network traffic, detect anomalies in it, prevent failures and can be used with systems based on *NIX/Windows/Cygwin/macOS. Kismet is often used specifically for analyzing wireless local networks based on the 802.11 b standard (including even networks with a hidden SSID).

With its help, you can easily find incorrectly configured and even illegally operating access points (which attackers use to intercept traffic) and other hidden devices that could be potentially “harmful” to your network. For these purposes, the application has a very well-developed ability to detect various types of network attacks - both at the network level and at the level of communication channels. As soon as one or more attacks are detected, the system administrator will receive an alarm and can take action to eliminate the threat.

WireShark

The free open-source traffic analyzer WireShark provides its users with incredibly advanced functionality and is rightfully recognized as an exemplary solution in the field of network diagnostics. It integrates perfectly with *NIX/Windows/macOS based systems.

Instead of confusing web interfaces and CLIs that require you to enter queries in a special programming language, this solution uses a GUI (although if you need to upgrade WireShark's standard set of features, you can easily program them in Lua).

By deploying and configuring it once on your server, you will receive a centralized element for monitoring the smallest changes in network operation and network protocols. This way, you can detect and identify problems occurring on your network early on.

NeDi

NeDi is completely free software that scans the network by MAC addresses (also among the valid search criteria are IP addresses and DNS) and compiles its own database from them. To operate, this software product uses a web interface.

Thus, you can monitor online all physical devices and their locations within your local network (in fact, you will be able to retrieve data about any network node - from its firmware to its configuration).

Some professionals use NeDi to find devices that are being used illegally (eg stolen). This software uses the CDP/LLDP protocols to connect to switches or routers. This is a very useful, although not easy to learn, solution.

Zabbix

Zabbix monitoring system is a universal open source network monitoring solution that can be configured for specific network models. Basically, it is intended for systems that have a multi-server architecture (in particular, Zabbix integrates with Linux/FreeBSD/Windows servers).

This application allows you to simultaneously manage hundreds of network nodes, which makes it an extremely effective tool in organizing the work of system administrators working in large-scale enterprises. To deploy Zabbix on your local network, you will need to either run software agents (daemons) or use the SNMP protocol (or another protocol for secure remote access); and to manage it you will have to master the web interface in PHP.

In addition, this software provides a complete set of tools for monitoring the status of network hardware. Note that in order to fully experience all the benefits of this solution, your system administrator will need to have at least basic knowledge of Perl or Python (or any other languages ​​that can be used together with Zabbix).

10-Strike: Network Monitoring

“Network Monitoring” is a Russian-language web-based software solution that fully automates all aspects of network security. With its help, system administrators can prevent the spread of virus software over a local network, as well as determine the cause of various technical malfunctions associated with broken cables or failure of individual units of the network infrastructure.

In addition, this software online monitors temperature, voltage, disk space and other parameters via SNMP and WMI. Among its disadvantages are a fairly heavy load on the CPU (which the developer himself honestly warns about) and a high price.

Network Olympus

And our list is completed by another program of ours. Unlike TNM, Network Olympus runs as a service and has a web interface, which gives much more flexibility and ease of use. The main feature is the scenario designer, which allows you to move away from performing primitive checks that do not allow you to take into account certain circumstances of the operation of devices. With its help, you can organize monitoring schemes of any complexity in order to accurately identify problems and malfunctions, as well as automate the process of eliminating them.

The scenario is based on a sensor from which you can build logical chains that, depending on the success of the check, will generate various alerts and actions aimed at solving your problems. Each element of the chain can be edited at any time and will be immediately applied to all devices to which the script is assigned. All network activity will be monitored using an activity log and special reports.

If you have a small network, then you will not need to buy a license - the program will work in free mode.

How to choose a network monitoring program: summary

It is difficult to definitely choose a winner and name the best local network monitoring program. But we are of the opinion that our Network Olympus product has many advantages and a very low barrier to entry, because it does not require special training in order to start working with it. In addition, it does not have the disadvantages of open-source solutions, such as lack of updates and poor compatibility (both with OS and TX devices). Thus, thanks to such a solution, you will be able to monitor all events occurring within your local network and respond to them in a timely manner.

In the previous article, a list of 80 tools for monitoring Linux systems was compiled. It also made sense to make a selection of tools for the Windows system. The following is a list that serves as a starting point only, there is no ranking.


1.Task Manager

The well-known Windows Task Manager is a utility for displaying a list of running processes and the resources they consume. But do you know how to use its full potential? As a rule, it is used to monitor the state of the processor and memory, but you can go much further. This application is pre-installed on all Microsoft operating systems.

2. Resource Monitor

A great tool to estimate CPU, RAM, network and disk usage in Windows. It allows you to quickly obtain all the necessary information about the status of critical servers.

3.Performance Monitor

The main tool for managing performance counters in Windows. Performance Monitor, known to us as System Monitor in earlier versions of Windows. The utility has several display modes, displays performance counters in real time, and saves data to log files for later study.

4.Reliability Monitor

Reliability Monitor - System stability monitor, allows you to monitor any changes in computer performance, you can find the stability monitor in Windows 7, in Windows 8: Control Panel > System and Security > Action Center. Using Reliability Monitor, you can keep a record of changes and failures on your computer, the data will be displayed in a convenient graphical form, which will allow you to track which application and when caused an error or froze, track the appearance of the Windows blue screen of death, the reason for its appearance (the next Windows update or program installation).

5.Microsoft SysInternals

SysInternals is a complete set of programs for administering and monitoring computers running Windows OS. You can download them for yourself for free on the Microsoft website. Sysinternals utilities help manage, troubleshoot, and diagnose Windows applications and operating systems.

6. SCOM (part of Microsoft System Center)

System Center is a complete set of tools for managing IT infrastructure, with which you can manage, deploy, monitor, configure Microsoft software (Windows, IIS, SQLServer, Exchange, and so on). Unfortunately, MSC is not free. SCOM is used for proactive monitoring of key IT infrastructure objects.

Monitoring Windows servers using the Nagios family

7. Nagios

Nagios has been the most popular infrastructure monitoring tool for several years (for Linux and Windows). If you are considering Nagios for Windows, then install and configure the agent on the Windows server. NSClient++ monitors the system in real time and provides outputs from a remote monitoring server and more.

8. Cacti

Typically used in conjunction with Nagios, it provides the user with a convenient web interface to the RRDTool utility, designed to work with Round Robin Databases, which are used to store information about changes in one or more quantities over a certain period of time. Statistics on network devices are presented in the form of a tree, the structure of which is specified by the user; you can plot channel usage, HDD partition usage, display resource latency, etc.

9. Shinken

A flexible, scalable, open source monitoring system based on the Nagios core written in Python. It is 5 times faster than Nagios. Shinken is compatible with Nagios, you can use its plugins and configurations without making adjustments or additional configuration.

10. Icinga

Another popular open monitoring system that checks hosts and services and reports their status to the administrator. As a fork of Nagios, Icinga is compatible with it and they have a lot in common.

11. OpsView

OpsView was originally free. Now, unfortunately, users of this monitoring system have to shell out money.

Op5 is another open source monitoring system. Plotting, storing and collecting data.

Alternatives to Nagios

13. Zabbix

Open source software for monitoring and tracking the status of various computer network services, servers and network equipment, used to obtain data on processor load, network usage, disk space and the like.

14. Munin

A good monitoring system that collects data from several servers simultaneously and displays everything in the form of graphs, with which you can track all past events on the server.

15.Zenoss

Written in Python using the Zope application server, data is stored in MySQL. With Zenoss you can
monitor network services, system resources, device performance, the Zenoss kernel analyzes the environment. This makes it possible to quickly understand a large number of specific devices.

16. Observium

A monitoring and surveillance system for network devices and servers, although the list of supported devices is huge and is not limited to network devices; the device must support SNMP.

17. Centreon

A comprehensive monitoring system allows you to monitor the entire infrastructure and applications containing system information. Free alternative to Nagios.

18. Ganglia

Ganglia is a scalable distributed monitoring system used in high-performance computing systems such as clusters and grids. Monitors statistics and computation history in real time for each of the monitored nodes.

19. Pandora FMS

Monitoring system, good productivity and scalability, one monitoring server can monitor the work of several thousand hosts.

20. NetXMS

Open source software for monitoring computer systems and networks.

21.OpenNMS

OpenNMS monitoring platform. Unlike Nagios, it supports SNMP, WMI and JMX.

22. HypericHQ

A component of the VMware vRealize Operations suite, it is used to monitor OS, middleware and applications in physical, virtual and cloud environments. Displays availability, performance, usage, events, logs, and changes at every level of the virtualization stack (from the vSphere hypervisor to guest OSes).

23. Bosun

Open source monitoring and alert system from StackExchange. Bosun has a well-thought-out data design, as well as a powerful language for processing it.

24. Sensu

Sensu is an open source alert system similar to Nagios. There is a simple dashboard, you can see a list of clients, checks and triggered alerts. The framework provides the mechanisms needed to collect and accumulate server operation statistics. Each server runs a Sensu agent (client), which uses a set of scripts to check the functionality of services, their status and collect any other information.

25. CollectM

CollectM collects statistics about system resource usage every 10 seconds. It can collect statistics for several hosts and send it to the server, the information is displayed using graphs.

28. Performance Analysis of Logs (PAL) Tool

34. Total Network Monitor

This is a program for constantly monitoring the operation of a local network of individual computers, network and system services. Total Network Monitor generates a report and notifies you about errors that have occurred. You can check any aspect of the operation of a service, server or file system: FTP, POP/SMTP, HTTP, IMAP, Registry, Event Log, Service State and others.

35. PRTG

38.Idera

Supports multiple operating systems and virtualization technologies. There are many free tools that you can use to monitor your system.

39. PowerAdmin

PowerAdmin is a commercial monitoring solution.

40. ELM Enterprise Manager

ELM Enterprise Manager - complete monitoring from “what happened” to “what is happening” in real time. Monitoring tools in ELM include - Event Collector, Performance Monitor, Service Monitor, Process Monitor, File Monitor, PING Monitor.

41.EventsEntry

42. Veeam ONE

An effective solution for monitoring, reporting and scheduling resources in VMware, Hyper-V and Veeam Backup & Replication infrastructure, monitors the health of your IT infrastructure and diagnoses problems before they interfere with user experience.

43. CA Unified Infrastructure Management (formerly CA Nimsoft Monitor, Unicenter)

Monitors the performance and availability of Windows server resources.

44. HP Operations Manager

This infrastructure monitoring software performs proactive root cause analysis, reducing recovery time and reducing operations management costs. The solution is ideal for automated monitoring.

45.Dell OpenManage

OpenManage (now Dell Enterprise Systems Management) is an all-in-one monitoring product.

46. ​​Halcyon Windows Server Manager

Management and monitoring of networks, applications and infrastructure.

Below is a list of (most popular) network monitoring tools

54.Ntop

55.NeDi

Nedi is an open source network monitoring tool.

54. The Dude

The Dude monitoring system, although free, according to experts, is in no way inferior to commercial products; it monitors individual servers, networks and network services.

55.BandwidthD

Open source program.

56. NagVis

An extension for Nagios that allows you to create infrastructure maps and display their status. NagVis supports a large number of different widgets and icon sets.

57. Proc Net Monitor

A free monitoring application that allows you to track all active processes and, if necessary, quickly stop them to reduce the load on the processor.

58. PingPlotter

Used to diagnose IP networks, it allows you to determine where losses and delays of network packets occur.

Small but useful tools

The list wouldn't be complete without mentioning a few hardware monitoring options.

60. Glint Computer Activity Monitor

61.RealTemp

A utility for monitoring temperatures of Intel processors, it does not require installation; it tracks the current, minimum and maximum temperature values ​​for each core and the start of throttling.

62. SpeedFan

A utility that allows you to control the temperature and fan speeds in the system, monitors the performance of sensors on the motherboard, video card and hard drives.

63.OpenHardwareMonitor