SNMP - widely used protocol for network management, allowing administrators to monitor, configure, and control network devices., Traps - unsolicited messages sent from an SNMP- enabled device to a management station, notifying it of significant events or conditions., Management information base (MIB) - contain information about network devices, such as their status, capacity, and performance, in the form of data objects., (MIB) V2 - extension of the original SNMP protocol, offering enhancements like bulk retrieval capabilities., (MIB) V3 - most secure version of the Simple Network Management Protocol, providing important security enhancements over its predecessors., Community strings - grants access to device’s information. There are two common community strings that are used, Public: which mainly provides read-only access and Private: which generally provides read- write access., Authentication - enhances security through robust authentication mechanisms that verify the identity of the source and destination before allowing access to network data, Flow data - involves capturing and analyzing metadata about network traffic, such as source and destination IP addresses, port numbers, and protocol types., Packet capture - the process of intercepting and logging traffic that passes over a digital network. As a diagnostic tool, packet capture helps network administrators to thoroughly examine network traffic to diagnose performance issues and detect malicious activities., Baseline metrics - establish a standard level of normal network performance, including typical traffic volume, performance speeds, and error rates., Anomaly alerting/notification - are designed to automatically detect and report deviations from baseline metrics, signaling potential performance or security issues., Log aggregation - process of collecting, consolidating, and analyzing computer-generated log messages from various sources across the network., Syslog collector - dedicated tool used for gathering log data generated by devices within a network., Security information and event management (SIEM) - provides real-time analysis of security alerts generated by network hardware and applications., Application programming interface (API) integration - are used in network management to allow seamless integration between different software systems., Port mirroring - is a networking functionality that duplicates packets on specified ports or VLANs and forwards them to a specified port for further analysis., Solutions - encompass various tools and techniques used to manage, monitor, and secure the network infrastructure., Network discovery - involves identifying devices, servers, and other hardware components connected to a network., Ad hoc - performed manually on an as- needed basis, providing immediate visibility into the network when specific issues or updates arise., Scheduled - automated and occurs at regular intervals, ensuring consistent and up-to-date network mapping., Traffic analysis - involves examining the data packets flowing through the network to identify usage patterns, bandwidth consumption, and potential bottleneck., Performance monitoring - tracks various metrics such as response times, throughput rates, and error rates to evaluate the health and efficiency of the network., Availability monitoring - ensures that all critical network components are operational and accessible to users. It detects downtime and failures, helping network teams to quickly address issues and minimize service disruptions., Configuration monitoring - involves tracking changes to network device configurations to prevent unauthorized modifications and ensure compliance with security policies.,

3.2 Network monitoring technologies

Odštampaj
Ugradi

Tabela

Vizuelni stil

Postavke

Promeni šablon

Vrati automatski sačuvano: ?