Are you really monitoring all of your network?
As networks become ever more critical to the operation of your business, complexity continues to increase. So you need to be sure that your monitoring platform is genuinely giving you visibility of the network devices. IP Fabric can help you answer the question “Am I really monitoring all of my network”? Walk with me and I’ll explain how.
The first key element of IP Fabric’s functionality is a class-leading discovery process. It starts by crawling your network to discover all the active network devices. It then analyses their relationships and interactions. And what happens to be the single most important part of ensuring that your network is being adequately monitored? To validate the list of devices in your monitoring platform actually matches with the devices that are in your network!
IP Fabric verifies that you have an accurate list of devices up and running and providing you with network service. Then our open RESTful API gives external platforms direct access to that up-to-the-minute inventory. To complete the picture, IP Fabric sends out Webhook triggers to an external system when its snapshots are run. If new devices are discovered, we can notify you within minutes. Your monitoring platform need never be out of date.
Once the inventory is confirmed as being up-to-date, you need to check that devices can be monitored by your system! For this, there are a couple of config checks that need to be carried out on the devices in question. First, you need to be sure that you have the correct credentials for the monitoring method (eg SNMP v2 communities, or SNMP v3 users). Then, you need to be clear that the device will allow access from your monitoring requests sourced from your system. This means checking configuration for ACLs and if they exist, validating that they allow the desired access.
IP Fabric retrieves that configuration and state data from network devices and stores it in its network model. You then create simple Intent Verification Rules to check the device configuration matches your monitoring system. If they don’t match, the rules will flag the device as needing attention.
Once a device is added, it isn’t enough to just check that it remains active in the network. Specific interfaces should then be monitored for state (up or down, active or disabled). And utilisation should be measured (usually in % of maximum available bandwidth). And it’s not enough to simply track every interface on every device. A lot of CPU time would be wasted in the process, generating huge amounts of output of little real value. False positives and alert fatigue that result from reporting every single transition of client-side network ports often obscure real issues.
In order to provide an accurate picture, understanding the topology of the network is vital. This then allows us to track which interfaces are critical to be monitored. The data that IP Fabric retrieves from the network includes a view of which interfaces are used to connect network devices, and how many users might be impacted by each port status. And so we identify the most critical interfaces on devices and poll only those for status and utilisation.
Why monitor the network at all? To ensure it is providing connectivity sufficient for a service to be available to its consumer. But how do we know which devices are critical to which service?
IP Fabric has an end-to-end path simulation capability, with which we are able to quickly determine the links and nodes that an application will useto deliver service to a consumer in a given location. The simulation also gives us the ingress and egress interface details for the nodes in the forwarding path. And so we can use the data from IP Fabric to bundle devices and interfaces into monitoring groups which represent or potentially impact the availability of a particular application service. And this data can be validated every time a snapshot is taken of the network.
Monitoring IP Fabric itself
Each time a snapshot is run in IP Fabric, the network is re-discovered. This allows us to track inventory, topology, state and configuration over time. And when a snapshot completes, Intent Verification Rules are run over new, fresh data, producing new assurance and compliance reports.
The results of this process are available over API, so we can monitor those values themselves over time. By including a probe in the monitoring system to poll API responses, we can produce graphs to show trends in state data and compliance rules, enhancing the capabilities of IP Fabric!
IP Fabric doesn’t replace your monitoring system. But by answering some of the questions that your monitoring can’t, it enhances your ability to assure your service availability!
To find out more, check out our Youtube channel youtube.com/c/ipfabric for demos of our monitoring platform integrations. Look at our other blog posts on the website to learn how our partners and customers are integrating IP Fabric with their wider operational ecosystem. And if you’re interested in a free trial of our platform, take a look here!