Comparison To Other Monitoring Technologies
Various monitoring approaches can be used, depending on the network technology and the monitoring objective:
The simplest type of monitoring is logging in to an interesting device and running programs or commands that show performance statistics and other data. This is the cheapest way to monitor a network, and is highly appropriate for small networks. However, it does not scale well to large networks. It can also impact the network being monitored; see observer effect.
Another way to monitor devices is to use a remote management protocol such as SNMP to ask devices about their performance. This scales well, but is not necessarily appropriate for all types of monitoring. The inherent problems with SNMP are the polling effect. Many vendors have alleviated this by using intelligent polling schedulers, but this may still affect the performance of the device being monitored. It also opens up a host of potential security problems.
Another method to monitor networks is by enable promiscuous mode on the monitoring host, and connecting it to a shared segment. This works well with older LAN technologies such as 10BASE-T Ethernet, FDDI, and token ring. On such networks, any host can automatically see what all other hosts were doing by enabling promiscuous mode. However, modern switched network technologies such as those used on modern Ethernets provide, in effect, point-to-point links between pairs of devices, so it is hard for other devices to see traffic.
Another method to monitor networks is to use port mirroring (called "SPAN", for Switched Port Analyzer, by Cisco, and given other names by some other vendors) on routers and switches. This is a low-cost alternative to network taps, and solves many of the same problems. However, not all routers and switches support port mirroring and, on those that do, using port mirroring can affect the performance of the router or switch. These technologies may also be subject to the problem with full-duplex described elsewhere in this article, and there are often limits for the router or switch on how many pass-through sessions can be monitored, or how many monitor ports (generally two) can monitor a given session.
Read more about this topic: Network Tap
Famous quotes containing the words comparison to and/or comparison:
“It is very important not to become hard. The artist must always have one skin too few in comparison to other people, so you feel the slightest wind.”
—Shusha Guppy (b. 1938)
“Certainly there is not the fight recorded in Concord history, at least, if in the history of America, that will bear a moment’s comparison with this, whether for the numbers engaged in it, or for the patriotism and heroism displayed.”
—Henry David Thoreau (1817–1862)