In this video you will learn about network event management, SIEM, SNMP monitors, and network performance metrics such as: bandwidth, throughput, packet drops, error rate, and utilization.
Event Management
Event management is the process that monitors all events that occur through the IT infrastructure. It allows for normal operations and also detects and escalates exception conditions. An event can be defined as any detectable or discernible occurrence that has significance for the management of the IT infrastructure or the delivery of IT service and evaluation of the impact a deviation might cause to the services. Events are typically notifications created by an IT service or monitoring tool. The purpose of event management is the following:[1]
SIEM (Security Information & Event Management)
Security information and event management (SIEM) technology supports threat detection, compliance and security incident management through the collection and analysis (both near real time & historical) of security events, as well as a wide variety of other event and contextual data sources. The core capabilities are a broad scope of log event collection and management, the ability to analyze log events and other data across disparate sources, and operational capabilities (such as incident management, dashboards and reporting).[2]
SNMP (Simple Network Management Protocol) Monitors
SNMP is an Internet standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, etc.[3] SNMP is widely used in network management for networking monitoring. SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB) which describe the system status and configuration. These variables can then be remotely queried (and in some circumstances, manipulated) by managing applications.[4]
Network Performance Metrics
Network performance monitoring is the process used to track, evaluate and diagnose the performance of a network. With the variety of devices, technologies and network environments continuing to expand, the definition of optimal performance can vary significantly. Network performance metrics are the measurable outputs that indicate how the infrastructure and services are operating as a part of short-term and long-term network performance evaluations. Real-time analysis of these metrics allows teams to identify potential problems on the network and prioritize IT resources and response according to impact. Over time, network performance metrics support a long-term understanding of end-user demands and help in building and adaptive network that meets future business needs.[5] Some network performance metrics that you should be aware of are:
References