Would you know if one of the 2 power supplies in one of your critical switches went out? What would alert you to an SSL certificate expiring on a web-based application you use every day? If you’re like most organizations, you have some kind of infrastructure monitoring in place. Could you take the approach of “If anything breaks, my users will let me know”? Sure you could! Would it work? Yep! Would you end up looking like you don’t know what’s going on with your infrastructure? Probably. So to avoid that, and attempt to know what’s happening before your users do (or at least before they call), you would probably help yourself out by getting some sort of automated monitoring solution in place to alert you immediately about a potential issue.
If you wanted the most basic monitor, you might ping a list of IP addresses every so often just to make sure everything is up and running, but you’d be missing out on so much! Because it’s built into nearly all IP devices, most infrastructure monitoring uses SNMP (Simple Network Management Protocol) to get you more information than whether a device is ping-able or not and also in some cases can be used to make changes to the device. SNMP was introduced in 1988 and is ultimately a database of information gathered from a device that is being constantly updated. A MIB (Management Information Base) is the database of statistics or statuses gathered from the device, and each object in that database has a unique OID (Object Identifier) for each of those stats. There are universal MIBs available as well as vendor-specific MIBs to gather data that isn’t included in the universal ones.
There are 2 main ways SNMP is used: An “SNMP trap” is set on the device to take an action (like alerting a 3rd party server) when the data crosses a threshold, and an “SNMP get” is set on an NMS (or Network Management System) to poll a specific OID on a device, and will handle the thresholds and actions and usually maintain a larger set of historical data. The benefit of a trap is that it’s real time (a get is usually set to poll every so often), and the benefit of a get is that you’re able to offload any additional processing of thresholds and actions from your device which likely has another job to focus on and requires less configuration on each of your devices.
In addition to SNMP, many vendors are now including API (Application Programming Interface) access to device data which is extremely similar to SNMP, but I think has a couple additional benefits. Although SNMP has been a standard for a long time, I don’t think there are as many tools or programmers with familiarity as there are with APIs. I’m guessing vendors can find programmers that can make data available in API’s more easily than someone to set up custom SNMP MIBs. It also opens up a new way of gathering and acting on that data.
The data available from your devices regardless of how it’s gathered, can make a huge difference in not only being alerted to an issue, but in the time it takes to resolve an issue. If you have a monitoring system full of historic device information, you can spot anomalies in performance or find trends that may alert you to an issue before it even happens.
The monitoring solutions that I’ve come across range from open source which although free, takes a mountain of work to get going, to quite expensive solutions with a plethora of features and functions seemingly requiring a doctorate from the vendor to operate…and everything in between. I believe organizations should really consider what is most important to them before comparing and selecting a monitoring solution. Some of the things that were important to me were that we get alerts for actionable issues without getting false alarms or alerts that don’t require anything to be done. Another was that it be flexible and customizable in an intuitive way. One other item was that it be able to incorporate new methods of monitoring and vendor-specific capabilities as they become available. I think every organization will likely have slightly (or greatly) differing priorities in their monitoring, but when choosing a solution it may be beneficial to consider whether you train your own staff or have a 3rd party manage your monitoring for you.
It just so happens that LookingPoint offers an infrastructure monitoring service if you’re interested. We can configure the monitoring and alerting for you and work with you on device configuration as well. If you’re interested or want more information, give us a call! Please reach out to us at sales@lookingpoint.com and we’ll be happy to help!
Ryan Alibrando, Managed Services Team Lead