SNMP vs. NetBeez

Intro to SNMP

SNMP (Simple Network Management Protocol) is an Internet Standard that defines how to query network devices, such as routers and switches. The information requested via SNMP typically relates to the status of various resources within a device. Resources are, for example, the CPU utilization, memory consumption, and network interfaces. What specific information you can get from a particular device depends on the manufacturer and the model of that device. Manufacturers create sets of files called management information base (MIB) files that outline what you can ask from specific devices. Most network monitoring tools have a predefined set of standards SNMP MIB. The network administrator can also import vendor specific MIB files into a Network Management System (NMS).

The following is the snippet of the for the Cisco ISR 1000 router.

cbgpRouteTable OBJECT-TYPE
    SYNTAX          SEQUENCE OF CbgpRouteEntry 
    MAX-ACCESS      not-accessible
    STATUS          current
        "This table contains information about routes to
        destination networks from all BGP4 peers.  Since 
        BGP4 can carry routes for multiple Network Layer 
        protocols, this table has the Address Family 
        Identifier(AFI) of the Network Layer protocol as the 
        first index. Further for a given AFI, routes carried
        by BGP4 are distinguished based on Subsequent Address 
        Family Identifiers(SAFI).  Hence that is used as the
        second index.  Conceptually there is a separate Loc-RIB
        maintained by the BGP speaker for each combination of 
        AFI and SAFI supported by it."
        "RFC-1771: A Border Gateway Protocol 4 (BGP-4),
         RFC-2858: Multiprotocol Extensions for BGP-4,
         RFC-2547: BGP/MPLS VPNs"
    ::= { cbgpRoute 1 }

SNMP Architecture

The protocol relies on a software agent on each monitored device, responding to queries from a network management server (NMS). The NMS, also known as an SNMP poller, regularly requests resource utilization values from each device to verify its status. If the agent reports values exceeding an administrator-set threshold, the server generates an alert for the network administrator.

snmp poller

An SNMP agent utilizes UDP port 161 to accept requests from a poller. SNMP can also be used to configure devices. If needed, it can send alerts, called traps, to an SNMP trap receiver. These traps are triggered when an event requiring administrative attention occurs on the device itself. An SNMP trap might be triggered, for instance, when a router’s network interface goes offline. By default, an SNMP agent sends traps using UDP to port 162.


SNMP Limits

The function of SNMP tools is to detect about unavailability and performance degradation issues of network devices. In fact, these are events that negatively affect the status and performance of network services. However, while knowing the status of network devices is necessary, it’s not sufficient to verify the availability and performance of user facing network services. SNMP monitoring tools can tell you if a router or switch is working. On the other end, it can’t tell you if users are having connectivity or performance issues to SaaS applications.

Adding the End-User Perspective to Network Monitoring

Network monitoring with SNMP is not enough to capture the end-user perspective. SNMP tools should be complemented by a set of dedicated sensors that perform active end-to-end performance tests. These agents runs performance and availability tests against SaaS applications, breaking down performance from the network, to the DNS, and HTTP layer. These tests are used to verify that users are having a good experience with the network and application. This is the goal of NetBeez. NetBeez relies on hardware (Ethernet and WiFi) and software sensors that are configured to continuously perform tests like ICMP, DNS, HTTP, and Traceroute. These tests can detect end-user experience issues derived by network and application degradation like packet loss, increased network latency, increased DNS and HTTP response time.

TestType of Information
PING Round-trip-time, packet loss, host unreacheable
DNSDNS query time, DNS failure rate, DNS service down
HTTP GET time, GET failure rate, web server unavailable and other HTTP error codes
Speedtest Download speed, upload speed
Iperf TCP/UDP throughput, packet loss, jitter

Network Monitoring Sensors Location

An important factor of active monitoring tools like NetBeez is the location of the sensors. When implementing a distributed network monitoring monitoring solution, you should have enough observation points to get a complete view of the network. Each network location where there are users (e.g. offices) or applications (e.g. data centers), should include one or more sensors. To deploy sensors in a Wide Area Network (WAN), you can use single-board computers like the Raspberry Pi. These platforms are also useful to monitor wireless networks, which are intrinsically more challenging to monitor and support than wired networks. On the other side, if you need to monitor a set of applications in a data center, the monitoring sensors can be provisioned as virtual appliances or software containers.

Network Type

Sensor Options

Remote office locationSingle-board computer, virtual appliance, dedicated workstation with software package, …
Data center or cloud OVA, KVM, Docker, …
WLANsWireless sensors
decoration image

Get your free trial now

Monitor your network from the user perspective

You can share

Twitter Linkedin Facebook

Let's keep in touch

decoration image