If only networks had infinite bandwidth, wouldn’t life be easier? Unfortunately, they don’t. Network congestion is still one of the biggest problems of every network. It happens when the actual bandwidth approaches or exceeds what’s available. As a rule of thumb, network administrators try to keep bandwidth utilization below 70% of the available bandwidth. This means that, on a 1 Gb/s interface, there should never be more than 700 Mb/s of actual traffic. The best way to keep that from happening is by keeping a close eye on the actual network traffic.
While several tools can be used for that purpose, most only provide average utilization figures over a period of time. Today, we’re having a look at real-time bandwidth monitoring.
We’ll start off by describing the different methods that can be used to monitor bandwidth, As you shall soon see, there are mainly three of them, and one of them won’t give you true real-time figures although one can cheat and get near real-time data. More about that in a moment. Then, we’ll have a look at some of the best tools you can use for real-time bandwidth monitoring. Our list has tools of all three types.
Congestion is the number one enemy of networks. We all know that. Think of a network as a highway where congestion is similar to traffic jams. However, unlike automobile traffic which you can easily see, network traffic happens within cables, switches and routers or over the air where it remains invisible. This is where network bandwidth monitoring tools can come in handy. They give network administrators the visibility they need to make sure things keep running smoothly.
Monitoring bandwidth in real-time is particularly interesting, especially when troubleshooting performance issues. Many monitoring tools use technologies that poll devices at rather long intervals and compute average utilization figures. Consequently, it is easy to miss short bursts of high utilization that will often be averaged out b traditional tools. Talking about the tools, let’s have a look at what they are.
ALSO READ: Top 10 Intrusion Detection Tools
Network Monitoring Tools
There are several ways that can be used to monitor network bandwidth utilization. The first is to capture packets at a given point on the network. You can also use SNMP to poll devices for interface statistics and finally, you can have devices that support the technology send out NetFlow of S-Flow information.
Packet capture used to be the number one way of analyzing network traffic. For a while, it was the only way. And it is still used a lot to pinpoint specific network issues but it’s rarely used for bandwidth monitoring anymore. With packet capture, every data packet in and/or out of a specific device’s interface is captured and decoded. This can easily give you a real-time view of what’s going on. However, bandwidth monitoring has no real use for the content of each packet but only its size. Although very efficient, many administrators and engineers feel that using packet capture for real-time bandwidth monitoring is a gross overkill.
FURTHER READING: Best Network Diagram Mapping and Topology Software
The Simple Network Management Protocol—or SNMP—is a huge and very complex protocol that can be used to remotely monitor, configure and modify different types of networking equipment. The only thing simple about it is its name, though. Implementing it can be a rather complex task. Using this technology, SNMP-enabled devices make a certain number of parameters available.
When it comes to bandwidth monitoring, two of those parameters are of interest. They are called bytes in and bytes out and they are available for each network interface. By reading these values periodically, you can compute the number of bytes per unit of time which is exactly what bandwidth is.
The precision you get depends on the polling interval. SNMP monitoring tools typically poll devices every 5 minutes, thereby computing 5-minute average utilization. However, by using a very short polling interval (one second, for example) one can get near real-time measurements.
Originally developed by Cisco Systems, NetFlow is, as its name suggests, a network flow analysis system. Devices that support NetFlow—or one of its multiple cousins such as J-flow or IPFIX—collect information about each data flow—hence the name—which they then sent to a NetFlow collector and analyzer. This flow information contains quantitative information about the flow and, since it is sent as soon as a flow terminates, you get near real-time data.
RELATED READING: Best IP Scanners for Mac
The Best Tools For Real-Time Bandwidth Monitoring
Our picks of the best tool include tools in all three categories. Some are specifically designed for real-time bandwidth monitoring while others can be configured to provide that type of metric. Others yet will provide usage data from which real-time bandwidth usage can be extrapolated. Let’s have a look at what they are.
1. SolarWinds Real-Time Bandwidth Monitor (FREE DOWNLOAD)
Every network administrator should know SolarWinds. The US-based company has been making great network administration tools for about 20 years. It benefits from an excellent reputation for making some great free tools that are distributed in a no-strings-attached fashion. SolarWinds also makes several commercial tools that are among the best on the market. Its flagship product, the Network Performance Monitor (NPM) is a complete monitoring solution that can be scaled to networks of any size, from the smallest to the largest.
One of SolarWinds’ best free tools—and our number one pick—is the SolarWinds Real-Time Bandwidth Monitor. The software, which runs on Microsoft Windows, uses SNMP to poll multiple network devices and get traffic statistics from their various interfaces. The results are shown visually on graphs depicting each interface’s usage statistics.
- FREE DOWNLOAD: SolarWinds Real-Time Bandwidth Monitor
- Official download link: https://www.solarwinds.com/free-tools/network-analyzer-bandwidth-monitoring-bundle/registration
Configuring the tool is a simple matter of providing a device’s IP address or hostname and SNMP parameters such version and community string. The real-time bandwidth monitor then displays a list of available interfaces on the chosen device also with some basic data about them. Selecting a specific interface by clicking it reveals a graphic displaying in real-time the inbound and outbound bandwidth usage on the selected interface. You can also set alert thresholds to be notified whenever usage exceeds a predefined limit on any interface.
There are some limitations to this free tool. For instance, only one device can be monitored at a time. Also, usage history is only kept for 60 minutes. This makes the tool a great asset for troubleshooting purposes but probably not for long-term utilization evolution surveying. For a more comprehensive package, the SolarWinds Bandwidth Analyzer Pack can be purchased.
The SolarWinds Real-Time Bandwidth Monitor is distributed as a bundle along with the SolarWinds Network Analyzer, another great free tool that you can use to monitor NetFlow-enabled devices. That tool will let you drill down by conversation, application, endpoints or protocol which the real-time bandwidth monitor won’t.
You can get the bundle with both the free Real-time Bandwidth Monitor AND the Network Analyzer by visiting SolarWinds’ website.
2. SolarWinds Deep Packet Inspection and Analysis Tool (FREE TRIAL)
Another excellent tool from SolarWinds that can help you with real-time bandwidth monitoring is the Deep Packet Inspection and Analysis Tool. It comes as a component of SolarWinds’ flagship product, the Network Performance Monitor. It is a type of packet capture tool yet its operation is quite different from more “traditional” packet sniffers.
- FREE TRIAL: SolarWinds Deep Packet Inspection and Analysis Tool
- Official download link: https://www.solarwinds.com/network-performance-monitor/registration
To summarize the tool’s functionality: it will help you find and resolve the cause of network latencies, identify impacted applications, and determine if slowness is caused by the network or an application. The software will also use deep packet inspection techniques to calculate response time for over twelve hundred applications. It will also classify network traffic by category, business vs. social, and risk level, helping you identify non-business traffic that may need to be filtered or otherwise eliminated.
The SolarWinds Deep Packet Inspection and Analysis Tool comes as part of the Network Performance Monitor which, in itself, is an impressive piece of software with so many components that a whole article could be dedicated to it. At its core, it is a complete network monitoring solution that combines the best technologies such as SNMP and deep packet inspection to provide as much information about the state of your network as possible. The tool, which is reasonably priced comes with a 30-day free trial so you can make sure it really fits your needs before committing to purchasing it.
3. SolarWinds NetFlow Traffic Analyzer (FREE TRIAL)
The SolarWinds NetFlow Traffic Analyzer is simply one of the best flow analysis tools there are. It installs on top of the SolarWinds Network Performance Monitor, another great tool, and adds a unique set of information about your network’s traffic. You can use the tool for monitoring bandwidth usage by application, by protocol, and by IP address group. It will monitor Cisco’s NetFlow, IPFIX, Juniper’s J-Flow, sFlow, and Huawei’s NetStream flow data allowing it to identify which devices, applications, and protocols are the highest bandwidth consumers. It will also collect traffic data, correlating it into a usable format, and presenting it to the user through a web-based interface for monitoring network traffic. Furthermore, it can identify which applications and categories consume the most bandwidth for better network traffic visibility.
- FREE TRIAL: SolarWinds NetFlow Traffic Analyzer
- Official Download Link: https://www.solarwinds.com/netflow-traffic-analyzer/registration
The SolarWinds NetFlow Traffic Analyzer is an add-on module to the SolarWinds Network Performance Monitor. It uses the NPM’s database and node management facilities. As such, the most important requirement is that you have the Network Performance Monitor installed and configured first.
The SolarWinds NetFlow Traffic Analyzer is licensed based on the underlying Network Performance Monitor license. If you already own the Network Performance Monitor, you need to make sure the license level selection is the same for both products. If you do not already own NPM, keep reading for more options. Like NPM, NTA is available in five licensing tiers, based on the number of monitored nodes. Prices start at $1 945 for 100 nodes. If you don’t already have a SolarWinds Network Performance Monitor license, both products can be purchased together as the Network Bandwidth Analyzer Pack. If you want to give these two great products a test run and see first-hand what they can do for you, a free 30-day trial version is available from SolarWinds.
4. ManageEngine SNMP Bandwidth Monitoring Software
ManageEngine is self-described as a company that “has complete and easy solutions for even your most difficult IT management problems, from keeping your business safe to ensuring high availability to making your users happy.” This is a bold statement but it describes the company quite well. ManageEngine is well-known for its high-quality tools including several tools aimed at monitoring different aspects of networks.
And just like SolarWinds, ManageEngine is also famous for its free tools. Of particular interest in the context of this article is the SNMP Bandwidth Monitoring Software. It is offered as part of ManageEngine’s free OpUtils bundle, a huge pack of some 16 network management utilities. It runs on both Windows and Linux and the free edition allows monitoring up to 10 devices and their interfaces.
Setting the tool up, just like it’s almost always the case, requires several steps. You first specify a subnet to scan and some SNMP parameters to use. The tool will then discover devices on the specified subnet. Once the devices are discovered, you can view their interface’s statuses from the inventory tab. You can also display graphs of network speed and bandwidth usage.
For each interface, you can generate reports of bandwidth usage over the past 12 hours to one month. Furthermore, you can set alert thresholds and be notified by email or SMS text messages whenever they are reached.
The ManageEngine SNMP Bandwidth Monitoring Software is ideal if your network is small with no more than 10 devices. If you manage a bigger network, ManageEngine also has paid version with no device limitation that you may want to try. To make it easier, ManageEngine offers a free 30-day evaluation version of its full OpsUtil software. In fact, the free version is first installed as a 30-day trial and revert to limited features after the trial period ends.
5. PRTG Network Monitor
According to Paessler, its publisher, you can set up the PRTG Network Monitor and be up and running in a couple of minutes. Our experience shows that it might take you a bit longer than that to get it completely configured to your liking and monitoring all your devices but we have to admit that setting the product up was an exceptionally easy experience.
Feature-wise, PRTG is an impressive product. For starters, the product comes with several different user interfaces. There’s a native Windows enterprise console, an Ajax-based web interface as well as mobile apps for Android and iOS. And the different interface makes full use of each device’s capabilities. For example, PRTG allows you to print QR code labels that you can affix to your devices. Then, scanning the code from the mobile app will quickly take you to the device’s graphs.
And talking about graphs, PRTG leaves nothing to be desired. It can not only monitor and graph bandwidth utilization but also many more parameters using SNMP, WMI, NetFlow, and sFlow. It also has some amazing reports that can be viewed as HTML or PDF or exported to CSV or XML to be processed externally. The reports can be run on-demand or be scheduled to run automatically.
The Paessler website lets you download two different versions of PRTG. You can choose either the free version of the free 30-day trial version. The former will limit you to monitoring up to 100 sensors. In PRTG parlance, a sensor is each parameter that you want to monitor. For example, monitoring bandwidth on each port of a 48-port switch will require 48 sensors. And if you also want to monitor the switch’s CPU and memory loads, you’ll need two more sensors. As you can see, they can quickly add up.
Wireshark is the reference in packet sniffers. It has become the de-facto standard and most other tools tend to emulate it. This tool will not only capture traffic, but it also has quite powerful analysis capabilities. So powerful that many administrators will use tcpdump or Windump to capture traffic to a file then load the file into Wireshark for analysis. This is such a common way of using Wireshark that upon startup, you’re prompted to either open an existing pcap file or start capturing traffic. Another strength of Wireshark is all the filters it incorporates which allow you to zero in on precisely the data you’re interested in.
To be perfectly honest, Wireshark tends to have a steep learning curve but it is well worth learning. It will prove invaluable time and time again. And once you’ve learned it, you’ll be able to use it everywhere as it has been ported to almost every operating system and it is free and open-source.