Monitoring router traffic is often more than just a nice to have. With routers often facing bandwidth-limited WAN circuits, it is important to keep a watchful eye on bandwidth usage. But even in a LAN context, they are often located at a strategic point where monitoring traffic is more than useful. Since network traffic is not readily visible, you need to use specialized tools to monitor it. This is what bandwidth monitoring and traffic analysis systems are for. There are, however, many such systems available. So many that picking one can turn out to be a daunting task. To help you, we’ve assembled a list—or rather, two lists—of the best bandwidth monitoring and traffic analysis tools. But we won’t just list them, we’ll also review their best and most interesting features.
Before we get to the core of the matter, we’ll briefly discuss network monitoring. We’ll see how there are mainly two types of monitoring. One gives you a simple measure of a circuit’s utilization while the other can provide much more details on the nature of the traffic using up the bandwidth. It is not rare to see them both used in parallel. We’ll then have a look at the technologies used for each type of monitoring. First, we’ll describe SNMP and then we’ll talk about flow analysis. We won’t bury you in technical details but provide enough background information to better appreciate the upcoming reviews. And talking about reviews, this is what we have next we’ll introduce three each of the best bandwidth monitoring tools and best flow analysis tools.
Router Monitoring Explained
Network traffic is often compared to road traffic. Network circuits can be thought of as highways and the data they transport are like vehicles travelling on them. Continuing the analogy, a router similar to a highway interchange. But while automobile traffic is visible and any problem or congestion is readily observable, seeing what’s going on within a network can be a bit more complex. Router traffic is hidden within the devices, copper cables or glass fibres and it travels at the speed of light; way too fast for anyone to see it.
To monitor router traffic, monitoring tools must be used. Some can poll devices to get their interfaces’ traffic figures and to show you how much data travels through them. Other tools, as we’ll discuss in a moment, use a different approach to get details about data flows and build reports that not only show how much data goes by but also what that data is, where it’s coming from and where it’s going to.
Quantitative vs Qualitative Monitoring
Bandwidth utilization monitoring tools s are the most basic of the router monitoring tools. They can measure how much data is transported on each router interface. Most of these tools rely on the Simple Network Management Protocol or SNMP to poll routers, read their interface counters, and compute the amount of traffic going through their interfaces. They can use the computed data to build graphs depicting the evolution of the monitored parameters over time. They will often let you zoom in into a shorter time span where graph resolution is high and can, for instance, display 5-minute average traffic or zoom out to a longer time span–a month or even a year–where it displays daily or weekly averages.
Then we have another category of tools called flow analyzers. They can give you much more details about the data passing through your routers. These tools don’t just tell you how much traffic is going by, they give you qualitative information about that traffic. They rely on software that’s built right into your router’s firmware to send them detailed usage data. Using these tools will provide details such as the top talkers and listeners, the network usage by source or destination address, the network usage by protocol or by application and several other useful information about what is going on.
A handful of flow analysis technologies exist but Cisco’s NetFlow is the most common of them. It is, of course, present on most Cisco devices. It is also present—sometimes under a different name—on equipment from other vendors, such as J-flow on Juniper devices or NetStream on HP and Huawei equipment. There’s even an IETF standard protocol called IPFIX which is based on the latest version of NetFlow. Typical flow analysis tools support several—if not all—technologies.
SNMP In A Nutshell
The Simple Network Management Protocol (SNMP) it the most common router monitoring technology. SNMP-enabled routers (aren’t they all?) “publish” a certain number of parameters. Some are configuration parameters that can be modified while others are read-only counters, used mainly for monitoring purposes. There are, for example, CPU and memory usage gauges as well as interface traffic counters available via SNMP.
For bandwidth monitoring, the process entails more than just remotely reading gauges. Two counters called bytes in and bytes out (each router interface has them) are read by the monitoring tool at precisely timed intervals. Every 5 minutes is a typical interval. The monitoring tool then subtracts the previous value of the counter from the current one to get the number of bytes transferred in five minutes. It multiplies that number by 8 to get the number of bits in five minutes. Finally, it simply divides the last result by 300 to get the average 5-minute bandwidth in bits per second.
About Flow Analysis
Originally used solely to simplify the creation of router access control lists, Cisco’s engineers quickly realized that NetFlow data could be put to better use by exporting it to a device with the ability analyze that information.
NetFlow uses a three-component architecture. The exporter runs on the monitored device, aggregates packets into flows, and exports flow records to a flow collector. The flow collector handles the reception, storage and pre-processing of the flow data. Finally, the flow analyzer is used to analyze the flow data. Today, most systems combine the collector and analyzer in one device.
The Best Router Bandwidth Monitoring Tools
The following tools are some of the very best you can find. They all use SNMP to poll routers and read their interfaces traffic counters to build graphs depicting the evolution of interface bandwidth utilization over time. While they all offer the same core functionality, they differ in all the extra features each include. Picking the best one is, more than anything, a matter of matching your specific needs to each product’s features.
The SolarWinds name is well-known to many network administrators. The company makes some of the best network and system administration tools an many of them have received rave reviews and are considered among the very best in their respective fields. SolarWinds is also famous for its free tools, smaller tools which each address a specific need of network administrators. Two good examples of those free tools are the Advanced Subnet Calculator and the Kiwi Syslog Server.
For monitoring routers, SolarWinds proposes the Network Performance Monitor (NPM). It is primarily an SNMP bandwidth monitoring tool. It also offers comprehensive fault monitoring and performance management and it is compatible with most routers. It also comes with many advanced features such as its NetPath feature lets you view the critical network path between any two monitored points on your network or the ability to automatically generate intelligent network maps.
- FREE TRIAL: SolarWinds Network Performance Monitor
- Download Link: https://www.solarwinds.com/network-performance-monitor/registration
The tool’s Network Insights functionality allows for complex device monitoring. It can monitor Software Defined Networks (SDN) and also has built-in Cisco ACI support as well the ability to monitor wireless networks and to generate network performance baselines. Other interesting features of the NPM include advanced alerting and its PerfStack performance analysis dashboard. The SolarWinds Network Performance Monitor is a highly scalable tool that can be used on any network from the smallest to the largest.
The SolarWinds Network Performance Monitor’s pricing structure is quite simple. Licensing is based on the number of monitored elements. Five licensing tiers are available for 100, 250, 500, 2000, and unlimited elements at prices ranging from $2 955 to $32 525, including the first year of maintenance. If you’d rather give the tool a test run before committing to a purchase, a free 30-day trial version can be obtained.
2- PRTG Network Monitor
The PRTG Network Monitor from Paessler AG is another great product. It is, at its base, an SNMP monitoring tool. However, thanks to a concept called sensors—a type of functionality plug-ins that are already built into the product—additional metrics can be monitored. There are about two hundred sensors available with the product. Installation speed is another strength of the product. According to Paessler, you can set it up in a couple of minutes. While it may not be that fast, it is indeed faster than most competitor’s thanks in part to the tool’s auto-discovery engine.
The PRTG Network Monitor is a feature-rich product that lets you choose between a native Windows enterprise console, an Ajax-based web interface and mobile apps for Android and iOS. Alerting and reporting are excellent and the product boasts a wide range of reports that can be viewed as HTML or PDF or exported to CSV or XML to be processed externally.
The PRTG Network Monitor is available in a free version which is limited to monitoring no more than 100 sensors. Each parameter you want to monitor counts as one sensor. For example, monitoring bandwidth on each interface of a 4-port router will use up 4 sensors and monitoring the CPU and memory on that same router will use up 2 more. Each additional sensor you install also counts. For more than 100 sensors—which you will most likely need—you’ll need a license. Their prices start at $1 600 for up to 500 sensors, including the first year of maintenance. A free 30-day trial version is also available.
3- ManageEngine OpManager
The ManageEngine OpManager is a complete management solution that addresses most—if not all—monitoring needs. The tool, which can run on either Windows or Linux, is loaded with great features. For instance, its auto-discovery feature doesn’t just add devices to the tool. It can graphically map your network, giving you a uniquely customized dashboard.
The tool’s dashboard is one of its best assets. It is super easy to use and navigate and has drill-down functionality. And If you’re into mobile apps, they are available for tablets and smartphones and will give you access from anywhere.
Alerting in OpManager is another of the product’s strengths. It’s got a full complement of threshold-based alerts that can help detect, identify, and troubleshoot networking issues. Furthermore, multiple thresholds each with their own notifications can be set for every performance metric.
If you want to try the ManageEngine OpManager, get the free version. It is not a time-limited trial version. It is, instead, feature-limited. It won’t, for instance, let you monitor more than ten devices. While this might be sufficient for testing purposes, it will only suit the smallest networks. For more devices, you can choose between the Essential or the Enterprise plans. The first will let you monitor up to 1 000 nodes while the other goes up to 10 000. Pricing information is available by contacting ManageEngine’s sales.
The Best Router Flow Analysis Tools
For a more qualitative view of your network traffic, you need flow analysis tools. They provide much more details on the exact nature of traffic and will typically include views such as top talkers, top protocols or top users, just to name a few. With all the tools on our top list available in a trial version, there’s no reason why not to try one or more of them.
The SolarWinds NetFlow Traffic Analyzer can monitor network usage by application, protocol, and IP address group. It will monitor NetFlow devices and also J-Flow, sFlow, NetStream, and IPFIX. The tool collects flow data, arranges it into a usable and meaningful format and present it to users in a web-based interface. It can be used to identify which applications and categories consume the most bandwidth.
- FREE Trial: SolarWinds NetFlow Traffic Analyzer
- Download Link: https://www.solarwinds.com/network-bandwidth-analyzer-pack/registration
Among the product’s best features, the SolarWinds NetFlow Traffic Analyzer can monitor Bandwidth use by application, protocol, and IP address group. It can also monitor Cisco NetFlow, Juniper J-Flow, sFlow, Huawei NetStream, and IPFIX flow data to identify which applications and protocols are the top bandwidth consumers. The tool will collect traffic data, correlating it into a usable format, and presenting it to the user in a web-based interface for monitoring network traffic. It also identifies which applications and categories consume the most bandwidth for better network traffic visibility.
The SolarWinds NetFlow Traffic Analyzer is an add-on to the Network Performance Monitor, SolarWinds’ flagship product described earlier. You can save by acquiring both at the same time as the SolarWinds Network Bandwidth Analyzer Pack. Prices for the bundle start at $4 910 for monitoring up to 100 elements and vary according to the number of monitored devices. While this may seem a bit expensive, keep in mind that you’re getting not one but two of the best monitoring tools available. If you’d prefer to try the product before purchasing it, a free 30-day trial can be downloaded from SolarWinds.
Scrutinizer from Plixer is not just a flow analysis system. It has the ability to monitor different flow types such as NetFlow, J-flow, NetStream, and IPFIX so you’re not limited in what routers you’ll be able to monitor. The tool offers efficient data collection and can easily scale up to many million flows per second. It can work in physical and in virtual environments and includes some advanced reporting features.
Scrutinizer is available in several versions from the basic free version to the full-fledged “SCR” level which can scale up to over 10 million flows per second while the free one is limited to 10 thousand flows per second and will only keep raw flow data for 5 hours. It could, however, be enough to troubleshoot network issues. A free 30-day trial of all paid versions is available. After the trial period is over, the product reverts back to the free version.
6- ManageEngine NetFlow Analyzer
Last on our list is another tools from ManageEngine called the NetFlow Analyzer. It has a web-based interface that offers a great many different views on your network. You’ll be able to view traffic by application, by conversation, by protocol, and several more options. The tool will also let you set alerts. One could, for instance, set a traffic threshold on a specific router interface and be alerted whenever traffic exceeds it.
The ManageEngine NetFlow Analyzer’s dashboard includes several pie charts displaying top applications, top protocols or top conversations. It can also display a map with the status of the monitored interfaces. Dashboards and reports can be customized at will to include all the information that you need. The tool’s dashboard is also where alerts are displayed in the form of pop-ups. A smartphone client app will let you access the dashboard and reports from anywhere.
The ManageEngine NetFlow Analyzer supports most flow technologies including NetFlow, IPFIX, J-flow, NetStream and a few others. It is available in two versions. The free version is identical to the paid one for the first 30 days but it then reverts to monitoring only two interfaces or flows. For the paid version, licenses are available in several sizes from 100 to 2 500 interfaces or flows.