In an ideal world, network bandwidth would be infinite and networks would never get congested. Unfortunately, we don’t live in such a world. Networks do get congested and suffer all sorts of problems due to insufficient bandwidth. Plus, with application handling more and more data, they need to move more data through the network and that requires constant upgrades to network speeds. To make sure you keep a close eye on your network and the evolution of its usage, you need to monitor it. SNMP, which is built into virtually every network-attached device is by far the best way to monitor networks. Read on as we review the five best SNMP network monitoring tools.
Before we reveal our best SNMP network monitoring tools, we’ll first discuss bandwidth monitoring in general, why you need it and how it can be done and how it can help avoid all sorts of issues. Next, since this article is about the best SNMP network monitoring tools, we’ll try to briefly explain what SNMP is and how it works. We’ll try to keep is as simple and non-technical as possible while still giving you the information you need to understand and implement SNMP monitoring. And finally, we’ll reveal the five best SNMP network monitoring tools and briefly review each one.
The Need For Bandwidth Monitoring
When you’re a network administrator, congestion is your number one enemy. If you compare a network to a highway where traffic is the network’s data, network congestion is similar to traffic jams. But unlike automobile traffic–where congestion can easily be spotted by simply looking at the road–network traffic happens within cables, switches, and routers where it’s invisible. Furthermore, it all happens at the speed of light. Even if you could see it, it would happen too fast. This is why network monitoring tools are so important. They provide network administrators with the visibility they need to keep things running smoothly. Once you detect congestion or other issues, you can take the necessary measures to fix it.
Another major reason for monitoring networks is capacity planning. There doesn’t appear to be a way around the fact that network usage always grows over time. The current bandwidth of your network might be sufficient now but they’ll eventually need to be increased. And by monitoring bandwidth usage, you’ll be able to plan network update before overutilization becomes a problem.
Three Ways It Can Be Done
There are several ways that can network utilization can be monitored. One way is to capture packets at a given point on the network. It will give you a detailed visibility over what’s happening at this particular point but nowhere else. If your networking equipment supports it, you can have it send out flow data to a flow analyzer that will report on what users, devices, or applications are using the network. And finally, you can use SNMP–which, as we said, is built into every networking device–to periodically poll devices for interface counters which you can use to calculate and graph bandwidth utilization. Let’s briefly examine how each one work.
1. Packet Capture
Packet capture is mostly used to troubleshoot specific network issues once you’re aware of them but it’s rarely used for usage monitoring. With packet capture, every data packet in and/or out of a specific device’s interface is captured and decoded. So, while it’s clear that packet capture tools are an invaluable tool for network administrators, they are not the best to just keep an eye on things to ensure all is running smoothly.
2. Flow Analysis
NetFlow is and its multiple variants and evolutions such as J-flow, IPFIX, or sFlow, for example, is a network flow analysis system. Devices that support flow analysis collect information about each data flow–hence the name–which they then sent to a flow collector and analyzer. It can give you detailed qualitative information about your network’s utilization but, if all you want is to monitor bandwidth, it might be more than you need. And if you factor in the efforts required to put it in place, you’ll quickly realize it might not be the best tool for you. At least, not just yet.
If you want more information about flow analysis and the best NetFlow Collectors and Analyzers, read our recent article: Best NetFlow Collectors and Analyzers For Windows: Reviewed in 2018.
SNMP–which stands for Simple Network Management Protocol–is a complex system that can be used to remotely monitor, configure and control many different types of networking equipment. Unfortunately, the only thing simple about it is its name. And implementing it can be a complex task.
Fortunately, you don’t have to know everything about SNMP to use it to monitor your network’s bandwidth utilization. For now, let’s just say that SNMP is used by monitoring tools to read device’s interface counters and use that data to calculate and graph bandwidth usage over time. In the next section, we’ll go into more details on some of the inner workings of the SNMP protocol. This way, you’ll have enough information to configure and use any SNMP network monitoring tool.
While most texts about SNMP will tell you about MIBs and OIDs, you don’t have to know everything about SNMP to use it. It’s somewhat like a car. You don’t have to know all about how the engine works to use one. Our goal today is to give you enough information so that you can understand, use, and configure SNMP network monitoring tools, not to make you an SNMP expert. That will come with experience.
The first thing one needs to know about SNMP is how to connect to an SNMP-enabled device. On each SNMP device, two parameters called community strings can be configured. You can think of these as the SNMP password. The two community strings are called public and private. The public string is used for read-only access while the private string will let one modify some parameters.
So, let’s say that your SNMP network monitoring system connects to one of your network devices using the private community string. It will then retrieve a list of all the useful parameters that can be read from that device. Of particular interest when it comes to bandwidth monitoring are a few parameters called interface counters. There’s usually a set of them for each network interface of an SNMP-enabled device.
Most SNMP network monitoring systems will mainly be interested in two parameters: bytes in and bytes out. By reading these values periodically at know intervals, the monitoring tool can compute the number of bits per unit of time–usually per second–which is exactly what bandwidth is.
Concretely, here’s how it’s done: The monitoring tool will poll a device and read its counters. Then, five minutes later, it will read the same counters again. By subtracting the previous value of the counters from the current one, the total number of bytes transferred in and out over the past five minutes is obtained. It is then a simple matter to multiply these numbers by 8–the number of bits in a byte–then divide the results by 300–the number of seconds in five minutes–to get the bits per second bandwidth utilization figures. Those figures are typically stored in some sort of database and used to plot graphs of utilization over time.
A few other SNMP values can be of interest in network monitoring. For example, there are interface input and output error counters. Similar to what’s being done with bytes in and out, these values can be used to compute the number of errors per second, a figure that tells you a lot about the general health of a network link.
SNMP Traps — Another Feature Of SNMP
While not directly related to SNMP network monitoring SNMP traps are such a great feature that we thought they were worth mentioning, if only for your personal enlightenment. In a nutshell, SNMP traps are alert messages that are sent by SNMP-enabled devices to “trap receivers”, a process running on a computer that receives the traps and perform various actions such as logging them, displaying on-screen alerts, sending out email or SMS alert messages, etc.
Administrators normally need to configure on each device which traps are sent and to where they are sent. That makes it a very flexible albeit configuration-heavy alerting system.
The Best Free SNMP Monitoring Tools
Now that you know the basics about SNMP network monitoring and how it works, let’shave a look at five of the best SNMP network monitoring tools you can find. Some are free tools which might be limited in their capacity while others are fully functional tools, either free or paid. They might require quite a bit of configuration to get them working to your liking but some come with discovery mechanisms that will find devices and sometimes offer some degree of automatic configuration.
SolarWinds is one of the major players in the network administration tools field. The company has been around for around 20 years and has brought us some of the best tools. It also has a solid reputation for making great free tools that, even though they are sometimes feature-limited, are still excellent tools. SolarWind’s current flagship product is called the Network Performance Monitor, or NPM. It’s actually a suite of many tools which do include one of the best SNMP network monitoring tool.
The SolarWinds Network Performance Monitor is a Windows application which, as you’d expect, uses SNMP to poll multiple network devices and gets traffic statistics from their interfaces. The results are shown visually on graphs depicting each interface’s usage statistics. You can add a device to the tool by simply specifying its IP address and SNMP community string. The tool will then query the device and list all the parameters that are available and let you decide which you want to include on your graphs. For example, a network switch will expose each interface traffic and error counters.
There are many more features to the Network Performance Monitor. One of the main ones is its scalability, The tool will work with small networks but will easily scale up to large networks consisting of tens of thousands of hosts spread out in multiple locations. NPM can also build network maps and display a visual representation of the critical path between two devices or services. For more details, you should visit the product’s page on the SolarWinds website.
FREE TRIAL download link: https://www.solarwinds.com/network-performance-monitor
2. ManageEngine SNMP Bandwidth Monitoring Software
ManageEngine has complete and easy solutions for even the most difficult IT management problems. This bold statement is how the company self-describe itself, with reason. ManageEngine is well-known for its high-quality software, including several network monitoring tools.
ManageEngine also has some free tools available. One we particularly like is the SNMP Bandwidth Monitoring Software. It is part of the ManageEngine free OpUtils bundle, which comprises a selection of some 16 network management utilities. The software runs on both Windows and Linux. You can get a free edition which allows monitoring up to 10 devices and their interfaces. ManageEngine also has a paid version with no device limitation. And ManageEngine offers a free 30-day evaluation version of its full OpsUtil software. In fact, the free version is first installed as a 30-day trial which reverts to limited features on the thirty-first day.
As far as configuring the tool goes, you simply specify a subnet to scan as well as the SNMP community string to use. The tool will then auto-discover devices on the specified subnet that are responding to the specified string. Once the devices are discovered, the inventory tab will let you view the status of each device’s interfaces. And of course, you can also display graphs of network bandwidth usage by unit of time.
Reports is another of the tool’s strong suits, You can, for instance, create reports of bandwidth usage over the past 12 hours to one month. And finally, the tool’s alerting features leave nothing to be desired. You have the possibility to set thresholds and be notified by email or SMS text messages when they’re exceeded.
The Multi Router Traffic Grapher, or MRTG, can be considered the granddaddy of SNMP monitoring tools. Still in widespread usage, it’s been around since 1995. There’s a reason for this longevity: it gets the jon done. It is a totally free and open-source system. MRTG might not be the fanciest and the prettiest but it is possibly the most flexible. MRTG can monitor many parameters besides bandwidth. In fact, it can monitor, log, and graph any SNMP parameter.
The two main components of MRTG are a Perl script that reads SNMP data from target devices and a C program that takes the data, stores it in a round-robin database and create web pages with bandwidth utilization graphs. The fact that it is mostly written in Perl lets anyone customize the software to their specific needs. MRTG is available for Windows or Linux. The initial setup and configuration might be somewhat more complicated than what you’d experience with other monitoring systems but documentation is readily available.
Installing MRTG requires that you first install and configure Perl. It won’t run without it. There’s a way you can run MRTG as a Windows service instead of an application but it requires some further manipulations including some registry modifications. Once installed, MRTG is configured by editing its configuration file in a true old-style Linux fashion. Administrators used to GUI configuration could face a steep learning curve.
MRTG is best downloaded directly from its developer’s website. It is available as a .zip file for windows or a tarball for Linux. As of this writing, the latest stable release is 2.17.4.
MRTG might not be the most user-friendly monitoring system, we know that. But still, it is possibly the most flexible one. And the fact that it’s the first monitoring system and that it is still around is a testament to its value.
Cacti can be thought of as MRTG on steroids. If you look at any of Cati’s graphs, you’ll find that the resemblance to MRTG’s is striking. Cacti is built upon RRDTools which is from the same developer and is a direct descendant of MRTG.
Cacti is more polished than MRTG with a web-based configuration interface that makes configuring it much easier and more intuitive. It is a complete network monitoring and graphing package. The tool boasts a fast poller, advanced device and graph templates, several acquisition methods, and user management features. It is excellent for smaller LAN installations but just as good for complex networks with thousands of devices over multiple sites.
To better understand Cacti, you need to know more about RRDtool. According to its developer “RRDtool is the OpenSource industry standard, high-performance data logging and graphing system for time series data. RRDtool can be easily integrated into shell scripts, Perl, Python, Ruby, Lua or Tcl applications.” RRDtool is a direct descendant of MRTG. If you recall how we said that MRTG uses a C program for data storage and graphing, RRDTool is the evolution of that C program.
In a nutshell, Cacti is a frontend to RRDTool. It stores the necessary data to create graphs and populate them with data in a MySQL database. It is entirely written in PHP. The software maintains its graphs, data sources, and round robin archives in a database and also handles the data gathering, leaving the graphing to RRDTool. Cacti is a step up from MRTG. As a matter of fact, many Cacti users–including yours truly–are former MRTG users. I got into Cacti when I needed to replace MRTG with something that was easier to configure and use as the network I was managing kept growing. Cacti can be downloaded directly from its own website
Finally, let’s talk about the Paessler Router Traffic Grapher or PRTG. Paessler–a German company–offers this excellent monitoring solution which closely resembles Cacti or even MRTG. It’s possibly why the product’s acronym so closely resembles MRTG’s. It has, however, a more polish and professional feel to it.
According to Paessler, you can set up PRTG in a couple of minutes. This may be an overstatement and our experience reveals that it will take you a bit longer than that to get it fully configured. Still, we have to admit that setting the product up was an exceptionally easy experience.
And when it comes to its features, They are impressive. First, you can choose between several different user interfaces. There’s a native Windows enterprise console, an Ajax-based web interface as well as mobile apps for Android and iOS. One feature of the mobile apps we particularly loved is the possibility to scan a QR code label that you can print from the software and affix to your devices to be instantly taken to the device’s graphs.
And talking about graphs, this is another area where PRTG shines. PRTG can not only monitor and graph bandwidth utilization. It can record many more parameters using SNMP, WMI, NetFlow, and Sflow. The tool has some amazing reports which can be run on-demand or be scheduled and then be viewed as HTML or PDF. you can even export them to CSV or XML to be processed externally.
The Paessler website lets choose between two different versions of PRTG. There’s the free version or the free 30-day trial version. The former will limit your monitoring ability to 100 sensors. Paessler counts each parameter that you want to monitor as one sensor. For example, monitoring bandwidth on each port of a 48-port switch will require 48 sensors. And if you also want to monitor the switch’s CPU and memory loads, you’ll need two more sensors.
All of the five best SNMP network monitoring tools we’ve just presented are great products. The one you’ll choose will mostly depend on the degree of flexibility you need. Just keep in mind that flexibility often rhymes with complexity. But since all our suggestions are either free or have a free trial available, what’s stopping you from trying them all and see for yourself which one best matches your specific needs.