Network monitoring

mbudke

I am interested to understand how you perform network monitoring.

My target
I would like to see:

• traffic IN per server
• traffic OUT per server
• traffic IN per application
• traffic OUT per application

Preferrable I would like to get this information somehow into Atera to keep a single platform.
Currently you can watch the CPU and memory usage in a nice graph. I would like to get something similar for the network traffic but must be able to either see it per-server or per-application.

Nice to have but not (yet) required:
Display the traffic per user. Each application can be started as a user or system account. Display the used user to run the application. This can be beneficial for terminal server.

The information shall be used to identify potential problems and in worst case data leaks.

Currently I am trialing the following products:

Snort

It can provide the information on a per-server level and additional to that also apply some security rules which is great.
As a disadvantage the per-application level is missing and this configuration must be performed per customer and not globally like e.g. a cloud solution.

Netlimiter

It can provide the information on a per-server and per-application level but you have to login to each server to get the information.

Outstanding testing:

Domotz

I saw it in the Atera Apps but never heard about it before.
From the manual it looks like it can do traffic capturing but just on a per-server level and not on a per-application level.

Threadlocker

It seems network monitoring is not their main task but from the manual it should fulfill what I need.

CloudFlare

I started a trial already but whatever configuration you need you require a higher version.
Their support had less knowledge than me and was an absolut mess talking to them.
The product might be great if you know how to control but their sales and support is not interested in smaller companies at all and poorly trained. I just gave up but proof me wrong if this is your favourite :-)

Zscaler

It is on my list but no investigation yet.

Nordlayer

It is on my list but no investigation yet.

How do you perform such task and any experiences with the software products or not-listed alternatives?

tanderson

@Matthias I've been exploring Domotz recently and I'm quite impressed. This platform is not only cost-effective, but also extremely versatile in providing key notifications such as low ink or paper in printers, as well as facilitating remote access to a client's network devices, thereby eliminating the need for each technician to have a VPN for the client. Additionally, it's compatible with a broad range of devices.

When it comes to network monitoring, I'd place Domotz somewhere between Atera, which handles the basics well, and Auvik, known for its robustness. Despite its affordability, Domotz maintains many of the features that Auvik offers. It's worth noting, though, that Auvik has some unique SaaS management features. However, these come at a significant cost.

In conclusion, Domotz represents a balanced combination of affordability and functionality that's worth considering in your toolset.

kim

I have used Threatlocker and CloudFlare before. ThreatLocker definitely let me do Zero Trust, but was very unforgiving if you are not on top of your whitelist policies. CloudFlare gave me decent reporting and I liked the dashboards. I will check out Domotz as I have not heard of them before.

kim

@sandeep.h I didn't even notice that because I have very little techs, but I am so happy you did, because this would be a huge issue in the future. Thank you and I added my vote to your user voice.