Although this development isn’t a complete surprise, its pace was accelerated during the pandemic when technology adoption by small and midsize businesses (SMBs) got fast-tracked by five years. This left IT professionals in the lurch as the portfolio of devices to be managed increased exponentially. Markets acted quickly and developed bespoke solutions for each device type; for example, you could get a Mac tool for Mac management and a cloud tool for cloud management.

This became a boon and a curse at the same time. On the one hand, IT professionals had a way to manage various devices, but on the other hand, they had to juggle multiple device management tools, work with 10 different vendors and keep a tab on all of these contracts. Thus began the search for a unified tool that could do it all without a hassle.

This blog will briefly explain how IT professionals can effectively manage and control various network devices using a single cutting-edge solution. Dive in.

How To Remotely Control Network Devices

Multifunctional IT professionals require an integrated and unified IT management and security platform that is purpose-built to address their complex needs. VSA is that solution and offers complete IT management via a single-user interface. With a single click, VSA creates a secure communication channel to initiate a remote-control session for managing devices like routers, firewalls, switches and printers, on any network.

Networking devices are well-designed to be managed remotely, as even the old school routers could be configured and managed through a command-line interface (CLI). VSA’s remote control feature allows you to fully control/manage agentless devices without needing to install a VSA agent on them. So long as the vendor offers the option, you can remotely change anything about the current device configuration.

Use Cases for Network Device Remote Control

Network device management via remote access is not just quicker but more efficient, and you can manage security more effectively.

Rebooting

Besides your desktops, laptops and mobile devices, your network devices also need timely rebooting. It could be a bug fix, a performance improvement or a firmware update. VSA allows you to remotely reboot a network device, whereas, in the past, you had to have the device in front of you. The most compelling use case of the remote rebooting feature is the ability to shut down an interface to stop a broadcast storm, which can occur due to misconfigured networking switches.

Firmware or Software Updates

Firmware is a software that comes preinstalled on networking devices like routers and printers. It ensures networking devices follow instructions correctly and perform their functions as expected. Firmware also protects devices from malware and gives administrators a convenient way to manage device settings.

Just as you must update your operating systems (OS) and other software application regularly, firmware must be updated, too. Keep firmware patching up to date and remediate critical vulnerabilities remotely with VSA to maintain security of your IT infrastructure. It is a crucial security practice to keep your networking device from being used as a backdoor for a cyberattack. The firmware update can also introduce new features and fix performance-draining bugs. You can efficiently address the difficulties associated with patching firmware by automating the entire process using Kaseya VSA.

Configuration Updates

Networking devices may require configuration updates from time to time to either fix performance issues or troubleshoot a potentially dangerous problem. Consider the verbose logging feature. Whether you need to turn it on to troubleshoot an issue or activate it for additional logging, you can enable the function remotely using VSA to access information quickly.

Manage Your Network Devices With VSA

If you’re using bespoke software for network device remote control or your endpoint management solution (RMM) can’t manage networking devices remotely, it’s time to upgrade. With VSA, you can access state-of-the-art remote network management features and more from the get-go. Request your free demo today to see how you can manage all your device from one platform.

The post The How and Why of Networking Device Remote Control appeared first on Kaseya.

Network monitoring is a key function for maintaining IT service availability. It enables technicians to quickly detect and respond to an issue with a network device, such as a switch or a router, that could disrupt a service to all downstream devices and users.

A key requirement for quickly finding and fixing the root cause of an IT incident is gaining visibility of the entire IT network. This includes all agent-based devices, such as Windows, Mac and Linux devices, and agentless devices, such as routers, switches and printers, on the network. The discovery process allows the endpoint and network management tool to build a network topology map, as shown in the screenshot below.

Being able to visualize the entire network and see all of the device connectivity can be a huge timesaver for network admins that are troubleshooting an issue. The topology map can show the up/down status of the endpoints and network devices as well as whether there are any active alarms for that device.

IT technicians employ a network management system (NMS) to monitor network devices (e.g. routers and switches) and printers, using the Simple Network Management Protocol (SNMP).

SNMP allows the NMS to communicate with the network devices by sending messages that query Objects in the Management Information Base (MIB). The NMS can query the device for operational status, data errors in and out of the device, bandwidth in and out, and more. Network monitoring enables technicians to constantly monitor an IT network for poorly performing or failing devices.

Network monitoring allows IT teams to be proactive in spotting and resolving issues before they turn into major problems that could affect business productivity.

Simplify Network Monitoring With Kaseya VSA

Kaseya VSA provides standard SNMP device monitoring for routers, switches and printers.

Kaseya VSA’s “zero-configuration” standard SNMP monitoring means the only thing you have to do to enable this function is check a box and you’re done.

Kaseya VSA automatically configures standard SNMP monitoring using best-practice-based thresholds. It collects the following data for SNMP devices:

Network Devices (Routers, Switches)

Collect interface metrics for operational status, bandwidth in and out, and errors in and out

Printers

Printer Operational Status, Printer Current Status, Detected Error State, Printer Cover Status (1st door)

For monitored devices, Kaseya VSA can take the following user-selectable actions if an alert occurs:

• Create an Alarm
• Create a Ticket
• Email Recipients

Triaging Networking Issues

When an alert occurs, depending on what actions have been selected, as shown above, the network admin may see an alarm on the Network Topology Map in VSA. Or, they could get an email notification or be assigned a new service ticket that describes the networking issue. If there’s an active alarm on the topology map. the technician can jump to the Alarm Summary page for that device (see screenshot below).

Technicians can also drill down and get more detailed information on the device in the VSA QuickView window.

All of these features allow technicians to quickly detect and resolve networking issues and help them keep IT systems and services up and running.

Benefits of Kaseya VSA’s SNMP Device Monitoring

Kaseya VSA’s SNMP device monitoring enables technicians to monitor and manage all network devices and endpoints from a single pane of glass. Kaseya VSA’s network monitoring enables you to:

• Easily deploy SNMP monitoring with “zero-configuration”
• Quickly detect and respond to network device alerts
• Gain complete visibility of your networks and device status with the topology map
• Easily see if a device has any open alarms
• Resolve IT incidents quickly to maintain system and service availability

Network monitoring is one of the most critical functions for ensuring the smooth operation of your business. To learn more about how you can simplify network monitoring and management and maintain system uptime with Kaseya VSA, download the feature sheet now!

The post Identifying and Resolving IT Networking Issues appeared first on Kaseya.

In this blog let’s take a deeper dive into what SNMP is and what it does.

What Is SNMP?

SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). SNMP is mostly used to monitor devices on a network like firewalls, routers, switches, servers, printers and so on. It facilitates the exchange of information between network devices and network management systems (NMS). Those NMS tools use a variety of SNMP messages to monitor and manage the network devices (aka network elements).

How Does SNMP Work?

As mentioned in this TechTarget article, SNMP relies on the concept of a management information base (MIB) which is a database that contains management data (variables) about the status and configuration of a network device. The MIB database is organized hierarchically and is extensible so that SNMP devices can define which variables are available and how they are organized. Every object in the device that can be queried has a unique object identifier (OID).

SNMP allows the NMS to communicate with the network devices by sending messages called protocol data units (PDUs).

There are four main components in an SNMP system.

SNMP Components

1. The Manager – An SNMP manager is the network management system (NMS) that is responsible for communicating with the SNMP devices on the network. It generates commands and receives responses from the SNMP agents on the device.
2. The Agent – An SNMP agent is software that is bundled with the network device. It receives SNMP requests for information and responds to the manager, and/or gets commands to perform an action, such as reseting a password.
3. Network Devices – These are the devices on which the SNMP agents are configured and enabled.
4. MIB – Every SNMP agent collects and maintains information about the network device. This information is stored in the MIB database and is used to supply the response to a Manager request.

SNMP Protocol Data Units

Commands or messages sent between SMNP manager and an SNMP agent are usually transported over User Datagram Protocol (UDP) or Transmission Control Protocol/Internet Protocol (TCP/IP) and are known as protocol data units (PDUs).

There are seven basic SNMP PDUs:

1. GetRequest: This is a request sent by the SNMP manager to the managed device. Performing this command retrieves one or more values from the managed device.
2. GetNextRequest: This request retrieves the value of the next Object Identifier (OID) in the MIB tree.
   1. An OID is an identifier used to name and point to an object in the MIB hierarchy. Each network device has its own MIB (that includes information such as system status, availability and performance information). Each piece of this information is known as an object and identified by a specific OID.
3. GetBulkRequest: The GETBULK operation is normally used for retrieving large amount of data, particularly from large MIB tables.
4. Set Request: SNMP SET operation is used by the managers to modify or assign the value of the managed device.
5. Traps: TRAPS are alert messages sent to the SNMP manager by the agent when an event occurs.
6. InformRequest: This feature allows SNMP agents to send inform requests to SNMP managers. While this sounds similar to SNMP TRAPS, there is no way of knowing whether an SNMP TRAP has been received by the SNMP manager. However, in this case, the inform requests are sent continuously till an acknowledgement of reception is triggered by the SNMP manager.
7. Response: This request is used to carry back the values or signal of actions directed by the SNMP manager.

How Is SNMP Implemented?

SNMP is typically implemented using the User Datagram Protocol (UDP), as the transport protocol for passing data between managers and agents.

As this Oracle document on SNMP configuration explains, SNMP usually uses the following user datagram protocol (UDP) ports:

• 161 for the agent
• 162 for the manager

The basic protocol for communications between manager and agent is as follows:

• The manager can send requests from any available port to the agent at port 161. The agent then responds to that source port, to the requesting manager.
• The agent generates traps or notifications and sends them from any available port to the manager at port 162.

SNMP Versions

There are three versions of SNMP, which are SNMPv1, v2, and v3.

SNMPv1 – The first version of the SNMP provided minimum network management functions. SNMPv1 is considerably less secure than SNMPv3 as there is no control as to who on the network is allowed to perform SNMP operations and access the objects in a MIB module. The protocol operations performed through SNMPv1 were Get, GetNext, Set, and Trap.

SNMPv2 – This version failed to improve on security. New protocols included GetBulk and Inform. While this version was more powerful than SNMPv1, it was also more complex.

SNMPv3 – This version introduced enhanced security for managing IT systems and networks. Authentication, access control and encrypted data packages were some of the key components used to significantly enhance the security options in SNMPv3.

SNMPv3 supports the following set of security levels:

• Communication with no authentication and no privacy (noAuthNoPriv) – This means no security is applied to messages, usually used for monitoring
• Communication with authentication and no privacy (authNoPriv) – Messages are authenticated but have no privacy, usually used for control
• Communication with authentication and privacy (authPriv) – All messages are authenticated and encrypted.

Kaseya VSA monitors both VSA-agent-based and agentless (i.e., SNMP) devices on the network, thus allowing IT teams to identify and troubleshoot issues and keep networks and systems up and running.

As organizations grow, so does the complexity of their IT networks. Kaseya VSA enables IT technicians manage these complex networks and maintain a high level of uptime and performance.

You can learn more about Kaseya VSA here or request a demo here.

The post SNMP: Understanding Simple Network Management Protocol appeared first on Kaseya.

What is RMON?

Remote network monitoring (RMON) is the process of monitoring network traffic on a remote Ethernet segment to detect network issues such as dropped packets, network collisions and traffic congestion. One of the most successful network management protocols, RMON was originally developed by the Internet Engineering Task Force (IETF), an open organization made up of network designers, operators, vendors and researchers, that develops and promotes voluntary Internet standards.

Developed specifically to help network administrators remotely monitor and analyze data that is collected from local area networks, RMON allows for the collection of network data from LANs without having to reach the site and set up equipment.

With RMON, you can set performance thresholds and generate alerts when the threshold is breached, allowing for proactive network management.

How Does RMON Work?

RMON probes or RMON agents are hardware/software components or software embedded into a network device, such as a router or a switch. Typically, the RMON probe is put on just one device or interface on a TCP/IP subnet. The probe software usually runs on the port of the network device to capture information and statistics on network protocols and traffic activity. It can relay this information back to a remote network monitoring console for analysis and reporting.

With an RMON console, network admins can monitor networks, save logs, capture historic performance and get notified in case of an issue – all without interfering with normal operations.

What Is the Difference Between RMON and SNMP?

Simple Network Management Protocol (SNMP) is an application-layer protocol for monitoring and managing network devices on a local area network (LAN) or wide area network (WAN) and is sometimes even used to configure remote devices. SNMP agents are typically included with all network devices to allow communication with the network management system.

As noted earlier, RMON is an extension of SNMP and provides nine groups of monitoring elements to allow the capturing of detailed network information. This data pertains to the physical layer (Layer 1) and the data-link layer (Layer 2) of the OSI model. As RMON agents monitor data over LAN networks, the accumulated information is retrieved by the RMON console using SNMP commands.

SNMP was originally developed as a mechanism for managing Transmission Control Protocol/Internet Protocol (TCP/IP), and Ethernet gateway, an extension of SNMP, was created to allow monitoring of remote networks.

An SNMP device, such as a hub or router, usually needs additional software installed on it to provide RMON functionality and turn it into a probe.

RMON1 and RMON2

There are two remote network monitoring specifications – RMON1 and RMON 2. RMON 2 is an extension of RMON1. It adds nine more groups of data that pertain to the network layer (Layer 3) and application layer (Layer 7) of the OSI model.

RMON1 Management Information Base (MIB) – a hierarchical database that defines the information that an RMON console can request from an agent using SNMP, and provides traffic statistics at the Media Access Control (MAC) and physical layers, such as:

• Statistics – Information such as packets dropped, packets sent, bytes sent (octets), broadcast packets, and multicast packets
• History – Historical data of already selected statistics
• Alarm – Alarms set through SNMP traps are sent when statistics for an event exceed the defined thresholds
• Hosts – LAN statistics for each host (e.g., bytes sent/received)
• Hosts top N – Record of N most active connections in a specific time frame
• Matrix – Traffic matrix for data sent/received between two systems
• Filter – Bit-filter type (mask or not mask), filter expression (bit level), conditional expression (and, or, not) to other filters
• Packet Capture – Includes information, such as size of buffer for captured packets, full status (alarm), and number of captured packets
• Events – Information about event type, description, last time event sent
• Token Ring – Additional statistics for Token Ring networks

RMON2 MIB provides insights into RMON1 traffic statistics by specifying the protocol and applications that compose that traffic. This knowledge is critical to maintaining and troubleshooting today’s client/server environments. The information provided by RMON2 MIB is as follows:

• Protocol Directory – Lists the inventory of protocols that the probe can monitor
• Protocol Distribution – Maps the data collected by a probe to the correct protocol name that can then be displayed to the network admin
• Network Layer Host – Counts the amount of traffic sent from and to each discovered network address
• Network Layer Matrix – Counts the amount of traffic sent between each pair of discovered network addresses
• Application Layer Host – Counts the amount of traffic, per protocol, sent from and to each discovered network address
• Application Layer Matrix – Counts the amount of traffic, per protocol, sent between each pair of discovered network addresses
• User History – Combines mechanisms from the Alarms and History groups to provide history collection based on user-defined criteria
• Probe Configuration – Controls the configuration of RMON features
• RMON Conformance – Describes conformance requirements

RMON2 agents can also monitor the traffic coming to the LAN via routers and not just at the LAN to which it is attached.

RMON2 is not an upgraded version of RMON1 and cannot be considered as a replacement. For complete remote network monitoring, both RMON1 and RMON2 capabilities are required.

Remote Network Management With Kaseya VSA

Kaseya VSA’s network visualization capabilities allow IT teams to remotely identify potential problem sources on the network so they can resolve them more quickly. With VSA, you can automatically discover all endpoints on the network, including Windows, Mac and Linux devices, as well as routers, switches and firewalls. IT techs can move easily from viewing the endpoint on the network topology map to remotely accessing the device to troubleshoot an issue.

Learn more about network visualization and network topology maps here.

The post RMON: A Closer Look at Remote Network Monitoring appeared first on Kaseya.

Today that relative simplicity has been replaced with ever increasing complexity. Nowadays, we still have LANs, but they often connect servers to other servers and then feed wireless access points which are how end users get to the network.

At the same time, computing is now more distributed. Applications reside both in-house and in the cloud, and some of these are hybrid so the processing is shared between the two. And rare today is the on-premises server that is not virtualized. This turns one server into many and makes it more difficult to find which VM is causing the problem.

Plus, today’s critical applications serve users in multiple departments and spanning various geographic locations.

Meanwhile, the problems admins attempt to define are varied. Some are deal breakers where the network or an application is brought down. Others involve slow performance ―issues that can be harder to trace.

But wait – it gets even worse.   More and more hackers, with increasing sophistication, are regularly stepping up their attacks. These issues are on top of the normal breakdowns that occur with complex network, server and application infrastructure.

The Problem with Silos

RCA is still the answer to many IT problems, and this search is best kicked off by a solution that creates alarms that are triggered by a system that is enabled by both broad and deep visibility into the network and services.

Unfortunately, traditional monitoring tools tend to operate in silos. They are often focused on on-premises networks, specific applications (including cloud apps), OSes, virtual servers, or bits of network gear such as routers and switches. This makes it tough for system admins to pinpoint the root cause of complex, and often deeply hidden, problems.

IT needs to know exactly what they are monitoring if they are going to be able to fix it. And it is far more efficient to have solution that does just that, versus trying to manually sift through the data and alerts from separate siloed monitoring systems. The answer is to have a monitoring and remediation solution armed with a comprehensive visibility into all network and system elements, as well as the applications and services they provide.

Kaseya Traverse is an advanced network monitoring and management solution that offers this level of insight by intelligently discovering your network, starting with completely mapping all Layer 2 and 3 devices and defining the relationships that exists between all these devices. This includes network connectivity, disks, controllers, VLANs, file systems, fibre channel switches, printers, SAN, NAS devices, and more.

Additionally, this process discovers the capabilities, size, capacity, and other key attributes of each element, and goes on to discover applications running on various devices, such as databases, active directory, radius, DNS, mail, and application servers.

A Service-Centric Approach

Traditional network monitoring and remediation tools focus on network components. That may have worked well in the past, but organizations today are laser focused on  business uptime and that means keeping services running and operating with proper performance.

The right solution lets IT focus on spotting service problems ― not just infrastructure problems ― then diagnosing and ultimately repairing the issue. So instead of just asking if the routing table needs work, IT looks to see if business services such as ERP or CRM are working properly, and if not, why.

With Kaseya Traverse, IT staff can view even the most complex infrastructure based on service-level views. This service-oriented view enables fast root cause analysis, so network and service problems, especially regarding the cloud, are quickly resolved and don’t hold operations up.

One way to explain this is by referencing the traditional seven-layer OSI network model.  With Traverse, instead of just looking at just the lower network layers, you can examine the upper layers, all the way up to Layer 7 – the Application Layer.

The right solution systematically troubleshoots all the layers that support any particular service. In many cases, a problem will initially present at a high layer such as Application.  In this case,  IT drills down deeper and deeper to discover and isolate the true root of the problem – all the way down to the details of network flows. With this approach, IT narrows down the problem as it moves through the layers.  The challenge in complex, dispersed infrastructures is that finding all the IT components that support the application is non-trivial.  Finding which router supports which service, for example, can take hours or even days.

Traverse’s service container technology enables IT and business personnel to create unique virtual views of discrete business services – again, including all OSI layers.  This way, IT can quickly spot all relevant components to discover the underlying issue.  In fact, Traverse makes  the alignment of infrastructure technology with business outcomes a reality.  Because IT can now see the entire landscape for any application or business service, they can be more proactive and preventative with Traverse rather than reactive.  Traverse facilitates decentralized remote infrastructure management, giving all employee levels the control and information they need to do their job based on their specific responsibilities and permissions.

Traverse lets IT create flexible “containers” of applications, devices or tests in order to see the end-to-end performance of a “service.” For example, a “Payroll service” might have a database, a printer, and a payroll application all connected via a network router. This feature allows the user to create a “Payroll Service Container” and monitor all underlying components of that service in a single view. The status of the containers is updated in real time based on the status of its components.

The object-oriented components of the Traverse architecture are capable of automatically determining relationships between problems in the infrastructure and business services. Service containers can also be created to represent a geographic location, a business unit, or a revenue-generating service. Containers can share elements with other containers.  Meaning?  Traverse finds the connections; IT no longer has to spend hours, days or weeks creating maps of their infrastructure.

The Traverse Customer Experience

One customer believes that Traverse keeps them on the leading edge. “The monitoring needs of leading edge companies have evolved due to the rapid adoption of cloud services. Legacy tools simply can no longer keep up,” said Sunil Bhatt, CTO of Allied Digital. “With innovative capabilities such as integrated multi-tenant net-flow, network configuration management and SLA modules, Kaseya Traverse offers an integrated, unified monitoring solution for the new generation of digitally transformed companies.”

Learn more about Kaseya Traverse here.

The post Root Cause Analysis for Complex Networks: The Traverse Answer appeared first on Kaseya.