Part of a managed service provider’s job is to ensure your technology meshes perfectly with the natural flow of business. The best way to do this is by monitoring network activity, watching for trouble spots and examining ways your IT infrastructure can be improved to optimize performance.
The traffic on your website has an expected range based on the day and time, plus statistical variance. Your office computers consume a certain amount of electrical power, and your servers send and receive an average range of daily network packets. Seen from an IT perspective, this status-quo is called a ‘baseline’ because it is the norm from which all abnormal behaviour is detected, and from which improvements can be measured.
The Purpose of Monitoring
Among the vast array of IT monitoring approaches (from simple availability monitoring to comprehensive infrastructure monitoring), the purpose has always been to detect abnormal activity. In the case of availability monitoring, the job is to identify a lack of availability and report any error messages if something goes down. And every monitoring exercise requires one thing to be useful: a baseline. Without it, the programs and admins are unable to translate the information they’re receiving or to identify the unusual from the usual.
Imminent Server Overload
One of the primary applications of network monitoring is the ability to detect when your systems might soon fail. You can set it to watch the entire infrastructure, a single server, or even a single website. The monitoring keeps an eye on the resources used and compares them to the baseline along with any special conditions you’ve programmed the software to look out for. Through constant monitoring and analysis, you can identify when demand, resource, use, or online visitor traffic spikes, potentially putting your website, infrastructure, or business at risk.
In the beginning, the monitoring software doesn’t know what qualifies as overtaxed for your particular network and server configuration, or the patterns of usage that might indicate a risk of overload in the future. The more complete a baseline you create, the sooner your monitoring software can catch potential problems.
Unauthorized Logins
Another useful application of network monitoring is to keep track of who comes and goes on your business and public network. If you have login or key-card authorized systems within your building or accessible on the Web for remote users, every login creates a sign of data movement on your network. Without a baseline, monitoring will quietly make note of each login attempt and success without knowing what is or isn’t normal.
With a solid baseline of normal schedules, login credentials, and connection protocols, network monitoring can tell you if someone has tried to access your network in an unusual way. While there may be a few alerts about employees working late, logins that happen in the small hours of the morning, attempted logins from connection methods not intended by your interface, authorization granted outside of standard procedures can all be used as signals that someone unauthorized may be trying to access your network.
Malware Activity
Barring a few exceptions, malware is built to be sneaky. Most slip unnoticed onto your network and quietly use your resources for malicious intent like distributing spam from your IP address (potentially getting you black-listed) or spreading more malware to your local network. Malware often relies on its lack of UI, hiding its processes, and working only when the computer is idle. But it still requires resources, which monitoring software can reveal – providing you’ve established the all-important baseline.
Let it know exactly which ports you have open and how they’re guarded so that if, for example, a remote-access-toolkit (RAT) equipped malware program opens a ‘secret’ port that avoids your firewall, the monitoring software will know it’s unauthorized and send you a detailed alert.
Infected IoT Devices
Businesses are starting to take advantage of the incredible convenience offered by well-thought-out IoT devices. Smart wifi-enabled security cameras, thermostats, lights, coffee pots, and self-watering plants are all incredibly useful and can save a surprising amount on energy bills through smart off-switching and scheduling protocols. However, as useful as IoT devices are, they are also terribly insecure. From one device-type to the next, you’re hard-pressed to find the same operating system, and many have profound security flaws that cannot be changed. These vulnerabilities expose them to hacking, often adding them to a botnet for DDoS attacks.
Your network manager can help here, too. If one or more of your IoT devices become infected with a botnet program or other IoT malware, this can significantly change their wifi habits. The hacker has to send and receive signals to control your IoT device for whatever purpose, and they have to do it through your wifi network because that’s how the devices contact the rest of the world. With a clear baseline of your IoT device’s normal wifi activity, a sudden change is immediately obvious. The monitoring software will alert your admins who can then wipe the device, improve the security, and if appropriate, return it to service.
***
Network monitoring is an essential aspect of any tech-dependent business. However, most lack the internal expertise, choosing instead to outsource the service to an MSP.
That’s where ServiceTree comes in. For MSPs with an eye to revenue growth, consistent service delivery and scalable processes, ServiceTree is a dream to use. Learn why here.