Best Network Monitoring Software

You can use the IP SLA feature running on Cisco routers. As so, you can define many protocols to monitoring. You have to confogure a router as IP SLA sender and many routers or devices as IP SLA responders. Depending of the feautures of the responders, you can see ICMP, UDP, TCP responders. If you have VoIP responders, you can monitor also the jitters and the MOS values.

All of this results are loaded in the IP SLA sender router. The you can see theses statistics (history, graphs) with monitoring tools, as PRTG or WUG. Are you working with Cisco devices? If yes, this is a great and powerful way.

I have seen Nagios, PRTG and ManageEngine

These are all appropriate tools. Just adding my own experience as having the opportunity to have worked with all.

Nagios , easy to implement, agents easy to install, interface management for alerts: good

PRTG , easy to implement, agents very easy to install, interface management for alerts: good

ManageEngine is more modular to implement, agents easy to install, interface management for alerts: very good

Using LogicMonitor, you can monitor network equipment and servers, I think this depends on your equipment,

Nagios XI is the commercial, easier-to-use version of the Nagios core open source version, but still has the extensibility of core. Tends to be very price competitive too.

PRTG is the best that I have used ever, Check its sensors and If you didn't find the sensor that you are looking for you can create your own one meanwhile you can request it from the development team.

https://www.paessler.com/prtg">https://www.paessler.com/prtg

I kindly suggest Manage Engine Opsmanager.

Expectation setting and network segment focus are two of the most important actions that I look to take when looking at network performance and optimization. As an ex-Cisco TAC agent, "the network is slow" was the constant drone on the phone from many a customer. "The network works, no excuses" was the company mantra, in the 1990-2000 decades when I was there. But, the reality was the most of the solutions were a matter of discussing anecdotal observations with the Customer while mapping-out a crude topology. Rarely did we get a Customer with a topology map. We did this so often, that most of us bought magnetic drawing pads, at Toys'R'Us, to quickly draw and erase topologies from case-to-case. It sure saved on paper and ink.

1.) Are my users trained enough to understand that a slow network can be the internal corporate network OR the Internet OR both?
2.) Can my users understand that performance is anchored on the LAN or WLAN separately and at the junctures of these two segments?
3.) Do my users understand that an overcrowded ZOOM site, on the Internet, may be killing their VTC and NOT the company networks?

Then, there are the financial questions;

1.) Can I find a tool that will let me see clearly what my LAN, WLAN, and WAN? At a great price and with great support?
2.) Should I hire someone who knows how to deal with the integration of OpenSource tools that have been used for years?
3.) I have a Windows environment with some MacOS. Why should I have to learn and set up a *NIX system just to run OpenSource tools?
4.) I heard PRTG r-o-c-k-s, BUT, it may be overkill for my network. Sophos, Sonicwall, ConnectWise Automate, Auvik and other such tools may be all I need.
5.) I've got new 10Ge and 40Ge segments that came with my SAN. Can these tools adjust to analysis on these higher speeds?

My suggestion;

First, make sure you empower your users with a tool that will help them figure out where the slowness is occurring. I would highly suggest contacting ookla.com, the speedtest.net folks, and look into there corporate product. You have iPerf agents that they customize for use on Android, iPhone, Windows, MacOS, *NIX, etc. Your users use the app or internal website to run tests to determine whether the LAN or WLAN are having issues OR whether its the internet. The apps can be customized for company logo, support links, etc. as much as the web site format. It stopped a lot of unnecessary user complaints to the Help Desk.

Once you got your users set at the right expectations and empowered with an effective tool, you can work on finding the omnipresent, inexpensive and well-supported tool or tools that can help you make sense of what your network segments are doing and how to tune/optimize, thereafter, should that be required.

1. able to monitor the CPU, Memory, Response Time, latency, packet loss, Interfaces traffic, and Bandwidth utilization
2. able to trace the connectivity of each devices
3. capability to create an alert
4. capability to generate a report
5. all or most of the devices should be supported.
6. Must be a user-friendly

Cost, how many feature supported by the tools and complexity to maintain

Historical graphical display of all the common metrics(bandwidth, latency, jitter, etc.) that should be monitored on an network.

Network performance, monitoring and reporting software shoud have (visible) feature set suited for the purpose. Users must feel themselves confident to use it. Intuitivity. Stability and reliability as well as speed is a must (appropriate application code language). Also I am looking for a highly configurable alerting.

Typically I'm looking for latency, packet loss, total bandwidth utilization, QoS and jitter.

The most important criteria is the monitoring tool must be vendor neutral to cover most networking brands out there, and should use open standards like snmp. It should not require additional software agents to be installed on the nodes to be monitored

There are so many products to choose from on the market, and each has its strengths and weaknesses, so I would probably say that the most important criteria is "fit for purpose". So for example, in an enterprise environment I would be looking at scalability as a major factor, with network bandwidth usage also a factor if monitoring across a wide area. If I wanted to measure latency, then I would want a product that can do this with an accuracy around +-10ns across multiple technologies - servers, switches, routers etc.
Probably the most important general criteria would be TCO, which is really a combination of many of the responses above. TCO factors would include purchase cost, implementation cost, ongoing management costs, requirement for and availability of specialist staff, ease of use and availability plus cost of extensions.
These are probably my main criteria. In the real world, I have a spreadsheet with over 100 different evaluation criteria, which would be supplemented by another sheet detailing the specific requirements of the customer.

1- What are the tool's capabilities for the monitoring perspective? Can this tool monitor :
1. Capability for Business Service Monitoring (BSM) including setup effort and ongoing BSM chain management (i.e. component changes affects on BSM)
2. Application Performance Monitoring integration – native vs feed from Dynatrace, New Relic, AppDynamics
3. Containers and Kubernetes capability
4. Azure specific integrations/APIs
5. Holistic Hybrid Cloud environment management, specifically on-prem/private cloud/hosted IaaS + Azure
2- How extensive is the tool?
1- Does it only use SNMP?
2- Can we build custom-built monitoring scripts using Python, Powershell and ask the tool to run and monitor the Metrics?
3- Can we create custom-built dashboards and Widgets?
3- How capable is the tool for integration?
1- Can it be integrated with other applications using API or REST API?
2- Does the tool react to the incoming emails and generates events and kicks off automation?
4- Can this tool be used to implement the zero-touch operations?
5- Does the tool is capable of AIOPs?

What are the main KPIs for my operation? Is this tool helping me to measure those KPIs?

o NetFlow/CFlow
o SNMP
o Wireless metrics
o Packet capture

- Does it do Synthetic monitoring (emulating user’s transactions) or monitors real users’ transactions?

- Does it support monitoring for multiple brands of devices/applications?

- What is the differentiator with its competitors?

- Does it have a complete API with instructions to do every possible transaction through command line/scripts and integrate with other systems?

- Can it correlate events from multiple sources, within the same tool and other tools?

- How simple is it for the main users of the tool to do what they are intended to do (User Experience)?

- How easy/complex is the deployment? Will I need an army of Sr. professionals ($$$) or a couple of interns with some guidance can roll it out?

- What kind of support will I get during deployment and after it’s fully deployed? (Bronze, Silver, Gold, Platinum…) What does each include and what are the SLAs?

- Does the cost include training for my agents?

- How scalable is it
- Does it integrate with other tools to provide a full suite of services for your entire enterprise?
- What platform does it take: Unix, Linux, Windows or all three. Many only work on certain operating systems.
- What level of support is needed and does the product have reliable support matrix?
- Can it be clustered for high availability?
- Costs and simplicity of set up should be low on the list but essential too.

Network monitoring is a broad topic with many different sub-topics that may or may not be relevant to your immediate or foreseeable circumstances. You owe it to yourself to build a list of what you need to monitor with some general weighting as to how important each one is to you. If some items are absolute requirements make sure that's noted but be prepared to consider adopting multiple tools if the list strays outside the strict bounds of pure network monitoring. Increasingly, new network technologies are breaking away from industry-standard approaches to monitoring such as SNMP so, if any such equipment is within scope you'll need to be extra vigilant to ensure that its monitoring is covered.

Basic functionality would include automated network device discovery, interconnection/topology discovery, end host to access switch port discovery, device resource monitoring, interface traffic/utilization monitoring, event generation to warn of reachability problems, threshold crossings, status changes and a multitude of other relevant concerns. You may also need to consider reporting and network device configuration monitoring and management. As networks tend to have frequent changes to their configuration and interconnections it is important that these be handled in as automated a way as possible to minimize the administrative overhead and stay accurate to the reality of the network. If the nature/mix of traffic and conversations needs to be understood then technologies such as flow analysis (NetFlow, sFlow, etc) may need to be added to the mix.

One aspect of network monitoring often overlooked is the number and type of servers that need to be provisioned to host it in a production environment. The most efficient deployments for a small to medium sized network would allow the entire monitoring system to be hosted on a single server which could be either physical or virtual. If, in order to host the production (not evaluation) system you need to deploy different parts of the system on different servers, possibly including a database on its own server, you need to factor that into your decision making.

Finally, you need to be acutely aware of exactly how the product is licensed. If, for example, the monitoring of each interface counts towards the overall license consumption it is tempting to cherry-pick a few key interfaces on each device to monitor. This often skips the monitoring of the interfaces connecting the end-user PCs and means that you're building blind spots into your monitoring architecture from the outset. A bad foundation often leads to an unsatisfying end result.

Most solutions operate the same way, have API's, REST, Dashboards, LDAP Integrated Authentication, Remediation, among others. However, few have natively integrated with IT Service Management and CMDB solutions. Automatic Ticket Registration and CMDB update I find extremely important.

Someone who does not know anything about monitoring and technicals terms, could ask :

1 - What are the functional areas of the solution : Fault managenement, security management, performance management, configuration management or accounting management ? ( according to ISO/IEC 7498-4 )

- Fault management : does it monitores avalaibility of all the IP equipements of the networks : servers (physical and virtuals), routers, switchs, access points, etc ?

- Performance management : does it monitores internet trafic or MPLS interconnection ? does it monitores disk space and partitions ? etc.

2 - What about network autodiscovery : does the solution automatically detect equipments connected on the network ? how does it display the items dectected ?

3 - What about notification : does the solution have email or sms notifications for fault or performance management ( for example)? are notification's messages customizable ?

4 - What about network map : does the solution automatically design basic network statefull map or have the options to design customizable one ?

5 - What about historics and reports : does the solution have the options to automatically generate network statistics (about trafic interruptions for example) ?

6 - What about configuration : does the solution easy to install and configure ? does it needs a particular server operating system, Linux or Windows ? Etc.

7 - What about prize and licensing: is the solution openseource ? is the solution free ?

has been functionally tested. If a new business application has not yet been signed off by the guy paying the bills, I will waste my time carrying out operational tests.
has capacity. Sysadmins may want to scale up the disk space for a storage service and the bandwidth for a video chat service. They may scale down to a pocket calculator for a monitoring service.
is resilient. This is the world of High Availability: double up on single points of failure, improve code quality, and even if something does fail, make sure the service handles it gracefully.
is recoverable. If the student deletes half the files or the computer room catches fire, service can be restored.
is reliable. Customers use Internet services 24 hours a day, but an intranet may only be needed during office hours. An intranet that is down every night may still be perfectly reliable.
is scalable. What if the new service has traffic spikes or gets really popular? I may need to scale out by adding more servers. Wading through treacle is not attractive.
is monitored. The operational support people must be alerted immediately if someone breaks into the computer room, if upstream services disappear, and if a process goes berserk.
is supportable. If an architect designs an Internet bank that only runs on one server, how pleased will customers be when an operator turns off the bank to upgrade the memory?
is secure. Vulnerabilities get patched, an IDS (Intrusion Detection System) watches the network, and the security team have signed on the dotted line.
has been pushed to the limit. The whole system has been thrashed, bottlenecks fixed and the system thrashed again and again. The service owner then knows how much performance can be squeezed out of her service.
has integrity. The customer support people won't be plagued by calls from customers whose data is inconsistent, whose files have disappeared, or whose transactions were duplicated.
will operate within the SLA. The people sponsoring this service deserve to know how their investment is doing. The service builders automate the measurement and reports of the service level. Stakeholders can then help a failing service to succeed.

Correlation is the most important thing. Only with a strong correlation you can see the root cause and the impacts to other devices or services.
Network monitoring should based on a broad range of data sources. Not only SNMP and ping, also telemetric data, logs, IPFIX/NetFlow, voice quality and the relations between the devices.
To realize this you need modern time series databases. The correlation, sometimes also named than analytics has to include all the diffrent datasources.