Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Pros And Cons Of Cloud-Based Network Monitoring Tools

Pros And Cons Of Cloud-Based Network Monitoring Tools

Cloud-based IT tools are growing in popularity, and the networking space is no short of them. Today we'll look at the advantages and disadvantages of using Software as a Service network monitoring solutions.

In the modern IT environment there are a number of different products and services which have "cloud" in their name. Most of us who have been in the industry for a while know that this is the newest moniker for a highly integrated set of data centers. Of course the advantage of these clouds and the solutions within them is that the technologies now exist to provide shared public offerings that are replacements for purpose-built, in-house solutions.

For those new to the cloud computing model, here's how a few different cloud options break down:

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Desktop as a Service (DaaS)
  • Software as a Service (SaaS)

The cloud-based offerings that we'll be examining in this article focus on defining the common features of network monitoring solutions and what SaaS network monitoring can offer today.

MORE: Top Cloud Network Monitoring Tools Compared
Cloud Application Monitoring Tools Compared

What Is Network Monitoring

The monitoring of the networking elements within an organization is not something new for large enterprise networks; but for small to medium sized businesses a comprehensive monitoring solution is often not inside their limited budgets. So what exactly is network monitoring?

At its most basic, network monitoring involves a system that keeps track of the status of the various elements within a network; this can be something as simple as using ICMP (ping) traffic to verify that a device is responsive. However, the more comprehensive options offer a much deeper perspective on the network. Solutions from Kaseya and LogicMonitor for example, offer all of the common features plus support for a mix of the advanced options; solutions from Monitis and Uptrends on the other hand offer support for most of the common features with limited support for the advanced features.

Some of the common features in network monitoring tools include:

  • Topology Discovery
  • Element Baselining
  • Device Monitoring
  • Reporting
  • Event Collection

Some more advanced network monitoring features include:

  • Environmental Monitoring
  • Predictive Analysis
  • Root Cause Analysis
  • Alarm Management
  • SLA Monitoring and Measurement
  • Configuration Management
  • NetFlow Analysis and Collection

Topology Discovery

The topology discovery part of networking monitoring is used heavily in the initial configuration stages and helps to obtain a complete look at the connections between networking elements. While some may say this is not a required function as any good networking engineer should know the layout of their network, it does make the mapping of these connections easy and, frankly, any work that is automated is still less work that is passed on to the network administrator or the network administration team. The complexity of the topology discovery feature can vary between solutions, but most will at least support Internet Control Message Protocol (ICMP) and Simple Network Management Protocol (SNMP). More complex solutions can parse information from the Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP) databases, Address Resolution Protocol (ARP), Virtual LAN (VLAN) and/or routing tables.

Element Baselining

An element baseline is a recording of statistics that are taken from an element, typically (and most usefully) when they are initially configured. This of course doesn't always happen and a baseline is taken when the monitoring solution is initially configured. This baseline is taken over a period of time to determine what "normal" is within each specific network over the course of time. This information is then used to compare against future statistics. Some common networking elements statistics recorded in the baseline include element processor load, memory utilization, buffer use, and interface utilization.

Device Monitoring

One of the most basic features of any networking monitoring solution is the monitoring of network status which includes the reporting of this status information in an easy to use and understood format. This information is then compiled and can be used to predict future behavior. Common statistics include device up-time, processor, memory, buffer, and interface utilization. This same information can help with tasks like capacity management.


The ability to access a well-built reporting engine should not be underestimated; while all of the statistics that can be gathered through various means are very useful, they are often hard to analyze without using the correct lens. For example, looking at a network element and finding out that it currently has high processor utilization is useful; but being able to track and report this over time and have the ability to graph out how the utilization of this element correlates with other statistics, can make the work of finding and solving a problem (especially an intermittent one) much easier.

Event Collection

The category of event collection typically goes hand in hand with SNMP. One of the features of SNMP is that it can be configured to send "traps" to a management system. These traps are simple and report a system event; for example, if an interface goes down on a networking element. The collector is a part of the management system that manages these traps as they come in and labels them with their respective severity level; and if needed can be configured to forward alerts to the appropriate networking management staff member.

Environmental Monitoring

There are a number of different things that can be referenced when talking about environmental monitoring, some of these include the monitoring of power, heating, cooling, humidity, moisture, and fire. The majority of the monitoring solutions available (both hosted and cloud-based) will not offer comprehensive environmental monitoring without an external solution. These external solutions often include a separate monitoring device that has sensors that plug into it; this monitoring device can then be configured to be queried or to provide alerts (SNMP) should a specific condition occur.

Predictive Analysis

Predictive analysis engines work by monitoring the historic data that is available for specific elements and comparing it over time to look for specific patterns. These patterns can then be used to derive the potential for future problems. The complexity of this analysis can differ greatly between solutions and can really only be tested by test bedding the solution.

Root Cause Analysis

Root cause analysis is a feature that is in many hosted networking monitoring packages; this feature is focused on looking at all of the information that it has gathered and making it much easier to view and interpret the data to find the originating problem that caused an outage or a network event. Some systems merge their predictive analysis engines in with their root cause engines to help both find any existing problems and their causes, and provide a prediction of future issues that could occur should some action not happen.

Alert Management

Alert management is essentially rather basic in its idea: tell the people that need to know that something has been detected on one of the devices being monitored. In the past this has been a double edged sword; yes the events alert the people about issues that occurred, but they also alerted them to everything going on whether relevant and important or not. The more modern engines can be created with policies that allow very specific rules as to which types of events will be alerted and/or by which alerting mechanism (i.e. email vs SMS).

SLA Monitoring And Measurement

One thing that is common in enterprise and service provider networks is the Service Level Agreement (SLA). This is basically a guarantee of what the lowest level of service will be from a provider. If this minimal level of service is not provided then some remedy will occur compensating for the lack of service. Often it has been hard to get an accurate measure of what specific SLAs are being upheld and which ones are not. SLA monitoring and measurement provides an automated way to keep track of what is being provided and based on the configuration alert that it is being met or not. Some common SLAs are based around a specific bandwidth or latency (maximum) being provided over a network link.

Configuration Management

Configuration management is one feature that will most likely be found in hosted network monitoring solutions; this is because this information can be a large security risk if leaked. However, the implementation of a configuration management solution is vital for many large enterprise networks as it allows the administrators and engineers the ability to know how a device is currently configured and how it was configured in the past. Past configurations can often help in troubleshooting should a problem occur after specific changes have been implemented; current configurations are very important should a device fail.

NetFlow Analysis And Collection

NetFlow is a feature that was initially implemented on Cisco devices which allowed for engineers to collect specific flow information from the network. This information can then be used to map out how the traffic flows throughout the network which can be used for a number of things from route and capacity planning to application load balancing. Some solutions, including Kaseya's Traverse and LogicMonitor support NetFlow monitoring.