Network monitoring is the key to efficient, reliable operation, as well as performance and security. The deeper and more broadly you can monitor (yes, you want to do both), the better your network operates.
What if you could combine a superstar in network infrastructure monitoring with the champion of network flow monitoring? You can. Progress, owner of WhatsUp Gold, recently acquired Kemp and their market-leading Flowmon solution. It didn’t take long for engineers on both teams to set about integrating the two solutions.
Thanks to the integration, Progress Flowmon data is now visible in dashboards within the Progress WhatsUp Gold interface. IT can get access to advanced network traffic analysis while diagnosing network issues—all without needing to open additional applications.
Advanced Traffic and Security Analysis—Perfecting the Network Experience
This blog discusses broad and deep network observability, visibility and monitoring—which all in essence mean the same thing.
Why is network visibility important? One answer is because it measures the experience of network users, both customers coming in from the outside and employees either working from the inside or connecting to network services remotely.
Customers and prospects generally have a choice of what organizations they deal with, and if they don't have a good experience, can easily leave. And if you have poor quality or poor network visibility from your internal systems (internal people also use the external systems as well), you'll see a big drop in productivity and a huge increase in wasted time.
Let’s say that every time an employee uploads something to your system, uses one of your systems or webpages to perform a task, it takes an extra 30 seconds. Now, imagine that happens 5, 10, or 20 times a day multiplied by the number of people in your organization. That's a big attrition of time and a big loss of productivity.
These network performance issues prevent the business from looking forward, keeping it reactive rather than proactive. Meanwhile, IT is too busy trying to fix the issues you've got right now to look forward and see where you want to take the business, where you want to grow, and what new areas you want to pursue. For instance, how do you want to improve the network, solution, or the service of the software that you're bringing to end users?
All these goals can be met with the pairing of WhatsUp Gold and Flowmon. “WhatsUp Gold provides complete visibility into the status and performance of applications, network devices and servers in the cloud or on-premises. It’s unique interactive mapping interface makes it easy to see network issues at a glance and diagnose them with a few clicks. Sophisticated alerting and reporting let you proactively find and fix network problems fast—usually before they impact your end users,” according to the Flowmon and WhatsUp Gold Data Sheet. Flowmon monitors and analyzes network and cloud traffic, detecting anomalies using a spectrum of methods all deployed simultaneously. It combines network telemetry, machine learning and behavior analysis seeking indicators of compromise to uncover malicious behaviors or data breaches.
Network monitoring is all about problem spotting, such as a poor experience due to a slow application. The trick is finding the problem, then determining the root cause. Where exactly is the problem? Is it the network, a server or other piece of hardware or infrastructure, or is it the user, such as an end user mistake or error?
If you can't find the problem, you can't fix it. And that is why you need some form of network visibility or observability.
IT Under the Gun
Whose responsibility is this? The IT team, of course. Their job is to keep the network up and operating and make sure problems don't crop up, or at least don’t cripple operations.
The IT team deals with troubleshooting and maintaining critical applications, and this means performing root cause analysis for issues. IT also makes sure the cloud services are connected and so must analyze network traffic. They also need to maintain a high level of network security, which includes keeping everything patched and up to date. That can be a full-time job in itself.
All this is measured by the mean time to resolution, or MTTR.
IT may have myriad monitoring and management consoles; they often end up staring at six screens holding six different sets of data. This is part of the IT challenge. The more tools, devices and systems an IT operator has to use in order to find a problem and fix it, the worse MTTR gets.
Some of this can be overcome by letting your infrastructure monitoring solution do much of the heavy lifting by watching every single device attached to your network. And that includes both physical and virtual as well as your cloud resources.
The Role of WhatsUp Gold
As an infrastructure monitoring solution, WhatsUp Gold tracks the performance and operation of that infrastructure and the software running across it, and diagnoses and alerts on any issues. WhatsUp Gold does exactly what the name says. It'll tell you what's up, and what's down. It also has unique interactive mapping and alerting systems that make it very easy to feed in information from other applications such as Flowmon.
What Flowmon Brings to the Network Monitoring Table
Flowmon, with its Anomaly Detection System, keeps an eye on network security and helps IT to detect potential breaches, anomalous behavior, or exploits such as ransomware. Flowmon offers a whole new way to look at your network. It looks at individual flows, provides detailed traffic analysis, and helps IT to troubleshoot and forensically analyze what's going on with your applications.
- Round-trip time, server response time, delay, jitter
- Triage and post-incident forensics tooling
- Comprehensive flow and full packet capture-based network analysis
- Monitor database-level application performance, SLAs, errors, latency.
- SaaS performance monitoring
- Measure fault, performance and availability
- Encrypted traffic analysis
- Behavior analysis and threat detection including malware, ransomware, insider/unknown threats, botnets, crypto mining and more
- Automated incident response
Flowmon enables application and network visibility across datacenters, private or hybrid cloud environments, providing you with a holistic overview of your entire estate, detailed insights for troubleshooting and maximum operational stability.
Flowmon network security capabilities revolve around an AI-driven behavior analysis engine which makes it really easy to find threats from insiders, outsiders, unknown threats, ransomware, and any plain unusual behavior, and alert you to prevent and detect network breaches and respond to them. It can even do encrypted traffic analysis.
By combining WhatsUp Gold and Flowmon, you work with a solution that gives you complete network visibility coverage.
The Flowmon/WhatsUp Gold One-Two Punch
By integrating WhatsUp Gold and Flowmon together through the WhatsUp Gold dashboard, IT achieves complete network visibility coverage. In the graphic below, you can see WhatsUp Gold handling core infrastructure components while Flowmon watches for threats.
At the moment, these solutions are sold separately, but are becoming increasingly integrated. And with a common vendor, you only have one point of contact.
WhatsUp Gold is very much an infrastructure availability, diagnosis, and performance tool. It is what you use to make sure everything's up or everything's down and to see your network at a glance.
Flowmon capabilities can be surfaced through WhatsUp Gold. Flowmon was developed specifically as a flow-based network traffic analysis tool, which today supports a bevy of performance monitoring, threat detection and response capabilities.
Together, the two solutions offer a combined network and security operations solution that lets you keep a close eye on your end-user experience. As you know, if the end users aren't happy, they may leave, and you'll lose money.
The duo supports advanced troubleshooting and forensics, and detects threats such as ransomware. Look below to see how network duties are handled by the two solutions.
As you can see above, WhatsUp Gold monitors everything in the green box, from the CPU to the routers, cloud logs, configuration management, virtual resources—it's comprehensive and vendor-agnostic. It's designed to find whatever is plugged into your network and tell you everything it can about it.
Flowmon, represented by the yellow and blue boxes, focuses on looking at your firewall, routers, switches, cloud-flow logs, and overall traffic. It also looks for malware, ransomware, anomalies, and insider and outsider threats, and can even analyze encrypted traffic. It generates its own set of dashboards and its own set of data, which you can also view through the WhatsUp Gold dashboard interface.
The integration of Flowmon and WhatsUp Gold includes:
- WhatsUp Gold successfully discovering and identifying Flowmon appliances and virtual appliances.
- WhatsUp Gold containing a Flowmon-specific management information base (MIB).
- WhatsUp Gold successfully monitoring availability and performance of Flowmon appliances using out-of-the-box SNMP active and performance monitors.
- WhatsUp Gold containing two new dedicated dashboard views which present data performance and event data collected by Flowmon.
- WhatsUp Gold Application Monitoring containing a new Progress Flowmon application profile.
With the Flowmon integration, the WhatsUp Gold dashboard now includes a traffic analysis dashboard and a security dashboard. With Flowmon, we are boosting the ability of WhatsUp Gold to report on not just your network infrastructure, but also the performance of traffic and traffic flow analysis and security threat detection.
Combined with Flowmon, WhatsUp Gold can monitor not just the up/down status of your infrastructure, but the availability of the software on that infrastructure: How it's being used, the capacity, and if there are any performance degradations. IT can find bottlenecks, analyze errors, and troubleshoot quickly.
With Flowmon, IT gains the security capabilities that bridge the gap between endpoint and perimeter to find ransomware issues and zero-day threats. IT can also analyze encrypted traffic to help keep your environment secure. And there is also an alerting system that will let you know if and when something happens.
With Flowmon, you can apply a number of automated responses. If IT finds an insider threat or anomalous behavior, you can set that to automatically shut that area of the network down or change it in some way to restrict access. Depending on the issue and network setup, you have a number of options for how to do this.
WhatsUp Gold and Flowmon bring together comprehensive IT Infrastructure monitoring along with network traffic visibility, AI-powered traffic analysis and advanced security features. This lets you ensure the availability, performance and security of your entire network through a single, simple and intuitive interface. WhatsUp Gold monitors everything connected to the network and displays it in a single interactive and intuitive mapping interface. Administrators can monitor, measure and resolve network problems. Sophisticated alerting and reporting capabilities make it simple to diagnose faults and find and fix problems fast.
By integrating WhatsUp Gold with Progress Flowmon, IT Infrastructure, NetOps and SecOps teams can cooperate to identify data leakage, outages or performance degradation and make better decisions faster. IT teams can view network status, advanced traffic analysis and security data all in one interface to speed diagnosis and accelerate MTTR.
Use WhatsUp Gold to Analyze Flowmon Data
An easy and effective way to troubleshoot network issues with WhatsUp Gold is to analyze network traffic data reported by Flowmon. The Flowmon dashboard is pulling data directly or presenting data that is pulled directly from Progress Flowmon. So instead of having to juggle between two interfaces, you can see data from both the network monitoring side as well as the packet analysis/network traffic analysis side in one interface.
IT can see network-specific patterns like traffic, response times, retransmission rates, and so on. Under the security operations section, IT can see events by methods or events by severity. There are different types of behavior patterns that the traffic analysis tool picks up, such as diverse communications with multiple IP addresses or specific types of countries.
And events are assigned severity levels like critical, high, medium, and low.
“Together, you get the integration of IT infrastructure/network monitoring and network performance monitoring and diagnostics/network detection and response so you can see everything going on in your network in context. Flowmon dashboards displaying advanced traffic analysis and security details can be viewed natively within the WhatsUp Gold interface, giving IT teams a single tool for troubleshooting and diagnostics,” explained the Flowmon and WhatsUp Gold Data Sheet.
Try Both Now for Free
WhatsUp Gold is going to be sold mostly based on what your requirements are for infrastructure monitoring. Flowmon, meanwhile, is much more oriented towards flows and how many of them you want to monitor.