Many think they know what network bandwidth is but conflate performance with capacity. This blog, among other things, will end that confusion. And for true IT experts, we’ll dive deep into the whys and wherefores of network bandwidth monitoring and optimization.
While high bandwidth tends to equal high performance, they are not the same thing. “Network bandwidth is a measurement indicating the maximum capacity of a wired or wireless communications link to transmit data over a network connection in a given amount of time. Typically, bandwidth is represented in the number of bits, kilobits, megabits or gigabits that can be transmitted in 1 second. Synonymous with capacity, bandwidth describes data transfer rate. Bandwidth is not a measure of network speed—a common misconception,” explained a Techtarget blog.
Bandwidth measurements have changed as bandwidth has grown—in some cases exponentially. “While bandwidth is traditionally expressed in bits per second (bps), modern network links now have far greater capacity, which is why bandwidth is now more often expressed as Mbps or Gbps,” Techtarget explained. “Bandwidth connections can be symmetrical, which means the data capacity is the same in both directions—upload and download—or asymmetrical, which means download and upload capacity are not equal. In asymmetrical connections, upload capacity is typically smaller than download capacity; this is common in consumer-grade internet broadband connections. Enterprise-grade WAN and DIA links more commonly have symmetrical bandwidth.”
Monitoring bandwidth is one of the main reasons to perform network management, as it shows which applications, traffic types and network segments gobble the most bandwidth. With this knowledge, IT can make sure there is enough availability for business-critical applications and services—with as little latency as possible.
Bandwidth monitoring lets IT:
When you buy bandwidth, there is usually a specification for the amount of data transferred over a period of time such as Mbps, gigabits, etc. That is theoretical speed. Actual speed must be measured.
Ideally, IT should monitor and analyze network traffic volume in four ways: endpoint (user), port, interface and protocol (application).
When bandwidth becomes an issue due to lagging performance or other signs of congestion, IT often orders up a bigger pie. But where does the problem lie exactly? What parts of the network need to be upgraded? And is the network the problem, or how the network is configured and managed?
Adding more bandwidth capacity doesn’t always solve the problem and is far more expensive and disruptive than optimizing the bandwidth you already have.
A single monolithic network is difficult to optimize. “Even in a midsized organization, chances are you’re already segmenting your network. This decreases the traffic across the whole network by dividing it logically—by department, for example. You can do this either physically using intelligent switches or by using sub-nets. If you’re on a tight budget, sub-netting is your best bet because it only requires a computer configuration change instead of new hardware,” our Network Bandwidth Usage: How to Optimize Your Network blog explained.
Moving telephony to the network and internet is a bandwidth gamechanger. “Your phone system is also likely eating up a lot of available bandwidth. This places an even larger load on your network than oversized attachments. There are a number of reasons for this. The main cause is IP telephony, which requires packets to transfer in a more dedicated fashion than pure data. If you’re getting ready to perform a bandwidth usage calculation and your company wants in on VoIP, you need to know what codec the system uses so you can gauge how much bandwidth is on the bubble. You might also want to assess and monitor network performance levels including call quality including jitter, latency, and packets,” our Network Bandwidth Usage: How to Optimize Your Network blog explained. “VoIP is just one of the network bandwidth usage hogs you’ve got to put up with in your network. Chances are you’ve also considered videoconferencing apps, such as GoToMeeting and WebEx. You may have also decided to add building security functions like surveillance cameras connected to the network. All of these are drains on your available bandwidth.”
Many hack attacks such as DDoS are network attacks, flooding the network with traffic till it chokes. Even non-network-specific attacks leave a traffic trail. “It’s very common for traffic monitoring tools to help distinguish between normal traffic patterns and suspicious ones. With viruses and malware often consuming out of the ordinary amounts of bandwidth, monitoring bandwidth utilization can also be invaluable in identifying security anomalies,” explained our Bandwidth Monitoring101: Network Traffic Analysis Best Practices blog. “By monitoring bandwidth, administrators can plan for spikes in usage, identify bandwidth-hogging applications and users (by IP address) and ensure business-critical applications get the requisite amount of bandwidth.”
The key is identifying abnormal bandwidth usage before it becomes a disaster. In addition to real-time or near real-time traffic monitoring, IT can dive into historical bandwidth trends to spot security issues like DDos attacks, as well as unauthorized downloading, crypto mining and malicious network behavior.
Bandwidth monitoring is key to security forensics by spotting high traffic flows to un-monitored ports and discovering unauthorized and Shadow IT applications such as file sharing and video streaming.
While there are many ways network bandwidth monitors collect network bandwidth usage data, two stand out:
SNMP: Here bandwidth monitors simply send out SNMP queries to SNMP-enabled devices on your network. The devices then send device-centric information (stored in their Management Information Bases (MIBs) back to the device. This information can include network bandwidth usage data. The monitoring tool can then analyze this data to monitor network bandwidth usage.
NetFlow: One critical protocol is Cisco NetFlow which collects IP network traffic as it enters or exits an interface. NetFlow tracks seven key values:
This data can be analyzed by a bandwidth monitoring tool, such as WhatsUp Gold’s Network Traffic Analysis.
NetFlow as the name suggests, is based on “Flows,” which are a continuous series of packets that share characteristics such as source/destination IP and ports, IP protocol, Ingress Interface and Type of Service values.
Although a Cisco protocol, NetFlow can be enabled on any compatible network device interface. The flow data is then passed along as UDP packets to a NetFlow collector, which gathers data on bandwidth usage, network traffic details as well as traffic trends and anomalies, bandwidth peaks and valleys, and performance metrics.
WhatsUp Gold uses NetFlow, jFlow and sFlow to monitor network bandwidth and application traffic. It automatically discovers NetFlow enabled routers and switches, and configures them to collect and send NetFlow data back to it. WhatsUp Gold then analyzes the data, providing details on traffic identification, historical trends and QoS through ToS verification. Comprehensive reports showing Top Protocols, Top Senders, Top Application, etc., are also provided.
Here are four reasons network traffic monitoring makes so much sense:
WhatsUp Gold makes it easy to get detailed visibility into your network traffic to see which users, applications, and protocols are consuming bandwidth or connecting to suspicious ports. This insight allows you to set up bandwidth usage policies, maximize your return on ISP costs and ensure adequate bandwidth for critical business applications and services.
WhatsUp Gold collects network traffic and bandwidth usage data from any flow-enabled device on the network. It supports Cisco’s NetFlow and NetFlow-Lite as well as NSEL protocols, J-Flow, sFlow and IPFIX. Collect and view data for Cisco CBQoS (Class-Based Quality of Service) and NBAR (Network Based Application Recognition).
WhatsUp Gold provides threshold-based alerting to help you address bandwidth problems before they impact your users, applications, and business. It alerts you when senders or receivers exceed bandwidth thresholds, when interface traffic exceeds utilization thresholds, and when you exceed failed connections and the number of conversation partner thresholds.
Monthly ISP bandwidth charges are expensive. You don’t want to add more bandwidth unless you need it. WhatsUp Gold software lets you drill-down to identify the sources and destinations of your internet traffic, the applications consuming internet bandwidth, and the users of those applications. In this way, you can ensure that your business-critical web applications are getting the bandwidth they need.
Learn more on our Network Traffic Monitoring page.
Looking to start on the basics of IT infrastructure monitoring? Our alphabetized index is an excellent place to begin or extend your education. View all of our current topics.
Get our latest blog posts delivered in a weekly email.