Network flow monitoring with Checkmk

With Checkmk you can already monitor all of the devices in your network environment. Through the comprehensive integration with ntop's network flow monitoring, you will additionally be able to expand your network monitoring with a detailed network analysis.

Extend your network monitoring

Checkmk's network monitoring already provides you with comprehensive monitoring of all components of your IT infrastructure, such as switches, routers or firewalls, which ensures the optimal performance of your network and identifies potential sources of problems in advance. Checkmk 2.0 now extends this network monitoring to include network flow monitoring, which allows you to gain even deeper insights into your network.

This is made possible by the deep integration of ntop's network flow monitoring. The ntop solution we have integrated with the commercial version only is open source and provides detailed monitoring and analysis of network traffic. Through the integration of ntop, you can now also benefit from these functions in your Checkmk monitoring. The functional scope of Checkmk is thus extended by two important points: the monitoring of network flow data and the in-depth analysis of network traffic – in real time and from historic data.

Flow monitoring in Checkmk
  • Analyze and monitor the network flow across your network, for example, to gain detailed insights into your network traffic.

  • Find out which hosts, applications or protocols are communicating with each other via the Checkmk interface and identify possible bottlenecks or anomalies.

  • Analyse the top talkers and top listeners on your network, and break down network usage per host, destination address, protocol or application.

  • Get detailed information on all hosts in your network – for example, traffic, packets, ports, peers or applications.

Some of the vendors we support

  • Juniper logo
  • Cisco logo
  • Huawei logo
  • HP logo
  • Intel logo
  • Brocade logo

Network flow monitoring: deep insights into your network traffic

top talkers in the network

Checkmk already integrates many network devices by default, and supports monitoring with SNMP for retrieving data from the various components. In this way, at a glance you have information on the bandwidth of various network interfaces, the device status or, for example, the utilisation of the network devices. If there is a problem somewhere, Checkmk will reliably send an alarm.

To be able to resolve some problems, however, a deeper analysis of the network is always necessary. Administrators then need solutions like ntop that can provide such insights into networks. ntop can view meta-information from the data traffic. The analysis of these flow packets provides, among other things, information on which components communicate with each other via which protocols, which host occupies which port and how much bandwidth. This comprehensive information helps the administrator to understand what is happening in his network.

A consistent look and feel

The integration of ntop into Checkmk will allow you to visualize network flows from within the Checkmk interface. This gives you even more detailed usage data for your deployed components, such as switches, firewalls and routers – without having to leave the Checkmk interface. Thanks to the ntop integration, Checkmk lists the top talkers and top listeners in your infrastructure, among other things. However, it also breaks down network usage by source, destination address, protocol and application.

Ports insights of a host

Checkmk easily retrieves the flow data from the ntop instance via REST API and displays it in its own user interface, so that you don't have to leave your Checkmk monitoring. This is how we want to ensure a uniform look and feel for network flow monitoring as well.

Insights into network traffic

Detect anomalies and irregularities in your network

Thanks to the deep insights that network flow monitoring offers into the network infrastructure, the administrator is able to detect anomalies or irregularities that may indicate malware, for example. ntop supports you in threat detection, and enables the rapid detection of threats such as DDoS attacks.

In this way, the ntop integration in Checkmk assists you in increasing your network security. At the same time, it supports you in planning the capacity of your network, as the analysis of the network flow shows how much bandwidth an application requires, for example. In your Checkmk monitoring, you can now not only understand the impact of a specific application on your corporate network, but also identify performance peaks in the network and show bottlenecks in the infrastructure.

This is what network flow monitoring with Checkmk offers

Through the integration of ntop's network flow monitoring in Checkmk, you gain access to the following functions via the Checkmk interface:

  • The Traffic Dashboard: Call up an overview of the information provided by ntop via the main dashboard, for example on top talkers, or break down the current network usage by source, destination address, protocols, applications, etc.
  • Flows: Using the Checkmk interface, view all flow information that Checkmk retrieves directly from the ntop servers
  • Alerts: Analyse all flow-specific alerts via a special alert dashboard
  • Host Details: The integration of ntop also provides you with relevant network information about each host, such as traffic packets, ports, peers ans applications as an addition to the previous host view in Checkmk
  • Graphing modules: Graphics modules from ntop also give you the option of integrating ntop graphics into your Checkmk dashboards
Detailed host informations
Peers insights of a host

Licensing of Checkmk and ntop: 'Soft launch'

For the first three months, until July 2021, we will offer a special ‘soft launch’ package, while the ntop and Checkmk teams gain more experience in the joint customer use cases. During this phase:

  • You will still need to purchase the Checkmk Enterprise Edition plus the ntop integration add-on separately from the ntop license itself.
  • The integration will be offered at a discounted entry price
  • You will receive additional support to answer set-up questions

Great reasons for network flow monitoring with Checkmk

icon advanced analytics

Deep insights into your network traffic

Network flow is meta-information derived from the data traffic. Monitoring the flow data enables the administrator to know who is doing what, when and where in the network. So he can detect possible bottlenecks or recognize anomalies in the network.

icon reporting

Know when something is wrong

With the network flow integration it is possible to get an overview of all alerts from ntop with a specific alert dashboard in Checkmk.

icon network monitoring

Identify the top talkers and top listeners

The inspection of network flow can show the top talkers and top Listeners in the network, as well as breaking down network usage by source, destination address, protocol or application.

icon flexible

Get detailed information of your hosts

Network flow data also provides more detailed information on network's hosts such as traffic, packets, ports, peer or applications.


Trusted by global brands and local organizations worldwide

  • Logo_Bosch

Resources

Talk to us

Learn more about checkmk

Try Checkmk for free!


Download the latest version of Checkmk Enterprise Free Edition today and see it in action.