A question that I have been getting a lot recently is, “how can someone better their disaster recovery monitoring”. Tools that utilize SNMP are going to assist you in discovering your backup links are being saturated (or have traffic) but are not going to be very useful in finding out what end system or process is taking up the bandwidth. IPFIX/NetFlow will help document our backup procedures, failover, and link saturation, allowing us to feel comfortable in the event that we need to fall back to our disaster recovery site.

Performance monitoring with NetFlow:

Your job revolves around making sure that the network is running efficiently and without hiccup; this, in itself, is a full-time job. If you also are responsible for making sure the proper backup procedures are in place, you soon find that there are simply not enough hours in the day to keep both items in top notch.

Using NetFlow/IPFIX, we can now track exactly what is happening on the network. This helps us know that our backups are taking place when Performance Monitoringwe expect them to and that they are not running during business hours, hindering end-user performance.

I ran into an issue working with a customer a while back who was having issues with their backups kicking off during business hours to monitor this behavior we simply set up a report to show us large amounts of traffic going to their backup servers and set it to alert us on this. It took all of 5 minutes to do and made him look like a hero!

As you can see from the image to the right, our incident response system is tracking the time at which our backup takes place and how much bandwidth it has consumed. We can very easily configure an alarm so that in the event your backup doesn’t take place or is delayed, you are getting a proactive alert, which helps you properly respond to the issue.

Disaster Recovery monitoring with NetFlow

Making sure that your backups are taking place, and replication between multiple sights is running without issue is only half the battle. Now you need NetFlow performance analysisto monitor the backup links that are in use; this is just as easy as enabling NetFlow/IPFIX on the interface and setting up a proactive alert to warn you when the link is approaching saturation. As you can, it is imperative to take a proactive approach to network incident response. The image to left even shows how deep packet inspection can show us exactly what type of files are being backed up.

 

 

Future of Disaster Recovery monitoring with NetFlow

Now that you’ve seen what NetFlow/IPFIX can do, give us a call and let us help you set it up in your environment. Taking a proactive approach to how you monitor and troubleshoot your network is going to make your job easier and at the end of the day isn’t that what we want?

Jake Bergeron author pic

Jake

Jake Bergeron is currently one of Plixer's Sr. Solutions Engineers - He is currently responsible for providing customers with onsite training and configurations to make sure that Scrutinizer is setup to their need. Previously he was responsible for teaching Plixer's Advanced NetFlow Training / Malware Response Training. When he's not learning more about NetFlow and Malware detection he also enjoys Fishing and Hiking.

Related