Monitoring router traffic
Routers are critical network infrastructure components that need to be monitored at all times. Regularly monitoring routers helps administrators make sure that routers are communicating properly. Routine monitoring also sheds light on the traffic that passes through the network. Analyzing router traffic lets security admins identify possible network incidents early on, therefore avoiding downtime.
At a bare minimum, there are few simple but essential router details admins need to know. Basic router traffic data include:
- Denied and allowed traffic based on source and destination.
- Protocol-based traffic like TCP, UDP, and ICMP.
- Denied and permitted ARP.
- Denied traffic based on DHCP snooping.
EventLog Analyzer monitors real-time router traffic, extracts useful information from router syslogs, and presents router data in reports. Router traffic reports are categorized into the following sections:
- Router traffic report by protocol
Get a complete overview of all the traffic that passes through a router. View router traffic based on different protocols such as TCP, UDP, and ICMP, including the top traffic connections based on protocol and source.
- Router traffic errors
Keep track of router transmission errors, such as when there are too many fragments, when fragments overlap, or when a fragment length is invalid. View reports for permitted and allowed ARPs or denied traffic based on DHCP snooping.
- Router accepted connections
Review accepted connections to visualize the kind of traffic navigating through your network. View information on all successful connections based on authorization, source, destination, protocol, and trend.
- Router denied connections
Look up denied router connections to see what kind of traffic wants to enter your network and detect anomalies. Audit all denied connections based on source, destination, protocol, and trend.