If you don’t know the state of your network and server health every second of the day, you’re like a blind pilot inevitably headed for disaster. Fortunately, the market now offers many good tools, both commercial and open source, for network and Windows Server monitoring.
Since good and free is always more attractive than good and expensive, we’ve put together a list of open source Windows Server monitoring tools that have proven their value in networks of many sizes. With functionality such as discovering devices, monitoring network equipment and servers, identifying network trends, graphically presenting monitoring results, and even backing up switch configurations and routers, these Windows Server monitoring software tools will surely surprise you. So here’s a list of the best Windows Server monitoring software/tools of 2018:
Cacti is a flagship solution among open source network monitoring software for IT infrastructure in the field of graphical representation of the network. Cacti is free to download and is included in the LAMP (Linux, Apache, MySQL, PHP) suite, which provides a standardized software platform for building graphs based on any statistical data. If a device or service returns numeric data, then most likely it can be integrated into Cacti. There are templates for server application monitoring platforms from Linux and Windows servers to Cisco routers and switches — basically anything that communicates with SNMP (Simple Network Management Protocol). Although the standard method for collecting Cacti data is the SNMP protocol, scripts in Perl or PHP can also be used.
Cacti divides data collection and graphic display into discrete instances, which makes it easy to re-process and reorganize data for various visual representations. For example, you can quickly view the data for the past few years to see if the current behavior of the network equipment or server is abnormal. And with the help of the Network Weathermap, a PHP plug-in for Cacti, you can create real-time maps of your network that show the load of communication channels between network devices. Thus, Cacti is a toolkit with extensive capabilities for graphical display and analysis of network performance trends that can be used to monitor almost any monitored metric that can be represented in a graph. However, this solution supports almost limitless tuning possibilities, which can make it too difficult for certain apps.
Nagios is powerful network monitoring tool that has been in active development for many years. Written in the C language, it allows you to do almost anything that system and network administrators might need from the application package for monitoring. The web interface is fast and intuitive, and the server part is extremely reliable. Nagios’s rather complex configuration can be a problem for beginners, but it is also an advantage, since the tool can be adapted to almost any monitoring task. As with Cacti, a very active community supports Nagios core, so various plug-ins exist for a huge variety of hardware and software. Nagios enable you to continuously monitor the status of servers, services, network channels and everything else that the IP network layer protocol understands. For example, you can monitor the use of disk space on the server, RAM and CPU usage, FLEXlm license usage, server air temperature, WAN and internet connection latencies, and much more.
Obviously, any monitoring system for servers and networks will not be complete without notifications. The Nagios software platform offers a customizable mechanism for notifications via e-mail, SMS and instant messaging via the most popular internet messengers, as well as an escalation scheme that can be used to make reasonable decisions about who should be notified when and in what circumstances. In addition, the display function shows all monitored devices in the logical representation of their placement on the network, with color coding that highlights problems as they arise.
The main disadvantage of Nagios is its configuration process — it is mostly done through the command line, which greatly complicates installation if you’ve never worked with it before. People familiar with standard Linux / Unix configuration files, however, should not experience any particular problems. The possibilities of Nagios are huge, but the effort required to use some of them may not always be worth it. But the advantages of the early warning system metrics provided by this tool for so many aspects of the network are hard to overstate.
Zabbix is a full-scale tool for network and system monitoring that combines several functions in one web console. It can be configured to monitor and collect data from a wide variety of servers and network devices, and it provides service and performance monitoring of each object. Zabbix enables you to monitor servers and networks with a wide range of tools, including monitoring virtualization hypervisors and web application stacks.
Basically, Zabbix works with software agents running on controlled systems. But this solution can also work without agents, using the SNMP protocol. Zabbix supports VMware, Hyper-V and other virtualization hypervisors, providing detailed information about the performance and availability of the hypervisor and its activity. In particular, it can monitor Java application servers, web services and databases. New monitoring hosts can be added manually or through an automatic discovery process. A wide range of templates are applied by default, such as those for Linux, FreeBSD and Windows Server operating systems and for SMTP, HTTP, ICMP and IPMI protocols.
Zabbix allows you to customize the dashboard and web interface to focus on the most important components of the network. Notifications can be based on custom actions that apply to a host or host groups. You can configure actions that will run remote commands if certain event criteria are met. The program displays network bandwidth usage and CPU utilization graphs. In addition, Zabbix supports custom maps, screens and even slideshows that show the current status of monitored devices. Zabbix can be difficult to implement at the initial stage, but the use of automatic detection and various templates can reduce the challenge. In addition to the installation package, Zabbix is available as a virtual device for several popular hypervisors.
Icinga is another great open source network monitoring tool. Icinga began as a branch of the Nagios monitoring system but was recently rewritten into a stand-alone solution known as Icinga 2. At this point, both versions of the program are in active development and are available for use. While Icinga 1.x is compatible with a large number of Nagios plug-ins and configurations, Icinga 2 was designed to be less cumbersome, have a performance orientation and be more user-friendly. It offers a modular architecture and multi-threaded design, which is not true of either Nagios or Icinga 1. There are several variations of the web interface for Icinga
Icinga is a software monitoring and alerting platform that is as open and extensible as Nagios. The main difference is the configuration process: Icinga can be configured via the web interface, while Nagios uses configuration files and the command line. For those who prefer to manage their monitoring software without the command line, this functionality will be a real gift. Icinga integrates with many software packages for monitoring, such as PNP4Nagios, inGraph and Graphite, providing reliable visualization of your network.
The Paessler PRTG network monitoring tool is an integrated solution that is suitable both for small and enterprise environments. The setup is dynamic, meaning that your monitoring capabilities can grow or shrink with the business requirements of your organization. PRTG is more than just a server monitor, because it can monitor any IT-related resource that connects to your network. PRTG can send out email and SMS alerts based on your own customized threshold levels. This means that you can adjust the sensitivity of specific servers so you get more frequent warnings from critical servers and almost no noise from non-critical ones.
The application can monitor everything that you need to know about your server, such as CPU load, hard disk capacity and performance, RAM utilization, and bandwidth monitoring. Administrators can view the entire server environment at a glance through customizable dashboards and reports, which means that specific graphs and analytics can be generated for specific needs. There are predefined templates to help with the configuration processes and speed your first installation process. Other key features include flexible alert methods, multiple user interfaces to choose from, failover-tolerant monitoring, distributed monitoring, and customizable maps and dashboards. The tool is free only for 100 sensors, so download it only if you have small system inventory or you are willing to pay for it.
If you’ve ever had to search for devices on your network to connect through the Telnet protocol to your switches and perform a MAC address lookup, or determine the physical location of certain devices, then you will be interested in NeDi. NeDi constantly looks at the network infrastructure and catalogs the devices, tracking everything that it detects. Like Cacti, NeDi is a completely free tool related to LAMP. It regularly scans MAC addresses and ARP tables in switches of your network, cataloging each detected device in a local database. This tool is not well known, but it can be very convenient in corporate networks in which devices are constantly changing and moving.
You can use the NeDi web interface to search for a switch, switch port, access point or any other device by MAC address, IP address or DNS name. NeDi collects all the information possible from every network device it encounters, pulling out serial numbers, firmware and software versions, current time parameters, module configurations, and so on. You can even use NeDi to mark the MAC addresses of devices that have been lost or stolen; if they reappear in the network, NeDi will tell you about it.
Configuration management is simple, with a single configuration file that allows you to significantly increase the number of settings and skip devices based on regular expressions or specified network boundaries. NeDi typically uses the Cisco Discovery Protocol or the Link Layer Discovery Protocol to discover new switches and routers, and then connects to them to collect their information.
The Ntop project, better known as Ntopng, is a first-class network monitoring tool with a fast and easy web interface. This packet analysis tool displays real-time data about network traffic, showing information about host data flows and host connections in real time. Ntop provides good graphs and tables showing current and past network traffic, including the protocol, source, purpose and history of specific transactions. In addition, you will find an impressive set of graphs, charts and maps of real-time network usage.
A modular architecture allows for a huge number of add-ons. Ntop includes an API for the Lua scripting language, which can be used to support extensions. Ntop can also store host data in RRD files for permanent data collection. One of the most useful applications of Ntopng is traffic control in a specific location. For example, when some of your network channels on your network map are highlighted in red and you don’t know why, you can use Ntopng to get a per-minute report about the problematic network segment and quickly see which hosts are responsible for the issue. The advantage of such visibility of the network is difficult to overstate, and it is very easy to get.
Spiceworks Network Monitor is extremely flexible and scalable, allowing independent thresholds per system or device. This is a great solution for more granular monitoring of memory, disk activity and more.
The software is quick and easy to implement. It runs on a VM or a physical box. It’s pretty light on resources, though it can eat up a bunch of disk space, so if it is co-located with another app, the drive can fill quickly if you don’t keep on the logs or automate cleanup. The software is agentless, so there is little to no impact on the monitored devices. It can even monitor SNMP traps from switches, printers, copiers and other devices. It does a great job monitoring off-hours. The monitoring is done on servers, switches, appliances both physical and virtual as well.
There are a few disadvantages. The software does not reconcile systems that are going down — sometimes when connection links go down, they do not go back up in the software though physically they are up again, so they must be deleted and re-added. And the user interface is rather slow. However, the software is no-cost so there is no risk in giving it a try.
Observium is another program for monitoring network equipment and servers that has a huge list of supported devices using the SNMP protocol. Observium has relatively easy installation and configuration. It is installed as its own server with a dedicated URL. You can enter the graphical interface and start adding hosts and networks, and set ranges for automatic detection and SNMP data so that Observium can explore the surrounding networks and collect data for each detected system. Observium can also detect network devices via CDP, LLDP or FDP. Depending on the device, data can be collected and displayed for every detected port.
The easy-to-use user interface provides advanced capabilities for statistical display of data, as well as diagrams and graphs. Observium can display information about the state of the CPU, RAM, data storage, power supply, temperature, and so on from the event log. You can also include data collection and graphical performance counters for various services such as Apache, MySQL, BIND, Memcached and Postfix. Observium works great as a virtual machine, so it can quickly become the main tool for obtaining information about the status of servers and networks. This is a great way to add auto discovery and graphical representation to a network of any size.
We’ve reviewed a lot of great infrastructure monitoring tools. Nevertheless, if system administrators detect Windows server performance issues, they need to inspect configuration changes to determine the cause of the issue and quickly fix it. Therefore, a system change monitoring tool is invaluable. Netwrix Auditor for Windows Server Free Community Edition delivers daily email reports detailing what was changed on each Windows Server and when it happened, with the before and after values. For example, it will report the installation of software and hardware and changes to scheduled tasks, services and registry. Product installation is straightforward, and the UI is user friendly and fast. Reports are very clear and nicely structured, which makes this tool a great addition to other Windows application performance monitoring tools. Moreover, in addition to reporting on changes in Windows Server, Netwrix Auditor Free Community Edition’s daily activity summary reports provide the crucial “what,” “when” and “where” details and before and after values for changes in many other critical IT systems, such as Active Directory, Group Policy, Azure AD, Exchange, Office 365,file servers, SharePoint, Microsoft SQL Server and VMware.
When you install the product, you get to use the full functionality of Netwrix Auditor for a free 20-day trial period; then you can decide whether to purchase a license or opt for the free community edition. Netwrix Auditor has many benefits in comparison to the free community edition, such as “who” details for each reported event, file analysis, user behavior and blind spot analysis, risk assessment, built-in search of audit data, alerts on threat patterns, and user activity video recording. You can see the full comparison table here. In short, Netwrix Auditor is not just a really valuable server administration and monitoring tool; it’s an enterprise-level software platform that gives you complete visibility into changes, configurations and access across your cloud and on-premises IT environments.