16.1. What to Monitor

The first quandary when building a monitoring policy is to determine what needs to be monitored. There is often a rush to monitor as much of the infrastructure as possible, but that is rarely a good idea. Instead, it is better to focus on network devices that will impact more than one user if they fail. That leaves a large part of the network open to monitoring, but it does not bog administrators down with unnecessary monitoring messages.

The goal of a monitoring infrastructure should be to monitor all devices that provide service to multiple users on the network. In addition to the devices that are monitored, it is important to determine what services need to be monitored on each device, and how to overcome problems when ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.