Blog A3Sec

Active monitoring vs. passive monitoring

Today, monitoring a company's infrastructure and business processes is a requirement, not a choice. Any non-monitored asset is a lost opportunity for optimization that makes maintenance difficult and produces a high probability of failure.

Depending on the nature of the asset to be monitored we have several approaches. In this post we are going to focus on those related to network monitoring.

Network monitoring approaches are divided into two main groups: passive monitoring and active monitoring. Both monitoring methodologies are completely different. Each group has its benefits and limitations and should be considered complementary, in fact, they can be used together, as WOCU does.

 

What do we mean by passive monitoring?

The main difference between active monitoring and passive monitoring is that passive checks are performed by external applications, while active checks are initiated and performed by the monitoring solution.

When we talk about passive monitoring in networks, we are mainly referring to the sending and management of traps generated in the devices that are part of the network: routers, switches, balancers, etc.

This form of monitoring is asynchronous in nature, i.e., its status is not monitored on a regular basis; it is the equipment itself that sends a message, indicating the severity and informing that a change occurred in one of the processes from the previous state.

Passive monitoring can be very useful for troubleshooting performance problems once they have occurred, however, as we say, they can only be discovered after they have occurred.

 

What do we mean by active monitoring?

With this approach, regularly scheduled active checks are used to monitor network devices. Active checks can be used to "poll" a device or service, obtaining information about the state of the device or service from time to time.

In our case, active checks are initiated by the logic of the WOCU monitoring engine. When it is time to check the status of a host or service, a plugin is run that passes it information about what to check. This plugin then checks the operational status of the host or service and reports the results to WOCU.

Finally WOCU processes the results of the host or service check and takes appropriate actions as necessary (e.g., send notifications, execute events,

 

Better together

As we see, both active and passive monitoring are necessary to get a complete picture.

Active monitoring should be used to provide visibility of service level performance (SLA) which used in this way gives us early warning of potential performance degradation, even before the customer notifies us, increasing the proactivity of our operational teams.

This, combined with business process modeling, will allow us to quickly classify affected services and identify hotspots or common cause elements to ensure that the most critical issues are addressed first.Active and passive monitoring are necessary to obtain a complete picture.

Active monitoring should be used to provide visibility of service level performance (SLA) which used in this way gives us early warning of potential performance degradation, even before the customer notifies us, increasing the proactivity of our operational teams.

This combined with business process modeling, will allow us to quickly classify affected services and identify hotspots or common cause elements to ensure that the most critical issues are addressed first.

 

Conclusion

Using an approach that combines both passive and active monitoring methods offers the highest degree of quality assurance because problems can be detected before they occur or in near real-time, allowing a deep understanding of the root cause of problems.

Do you want to use a single monitoring tool?

WOCU will allow you to service hundreds of customers and monitor thousands of devices centrally.

Request a Custom Demo.