iNetmon is a software application that can run on any workstation/client connected to the network. It performs data collection and analyzes the data .
The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems and that notifies the network administrator in case of outages via email, pager or other alarms. Network monitoring can be divided into passive and active monitoring. iNetmon falls under the passive category.
A technique used to capture traffic from a network by generating a copy of that traffic, often from a mirror port or via a network tap.
Once the data (a stream of frames or packets) has been extracted, it can be used in many ways.
iNetmon Analyzer need to position before NAT in order to monitor the individual node traffic within the network.
Abnormal or Suspicious Attack iNetmon allows you to view and sense any abnormal activities or suspicious attack on your network. E.g. Application Monitoring console allows you to see what services and the amount of traffic running on your network. Intrusion Detection Detecting possible intrusions from both within or externally would be an ease with iNetmon. Data Forensic iNetmon allows users to analyze packet by packet on a real time basis. This ability would prove vital when users are doing troubleshooting activities. Critical node monitoring Monitoring of critical nodes such as servers or core devices are important as they are the heart and center of any computer networks. Network administrators would want to know constantly their critical nodes’ health status. IPv6 Monitoring The ability to monitor and troubleshoot IPv6 traffic would be critical and valuable as IPv6 is the next generation of networks. The migration from IPv4 to IPv6 based networks would be a challenge for all. DOS attack DOS or DDOS attacks would be able to cripple a network easily. Thus it is essential that the source or mitigation processes be executed quickly. iNetmon would be able to assist network administrators in this area. Massive Downloading Massive downloading and file transferring are among the main reasons for networks to “slow” down. The act of identifying and tracing the source of the traffic proves to be one of the trickiest problem faced by network administrators. TCP session for virus attack Border line defences and host based solutions might not be the total solution to network security as viruses might still be able to breach into your network. Once a virus infection occurs on your network, the best solution is to disconnect the infected node. Port Scanning Initial act of intrusion or virus attack would be port scanning. Thus it is essential to kill the problem at its roots. Prompt identification of the problem source would save a lot of trouble and financial cost. Continuous Complimentary Monitoring Mechanism (C2M2) C2M2 defines the complimentary feedback mechanism that need to be implemented in every computer networks as it provides the extra security and ease of network maintenance for every network administrator. iNetmon inherits C2M2 feedback mechanism that compliments the existing border defense system such as firewall, url filtering, IDS and Anti-Virus to address the internal threats.
Unable to protect your network from viruses and intruders, Unable to receive and send e-mails, Unable to share printer, Unable to transfer data, Incomplete database transaction, ... the list goes on ...
Passive Approach Real time – packets decoded on the fly Stealth – undetectable Transparent - do not affect daily operation Zero overhead – no traffic generated Total visibility – see all traffics Secure – compare to SNMP & RMON
Provides real time network traffic monitor and to help diagnose, maintain and troubleshoot network problems.
The enterprise network can be monitored using our remote monitoring features. Placing agents in each individual segment within the whole enterprise network and use the iNetmon Manager to monitor these agents remotely. For monitoring the hub segment the user will not have much issue connecting the agent directly to the switch, which allows the user to monitor the whole hub segment. As for the switch segments the passive monitoring methodology has some restrictions to monitor the whole segment. In order to monitor the whole segment each individual port needs to be mirrored to one particular port that is connected to iNetmon Network Analyzer (Remote Agent). This feature will only be available in the layer 2 and above type of switches. Alternatively these issues can be addressed differently especially in the circumstances monitoring the internet gateway by placing the hub prior to the main switch for the LAN segment.
It is used on a network switch to send a copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port.
It is a hardware device which provides a way to access the data flowing across a computer network. Computer networks, including the Internet, are collections of devices, such as computers, routers, and switches, that are connected to each other.
When your machine is plugged into a mirror port / a network tap, it will be able to receive a copy of packets from all the ports of a network switch.
- WinPcap 4.0 or above. Can be downloaded from http://www.winpcap.org/install/default.htm
- Java Runtime Environment (JRE) 1.5 or above. Can be downloaded from
- Matlab Runtime Component (MCR) 7.0. Must be downloaded from
iNet-Enterprise is a multiplatform solution. It is able to run on Windows, Linux and Mac OS. Furthermore it can run on both 32bit and 64bit architecture.
Viruses are different from worms.It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
In average, during real-time (per second) the bandwidth usage is less than 1KB per session (each time iNet-Segment / iNet-Console communicates with the server). During historical (per minute) the bandwidth usage is around 2KB.
Yes it can. However, Winpcap must be installed on the machine.
A headless application is an application which runs in the background without any GUI. Up to date, we only support headless version for iNet-Segment.
SPECIFIC COMPONENT (iNet-Console)
- You need to create an email account (it has to be email.monitoring) at your email server domain. Example:
iNet-Segment needs to be installed in a machine which equipped with WLAN card. The WLAN connection has to be enabled but not necessarily has to be connected to any networks.
- The alerts will be sent through iNet-Segment using our email server iNetmon.com.
- The ports that are used are 25, 465, 587. Make sure you allow one of these ports in your network security appliances (i.e. the firewall).
- This also might show that there is no anomalies or rules being violated in your network.
SPECIFIC COMPONENT (iNet-Server)
You need to ensure that MATLAB Runtime Component (MCR) is installed in the machine where iNet-Server is running. The path also need to be set correctly in the environment variables. Please refer to iNet-Enterprise installation manual for setting the path.
- There is no size limit for any email account, so this is very
unlikely to happen. Furthermore, the email alert only contains texts
(small in size).
- Worst case, to avoid the email server to run out of space, user can just use an email client (e.g. Thunderbird) which checks (downloads) any new email automatically and deletes the original email on the server.
There are two types of alerting in iNet-Enterprise, which are:
- Single mode: which sends the alert every 15 minute
- Compilation mode: which sends the alert every 24 hours.
iNet-Server rely on MySQL backup function to perform the backup and clean feature.
Standard installation of MySQL should automatically set the path for you. However, we have find numerous cases that the path is not set properly.
In windows, go to 'System Properties' then 'Advanced' then choose 'environment variables'. Add the full path of the MySQL bin folder into the the 'path' variable.
In Linux or Mac, depending on the shell you're using, set the path accorddingly.
If you need help on this matter, do not hesitate to contact our support team at
SPECIFIC COMPONENT (iNet-Segment)
You need to run the application as administrator. This is required when you run the application in Windows Vista / Windows 7 or Linux environment.
SPECIFIC COMPONENT (iNet-Portable)
iNet-Portable is a portable version of all in network monitoring suite which monitors the network where it is plug into. It is targetted for smaller network and a must have tools for network administrator to go around the network troubleshooting problems.
No, iNet-Portable is passive network monitoring tool
You can look at the network utilization view and also the top user usage statistic to see who is the top user that use up the bandwidth
Before start monitoring, select the adaptor (network interface card) that you are connected to the network and enable promiscuous mode. Keep in mind that you need to run the software with administrator priviledge in Windows Vista, Windows 7, Mac OS X, and Linux.
Yes, iNet-Portable supports IPv6 (The Next Generation Internet Protocol)
Error and Status Messages
When I double click the icon, it says: “A Java Runtime Environment (JRE) or Java Development Kit (JDK) must be available in order to run iNet-Console. No Java virtual machine was found after searching the following locations:”?
This error occurs because Java Runtime Environment (JRE) or JDK is not installed. At least Java Runtime Environment (JRE) 1.5 or above is needed to run the application. Can be downloaded from http://www.java.com/en/download/manual.jsp
I double click the icon to launch the software, but the icon only appear briefly in the system tray and then dissapear. What is going on?
This is because one of the required runtime software is not installed. Mostly our users experiencing this issues when WinPcap is not installed.
There are several reasons for this. Follow the following procedures to determine the cause:
The first possible cause is there is no iNet-Segment running on the specified segment ID. It is also possible that the network connectivity in your network was disrupted for more than 1 minute hence iNet-Segment is unable to send information to iNet-Server.
When I click on any of the button, a pop error says “Please Login – You have to login first. Use the Login button to start logging in”
This error occurs because you have not login to the iNet-Server.
This shows that your (iNet-Server / iNet-Portable) license has been expired. You need to purchase the license in order to reuse it. However there is other possibility such as running the product in Windows Vista / Windows 7 without administrator privileges. To solve this issue user should run the application as administrator.
When I try to run iNet-Server, a pop error says “iNet-Server.exe/iNet-Segment.exe/iNet-Portable.exe – Unable To Locate Component” “This application has failed to start because wpcap.dll was not found. Re-installing the application may fix this problem”
This error occurs because Winpcap is not installed. At least WinPcap 4.0 or above is needed. Can be downloaded from http://www.winpcap.org/install/default.htm
There are several possible reasons for this:
- the database setting in change server configuration is not the correct username and password
This error message also occur when iNet-Server is unable to execute a sql query due to the heavy server load or when the network connectivity is not present. However the same query will be resubmitted by the server to ensure that there is no information is lost.
- First you need to install the MCRInstaller
There are several possibilites for this to happen.
Check and make sure the iNet Server is running first.
This error will only show in headless version of iNet-Segment and when the application is unable to locate a library which is used for wireless router monitoring. To fix this, you need to set the path of "spotter.dll" or "spotter.so" in the Environment Variables tab.