Azure Monitor Baseline Alerts
Download AlertsGlossaryGitHubGitHub IssuesToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Azure application delivery network monitoring

Overview

Azure network is a complex and dynamic system that connects your cloud resources and applications. It is crucial to monitor your Azure network to ensure its availability, reliability, security, and efficiency. Monitoring your Azure network can help you troubleshoot issues, optimize performance, identify bottlenecks, and plan for future growth. Before embarking on designing and deploying Azure Network Monitoring, It`s important to familiarize yourself with the necessary Azure services and tools. These include:

  • Azure Monitor: This service provides comprehensive solutions for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. Additionally, this service provides an integrated management environment that includes Metrics, Insights, and Log Analytics workspaces.
  • Azure Log Analytics workspace: Part of Azure monitor, it collects and analyzes data generated by resources in your cloud and on-premises environments.
  • Azure Network watcher: Offers network performance monitoring, diagnostic tools, and insights into your network in both Azure and on-premises.
  • Azure Automation or Logic Apps: Helps in automating repetitive tasks that are critical for network monitoring and management.
  • Azure security center (Optional): For security management and threat protection.

There are a number of use cases which would requires network monitoring but the following use cases major requirements.

Performance monitoring: Increasing the performance or optimizing the performance of application network means adjusting levers such as response time optimization, increasing throughput, enhancing network efficiency, minimizing packet loss and ensuring availability of network for mission critical application.

Response time Monitoring: Response time optimization aims to reduce bottlenecks between Virtual machines and appliances. Response time optimization also reduces latency through location-based traffic analysis.

Throughput Monitoring: Throughput significantly affects performance when the right services are not configured for the right amount of data transfer. Features such as accelerated networking in Azure increase.

Monitoring packet losses: Packet loss is the loss or drop of network packets during transmission, which affects performance, latency, and reliability. Packet loss can have various causes, such as congestion, hardware, settings, or attacks. Isolating the networks into their own segments, applying security and reliability best practices would eliminate the causation of packet losses and increases performance of Azure network. Virtual Network can help prevent packet loss by enabling features such as network security groups, user-defined routes, virtual network peering, and service endpoints

Availability monitoring: Availability is the measure of how reliably a service or resource is accessible and functional. Availability can be affected by factors such as network failures, configuration errors, or planned maintenance. To monitor the availability of your Azure network, you can use features such as:

  • Service level agreements (SLAs): SLAs are contractual commitments that define the expected performance and availability of a service or resource. Azure provides SLAs for various network services, such as Virtual Network, ExpressRoute, VPN Gateway, and Load Balancer. You can compare the actual performance and availability of your network with the SLA targets and report any discrepancies or issues to Azure support.
  • Azure Service Health: Azure Service Health is a dashboard that provides you with the current and historical status of your Azure services and regions. It also notifies you of any planned maintenance or service issues that may affect your network. You can use Azure Service Health to monitor the health and availability of your network services and resources across Azure regions.
  • Network Performance Monitor (NPM): NPM is a service that helps you monitor and diagnose network performance issues between your Azure resources and on-premises locations. It provides you with metrics such as network latency, packet loss, topology, and routing. You can use NPM to monitor the availability and performance of your network connections, such as ExpressRoute, VPN, or hybrid cloud scenarios.

Network Monitoring tools

Azure Monitor

Azure Monitor is a comprehensive service that collects, analyzes, and visualizes data from your Azure resources and applications. It provides you with metrics, logs, alerts, dashboards, and insights that can help you monitor the health and performance of your Azure network. Some of the advantages of using Azure Monitor are:

  • It supports various types of data sources, such as azure resources, guest operating systems, custom applications, and external services.
  • It integrates with other Azure services, such as Azure Security Center, Azure Sentinel, Azure Advisor, and Azure Service Health.
  • It allows you to create custom queries, alerts, dashboards, and reports using Azure Data Explorer, Azure Log Analytics, and Azure Application Insights.
  • It enables you to automate actions and workflows using Azure Logic Apps, Azure Functions, and Azure Automation.

To use Azure Monitor, you need to enable the diagnostic settings for your Azure network resources, such as virtual networks, network security groups, load balancers, application gateways, and azure front door. You can configure the diagnostic settings to send the data to a storage account, an event hub, or a log analytics workspace. You can also use the Azure Monitor agent to collect additional data from your virtual machines and containers.

Network Watcher

Network Watcher is a service that provides network monitoring and diagnostic capabilities for your Azure network. It helps you to troubleshoot network connectivity issues, analyze network traffic, and verify network security. Some of the features of Network Watcher are:

  • Connection monitor: It allows you to monitor the connectivity and latency between your Azure resources, such as virtual machines, virtual networks, and application gateways. You can create tests to check the availability and performance of your network endpoints and receive alerts when there are failures or degradation.
  • Network performance monitor: It allows you to monitor the network performance and reliability of your hybrid and multi-cloud environments. You can create network performance groups to define the source and destination endpoints and monitor the network metrics, such as loss, latency, and jitter. You can also view the network topology and hop-by-hop route details.
  • Traffic analytics: It allows you to analyze the network traffic and flow data from your Azure network resources. You can use traffic analytics to identify the traffic patterns, trends, and anomalies, as well as the sources, destinations, and protocols of your network traffic. You can also use traffic analytics to optimize your network bandwidth, security, and configuration.
  • IP flow verify: It allows you to verify the IP flow from a virtual machine to a destination IP address and port. You can use IP flow verify to check if the network security group rules are allowing or denying the traffic, as well as the direction and state of the traffic.
  • Next hop: It allows you to determine the next hop for packets from a virtual machine to a destination IP address. You can use the next hop to troubleshoot routing issues and verify the routing configuration.
  • Packet capture: It allows you to capture packets from a virtual machine and store them in a storage account or file. You can use packet capture to analyze the network traffic and diagnose network issues.
  • NSG flow logs: It allows you to record the network security group rules that are applied to the network interfaces and subnets. You can use NSG flow logs to audit the network security and compliance, as well as to troubleshoot network connectivity and performance issues. To use Network Watcher, you need to enable the service for your Azure regions and register your network resources. You can access Network Watcher from the Azure portal, Azure CLI, Azure PowerShell, or REST API.

Other Tools and Features

Besides Azure Monitor and Network Watcher, there are other tools and features that you can use to monitor your Azure network, such as:

  • Azure Service Health: It provides you with the status and updates of your Azure services and regions. You can use Azure Service Health to check the health of your Azure network and receive notifications and guidance when there are service issues or planned maintenance.
  • Azure Network Insights: It provides you with the network topology and dependencies of your Azure resources. You can use Azure Network Insights to visualize and explore your network configuration and connectivity, as well as to identify and resolve network issues.
  • Azure Network Security Group Analytics: It provides you with the network security group rules and traffic analysis of your Azure network. You can use Azure Network Security Group Analytics to optimize your network security and performance, as well as to detect and prevent network threats.
  • Azure Advisor: It provides you with the best practices and recommendations to optimize your Azure resources and services. You can use Azure Advisor to improve your network security, performance, reliability, and cost. These tools and features are available from the Azure portal, Azure CLI, Azure PowerShell, or REST API.