Azure Monitoring Tools Explained – Part 10: Network Watcher

In the first part of this series, we introduced the confusion and complexity that tends to occur when looking at the long list of monitoring tools available for Azure.

We then provided a list of currently available tools that we will explore further.

We’ve already discussed Azure Activity Logs, Application Insights, Azure Advisor,  Azure Alerts, Azure Diagnostics, Azure Metrics, Azure Monitor, and Azure Security Center (ASC). The next tool on the list is Network Watcher. 

 

Network Watcher

The Network Watcher tool may not be considered an actual monitoring tool, but it can be used in this way (to a limited capacity). In short, it’s a service in Azure that empowers you to monitor and diagnose network issues; whether that is to, from, or in Azure networking; or also provide insights into your Azure networks.

However, from one of the Ignite sessions (specifically the “Gain visibility into network performance and availability with network monitoring solutions in Azure” session), it listed the other existing network-related monitoring tools including: Network Performance Monitor, DNS Analytics, NSG Analytics, and App Gateway Analytics (all of which are Operations Management Suite (OMS) solutions), and how they will roll up into Azure Network Watcher.

Network Watcher - Ignite - Monitoring Roll Up

Network Watcher – Ignite – Monitoring Roll Up

Ultimately, I hope that this will further roll up into Azure Monitor so that monitoring all things are further centralized.

Here is an overview of Azure Network Monitoring: https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

 

Real Word Example

With Azure Network Watcher the real power is in analysis and troubleshooting.

In the real-world, it’s a very helpful tool to be able to troubleshoot connections, packet flows, Network Security Groups (NSGs), etc. So it’s more of a “what’s happening right now” than a “what’s happened in the past” toolset. With that being said, as per the above-referenced Ignite session, a lot of the Operations Management Suite (OMS) network monitoring solutions are being brought into the Network Watcher umbrella (similar to the OMS Security solutions are rolling into Azure Security Center).

So you can use it to dig into IP flow between a source and destination systems…

Network Watcher - IP Flow Verify

Network Watcher – IP Flow Verify

… check what Network Security Groups are applied (either to a VNet/Subnet, or the Virtual Machine’s NIC)…

Network Watcher - Security Group View

Network Watcher – Security Group View

… and connectivity checks between systems, to name a few.

Network Watcher - Connectivity Check

Network Watcher – Connectivity Check

 

Conclusion

To sum up, Network Watcher is not really a “monitoring” tool as we’re used to. But, with the announcements from Ignite, all other network monitoring tools will be brought into Network Watcher as a central pane. So, we will be able to troubleshoot current/live issues, as well as collect and view historic data.

The next tool in our series will be the Operations Management Suite (OMS); also known as Log Analytics.

%d bloggers like this: