RMON is a method of collecting and analysing information from remote network

elements (NES).
RMON provides the information to determine where to place the boundaries between
collision and broadcast domains, functions provided by LAN switches and routes.
RMON agent attached to a local network element captures information and statistics on
protocols and traffic activity communicates the information back to a central RMON
management console for processing.
RMON is especially critical when managing a switched Lan environment because LAN
segments which previously served many users are now micro segmented. This micro
segmentation creates more segments to manage closer to the user.
RMON LAN troubleshooting can be performed proactively with the engineer using
RMON agents to look for things that are abnormal based on the threshold criteria.
RMON probes can provide a great deal of information on performance of your LAN and
WAN, capturing protocol traffic patterns that enable trending of protocol performance.
RMON can catch utilisation patterns that are exceeding thresholds and alerts the
engineer to take action.
All of these monitoring can be done remotely and thus eliminates the need for on side
LAN managers to watch the LAN performance.

Figure shows a network where remote SNMP devices are monitored through an SNMP
management platform.
An RMON probe is also placed on Ethernet LAN. RMON groups operate at the MAC
layer while newer RMON groups operate at the network layer and above.
RFC 1757 defines 10 RMON groups where each collects information on variables and
sends it back to central management station for analysis.
Statistics: Maintains error and Utilisation statistics for the specific LAN segments being
monitored by RMON agent. E.g.: CRC/alignment, multicast, broadcast.
History: Obtains statistical samples such as packet count, error count and utilisation
and sore them for lateral retrieval.
Alarm: Administration control of sampling interval and threshold for any variable
monitored by RMON agent. E.g.: absolute or relative values, rising/falling thresholds.
Host: Host traffic measurements such as packets or bytes sent and received, errors
etc.
Host Top N: Reporting on Top N Host statistics.
Traffic Matrix: Stores errors and statistics between source and destination nodes on a
network.
Filter: Provides a filter engine for packet recognition.
Event: Time and data stamped logging and printing of events.
Packet Capture: Buffering criteria for packets that match filter criteria.
Token Ring: Configuration and statistical information on source routing and statistics
on a ring.

RMON 2 provides new groups that operate at the network layer and higher. These
group include,
Network Layer and Application Layer Host: Statistics for each network address and
each application layer protocol on the segment of ring, such as packets and bytes
received for Layer 3 traffic an port number of an application respectively.
Network Layer and Application Layer Matrix: Traffic statistics at the network and
application layer protocols between source and destination nodes on a network.
Protocol Directory: User-selectable protocols that are monitored and counted.
Protocol distribution: Table of statistics for each protocol in directory.
User defined History: Sampling of any MIB object monitored by the RMON agent.
Address Mapping: Listing of MAC to network-layer address binding such as with ARP.
Configuration groups: Listing of RMON agent configurations and capabilities.

Today the application of remote monitoring and control extends from fields such as:

 Smart grid
 Structural health monitoring
 Pipeline sensors
 Patient monitoring
 Desktop/server monitoring
SNMP messages for e.g. going across the n/w between a manager and an agent the
tool 'sniffs' every packet that is going across a local area n/w opens it and analyses it. it
is a passive operation and does nothing to packets, which continue to proceed to their
destinations . This is called probing or monitoring the n/w and the device that does the
function is called the network monitoring or the probe. two probe components of a probe
are
1) Physical object that is connected to transmission medium.
2) Processor which analyzes the data
 If both are at same place geographically, it is a local, probe, which is similar to
'sniffs'.
 In case remotely monitoring the n/w using a probe is referred to as remote -
network monitoring or RMON.
RMON:

 It is method of collecting and analyzing information from remote.

 It provides various information regarding packets sends,statistics,alarm and
heavy waves.

First RMON group includes 1) Statistics

2) History
3) Alarm
4) Host
5) Filter
6) Event
7) Token Ring

Remote Monitoring (RMON) is a standard specification that facilitates the monitoring of

network operational activities through the use of remote devices known as monitors or
probes. RMON assists network administrators (NA) with efficient network infrastructure
control and management.
RMON was initially developed to address the issue of remote site and local area
network (LAN) segment management from a centralized location. The RMON standard
specifies a group of functions and statistics that may be exchanged between RMON
compatible network probes and console managers. RMON performs extensive network-
fault detection and provides performance-tuning data .
RMON uses certain network devices, such as servers, and contains network
management applications that serve as clients. RMON controls the network by using its
servers and applications simultaneously. When a network packet is transmitted, RMON
facilitates packet status viewing and provides further information, in the event that a
packet is blocked, terminated or lost.
Benefits of RMON:-
1. You can monitor remote offices wherever they're located.
If your network spans multiple locations, remote server monitoring allows you to
manage devices in every location
2. IT staff in other offices can monitor the network in real time
 If you have IT team members spread out across locations who are responsible
for monitoring network performance, remote access enables those IT staff in
other offices, cities, branches, or even countries to view network performance in
real-time—even if the software server is installed at headquarters.
This means if a device goes down at a remote location, a network guy located there can
troubleshoot without necessarily getting you involved. He also doesn’t have to bother
you to ask what you’re seeing on your end—he can see up-to-date network maps and
metrics for himself.
3.You and your IT staff can be mobile without risking network neglect.
Having remote access to the network means your IT team doesn’t have to be on-site
constantly. If you need to work from the coffee shop or at home, with remote access to
the network you can still see the status of network devices on your laptop or mobile
device. Mobile network monitoring keeps network data at your fingertips so you never
risk outages from lack of access.
1. Access levels can be managed to ensure security.
Some network administrators may balk at the idea of remote access because of
potential security threats to the network. One way to secure the network is to
require encrypted authentication and make sure that every user has to log in the
same way
2. With proper connectivity, you’ll always have access.
The benefits of remote access simply require… access. As long as you have direct
access to the network via VPN connectivity or point to point, you’ll be able to manage
and monitor all the critical devices within your network. Regardless of where you or they
are located.
FCAPS:
It is the ISO telecommunication management network model.FCAPS is acronym for
fault configuration accounting,Performance,Security.
 Configuration Management: Set and change network configuration and
component parameter.
 Fault Management: Detection and isolation of failures of network.
 Performance Management: Monitor performance of network
 Security Management: Authentication,Authorization,Encryption
 Accounting Management: Functional accounting of network usage.