Using Amazon CloudWatch Network Monitor - Amazon CloudWatch

Using Amazon CloudWatch Network Monitor

Amazon CloudWatch Network Monitor provides visibility into the performance of the network connecting your AWS hosted applications to your on-premises destinations and allows you to identify the source of any network performance degradation within minutes. Network Monitor is fully managed by AWS. Therefore, you won't need to install additional agents to monitor your network performance. You can quickly visualize packet loss and latency of your hybrid network connections, set alerts and thresholds, and then take action to improve your end users’ network experience.

Network Monitor is intended for network operators and application developers who want real-time insights into network performance.

Key features

  • Use Network Monitor to benchmark your changing hybrid network environment with continuous real-time packet loss and latency metrics.

  • When you connect by using AWS Direct Connect, Network Monitor rapidly diagnoses network degradation by writing the AWS Network Health Indicator to your CloudWatch account. This metric provides a probabilistic score to determine if the network degradation was within AWS.

  • Network Monitor provides frictionless monitoring with a fully-managed agent approach, which means that you don’t need to install agents either on VPCs or on-premises. You just need to specify a VPC subnet and an on-premises IP address to get started.

  • Network Monitor publishes metrics to CloudWatch Metrics. You can create dashboards to view your metrics and to create actionable thresholds and alarms on the metrics specific to your application.

For more details, see How Amazon CloudWatch Network Monitor works.

Network Monitor terminology and components

  • Monitor — A monitor shows the resources that you want to view network performance and availability measurements for, and that you want to get health event alerts about. When you create a monitor for an application, you add an AWS hosted resources as the network source. Network Monitor then creates a list of all possible probes between the AWS hosted resources and your destination IP addresses.

  • Probes — A probe is the traffic that's sent from the AWS hosted resource to your on-premises destination IP address. Network Monitor metrics are written into your CloudWatch account for every probe that's configured in a monitor.

  • AWS network source — This is a network monitor probe's originating AWS source, which will be a subnet in any of your VPCs.

  • Destination — This is the target in your on-premises network for the AWS network source. The destination is a combination of your on-premises IP addresses, network protocols, ports, and network packet size. Both IPv4 and IPv6 addresses are supported.

Network Monitor limitations and requirements

  • Network Monitor supports a maximum of four destination IP addresses, and up to 24 probes per monitor.

  • You can have up to 100 monitors per Region per account.

  • Monitor subnets must be owned by the same account as the monitor.

  • Network Monitor doesn't provide automatic network failover in the event of an AWS network issue.

  • There's a charge for each probe that you create. For pricing details, see Pricing.