Using Amazon CloudWatch Network Monitor - Amazon CloudWatch
Network Monitor Key featuresTerminology and componentsLimitations and requirements
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using Amazon CloudWatch Network Monitor

Amazon CloudWatch Network Monitor provides visibility into the performance of the network connecting your Amazon hosted applications to your on-premises destinations, and allows you to identify the source of any network performance degradation within minutes. Network Monitor is fully managed by Amazon. Therefore, you don't need to install additional agents to monitor your network performance. You can quickly visualize packet loss and latency of your hybrid network connections, set alerts and thresholds, and then take action to improve your end users’ network experience.

Network Monitor is intended for network operators and application developers who want real-time insights into network performance.

Key features

  • Use Network Monitor to benchmark your changing hybrid network environment with continuous real-time packet loss and latency metrics.

  • When you connect by using Amazon Direct Connect, Network Monitor rapidly diagnoses network degradation by writing the Amazon Network Health Indicator (NHI) to your Amazon CloudWatch account. The NHI metric provides a probabilistic score to determine if the network degradation was within Amazon.

  • Network Monitor provides a fully-managed agent approach to monitoring, so you don’t need to install agents either on VPCs or on-premises. To get started, you just need to specify a VPC subnet and an on-premises IP address.

  • Network Monitor publishes metrics to CloudWatch Metrics. You can create dashboards to view your metrics, and also create actionable thresholds and alarms on the metrics that are specific to your application.

For more details, see How Amazon CloudWatch Network Monitor works.

Network Monitor terminology and components

  • Monitor — A monitor displays the resources that you can view network performance and availability measurements for, and that you want to get health event alerts about. When you create a monitor for an application, you add an Amazon hosted resource as the network source. Network Monitor then creates a list of all possible probes between the Amazon hosted resource and your destination IP addresses.

  • Probes — A probe is the traffic that's sent from the Amazon hosted resource to your on-premises destination IP address. Network Monitor metrics are written into your CloudWatch account for every probe that's configured in a monitor.

  • Amazon network source — An Amazon network source is a monitor probe's originating Amazon source, which is a subnet in one of your VPCs.

  • Destination — A destination is the target in your on-premises network for the Amazon network source. A destination is a combination of your on-premises IP addresses, network protocols, ports, and network packet size. IPv4 and IPv6 addresses are both supported.

Network Monitor limitations and requirements

  • Network Monitor supports a maximum of four destination IP addresses, and up to 24 probes per monitor.

  • You can have up to 100 monitors per Region per account.

  • Monitor subnets must be owned by the same account as the monitor.

  • Network Monitor doesn't provide automatic network failover in the event of an Amazon network issue.

  • There's a charge for each probe that you create. For pricing details, see Pricing for Amazon CloudWatch Network Monitor.