Real-time Remote Monitoring and Security System for a Local Area Network Environment

This study evaluated the monitoring and security requirements of local area networks for the development of an effective monitoring software through literal study and prototyping. The objective is to compare the performance of the developed prototype to the performance of prevailing proprietary counterparts. A survey questionnaire was used to gather data from the two different groups of respondents; the technical people from the industry (referred to as the Management Information System group) and the technical people from the education sector (referred to as the outside group). Two sets of evaluations were also conducted; the first set involved only the Management Information System group. They were asked to evaluate the Real-time Remote Monitoring System in comparison with an existing software counterpart. The second set involved both groups, they were asked to both evaluate the Real-time Remote Monitoring System in terms of usability, capability, user-friendliness, and effectiveness. Statistical tools applied to responses gathered include mean, frequency distribution, variances, and t-test. Results of the statistical analysis showed that the developed software provided satisfactory monitoring and control capability as compared with the existing systems. The developed software is recommended for use in the Management Information System department to monitor workstation activity and to implement remote control functions either for security purposes or for emergency repair or technical support.


Introduction
Nowadays, computer networks have become a necessity for any business entity.
Enterprises employ networks not only to ensure fast and efficient movement and processing of data and information but also to strategically improve services and productivity. In this regard, networks are considered vital business resources and therefore require strict protection from entities that benefit from them.
An effective network protection strategy requires constant monitoring of workstations as well as full administrative control to ensure its smooth operation. In this context, the term monitoring denotes functions such as determining installed software, identifying unauthorized processes, and detecting inactivity of a given workstation as well as identifying illegal activities that commonly contribute to the breakdown or hampering of a network's operation. Controlling workstations on the other hand pertains to the administrator's ability to police each workstation accordingly, deleting unauthorized software, shutting down inactive nodes to maximize bandwidth, and ending unwanted processes that consume valuable resources.
Workstation monitoring and control are important because their efficiency or nonefficiency directly affects the overall performance of a network. The benefits of being able to proactively monitor workstations in a given environment are quite high. It not only allows administrators to identify possible sources of the problem, diagnose and fix them at an early stage, it also increases reliability and enables users to accomplish more work effectively.
Many technologies with their corresponding products capable of achieving the abovestated requirements are available in the market. However, these products are not only expensive due to proprietary licenses, they are also most often complex and not flexible to meet enterprise demands.
The goal of this study is to develop a customized system that would monitor the activities of workstations in a Local Area Network environment and to compare its' efficiency with prevailing systems. The main disadvantage of prevailing systems is the complexity that comes with them, due to this, most prevailing systems are not able to support

│
According to Wong (2021), network monitoring is the process or function of the information collected in network management. Applications for network monitoring are developed in order to gather useful data from different parts of the network for managing and controlling the network. Most of the devices in the network are remotely located and sometimes these devices are directly attached connected to the network. That is the reason why network management techniques are developed in order to check the network status easily. As the network becoming big and more devices are connected to it more techniques are maximized in order to monitor it completely.
The applications for network monitoring are created to effectively check the network status in order to control the network fully, gives economical and excellent quality services.
Network monitoring has three main goals such as fault, account, and performance monitoring. Two functional areas are not interconnected to network management such as security and configuration management. Performance monitoring is about the evaluation of network performance. It is composed of three important features such as: locating the recent problems in the network and useful for benchmarking in terms of network expansion. It also covers the performance time frame in order to create a model for the behavior of the network.
Last is the selection of the measure or metrics to evaluate the network. The items or variables to measure the network is called network indicators or attributes such as circuit availability, availability of the node, blocking factor, and response time (Wong, 2021).

b. LAN monitoring
The tool to monitor the performance of the Local Area Network (LAN) allows the network administrator to see all the connected devices to the LAN. This includes all the computers, servers, routers, printers, etc. If there is LAN monitoring there will be notifications that will be sent by the system when something goes wrong on the network. If the printer goes offline then there will be an alert from the system. LAN monitoring will help the administrator or the management to make decisions with regard to the investment in IT infrastructure. If there is no LAN monitoring tool it needs more time to troubleshoot or there will be no warning if the system is not working properly (Dnsstuff, 2021]. If there is no LAN monitoring, anytime problem may happen in the server, switch, or router. If there is LAN monitoring failures can be prevented from happening or escalating. Having LAN monitoring tools is a proactive approach that is useful for any organization or business. If there is LAN monitoring, the control over the network increase. The business owner or the organization can get information and metrics that can be useful for the strategies and approach to the IT network infrastructure. The processes will become automated, easier, and less time needed to maintain the network (Dnsstuff, 2021).
Remote monitoring in the field of IT is to check the performance of the network or the corporate or business servers remotely. It is a kind of tool that allows the user to give end-user real-time monitoring and securing the network remotely. Using this tool the network administrator can observe and detect any complexities on the network before it will create an impact on the system. This is to make and address the problems or issues faster to avoid any negative impact on the system. The tool will give auditing and security features that will allow the network administrator to gives solutions remotely in line with the available standards on the network (Application performance management, 2021).

c. Remote monitoring
From the year 1970 to the present time, the rise of the software in the market started and technology evolved that remote monitoring is available on a wired and wireless network (Application performance management, 2021). It is not only focusing on the security remotely and monitor on the central location. The trend also included the movement of the connections of the network and the approach is more flexible like having a Remote Video Response Center.
As a fundamental procedure of network security measurement, network data collection executes real-time network monitoring, supports network performance evaluation, assists network billing, and helps traffic testing and filtering. Thus, it plays a crucial and essential role in dealing with network intrusion detection and unwanted traffic control (Zhou, Yan, Fu, & Yao, 2018). There must be agents install on the network to monitor all the devices attached to the network remotely to gather, compile and report all the data coming in the network. All these agents are using techniques like SNMP, system logs, and pings for collecting information about the statistics and performance of all the connected devices. All the attached devices must be manually configured and it will perform automatically and the report will go to the IT Department (Hein, 2020).
To guaranty that network can provide normal services, it is necessary to monitor the running state of network servers for its core status in the network (Wang et al, 2008). To reinforce the control of the network information and guarantee the security of the content promulgated on networks, Wang et.al (2009) proposes a content-based network monitoring system that can monitor the LANs and keep the security of the content on networks effectively. It was also proposed that reliability mapping monitoring method for network architecture is used (Zhang, et al, 2018). The function of the virtual network configuration information is obtained through the virtual subnet configuration module. The virtual transmission module is used to connect the functional modules in the network virtualization system, obtain an overall mapping, and send a request to create a virtual subnet mapping.
If the IT engineers will monitor the network remotely it will be easier for them and there is no physical interaction on the premises or the location of the hardware particularly this Covid 19 times and many are working from home. If the application for network monitoring installs in the device, the platform can easily recognize it anywhere allowing the IT engineers to reconfigure it to fix if there is any problem or network issues. This can save the time and money of the company and increase the productivity of the team by reducing the time needed to solve the network performance problem (Hein, 2020). Chirandi, et.al (2012)  In another study, Hu, X, et al (2021) used trident, a novel monitoring approach to offpath configurable streaming, which offers remote analyzers a fine-grained holistic view of the network traffic. A novel fast-path packet classification algorithm and a corresponding │ 7 cached flow form are also proposed to improve monitoring efficiency. Evaluated in a practical deployment, Trident demonstrates negligible interference with forwarding and requires no additional software dependencies. Trident has been deployed in production networks of several Tier-IV data centers.

Related Studies
In the study of Sadiki et.al. (2018), intelligent sensors to implement real-time monitoring of industrial equipment and transmit the information to the maintenance team of the company were used. It used WSN application that is flexible, customizable features in accordance with the requirement of the users and low cost. The application approach for the implementation of real-time monitoring is the acquisition of data, then store it on the central hub for analysis. In this way, the maintenance team can do immediate actions and measures if there is an unlikely event that may happen in the machines.
A "Mobile-Based LAN Control" was developed by Aleena et al (2017) to monitor and control the Local Area Network using a wireless device from any location irrespective of the distance. The administrator used an application on the Smartphone with Graphical User Interface in order to send the command to the server easily. Then the server will do the checking for the security and after the recognition, the administrator can perform what are the tasks needed to control and monitor the LAN. Through the application on the Smartphone and the command of the administrator the server can send the task to the client PC and can perform tasks such as: deleting the file, killing the process, starting the process, creation of process list, etc. Guo, et.al (2019)  An optimal algorithm was designed with the partition and rank (PAR) scheme when the local events are independent; whereas, when they are dependent, we show that the problem is NPcomplete and develop two efficient heuristics: the PAR for dependent events (PAR-D) and adaptive (Ada) algorithms, which adapt well to changing network conditions and outperform the current state of the art techniques in terms of communication cost. Liu, et al. (2011) designed and implemented a campus environment IPV6 network information monitoring system. The system is divided into packet capture, analysis, and preservation, the query and statistics, management of four parts. Wang, et al. (2013) studied the network of substation, which represents the distribution of state monitoring equipment in the substation, as a complex network. It was found that the monitoring system communication network connected by the wireless sensor network is a small-world network and characterized by a Poisson distribution. The simulation result shows that the state monitoring network exhibited a small world behavior. Hirano, et al. (2009) studied that TCP uplink flow over wireless LANs is well known to cause two serious throughput-unfairness issues. The first is TCP throughput unfairness among uplink flows. The second is the unfairness between uplink and downlink flows. They proposed a simple and scalable traffic control method that can easily be applied. The main idea was for access points to discard TCP uplink packets, with the discard probability determined based on downlink buffer occupancy. Simulation results showed that the proposed method can improve two kinds of fairness with small degradation of aggregated throughput due to the intentional uplink packet discard. hosts and servers on LCD. In remote mode, the controller sends an alert e-mail or a SMS to the predefined e-mail addresses or GSM phones in two ways: through GSM modem or GSM phone connected to RS232 interface and through SMTP server and e-mail to SMS gateway.
If the monitored network is not connected to the Internet only the former method can be used. After an authorized CGI request users can see network status and reboot up to eight hosts if necessary 3. Methodology

Research design
This study involved both descriptive and developmental research. It was descriptive because it aimed to describe the characteristics of monitoring software based on underlying protocols used. Being descriptive research, its main objective was to identify and describe the functions and operations of monitoring software utilizing client-server communication protocol. To demonstrate these functions and operations, this study included the development of a prototype monitoring software. It was in this stage (prototype development) where this study took on its developmental characteristics. Prototyping was employed in developing the application and methodical directions for design as well as the evaluation was used in the course of development. (Buchenau, M., & Fulton Suri, J., 2000).
This study was conducted in five different phases: a. Network problem identification and validation; b. Conceptualization of a viable solution to the problem identified; c. Development of the prototype software; that will demonstrate the proposed solution; d. Implementation; e. Evaluation of the prototype's performance.

a. Problem Identification
In this phase, a study of computer network systems, as well as interviews with key people involved in maintaining local area networks, was conducted. This phase also involved the conduct of searches for books, magazines, articles, and Internet resources describing network communication technology and current software/hardware that could be applied to workstation monitoring. Specific pieces of information gathered from these resources were used to identify and understand possible problems in network communication.
When the problem had been thoroughly identified, the researchers conducted interviews with network administrators and technical support persons to validate the criticality of the problem. The researchers also conducted tests on MAN sized computer structures. Interviews with network administrators were also conducted to gather first-hand information. The interviews, as well as results of the test conducted in this phase, determined the criticality of the problem.

b. Conceptualization of Solution
During this phase the researchers already have initial ideas as to how the problem may be solved, these ideas however still need to be organized. To do this, the researchers again searched for information, this time regarding application architecture. The use of the Internet as a major source of information was maximized for this purpose; after substantial documents and data to support system design have been gathered, a suitable communication protocol, as well as application framework, was selected to serve as a basis for developing the prototype software that will provide the solution to the identified network problem.
Following is a discussion of the communication protocol developed.

c. Communication Protocol
The most common model for communication over the Internet today is client/server, where there is a client that knows how to request information to a server, and the server knows how to respond to requests from the client. In this setup, the administrator can send requests for workstation status (we refer to these data as "status request") from workstations through client software. The server software installed on each workstation listens for these requests and responds by sending the requested information, these information are referred to as "status data" (Bjelica & Simić Pesović, 2017).
In this model of communication, the server cannot arbitrarily contact the client (note that two different programs are involved here, the client program installed in the server computer and the server program installed in the client computer). The client always initiates the "conversation" and the server software is limited only to responding to "status request" received. As a result, the primary server is the only authorized node in the network allowed to monitor other workstations within its immediate horizon. By adopting this model, a monitoring system can be developed that is able to query the status of each node connected to it. Theoretically, a four-way step is needed to accomplish this.
The primary server sends "status request" to domain servers directly connected to it, this connection may be through a dedicated line, dial-up, or wireless connection; Once the domain servers receive the request it determines whether the request is for its status or the status of one of the workstations connected to it. If the request is for one of its workstations, the domain server forwards the status request to the appropriate workstation in its domain; Workstations receiving "status request" responds by providing the requested data to their respective domain servers; Domain servers receiving "status data" response from workstations then relay the "status data" to the primary server.

Conceptualization of solution includes the following tasks:
 Categorizing communication functions as either belonging to a server or client agent;  Providing appropriate terminologies/naming things;  Developing a diagram of the customized protocol.

d. Software Development
Prototype methodology was employed in developing the model software. In the initial phase of the development, requirements and specifications for the software were listed down based on information gathered from reviewed materials and literature. These requirements and specifications were used as a basis in the Design Concept. Once all the requirements are outlined and initial designs are laid out, developments of the software source codes can be started. Modular programming was adopted in the development of the source code.
After the source code has been written and compiled, the next step was testing the modules to see if it functions properly. A step-through process in each line of code was also conducted to pinpoint possible errors occurring. This process is known as debugging and is handled by a special program known as a debugger.

│
After all, modules have been developed, functional testing of the application was conducted. In this phase, all the modules are fitted to form one big application. Each module was again tested to see how it reacts with each other's functions. A return to the design conceptualization phase is triggered when a particular module fails to function accordingly based on requirements.

Code development was performed on a standard PC running a Microsoft Windows
Operating System using VB .NET programming language.

e. Implementation
To produce pragmatic results, the application was pilot-tested on a real network environment. Since the problem being addressed was present only on a LAN setup, another pre-requisite in pilot testing was that the network environment to be used must at least be a group of computers comprising a LAN. The true performance and capacity of the software could only be measured in such a setting.

Respondents of the Study
To come up with a definite answer to the problems presented in the previous section, two different evaluation schemes were conducted involving two different groups. The first involved a single group, the MIS group, evaluating two monitoring software (The prototype and commercial software) with regard to effectiveness. The other involved two groups (the MIS group and the educator's group) evaluating the prototype software. Evaluations of the MIS group on the two software were compared. Evaluation of the MIS group and the educator's group on the prototype software was also compared to come up with a response to problem number three and the second hypothesis.
The procedure used to network test and evaluate the prototype software are as follows: Step 1: The software was installed on the primary server located at the MIS department as well as on the different domain servers of the network. Workstations connected to each server will then be installed with the peer agents.
Step 2: Features of the system were explained to the users as well as known limitations. The users were allowed to explore the system on their own.
Step 3: The prototype software was regularly enhanced in response to user requests.
Significant new features were added in order to meet the requirements of users.

│ 13
Step 4: Information was gathered from all the users. Each staff involved in the test was given a questionnaire and was asked to evaluate the prototype software by providing a specific rating on questions presented.
Step 5: The same group of users was given the same set of questionnaires. The entire process was repeated, only this time the users were asked to evaluate a commercial-based monitoring application.
For the educator's group evaluation, the same procedure was applied, only this time each respondent was given only a limited time to handle the system. Questions asked by each respondent however were conscientiously answered and/or clarified to ensure that they understood the purpose, nature, and functions of each feature of the prototype software.

Research Instruments Used
The questionnaire used was concerned only with four criteria for evaluation, these were: (1) Usability, (2) Capability, (3) Interface-design, and (4) Effectiveness.
For this purpose, questions included in the Computer System Usability Questionnaire (CSUQ) developed by James R. Lewis were adopted with minor revisions to meet the requirements of this study.

Statistical Tools Used
The data gathered from respondents were analyzed and interpreted using the following procedures. For the computational purpose, each user response was given a numeric equivalent as follows: Strongly Agree (SA) = 5; Agree (A) = 4; Uncertain (U) = 3; Disagree (D) = 2; Strongly Disagree (SD) = 1.
The mean for the respondent's equivalent set of responses for each question was determined.
Standard Deviation for each data set was also computed to determine how tightly all the data are clustered around the mean.
T-test was used to test the null hypothesis. System with an above satisfactory rating for all items in each category, with a mean of above or equal to 4. This indicates the usability of the system as well as the adequateness of its capability and user-friendliness. A very low standard deviation (SD) for each item indicates respondent's consistency in their rating. Table 3 summarizes the MIS group's evaluation of the prevailing system. The same with Real-time Remote Monitoring and Security, an above satisfactory rating for all items can be observed in each category, with a mean of above or equal to 4. Some inconsistency is observable with items 7, 8, and 9 where the standard deviation is high. This is attributed to the complex structure of the prevailing system due to its numerous functions.

System and Prevailing System
In the light of the preceding analysis, the following table summarizes evaluation results between the MIS group's evaluation of Real-time Remote Monitoring and Security

│ 17
System and the prevailing system. With degrees of freedom set to 14 and alpha set to <0.05, the tabular critical value of t is 2.150. The t-test for all the items produced a value less than the critical item. This means that there is no significant difference in the evaluation of the two systems with regards to (1) Usability, (2) Capability, (3) User-Friendliness, and (4) Effectiveness.

Discussion
The analysis and interpretation of data came up with the following findings relative to the problems: On the significant difference between the effectiveness of the developed software and the prevailing systems based on the assessment of technical users.
T-test results on the responses provided by the Management Information System's group on the effectiveness of Real-time Remote Monitoring and Security System as compared with an existing system clearly show that there is no significant difference between the effectiveness of the two systems. The only significant difference occurred in responses to the last question. This significant difference however is acceptable since question number 17 refers to the application's capability to monitor workstations beyond the scope of Local Area Networks. Since the prevailing system used in the experiment is designed for WANs and the Real-time Remote Monitoring and Security System is designed only to work on LANs this result is expected as it is. This also clearly demonstrates the technical aptitude of the MIS staff that evaluated the two software.
On the significant difference between the assessment of Network administrators and other outside group based on the following criteria: (a) Usability, (b) Capability, and (c)

Interface design
Results of the test of comparison between the means obtained from all the indicators of the MIS group and the outside group showed that all the computed t-values obtained from all indicators except in question number 4, 9, 12, 14, and 17 are less than the critical value of t (2.120) with 16 degrees of freedom. These significant differences however, are geared towards the positive side and results out of the outside group's over-estimate of Real-time Remote Monitoring and Security system's capabilities. Notwithstanding, the null hypothesis," There is no significant difference between the assessment of different user groups on the system based on usability, capability, and interface design." is accepted.

Conclusion
The study aimed to compare the performance of the developed software called "Real-