[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Network Traffic Analyzers

Posted on 2004-10-08
10
Medium Priority
?
412 Views
Last Modified: 2010-04-10
We are in the process of getting some sort of monitoring/reporting package for our firewalls.  At this point, we aren't sure if we are getting accurate results on the bandwidth.  Add to that, our ISP is claiming that our bandwidth is considerably higher than what we believe it to be (by about 2-3x as much in fact).  The only time our bandwidth was that high was when the big viruses were running rampant over a year ago.

Long story short, what we are wanting to do is drop a hub in between our firewall and our ISP's end point, and put a box on it with the sole purpose of doing network traffic sniffing so that we can get an idea of total bandwidth and what protocols are running over that connection.

Could someone recommend some simple, relatively cheap, but still fairly decent traffic sniffers?  I've looked at E-Eye's Network Traffic Analyzer before, and at this point, its a bit overkill for what we are looking for.  Looking for total traffic flow in both directions, and to be able to break it down by protocols so we can see how much and what traffic is flowing.

Thanks in advance.
0
Comment
Question by:lrees
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 12260464
Try these guys. Fairly accurate and free. If you want more, there is a subscription service available to monitor your ISP.


www.dslreports.com
0
 
LVL 1

Accepted Solution

by:
jacksonps4 earned 400 total points
ID: 12260475
If you're using Linux, tcpdump and ethereal (front-end for tcpdump) are ok and free.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12260504

SNIFFERS/Packet Analyzers
http://www.statscout.com/lanstat.shtml
http://www.etherreal.com  <== free, but limited

LANHOUND:
http://www.sunbelt-software.com/product.cfm?id=925   <== great value for the money

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 5

Assisted Solution

by:netspec01
netspec01 earned 400 total points
ID: 12261366
I don't think you want a protocol analyzer like Sniffer or Ethereal.  These give packet detail and are mostly used for analyzing and troubleshooting in-depth particular problems/connection issues.

What I would recommend is Multi Router Traffic Grapher (MRTG).  This is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of this traffic.  This product is open source and has been around for many years and is quite mature.

http://people.ee.ethz.ch/~oetiker/webtools/mrtg/
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 400 total points
ID: 12261462
I sort of agree with netspec01, but MRTG is sorely limited to providing aggregate bandwidth utilization and CPU utilization. Perfect for monitoring SLA compliance and making sure you really are using what you are getting charged for. What is does not do is give you any visibility of who went where, who the top talkers were, how much bandwidth individuals used, etc. so that you can do anything about it.
A good (free) alternative is NTOP from http://www.ntop.org
Enable Netflow on a router between the firewall and the inside LAN and export the netflow to the ntop application.
0
 

Expert Comment

by:nathan_jardine
ID: 12261573
I would try a product like Solarwinds Orion for bandwidth monitoring.  It is really easy to use and reports bandwidth very accurately.  You can it monitor your firewall or router using the snmp strings.

There is online demo as well as demo copies that you can get.

http://solarwinds.net/Orion/Index.htm
0
 
LVL 5

Expert Comment

by:netspec01
ID: 12261632
MRTG and NTOP are both useful tools.  NTOP will give you a more in-depth look t the protocols/sessions while MRTG is exellent for long term trending.  Here is a description of both from the NTOP site: http://www.ntop.org/ntop.html
0
 
LVL 5

Expert Comment

by:netspec01
ID: 12281161
Do you need any more help or are you ready to close this question?
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question