We are in the process of getting some sort of monitoring/reporting package for our firewalls. At this point, we aren't sure if we are getting accurate results on the bandwidth. Add to that, our ISP is claiming that our bandwidth is considerably higher than what we believe it to be (by about 2-3x as much in fact). The only time our bandwidth was that high was when the big viruses were running rampant over a year ago.
Long story short, what we are wanting to do is drop a hub in between our firewall and our ISP's end point, and put a box on it with the sole purpose of doing network traffic sniffing so that we can get an idea of total bandwidth and what protocols are running over that connection.
Could someone recommend some simple, relatively cheap, but still fairly decent traffic sniffers? I've looked at E-Eye's Network Traffic Analyzer before, and at this point, its a bit overkill for what we are looking for. Looking for total traffic flow in both directions, and to be able to break it down by protocols so we can see how much and what traffic is flowing.
Thanks in advance.