Solved

Monitor Internet Access

Posted on 2006-11-21
3
155 Views
Last Modified: 2010-03-18
I have a client with 100 workstations on a Windows 2003 domain.  All Internet traffic goes through a PIX Firewall.  Between 10-11:30am their T-1 is maxed, after 11:30am the goes back down to normal usage of about 1/4 the T-1.  Is there a simple/easy way to monitor internet traffic and find out what internal IP address is using all the bandwidth?  I have put monitors on the switches in the building, but that shows total bandwidth including inside file transfers from file servers etc.  

0
Comment
Question by:TriYoung
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17991258
how much money do you want to spend? you can look at a proxy solution
0
 
LVL 9

Accepted Solution

by:
FixingStuff earned 125 total points
ID: 18000360
You could use a packet/protocol analyzer to discover the high bandwidth users by IP.
Try www.ethereal.com it is free and well liked among net admins.
You will also need to setup the packet analyzer on a port that sees all your PIX traffic, in other words, not just any switch port.  You can place a hub in front of your inside interface of the PIX and connect your ethereal machine to the hub, or the more recommended method of a core switch that has port mirroring and connect your ethereal machine to the mirrored port.
I know this is not a real simple/easy way to monitor, but there is no simple/easy way that I know of. Hope this helps.
FS-
0
 

Author Comment

by:TriYoung
ID: 18031002
Thank you for your help, I am goign to try ethereal.  I set it up and it looks like this will do the trick.  Thanks.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
An article on effective troubleshooting
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question