?
Solved

Advice needed on Network Traffic, and WorkStation Monitoring Programs

Posted on 2007-08-10
12
Medium Priority
?
660 Views
Last Modified: 2013-12-23
Hello everyone!

About two months ago, I took over management of an IT department for a small educational development foundation. Since then, I have noticed slowdowns on the network, as well as have caught people using P2P programs, ect.

The last IT Manager for this company relied on the SysLog built into the router, and the Syslog Daemon called Kiwi to monitor network traffic. The router we are using is a Sonicwall TZ170.
Are there any other more effective ways or programs to monitor network traffic to make it easier to find things like Bittorrent, P2P, streaming, or other things that may take up bandwidth on the network? Im using the built in bandwidth monitor that comes with the sonicwall pro firmware, and that seems to be helping a little, but I would love something that runs locally on the PC and can go into detail about our network traffic (like the IP.Hostname of who is using it, and the service).

Our old IT manager also used a program called "Net Monitor for Employees Professional" by Network LookOut to monitor intern/student computers to make sure they were not visiting websites they werent suppose to, and to make sure they were being productive on the PC. The one thing I found about this program is that the client side (Installed on the work stations) seems to be VERY unstable. It would freeze randomly, and not work until the PC is rebooted, or just wouldnt work at all period. When the program actually works, its great. It allows you to take control of peoples PCs in case they are having problems making something work, and also allows a whole mess of other cool stuff. The only thing I saw it missing was a task manager add-on. You can find the feature list here: http://www.networklookout.com/employees_pro.htm
The program right now is way too unstable to use. With the clients crashing every 20 minutes its VERY time consuming to set them up again just to see them crash again after an hour& Does anyone know of a more reliable workstation monitoring program that has all the features of Net Monitor but is a lot more stable?

All our PC's here run Windows XP SP2, and we have all Windows 2003 Standard and one Enterprise server. We run Active Directory, with only one Domain Controller, So it's a pretty normal Small office setup.

Thanks in advance for the help, and best wishes!
- Alex
0
Comment
Question by:DeMiNe0
  • 4
  • 4
  • 2
10 Comments
 
LVL 22

Expert Comment

by:mcsween
ID: 19670278
This requires a license from Sonicwall but Viewpoint is very helpful in creating reports for network traffic.  Of course it only captures traffic that hits the sonicwall but I use it here and love it.

http://www.sonicwall.com/us/6031.html
http://www.sonicwall.com/us/support/3340.html
0
 

Author Comment

by:DeMiNe0
ID: 19670387
I've been thinking of using that to tell who is using alot of bandwidth and getting a general idea of what service it is,, then using etherreal to break it all down.

Any ideas on the net monitor for empoyee's alternative?

Making the Point 500 for this btw. Seems to be a pretty challenging question considering it hasn't been fully answered on EE yet.
0
 
LVL 22

Expert Comment

by:mcsween
ID: 19670559
As far as viewing a remote computer's screen or taking control of a remote computer I use VnC here.  It works great, very stable, small footprint, and it's free.  You can view their screen without them knowing or you can take control to show them how to do things or fix problems remotely.  The enterprise edition has even more features that are helpful to administrators but isn't free though very inexpensive.

http://www.realvnc.com/

0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
LVL 22

Expert Comment

by:mcsween
ID: 19670579
To execute commands remotely on a user's computer take a look at pstools from Microsoft...also free and doesn't need to be installed on the workstation, you just need administrator permissions on their system to use these tools.

http://www.microsoft.com/technet/sysinternals/Utilities/PsTools.mspx
0
 
LVL 29

Accepted Solution

by:
Alan Huseyin Kayahan earned 2000 total points
ID: 19672356
         Hi Alex
              Net Monitor for Employees Professional is one of the causes of slow network in my opinion. You can use a proxy solution like Websense in this case. It has many categories, and reports of the company performance according to the visits to each category. Also you can restrict any category/web sites you want. http://www.websense.com
             Wireshark is the best network analyzer. http://www.wireshark.org

Regards
0
 

Author Comment

by:DeMiNe0
ID: 19672856
Its not the network itself that is slow. it's the internet gateway. I've caught people using p2p and torrent applications on their PC's.

I was looking for something like Net monitor because it allows you to see what everyone is doing in real time all at the same time. Thats pretty important for some of the professors here, so they can see what the students are doing on the pcs.
0
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 19684597
       Websense is what you want. Give it a try and download its fully functional trial

Regards
0
 

Author Comment

by:DeMiNe0
ID: 19684893
Anyone have any other alternatives to net monitor? I'm thinking of using VNC Manager + Ultra VNC. Too bad it doesn't preview users desktops though.
0
 
LVL 22

Expert Comment

by:mcsween
ID: 19684995
Here is a good article from Cisco on blocking P2P applications at a firewall level.  Even if you don't use a PIX firewall this could get you started if you have advanced protocol and port handling in your firewall.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e419a.shtml
0
 

Author Comment

by:DeMiNe0
ID: 19685102
I actually have these rules in place allready on the sonic wall, and they seem to be working well. What I am trying to do is find a replacement for net monitor. I used it as a helpdesk support tool, AND a work station monitor to make sure interns are being productive (not playing games, or fooling around on our instant chat server).

I was going to use VNC for the helpdesk part, but im not sure what to use for the monitoring part.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question