Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How can I find out which user is using xxx Kbps on my office LAN?

Posted on 2008-06-19
8
Medium Priority
?
316 Views
Last Modified: 2013-11-16
I have a watchguard Firebox X1000. I have the ability to see how many Kbps are going OUT, coming in, coming in on IMAP Port and going out on SMTP and such. I can also use the hostWatch to see what users are connected to what sites.

But I cant seem to figure out is how to see WHO is using the largest chunk of bandwidth. If for example some days I am getting peaks of a constant 700Kbps outbound traffic, I want to know which user is causing this huge spike in my network.

How can I find this out?

I would GREATLY appreciate help on this matter.
0
Comment
Question by:nichiaiinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 1500 total points
ID: 21820417
Hi,

For that purpose you need to have to have some NMS. A few possible options are:

HP-OpenView                 www.hp.com
JFFNMS                              www.jffnms.org
OpenNMS                           www.opennms.org
Nagios                              www.nagios.org
ZenOSS                            www.zenoss.com
Cacti                                www.cacti.net
MRTG                              oss.oetiker.ch/mrtg
PRTG                              www.paessler.com/prtg
Adventnet Netflow Analyzer      www.adventnet.com
SolarWinds Orion       www.solarwinds.com
Bandwidthd                  bandwidthd.sourceforge.net
Ntop                               www.ntop.org
Observer                    www.networkinstruments.com
AutoNOC                           www.autonoc.com

0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21820550
I have once having a problem at my company whereby there is 1 PC which flood and congested our network due to broadcast storm. So I used this freeware - Show Traffic to find which PC did the problem and found it as the program will show the IP Address, Hostname, Traffic and the speed of network packet. You can download from here and maybe find it quite useful. Hope this help.

http://demosten.com/showtraf/
0
 

Author Comment

by:nichiaiinc
ID: 21822475
Psychic zero,

Thanks I gave that software a try, but it seems the numbers arent really reporting the proper numbers. However, I think it will be good enough to give me an idea of bandwidth hoggers if there are some.

I have a question for everyone, where does this software need to be placed. I would imagine the only machine that can see all the traffic is the router, I installed this test software on the AD server, is this where I should instlal it, or somewhere else? I am a bit confused on where I should put it.

uetian1707,

are any of those you mentioned open source and/or free?

Thanks!
0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21828344
Thanks for the update:

JffNMS,OpenNMS,Nagios,ZenOSS,Cacti,MRTG,Bandwidthd and NTOP are free as well as Open Source.

0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21828490
At AD server also OK as all computer in the network will communicate with the AD server. You can also put at any server which all computers are used it such as File server, Mail server, etc. Maybe you can give a try.
0
 

Author Comment

by:nichiaiinc
ID: 21828595
But will this really give me proper results. It's only going to show the traffic between the two devices. So if there is traffic to the file server from the end user it will show the bandwidth he is using. But what if they are downloading a file at 700k/sec, then it's not going to show this, correct?

I want to know who if anyone is downloading large data or streaming media out through our internet connection.
0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21828657
So maybe you can install at your Internet Proxy server so that you can know who download a big file from Internet.
0
 

Author Closing Comment

by:nichiaiinc
ID: 31468683
Uetian is the winner. The most resources were provided. I am still unclear how to actaully monitor all the traffic because these are software on one server but I want to monitor all traffic. Since this quesiton is dying out, I will close it.
0

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
In this article, we’ll look at how to deploy ProxySQL.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question