Solved

How can I find out which user is using xxx Kbps on my office LAN?

Posted on 2008-06-19
8
301 Views
Last Modified: 2013-11-16
I have a watchguard Firebox X1000. I have the ability to see how many Kbps are going OUT, coming in, coming in on IMAP Port and going out on SMTP and such. I can also use the hostWatch to see what users are connected to what sites.

But I cant seem to figure out is how to see WHO is using the largest chunk of bandwidth. If for example some days I am getting peaks of a constant 700Kbps outbound traffic, I want to know which user is causing this huge spike in my network.

How can I find this out?

I would GREATLY appreciate help on this matter.
0
Comment
Question by:nichiaiinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 500 total points
ID: 21820417
Hi,

For that purpose you need to have to have some NMS. A few possible options are:

HP-OpenView                 www.hp.com
JFFNMS                              www.jffnms.org
OpenNMS                           www.opennms.org
Nagios                              www.nagios.org
ZenOSS                            www.zenoss.com
Cacti                                www.cacti.net
MRTG                              oss.oetiker.ch/mrtg
PRTG                              www.paessler.com/prtg
Adventnet Netflow Analyzer      www.adventnet.com
SolarWinds Orion       www.solarwinds.com
Bandwidthd                  bandwidthd.sourceforge.net
Ntop                               www.ntop.org
Observer                    www.networkinstruments.com
AutoNOC                           www.autonoc.com

0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21820550
I have once having a problem at my company whereby there is 1 PC which flood and congested our network due to broadcast storm. So I used this freeware - Show Traffic to find which PC did the problem and found it as the program will show the IP Address, Hostname, Traffic and the speed of network packet. You can download from here and maybe find it quite useful. Hope this help.

http://demosten.com/showtraf/
0
 

Author Comment

by:nichiaiinc
ID: 21822475
Psychic zero,

Thanks I gave that software a try, but it seems the numbers arent really reporting the proper numbers. However, I think it will be good enough to give me an idea of bandwidth hoggers if there are some.

I have a question for everyone, where does this software need to be placed. I would imagine the only machine that can see all the traffic is the router, I installed this test software on the AD server, is this where I should instlal it, or somewhere else? I am a bit confused on where I should put it.

uetian1707,

are any of those you mentioned open source and/or free?

Thanks!
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21828344
Thanks for the update:

JffNMS,OpenNMS,Nagios,ZenOSS,Cacti,MRTG,Bandwidthd and NTOP are free as well as Open Source.

0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21828490
At AD server also OK as all computer in the network will communicate with the AD server. You can also put at any server which all computers are used it such as File server, Mail server, etc. Maybe you can give a try.
0
 

Author Comment

by:nichiaiinc
ID: 21828595
But will this really give me proper results. It's only going to show the traffic between the two devices. So if there is traffic to the file server from the end user it will show the bandwidth he is using. But what if they are downloading a file at 700k/sec, then it's not going to show this, correct?

I want to know who if anyone is downloading large data or streaming media out through our internet connection.
0
 
LVL 6

Expert Comment

by:psychic_zero
ID: 21828657
So maybe you can install at your Internet Proxy server so that you can know who download a big file from Internet.
0
 

Author Closing Comment

by:nichiaiinc
ID: 31468683
Uetian is the winner. The most resources were provided. I am still unclear how to actaully monitor all the traffic because these are software on one server but I want to monitor all traffic. Since this quesiton is dying out, I will close it.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question