[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 216
  • Last Modified:

Network Activities Monitoring

Dear All,

     I have a network with 500 users and I want to be able to monitor their activities like ( what there are downloading, the bandwidth, activities) what network software I could use for that.

Thanks
0
ibmas4002
Asked:
ibmas4002
3 Solutions
 
willbaclimonCommented:
What vendor switches do you have? If its cisco you can use netflow collector software.
0
 
Kamran ArshadCommented:
Hi,

You need to setup a proxy server between your network. The proxy server (Cache+firewall) will log all the ftp and http based downloads. You can even restrict sites, limit the bandwidth, and monitor the bandwidth. There are two industry standard software-based proxy servers;

1- MS ISA Server
www.microsoft.com/ISAserver/default.mspx

2- Squid Cache Server
www.squid-cache.org

I personally recommend squid because it has all the basic features built-in and is open-source (free).

You may also have a look at hardware proxy appliance like bluecoat;

www.bluecoat.com
0
 
Cyclops3590Commented:
uetian1707's suggestion of Squid is great for detailed monitoring of several protocols but doesn't quite capture everything you may want.

so long as you have a managed switch capable of port mirroring, something like Ntop is a perfect tool to collect detailed network statistics so you know who is taking up your link, what resources their using, how long, etc.  While Ntop does do Netflow, from what I've heard mirroring traffic to the ntop server is more reliable than using netflow.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
willbaclimonCommented:
Port mirroring is good..I've never ran into a issue with netflow. The benefit of netflow is that you can run it on any device that supports it. No needs set up aggregation points.


0
 
willbaclimonCommented:
If satisfied please close the question
0
 
jimmymcp02Commented:
Hello ibmas4002,

http://www.wireshark.org/about.html

Regards,

jimmymcp02
0
 
pistanuCommented:
linux bridge and then or proxy server, or filtering with iptables and log the traffic that you're interest.

here is how you make the bridge:

http://www.usermadetutorials.com/2010/06/creating-a-linux-bridge-for-shaping-qos/

the user wont realize that they are under big brother eye.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now