Network Activities Monitoring

Dear All,

     I have a network with 500 users and I want to be able to monitor their activities like ( what there are downloading, the bandwidth, activities) what network software I could use for that.

Thanks
LVL 2
ibmas4002Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Cyclops3590Connect With a Mentor Commented:
uetian1707's suggestion of Squid is great for detailed monitoring of several protocols but doesn't quite capture everything you may want.

so long as you have a managed switch capable of port mirroring, something like Ntop is a perfect tool to collect detailed network statistics so you know who is taking up your link, what resources their using, how long, etc.  While Ntop does do Netflow, from what I've heard mirroring traffic to the ntop server is more reliable than using netflow.
0
 
willbaclimonCommented:
What vendor switches do you have? If its cisco you can use netflow collector software.
0
 
Kamran ArshadIT AssociateCommented:
Hi,

You need to setup a proxy server between your network. The proxy server (Cache+firewall) will log all the ftp and http based downloads. You can even restrict sites, limit the bandwidth, and monitor the bandwidth. There are two industry standard software-based proxy servers;

1- MS ISA Server
www.microsoft.com/ISAserver/default.mspx

2- Squid Cache Server
www.squid-cache.org

I personally recommend squid because it has all the basic features built-in and is open-source (free).

You may also have a look at hardware proxy appliance like bluecoat;

www.bluecoat.com
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
willbaclimonConnect With a Mentor Commented:
Port mirroring is good..I've never ran into a issue with netflow. The benefit of netflow is that you can run it on any device that supports it. No needs set up aggregation points.


0
 
willbaclimonCommented:
If satisfied please close the question
0
 
jimmymcp02Commented:
Hello ibmas4002,

http://www.wireshark.org/about.html

Regards,

jimmymcp02
0
 
pistanuConnect With a Mentor Commented:
linux bridge and then or proxy server, or filtering with iptables and log the traffic that you're interest.

here is how you make the bridge:

http://www.usermadetutorials.com/2010/06/creating-a-linux-bridge-for-shaping-qos/

the user wont realize that they are under big brother eye.
0
All Courses

From novice to tech pro — start learning today.