Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Network Activities Monitoring

Posted on 2008-10-07
9
Medium Priority
?
215 Views
Last Modified: 2014-06-20
Dear All,

     I have a network with 500 users and I want to be able to monitor their activities like ( what there are downloading, the bandwidth, activities) what network software I could use for that.

Thanks
0
Comment
Question by:ibmas4002
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 7

Expert Comment

by:willbaclimon
ID: 22662291
What vendor switches do you have? If its cisco you can use netflow collector software.
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 22662610
Hi,

You need to setup a proxy server between your network. The proxy server (Cache+firewall) will log all the ftp and http based downloads. You can even restrict sites, limit the bandwidth, and monitor the bandwidth. There are two industry standard software-based proxy servers;

1- MS ISA Server
www.microsoft.com/ISAserver/default.mspx

2- Squid Cache Server
www.squid-cache.org

I personally recommend squid because it has all the basic features built-in and is open-source (free).

You may also have a look at hardware proxy appliance like bluecoat;

www.bluecoat.com
0
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 336 total points
ID: 22665785
uetian1707's suggestion of Squid is great for detailed monitoring of several protocols but doesn't quite capture everything you may want.

so long as you have a managed switch capable of port mirroring, something like Ntop is a perfect tool to collect detailed network statistics so you know who is taking up your link, what resources their using, how long, etc.  While Ntop does do Netflow, from what I've heard mirroring traffic to the ntop server is more reliable than using netflow.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 7

Assisted Solution

by:willbaclimon
willbaclimon earned 332 total points
ID: 22681680
Port mirroring is good..I've never ran into a issue with netflow. The benefit of netflow is that you can run it on any device that supports it. No needs set up aggregation points.


0
 
LVL 7

Expert Comment

by:willbaclimon
ID: 22723700
If satisfied please close the question
0
 
LVL 20

Expert Comment

by:jimmymcp02
ID: 22780073
Hello ibmas4002,

http://www.wireshark.org/about.html

Regards,

jimmymcp02
0
 
LVL 3

Assisted Solution

by:pistanu
pistanu earned 332 total points
ID: 37729867
linux bridge and then or proxy server, or filtering with iptables and log the traffic that you're interest.

here is how you make the bridge:

http://www.usermadetutorials.com/2010/06/creating-a-linux-bridge-for-shaping-qos/

the user wont realize that they are under big brother eye.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question