Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 665
  • Last Modified:

Network utility for T-1 line bandwidth utilization statistics

I need to determine bandwidth utilization on a point-to-point  T-1 line.

I don't have acess to the router configuration so I can't use NetFlow or SNMP-based network monitoring utilities.

I can tap the line with an old 10Base-T Ethernet hub (not a switch) to sniff the packets going between the network and one of the routers.

I'm looking for a GUI-based Windows network monitoring program that's free or low cost (<$100.00) that can sniff the packets and give me a bandwidth utilization graph for the T-1 line over time.

0
hrtmath
Asked:
hrtmath
  • 2
1 Solution
 
Hugh FraserConsultantCommented:
A simple flexible solution is a Linux box running NTOP. The key advantage is that you can set it up in a convenient spot near the tap running headless, and view the results from anywhere with a web browser. NTOP will provide historical trending of traffic, protocols, and hosts.

The best way to configure this is with 2 nics, one watching the T1 connection, and the other for access to the web interface. That way, using the web interface doesn't affect the true stats you want to monitor. If you configure the T1-facing interface to be up without and IP address, it's truly in stealth mode and will not generate any traffic.
0
 
Kamran ArshadIT AssociateCommented:
Hi,

You can use Wireshark, the Industry standard Protocol Analyzer. It can sniff the network traffic and decode almost all the famous protocols.

www.wireshark.org

Incase you are new to Wireshark, then

wiki.wireshark.org
0
 
hrtmathAuthor Commented:
I've used Wireshark and it does give a variety of traffic statistics, but I don't think that it will produce a graph of bandwidth utilization over time. Is this correct?
0
 
Hugh FraserConsultantCommented:
Wireshark's got a rich set of analysis tools, one of which is an IO graph showing traffic over time. All of the filtering capabilities built in to Wireshark can be applied to the graphs to give very detailed analysis of the traffic. I use it all the time.

Wireshark's designed to be a protocol analyzer, though, and isn't designed to monitor traffic over a longer period of time (although I have used the command-line version tshark to do longer term captures in the past). If you're looking for an "appliance": to leave in place and monitor traffic for, say, days, weeks or months, and produce reports showing bandwidth over these periods, ntop is a better tool.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now