Posted on 2009-04-15
Last Modified: 2013-11-16

we are having network performance problems and when i look at my logs it seems that is always using alot of http traffic on our computers

from what i have read about it, alot of companies outsource to them to globally provide web services like streaming, downloads etc.

i would like to block it but hesitant.

also can some advise of a good way of monitoring what traffic each pc on the network is generating?
advise would be great please


Question by:philipfarnes
    LVL 16

    Expert Comment

    by:Brian Pringle
    As for monitoring the traffic on the PCs, you will generate more overhead by trying to monitor what computer does what from a central location.  You might want to install some sort of tracking software on each computer and have them upload a log to a central computer nightly.

    As for that domain, you are right that some legitimate companies use it, but do any of those uses meet your business needs/requirements?  If not, then block it.  It is better to block something that causes loss of productivity than to have users using network resources for something that is not business related.

    If a user does complain, then you can look into a business case for that particular use.  You will learn soon enough if there is a legitimate need for that site.
    LVL 1

    Expert Comment

    I agree with BT.
    One more thing to try is looking at the logs of your router. Some routers have logs that will list sites visited by individual IP's. I know Netgear ones used to do that.
    Hope this helps.
    LVL 2

    Accepted Solution

    If you are using the HTTP-Proxy filter for outbound traffic on your firewall you can turn on logging and check the "Send to Reports" box. Then you can use Watchguard's Report server to tell you exactly which hosts are generating what traffic and the volume. The Report Server software comes with the Watchguard Firebox.

    Just realized that I am assuming you have a firebox since you posted in the Watchguard category...
    LVL 4

    Expert Comment

    by:Felicia King
    I have two large clients that have been having problems with various PCs tripping off the firewall policies for IP port scanning. Basically, when I look at the firewall logs, I see a bunch of https(443) and ICMP traffic that some, but not all, of the PCs are trying to send to (egress) one of the servers. It is not always the same akamai server.
    Suffice to say that I have upped the default packet handling thresholds (doubled) the allowance and this has at least stopped the firewall from being so sensitive to it. However, the problem still exists. I haven't yet come up with a good way to block all
    I have a central patch management strategy, so blocking it wouldn't be an issue in my mind unless it would block Microsoft Updates.
    I have tested modifying the hosts file on one of the computers to route * to and have also tried just to The machine still gets replies from the public site on ping test. So trying to block it with the hosts file is not working.
    I don't currently have http and https proxy turned on at the firewall and don't want to do that just to block this site.
    All my clients use OpenDNS, so I may just try that. However, that is not going to stop the traffic from hitting the local firewall.
    If anyone has any other ideas on this matter, I'd like to hear about them.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    QoS needed if there's no contention on a link? 4 36
    Free VPN for windows 4 40
    Cisco Route Tagging Problem 12 31
    pfSense IP Helper 4 30
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now