How to identify what machines are using the most of your internet connection - Cisco ASA

Posted on 2009-04-23
Last Modified: 2012-05-06
What software solutions out there would provide us real-time information about what machines are consuming the most of our bandwidth in real time.  We are having spikes in usage lately and we haven't been able to identify who is using the most of our bandwidth.  Is there a tool to use with a Cisco ASA to give us a view of what machines are pulling how much data through our internet connection?
Question by:tc100years
    LVL 20

    Expert Comment

    If you are using ASA 5580, it supports netflow 9 which provides extensive details on top talkers, etc...


    Go to ASDM - Home - Firewall Dashboard and enable threat detection or enter the lines

    threat-detection basic-threat
    threat-detection statistics

    You'll then have a Top 10 Usage Status Graph that you can use to view Bytes Transferred in last few hours.
    LVL 4

    Expert Comment

    If you want to monitor individual machines first you have to enable snmp on the machines and then you can use solarwinds NPM to monitor all their bandwidths even their total transfered traffic daily or hourly.
    LVL 25

    Expert Comment

    If you have a managed switch, I'd recommend Ntop.  It gives very detailed traffic analysis for being free
    LVL 32

    Accepted Solution


    It would be nice if your ASA supports Netflow. Then you can use any of the Netflow Analyzers to check the per IP per protocol details;

    SolarWinds NetFlow Analyzer      NetFlow/SFlow
    Scrutinizer NetFlow/Sflow Analyzer      NetFlow/SFlow
    Caligare Flow Inspector      NetFlow/SFlow
    PRTG      NetFlow/RRDTool
    Adventnet Netflow Analyzer      NetFlow

    If it does not then you may try out Nprobe;

    Author Comment

    Does anybody know if an ASA 5520 supports NetFlow?

    Author Comment

    It appears it does if you upgrade the ASA software to 8.2.  Thanks for all of your answers, they've been helpful.  

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Introduction Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU …
    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now