Solved

Device for Network Monitoring

Posted on 2009-06-29
10
336 Views
Last Modified: 2013-12-07
Our users have begun to complain how slow the network is over our T1 connections. Right now we have nothing to see what is traversing the lines.  We currently have 7 sites that we need to monitor network traffic.  Is there a hardware or software device that we can use to monitor all sites?  We are currently a Windows 2003/XP site.

Any help would be appreciated.
0
Comment
Question by:MagnumVP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 7

Expert Comment

by:rcflyr
ID: 24737710
I use MRTG to monitor bandwidth usage.

http://oss.oetiker.ch/mrtg/
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24737747
It does draw "Pretty Pictures" but does it tell you what that traffic is, or it source/destination, port number, etc?
0
 
LVL 7

Expert Comment

by:rcflyr
ID: 24737791
No, I usually use my firewall logs for that.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:rcflyr
ID: 24737804
Something like this may be helpful:
http://www.manageengine.com/products/netflow/
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24738099
That may work.  However, on the Hardware side of things, since all the remote sites come in through a single IP address, is there a device that I can put right have they enter the office that will sit there and watch everything?
0
 
LVL 7

Accepted Solution

by:
rcflyr earned 225 total points
ID: 24738322
The hardware will depend on what tool you select.  I use MRTG to watch bandwidth usage.  Almost 100% of the time I don't need to know what source/destination port traffic is flowing over these connections.  When I do need to know src/dest I either mirror a port and take real time traffic captures with wireshark, or a go and view my firewall logs.  I keep all of my firewall logs on a centralized syslog server.  MRTG polls your switches or routers at regular intervals to draw usage graphs.  It could be connected anywhere on your network.  If you need to monitor specific network traffic (who is talking to who) you will have to either use logs from your firewall or configure a port mirror to capture and analyze traffic as it crosses your network.
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24740183
Well I took your advice on mirror the ports to see what is causing the slow down. I'm monitoring using Wireshark all traffic except ports, 3389, 53 and broadcast.  However when it comes to using MRTG I can't.  My switches don't support SNMP.  I'm hoping to replace them soon, but right now that isn't an option.
0
 
LVL 2

Expert Comment

by:gengw2000
ID: 24743494
If you have a managable switch, I think WFilter is the right tool for you, key features:
1. Real time network connections monitoring and alert.
2. Real time bandwidth monitoring.
3. Keep a detailed record of each web surfing, emails, instant messaging, file downloading.
4. Implement a policy to filter internet access during working hours.
5. Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
6. You only need to install WFilter in ONE computer to manage your whole network.

http://www.imfirewall.us/network-monitor.htm
0
 
LVL 32

Assisted Solution

by:Kamran Arshad
Kamran Arshad earned 25 total points
ID: 24743885
Which switch do you have and does it support flow technologies? If so then you can use flow analyzer to monitor the per protocol and per IP traffic. Below is list of flow analyzers;

SolarWinds NetFlow Analyzer        www.solarwinds.com      NetFlow/SFlow
Scrutinizer NetFlow/Sflow Analyzer      www.plixer.com      NetFlow/SFlow
Caligare Flow Inspector      www.caligare.com      NetFlow/SFlow
PRTG      www.paessler.com/prtg      NetFlow/RRDTool
Adventnet Netflow Analyzer      www.adventnet.com      NetFlow
NFSen      nfsen.sourceforge.net      NetFlow
StealthWatch® Xe       www.lancope.com      SFlow
Traffic Sentinel      www.inmon.com      SFlow

If you switch does not support flow technologies then you can still use Nprobe;

www.ntop.org/nProbe.html 
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24747214
Currently my switches are Dell 2724.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state …
Introduction Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question