Device for Network Monitoring

Our users have begun to complain how slow the network is over our T1 connections. Right now we have nothing to see what is traversing the lines.  We currently have 7 sites that we need to monitor network traffic.  Is there a hardware or software device that we can use to monitor all sites?  We are currently a Windows 2003/XP site.

Any help would be appreciated.
LVL 4
MagnumVPAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rcflyrCommented:
I use MRTG to monitor bandwidth usage.

http://oss.oetiker.ch/mrtg/
0
MagnumVPAuthor Commented:
It does draw "Pretty Pictures" but does it tell you what that traffic is, or it source/destination, port number, etc?
0
rcflyrCommented:
No, I usually use my firewall logs for that.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

rcflyrCommented:
Something like this may be helpful:
http://www.manageengine.com/products/netflow/
0
MagnumVPAuthor Commented:
That may work.  However, on the Hardware side of things, since all the remote sites come in through a single IP address, is there a device that I can put right have they enter the office that will sit there and watch everything?
0
rcflyrCommented:
The hardware will depend on what tool you select.  I use MRTG to watch bandwidth usage.  Almost 100% of the time I don't need to know what source/destination port traffic is flowing over these connections.  When I do need to know src/dest I either mirror a port and take real time traffic captures with wireshark, or a go and view my firewall logs.  I keep all of my firewall logs on a centralized syslog server.  MRTG polls your switches or routers at regular intervals to draw usage graphs.  It could be connected anywhere on your network.  If you need to monitor specific network traffic (who is talking to who) you will have to either use logs from your firewall or configure a port mirror to capture and analyze traffic as it crosses your network.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MagnumVPAuthor Commented:
Well I took your advice on mirror the ports to see what is causing the slow down. I'm monitoring using Wireshark all traffic except ports, 3389, 53 and broadcast.  However when it comes to using MRTG I can't.  My switches don't support SNMP.  I'm hoping to replace them soon, but right now that isn't an option.
0
gengw2000Commented:
If you have a managable switch, I think WFilter is the right tool for you, key features:
1. Real time network connections monitoring and alert.
2. Real time bandwidth monitoring.
3. Keep a detailed record of each web surfing, emails, instant messaging, file downloading.
4. Implement a policy to filter internet access during working hours.
5. Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
6. You only need to install WFilter in ONE computer to manage your whole network.

http://www.imfirewall.us/network-monitor.htm
0
Kamran ArshadIT AssociateCommented:
Which switch do you have and does it support flow technologies? If so then you can use flow analyzer to monitor the per protocol and per IP traffic. Below is list of flow analyzers;

SolarWinds NetFlow Analyzer        www.solarwinds.com      NetFlow/SFlow
Scrutinizer NetFlow/Sflow Analyzer      www.plixer.com      NetFlow/SFlow
Caligare Flow Inspector      www.caligare.com      NetFlow/SFlow
PRTG      www.paessler.com/prtg      NetFlow/RRDTool
Adventnet Netflow Analyzer      www.adventnet.com      NetFlow
NFSen      nfsen.sourceforge.net      NetFlow
StealthWatch® Xe       www.lancope.com      SFlow
Traffic Sentinel      www.inmon.com      SFlow

If you switch does not support flow technologies then you can still use Nprobe;

www.ntop.org/nProbe.html 
0
MagnumVPAuthor Commented:
Currently my switches are Dell 2724.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.