Device for Network Monitoring

Our users have begun to complain how slow the network is over our T1 connections. Right now we have nothing to see what is traversing the lines.  We currently have 7 sites that we need to monitor network traffic.  Is there a hardware or software device that we can use to monitor all sites?  We are currently a Windows 2003/XP site.

Any help would be appreciated.
Who is Participating?
rcflyrConnect With a Mentor Commented:
The hardware will depend on what tool you select.  I use MRTG to watch bandwidth usage.  Almost 100% of the time I don't need to know what source/destination port traffic is flowing over these connections.  When I do need to know src/dest I either mirror a port and take real time traffic captures with wireshark, or a go and view my firewall logs.  I keep all of my firewall logs on a centralized syslog server.  MRTG polls your switches or routers at regular intervals to draw usage graphs.  It could be connected anywhere on your network.  If you need to monitor specific network traffic (who is talking to who) you will have to either use logs from your firewall or configure a port mirror to capture and analyze traffic as it crosses your network.
I use MRTG to monitor bandwidth usage.
MagnumVPAuthor Commented:
It does draw "Pretty Pictures" but does it tell you what that traffic is, or it source/destination, port number, etc?
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

No, I usually use my firewall logs for that.
Something like this may be helpful:
MagnumVPAuthor Commented:
That may work.  However, on the Hardware side of things, since all the remote sites come in through a single IP address, is there a device that I can put right have they enter the office that will sit there and watch everything?
MagnumVPAuthor Commented:
Well I took your advice on mirror the ports to see what is causing the slow down. I'm monitoring using Wireshark all traffic except ports, 3389, 53 and broadcast.  However when it comes to using MRTG I can't.  My switches don't support SNMP.  I'm hoping to replace them soon, but right now that isn't an option.
If you have a managable switch, I think WFilter is the right tool for you, key features:
1. Real time network connections monitoring and alert.
2. Real time bandwidth monitoring.
3. Keep a detailed record of each web surfing, emails, instant messaging, file downloading.
4. Implement a policy to filter internet access during working hours.
5. Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
6. You only need to install WFilter in ONE computer to manage your whole network.
Kamran ArshadConnect With a Mentor IT AssociateCommented:
Which switch do you have and does it support flow technologies? If so then you can use flow analyzer to monitor the per protocol and per IP traffic. Below is list of flow analyzers;

SolarWinds NetFlow Analyzer      NetFlow/SFlow
Scrutinizer NetFlow/Sflow Analyzer      NetFlow/SFlow
Caligare Flow Inspector      NetFlow/SFlow
PRTG      NetFlow/RRDTool
Adventnet Netflow Analyzer      NetFlow
NFSen      NetFlow
StealthWatch┬« Xe      SFlow
Traffic Sentinel      SFlow

If you switch does not support flow technologies then you can still use Nprobe; 
MagnumVPAuthor Commented:
Currently my switches are Dell 2724.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.