Solved

Device for Network Monitoring

Posted on 2009-06-29
10
340 Views
Last Modified: 2013-12-07
Our users have begun to complain how slow the network is over our T1 connections. Right now we have nothing to see what is traversing the lines.  We currently have 7 sites that we need to monitor network traffic.  Is there a hardware or software device that we can use to monitor all sites?  We are currently a Windows 2003/XP site.

Any help would be appreciated.
0
Comment
Question by:MagnumVP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 7

Expert Comment

by:rcflyr
ID: 24737710
I use MRTG to monitor bandwidth usage.

http://oss.oetiker.ch/mrtg/
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24737747
It does draw "Pretty Pictures" but does it tell you what that traffic is, or it source/destination, port number, etc?
0
 
LVL 7

Expert Comment

by:rcflyr
ID: 24737791
No, I usually use my firewall logs for that.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 7

Expert Comment

by:rcflyr
ID: 24737804
Something like this may be helpful:
http://www.manageengine.com/products/netflow/
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24738099
That may work.  However, on the Hardware side of things, since all the remote sites come in through a single IP address, is there a device that I can put right have they enter the office that will sit there and watch everything?
0
 
LVL 7

Accepted Solution

by:
rcflyr earned 225 total points
ID: 24738322
The hardware will depend on what tool you select.  I use MRTG to watch bandwidth usage.  Almost 100% of the time I don't need to know what source/destination port traffic is flowing over these connections.  When I do need to know src/dest I either mirror a port and take real time traffic captures with wireshark, or a go and view my firewall logs.  I keep all of my firewall logs on a centralized syslog server.  MRTG polls your switches or routers at regular intervals to draw usage graphs.  It could be connected anywhere on your network.  If you need to monitor specific network traffic (who is talking to who) you will have to either use logs from your firewall or configure a port mirror to capture and analyze traffic as it crosses your network.
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24740183
Well I took your advice on mirror the ports to see what is causing the slow down. I'm monitoring using Wireshark all traffic except ports, 3389, 53 and broadcast.  However when it comes to using MRTG I can't.  My switches don't support SNMP.  I'm hoping to replace them soon, but right now that isn't an option.
0
 
LVL 2

Expert Comment

by:gengw2000
ID: 24743494
If you have a managable switch, I think WFilter is the right tool for you, key features:
1. Real time network connections monitoring and alert.
2. Real time bandwidth monitoring.
3. Keep a detailed record of each web surfing, emails, instant messaging, file downloading.
4. Implement a policy to filter internet access during working hours.
5. Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
6. You only need to install WFilter in ONE computer to manage your whole network.

http://www.imfirewall.us/network-monitor.htm
0
 
LVL 32

Assisted Solution

by:Kamran Arshad
Kamran Arshad earned 25 total points
ID: 24743885
Which switch do you have and does it support flow technologies? If so then you can use flow analyzer to monitor the per protocol and per IP traffic. Below is list of flow analyzers;

SolarWinds NetFlow Analyzer        www.solarwinds.com      NetFlow/SFlow
Scrutinizer NetFlow/Sflow Analyzer      www.plixer.com      NetFlow/SFlow
Caligare Flow Inspector      www.caligare.com      NetFlow/SFlow
PRTG      www.paessler.com/prtg      NetFlow/RRDTool
Adventnet Netflow Analyzer      www.adventnet.com      NetFlow
NFSen      nfsen.sourceforge.net      NetFlow
StealthWatch® Xe       www.lancope.com      SFlow
Traffic Sentinel      www.inmon.com      SFlow

If you switch does not support flow technologies then you can still use Nprobe;

www.ntop.org/nProbe.html 
0
 
LVL 4

Author Comment

by:MagnumVP
ID: 24747214
Currently my switches are Dell 2724.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Netscaler #MSSQL #Load Balance
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question