Solved

Device for Network Monitoring

Posted on 2009-06-29
10
321 Views
Last Modified: 2013-12-07
Our users have begun to complain how slow the network is over our T1 connections. Right now we have nothing to see what is traversing the lines.  We currently have 7 sites that we need to monitor network traffic.  Is there a hardware or software device that we can use to monitor all sites?  We are currently a Windows 2003/XP site.

Any help would be appreciated.
0
Comment
Question by:MagnumVP
10 Comments
 
LVL 7

Expert Comment

by:rcflyr
Comment Utility
I use MRTG to monitor bandwidth usage.

http://oss.oetiker.ch/mrtg/
0
 
LVL 4

Author Comment

by:MagnumVP
Comment Utility
It does draw "Pretty Pictures" but does it tell you what that traffic is, or it source/destination, port number, etc?
0
 
LVL 7

Expert Comment

by:rcflyr
Comment Utility
No, I usually use my firewall logs for that.
0
 
LVL 7

Expert Comment

by:rcflyr
Comment Utility
Something like this may be helpful:
http://www.manageengine.com/products/netflow/
0
 
LVL 4

Author Comment

by:MagnumVP
Comment Utility
That may work.  However, on the Hardware side of things, since all the remote sites come in through a single IP address, is there a device that I can put right have they enter the office that will sit there and watch everything?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 7

Accepted Solution

by:
rcflyr earned 225 total points
Comment Utility
The hardware will depend on what tool you select.  I use MRTG to watch bandwidth usage.  Almost 100% of the time I don't need to know what source/destination port traffic is flowing over these connections.  When I do need to know src/dest I either mirror a port and take real time traffic captures with wireshark, or a go and view my firewall logs.  I keep all of my firewall logs on a centralized syslog server.  MRTG polls your switches or routers at regular intervals to draw usage graphs.  It could be connected anywhere on your network.  If you need to monitor specific network traffic (who is talking to who) you will have to either use logs from your firewall or configure a port mirror to capture and analyze traffic as it crosses your network.
0
 
LVL 4

Author Comment

by:MagnumVP
Comment Utility
Well I took your advice on mirror the ports to see what is causing the slow down. I'm monitoring using Wireshark all traffic except ports, 3389, 53 and broadcast.  However when it comes to using MRTG I can't.  My switches don't support SNMP.  I'm hoping to replace them soon, but right now that isn't an option.
0
 
LVL 2

Expert Comment

by:gengw2000
Comment Utility
If you have a managable switch, I think WFilter is the right tool for you, key features:
1. Real time network connections monitoring and alert.
2. Real time bandwidth monitoring.
3. Keep a detailed record of each web surfing, emails, instant messaging, file downloading.
4. Implement a policy to filter internet access during working hours.
5. Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
6. You only need to install WFilter in ONE computer to manage your whole network.

http://www.imfirewall.us/network-monitor.htm
0
 
LVL 32

Assisted Solution

by:Kamran Arshad
Kamran Arshad earned 25 total points
Comment Utility
Which switch do you have and does it support flow technologies? If so then you can use flow analyzer to monitor the per protocol and per IP traffic. Below is list of flow analyzers;

SolarWinds NetFlow Analyzer        www.solarwinds.com      NetFlow/SFlow
Scrutinizer NetFlow/Sflow Analyzer      www.plixer.com      NetFlow/SFlow
Caligare Flow Inspector      www.caligare.com      NetFlow/SFlow
PRTG      www.paessler.com/prtg      NetFlow/RRDTool
Adventnet Netflow Analyzer      www.adventnet.com      NetFlow
NFSen      nfsen.sourceforge.net      NetFlow
StealthWatch® Xe       www.lancope.com      SFlow
Traffic Sentinel      www.inmon.com      SFlow

If you switch does not support flow technologies then you can still use Nprobe;

www.ntop.org/nProbe.html
0
 
LVL 4

Author Comment

by:MagnumVP
Comment Utility
Currently my switches are Dell 2724.
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Suggested Solutions

Many network operators, engineers, and administrators do not take several factors into consideration when troubleshooting network throughput and latency issues.  They often  measure the throughput by performing a measurement  by transferring a large…
Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now