Solved

T1 Network Monitoring Tools

Posted on 2009-07-13
11
432 Views
Last Modified: 2013-12-01
Hello Experts,

I am looking for suggestions on how to best monitor traffic between our companies two sites. We have a T1 line running between the two and are trying to find a solution that will help us monitor and analyze the traffic that is going back and forth at any given time. I am familiar with Ethereal however just capturing the packets isn't exactly what I had in mind. We would like to have something that could show us the utilizlation of the line as well as what type of traffic is going back and forth. It's something we would like to be able to keep running at all times. Any ideas would be welcome!

Thanks,

Andrew
0
Comment
Question by:andrewc2189
  • 5
  • 3
  • 3
11 Comments
 
LVL 3

Expert Comment

by:rmconard
ID: 24843133
I would recommend this:


1) Get a decent computer with average speed and memory, nothing fancy.
2) Download and set up Ubuntu Linux 9.04 on that computer and get it on the Internet.

Once you've done that, please allow me to introduce the power of Linux Networking:

http://www.ubuntugeek.com/bandwidth-monitoring-tools-for-ubuntu-users.html


Over 10 network and bandwidth monitoring tools... all FREE! Even the Ubuntu operating system.

Enjoy.

-Ryan
0
 
LVL 3

Assisted Solution

by:rmconard
rmconard earned 100 total points
ID: 24843163
But wait, there's more!

Let's not forget Wireshark and EtherApe. They also have a Linux version of Ethereal if you're comfortable with that.

Look:
http://www.ubuntugeek.com/network-traffic-analyzers-for-ubuntu-system.html


EtherApe is my personal favorite for visually viewing incoming network traffic. See the pictures on the website. It works in real-time too.

-Ryan
0
 
LVL 4

Author Comment

by:andrewc2189
ID: 24843222
I'm familiar with Ubuntu and wireshark, however I'm not sure if that will do what I want. Won't the linux machine you just mentioned only monitor traffic incoming to itself? I would like to monitor the traffic coming across the T1 line and I'm not sure I can do that unless I put something in between the line and the rest of my network on either end. Obviously I don't want it to affect the speed at all. Etherape does look cool and I haven't used that before.
0
 
LVL 3

Expert Comment

by:rmconard
ID: 24843266
No, no.

Ubuntu will do it all. The thing you need to remember is that the network is virtual. You can't just look at a cable and say, "Hey... it has 2 ends and a middle, maybe if I put something in the middle I can intercept the stuff coming from the 2 ends."

EtherApe and all those other problems will be able to monitor network TRAFFIC, which is inbound and outbound across the LAN.

If you want to monitor bandwidth usage across the T1 then simply set up the same thing on the other end. Then the two machines can talk to each other.

Essentially, the Ubuntu machine with proper configuration and software should be able to "look" across your T1 and pull traffic information the other side. Assuming it can connect to the server directly on the other end.

-Ryan


0
 
LVL 4

Author Comment

by:andrewc2189
ID: 24843355
I do understand that. I'm an expert on here too ;) When I say middle, I was reffering to this. I have two networks connected by a T1.
A<>t1<>B
The middle as in A<middle>T1<middle>B

I do not want to monitor based on IP, which I fiured the only way to do it was to have a box/agent where I listed middle on either end that sees all traffic. I want to see the entirety of the traffic crossing the T1 line regardless of where it is heading. It seems the way you are describing it says that will work but I haven't seen it before. I'll try it out though and let you know if it was what I was looking for!
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 68

Expert Comment

by:Qlemo
ID: 24847999
What devices are maintaining the T1 connection? The capabilites to analyze traffic are depending on those of the devices. Usually you use tools like Cacti and the like if the devices to monitor allow reasonable SNMP/RMON queries.
0
 
LVL 4

Author Comment

by:andrewc2189
ID: 24849361
Thanks for your response Qlemo. The fiber line comes into a verizon piece of equipment and then directly to a Cisco 1700 on either end.

Network A <Cisco 1700><Verizon Fiber Equipment>T1<Verizon Fiber Equipment><Cisco 1700>Network B
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 400 total points
ID: 24849619
Cisco devices should give you support for monitoring via SNMP (and some other methods). I would give Cacti a try.
0
 
LVL 4

Author Comment

by:andrewc2189
ID: 24859671
Cool, I'll try that out! Any good step-by-step tutorials on how to set it up? Would it be easier to setup under linux or windows?
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 24860214
Sorry, out of my bounds. I only replicated what I found that often here in EE. Cacti is #1 recommendation in monitoring traffic for free, no matter whether Windows or Linux is running.
0
 
LVL 4

Author Closing Comment

by:andrewc2189
ID: 31602980
Thanks guys for your help. I'll try to setup Cacti and I'll tell you how it goes! I also think I'll use Etherape for some other things but not for this specific question. Thanks!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

A while back when OPSMGR 2012 was released we were very excited about getting it into our environment and upgrading our 2007 implementation,  we started our planning and we then proceeded with our implementation. All went as planned & our system …
I wrote an article (http://www.experts-exchange.com/articles/2245/Anti-rootkit-software.html) some time ago with a reference to nLite  (http://www.nliteos.com/)slipstreaming software.  I recently changed that link to point to NTLite (https://www.ntl…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now