This regards a Windows 2003 server running AD DNS, and sitting behind a SonicWALL Pro 2040. The 2040 is running the Enhanced OS. There is no viewpoint software available.
A simple bandwidth report from the SonicWALL last week shows that this DNS server has the highest bandwidth usage of any system behind the firewall. This has us concerned, as there are no services on the server published to the outside world.
There are however, two remote branches on SonicWALL SA's. Could the bandwidth report be counting those packets going across the SonicWALL to SonicWALL VPNs?
I am looking for a easy to emplement method of identifying the traffic passing through the SonicWall and why the traffic is high.