Solved

Internet bandwidth utilization is full

Posted on 2010-09-15
8
628 Views
Last Modified: 2013-11-22
we have aroud 400 windows XP client machine's in office  is accessing Internet 24/7, from yesterday onwards our  4 mbps bandwidth internet
link is showing fulll utilization , I feel that The very high Internet utilization in our network  can be the  characteristic of some virus/malware  ,that is  contributing  thi high traffic .The  traffic is passing thourgh a firewall and then to the internnet router ,  I have enabled  the IP accounting to to find the percentage of bandwidth utilization , but haven't helped me .
Can you please help me to find a resolution for this .
0
Comment
Question by:darvinv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 8

Expert Comment

by:thetmanvn
ID: 33680597
Which firewall you're using?
0
 

Author Comment

by:darvinv
ID: 33680630
its cisco pix515e
0
 
LVL 8

Accepted Solution

by:
thetmanvn earned 250 total points
ID: 33680684
With cisco pix 515, we have a little choice for tracking user traffic directly.
There's a way here using logging trap and send to external syslog then use perl script to get what you want. (Check post #5)

http://groups.google.ca/group/comp.dcom.sys.cisco/tree/browse_frm/thread/972a527ba458f06/2d9638c4e38063ef

Or if you have a good switch that support monitor mode (like SPAN mode of Cisco) then you can use this port to monitor traffic from all other ports and use packet analyzer (wireshark the number 1) to capture and analyis.

Hope this help
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 33749033
What ports are open on your firewall, which users could easily use?

I would recommend that not all the ports should be open excepts ones which are required

It could be some PC which is using Torrent, or if some is downloading stuff via http from various file sharing website.

Sudeep
0
 
LVL 25

Expert Comment

by:madunix
ID: 33869433
look @

http://cacti.net/
http://oss.oetiker.ch/mrtg/
http://www.section6.net/wiki/index.php/Setting_up_MRTG_in_FreeBSD
http://forums.freebsd.org/showthread.php?t=248
http://www.nagios.org/


I used MRTG (It's still running actually), and swapped to Cacti. It's still a bit difficult (Devices, data queries, Graphs, etc) but well worth it...just give it a try. Cacti is a brilliant software beside nagios and MRTG ..... to narrow down the problem
0
 
LVL 3

Expert Comment

by:Nasir-Siddique
ID: 34031474
On the firewall policy log for allowed internet traffic, check the source IP in real time. Its a manual way just to find the infected machine or the user monopolizing the line. You may not have exact idea, but in some cases it helps.
0
 
LVL 38

Expert Comment

by:younghv
ID: 34376207
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Windows running painfully slow? Try these tips..

Stay away from Speed Up Computer Programs that do more harm than good.
Try these tips instead.
Step by step instructions in trouble shooting Windows Performance issues.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing the service account for VMware vCenter Operations Manager ? 4 132
Roguekiller has no option of deleting 19 184
Twitching screen 11 140
Rensome / malware protection 9 116
A while back when OPSMGR 2012 was released we were very excited about getting it into our environment and upgrading our 2007 implementation,  we started our planning and we then proceeded with our implementation. All went as planned & our system …
Storage devices are generally used to save the data or sometime transfer the data from one computer system to another system. However, sometimes user accidentally erased their important data from the Storage devices. Users have to know how data reco…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question