Link to home
Create AccountLog in
Avatar of JazorKang
JazorKangFlag for United States of America

asked on

Client Bandwidth and activity reporting

Hello,
I have a Watchguard 1250e, I have set up the watchguard reporting but it doesn't have the reporting i need, its very basic. I need something that I can see every users bandwidth usage, highs,lows, peaks, averages. Top hosts, Top websites and keep historical data. something more comprehensive. I already have PRTG and NTOP, they both have their uses but neither have what i need. would a proxy server be the best option?

Help much appreciated
ASKER CERTIFIED SOLUTION
Avatar of dr_linux
dr_linux
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of JazorKang

ASKER

dr_linux,
We do not have Cisco routers or switches that support netflows,
You can setup a linux server as a netflow exporter for the traffic flowing through it.

A couple of questions:
How do you assign IP's ?  Are they fixed ?  How will users be identified when surfing ?
Hello diepes,
I used to track users based on ip when I had static ip reservations in the DHCP server. this proved to be extremely heavy maintenance so they are getting ips from a pool now. Other than by the hostname or having the same IP address, do you know of another way to track them?

Also, what is this linux server netflow exporter you speak of? all my research points to netflow as being the best solution. Please elaborate.

thanks
I did some reading, and found Nprobe as the the netflow exporter software, this looks like its going to take alot of reading and heavy configuration to get all of this to work..  Would it be cheaper to just buy a netflow support device?


In ubuntu/debian there is a package fprobe, it takes a interface to monitor, and a destination to export the flows to.

This will only give you the raw packet flows, you will still need a tool to compile reports from all the data, and with no easy way to identify individual users this will not be fun.

If the main goal is web reporting then a web proxy with some kind of authentication will be the best bet at collecting detailed web usage data, linked to individual users.

The difficult  parts here would be.
1. Setting up some kind of user auth ?  AD etc.
2. Getting proper reporting.