internet slow

Hi Experts,
the users in my network facing very slow network speed. when i obsreve it on monitoring tool i found that "HTTP TUNNEL"  consuming 80 to 90 percent bandwidth of my internet link.

on google i find that HTTP-TUNNEL traffic because  of users in network download softwares(hot spot shied and some others) to unblock the restricted websites.Is there any solution to block HTTP TUNNEL traffic. OR i should stop it on internet router  or on internal firewall.
or any-other soultion to get rid of this traffic.


Thanks,
osloboyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Gerwin Jansen, EE MVEConnect With a Mentor Topic Advisor Commented:
>>can packet shaper can do this to mimize traffic for HTTP tunnel with out the inforamtion of source address?
It should as it is a type of traffic. I don't know about the BlueCoat specific product but you could ask them, you are not completely familiar with your 2 boxes I understand? It's a main feature of their packet shaper.
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
Can you find out in your monitoring tool from what IP address the HTTP tunnel is originating? Trace down that user / workstation and uninstall it, informing the user of your company internet policy.
0
 
CSorgConnect With a Mentor Commented:
could be regular traffic, for instance RDP over SSL connection(s)

RDP is aggressive when it comes to claiming network bandwidth.

like gerwinjansen said, try to isolate the source ip address first and start a local monitor (netstat -o would give you back information on the process and in what why that process is using network traffic)
(http://ss64.com/nt/netstat.html)
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
osloboyAuthor Commented:
monitoring tool doesnt show the source ip adress. it just show the top used websites.
how i can trace ?
monitoring tool is blue-coat packet shaper.
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
You have a packet shaper, shape your HTTP Tunnel traffic down to 5% of your available bandwidth, that fixes your issue. And that's what your bluecoat box is for.
0
 
osloboyAuthor Commented:
hi gerwinjansen:
we have both boxes,
blue-coat and packet shaper as well.

can packet shaper can do this to mimize traffic for HTTP tunnel with out the inforamtion of source address ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.