[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


Juniper INS-PHOENIX (SRX220H) data usages

Posted on 2013-01-04
Medium Priority
Last Modified: 2014-11-10

I have a Juniper INS-PHOENIX (SRX220H) firewall which I am using as a router.

I want to check the network utilization ie. received and transmitted data for every single computer passing through this router.
Something like vnstat in linux box but for all the computers.

This requirement is because I want to know how much data usages is there for all the employees.
Question by:abhinav4
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
LVL 18

Expert Comment

ID: 38743070
This isn't so easy on SRX bud.

We do have the ability to monitor the interfaces for throughput but narrowing it down to individual PCS will require some other network monitoring tool and send the traffic to that to provide the reports.

To view the interface stats, go to the web interface, select monitor then interfaces.

Click on the interface you want and then click "graph"


Author Comment

ID: 38743097
Thanks for the information once again.
I could only see input rate and output rate of the interface on the graph.

Well as you mentioned that I would require some other networking tool to achieve the desired output, do you have any tool in mind which I could use. I could create one virtual machine to install the tool.
As I do not have any budget to go for some enterprise tool I would prefer a free tool.
LVL 18

Expert Comment

ID: 38743116
There are plenty of choices out  there for us to choose from.

2 that I have used in the distant past were cacti and nagios.

Nagios was very manual in the config ie we had ti edit config files to change the settings etc, but worked really well in monitoring servers and networks.

A more user friendly option is cacti, which takes a lot of the manual editing away from nagios and allows us to add config via the web interface.

It is a very subjective choice here bud, so have a look at the 2 solutions above and see if they fit your bill.

A couple of links that show some comparisons and pros and cons are below.



You can configure the SRX to send stats to the server running whichever monitoring tool you choose and then view the results.

HTH bud
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.


Author Comment

ID: 38743153
Ok, I have a Linux box running nagios core to monitor basic checks for few test machine. I have used check_nrpe, check_nt and check_by_ssh plugin to monitor some windows/Linux machines, so I can go with Nagios.
Now, how can I configure SRX to send stats to the nagios machine and which plugin I would use in Nagios to accept it.
LVL 18

Expert Comment

ID: 38743269
Hi bud

Its been a while since I used nagios bud, can you remind me what kind of stuff it needs?

For example I know it uses SNMP to poll for data and I also assume that its needs flow information sent to it for network usage stats but apart from that my nagios skills are weak bud.  And I have no idea what plugin to use bud, I would assume it would be in the nagios docs.

Author Comment

ID: 38743381
Hi bud
I found the following link

It seems it would require check_snmp plugin to get the result.
How can I check SNMP is enabled in SRX and how to enable it so that it could reply back to Nagios.
LVL 18

Expert Comment

ID: 38743415
CLI is best for this bud

1st of all st, some SNMP informational comments, edit to add your on location and contact

set snmp location Auckland
set snmp contact SupportContactDetails
Set the SNMP community, use the same one that nagios uses to connect to otehr devices,  If it doesnt have one, then create it.  Change the name to reflect the right community

set snmp community communityname authorization read-write
Then set some criteria to allow hosts to query the SRX, ie as below, we will allow ONLY to query the SRX.  CHange the IP to reflect that of the nagios server
set snmp community communityname clients
set snmp community communityname clients restrict

TO get this work on the SRX< we need to allow the SNMP traffic into the firewall and to do this we add the host-inbound-traffic to the security zone and interface where the nagios server will speak to the SRX on.  ie the incoming interface for nagios queries

Once that is done, it should all work fine.  Make sure nagios has the latest MIB for the SRX bud

set security zones security-zone untrust interfaces fe0/0/0 host-inbound-traffic system-services snmp

Author Comment

ID: 38743564
well this should work, but again it will give me traffic as a whole.
My requirement is to get the traffic of workstations connected to SRX. How to separate the traffic on ip basis?
LVL 18

Assisted Solution

deimark earned 1000 total points
ID: 38743639
Thats why I said send flow statistics to the server as well, but I cant remember if nagios does this natively or relies on something like MRTG.

See http://kb.juniper.net/InfoCenter/index?page=content&id=KB16677 for configuring Jflow.  Jflow is basically the juniper version of Ciscos netflow and will allow you to statistically sample the network packets going through the device and then send them onto a suitable monitoring server

Author Comment

ID: 38777945
Thanks bud,

I am working on it. Still not able to succeed
LVL 17

Accepted Solution

pergr earned 1000 total points
ID: 38778080
You can run port-mirroring on the SRX:

and then send that out to the PC running ntop (www.ntop.org).

That will give you loads of statistics, per user.

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transparency shows that a company is the kind of business that it wants people to think it is.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question