LuiLui77
asked on
Sonicwall firewall Connections monitor feature
Good morning All,
I am exploring the connections monitor feature in my sonicwall firewall. I am doing this since my ISP is stating that my bandwidth is used 100% all the time so I wanted to check if there was a device in my network using all bandwidth.
I called Sonicwall support and they introduced me to a feature called Connections monitor and we found out that there was a device utilizing a ton of bandwidth. Attached is what we saw.
The support technician recommended me to look at the Tx Bytes column. The value that we saw for the particular device was 33632894 which is translated by my calculations to about 33 MB.
I am kind of confuse on how to put this value in practical terms and come up with the answer of how much bandwidth this device is using?
We have a 50 Mbps total bandwidth, does this means that the device is trying to use 33MB of the entire bandwidth?
I am having some trouble picturing this on my mind.
Please help.
Also if there other method to look at this in simpler terms let me know.
Thank you a ton
Sonicwall-traffic.png
I am exploring the connections monitor feature in my sonicwall firewall. I am doing this since my ISP is stating that my bandwidth is used 100% all the time so I wanted to check if there was a device in my network using all bandwidth.
I called Sonicwall support and they introduced me to a feature called Connections monitor and we found out that there was a device utilizing a ton of bandwidth. Attached is what we saw.
The support technician recommended me to look at the Tx Bytes column. The value that we saw for the particular device was 33632894 which is translated by my calculations to about 33 MB.
I am kind of confuse on how to put this value in practical terms and come up with the answer of how much bandwidth this device is using?
We have a 50 Mbps total bandwidth, does this means that the device is trying to use 33MB of the entire bandwidth?
I am having some trouble picturing this on my mind.
Please help.
Also if there other method to look at this in simpler terms let me know.
Thank you a ton
Sonicwall-traffic.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Tony Giangreco
I forgot to mention, we have a TZ210w from Sonicwall and have run through the same process tracking devices down, stopping hacking attempts, firmware upgrades.... It a big area to learn.
ASKER
Thank you guys for your comments, I have found out that this device is our DPM server which is replicating information with our secondary DPM server in the cloud.
This explains the amount of data, but how can I relate this number of 33 MB to the amount of bandwidth that is consuming at any given time?
I guess that if I can get the period of time that this device took to transfer this amount of data I would be able to come up with how many Megs this device is transmitting every second.
Please enlighten me.
This explains the amount of data, but how can I relate this number of 33 MB to the amount of bandwidth that is consuming at any given time?
I guess that if I can get the period of time that this device took to transfer this amount of data I would be able to come up with how many Megs this device is transmitting every second.
Please enlighten me.
That information would only be available in one of those servers if that information was logged and available for you to find.
Any other info we can provide on this question?
Any other info we can provide on this question?
The computer/device that is using up your bandwidth is part of an active botnet. SonicOS 6.1 has alot of new features, one of which is botnet detection.
it would be interesting to analyze some of the traffic
it would be interesting to analyze some of the traffic
It sounds like they have already identified the system that's using the bandwidth and it also appears to be normal. They just didn't realize it was using that much bandwidth.
Have we answered your question?