[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 669
  • Last Modified:

How to find the bandwidth hogs?

Hello Experts - I am looking for a way to track down who is using too much bandwidth and bringing internet speeds down for everyone.  I have a flat network with a Dell NSA 240 firewall.  Unfortunately my predecessor did not opt to purchase any of the integrated tools on the firewall so I don't have much insight into how bandwidth is being used on that device.  I'd prefer a free solution if there is a good one, please let me know if you have any suggestions.
0
danbrown_
Asked:
danbrown_
  • 2
  • 2
  • 2
2 Solutions
 
Ken BooneNetwork ConsultantCommented:
Well if you want free, you can setup NTOP.  Basically get a box and install NTOP on it.  Then mirror the inside firewall port and watch NTOP when your bandwidth is crawling.  You will see who is using what and will know what the traffic is.

http://www.ntop.org
0
 
Fred MarshallPrincipalCommented:
Or, you can use PRTG free version and use SNMP to monitor switch and router ports for traffic levels.
0
 
danbrown_IT ManagerAuthor Commented:
Good suggestions, thanks guys
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
Ken BooneNetwork ConsultantCommented:
Yea PRTG and SNMP will show you traffic levels, but it will show you how much traffic, but not who is using what traffic.  PRTG or CACTI or something like that is great for historical and real time bandwidth utilization, but you need netflow or a "netflow-like" tool in order to see who is doing what specifically.  NTOP is a netflow-like tool.  I think PRTG has a netflow plugin but I don't think it is in the free version, plus you would need a netflow capable device.
Hope that helps.
0
 
Fred MarshallPrincipalCommented:
Yes, it rather depends on the system topology.  If all the computers come into a centralized switch with no switch cascading at all then the switch ports and the computers are 1:1.  So, this will be the case in some buildings and not in others and there is likely to be some bit of switch cascading where wall ports are inadequate, etc.
0
 
danbrown_IT ManagerAuthor Commented:
I wish I could use Netflow but that isn't something this firewall supports.  It has its own built in tools but the prior admin who purchased it didn't license any features.  We actually have a series of switches so I'm using PRTG to get SNMP info out of the firewall for now.  Thanks again.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now