Network Analysis





Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

Greetings EE'ers,

This is a bit of an open ended question, but what do you all use or recommend as tools or practices for performing IT security assessments?
The new generation of project management tools
The new generation of project management tools

With’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Dear experts,

I came across a situation where I wish to create two subnets as in and

The will be my main network which will contains most of the PCs, printers, etc....

The will be my wifi network which all wireless connections such as phones, scanners, etc...

Here is the situation:

1. only have 1 switch with 48 ports (can be configured)
2. one sonicwall firewall  4 ports in back(can be configured)
3. allow the two networks to talk to one another as in if I have a PC in 192.168.1.x and wish to access a wifi device in 192.168.2.x

Here are the things that I wish to get answered and accomplished:
1. I wish to know what will be the "BEST and SIMPLE" configuration to accomplish this task. Thanks!
2. Is it possible to connect all devices into a single switch (the 48 port switch) and have combination of networks like 192.168.1.x and 192.168.2.x together without utilizing the VLAN?
Hi guys

We've had a major possible breach over at our side.

One of our accountants ended up sending an email to a client with our bank details etc. Few days passed and our accountant asked where the money was and was told the client had wired it to them.

Anyway after checking, the client showed a screenshot of the account details that they were sent by our accountant. When we looked, the account details had been manipulated!! They were totally different.
I am trying to investigate whether it was our emails that were intercepted or the client.

I have some tools which I can install, but we are within a guarded firewall environment. The firewalls are Watchguard's and we have got all of the APT and IP intrusion selected. We are in a domain environment. We use Messagelabs to protect our perimeter from spam emails etc.

In terms of intercepting the email, is it possible that our account has had some sort of keylogger or malware installed that feeds information back to the criminals?

Thanks for helping
Does any one know why might be causing a a lot of TCP DUP ACK and TCP Retransmission for a FTP transfer?  We also get a "426 File transfer failed" error in the packet capture.
I need to have insight functioning of network monitoring tools like nagios, cacti, centreon and solarwainds

how they work , I am exchange admin but I need to dig a little about all these tools

any article will suffice
I have been replacing antiquated equipment with unifi APs and switches.  I have a sonicwall that breaks my feed into 2 subnets.  One of them is content filtered for a school and the other is for church offices.  I would like to install a USG for the latency and throughput info, but can't seem to figure out how to get it to work without it interfering with SW or APs.  

Is there a way to do it?  I can buy another so that each subnet can have its own.  What I can't do is get rid of sonicwall or two distinct subnets as the school has to have the content filter and USG doesn't have enough of that capability.

I have changed IP and tried it on both subnets.  I have tried it before the SW and after.  I have adopted it, and it brings everything down.  I have adopted it and get caught in a provisioning loop.  It know shows managed by another device.

PS not an IT prefessional, doing this to save my school money and getting them the best technology possible!  So small words and simple answers please.  I have putty, but need step by step help
I am having some issues with some phones and was hoping someone could hopefully point me in the right direction. I am not a phone guy by any means, so excuse any mistakes or anything that is unclear. Our past set up was as follows

Site A - Sonicwall NSA 250 M with Avaya IP Office 8.1
Site B - Sonicwall TZ 205 with 20x Avaya 9608 phones

The sites are connected via a Site to Site VPN.

A week or so ago, we swapped out Firewalls. We moved Site A's to Site B, and put a Sonicwall NSA 2600 at Site B. We did a simple export/import of configs. Even though they were different Firewall models, Sonicwall documentation said it was supported, and we haven't had any issues. Except one.

Our phones seem to experience call dropping and quality issues. We get 10x dropped calls a day, and inside IP Office I can see Quality of Service Alarms going off like crazy.

I have set up QoS and BWM on both sides of the Firewalls, I don't believe bandwidth is the issue.  It's ONLY my remote phones at Site B, which are all H.323 phones. But if someone from Site A calls Site B, there is a chance it will drop as well. Site A can call Site A all day, or externally, no issues. I played around with H323 transformations on the Sonicwall, and that actually seemed to fix the issue, but after enabling it my phones would deregister themselves after a few hours, and would not re-register.

I have set up wireshark on both ends, nothing out of the ordinary, no increase of traffic when issues comes up. …
This is an addendum to an old ticket which can be seen here:

The problem described in the old ticket is still occurring. Random devices will pull a 192.168.0.X address. I put in a new Unifi network (With a new Sonicwall) but the exact same thing is happening. The DNS server changes as well. The DNS server on the firewall is listed as, which is exactly what devices that pick up the CORRECT 192.168.1.X subnet read. However, those that get the wrong 192.168.0.X subnet read the DNS server as, which is the old TW/Spectrum DNS. I have no idea how it's grabbing this.

This "wrong subnet" problem only appears to occur with the wireless devices, as no hardwired device has shown this error so far. That leads me to believe it's either a setting in the Unifi setup (For which I've kept all of the defaults) or the way the Unifi is talking to the Sonicwall. To combat this problem with laptops I've gone in and set static IP addresses from the PC side, which seems to have corrected the problem.  However, with the Nest devices, this isn't an option, as there is no way to manually enter network info.

Instead, I created a  static IP for the Nest devices on the firewall. If I reboot the devices they SOMETIMES pick up on the correct subnet, and when they do, it's the static IP I gave them in the firewall. However, after a few days of working properly they …
What is it and where is it used?
Are other ISPs besides Comcast able to use Comcast's DNS server addresses of &

An organization I am working for has switched over to using Comcast fiber optics as its primary internet service provider (ISP). We also have a second internet service provider (Etheric Networks ( which provides satellite dish based internet services.

Our internet service is set up in a failover configuration using a SonicWALL TZ600 router so that if our primary Comcast fiber optic internet service fails then our internet service will automatically switch over to Etheric until the Comast fiber optic service is restored.

We would like to continue to use the static external DNS server addresses of and in place if our internet service ever switches over to Etheric should the Comcast fiber optic internet service become unavailable.

Our question is if our internet service switches over to using the Etheric internet service will the external IP DNS server addresses of and still be valid and provide timely DNS name resolution?

Or is there a different type of method we should be using to handle our internet service and DNS name resolution switch over?
[Webinar] Improve your customer journey
LVL 12
[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

I have a client with a Sonicwall TZ 215  (SonicROM ) that is using a SonicPointN for wireless access. The SonicPoint is setup on Physical interface X2 with a network and the X2 interface also has two VLAN Sub-Interfaces on it, X2:V18( and X2:V19 ( These VLAN’s are used to create the two wireless zones, one for Guest and one for employee’s. The customer now wants to add a remote lighting “Hub” that is manipulated via an Android or iPhone apps. Even though the “Hub” is accessed via the internet the initial setup has to be done with the phone app being able to see the unit on the same local network segment. Since the hub only has a Ethernet jack and the phone only has wireless, the phone and the hub need to be on the same wireless network. So I what I am trying to accomplish and can’t seem to get working it make the X3 interface on the Sonicwall be on the same VLAN Sub-Interface as the wireless access point. In this case that would be X2:V18. So to sum the whole deal up.  I need to get X3 interface assigned to the same network ( and the VLAN-Sub-Interface as X2:V18. I can’t seem to get it the way I need, no problem getting the X3 on the X2 network ( but not on the X2:V18. Any help would be appreciated. Thanks

Glenn Thibeault
Onsite Information Technologies
I was reading as below

TCP - is a transport layer protocol. It works over an IP network
HTTP - is an application protocol. It works using TCP on an IP network

i was not clear. Does HTTP also uses HTTP
what other protocols there in networking.

nay good link, resources or free video tutorial to understand clearly these things?
please advise
I had this question after viewing accessibility for a client.

I am starting off with a headset with two male connections (one for audio, one for mic) that plugs into a windows 10 laptop. I connect wifi to a residential connection. My family member who has hearing issues can not be present to test often. Right now I am not interested in security so firewall is not important.
Hi Expert Team,

I need help to automate a SQL database alert generated from SCOM . We used to get an alert  'database backup should be performed' for SQL database servers. But in our project we have Always-on cluster(Mirror) database servers and database backups are performing on Primary  database servers. But SCOM is complaining the same for secondary databases and many such alerts are generating from SCOM.  All these SCOM alerts we receive as incidents in ticketing tool via Orchestrator2012. Our goal is reduction of  such incidents. Therefore i want to automate this kind of  alert to identify which is primary database and trigger alert for only primary database servers and not for secondary database servers. . Is it possible to resolve within SCOM console or can we do anything in Orchestrator2012.

Please guide me how to automate.

Thanks for support!!!
There's request to open up ACL tool to Internet from a server:

a) is the licensing validation once-off only or periodically?  If periodically how often is this &
    under what circumstances it needs to reach out to ACL licence server?  Say it exceeds
    certain number of records to analyse, then it validates?

b) anyone know which URL it connects out (or its incoming) for this license validation?

c) if we go through bluecoat proxy, will it work?  I'm planning to restrict to specific URL
    for outgoing only (or is incoming port required too)?
I am having a problem with installing Office 2013 or 2016 on Windows 10. I get some variation of “Setup cannot find ProPlus.WW”…
Here are just some things I have tried.
•      Install from network drive via ISO
•      Install from network drive via a extracted ISO to directory
•      From Burned DVD
•      Used Microsoft tool to completely uninstall any Office products
•      Re-downloaded ISO
•      Re-downloaded ISO using Chrome/Opera
•      Re-downloaded ISO to local drive
•      First installed 2010 then upgraded (This worked only once or twice)
•      Copied extracted directory to local drive
•      Renamed directory to Office or 2016 and put it on the root of C:\
•      Tried on a prebuilt Lenovo
•      Tried on reformatted Lenovo
•      Tried on a brand new custom made PC
•      Tried on a Virtual Windows 10 PC from network
•      Tried on a Virtual Windows 10 PC using DVD
•      Tried on a Virtual Window 7 PC (This worked using the same DVD as above)
I have had some success with a couple of these but not consistently. I have spent hours trying to solve this problem. Any suggestions would be very much appreciated.

Joe Pelish
Have internet from two ISP one is faster but has packet loses, the other is reliable but slower, have two lan one for the phones and one for the office equipment the office equipment runs on the faster and the phones run on the more reliable. Looking have this settings one router, plus a failover option and email notification. And recommendation?
Hello Everyone,

We are thinking about upgrading our Cisco 801.11n wifi  access point to Ubiquiti Unifi UAP-AC-HD Access point. We bought a test unit and very easy to setup and all in one central management robust unifi controller, we have 100m up/down internet from TWC. During our LAN speed test we are getting about 80 mb/s up and 90 down, which is normal. when we test it on the new Ubiquiti wireless access point , we are getting speed of 32-34 mbps and upload getting to 90mbps on a 5ghz band. on a 2.4ghz band we are getting about 16mbps down and 80-90mbps up. Our current network configurations example is attached. We have contacted Ubiquiti and support doesn't seem to know what went wrong still waiting for their engineer to reply. all switches are in full duplex speed. We are suspecting the firewall is filtering traffics by design, and if so, we would like to know if there is a way to fix this.

Any help in unraveling this issue would be greatly appreciated.
I recently took over support for an office that is running an old set of Cisco Aironet routers. This office has a good amount of wireless devices - at least 15-20 laptops and computers, along with Nest thermostats, carbon dioxide sensors, and more. What seems to happen is randomly a connected computer will suddenly lose it's connection. Where normally the connection will be 192.168.1.X (Their standard subnet) a computer will randomly drop and suddenly show a 192.168.0.X address, complete with 192.168.0 gateway and no internet access. After sometime the connection will re-establish.

Now I'm 99% sure this is simply the old Wi-Fi network unable to keep up with the number of wireless devices and it's dropping and re-acquiring leases. I just wanted to confirm that anyone else has seen this before. I was planning on replacing the Wi-Fi anyway, but it seems odd. In my experience, when a computer only has limited connectivity it would show something like a 169 address, or no address at all. The fact that it's suddenly coming up with a 192.168.0 address seems oddly specific.

Thanks for any input you might have.
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

I need to monitor what websites specific end user are visiting. Looking for suggestions on what programs have worked for others.
Hello Team,

I want to track the missed call notification on Cslogger skype for business 2015 tool.

Please suggest how to trace it

we have skype onpremises 2015

I use FreeBSD ipfw, I want to measure current speed in bytes per second and packets per second for monitoring.
If I have a pipe and two queues in it, ipfw doesn't give current speed when executing 'show'. If I try to measure speed by counters (ipfw rules), I don't get real speed because counters measure queue input, some packets can be dropped in queue or pipe.
Please, help.

I had created a SITE to SITE VPN between a PFSENSE anda Sonic Wall TZ400.The VPN is up no problem. The only thing is that I cannot open ressources like folders, rdp or ping from one side to another. Anybody knows where I should look to fix this issu?

We currently have a fairly simple set up, we have ONE public Web Server IP.   Our In/Out path is ISP line to our Cisco ASA/Firewall to our Host Server.    We use Static IPs from the ISP.   Our objective is to achieve highly reliable access to our Web server.  

We are looking at solution such as DNSMadeEasy + DNS Failover.  

Would the following plan work?
1) We'll acquire a new ISP #2 service as backup for our ISP #1 service.
2) We'll acquire a new Switch. On site our location we'll plug the two lines from ISP #1 and ISP #2 into the new Switch.
3) Run a single line from this new switch into our existing CISCO ASA router, and add configuration rules to Cisco for the new source IP addresses to mirror the rules already there for NAT, port forwarding, etc.

Any recommendations would be appreciated!
One of the Experts here on EE suggested GFI Languard.  So, we bought it and have  had it running for a few months.  As I get further into it and want to take advantage of its capabilities, I naturally have questions.

Being a "good customer" I figured to start on the community forum.  But I can't log in and I can't set up a new account.  I have LOTS of email addresses available and can set up new ones.  Yet, no matter which one I enter for a new Registration, it says "already used".  Can't be true of course.

Telephone customer support takes one to a menu that has nothing to do with customer support and, if you politely wait after not responding, it says "Goodbye".

I may be in the market for 3rd party Q&A at least.  Or, what might you suggest?

Network Analysis





Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Vendor Experts

Gil FeldmanMonday Learn more about Monday