Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

We currently have a Dell Sonic Firewall that is our firewall as well as our company router.  This is our main router for all of our sites in the company.  We have 16.  We implemented through our EMR (Electronic Medical Records) software an upload to a billing company.  They in turn configure and print bills and send them out to our customers.  This has worked fine for over two years.  When this was implemented, we were not required to make any firewall changes at all.

A week ago, the user doing this procedure received an error that the file could not be uploaded.  She called the EMR company, who in their effort to troubleshoot the problem, changed the upload method from ftp to sftp.  She then tried to upload and she got an additional error that port 22 was unable to send.  Seeing that error, the EMR said that the problem has to do with our firewall.  I spoke with the billing company who tried to do a trace route to our external IP.  They were unsuccessful, but I was able to do a trace route to them.  The only caveat is that the user can do this procedure from home with no problem.

I am willing to make firewall changes if necessary, I just don't know what they would be or why it is necessary now, if no one has made any changes other than the upload method from ftp to sftp.

Please help.  I am desperate.
0
Free NetCrunch network monitor licenses!
LVL 4
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

what is the difference between nagios and centreon, are they technically both the same
0
I'm sure I have done something wrong here. This is such a basic config. Can you tell me why my router can communicate outside, but my PCs cannot?

!
! Last configuration change at 17:48:41 UTC Sat Jun 10 2017
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MYROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 <obscured>
enable password <obscured>
!
no aaa new-model
!
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 20
dot11 syslog
ip source-route
no ip routing
!
!
!
!
no ip cef
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
license udi pid CISCO1841 sn FTX1104Z0BG
!
redundancy
!
!
! 
!
!
!
!
!
!
interface FastEthernet0/0
 description OUTSIDE
 ip address dhcp
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!
interface FastEthernet0/1
 description INSIDE
 ip address 172.16.254.1 255.255.255.0
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 speed auto
 half-duplex
 no cdp enable
 no mop enabled
!
interface ATM0/0/0
 no ip address
 no ip route-cache
 shutdown
 no atm ilmi-keepalive
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 dhcp
!
access-list 101 permit ip any any
no cdp run

!
!
!
snmp-server community public RO
!
!
control-plane
!
!
line con 0
 

Open in new window

0
Hi All Expert,

Good Day.

I have a client from my company which it having network laggy issue, the lag is from the warehouse office and the HQ office is not having issue. My boss blame the ISP for the lag, software at the warehouse office is very laggy and the software team blames the network on the warehouse. But when I do a speed test it's actually getting the correct speed, I use one of the user pc to ping my server(HQ) and it's getting high ping around 170-180, from my server pinging the user at warehouse also getting this ping result. I have restarted the server before also same, pinging the firewall is low ping. Appreciate if any expert can advise me on.

Many Thanks!
0
Is there such a list of IP or smtp domains (doesn't have to be up to the hour up-to-date) list so
that we can block at our smtp?

Blocking by firewalls is not good as the emails will still come in
0
Hi guys

Those of you who have used network monitoring tools to get an idea of everything going on your network, what do you use? Have you got an idea of what Datadog is like?

Cheers
Yashy
0
I have 2 routers connected to the same MPLS provider. I have the statement maximum-paths 2 under my BGP config. I'd like to know what will happen if I remove it.

router BGP 65001
...
address-family nsap
 maximum-paths 2
exit-address family

Open in new window

0
In a question placed previously regarding slow internet, an EE recommended the use of Acrylic Wi-Fi.  When we placed an image of the display of the apps (see pix below), the EE could recommended to change Channel to CH11, the Band Width to Only 20 MHz and disable WPS.

acrylic
Questions,

  • When running this apps from time to time, what should we look for to improve the connections? (Or be aware of possible "red flags" in our Wi-Fi)
  • We noticed that the "Max Speed" is 300 Mbps and now it went to 144.4 Mbps,
- what can it ba causing this decrease in Mbps?
(we also ran tha apps in another notebook and also 144.4 Mbps)

note, we run under Windows 10
0
Hi

Is there a  open sources tool for CMDB that comply to ITIL

Thanks
0
My router is configured with subinterfaces, s0/0.10 and s0/0.20. I am trying to get the utilization of the physical port g0/0. my gig0/0.10 has 20%. My gig0/0.20 has 20%. Does it mean that my utilization is 40%? Thx
0
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I have a hsrp configured with tracking on both r1 and r2. r2 is the primary (see diagram). The issue that I have is when r0 gig0/1 goes down, hsrp is working as r2 will go on standby. But sw1 still goes to r2 before r1. I'd like to send sw1 traffic directly to r1. Do I need to do tracking on sw1 as well? If yes, what do I track? Thx

net diagram

R2:
track 1 interface gig0/0  line-protocol
 
interface gig0/1.10
 encapsulation dot1Q 10 
 ip address 10.10.10.2 255.255.255.0
 standby 0 ip 10.10.10.100
 standby 0 timers 5 15
 standby 0 priority 110
 standby 0 preempt
 standby 0 track 1 decrement 20

Open in new window


R1:
track 1 interface gig0/0  line-protocol
 
interface gig0/1.10
 encapsulation dot1Q 10 
 ip address 10.10.10.1 255.255.255.0
 standby 0 ip 10.10.10.100
 standby 0 timers 5 15
 standby 0 priority 105
 standby 0 preempt
 standby 0 track 1 decrement 20

Open in new window

0
Compare SIEM  such as ELK and Alienvault
0
My company has begun a 30 day trial of Network Detective, a network assessment suite primarily used by MSPs to inspect the infrastructure of prospective clients.  It reports on missing patches, insecure passwords, old/stale AD objects, etc.  There are optional modules for Exchange and SQL Server as well.  We're using it primarily to assess existing clients, as a sort of 'sanity check' of work we already perform for them.

While we're finding the tool useful, I'm getting the impression it's basically a nice front-end for freely-available software/scripts like MBSA (Microsoft Baseline Security Analyzer).  It saves us time, and presents the information in an easy-to-parse format, but I'm not sure the pricetag of $400/month forever is worth it.  

What I'm wondering is, have you had success with a similar tool or Network Detective competitor, that has a similar feature set at a lower price?

If this is the best tool for the job, so be it (as I said, we do save a lot of time with it).  But if there's something very much like it, I'd like to at least take a look.
0
Hi Experts,
     Is there any free tools available to check the uptime of a network . The result need to be checked only for a single server ( What I mean by uptime is how much time the server is up so that others can connect to it )
 Also, are there tools/sites  which are not necessarily free , in case if that option need to be considered ?
Your help is appreciated
0
Hi

Do you have a good recommendation for free open source monitoring to monitor Network bandwidth?
0
Hello

We have the following set up

App Server (Windows 2012 Server)  > Network proxy (Bluecoat) > Internet server (Linux)

We noticed that our App Server was intermittently connecting to the Internet server.

The vendor of the Internet server says they can see only a few requests coming in, so the problem maybe between App server and Network proxy

I can run a Wireshark on the App server, and I want to filter for network events showing either the App Server terminating the connection of the proxy doing so. What should I be doing and filtering on?
0
I have 2 WAN connections and HSRP running on the inside facing the access layer switches.I am just  wondering if I can track each link within mlppp with hsrp tracking. Thanks
0
What software is good to monitor the Bandwidth utilization
I want to know who is consuming the bandwidth
0
I have a 2012 R2 Terminal Server used for Remote Desktop connections.  We have been experiencing slow connections and cutoffs throughout a given day so I decided to investigate.

When I connect to the server and run, for example, Wireshark to see what is hitting the NIC, I see that in a 10-second capture there are maybe 800 packets coming from my public IP.

No other remote connection shows anywhere near this many packets.  This behavior doesn't seem normal.

I have attached a file showing the packet capture from Wireshark.  72.135.233.88 is my public IP.
Network-capture.docx
0
[Webinar] Learn How Hackers Steal Your Credentials
LVL 9
[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

It is some type of Linux honey pot program. I was given a fife, honeymine.py, that is supposed to set the program up to to end to a SIEM to gather information on my internal network. Supposed to be installed on Linux Mint Mate 18. Classified as a "Low-Interaction" HoneyPot.

I have not been able to locate the installer or information more that I have given. Any help would be appreciated.
0
I have been tasked with performing a detailed Network Audit for a company.  Within this audit I need to be able to identify and recommend technologies, upgrades, etc. since they have been experiencing lots of growth and would like to plan accordingly.

My questions are:

1.  Are there any software's out there to assist in this?
2.  Are there any templates out there to follow?

Basically, I have never created and presented anything formal like this before.....  I need a blue print!!

Any and all help is appreciated.
0
Hello

We currently run about 5 key apps in our tower. Each app runs on Windows server and has it's own bespoke montioring solution....this isn't great since

1. It's costly
2. We have 5 x monitoring solutions to run

Is anyone aware of a generic monitoring platform that can be used? I was thinking SPLUNK but is there anything else?

Would one really call SPLUNK a monitoring solution?
0
Given the scenario of a simple text file on file server share and a user opens the file on the remote share from their desktop and someone was to capture the SMB traffic and look at the pcap file, could you see the some of the file contents in the capture?  This assumes that smbv3 with encryption is not used.
0
Hello Experts,
I have 150 users in office and we use Skype as an IM. But it has been noticed that, Skype consumes hell lot of internet usage and create lot of unknown issues which takes little long time to resolve and it's almost every 2days one or two users impacted.
I'm looking for a free application that can be deployed in office and give the end users flexibility to enjoy the messaging without any hassles.


Any good applications can anyone suggest me please?
I have to do this within 2 days of time so request you to kindly assist me in this regard. This is the first time i'm using this forum but have been informed that this site holds fantastic experts where people get most of their questions answered:-).

Looking forward for the early response!!


Regards,
Benn..
0
When security port scanning a very large number of machines, what is the optimal range of ports to scan?
While the well known port range is something like 1-1024, there are many services which exist in the 4 digit range.
Is there a secondary 'well known' range which isn't as large the as full 64K range which takes much too long.
0

Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).