Identifying ASA traffic types and individual bandwidth utilization

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (1 ratings)
Loading.
srue Thu, 01/10/2008 - 17:27
User Badges:
  • Blue, 1500 points or more

a sniffer is going to be the best way to do this. try wireshark (formerly known as ethereal).


i'm not sure how much time you think putting a sniffer on the network takes, but in the time it took you to compose your original post and read this, you could nearly have one up and running.

cisco24x7 Thu, 01/10/2008 - 18:23
User Badges:
  • Silver, 250 points or more

wireshark on windows? I don't think wireshark

can do the job especially if you're talking

capture about 20GB of data.


The best thing to do, IMHO, is to run

tcpdump on gentoo linux or FreeBSD and dump

it into a file. This will allow you to replay

the data later from the same linux system

via ethereal/wireshark from X-windows.

Wireshark is ok for simple task but if you

think about capturing a lot of data for

replay, tcpdump is the way to go.


CCIE security

srue Thu, 01/10/2008 - 19:44
User Badges:
  • Blue, 1500 points or more

in that case you may as well use openbsd.

where did you get 20gb from anyway?

cisco24x7 Thu, 01/10/2008 - 19:56
User Badges:
  • Silver, 250 points or more

in order to determine traffics type, you need

a lot of data. As a security guy, I would

think 20GB is not that much.

Guy's thank you for your prompt responses. I truly appreciate your help. Sniffers are great for looking that the different types of traffic but one of my requirements is bandwidth utilization for each protocol the sniffer would see.


I may be wishing upon a star because the tool that I need would visually display an overlay graph with bandwidth(s) displayed. Any ideas?

sbaddipu Fri, 01/11/2008 - 09:53
User Badges:

You need a device like a packeteer...


satya

acomiskey Fri, 01/11/2008 - 09:53
User Badges:
  • Green, 3000 points or more

ASDM 6 includes a dashboard which includes top sources/destination/services etc.

Actions

This Discussion