cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
502
Views
5
Helpful
7
Replies

Identifying ASA traffic types and individual bandwidth utilization

state
Level 1
Level 1

I would like to ask my fellow security geeks out there to assist me in determining the types and amount of non-vpn traffic going from inside to to the internet. I don't have Net Flow, and I don't have time to put a sniffer on. Is there some type so cisco tool that can do this? Thank you

7 Replies 7

srue
Level 7
Level 7

a sniffer is going to be the best way to do this. try wireshark (formerly known as ethereal).

i'm not sure how much time you think putting a sniffer on the network takes, but in the time it took you to compose your original post and read this, you could nearly have one up and running.

wireshark on windows? I don't think wireshark

can do the job especially if you're talking

capture about 20GB of data.

The best thing to do, IMHO, is to run

tcpdump on gentoo linux or FreeBSD and dump

it into a file. This will allow you to replay

the data later from the same linux system

via ethereal/wireshark from X-windows.

Wireshark is ok for simple task but if you

think about capturing a lot of data for

replay, tcpdump is the way to go.

CCIE security

in that case you may as well use openbsd.

where did you get 20gb from anyway?

in order to determine traffics type, you need

a lot of data. As a security guy, I would

think 20GB is not that much.

Guy's thank you for your prompt responses. I truly appreciate your help. Sniffers are great for looking that the different types of traffic but one of my requirements is bandwidth utilization for each protocol the sniffer would see.

I may be wishing upon a star because the tool that I need would visually display an overlay graph with bandwidth(s) displayed. Any ideas?

You need a device like a packeteer...

satya

acomiskey
Level 10
Level 10

ASDM 6 includes a dashboard which includes top sources/destination/services etc.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: