06-07-2008 03:31 AM
Hi all. Currently my office users are going to the internet through cisco asa5510. Recently internet users complain internet traffic is very slow. A check with the isp and i was told that download/upload traffic on my end is very high. How can i make use of the adsm to monitor the traffic and determine which hosts(private ip address) is hogging up the network. Do i have to use any 3rd party tools. Currently i have only privilege 0 access to the firewall and hence cannot modify the firewall. The user acct with privilege 15 has since left the company together with the password. Pls advise. Thks in advance.
06-07-2008 01:37 PM
This is a great tool I've evaluated for this purpose, have a look at it:
However you can do this with any SNMP-Viewer/MIB Browser type of tool. You just have to allow SNMP access to the firewall.
Please note that ASA 8.x has support for NetFlow as well AFAIR.
Regards
Farrukh
06-10-2008 02:06 AM
Hi Farrukh,
THks for the reccomendation. Fireplotter is indeed a very useful monitoring tool. When i use it for monitoring i found my outbound traffic is very high. From this outbound traffic i narrow down to the particular pc that is causing this problem. The user of that pc was using p2p software to download videos. After i got the user to shutdown the software, internet traffic subside alot. Since the user is downloading instead of uploading, shldnt the fireplotter reflect inbound traffic instead of outbound traffic? Can i say that outbound traffic is reflected in fireplotter when the user is downloading because the user initated the connection? Pls advise. I would also like to know if i can log the information from fireplotter to a log file? Thks in advance.
06-10-2008 02:35 AM
Yes this is exactly what I use it for, tracing users before they even hit the proxy server :). We use it to monitor FWSM(s).
Yes I also have a difficult time understanding the direction of traffic. However it could be that the user is offering files to others on the p2p network (therefore uploading). So its better you use a browser or FTP to download something and then check the direction in FirePlotter.
I'm unaware of any such feature to store data in log files. It seems to be a real-time tool.
Ragards
Farrukh
11-10-2008 01:41 PM
what has to be configured on the asa for fireplotter to work? config example?
thanks
11-10-2008 10:45 PM
Here you go:
http://www.fireplotter.com/doc/OnlineHelp.htm#Setting_Up_Your_Cisco_PIX/ASA_Firewall_for_FirePlotter
Please rate if helpful.
Regards
Farrukh
11-19-2008 12:10 AM
HI All
I used fireplotter and did not find it had everything i needed, try use fwanalyzer, it gives you all the information you need and more :)
11-19-2008 12:35 AM
Both tools do separate things. You have to compare the costs/feature advertised etc. There is no doubt that the manage engine product is more comprehensive.
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: