Network Monitoring Tool

Unanswered Question

Hi all,


I am in a discovery phase of trying to find out what is out there for Network Monitoring. Beside realtime and historical reportings I am also looking for something that can help in troubleshooting LAN/WAN related issues. For example: I have users reporting slowness at one of my remote sites and today I can see the traffic load on the WAN interface but I can't tell what type of traffic or who is taking up bandwidth.


Thanks in advance !!! I appreciate any inputs / suggestions !!

D.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jan Nejman Fri, 06/04/2010 - 01:07
User Badges:
  • Bronze, 100 points or more

Hello,

  you can use netflow (http://netflow.caligare.com) functionality. It gives you answer

who is transfering data, number of transfered bytes, src/dst IP addresses, ports, protocol,

src/dst AS, etc. If you need to see complete packets, you need to use deep packet inspection,

i.e. wireshark and SPAN (monitored) port on the device. I suppose that netflow is exactly

what you need at this time. You will be able to find user and/or application which is

transfering abnormal amount of data. Feel free to contact me if you need more details.


Kind regards


Jan Nejman

Caligare, co.

http://www.caligare.com/

Don Jacob Fri, 06/18/2010 - 01:20
User Badges:
  • Bronze, 100 points or more

Hi,


Based on your requirement NetFlow is the best option you have. Bandwidth monitoring can be done either wiuth SNMP, NetFlow or packet capture. Here, SNMP gives too basic information like traffic based on speed, volume and utilizartion. It cannot tell the hosts and applications used.


Packetcapture is very indepth but is not feasible as its time consuming and may increase overall network load because each of the traffic packet is analyzed.


The best option is NetFlow based analysis, provided your devices support NetFlow export. NetFlow will captue the traffic header information and can report on traffic stats with information on the applications using the bandwidth, source and destination of each conversation, hosts involved with an application bandwdith and even QoS values.


Check out ManageEngine's NetFlow Analyzer for NetFlow based analysis. To see the type of reports you can get, check the online demo from below:

http://demo.netflowanalyzer.com/netflow/jspui/NetworkSnapShot.jsp


Check NetFlow Analyzer from http://www.manageengine.com/products/netflow/


Regards,

Don Thomas

Marvin Rhoads Fri, 06/18/2010 - 04:01
User Badges:
  • Super Silver, 17500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

The size and composition of your network are factors that need to be provided in making a recommendation. Can you tell us how many network nodes (routers and switches) there are?Are they all Cisco or multi-vendor?


Re the earlier suggestions about Netflow - yes, it  can be very useful but is not supported on all Cisco platforms, even ones that may be WAN-facing.


Another factor is your comfort level at managing your toolset. For instance, do you expect to put the disc in and run the install script and do minimal administration? Or are you happy downloading open source toolsets onto a Linux box and tweaking html code to make it look the way you want?


Also, what is your intended audience or users? Yourself as a network admin, a larger team which may include operator (non-admin) type users, non-network engineers, and/or management?

Actions

This Discussion