How to measure Bandwidth Per User

Unanswered Question
Sep 13th, 2011
User Badges:

This is something totally out of my working field right now.

But i need some ideas on how to find the bandwidth per user (internet). all our browsing goes to proxy server (ProxySG), then packeteer (for shaping) then lastly to Router.

I would like to find a tool or a method to find the bandwidth per user, and export that into some real time graphs to be shown. If no ready to use tool is avialable, then my next question is. how can i use NetFlow to do that. our Router is Cisco 7206VXR (NPE-G2) with IOS Version 12.4(4)XD5

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Tue, 09/13/2011 - 06:29
User Badges:
  • Purple, 4500 points or more

Is your 7200 in front of the proxy or is it the internet router? I don't know anything about ProxySG but I would thinkit could provide some stats.

CSCO11584685 Tue, 09/13/2011 - 06:38
User Badges:

The 7200 is the internet router. here the diagram.... users----------Proxy--------packeteer----------7200

There is the bandwidth used, and concurrent users data on proxysg. But these values can't be exported. To make my issue more straight forward. The management have asked me to show them "live" graph of "Minimum Bandwidth Per User".

Collin Clark Tue, 09/13/2011 - 06:46
User Badges:
  • Purple, 4500 points or more

I have to assume "by user" they want to see a username and not an IP address. I thought the Packeteer could provide per user live graphs, no? Most features on network equipment show by IP, not username because of the coorelation between LDAP and the network device.

CSCO11584685 Wed, 09/14/2011 - 06:04
User Badges:

"user" can be either IP or Username. As long as i can show them a graph, they would be happy.

Don Jacob Tue, 09/13/2011 - 06:58
User Badges:
  • Bronze, 100 points or more


In the scenario you mentioned, if you look at NetFlow data from the router, the source IP Addresses for all traffic heading to the Internet and the destination IP for all incoming traffic will be the proxy server's IP Address. NetFlow technology does not provide visibility about LAN IP Address in environments running proxy servers.

Your best option is to monitor the proxy server itself and this can be done by ManageEngine Firewall Analyzer is what I believe. Check the below link for details and I see Bluecoat SG series in their supported devices list:

If you are fine with just half the visibility (ie. only proxy IP Address and external IP Addresses), enable NetFlow on the Cisco 7206 as below:

On all the interfaces

ip route-cache flow       // This command has to be applied on all interfaces.

From global config

ip flow-export destination 9996   // The hostname or IP address of the NetFlow Analyzer server

ip flow-export source Loopback0    // The interface through which NetFlow packets are exported.

ip flow-export version 5

ip flow-cache timeout active 1

ip flow-cache timeout inactive 15

snmp-server ifindex persist

Hope that helps.


Don Thomas Jacob

ME - NetFlow Analyzer

CSCO11584685 Tue, 09/13/2011 - 21:32
User Badges:

you are right. i don't know how i missed that Netflow will show me the proxy IP since it is not in transperent but explicit.

Yes, i do need t omonitor the Bluecoat ProxySG. i Just can't find the tool that will do that for me. I'm going to find about bout the firewall analyzer.

Any other tool that come in mind?

Don Jacob Tue, 09/13/2011 - 22:30
User Badges:
  • Bronze, 100 points or more

I knew about Firewall Analyzer because I work with NetFlow Analyzer and both products are from ManageEngine. Iam not sure to what extend Firewall Analyzer can actually help, but you can try reaching the support team:

Also, check the link below. But Iam not really sure if they will help and you may need to verify the vendor:


Don Thomas Jacob

ME - NetFlow Analyzer


This Discussion