Network Monitor and analysis software

Status
Not open for further replies.
A

aplatt99

Posts: 13   +0
I have just accepted a new Net Admin position and need a bit of assistance. I am looking for a software utility that will perform some network monitoring on the LAN and determine where network bottlenecks occur. We are attempting to determine if our existing 100 mbps network should be converted to gigabit. Plus we want the ability to determine if network performance is decreasing after lunch time cause users are listening to streaming audio. We currently are running a SOnicWall firewall that does a fair amount of internet packet analysis and reporting. We would like to have some of that on the LAN side as well. Any help is greatly appreciated

AP
 
start with some simple stuff, eg log analysis.

You can get a good idea of usage patterns by logging NEW connections and then
sorting by destination port. You then have a map of what is happening and if you
clump the results by-hour, you see work load patterns.

Port usage implies data types (eg port 80 is obviously HTML/web stuff, port 110 or 143 is reading email, port 119 is news-groups, port 25 is email sending).

RealAudio defaults to ports 7070, 6970-7170

The advantage of analyzing your logs is no new software and you get a good
benchmark of where to investigate further.

Where to capture tcp traffic? At the company interface to the Internet (ie your external firewall) OR in the DMZ on the firewall into the Infrastructure.
This single point will benchmark both external inbound and internal outbound traffic.
 
Thank you for your reply. What I am looking for is more on the LAN level. I already have the SonicWall that monitors inside out access. I am looking for something to look on the LAN level that will monitor the network and tell me the bottle neck that could be occurring, it may be caused by a port on the switch that is not providing enough packet throughput, or something along that line. Again, we are trying to determine if the current 100 mbps network infrastructure and server are being tasked beyond the 100 mb capacity. I doubt they are, but firm numbers are a lot more convincing than the new guys opinion.

Thanks again
 
I understand your position. My suggestion is to narrow the area of investigation so
that you can reduce the data capture task to something that can be understood,
instead of setting at the bottom of Niagara Falls and wondering "what was that which just went by".

Move the logging point into the LAN but as close to the gateway as possible.

Tools: Ethereal

Monitoring will be by IP address or Port; the data is voluminous.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Cruise robotaxis blocked San Francisco traffic again as company blames network congestion
Replies
8
Views
559
veLa
veLa
Shawn Knight
Microsoft and Intel are working on a project that converts malware into images for easier...
Replies
3
Views
1K
Danny101
Danny101
onetheycallEric
FCC announces 5G spectrum auction and $20 billion investment for rural broadband access
Replies
11
Views
1K
BrokenBarney
B

Latest posts

Back