Network Traffic Monitor Software?

S

Shad498

Beta member
Messages
3
Location
Preston
Hi Guys

I was wondering if anyone could recommend any network traffic monitoring software. Preferably for free (or a trial). If it does what we need I don't mind paying.


SCENARIO
The company I work for has 2 sites in the UK and we have dedicated links to the internet and between sites. We have a central firewall which can show us traffic from both sites to the internet and we can report on what is being downloaded to what machine (via IP address) etc

The problem is, if we transfer something internally from Site1 to Site2 (or vice versa) We have no viability of it or what machine it is coming from.

We occasionally see our network slow down but see little traffic on the firewall which must mean there is internal traffic. This could be someone moving a large file (or groups of files) from 1 site to another or could be something else. 1 of the main causes we see are Windows Updates as we run an update server (WSUS) on Site1 and when approved, the updates are passed to PC's on site2 which is one of the main causes of our network Issues.


REQUEST
I know there are plenty of software packages out there for this kind of thing, but can anyone make any recommendations to any preferred software. I don't need nothing complicated, We just need viability of traffic between our sites, preferably giving us the IP address where the files are coming from and IP of where they are going to.

Thanks for your help guys
 
Last edited:
It's probably more helpful to say what tech you already have. there may be solutions that fit in with your existing tech, there may not.

Also, I'm not sure what you mean by saying "the network is slow".

what about it is slow. and where is this noticed?



Can you give a better description?

at the minute I get that you have site A, with internet connection and all clients browse the internet here.
site B is similar.

then between sites you have a leased line.

your theory is, if you transfer large files between sites, and all the bandwidth is used on the leased line, that the "network slows down" but how exactly?
do you mean the network at site A, stuff happening on th network at site B or just inter site transfers?


it seems like you have no visibility of what's going on on the network.

Are the sites in a different network, or all a part of the same network? (like do you use different addresses at site A and site B.

what device is acting as the gateway between the different offices?

Do you have managed or un-managed switches?


What is the line speed between sites? e.g 100Mg LES 1Gb Les?
 
Thanks root for your reply.

I was hoping that some people may already have experience with basic network monitor software without having to go in depth but I will try to answer as much as I can

There is no problem or Issue as such that needs fixed. I just thought I would join this forum and ask for recommendations for monitoring software

SLOW NETWORK
In regards to the network being slow, our firewall (Palo Alto) provides us with network monitoring but will only show traffic coming from or too the internet. If someone is on youtube, getting MS updates from MS etc, we can see this on the firewall.

In regards to speed. SiteA has a 20mb connection and SiteB has a 5mb connection (soon to be upgraded). Although upgrading the netowork may solve the issue, it would be good to actually see all traffic, including site to site traffic.

Our Company has a hosted web-server actually on another site (so 3 sites in total) which hosts our back end portal. We rely on a stable connection to access our back end portal via a web browser

For example. If a user downloads a large file or say streams a film, we can see a spike in the usage of the bandwidth. We often have this hitting 100% at siteB and when this happens all the other users struggle accessing our back end web portal or other network resources/software or files stored on another site. It literally runs slow as we are maximizing our bandwidth out

Sometimes our network will run slow and we can see no reason of why when looking on our firewall. We have noticed that this happens when data is being transferred between sites (copying a large flle etc... but we mainly spotted this when running updates as all our windows updates are passed from SiteA to SiteB through the link). It appears that the web portal we use to monitor our traffic only shows web traffic and does not give us any viability of internal network traffic

I have attached a screenshot for reference from today's firewall monitor (which only shows web traffic from today at SiteB which has a 5mb connection)

Generally SiteA seems to be OK as they have a much bigger bandwidth so they don't notice the traffic problems as much.

COMPANY NETWORK
In regards to the company being part of the 1 network or not. I am not 100% sure on what level you mean. My knowledge of networks in some levels are pretty basic, we have a support contract with our suppliers who maintain the links. We do have different network IP ranges but I believe we are all part of the same network as we are all on the 1 domain and we share domain controllers across the sites.

LINK
Out network is supplied by Gamma and we have a gamma box/server in each site which provides us with a link

SWITCHES
In regards to our switches, we manage our own but also have a support/maintenance contract with these for anything more complicated than the basic configuring ports etc

I hope this helps
 

Attachments

  • highlight monitor.JPG
    highlight monitor.JPG
    41.5 KB · Views: 1
Last edited:
I understand a bit more,
But I'm still missing something.

You say that there is a 20Mb connection to the Internet and a 5Mb at site b.

I thought you said there was also a dedicated link between sites.

Is this a dedicated link or connection using a VPN?

If it's a VPN link,
Then is it "site to site" or "computer to site"

For either type, the traffic would show on the outside interface, but at that point the traffic is going to be encapsulated already.
All you'd see is some packets heading for the office.

If clients at site b dial in to site a individually then what you're asking can't be done.

If there is a VPN established between firewalls then you need to monitor your traffic on the inside interface going in to the firewall.

When I say are they the same network, I mean do all the machines exist on the same subnet (e.g 10.0.0.0/24) or is site a something like that and site b more like 10.0.1.0/24?
 
You need to remember that their are other users on the same backbone as you and that can bottleneck also. Then you will have a slow connection without your own connection being maxed out.
 
You must log in or register to reply here.

Similar threads

Harper
Previewing my monitor 2 on monitor 1 / Presentation Software
Replies
1
Views
615
Harper
Harper
U
Network problem at home in 5GH - on the computer
Replies
1
Views
863
tehnokraat
T
R
does monitor refresh rate affect fps?
Replies
3
Views
514
raverx3m
R
richardwilson
Do you want to monitor your employee's digital activity during work?
Replies
0
Views
426
richardwilson
richardwilson
R
Help for my homelab
Replies
1
Views
586
PP Mguire
PP Mguire
Back
Top Bottom