I was wondering if there is an appliance or something similar that will basically tell me real-time what IP address is using the most bandwidth.
We have an office, with about 75 computers on this network. It's an SDI connection (basically chained T1s) that is very fast in general but one user or computer can basically bring everyone else to a crawl.
We have a Cisco ASA5510 with Security Plus firewall.
Off of the firewall we have a Barracuda WebFilter 310 and a Sonicwall VPN2000.
The Barracuda is set up so users have to log in to access http and https. I can monitor bandwidth through this but it seems when something is bringing the network down it's not one of the users, it's a stray machine doing Windows updates or someone doing an FTP. This type of traffic is not included in Barracuda's reports.
Today the internet slowed to a crawl and it took me 20 minutes to find the culprit, a computer in a conference room that was rarely used was left on and was downloading years of Windows updates.
If I could have found the IP address I could have located the culprit immediately.
Is there a box I can install between my firewall and main switch that will tell me bandwidth usage by IP? Or can I somehow get the ASA to export logs and use some program to see the current usage?
I also have a Watchguard Firebox X550E that's not being used from our secondary network. It's fully loaded with all of the security features too. I haven't played with it much... it makes really pretty graphs of current usage by the whole network, but will not tell me specific ips.
Any ideas? I'd rather have something easy that costs money than something that takes forever to configure and is free. Money isn't a huge concern.
Thanks
We have an office, with about 75 computers on this network. It's an SDI connection (basically chained T1s) that is very fast in general but one user or computer can basically bring everyone else to a crawl.
We have a Cisco ASA5510 with Security Plus firewall.
Off of the firewall we have a Barracuda WebFilter 310 and a Sonicwall VPN2000.
The Barracuda is set up so users have to log in to access http and https. I can monitor bandwidth through this but it seems when something is bringing the network down it's not one of the users, it's a stray machine doing Windows updates or someone doing an FTP. This type of traffic is not included in Barracuda's reports.
Today the internet slowed to a crawl and it took me 20 minutes to find the culprit, a computer in a conference room that was rarely used was left on and was downloading years of Windows updates.
If I could have found the IP address I could have located the culprit immediately.
Is there a box I can install between my firewall and main switch that will tell me bandwidth usage by IP? Or can I somehow get the ASA to export logs and use some program to see the current usage?
I also have a Watchguard Firebox X550E that's not being used from our secondary network. It's fully loaded with all of the security features too. I haven't played with it much... it makes really pretty graphs of current usage by the whole network, but will not tell me specific ips.
Any ideas? I'd rather have something easy that costs money than something that takes forever to configure and is free. Money isn't a huge concern.
Thanks