Another good tool for this kinda thing is ntop, but it must be positioned correctly - you will most likely need a SPAN/mirror port in your infrastructure, or else use the netflow or sflow plugins to get reports from your routers/switches.
Either way, it's extremely useful, as it doesn't merely measure packets in/out of interfaces, it actually categorizes packets and keeps track of top talkers, etc. Excellent for tracking down who is downloading that huge iso file, and where it's coming from. Lets you ask more pointed questions, if nothing else. Differentiates between tcp/udp/etc., and puts up some nice RRD graphics. Kurt On Jan 9, 2008 2:28 PM, Joe Heaton <[EMAIL PROTECTED]> wrote: > > > > > > I know we have these discussions every couple of months at least, but here > goes: > > > > What are you guys using to monitor your networks so that you have an answer > to the age-old user question of: > > > > "Why is everything running so slow?" > > > > I'm thinking of bandwidth usage first off, which I'm thinking PRTG to > monitor that. > > > > I guess I could run a Wireshark capture, to see if there's a massive spike > in weird packets. > > > > > > Anything else that you guys could suggest? I know someone had mentioned > they use Nagios, but that would require me to setup a Linux box first, which > isn't that big a deal, other than piecing a box together… > > > > Any other ideas? > > > > I'd like to do this without a lot of cost if possible, just because I hate > spending money… > > > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
