On Wed, Feb 8, 2012 at 3:11 PM, Daniel C. <dcrooks...@gmail.com> wrote: > On Wed, Feb 8, 2012 at 5:04 PM, Lonnie Olson <li...@kittypee.com> wrote: >> I would like something that gives me: >> * Live view of all traffic in bits/s, bytes/s, packets/s, connections/s >> * Filterable by protocol, ip address, tcp/udp port >> * Optionally, broken down into categories configured by above filters, >> or groups of filters >> * Maintain history of said data >> * Accept data from either standard pcap or netflow > > What actual tasks are you going to be accomplishing as a result of > looking at this data?
* bandwidth capacity planning * identify sources of congestion * identifying changes in network traffic patterns * comparing network application traffic (HTTP vs CIFS vs etc) * look for signs of attack/abuse (external and internal) --lonnie /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
