To ensure optimal network performance it's essential to monitor traffic and bandwidth usage across the LAN links.
Bandwidth monitors collect, monitor and analyze network traffic volume by end-point (user), port, interface and protocol (application). This information enables best practices such as:
- Assuring adequate bandwidth for business-critical applications
- Minimizing the impact of non-critical or unauthorized network traffic
- Identifying bandwidth bottlenecks such as bandwidth hogging processes unnecessarily running in peak load periods
- Alerting to potential DDoS (Distributed Denial of Service) attacks or externally initiated port-scans
WhatsUp Gold Network Traffic Analysis provides comprehensive bandwidth monitoring with detailed insight network traffic by user, application and time of day.
What is Netflow?
NetFlow is a network protocol developed by Cisco to collect IP network traffic as it enters or exits an interface. NetFlow uses 7 key values to identify unique flows:
- Source IP address
- Destination IP address
- Source port
- Destination port
- IP protocol
- Ingress interface
- Type of Service (ToS) values
NetFlow-enabled devices (router/switch) log a new flow if a packet with unique identifications in the 7-key values passes through its interface. Subsequent packets with the same values are logged as increments to the same flow, while a difference in just one value results in the termination of the current flow and the initiation of another flow. NetFlow captures data for both ingress (incoming) and egress (outgoing) IP packets in an interface.
The flow data is sent to a flow collector or bandwidth monitoring tool, like WhatsUp Gold’s Network Traffic Analysis. These tools often leverage a variety of vendor proprietary formats like Cisco's NetFlow and NetFlow-Lite, or Juniper's jFlow, sFlow, or IPFIX.
Why Traffic Monitoring is Critical?
Monitoring bandwidth is one of the most critical aspects of network management. Without comprehensive insight into what traffic is consuming bandwidth, it is not possible to ensure proper availability for business-critical services and applications.
Administrators can ensure business critical applications are guaranteed minimum bandwidth and get traffic priority by applying QoS (Quality of Service) policies. WhatsUp Gold monitors and reports on Cisco's NBAR and CBQoS class-based policies.
With viruses and malware often consuming out of the ordinary amounts of bandwidth, monitoring bandwidth utilization can also be invaluable in identifying security anomalies.
WhatsUp Gold uses the data from flow-enabled devices to monitor bandwidth utilization as by users, applications, protocols and connections. Real-time automatic classification of traffic according to type and protocol allows instant tracking and resolution of network congestion issues. By monitoring bandwidth, administrators can plan for spikes in usage, identify bandwidth-hogging applications and users (by IP address) and ensure business-critical applications get the requisite amount of bandwidth. Billing accounts from service providers, which are typically based on peak utilization, can be verified through 95th percentile reporting (a widely-used calculation to measure regular and sustained bandwidth utilization). Validate that business-critical applications get the bandwidth allotted to them by monitoring Cisco NBAR and CBQoS.
Visibility Into Network Traffic and Bandwidth Utilization
Since your network traffic holds the key to providing effective services levels for your business as well as network security issues, bandwidth monitoring should be part of your IT monitoring strategy.