By monitoring bandwidth usage, bandwidth monitor tools can proactively identify security issues like DDos attacks, unauthorized downloading and other suspicious network behavior.
Bandwidth monitor tools track network traffic over all areas of the network – devices, applications, servers, link connections, etc., and offer insights into network bandwidth utilization and traffics analysis. They can also map out historical trends for capacity planning as well as proactively identifying security issues.
A bandwidth monitor tool uses various technologies including SNMP and flow-based technologies like NetFlow to identify, monitor, and analyze application and network traffic. Some of the capabilities of a bandwidth monitor tool include:
- Real-time bandwidth monitoring, and mapping historical user trends: Real-time monitoring allows administrators to identify interfaces, links, applications, users, and protocols taking up bandwidth. For instance, WhatsUp Gold can highlight bandwidth utilization over LAN, WAN links and specific devices, identifies internal and external traffic sources/destinations. It also reports on Top Senders, Top Protocols, Top Applications that use up bandwidth.
- Applying Quality of Service (QoS) policies: By default, each network channel operates on a best-effort basis—every application gets equal priority, whether its a business critical VoIP service, or a user streaming video content. QoS polices are essential to ensure business-critical applications get sufficient bandwidth. WhatsUp Gold's Flow Monitor, for example, verifies Quality of Service through Type of Service (QoS over ToS), DSCP for LAN/WAN, CBQoS policies and Cisco NBAR classification mechanisms.
- Identifying Historical Trends: By analyzing traffic patterns and usage over a period of time bandwidth monitor tools can identify trends in bandwidth usage and potential bottlenecks. Historical data can also aid administrators in capacity planning and verifying bandwidth-based billing, including “burstable” bandwidth services using 95th percentile reports.
- Identifying abnormal bandwidth usage: By monitoring real-time bandwidth usage and historical bandwidth trends, bandwidth monitor tools can proactively identify security issues like DDos attacks, unauthorized downloading and other suspicious and potentially malicious network behavior. Bandwitch monitoring tools can be your best ally for performing security forensics and analysis by automatically identifying high traffic flows to unmonitored ports, exposing unauthorized applications like file sharing and video streaming, monitoring traffic volumes between pairs of source and destinations, and detect failed connections.