Tag Archives: computers

NetFlow

The use of SNMP makes it possible to take into account the traffic not only on computers with Windows and Linux, but on the switches, network printers and other network devices. Thus, the system administrator has the ability to monitor not only for the traffic consumed, but also for the normal functioning of the active network equipment company. 2. As an alternative to the SNMP service, taking into account traffic and service can be used WMI (Windows Management Instrumentation). The positive side of this method is also no need to install anything on controlled by computers. 3. If for any reason you can not configure the SNMP service and WMI, there is a third way: to record traffic through remote agents, which are usually included in the package program and are installed on controlled by computers to read the values of traffic.

Agents are implemented as services, so invisible to users and do not affect the computer system as a whole. 4. Account of the traffic through the protocol NetFlow, developed Cisco and designed to gather information about the IP-traffic within the network. Its essence is that the statistics of transmitted IP-packet is stored in a special buffer and then processed. This method enables you to record traffic, especially in large organizations with geographically distributed network.

The disadvantage of this method is the same possibility of accounting for traffic only in the presence of a network of expensive switching equipment, which protocol supports NetFlow. 5. Counting the network packets with sniffer, or sniffer. With this method, traffic accounting can be found IP-address of the sender and recipient, and then find out what the company's resources go. Since this method is a processing of each packet, in networks with high traffic or high bandwidth traffic accounting, this method becomes very resource intensive and can give some error. The collection of at least two or three of these methods account of the traffic on one network can get a full picture of the enterprise, no matter what the security policy it may be used. Separate accounting of traffic each protocol and plotting on the basis of information received helps to know which staff most actively uses the Internet and that it spent the traffic: on messaging, viewing photos, videos to download movies from the Internet, etc. Configuring traffic logging program response to certain events in the network, such as: excessive traffic limit, the unavailability of the network interface, etc. – Allows the system administrator or IT-manager at the time these events and react quickly to take appropriate measures to eliminate the problem. And most importantly: traffic accounting supervisor helps the company keep abreast of current costs and based on this plan and budget for the future, as well as to make objective conclusions about the effectiveness of the company's staff.