• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need a network traffic monitor

P

pstylesss

Platinum Member
The firewall we have does not have the capabilities we need. What program can I install to monitor network traffic on all of our computers... hopefully from one computer?

I'm mainly looking to monitor what websites are visited. Thanks!
 
Originally posted by: SwiftWind
Is this for the office or for home?
Click to expand...

Office. 200+ PCs. I want something that I can use to help us determine if we want/need to move to a hardware monitor or a new firewall.
 
squid is a good solution on Linux, if you can do that. It's a caching proxy, so it will speed up some repeat requests as well as keep a log of all accesses. Very fast as well. If you want to apply rules in the future you can add squidGuard to it. There are reporting tools for the log formats. I use srg, but there are some others that are maybe a little more complete.
 
I second a Squid solution especially if you already have a Linux server guy. It's extremely flexible.
 
Just out of my own curiosity, Lets say I don't like linux and would like a Windows based option. I already use SNMP for bandwidth and PRTG. But I would like to monitor sites visited, Do you know of any windows options.
 
Originally posted by: NickOlsen8390
Just out of my own curiosity, Lets say I don't like linux and would like a Windows based option. I already use SNMP for bandwidth and PRTG. But I would like to monitor sites visited, Do you know of any windows options.
Click to expand...
Microsoft ISA Server. But you may want a third-party analysis tool to read the logs if you intend to read them much. There are several tools (both free and not free) available. There are lots of built-in reports, but none that are useful for monitoring specific user web site activity.
 
In my opinion, putting Microsoft anything into your data path is a really bad idea.

ZeroIQ, have you considered a passive monitoring solution, or to have your firewall or upstream router send URL log data to an external host? This might be a lot less impacting to your network reliability than inserting a new kind of firewall in the data path. More devices in the path = more possible failures.
 
Originally posted by: cmetz
In my opinion, putting Microsoft anything into your data path is a really bad idea.

ZeroIQ, have you considered a passive monitoring solution, or to have your firewall or upstream router send URL log data to an external host? This might be a lot less impacting to your network reliability than inserting a new kind of firewall in the data path. More devices in the path = more possible failures.
Click to expand...

A passive solution is something I want. Our firewall does not have the option to send URL logs back or record logs like that. It's very limited in the logs it keeps. Unfortunately the guy who bought it doesn't think ahead and didn't think we would ever need it... :disgust:

Squid looks like the ticket if I decide it's something we need to have or want to keep doing. Right now we just have a couple shady employees we need to keep tabs on sadly.

Maybe something that will keep logs of requests on our DNS server or something to that effect? Or something I can put on a server to just monitor what requests are being sent from specific computers.
 
I don't know how you can get to a passive solution if the existing network devices don't produce the output you need for monitoring. If the DNS server produces IP-level request logs (do any do this?) then you could always search them for the IPs of interest.

If it's just a quick thing to check a couple of people out, you can throw ccproxy on a windows machine and point the suspect clients at it. But that still requires modding their IP config.
 
Originally posted by: Markbnj
I don't know how you can get to a passive solution if the existing network devices don't produce the output you need for monitoring. If the DNS server produces IP-level request logs (do any do this?) then you could always search them for the IPs of interest.

If it's just a quick thing to check a couple of people out, you can throw ccproxy on a windows machine and point the suspect clients at it. But that still requires modding their IP config.
Click to expand...

Thank you, that is perfect :thumbsup:!
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top