Re: network problems/Exchange/workstation performance

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Sarbjit Singh Gill (ssgill.NO.SPAM_at_NO.SPAM.hotmail.com)
Date: 11/11/04 

Date: Fri, 12 Nov 2004 03:43:33 +0800

You could start by using Microsoft Network Monitor or Ethereal for network
traffic. The other tool would be Microsoft System Monitor (Performance
Monitor). Here is a simple document which talks about the basics of
collecting network traffic and identifying what is normal what is not. It is
a high-level overview.
http://www.giac.org/practical/Marc_Duggan_GSEC.doc

Where should you scan? Well like you said, a whole bunch of machines are
having this problem. So the best place would be to capture traffic at the
servers and network monitor performance values at the server.

Don't rule out the switch being the culprit in slowing network connecitivy
and name resolution. Look at everything between your workstation and the
server.

Here is a link to the Windows 2003 Server Performance Counter reference:
(you would find something similar to win2K too)
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dssbd_topo_dljo.asp

and
HOW TO: Use Network Monitor to Capture Network Traffic
http://support.microsoft.com/kb/812953

Kind Regards
Gill

What
"DC Gringo" <dcgringo@visiontechnology.net> wrote in message
news:uKZAZiAyEHA.3676@TK2MSFTNGP10.phx.gbl...
>I don't manage the network and it's not really my job...but I would like to
> be able to monitor it anyway. How can I create a baseline of my network
> traffic? Is there a tool to do so?
>
> I have my own 3com switch with 2 servers and a workstation in my office.
> The switch is plugged into the company's standard network jack. Am I
> monitoring at the switch level? Workstation? All?
>
> What are the tools I need?
>
> _____
> Glenn
>
> "Sarbjit Singh Gill" <ssgill.NO.SPAM@NO.SPAM.hotmail.com> wrote in message
> news:uIFw$P6xEHA.4040@TK2MSFTNGP11.phx.gbl...
>> Why don't you start by creating a baseline of your network traffic. You
> need
>> to know what travels on your network and how much of it. What is the high
>> and low periods of specific traffic types. I am not asking you to get a
> IDS
>> (would be good if you go into that direction), but still knowing about
> your
>> traffic solves a lot of issues..
>>
>> So one day when you have a problem and you collect some traffic samples,
> you
>> could compare that against the baseline and you would know which is in or
>> out of the the regular traffic. e.g. you could identity somebody was
> running
>> shareware, chat software , online games. You never have to go from PC to
> PC
>> or runs scripts to collect information.
>>
>> If you collect data peridocally, over time you would see a certain kind
>> of
>> trend in your bandwidth usage. You could plan ahead of time for upgrade
> etc.
>> One of the best examples i have was when there is a widespread worm/virus
>> attack, just monitoring your traffic would tell you if your network is
>> infected.
>>
>> /Gill
>>
>>
>> "DC Gringo" <dcgringo@visiontechnology.net> wrote in message
>> news:eoY58L3xEHA.392@TK2MSFTNGP12.phx.gbl...
>> > We are having severe network problems and IT can't figure it out. My
>> > workstation, among others', is suffering serious overall performance
> loss.
>> >
>> > One of the symptoms is that everyone's getting "requesting data" from
>> > Outlook as it constantly communicates with Exchange. One of the
> theories
>> > is
>> > that the Exchange issue is causing so much network traffic that it's
>> > slowing
>> > everything down. The other theory is that there is a network
>> > bottleneck
>> > through either a bad switch or this $#$$%%# laser connection between
>> > the
>> > two
>> > buildings (which were on the losing side of).
>> >
>> > I can't seem to diagnose anything on my windows machine but I see in my
>> > Task
>> > manager Processes tab that the CPU Usage for "System Idle Processes"
>> > hovers
>> > at least in the 50's and more often in the 80's and 90's even when I
>> > barely
>> > have anything open.
>> >
>> > Any thoughts on the matter?
>> >
>> > --
>> > _____
>> > DC G
>> >
>> >
>>
>>
>
>

Relevant Pages

  • Re: Network monitoring via SNMP and WMI
    ... Then at our Head office, we have SBS, a TS server and our ERP server. ... Independent Experts (MVPs do not work for MS) ... Just monitoring own network. ... There are 6 servers and 5 network devices that I would like to monitor. ...
    (microsoft.public.windows.server.sbs)
  • Re: Server Performance
    ... Check free disk space; delete Temp files/ Temporary Internet files & ... Remove unnecessary network protocols (NWLink IPX/SPX is often at fault ... > using Performance Logs and Monitor to monitor the server for bottlenecks, ... > but I am not sure which all counters to concentrate on. ...
    (microsoft.public.windows.server.general)
  • PA Server Monitor 4.0
    ... availability of Windows servers, network services (on Windows, Linux ... monitor remote servers. ... PA Server Monitor can watch: Event logs on local and remote Windows ...
    (comp.software.shareware.announce)
  • PA Server Monitor 3.4
    ... availability of Windows servers, network services (on Windows, Linux ... monitor remote servers. ... PA Server Monitor can watch: Event logs on local and remote Windows ...
    (comp.software.shareware.announce)
  • Re: How to stop Admins from sniffing ?
    ... It is the responsibility of the IT Administrators to monitor all data being ... The same policy goes for personal laptops used on the network. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)