Re: Finding the bandwidth bandit


"Jim in Arizona" <tiltowait@xxxxxxxxxxx> wrote in message news:%23TKYvisFKHA.3816@xxxxxxxxxxxxxxxxxxxxxxx

I agree that using a linksys nat box is not a good idea. However, I get a lot of resistance when asking for anything where I'm working. The network was set up by a contractor and they have a VPN tunnel between our plant, the corporate office and rackspace where the FSMO DC Sits (yea, I know) and use these Linksys VPN boxes to keep up the VPN tunnels. Want a even better laugh (as an unrelated note)? They even use this linksys router as the DHCP server. ;) I'm planning on changing that this coming weekend when I set up the ISA server. The only downside to doing that, which I have done before, is the Konica Minoltas that people use to scan documents to their computers is very sensitive when it comes to network changes and after two attempts at making the change on a weekday, I gave up that idea and have to plan to spend a good part of my weekend to get it done and test test test.

The ISA server will be able to tell me which user is using up the most bandwidth and I have a strong feeling that whomever ISA says that person is, is most likely the one sucking up the bandwidth all day long. Am I right to make that assumption?

Also, it will be able to tell me where everyone is going and if it's a file sharing network, that may also be a clue. But I've never done an investigation into ISA logs where I found any file sharing network IPs or DNS entries so I won't know what one looks like right off but once I invetigate the highest bandwidth user's log entries, I should be able to piece it all together.

Hi Jim,

Natively, this is not ISA's bag. However the following may help:

Bandwidth ControlBandwidth Splitter is a program extension for Microsoft ISA Server that ... real time with the built in traffic monitor; Advanced bandwidth management: Use ...
www.isaserver.org/software/ISA/Bandwidth-Control/

free isa bandwidth monitor downloadAccess Monitor is a comprehensive Internet use monitoring and reporting utility for corporate networks. The program takes advantage of the fact that most ...
http://3d2f.com/tags/isa/bandwidth/monitor/

The real deal and the real McCoy, is to use something like Blue Coat and Packeteer. The thing is awesome. Not only can you find the culpript(s), but you can throttle various types of traffic by using policies. Kind of pricey. Case in point, one of my old customers had a similar problem. Tried various tools, but they only hinted at the additional bandwidth being consumed. They even bumped up the speed to two T1s, such as what you have, but it didn;t help. Users constantly complaining 'everything is slow.' After some research into various products, we got the Ok to get Blue Coat and Packeteer with a 30 day trial (if I remember correctly), and immediately we found out who THEY were. They were watching numerous YouTube and other videos. One guy was using a P2P on a Mac as well. For the first few weeks, we would just call them up telling them we see them what they're up to using up the bandwidth and to cut it out, as well as told the one guy to uninstall that P2P . Sure, they said, but an hour or two later, they're at it again. Finally we instituted policies to throttle YouTube and other vid sites (they have built in policies and you make your own) to throttle them to 10%, as well as block P2P. They got upset (I had another word in mind...), but they had no choice but to live wtih it. The boss and the rest of the user base were happy that the 'slowness' was no longer there.

Like I said, it's not cheap, but well worth the investment.

Blue Coat has acquired Packeteer...
http://www.bluecoat.com/packeteer

However, you also stated there is a 24/7 VPN to a rack hosting company. What type of applications are installed and running, as well as being accessed across the WAN link? There's a possibility that this is eating up bandwidth, too, which would make it legit traffic.


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.








.

Relevant Pages

  • Re: Where are the Farbers of yesteryear?
    ... Traffic shaping for network management or bandwidth allocation ... downloads always expand to fill the the available space. ... The opposite is true for the WAN links. ...
    (rec.arts.sf.fandom)
  • Re: Parasitic Computing
    ... view the technology as much of a threat, ... Network bandwidth is like a river flowing into the ... If you go up stream you find less and less bandwidth per node. ... across thousands of much slower upstream nodes (victims). ...
    (comp.os.linux.security)
  • Re: Routing and bandwidth problem
    ... Subject: Routing and bandwidth problem ... > so that each client is properly isolated into their own network and cannot ... It seems to me that multiple Ethernet cards ... > Connex automatically scans all messages for viruses using RAV AntiVirus. ...
    (RedHat)
  • Re: Does ISA 2004 has this rule?
    ... ISA Server 2000 included a bandwidth control feature. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • RE: Throttle/limit FTP bandwidth
    ... you can use ISA Server 2000 to set what protocols can have the ... not control how much bandwidth can be used for some protocols. ... the function of the bandwidth control in ISA Server 2000 is very ...
    (microsoft.public.windows.server.sbs)