Network traffic measurement

From Wikipedia, the free encyclopedia

In computer networks, network traffic measurement is the process of measuring the amount and type of traffic on a particular network. This is especially important with regard to effective bandwidth management.

[edit] Tools

Various software tools are available to measure network traffic. Some tools measure traffic by sniffing and others use SNMP, WMI or other local agents to measure bandwidth use on individual machines and routers. However, the latter generally do not detect the type of traffic, nor do they work for machines which are not running the necessary agent software, such as rogue machines on the network, or machines for which no compatible agent is available. In the latter case, inline appliances are preferred. These would generally 'sit' between the LAN and the LAN's exit point, generally the WAN or Internet router, and all packets leaving and entering the network would go through them. In most cases the appliance would operate as a bridge on the network so that it is undetectable by users.

Measurement tools generally have these functions and features:

user interface (web, graphical, console)
real-time traffic graphs
network activity is often reported against pre-configured traffic matching rules to show:
- local IP address
- remote IP address
- port number or protocol
- logged in user name
bandwidth quotas
support for traffic shaping or rate limiting (overlapping with the network traffic control page)
support website blocking and content filtering
alarms to notify the administrator of excessive usage (by IP address or in total)

Some of the available tools include:

Caligare Flow Inspector by Caligare is a NetFlow monitoring and analyzing software with network anomalies detection.
Exbander Precision by DBAM Syetsms
FireBeast is a software firewall that offers bandwidth management and traffic shaping.
FlowMon by INVEA-TECH is a complete solution for NetFlow monitoring and analyzis including probes up to 10 Gbit/s, collectors and other supervision systems.
Infosim supports all different network flow technologies such as Netflow, sFlow, jFlow, cFlow or Netstream.
MRTG.
NetLimiter is a traffic monitoring and shaping software for Windows.
PacketTrap pt360 NetFlow Listener Feature provides deep inspection of packets as they traverse the network. Determines which applications and IP addresses are consuming network bandwidth.
PathSolutions Switchmonitor Network Performance Monitoring System.
PRTG runs on Windows, with graphical and web interfaces. It captures packets using Cisco Netflow or packet sniffing or uses SNMP to monitor bandwidth usages.
Sandvine Intelligent Network Solutions measure and manage network traffic using Policy Traffic Switches
SolarWinds NetFlow Traffic Analyzer provides deep visibility into network traffic behavior and trends. Leveraging NetFlow, J-Flow, and sFlow data, NetFlow Traffic Analyzer identifies which users and applications are consuming the most bandwidth.
Cricket is a tool originally written for WebTV Networks.
StealthWatch by Lancope is a Network Behavioural Analysis and Monitoring supporting NetFlow, sFlow, jFlow, cFlow, IPFIX and even native capture.
ET/BWMGR by Emerging Technologies is a software product that is like MRTG on steriods; capable of gathering statistics and displaying graphs on multi-gigabit networks.