|
OSN Service Monitoring Bundle: Network Traffic Monitoring
The Network Traffic Monitoring solution helps system and network administrators identify network flaws, optimize the network and plan future extensions. It uses NTOP, a simple traffic measurement and monitoring tool, to report the network’s top users and quickly identify hosts currently using most of the available network resources. NTOP focuses on traffic measurement and monitoring, network optimization and planning, and detection of network security violations. Additionally, it can analyze industry flow data (Netstream, Netflow, sFlow) sent by routers, including a 3Com OSN-enabled router in the network.
NTOP uses publicly available tools and libraries including packet capturing that associates a packet with the sender or receiver host. The application can identify all traffic activity related to a given host (name, NIC or IP address) and record detailed information, including:
- Total traffic volume and packets generated or received by the host, classified by network protocol (IP, IPX, AppleTalk, etc.) and, when applicable, IP protocol (FTP, HTTP, NFS, etc.)
- Total amount of multicast traffic (volume and packets) generated or received by the host
- List of active TCP sessions established and accepted by the host with associated traffic statistics
- Total amount of UDP traffic (volume and packets) sorted by port; additionally, it can recognize simple port scan and protocol scans
- List of IP-based services (e.g., open and active ports) provided by the host with a list of the last five hosts that were used
- Used bandwidth percentage—actual, average and peak bandwidth usage
- Traffic distribution—local (subnet), local vs. remote (outside specified/local subnet) and remote vs. local traffic
- Local network usage—statistics about open sockets, data sent and received and the peers contacted for each process running on the host where NTOP is active
Features and Benefits
Feature |
Benefit |
Description |
Comprehensive, easy-to-navigate web interface |
Secure and easy to use |
NTOP offers traffic visibility via a comprehensive password-protected web interface including support for HTTP or HTTPS (via Open SSL) connection |
Flow report analysis |
Open, standard- based |
NTOP supports Netstream, NetFlow, sflow from multiple sources in the network |
Multiple traffic analysis views |
Fast problem solving, network business validation and optimization |
NTOP shows network traffic statistics sorted according to various criteria including protocol distribution, source/destination IP address, IP traffic subnet matrix and protocol types |
Lightweight architecture |
Scalable |
NTOP memory and CPU usage are minimal and can support flow collecting as well as reporting from multiple interface sources in the network; measured CPU utilization is less than 10% for flow reporting on 16 network interfaces |
Local packet capturing and analysis support |
Can be managed remotely |
NTOP includes the ability to monitor and manage a network using the external OSN|M Gigabit interface that can run from a remote location without the need for a specific “sniffer” or flow reporting application to analyze traffic information |
Portable graphics |
Low bandwidth, high-quality viewing |
Graphics can be generated directly in Portable Network Graphics (PNG) format using the GD library by Thomas Boutell |
|
The Network Traffic Monitoring solution helps system and network administrators identify network flaws, optimize the network and plan future extensions. It uses NTOP, a simple traffic measurement and monitoring tool, to report the network’s top users and quickly identify hosts currently using most of the available network resources. NTOP focuses on traffic measurement and monitoring, network optimization and planning, and detection of network security violations. Additionally, it can analyze industry flow data (Netstream, Netflow, sFlow) sent by routers, including a 3Com OSN-enabled router in the network.