Dubai Forums Dubai Tech Discussions Dubai high tech talk

Dave the way you descrive your existing setup i dont think you can find out indivisual user bandwidth use. You will need a proxy or firewall to do that. Another option would be to install an agent on the clients that will track bandwidth usage per machine and send you a report. a much cheaper way is to send out an email (after mangement approval) with a stern langauge about bandwidth use and how all users will be accountable (make it sound like you know who is doing it) .. and see the usage drop. If it doesnt then either you got an employee who doesnt care, or maybe an infected machine ?

i donot why do you have to get the logs & make reports. Simply shut them up.

SNMP is the easy method though a long process.

You can get an old pc with a Proxy software (CCProxy for instance).

And configure it according to the bandwidth you want.

Tell users, you had to change the setup of the network & put the proxy server ip in the user comptuers.

Now, their bandwidth is limited. But for logs.,.n reports.. u need to install applications on their computers, which unfortunately u cant

Setup the DHCP server so it has IP address reservations for MAC addresses on the network that correspond to the known (or suspected) offending users. This allows YOU to control who get's what IP, which makes the subsequent process of tracking the offending bandwidth hogs in various log files much easier.

Firewall's work both ways.. so implement outbound blocking for everything except the essential ports. If someone needs to use something, put in a rule for their source IP (which you now control) to allow the outbound traffic. This will be much easier if you buy a real firewall and not a $50 domestic one.

Port 80 abuse is hard to deal with, but you'll have to use an outbound proxy for port 80 traffic (on something other than a file/print server) to get any visibility of where traffic is going. "Squid" proxy on any Linux distro is a good solution. Micro$hite has proxy software too, but i've always found it to be dumbed down and less flexible. "AWstats" is an easy to use open-source log processing tool that can take squid logs and show you who's been visting which places on the net and start to give you indications on their bandwidth usage.

SNMP is a red herring. It'll show you cummulative bandwidth, but nothing by user/ip source. It's only designed for remote monitoring equipement (meaning "is it online and working") but not analysis which is done post-event using log processing tools.

SDB

DaveDXB wrote:What a headache

I spent all day trying to figure all this out

I finally got ccproxy installed and running

but i didnt know how to setup the two network interface cards.

Then i did a little reading on Internet Connection Sharing (ICS)

and

Network Address Translation (NAT) routing.

Really cool stuff i had to say....it was said that ICS is crappy and not to be used for more than 3 clients...its easy to setup but has limited functionality comparing to NAT routing.

So now i finished setting up the NAT routing...lets see if it works and most importantly if it will support my needs such as weblogging n stuff.....

if not...then ill have to go back and figure out how to make CCproxy work.

why do u not block the the web site of dubai forums at your own office

if you have not sorted it i will fix your problem but it will cost ya

omg thats some mighty question for me all i usley say when asked this question is all of the above.
im sorry i asked for money but im skint and could do with the dingdong
hope you find your solution

Its simply not only CCProxy, there are so many other bandwidth control & adminsitration softwares. Search for em and you will get couple of freewares as well.


ISA is not a bad option, but you have to go round and round.


Best o luck

not a bad idea http://bandwidthcontroller.com/index.html

Its an easy matter with OpenBSD with squid

if theres any one haveing the same problem and dose not whant to get in the the technical issues try http://www.netlimiter.com/

a company with more than 10 employees gotta have a nat box , i know a one good way to manage LAN activities, basic yet costy a little bit but can sure give you 100% control over everything that goes in the network


<DSL modem>
|
|
|
<a box with two ethernet cards>
|
|
<switch>
|
<pcs>

with the right configrations you can install anything you want on that box and it'll be let's say like a router but with a user friendly interface which is windows lol, it's just a theory i saw somewhere...