Network Traffic Visualization

Lonnie Olson lists at kittypee.com
Wed Feb 8 15:34:37 MST 2012


On Wed, Feb 8, 2012 at 3:11 PM, Daniel C. <dcrookston at gmail.com> wrote:
> On Wed, Feb 8, 2012 at 5:04 PM, Lonnie Olson <lists at kittypee.com> wrote:
>> I would like something that gives me:
>> * Live view of all traffic in bits/s, bytes/s, packets/s, connections/s
>> * Filterable by protocol, ip address, tcp/udp port
>> * Optionally, broken down into categories configured by above filters,
>> or groups of filters
>> * Maintain history of said data
>> * Accept data from either standard pcap or netflow
>
> What actual tasks are you going to be accomplishing as a result of
> looking at this data?

* bandwidth capacity planning
* identify sources of congestion
* identifying changes in network traffic patterns
* comparing network application traffic (HTTP vs CIFS vs etc)
* look for signs of attack/abuse (external and internal)

--lonnie


More information about the PLUG mailing list