What's new
Carbonite

South Africa's Top Online Tech Classifieds!
Register a free account today to become a member! (No Under 18's)
Home of C.U.D.

Monitoring Network usage

CHase

Well Known Member
Rating - 100%
3   0   0
Joined
Nov 30, 2011
Messages
77
Reaction score
2
Points
2,285
Location
Durban
Hi guys need some help please.

I have a small to medium size company which is becoming a nightmare to handle ( 100 devices )

My staff are torrenting and messing around on the web and I have zero control at the moment.

What is the best way to monitor this ?

I don't want to spend a fortune to get this thing up and running, is there a piece of software reasonably priced that can handle this for me ? Or do i need to get hardware that comes with software?

Your help would be much appreciated.
 
This all depends on your network and networking ability


Free but requires skills to use properly

Paid options
I would recommend PRTG (paessler.)

You need to provide more info on
the network and (firewall, switches etc)
networking devices in use.
The client devices
their OS


Their is alot you can accomplish with free tools. But you need time to setup and manage them.
 
PRTG can be used free also... give you upto 100 sensors free if i am not mistaken
 
30 days free unlimited free then reverts to free version with

Yes 100 sensors not devices. (y)
 
This all depends on your network and networking ability


Free but requires skills to use properly

Paid options
I would recommend PRTG (paessler.)

You need to provide more info on
the network and (firewall, switches etc)
networking devices in use.
The client devices
their OS


Their is alot you can accomplish with free tools. But you need time to setup and manage them.

Thanks very much for the info, the PRTG looks amazing but is obliviously very expensive as is a premium product.

Basically i want to be able to check my users browser History and if they are torrenting, thats it in a nutshell.

I have a standard TP link router with 2 managed Cisco switches.
 
I would invest in a router/firewall to be able to set up proper rules.
You can pick up Microtik routers for "relatively" cheap, and they will fair quite well.
I would also pair it with a proper AV that also does endpoint protection so you can have two things blocking those kinds of activities.
 
Have a look at Sophos UTM.
Does wonders.

Or if you just want a bit more visibility, perhaps drop a Pi in with PiHole.

Some cool capabilities
 
I'd say the best is a Fortigate firewall or some firewall which has policies. Not sure if an application is the proper solution, if you do I'd stay away from SolarWinds as I wasn't impressed with their offering and they got hacked big time.
 
I'd stay away from SolarWinds as I wasn't impressed with their offering and they got hacked big time.
A supply chain attack on a single platform excluding all their other offerings is less 'big time' more covert, especially when you look at those using Orion.

Thanks very much for the info, the PRTG looks amazing but is obliviously very expensive as is a premium product.

Basically i want to be able to check my users browser History and if they are torrenting, thats it in a nutshell.

I have a standard TP link router with 2 managed Cisco switches.
I understand what want to do, but I don’t know what you want to achieve excluding the factor of cost.

The only way you’d get access to browser history is with device management, which isn’t cheap.
Even if you block torrenting, users will just use something else or bypass the firewall on the device with a VPN.

Assign static IPs, look who is downloading the most then cripple their bandwidth.
Eventually they will come to you to complain.
 
A supply chain attack on a single platform excluding all their other offerings is less 'big time' more covert, especially when you look at those using Orion.


I understand what want to do, but I don’t know what you want to achieve excluding the factor of cost.

The only way you’d get access to browser history is with device management, which isn’t cheap.
Even if you block torrenting, users will just use something else or bypass the firewall on the device with a VPN.

Assign static IPs, look who is downloading the most then cripple their bandwidth.
Eventually they will come to you to complain.
Ye thanks bud. That sounds like a good idea.

I don't want to exclude costs completely but for 100 devices the costs are pretty high 'looking at some of the options.

With regards to hardware is there any you would suggest or is my TP link Archer vr600 and 2 x cisco switches enough ? I am happy to upgrade hardware if need be.
 
Ye thanks bud. That sounds like a good idea.

I don't want to exclude costs completely but for 100 devices the costs are pretty high 'looking at some of the options.

With regards to hardware is there any you would suggest or is my TP link Archer vr600 and 2 x cisco switches enough ? I am happy to upgrade hardware if need be.

I also have the Archer series but your firmware has much better features than mine.

You'd want to use the "Reserve LAN IP Addresses" feature, so the devices always gets the same IP address, also take a look at limiting the DHCP IP range.
Then enable "Traffic Statistics", now at a basic level you have some stats on each device.

Before enabling "Bandwidth Control" basically QoS, I'd look at disabling port forwarding 'NAT' also UPnP since this has a major effect on BitTorrent but the technology has advanced amazingly with stuff like Instant.io - Streaming file transfer over WebTorrent
Since this is a consumer device, I highly doubt it was meant to perform QoS on 100+ devices but this is a experiment so if it works you can drop cash on something better.

Also test this yourself, download a torrent while making these changes to see if they make an impact.
 
I also have the Archer series but your firmware has much better features than mine.

You'd want to use the "Reserve LAN IP Addresses" feature, so the devices always gets the same IP address, also take a look at limiting the DHCP IP range.
Then enable "Traffic Statistics", now at a basic level you have some stats on each device.

Before enabling "Bandwidth Control" basically QoS, I'd look at disabling port forwarding 'NAT' also UPnP since this has a major effect on BitTorrent but the technology has advanced amazingly with stuff like Instant.io - Streaming file transfer over WebTorrent
Since this is a consumer device, I highly doubt it was meant to perform QoS on 100+ devices but this is a experiment so if it works you can drop cash on something better.

Also test this yourself, download a torrent while making these changes to see if they make an impact.
Thanks for the great advise
 
A few quick questions, what speed is your WAN/ISP link? & are you wanting a dedicated firewall appliance or custom hardware with a firewall OS installed on it?

QoS with 100 devices on a consumer device is definitely not recommended... :p
 
1) Email all staff stating that torrents are illegal & that you will help local authorities prosecute them if they torrent on your work assets.
1.1) They will also be fired if caught torrenting.
2) Find who has been torrenting & give them a written warning.
3) Install Untangle firewall
3.1) Setup a BYOD VLAN + SSID for staff phones. Limit this to only have internet access & no LAN / other VLAN access.
3.1.1) Blacklist facebook, YT, IG , etc on their VLAN.
3.1.2) Limit them to 1Mbps per device & X amount for that entire VLAN.
 

Users who are viewing this thread

Latest posts

Back
Top Bottom