Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
5872
Views
10
Helpful
7
Replies

how to monitor network traffic on cisco asa5510

donnie
Level 1
Level 1

‎06-07-2008 03:31 AM

Hi all. Currently my office users are going to the internet through cisco asa5510. Recently internet users complain internet traffic is very slow. A check with the isp and i was told that download/upload traffic on my end is very high. How can i make use of the adsm to monitor the traffic and determine which hosts(private ip address) is hogging up the network. Do i have to use any 3rd party tools. Currently i have only privilege 0 access to the firewall and hence cannot modify the firewall. The user acct with privilege 15 has since left the company together with the password. Pls advise. Thks in advance.

Labels:
0 Helpful
7 Replies 7

Farrukh Haroon
VIP Alumni
VIP Alumni

‎06-07-2008 01:37 PM

This is a great tool I've evaluated for this purpose, have a look at it:

http://www.fireplotter.com/

However you can do this with any SNMP-Viewer/MIB Browser type of tool. You just have to allow SNMP access to the firewall.

Please note that ASA 8.x has support for NetFlow as well AFAIR.

Regards

Farrukh

donnie
Level 1
Level 1
In response to Farrukh Haroon

‎06-10-2008 02:06 AM

Hi Farrukh,

THks for the reccomendation. Fireplotter is indeed a very useful monitoring tool. When i use it for monitoring i found my outbound traffic is very high. From this outbound traffic i narrow down to the particular pc that is causing this problem. The user of that pc was using p2p software to download videos. After i got the user to shutdown the software, internet traffic subside alot. Since the user is downloading instead of uploading, shldnt the fireplotter reflect inbound traffic instead of outbound traffic? Can i say that outbound traffic is reflected in fireplotter when the user is downloading because the user initated the connection? Pls advise. I would also like to know if i can log the information from fireplotter to a log file? Thks in advance.

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to donnie

‎06-10-2008 02:35 AM

Yes this is exactly what I use it for, tracing users before they even hit the proxy server :). We use it to monitor FWSM(s).

Yes I also have a difficult time understanding the direction of traffic. However it could be that the user is offering files to others on the p2p network (therefore uploading). So its better you use a browser or FTP to download something and then check the direction in FirePlotter.

I'm unaware of any such feature to store data in log files. It seems to be a real-time tool.

Ragards

Farrukh

0 Helpful

gmtimmons
Level 1
Level 1
In response to Farrukh Haroon

‎11-10-2008 01:41 PM

what has to be configured on the asa for fireplotter to work? config example?

thanks

0 Helpful

bluedrake
Level 1
Level 1
In response to Farrukh Haroon

‎11-19-2008 12:10 AM

HI All

I used fireplotter and did not find it had everything i needed, try use fwanalyzer, it gives you all the information you need and more :)

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to bluedrake

‎11-19-2008 12:35 AM

Both tools do separate things. You have to compare the costs/feature advertised etc. There is no doubt that the manage engine product is more comprehensive.

Regards

Farrukh

0 Helpful
Top