Archive

Posts Tagged ‘traffic monitor’

nChronos How-to: Define and Customize a Report

June 3rd, 2014 No comments

Colasoft nChronos provides twelve system reports, and users can define new reports according to need.

To define a report,,

1. On the Report window, first click the node User-Defined Reports, and then click to open the New Report dialog box:

2. Enter the report name and the description.

3. Select the report scope.

  • If you want to create a report for all network objects, click Global, which means the report statistics are calculated based on all network objects.
  • If you want to create a report for a specific network object, click Limited to open the Report Scope dialog box:

    The scope could be IP addresses, MAC addresses, network segment, or a user-defined application, which means the report statistics are calculated based on selected scope.

4. Click the report modules you are interested and then click Add to add the interested report modules to the new report. Different report scope is provided with different report modules. The Global scope is provided with all report modules. For some modules, you can set the number of statistical objects.

5. Click OK to save the definitions. You can view the new report under the node User-Defined Reports.

Besides defining new reports, you can customize the company name, company logo, author, report title prefix, whether to show create time, and all these settings can be done on the Report Notification page from Server web portal:

Download Capsa

 

From www.colasoft.com

Colasoft nChronos How-to: How to Display IP Addresses as Host Names

May 28th, 2014 No comments

How to Display IP Addresses as Host Names

If you use nChronos to monitor traffic on a core switch you will see lots of internal IP addresses, and also the Internet IP addresses. You can find that most of the Internet IP addresses are shown as their domain name, such as www.colasoft.com, and www.google.com, etc. Wouldn’t it be great if nChronos shows host names of our local machines, because they are much easier to understand, rather than just IP addresses? This tips article will show you how to use Name Table to display IP and MAC addresses as host names.

Download Capsa

Suppose that there is a user, Steve, whose laptop has this IP address, 192.168.8.25, and you want nChronos to show his IP address as the text – Steve’s Laptop. First you run nChronos Console, connect to the server, right-click on the server name, and clickSettings from the context menu. Then select Name Table on the Server Settingswindow.

Then click the Add… button on the right side, you see a new dialog box. On this dialog box, input the IP address, 192.168.8.25, and input Steve’s Laptop in the Alias textbox. You can even choose the font color for this name if you like. Then click OK.

There is a little trick that you can input the IP address and click Resolve Address to find the host name automatically. It uses NetBIOS protocol and it’s able to retrieve the host name from that system. Or you can click Resolve Name button to translate the host name into IP address.

Download Capsa

The names you add will be saved on nChronos server, so you see them from every nChronos console. And besides IP addresses, you can still give names to MAC addresses, only that you cannot use name resolution function for MAC addresses.

You’ll find that you cannot click the Edit and Delete buttons sometimes. That’s because you have link window open, and the window uses the names for display. So it doesn’t allow any changes to the names if a link window is open. So you just close all link windows of that nChronos server, and you’ll find the buttons are clickable now.

How to Baseline Network Throughput and Performance

May 22nd, 2014 No comments

How to Baseline Network Throughput and Performance

What is network baseline?

Do you know what your normal network throughput volume is, what types of traffic are most used in your network? If you can’t answer these questions then you should baseline your network. Network baseline is very important to network management because the data will tell you what it’s like when everything goes all right.

To baseline your network, you need software or hardware to listen on your network or a particular device. Both Colasoft nChronos and Capsa can be used to accomplish this task. Both of them are used to listen into packet data of a wire and generate all kinds of statistics on the network. To baseline a network, you need to use them to monitor the network traffic long enough, because a wider time span presents a more real picture of network traffic pattern. The use of network baseline is listed as follows:

  • Understand healthy network pattern and traffic trends.
  • Evaluate network management policies compliance.
  • Understand how the network resources are allocated.
  • Accelerate to troubleshoot network issues, i.e. abnormal traffic and spam traffic, etc.
  • Provide data on network and security management to support decision making.
  • Provide history statistics on network upgrade.

Download Capsa

How to baseline a network

Preparation

If you want to baseline a network, you can start from the tasks listed below:

1. Network diagram: draw the layout of the network structure, marking IP/MAC addresses, VLAN, and places of all routers, switches, firewalls, servers, management devices, and even the data flow directions.

2. Network management policy: helps you understand what services are allowed to run on the network, what traffic is forbidden, and what services should enjoy higher priority.

Scope & Objectives

When you are ready to start baselining your network, first you should think what to baseline because it’s hard or sometimes unnecessary to include all hosts, switches and routers of a big network into you baseline report. The suggestion is that you divide the network into several layers and only baseline the critical layers. For example, only baseline the services like ERP, Email, HTTP traffic and devices like core switches, routers and critical servers.

In addition to last point, different devices, hosts and links require different types of baseline data. For example, performance and security baseline is important to the servers, and network itself cares about throughput, utilization and types of traffic.

Collect baseline data

Generally speaking, a network baseline report contains these basic data: network utilization, traffic components, top protocols talkers, top hosts talkers, conversation statistics, address statistics, packet sizes, average packet length, and key server info, etc. Both nChronos and Capsa Network Analyzer provide these types of data (figure below).

To use nChronos or Capsa to baseline a network, you need run nChronos or Capsa and use an excel sheet to record statistics over each specific time period. The following figure shows a typical Excel network benchmark table.

Then you can use formula to work out the max, min, and average value of each data type. And if you keep recording long enough, you get a much precise baseline statistics.

The use of network baseline data

The baseline data is often used when the network is reported to be running improperly. For example, when the network performance drops, you can compare the real-time datacollected from the analyzer with the baseline data to help you spot where the anomalies are.

Download Capsa

Tips for network baselining

Update the baseline document in time

The baseline report is useful only when it provides accurate and up-to-date data. It requires that you update the data in time when there are any changes to the network. For example, when a new device is added, or a new application is implemented, the changes need to be marked on in the baseline report.

An IP/MAC database is necessary

If the network is full of desktops, laptops and switches, you should consider an IP/MAC database to record the user name and place of each individual IP and MAC address. It’s very helpful when you need figure out who is using the IP or MAC and where it is when you decide to give it an examination.

Baseline the critical devices only

Remember, you don’t have to maintain a baseline table which covers all your host computers, laptops, servers, switches, firewalls and routers. If you insist to do so, you’d better prepare enough time for it. You are suggested to only cover the mission-critical servers, such as email, web site, OA and CRM servers, and core switches and routers in your baseline report. And they’d better be organized in separate sheets to help you easily find what data you need.

Baseline over a long time period

It takes a long time to set up a network baseline because your network probably works in different patterns through Monday to Sunday. For example, on Monday morning, your email traffic could be higher than other days because there are lots of emails waiting to be processed after the weekend. On Friday afternoon after 4:00 PM, web traffic could be higher because some are browsing the web to find a place for the weekend. Therefore, your baseline report should cover the time period of a week at least, and you are suggested to extend to 2 ~ 4 weeks.

Keep baseline report easy to read

You should include all useful diagrams and illustrations in baseline report, the more the better, such as a network diagram, network policy, backups for switches and routers. The documents should be standardized with explanations and descriptions, especially for the technical terms. All of them are helpful when someone else is trying to access and read the documents.

Download Capsa

from: colasoft.com

Capsa Network Analyzer Free Edition 7.7 – review by SoftPlanet

March 4th, 2014 No comments

 

Capsa Network Analyzer Free Edition 7.7 Video Review

 

Today we use the Internet on a regular basis and in order to have a better experience while browsing we need a stable network.Capsa Network Analyzer Free Edition will provide it to you, because it constantly monitors your network, analyzes it and helps you prevent troubleshooting. The only limitation of the program is that you can start one project at a time. If you want more you have to buy the Enterprise version, which costs USD 995 for a one year license and maintenance. If you want to increase the time limit with one more year you have to buy it for additional USD 245. But if you don’t need the app for commercial usage you can use it for free without limitations.

Features

Several working modes
Analyzes networks
Monitors traffic
Shows statistics

Capsa Network Analyzer Free Edition lets you use several modes that are specialized for different tasks. With them you can make a full analysis of your network or you can choose to start theTraffic Monitor. Also, you can make a profile that is aimed at HTTP Analysis, Email Analysis, DNS Analysis, FTP Analysis and IM Analysis.

Interface

The interface of Capsa Network Analyzer Free Edition seems simple at first, but when you start any of the modes you see that it actually has a lot of sides to it. When you double-click on any of the profiles the app offers a lot of setup options that are used for the analysis. If you want to start the monitoring or the analysis you can click on the Start button and you will see that the app has a lot of instruments, which leads to a bit of a complicated interface. But after you spend some time with it you will see that all the monitoring and analysis utilities are easily used and you don’t have to be a specialist in order to use them.

Basic Operations

When you start the Full Analysis option of Capsa Network Analyzer Free Edition it opens a window for you that is comprised of different panes which show the most important functions of the program. With them you can monitor the traffic in bytes, the protocols, the IP conversations and perform many more analyses and monitoring functions. There are a lot of other instruments that you will find useful after you get used to them.

Conclusion

Capsa Network Analyzer Free Edition is a nice application not only because it is free, but also because with it you will be able to monitor all the aspects of your network. It offers a nice visualization for a vast number of utilities, so even though they are a lot you will still be able to use them without any problems.

Pros
Many utilities
Nice visualizations
Completely free version
Cons
None really

Editor review by softplanet.com

Learn more from Colasoft official website.

Review: Capsa Free Gives You the Skinny on Your Network–For Free

September 13th, 2010 2 comments

Ian Harac, PC World, Sept 13th, 2010

When a program has a “free” edition, very often, it is just a demo without a time limit, offering only enough functionality to get you to buy the “real” version. Capsa 7 Free is not such a program; it’s a full-featured network traffic monitoring and reporting tool. The features you get for free, without a time limit or unceasing nags, are exceptional.

205151-capsafree-large_350
This high level overview is just the start of Capsa Free; you can drill down very deep to learn more about your network.

Capsa Free provides an ongoing look at everything that passes through a selected network adapter. (This is one of the few limitations of the Free version vs. the Professional and Enterprise versions; you can analyze only one adapter at a time. For most home or small business users, this will not be an issue.) It breaks the data down by protocol and IP address, the latter of which is very interesting from a home user perspective–a days’ casual surfing, captured and analyzed by Capsa, revealed I contacted computers in over a hundred different nations. You can also set it to store packets, with a variety of options for how many to store and how long to keep them. Later, you can rummage through them with Capsa, if you know what you’re looking for (or just want to peek under the hood and understand more about what happens between when you type an address in your browser and when you see a picture of a cat appear on your screen.)

For network administrators in small businesses, Capsa 7 Free is a potent tool with many analysis and testing abilities. With it, you can see what’s happening on your network, whether you want to monitor usage or determine if a connectivity problem really is on your end, You can hand-code packets and then send them to an adapter, in order to see what happens. The ability to set alarms if particular traffic patterns occur can help you see an attack coming and head it off, and there are tutorials on-line to help you do just that.

Capsa Free is a tool for professionals and enthusiasts. A casual home user will not find much use in Capsa Free, though, being free, it doesn’t hurt to check it out. Using it requires either a good knowledge of internet protocols and low level functionality, or a strong desire to learn such things. If most or all of your traffic routes through a single network adapter, you may never see a need to upgrade to the Professional edition, which starts at $549.00.

Network Monitor: who’s watching World Cup online

June 11th, 2010 No comments

To football fans, today is a big day! FIFA World Cup opens today, Friday, June 11, 2010. They will spend the nights with the TV and bears. But our network admins will be drove crazy too. Why? The World Cup brings us great joys as well as certain network problems. Some of the crazy fans will watch or replay the competitions online at work. In these days, you will find your network traffic grows dramatically. I don’t want to be mean with the big fans, but we still have to do our work to maintain the network goes smoothly. How can we figure who is watching World Cup online at workplace? With Capsa network analyzer at hand, that would be so easy for you to monitor network, and prevent the network problems that World Cup may bring to your LAN.

Well, first we should make a list of football fans’ names and inform them not to watch videos online. And then we will keep an eye on our network utilization. When the utilization graph is high pitch, we know someone is disobeying the rules. Then we can check out who is consuming the bandwidth in the IP Endpoint tab.

But utilization cannot tell everything. We still need to spend a little seconds to check the protocols used in the network (Protocol tab). Special attention should be paid to protocols like P2P, RSTP and even HTTP. Online video takes a big portion of bandwidth so that we can easily find them out in the Protocol tab. The following figure shows that the HTTP traffic is abnormal which takes too much traffic.
abnormail_http_traffic

When a suspicious protocol spotted, we should concentrate on it and check which IP address is generating the traffic in the IP Endpoint tab (figure below).
abnormal_http_machine

Then we could take a further step to prove our analysis. We can check out their conversations (IP Conversation tab), communication matrix (Matrix tab), and even we can go down to their original traffic packets (Packet tab).
non-http

With the above tips, I’m sure you can guarantee a healthy network during the special World Cup time.