My company has a 100mbps Internet connection and we have recently experienced extreme slowness when using the Internet (our provider's speedtest page indicated .25 Mbps download speed). When we contacted them about it, they said it's because our circuit is getting maxed out.
We recently has a CCTV system installed and the DVR for that system is outside our firewall connected directly to the Internet with a public IP. My suspicion is that this system is the cause of this problem.
I cannot disconnect this system for internal political reasons, so I am trying to determine how I can otherwise determine if this system is indeed the one using tons of bandwidth.
Here is our network layout – from our provider we have fiber coming into a media converter, from the media converter we have ethernet to a Cisco 2800 series router (the router peers with our provider via BGP to announce our /24) and then from the router there is ethernet to a switch, and that switch then connects to the DVR as well as our firewall.
I am trying to find a way to get info out of the Cisco router that will help me figure out if it's the DVR or our firewall that is using all of the available bandwidth. Typically we only average around 15 Mbps, so I would expect to see that the DVR is constantly using 90-100 Mbps. I just need to know how I can show that to someone in black and white so I can get them to let me unplug it.
Best Answer
Traditional way to monitor usage by host is to use NetFlow. Most enterprise Cisco gear supports exporting NetFlow records.
Configure your Cisco router to export flow data to a NetFlow Collector. There are many different NetFlow Collector software packages out there ranging in cost from "free" to "an arm and a leg".
PRTG is one such NetFlow Collector and its free version will accept NetFlow from up to 10 different routers/switches.