Top wireless users downloading from the internet
Customer Use Case: Top wireless users downloading from the internet
Last week, we had an interesting request from one of our customers. In their own words, they requested “I’m looking for a new report on our Internet Monitoring dashboard. I want to list the top wireless users downloading from the internet”.
Specifically, the customer had 3 questions they wanted answering:
(1) On average, how many users are downloading 5GB and over an hour?
(2) On average, how many users are downloading 2.5GB and over an hour?
(3) If we limit users to 5Mbps, how much bandwidth would we save for distribution between other users?
They really needed to see the level of downloads and gauge the effect of implementing rate limiting wireless users.
Our Support Team worked with them to update their LANGuardian dashboards, so that they had access to a new set of reports which focused on wireless client activity. The response from the customer was “Excellent, exactly what I was looking for” needless to say, great to see another happy customer. The image below depicts what this dashboard looks like now.
Providing reliable wireless network access is a must for most Network Managers these days. Between the demands from network users to use their own wireless devices to the moves to an IoT connected world, it is vital that wireless networks are both secure and efficient. It simply just takes one or two wireless clients to hog bandwidth availability and suddenly all users are impacted.
One of the challenges with monitoring BYOD devices on wireless networks is that traditional monitoring tools which require logs or software agents won’t work. You will struggle to enable any sort of local logging on mobile devices and the owners of these devices never want to put monitoring agents/software on them.
If you want to monitor what wireless users are doing on your network, you can use network traffic analysis as a data source. Essentially, there are two main technologies that you can choose from, if you want to perform traffic analysis on your network:
(1) Flow analysis
(2) Packet analysis
Flow analysis tools struggle with wireless traffic as they only report on IP addresses and ports. Network traffic analysis tools which use deep packet inspection technologies can capture wireless device metadata from HTTP headers. A sample report from a traffic analysis application is shown below.
A SPAN or mirror port is an ideal source if you want to monitor Internet traffic. It provides for a passive way of capturing network packets which means it will not impact on network performance. Network TAPs can be used as an alternative if you do not want to use SPAN ports. Check out this video below to see how you can set up a SPAN port to monitor internet activity.
Another advantage with using network packets as a data source is that you can identify what type of mobile devices are connecting to your network. When a mobile device connects to a web site, it transmits device specific information in the User-Agent field of the HTTP header. The image below shows how this information can be then used to report on what is connecting to your network via wireless.
NetFort provides network traffic and security monitoring software for virtual and physical networks. NetFort’s flagship product, LANGuardian, is unique in the marketplace thanks to its powerful deep-packet inspection technology that can be downloaded and deployed on standard physical or virtual hardware to provide comprehensive visibility in minutes. Organizations worldwide depend on LANGuardian solutions from monitoring user activity to file activity monitoring, web activity monitoring, network security monitoring,bandwidth monitoring, wire data analytics, network forensics to packet capture.
To see LANGuardian in action – try our interactive demo today!