RE: Bandwidth monitor/management
- From: "Jennifer Jabbusch (jj)" <jj@xxxxxxxxxx>
- Date: Tue, 4 Apr 2006 11:18:59 -0400
A few years ago, we identified Packeteer as a 'best of breed' solution and
have been a certified Solutions Partner with them ever since. Packeteers are
available in several models, depending on your bandwidth and network needs.
As Pete said, they are Layer-7 based, meaning they identify application
signatures and catch any morphing and port-hopping traffic (such as
peer-to-peer apps). They're EXTREMELY easy to configure and use- Out of the
box, you do some minor network configs, including specifying an IP.. then it
will automatically start identifying and classifying traffic into easy to
use trees and reports. You can drill down for detailed info or look at the
big picture.
It allows you to stop/block or limit bandwidth for web appls & sites. You
can set policies, allow/disallow/limit, etc globally, per group or even per
IP. You can also set date/time restrictions.
The box is most often used for these main functions:
- stop messaging and other peer-peer traffic
- limit bandwidth for non-critical apps (eg streaming media, non-specific
surfing)
- reserve bandwidth for critical apps
- provide QoS of VoIP
- reporting & auditing of network use
jj
Jennifer Jabbusch
Technical Sales
Carolina Advanced Digital
www.cadinc.com <http://www.cadinc.com>
Ph: 800.435.2212 x101
Fx: 919.742.2279
Symantec Architecture & Infrastructure Mgmt
HP ProCurve Elite Networking Partner
Packeteer Solutions Partner
Federal / SLED / Commercial
-----Original Message-----
From: Peter Morgan [mailto:pmorgan@xxxxxxxxxxxxxxxxxx]
Sent: Monday, April 03, 2006 12:47 PM
To: anon@xxxxxxxxxx
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Bandwidth monitor/management
anon@xxxxxxxxxx wrote:
I hope this is the right list to post this. we are looking for hardwarebandwidth monitoring/management solution. Has any of you have experince with
that ?
I've used a Packeteer PacketShaper 5000 series hardware device. It
takes some time to get configured for your network, but does layer-7
inspection and can monitor AND throttle the flows accordingly.
Another thing i want to know is in which sceneario a hardware bandwidthsolution should be deployed? ie it should be deployed after or before the
firewall in the network or it should be deployed in the lan ?
That really depends on the size and the function of your network. In my
case, it was used at an .edu, where there was:
internet --> edge_router --> edge_firewall --> packeteer --> core router
--> firewall #1 -> network #1
|---------> firewall #2 -> network #2
This was because the needs of the .edu network, the edge firewall only
blocked very certain things, instead of "block all/allow some", but the
benefit of that firewall was to allow block the garbage before it got to
the packeteer. Similarly, there was a definite need to protect the
internet from our users (most being students) and the firewalls in place
between the core router and the networks would drop packets that were
not allowed. Thus the "throttling" was done by the packetShaper, and
the dropping of various services was done with the firewalls. This
reduced strain on the respective devices. This was specific to our
environment, In a usual context I would configure the network as:
internet --> edge_gateway --> firewall --> packetshaper --> router -->
network
unless there existed specific reason not to.
I hope this helps
Pete
any inputs are appreciated. Thanks in advance.Planning,
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
.
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Re: Bandwidth monitor/management
- From: Peter Morgan
- Re: Bandwidth monitor/management
- Prev by Date: Fwd: How to Protect against Rootkits?
- Next by Date: SF new article announcement: Two attacks against VoIP
- Previous by thread: Re: Bandwidth monitor/management
- Next by thread: Re: Family protection - proxy?
- Index(es):
Relevant Pages
|
|
