Security Basics mailing list archives
RE: Bandwidth monitor/management
From: "Jennifer Jabbusch (jj)" <jj () cadinc com>
Date: Tue, 4 Apr 2006 11:18:59 -0400
A few years ago, we identified Packeteer as a 'best of breed' solution and have been a certified Solutions Partner with them ever since. Packeteers are available in several models, depending on your bandwidth and network needs. As Pete said, they are Layer-7 based, meaning they identify application signatures and catch any morphing and port-hopping traffic (such as peer-to-peer apps). They're EXTREMELY easy to configure and use- Out of the box, you do some minor network configs, including specifying an IP.. then it will automatically start identifying and classifying traffic into easy to use trees and reports. You can drill down for detailed info or look at the big picture. It allows you to stop/block or limit bandwidth for web appls & sites. You can set policies, allow/disallow/limit, etc globally, per group or even per IP. You can also set date/time restrictions. The box is most often used for these main functions: - stop messaging and other peer-peer traffic - limit bandwidth for non-critical apps (eg streaming media, non-specific surfing) - reserve bandwidth for critical apps - provide QoS of VoIP - reporting & auditing of network use jj Jennifer Jabbusch Technical Sales Carolina Advanced Digital www.cadinc.com <http://www.cadinc.com> Ph: 800.435.2212 x101 Fx: 919.742.2279 Symantec Architecture & Infrastructure Mgmt HP ProCurve Elite Networking Partner Packeteer Solutions Partner Federal / SLED / Commercial -----Original Message----- From: Peter Morgan [mailto:pmorgan () exceedsecurity com] Sent: Monday, April 03, 2006 12:47 PM To: anon () somefin de Cc: security-basics () securityfocus com Subject: Re: Bandwidth monitor/management anon () somefin de wrote:
I hope this is the right list to post this. we are looking for hardware
bandwidth monitoring/management solution. Has any of you have experince with that ?
I've used a Packeteer PacketShaper 5000 series hardware device. It takes some time to get configured for your network, but does layer-7 inspection and can monitor AND throttle the flows accordingly.
Another thing i want to know is in which sceneario a hardware bandwidth
solution should be deployed? ie it should be deployed after or before the firewall in the network or it should be deployed in the lan ?
That really depends on the size and the function of your network. In my case, it was used at an .edu, where there was: internet --> edge_router --> edge_firewall --> packeteer --> core router --> firewall #1 -> network #1 |---------> firewall #2 -> network #2 This was because the needs of the .edu network, the edge firewall only blocked very certain things, instead of "block all/allow some", but the benefit of that firewall was to allow block the garbage before it got to the packeteer. Similarly, there was a definite need to protect the internet from our users (most being students) and the firewalls in place between the core router and the networks would drop packets that were not allowed. Thus the "throttling" was done by the packetShaper, and the dropping of various services was done with the firewalls. This reduced strain on the respective devices. This was specific to our environment, In a usual context I would configure the network as: internet --> edge_gateway --> firewall --> packetshaper --> router --> network unless there existed specific reason not to. I hope this helps Pete
any inputs are appreciated. Thanks in advance. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- .
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Re: Bandwidth monitor/management nedsonconde (Apr 03)
- <Possible follow-ups>
- RE: Bandwidth monitor/management Charles Hammett (Apr 03)
- RE: Bandwidth monitor/management Keenan Smith (Apr 03)
- RE: Bandwidth monitor/management Craig Van Tassle (Apr 03)
- RE: Bandwidth monitor/management David Gillett (Apr 03)
- RE: Bandwidth monitor/management Burton Strauss (Apr 03)
- Re: Bandwidth monitor/management Paul Halliday (Apr 04)
- RE: Bandwidth monitor/management Brian Bemis (Apr 03)
- Re: Re: Bandwidth monitor/management molshoop (Apr 03)
- Re: Bandwidth monitor/management Peter Morgan (Apr 03)
- RE: Bandwidth monitor/management Jennifer Jabbusch (jj) (Apr 04)