RE: Bandwidth monitor/management

["Jennifer Jabbusch (jj)" <jj () cadinc com>]

A few years ago, we identified Packeteer as a 'best of breed' solution and
have been a certified Solutions Partner with them ever since. Packeteers are
available in several models, depending on your bandwidth and network needs.

As Pete said, they are Layer-7 based, meaning they identify application
signatures and catch any morphing and port-hopping traffic (such as
peer-to-peer apps). They're EXTREMELY easy to configure and use- Out of the
box, you do some minor network configs, including specifying an IP.. then it
will automatically start identifying and classifying traffic into easy to
use trees and reports. You can drill down for detailed info or look at the
big picture.

It allows you to stop/block or limit bandwidth for web appls & sites. You
can set policies, allow/disallow/limit, etc globally, per group or even per
IP. You can also set date/time restrictions.

The box is most often used for these main functions:
- stop messaging and other peer-peer traffic
- limit bandwidth for non-critical apps (eg streaming media, non-specific
surfing)
- reserve bandwidth for critical apps
- provide QoS of VoIP
- reporting & auditing of network use

jj

Jennifer Jabbusch
Technical Sales
Carolina Advanced Digital
www.cadinc.com <http://www.cadinc.com>
Ph: 800.435.2212 x101
Fx: 919.742.2279

Symantec Architecture & Infrastructure Mgmt
HP ProCurve Elite Networking Partner
Packeteer Solutions Partner
Federal / SLED / Commercial






-----Original Message-----
From: Peter Morgan [mailto:pmorgan () exceedsecurity com]
Sent: Monday, April 03, 2006 12:47 PM
To: anon () somefin de
Cc: security-basics () securityfocus com
Subject: Re: Bandwidth monitor/management


anon () somefin de wrote:

> I hope this is the right list to post this. we are looking for hardware
bandwidth monitoring/management solution. Has any of you have experince with
that ?
>
I've used a Packeteer PacketShaper 5000 series hardware device.  It
takes some time to get configured for your network, but does layer-7
inspection and can monitor AND throttle the flows accordingly.

> Another thing i want to know is in which sceneario a hardware bandwidth
solution should be deployed? ie it should be deployed after or before the
firewall in the network or it should be deployed in the lan ?
>
That really depends on the size and the function of your network.  In my
case, it was used at an .edu, where there was:

internet --> edge_router --> edge_firewall --> packeteer --> core router
-->  firewall #1 -> network #1

|--------->  firewall #2 -> network #2

This was because the needs of the .edu network, the edge firewall only
blocked very certain things, instead of "block all/allow some", but the
benefit of that firewall was to allow block the garbage before it got to
the packeteer.  Similarly, there was a definite need to protect the
internet from our users (most being students) and the firewalls in place
between the core router and the networks would drop packets that were
not allowed.  Thus the "throttling" was done by the packetShaper, and
the dropping of various services was done with the firewalls.  This
reduced strain on the respective devices.  This was specific to our
environment, In a usual context I would configure the network as:

internet --> edge_gateway --> firewall --> packetshaper --> router -->
network

unless there existed specific reason not to.

I hope this helps

Pete

> any inputs are appreciated. Thanks in advance.
>
> ---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity
Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
>
>
> .


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------