| View previous topic :: View next topic |
| Author |
Message |
KDawg44
Tux's lil' helper
Joined: 01 Feb 2006
Posts: 145
Location: Grand Rapids, MI USA
|
 Posted: Thu Mar 15, 2007 4:54 pm Post subject: SNMP and Network Monitoring |
 |
|
Hi,
I am the IT Director for a small company (~35 users) in a Windows 2003 environment. I would like to implement SNMP in the network and I would like to dedicate a box with Gentoo for this. Is there a specific app that is recommended? Also, I would like to have some kind of realtime network monitoring with graphs and other such items to constantly monitor network traffic. As I am all by myself, I am having a hard time monitoring logs and network traffic along with all my other responsibilities.
Currently, I have a Cisco ASA at the edge of my network. Currently, it logs the traffic through, but it shows IP addresses in the logs. Is there a way to have those resolved to DNS names and also to track the Active Directory user that sent the traffic? I do not have a proxy running and do not really have the option to have one at this time.
THanks for any and all suggestions.
_________________
--
K-Dawg #44
I.T. Director
CCNA, ISA, MCSA, MCP, MCDST Certified
"We are what we repeatedly do. Excellence, then, is not an act, but a habit." -- Aristotle
"Failure is not an option. It comes bundled with Windows."
-- |
|
| Back to top |
|
 |
think4urs11
Bodhisattva
Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
|
| Posted: Thu Mar 15, 2007 5:53 pm Post subject: Re: SNMP and Network Monitoring |
|
|
moved to Networking and Security, better fits here
| KDawg44 wrote: | | I would like to implement SNMP in the network and I would like to dedicate a box with Gentoo for this. Is there a specific app that is recommended? Also, I would like to have some kind of realtime network monitoring with graphs and other such items to constantly monitor network traffic. |
You might want to have a look at Cacti; see http://gentoo-wiki.com/Cacti for a installation howto.
| KDawg44 wrote: | | Currently, it logs the traffic through, but it shows IP addresses in the logs. Is there a way to have those resolved to DNS names |
It is a bad idea to have the ASA resolve the IP addresses; with that you can easily be DoSed.
Doing the resolution on your log server might be an option, at any case don't try to do it in real time but only when needed (e.g. within daily log review procedures).
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself
Last edited by think4urs11 on Thu Mar 15, 2007 6:04 pm; edited 1 time in total |
|
| Back to top |
|
|
KDawg44
Tux's lil' helper
Joined: 01 Feb 2006
Posts: 145
Location: Grand Rapids, MI USA
|
| Posted: Thu Mar 15, 2007 6:04 pm Post subject: |
|
|
Thanks very much for your reply. I will try that.
_________________
--
K-Dawg #44
I.T. Director
CCNA, ISA, MCSA, MCP, MCDST Certified
"We are what we repeatedly do. Excellence, then, is not an act, but a habit." -- Aristotle
"Failure is not an option. It comes bundled with Windows."
-- |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
