Wide area network (WAN) bandwidth monitoring is a necessary tool in deciding whether social networking, streaming...
video, or just the latest software upgrade is running your network into the ground.
At the U.K.-based marketing firm HPS Group, IT administrator Andy Phelps turned to the free, ad-supported Spiceworks toolset to track down what had slowed his company's WAN bandwidth to a crawl.
The culprit: Windows Service Pack 3, which all 15 remote users who were logged into the corporate VPN began downloading simultaneously.
"It's one of those situations where none of the users knows they are downloading anything, so Spiceworks pointed out that all these machines were installing this software," Phelps said.
Spiceworks offers relatively basic network monitoring capabilities, but for small wide area networks it might be enough. Enterprises with more extensive WAN bandwidth utilization can turn to more robust tools that use techniques like deep packet inspection (DPI) to determine exactly what traffic is going across the network.
It is all a question of finding the right fit for the problem -- and being able to discover the cause of any WAN bandwidth drains.
"A company that has a small wide area network and a bunch of LANs would probably not invest anything," said Peter Fetterolf, a partner with networking consultancy Network Strategy Partners LLC. "I would say that [for larger WANs], using these DPI products is definitely just best practice now. Most networks now have various kinds of statistical monitoring systems in place."
And while tools like Spiceworks and PacketTrap are free, the more advanced products carry a price tag of $10,000 to $200,000.
"These are devices that typically sit on the wide area network and monitor traffic at the application layer and provide statistics," Fetterolf said. "And then they could also throttle traffic at the application level."
While Spiceworks can point out that computers are downloading data from a particular IP address, a more expensive DPI solution from likes of Blue Coat's PacketShaper or Cisco's IOS could differentiate between a streaming YouTube video and a work-related video posted on a partner site. The IT administrator would have the option of blocking the YouTube video or "throttling" it down to give priority to business-related traffic and latency-sensitive applications like IP telephony.
Knowing how different types of traffic affect the network can also affect policy implementation.
Several months ago, managers at Phelps' company noticed that social networking sites like Facebook were sapping productivity, but he didn't think it was affecting the WAN.
"You walked around the office and saw all the users on Facebook and whatnot," Phelps said. "But we didn't see an effect on bandwidth."
After a major IT refresh that implemented outright blocking of all social networking sites between 9 a.m. and 5:30 p.m., Phelps realized that social networking and streaming media had been sapping about 20% of HPS's total bandwidth.
That lost productivity might have been discovered earlier if more sophisticated tools had been used, but the tradeoff of extra management complexity and added cost against more detailed analysis is a balancing act.
"With most LANs now, there's so much bandwidth [that] the traffic is no longer an issue," Fetterolf said. "There's not as many problems as there used to be ... except over the WAN, where it gets expensive."