Using NetFlow To Maintain A Bandwidth Diet
Combined with content-filtering tools, the Cisco-developed network protocol can help network administrators rein in runaway bandwidth usage.
January 15, 2014
Perhaps it's time to start restricting access to non-business Internet content that is costing your company serious money.
Internet bandwidth usage is growing exponentially. Voice, video, cloud-based services -- it all adds up. But a combination of NetFlow, a common routing protocol, and content filtering handled by a firewall can help tame this growth, and save many companies a lot of money.
For years, network administrators have taken a simple approach to steadily increasing Internet usage at the office: just add bandwidth. This solution was fairly inexpensive and completely hands-off in terms of management. But as bandwidth continues to grow at accelerating rates, simply throwing bandwidth at the problem is less economically feasible.
Cisco's Visual Networking Index (VNI) shows us that voice/video and cloud computing are contributing to massive consumption of bandwidth, with no foreseeable let up. And that's perfectly acceptable, as long as all this increase is driven by business-related activity. But I'm familiar with companies that have seen their 100Mbps service burst to 150Mbps or more, for which they pay a premium of maybe 75%. Typical peak traffic times are early morning, lunchtime, and the end of the workday, when employees watch YouTube videos and Netflix movies on their computers, and increasingly, on their smartphones.
And so, in response, network engineers should think about harnessing some traditional network management tools to identify and dramatically reduce this growing torrent of non-business related traffic.
IT management used to just look the other way when it came to personal use of office bandwidth, filtering only obscene content that risked getting the company into legal hot water. Now, it's time for IT admins to do more. But what's the best way of getting an accurate view into who and what is consuming bandwidth? One of the best tools I've found for this is NetFlow. It's an industry-standard protocol (originally developed by Cisco) that can be configured on just about all enterprise-class routers and firewalls.
NetFlow data collected on these devices includes information that shows source and destination IP addresses and TCP/UDP ports. This information can then be offloaded to an open-source NetfFow collector such as Ntop.
After a few days of collecting data, network administrators can view it in the form of graphs created by Ntop or another, perhaps commercial, collector tool. These will detail exactly where traffic is coming from and going to and also how much bandwidth each destination is consuming. Once they figure out the top talkers, administrators can easily configure a content-filtering firewall to block access or rate-limit users to cut down on bandwidth. Many firewall products enable fine-grained control of traffic, based on site, traffic load, time, and even specific user.
Using insights from NetFlow and content-filtering tools to curb runaway bandwidth usage may not make you the most popular person in the office, but in today's environment, it's practically a necessity. The days of allowing unfettered Web access are coming to an end.
And for those still sitting on the fence, just a bit of advice: The least you can do is get started monitoring bandwidth usage via NetFlow, even if you have no current plans to restrict Internet access. By doing so, you can at least see the impact of non-business related bandwidth usage for yourself. The decision to restrict or limit can then be an informed one, based on hard facts, not simply gut feel.
About the Author
You May Also Like