Network Traffic Under the Microsope
Get up close and personal with your network's activity with Lightspeed Systems' Total Traffic Control 4.0.
There are more than a few traffic monitoring and control, spam blocking,
content filtering and firewall products on the market these days, but
what about a single package that does it all? In this review, I evaluate
one such product: Lightspeed Systems' Total Traffic Control 4.0.
TTC 4.0 is available in either a software-only form or hardware appliance.
I received the software installed on a Dell 1U server running Windows
2000 Server. TTC 4.0 includes many features, and most administrators will
probably find this package less expensive than buying separate products
and attempting to integrate them.
Lightspeed Systems' Web site contains a message that rings so true:
Your network is being abused. Right now you don't know why, how
much or by whom, but you know it is. And it's not just spam and porn
that reduce productivity and threaten legal liabilities. It's the bandwidth-sapping
(and often copyright infringing) downloads of MP3s and DVDs, excessive
use of non-work related instant messaging or email, threatening messages,
latency issues, overburdened applications, and more.
Although most of my recent travels have been to smaller customer networks
and classrooms, I have seen a need for the monitoring and safeguards available
in TTC. At one school where I teach, many students have loaded Kazaa and
iMesh. I've had my own challenges recently with spam e-mail. Both can
waste a lot of time and bandwidth.
Getting It Under Control
Setting up this system was a matter of booting to Windows and starting
the TTC application. Once the application started, I was presented with
a choice of creating a load balancing server, a bandwidth management server,
a security and VPN server or a traffic reporting server. All of the servers
can be run together. The hardware and software requirements are moderate
by today's standards; Pentium III 1.0GHZ, 1GB RAM, 60MBs of disk space,
two NICs, Windows 2000 Pro, Server or XP, SQL Server 2000, IIS 5.0 and
.Net Framework 1.1. I chose the built-in example configuration for traffic
reporting in promiscuous mode first, then I quickly moved on to the Spam
The network diagram allows you to configure it to match your network
layout with building blocks and connections. With the Spam Mail Blocker,
I was able to configure it to for white lists, black lists, real-time
blackhole lists, adult-content screening, local learning mode and Bayesian
analysis. If only I could leave this on my network forever and eliminate
the unwanted spam!
|LightSpeed Systems' Total Traffic Control 4.0
offers a simple network diagram for configuring your monitoring plans.
(Click image to view larger version.)
The network monitoring tools are plenty and provide for many comprehensive
reports. For example, rather than simply reporting that traffic is TCP/IP
and NetBIOS, it reports a break down by TCP, UDP, ICMP port numbers, and
shows traffic percentages for SMTP, HTTP, FTP.
TTC includes two Web servers with the software, one for management through
the out-of-band interface and one for reports. The reports Web service
provides selected reports pulled from the SQL database, which can be incorporated
into other applications.
There are many reports available to choose from: total incoming or outgoing
traffic, traffic by internal IP address, traffic by protocol and internal
IP address, traffic by protocol and external IP address, top 50 incoming
traffic by destination MAC address, top 50 outgoing traffic by source
MAC address, applications and IP address, top file-sharing downloads,
top file-sharing uploads, top 100 external URLs hit, top 100 internal
URLs hit, e-mail senders/receivers, and host-to-host conversations.
Lightspeed Systems' Total Traffic Control 4.0 includes plenty of
features in a single package but can be complicated to configure and overwhelming
at first glance. TTC includes excellent bandwidth control and traffic
control capabilities with many report types which allows for careful monitoring
of the network in almost any scenario, from educational institution to
ISP to corporate site.
This product carries a hefty price tag at $6,995, but for all that's
included, can you afford not to have it?
Andy Barkl, CCNP, CCDP, CISSP, MCT, MVP, MCDST, MCSE: Security, MCSA: Security, MCSA: Messaging A+, CTT+, i-Net+, Network+, Security+, Server+, CNA, has over 20 years of experience in the IT field. He's the owner of MCT & Associates LLC, a technical training and consulting firm in Phoenix, Arizona. He enjoys dividing his time between teaching in the classroom, writing from his office and consulting on Cisco and Windows deployments. He's also the online editor for MCPMag.com, TCPMag.com, CertCities.com, and a contributing author and editor for Sybex and Cisco Press. He hosts a multitude of exam preparation chats monthly on MCPmag.com and CertCities.com.