To save internet bandwidth and raise productivity, administrators need to know bandwidth usage and internet activities in business networks. There are network firewall appliances with this ability, while in this post, I will introduce several software monitoring solutions.
1. Passby monitoring on a mirroring port.
“Port mirror” is a feature of manageable switches or routers. With “port mirroring”, you can get a copy of packets from other ports. So you can setup a software program in the target port pc to monitor all network traffic. This is called as “passby monitoring”. The network diagram:
With WFilter internet content filter installed, you will be able to monitor bandwidth, internet activities and deploy internet access policies. Screenshots:
2. SNMP-based monitoring
Comparing to “port mirroring”, SNMP-based monitoring is easier to setup with less features. However, it’s also very convenient to monitor bandwidth with SNMP. Below are screenshots from PRTG.
3. Linux network bridge
Network bridge is more powerful, with the ability to monitor traffic, allocate bandwidth, filter internet activities… A network bridge shall be deployed between your router/firewall and switch.
To setup a network bridge, you need a pc with two network cards(wired adapters only). I would recommend you to use WFilter NG firewall as the operation system. It’s a dedicated linux distribution for internet content filtering and firewall. Below are screenshots from WFilter NGF:
Most business networks are now providing WiFi access for employees and customers. Since everyone can access WiFi network, unauthorized access will bring virus attack and intruders. So you need to pay more attention to your network security.
Usually, you have below options:
- Set WiFi users in a separator VLAN, which shall only have limited access to enterprise resources. This is the first door to keep intruders out.
- Enable user authentication for WiFi users.
- Enable ip-mac binding for WiFi users.
- Record internet usage history for WiFi users, including IP, MAC, visited websites.
In this post, I will introduce the “Web Auth” feature of WFilter NG firewall. For WiFi clients, the most widely used authentication is “Web Authentication”(Portal Authentication). Clients won’t have internet access until authenticated in a web portal. For IOS and windows, the web portal will show up automatically.
1. User & Pass Authentication
When enabled, WiFi clients will be required for username and password.
Various authentication method are supported, including “Local Auth”, “Email Auth”, “Ldap Auth” and “Radius Auth”.
- If you have an existing ldap domain, you can authenticate with domain users.
- Users also can authenticate with email accounts.
- You also can define local users in WFilter for authentication.
- Remote radius server is also supported.
You can set internet access policy, query history and reports based on usernames.
2. Third Party Auth
“Third party authentication” is designed for marketing purpose. You have “wechat WiFi” and “facebook WiFi” in default. When enabled, users shall checkin in your facebook page to access internet.
Download WFilter NG firewall now!