Windows Task Manager shows a process that seems strange to you. Would you like to know what data a program receives and sends over the Internet? Or you are simply enthusiastic about technology and would like to better understand what is happening on your PC: We will introduce you to the right programs for it. What is bandwidth usage monitoring?
Bandwidth usage monitoring is recording, monitoring and analyzing the volume of network traffic by endpoint (user), port, interface and protocol (application). There are several best practices for doing this, such as:
- Ensure sufficient bandwidth for business-critical applications.
- Minimize the impact of non-critical or unauthorized network traffic.
- Detecting bandwidth usage bottlenecks, such as Bandwidth hogging processes that do not need to be run during peak times.
- Warn of potential DDoS (Distributed Denial of Service) attacks or externally initiated port scans.
In the past, bandwidth usage monitoring only meant concentrating on Internet traffic, but today it applies to a much wider range of components. To give you an idea of use cases today, it is now possible to monitor network traffic between general web applications or devices. Regardless of what traffic is being monitored, a good understanding of bandwidth is essential for network administrators to be confident that they are providing end users with the best possible performance.
At its core, bandwidth usage monitoring is about data. Bandwidth is measured as the amount of data transferred per unit of time (bits per second). In today's world, a seemingly unlimited amount of data is transferred between users at the push of a button. Knowing how to measure the speed and performance of this data is therefore of vital importance.
What is NetFlow?
NetFlow is a network protocol developed by Cisco for collecting IP network traffic as it enters and exits an interface. NetFlow uses seven key values to identify unique data streams:
- Source IP address
- Destination IP address
- Source port
- Destination port
- IP protocol
- Incoming interface
- ToS (Type of Service) values
NetFlow-capable devices (router / switch) log a new data stream when a packet with unique identifications in the seven key values is transmitted through its interface. Subsequent packets with the same values are logged as increments of the same data stream. However, a deviation in only one value has the effect that the current data stream is ended and another data stream is initiated. NetFlow captures IP packet data at the inbound (incoming) and outbound (outbound) in one interface.
Why Bandwidth Usage Monitoring is So Important
Bandwidth monitoring is one of the most important aspects of network management. Without a thorough understanding of what traffic is consuming bandwidth, it is impossible to ensure proper availability for business-critical services and applications. By applying QoS (Quality of Service) guidelines, administrators can ensure that business-critical applications have a guaranteed minimum bandwidth usage and are prioritized in the data traffic.
Very often traffic monitoring tools help distinguish between normal and suspicious traffic patterns. Because viruses and malware often consume unusually large amounts of bandwidth, monitoring bandwidth usage is also essential when detecting security anomalies.
In the modern world, most business operations rely on network speed to perform critical operations. It is important that administrators keep in mind that there are two different types of bandwidth speeds: upload speed and download speed. Both speeds should be monitored to ensure optimal network performance. Bandwidth capacity is also an important consideration for administrators. The bandwidth capacity is the maximum amount of data that can be transmitted over a connection. When configuring the network, it is important to consider the bandwidth capacity. Because administrators need to know how much traffic the network can support.
Achieve Transparency in Network Traffic and Bandwidth Usage
Network transparency is understood to be the tools that enable network monitoring and how data is collected, aggregated, distributed and transmitted to these network monitoring tools. The amount of data transmitted by modern corporate networks is increasing. This creates a complicated environment for IT, network, and security teams.
How to Monitor Bandwidth Usage Yourself
Since network traffic is key to providing efficient levels of service for your business and addressing network security issues, bandwidth monitoring should be part of your IT monitoring strategy.
Wireshark is the professional tool in our series - very functional, but also correspondingly complicated to use. Thanks to various subroutines, it can analyze network traffic, for example, but also USB data transfer.
Wireshark shows the result in the form of individual packages and prepares it so that it can be read easily. The free open source program also provides statistics on data transfer and can recognize and display images contained in the data stream.
Fiddlercap is something like Wireshark's little brother in that it only records web data transfer. In this way you can find errors on websites or understand the behavior of your web browser. Support experts often request a recording made with Fiddlercap. It is best to use Fiddler for the evaluation. While it's not quite as complex as Wireshark, it still requires some training.
The free URL Revealer from Kahu Security is wedged between programs that download data from the web via http and https. Often this is the browser, but many malicious programs also download data from the network in this way. URL Revealer intercepts the connections and outputs the names of the contacted servers. So it is a good way to find out how malware communicates.
URL Revealer is started from the command line. The program requires the .NET Framework. If this component is missing on your PC, it will be downloaded automatically under Windows 10. Also under Windows 10, we had start problems with URL Revealer because Windows Defender reported the program as malware and blocked it.
Tip: The password for unpacking the URL Revealer download is "kahusecurity".
Microsoft Sysinternals offers with TCPView a software for network analysis. Specifically, it shows you which TCP and UDP ports are currently open on your system and which programs communicate with them. If you discover an open port on your system that you cannot assign, this problem can be resolved quickly with TCPView.
If you simply want to measure the amount of data that Windows exchanges with the Internet, then we recommend BitMeter 2. The free program shows the overall speeds of ongoing uploads and downloads in a small graphic. It also logs the data so you can come back to it later.
Thanks to the software's additional web interface, this can also be done from another PC. If necessary, you can set an alarm that triggers when a certain amount of data has been reached in the month. This is useful, for example, with mobile Internet connections, which are usually billed according to the data transfer volume.
Windows Resource Monitor
Windows 10 also comes with a (simple) network monitor. It shows you the resource consumption of each running program, including the CPU load, the memory consumption and the amount of data transferred. The quickest way to open the resource monitor is via the desktop search - just enter the program name there.