Do I need a LAN server?

Hello. My current work enviroment consists of a LAN running XP Pro at the workstations with everyone in a workgroup setup. About 26-30 workstations.

The problem is we keep losing bandwidth to various things: p2p, video, etc. I've recently noticed that on the weekends when no one is here I'm missing about 50% of our bandwidth (5-6MB lost). By process of elimination (shutting them down!), I have it narrowed down to 3-4 workstations. Checking task mgr shows nothing out of the ordinary, and I've removed spy/virus-ware from these pc's several times.

So, I'd like to put a system (server?) in place where I can monitor the outgoing/incoming bandwidth usage per LAN ip (to help me determine the problem areas), and have the ability to restrict bandwidth for certain LAN ip(s).

Doing some initial research it appears that Microsoft has Small Business Server 2003 Premium (w/ ISA 2004). I'm confused on the license requirements however. Does every user need a license? So it comes with 5, I would need 21-25 additional licenses? If so that will get $$! Especially considering I've already purchased XP, then I will purchase SBS, then additional licenses! I really don't need all the other additional features that SBS offers (Exchange, SQL, etc), just the gateway-proxy features I suppose.

Am I heading in the right direction? Is there a cheaper linux alternative (but not too terribly complicated)?

Sorry for the length, and thanks for any/all help.

 

You do not need a server for bandwidth monitoring.

If your switches and router are SNMP management capable, you can easily use this feature.

If not, you would install a logging client on each computer, and collect statistics for a single workstation.

Please google: network bandwidth management utilities

But why are you allow P2P applications at all?

 

Thanks Bill. Reading back I realize I was not very clear on the p2p issue. I don't want to allow it, I've just now discovered that the users are doing it and now I'm looking for a solution to stop it.

Hence the bandwidth monitoring to "get my attention" to a paticular workstation to see whats going on.

Thanks for the SNMP suggestion. It appears both my router (Xincom XC-DPG602) and switch (Netgear FS750T) support SNMP. I'm still reading up on it, but am I right in thinking SNMP needs some sort of software/application to process the logs sent from the router/switch?

 

Yes, you need a software program to process the SNMP information.
Consider for example MRTG: http://www.farpost.com/windows_mrtg_setup.php

If you do a Google search you can find hundreds of products that will offer a 30-day trial.

For shutting down P2P applications:

. Create and have all users sign an Acceptable Use Contract for your computer system. Make it clear that running a P2P application is sufficient grounds for termination.

. See, as one control application for P2P, MS-MVP Greg Palmer's little freeware agent AppKiller: http://www.palmersoft.co.uk/software/appkiller.asp

 

Thank you Bill. Your suggestions are extremely helpful and most likely saved me some money! I really appreciate it.

 

Oh, and for future reference could you clarify something for me....

In my case if I did want to run MS Small Business Server 2003 and I have 25 users I will need 25 CAL for them. Right? Doesnt matter if I use Terminal Services or not.....?

Thanks again.

 

You would need 25 CALs in all likeliehood, requiring a purchase of 20 CALs.

But, see the difference in Device vs. User CALs. Your CAL count may change depending on your choice.

For a purchase of 20 CALs see Volume Purchasing.

SBS CAL information and FAQ link:
http://www.microsoft.com/windowsserver2003/sbs/howtobuy/licensing.mspx

 

You can make your own with a throw away computer and seveal network cards.
IP Cop and Smoothwall are two popular open source versions.
One is a simpler offshoot of the other - do not remember which.
You enter the controls just like a standard router through a web based interface

 

Another great suggestion visionof, appreciate it. I may end up experimenting with that route, as SNMP is giving me fits since this morning. Cheers.

 

I would have my P2P applications running right through that smoothwall router in less than two minutes. Port restrictions cannot beat P2P applications.

. Enforce the written Acceptable Use Contract. Termination of employment has a noted effect on P2P application use in the workplace;

. You need to identify bandwidth consumption, and then focus on that workstation. A user in a workplace setting using a workplace provided computer has no expectation of privacy. Look at the workstation and see what has been installed. With SNMP managed switches you can even shut down the workstation at the switch.

. You need to identify P2P applications when they try to run -- See my earlier link to a freeware application by MS-MVP Greg Palmer

. You can buy hardware bandwidth shapers that will identify most P2P traffic by packet sampling. This does work, but is pricey.

But you can ask the IT departments of thousands of colleges and universities about the failure of port restrictions to stop P2P traffic.

 

Bill, exactly what I had in mind and you've confimed my suspicions with port blocking.

After some more research, it appears my switch DOES NOT support SNMP, so looks like I will have to start shopping.

While my router does support SNMP, I can't get it to communicate with the workstation I set up to receive the traps (although I admit this may be user error). Despite that, judging from the manual I'm not so sure if it will report anything useful or just outages. Still, I would like to see some info from the router before I buy a new switch, so I'm going to continue down this path for now by trying to find a REALLY simple SNMP application to receive the traps. I've tried a few so far but they seem to be geared towards the enterprise level and require some extensive configurations.

 

One good place to start looking -- the router/switch manufacturers.
CISCO, HP, Dell, .etc all have SNMP management and reporting utilities. Look at the web site for your devices that are SNMP capable. Call or email their Tech Support departments for suggestions. They likely have belled this cat many times.

 

I have moved the discussion on the pros and cons of using a domain or peer to peer, to a new thread: "Domain or Peer to Peer ". I think the new discussion covers a different subject matter to the original thread and therefore is clearer if separated into a new thread.