Magazine article Security Management

Defeating the Bandwidth Bandits. (Working Wise)

Magazine article Security Management

Defeating the Bandwidth Bandits. (Working Wise)

Article excerpt

The systems administrator was baffled. The network had plenty of bandwidth--the company's two T1 lines should have been more than adequate to handle the site's normal traffic--yet visitors were reporting that they were unable to access the company's Web site during the evening. But the Web site bad to be up around the clock, so there wasn't much choice. Management would have to approve money to install another T1.

This was the situation that faced Johnston, Iowa-based Rain and Hail L.L.C, one of the largest providers of crop insurance in the world, in late 2000. But then one of the company's managers met Tammy Neff, a network security consultant for Palisade Systems, at a luncheon and explained the situation to her. Neff suggested that Rain and Hail first get a better idea of who was using all that bandwidth before investing in another expensive T1; a free download from Palisade called PacketPup would show what applications users were running. The manager agreed and downloaded the freeware program. The results were surprising, and the reason that the network was getting bottlenecked at night quickly became clear.

"Rain and Hail had people who were queuing Napster songs [for download] at night, and it was taking up all their bandwidth," Neff explains. This made the company's Web sites inaccessible to its customers, including agents trying to open new accounts or customers who wanted to do maintenance on their policies.

Now that the reason for the problem was clear, the company decided to invest in PacketHound, the full version of the stripped-down PacketPup, says Andy Van Weelden, systems analyst for Rain and Hail.

PacketHound is a hardware appliance that runs on the FreeBSD operating system. PacketHound works like a sniffer; it passively scans the data packets coming into the network, meaning that it has no negative effect on data throughput (for comparison, a firewall can perform some similar functions but slows down the network by doing so), and it is essentially invisible to insiders and outsiders. In addition to monitoring traffic, the software allows administrators to selectively block traffic as well.

Van Weelden says that he can choose from dozens of preset rules included with PacketHound that allow him to notice and block applications and user actions that are not allowed, such as the use of. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.