How to monitor network traffic in the enterprise?

Good afternoon, at the enterprise the last time too often, I really like LAN. It also became procedat traffic. Tell me a good software which helps to track the traffic from all devices.
Network setup : Internet comes to the router(TP-link to openwrt),from the router goes to the switch, and then the enterprise. All PCs in the domain, DHCP and DNS run on separate server WS 2008.
To facilitate traffic monitoring.
3 answers
August 19th 19 at 22:47
Solution
Options sagging network
1. The LAN - loops, dead switches, crooked compressed/cable treaded, who is actively flood, curve slavushka
2. Intranet - somebody that. or work provider

With openwrt is not very familiar. I suspect the problem p. 2 it allows you to somehow admonitorily.

But a good solution:
1. Router to replace the server. To take a thread for Windows traffic inspector (surcharge) and there out of the box will have beautiful graphics or frišnyh solutions on FreeBSD or Linux. Pfsense is also the same for example. All the problems with winehou will be at least diagnosed.

2. Router to replace a router :) Mikrotik or Cisk will give a huge amount of functionality of monitoring and filtering. See for example nekroticescoe dev (a month free) and Winbox to work with it. Space there is where carousing. Nekroticeskih router from a thousand. Interestingly, here is misery in the guts carries the same OS with the train twists, only that the resources compared to more advanced model will be somewhat smaller.
Mikrotik suggest, a certain availability of skills can be a mouse stick config, with ciscoe question - there all is more difficult and more expensive.

3. correctly says - a normal managed switch.
Will allow us to look into the guts of the network in detail. Plus "normal" is really normal, which hangs from the slightest overload.
A thread of SNR-S2965-24T (carefully mimic Cisco) or b/ear of cisk Cisco Catalyst WS-C2950G-48-EI will fit into the top ten. This provides load monitoring at ports is standard SNMP, control loops, one thick easy to break into VLAN's, so that broadcast domains suddenly narrowed.
The same Port Security will prevent sticking in the unknown network device (lock alert the admin when a new MAC)

So I have Zabbix carries with managed switches Cisco download ports, and you can set triggers to the alert, for example "download the port during the last 5 minutes exceeds 90%". Here you can see the overall schedule and for separate ports to watch.
e35d7994424648d88e1409d4e32e02d0.png
The presence of plaques "the port" allows sighting to go and Bang on the head of a particular employee. Considering that a managed switch allows you to programmatically view a list of Macs on a port is not getting up from the computer, the stomach You have a stable seat in one place will only increase :)))

Similar situation with monitor and on the router, but there can still clarify - who and where climbs at the end of the month sites-leaders and consumers-the leaders in sign to reduce (on the SP, the rest is costly, because https is still in the General case, encrypts the traffic)
Thank you for your reply, I will think in favor of the smart router. - Joann commented on August 19th 19 at 22:50
First you need to decide where in the problem - Ethernet or IP/NAT.
Smart router only solves the problem with IP.
Smart switch solves the problem with Ethernet.
Six months ago passed the question (among my answers) - had a similar problem turned out to flood the Chinese slavushka. - edna_Predov commented on August 19th 19 at 22:53
after meeting with microtome I loved them. Simple, reliable, inexpensive and a lot of opportunities. Maybe I'm not adequate when considering the alternatives :) - edna_Predov commented on August 19th 19 at 22:56
Surprised competent and detailed answer to the question. Glands and direct running, but 2960 Koshak is not much more expensive and better will be the procedure for example combo Gigabit ports, in addition to functionality. - Alford.Mohr commented on August 19th 19 at 22:59
there is already a choice on the budget. Sometimes on Craigslist for extremely ridiculous prices gigabitnye the fly. I asked the minimum level, which will already happiness. - edna_Predov commented on August 19th 19 at 23:02
August 19th 19 at 22:49
Throw a cheap unmanaged switch and put a normal, manageable. Most likely, this will solve the problem with the network. And if you do not decide on managed funds for collection of statistics.

Can also deploy NAGIOS, put on all the machines the customer is gathering statistics and watching for traffic.
it's in the plans, need a solution at the moment, software - Joann commented on August 19th 19 at 22:52
: Can also deploy NAGIOS, put on all the machines the customer is gathering statistics and watching for traffic. - edna_Predov commented on August 19th 19 at 22:55
and really, to do without client installation on all machines? - edna_Predov commented on August 19th 19 at 22:58
August 19th 19 at 22:51
no client installation is possible through snmp or wmi to read, but only with PC, since the switch is unmanaged, and wmi only works on Windows
read here www.10-strike.com/rus/bandwidth-monitor/help/monit...

Find more questions by tags Analysis of site trafficMonitoringNetwork administration