Looking for ideas to track network traffic

Y

youngandpoor

New Member
i am currently trying to move infrastructure across domains. my idea would be to understand which machines are talking to which. that way, i can identify what machines when moved will be impacted by a firewall. i have very little knowledge of network. i need your help! thanks in advance
 
Do you have any NetFlow capable hardware along the data path?

Usually you can enable NetFlow and then see the conversations on particular protocols and ports between endpoints within your SNMP monitoring utility.
 
I wouldn't use network monitoring as your only resource when it comes to figuring out how to configure your new network, as many services may be rarely used or powered down at that time, and may not show up on a short term network traffic audit.

Can you give us more detail what you're trying to do? Moving between domains can mean many things. Are you moving hardware to a new site? Are you changing your network addressing? Are you implementing new hardware such as a firewall? Or do you have two domains at one site and are just moving hardware between them?
 
^ good advice there.

Also if your current setup is behind an existing firewall it'd be a good idea to audit which policies are allowed currently as a reference to what should be allowed within the new segment.
 
the new network and domains have already been setup with new firewalls, IPs, etc. my request is to track the current communication between machines on the current network before some of these machines move. Once they move there will be authentication issues as well as communication. i am trying to establish a forefront for issue identification. i would like to understand if there is a an application that can monitor the current traffic. i would like to do this systematically. i would be looking at 1000s of machines. once i identify which machines are talking to which i can pull the data unto a db to sort and add metadata to understand where issues will arise once the machine is re ip'd or migrated. i'm really hoping to have a good perspective before the move happens to mitigate any issues beforehand. thanks guys!
 
If you are trying to move clients over to a new domain, I'd start reverse engineering your network as it sounds like you don't know how it's configured currently, and there is no documentation. I'd look in group policy to see if you have network drives being mapped, login scripts, what clients are bound to which domain controller, etc. You aren't going to be able to rely solely on software to do this for you.

Are you brand new to this environment? I just find it hard to understand that someone responsible for migrating to a new domain doesn't know the setup of their own network.
 
well we have a network team, and they are relying on each application team to discern what machines are talking to which. the problem is, we have assets that know nothing about their environment. those folks have left the company or it's so old that there has been no one looking after it. i'm trying to help out those teams, but without guessing, i don't know of a way to analyze their system. i'm not a network guy and the network team has bigger fish to fry. well, that's simply not going to fly. i need to be able to look at a system, run a sniffer program or whatever and come close to saying this is where you will have the communication issue. think of it like this, one company is now two. one domain now becomes two. first the existing network is in place, then the second. now that both have been setup, how can we know what problems are going to arise before we move the systems over to the new domain? how can i tell if machine A in the first domain is still talking to machine B in the new domain? it won't be because their will be firewall issues among others. what are those issues? how can i see them before they come to pass?

i really appreciate your time.
 
You must log in or register to reply here.
Back
Top