Minimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized.

Similar documents
Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Rapid Assessment Key v2 Technical Overview

Print Audit Facilities Manager Technical Overview

Active Management Services

Monitor Solution Best Practice v3.2 part of Symantec Server Management Suite

PagePack Assistant 3.10 Security and Evaluation Guide

Using WhatsUp IP Address Manager 1.0

technical brief Optimizing Performance in HP Web Jetadmin Web Jetadmin Overview Performance HP Web Jetadmin CPU Utilization utilization.

NMS300 Network Management System

11.1. Performance Monitoring

Features Overview Guide About new features in WhatsUp Gold v14

NetCrunch 6. AdRem. Network Monitoring Server. Document. Monitor. Manage

Network Monitoring with SNMP

Network Monitoring with SNMP

Version 4.1 June Xerox Device Agent (XDA) Lite Security and Evaluation Guide

EXPLORER. TFT Filter CONFIGURATION

WhatsUp Gold v11 Features Overview

SolarWinds Certified Professional. Exam Preparation Guide

Konica Minolta s Optimised Print Services (OPS)

PrintFleet Enterprise Security Overview

IBM. Vulnerability scanning and best practices

How To Get Started With Whatsup Gold

WhatsUpGold. v3.0. WhatsConnected User Guide

Using SolarWinds Orion for Cisco Assessments

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

WhatsUp Gold 2016 Getting Started Guide

PrintFleet Enterprise 2.2 Security Overview

HP Web Jetadmin IP Range Discovery

Configuring WMI Performance Monitors

These options allow you to define baseline settings for how scanning will occur on your network

DNA. White Paper. DNA White paper Version: 1.08 Release Date: 1 st July, 2015 Expiry Date: 31 st December, Ian Silvester DNA Manager.

There are numerous ways to access monitors:

Windows 2003 Performance Monitor. System Monitor. Adding a counter

MANAGING NETWORK COMPONENTS USING SNMP

E- SPIN's IPSwitch WhatsUp Gold Network Management System System Administration Advanced Training (5 Day)

6.0. Getting Started Guide

TSM Studio Server User Guide

DISCOVERING DEVICES CONTENTS. using HP Web Jetadmin

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Understanding Slow Start

Chapter 4 Managing Your Network

Using IPM to Measure Network Performance

SyncThru TM Web Admin Service Administrator Manual

Printer Management Software

FreeFlow Core, Version 4.0 August P Xerox FreeFlow Core Security Guide

Configuring SNMP Cisco and/or its affiliates. All rights reserved. 1

Configure a Microsoft Windows Workstation Internal IP Stateful Firewall

ITEC310 Computer Networks II

SOLARWINDS ENGINEER S TOOLSET FAST FIXES TO NETWORK ISSUES

TSP s RIM Package. TSP s Innovate. Server Monitoring Services Top 10 Monitoring Parameters. Firewall Monitoring Services Monitoring Parameters

Chapter 3 Restricting Access From Your Network

MFPConnect Monitoring. Monitoring with IPCheck Server Monitor. Integration Manual Version Edition 1

Running custom scripts which allow you to remotely and securely run a script you wrote on Windows, Mac, Linux, and Unix devices.

NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1)

OSBRiDGE 5XLi. Configuration Manual. Firmware 3.10R

Access5800 Firmware Version 1.6 Release Notes 2/28/03

Rebasoft Auditor Quick Start Guide

Introduction Installation firewall analyzer step by step installation Startup Syslog and SNMP setup on firewall side firewall analyzer startup

Legal Notes. Regarding Trademarks KYOCERA Document Solutions Inc.

Features Overview Guide About new features in WhatsUp Gold v12

IP Filter/Firewall Setup

Network Management and Monitoring Software

HP OpenView Operations 7.x for Windows. Firewall Configuration white paper. Version 2.2. Publication Date: 08/2003

SyAM Software Management Utilities. Creating Templates

Management, Logging and Troubleshooting

Analysis of a DDoS Attack

Version 5.12 December P Xerox CentreWare Web Installation Guide

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

Discovery, Deployment, and Retirement Reference

PrintFleet Printer DCA

SNMP Protocol for Easy Network Management

SapphireIMS 4.0 BSM Feature Specification

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

PRINT FLEET MANAGER USER MANUAL

Configuring an APOGEE System on an IT Infrastructure White Paper

Configuring and Monitoring the Client Desktop Component

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Assignment One. ITN534 Network Management. Title: Report on an Integrated Network Management Product (Solar winds 2001 Engineer s Edition)

How To Set Up Foglight Nms For A Proof Of Concept

pt360 FREE Tool Suite Networks are complicated. Network management doesn t have to be.

Security Toolsets for ISP Defense

How To Configure Virtual Host with Load Balancing and Health Checking

HP Device Manager 4.6

WhatsUp Gold v11 Features Overview

Multi-Homing Dual WAN Firewall Router

Integration Guide. Help Desk Authority, Perspective and sl

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

PrintSuperVision 4.0. Enterprise and Professional Editions. Installation, Configuration and Users Guide

WHITE PAPER September CA Nimsoft For Network Monitoring

theguard! Service Management Center (Valid for Version 6.3 and higher)

TELE 301 Network Management

HP Insight Management Agents architecture for Windows servers

Managing Central Monitoring in Distributed Systems

Configuring Health Monitoring

CentreWare for Microsoft Operations Manager. User Guide

Manager. Configuration Guide. ICS Software Solutions Clarendon House Church Lane Naphill HP14 4US Buckinghamshire

WHITE PAPER OCTOBER CA Unified Infrastructure Management for Networks

Installing and activating the DCA

A Guide to Understanding SNMP

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

Transcription:

SiteAudit Knowledge Base Network Traffic March 2012 In This Article: SiteAudit s Traffic Impact How SiteAudit Discovery Works Why Traffic is Minimal How to Measure Traffic Minimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized. Network Traffic Traffic can also be impacted based upon the way the network is designed and the number of networks, and its sub-netting and routing. This latter variance is of course true for any network application. SiteAudit follows the "good citizen" principle of being unobtrusive and not adversely impacting the resources available to others in the environment. What is the traffic impact? During normal operations the traffic impact cannot be measured, as it is minimal. There is no measurable impact on the network s bandwidth and quality of service. If 'Discover networks automatically' is selected, SiteAudit will use broadcasts to find networks and devices. Broadcast can be disabled and discovery scoped to suite your environment. During the discovery cycle network traffic is measured at about 3%-to-5%. This is the peak for SiteAudit. SiteAudit allows IP network discovery information to be imported to facilitate quick and easy setup. (See Knowledge Base article Importing Data ). How Discovery Works If desired, SiteAudit is designed to discover all printer assets. Broadcasts, if enabled, are sent during the discovery cycle only. Broadcast packets are of the following types: SNMP ICMP The discovery process works as follows: 1) For each network on the list that is included determine the addresses in that list 2) Determine if any of these addresses are excluded (either via another network or via a range) Netaphor SiteAudit Software Rev. 3.2

3) For an included address send an ICMP packet to that address 4) If the address responds to ICMP 5) Determine if it supports SNMP, use each of the specified community strings to determine which community string should be used 6) SiteAudit scans the following ports to find printers: Port Protocol Description 161 UDP SNMP to see if SNMP is available. SNMP is used to collect data 80 TCP HTTP to see if there is an embedded web server. HTTP is used to collect data 9100 TCP Print protocol for printers, used to collect data 1650 TCP Same as 9100 135 TCP/UDP RPC, used to detect a Windows host for directly connected printers 631 TCP/UDP IPP print protocol, used to collect data 7) If it supports the Standard Printer MIB then it is a networked printer 8) If it supports SNMP but not the Standard Printer MIB and it supports Port 9100 (or equivalent) then it is a networked printer. 9) If it responds to ICMP but is not a networked printer determine if it serves Port 135. 10) If it supports Port 135 attempt to connect using WMI and one of the provided credentials 11) If the credentials worked, determine if there are any local printers or print queues on this host 12) The discovery process also scales to use multiple threads and connections depending on the host that it is running on and the resources Discovery Scans Timing The length of time that a discovery scan takes depends on a number of factors. These factors include: 1) The host that SiteAudit is running on and the resources available on that host (i.e. processor, memory, network bandwidth). 2) The number of network addresses to be scanned. 3) Network bandwidth including the bandwidth of all of the networks that have to be scanned 4) Density of the networks and ranges that are to be scanned. Sparsely populated networks will take significantly longer to scan. This is due to the fact that in sparsely populated networks a number of addresses will not respond to ICMP which in turn will require retries after the timeout period which causes the scan for these networks to last longer. 2012 Netaphor Confidential CHANNEL PARTNER ONLY 2 Last Updated: 3/5/2012

The discovery scan is scheduled to run in 7 day intervals. For example, if the discovery scan takes 2 days to complete, the next scan will begin in 5 days. If a discovery scan takes longer than 7 days, the next one begins upon completion of the previous scan. Why Traffic is Minimal SiteAudit data collection can be characterized as a slow, steady receipt of packets. This results in a smaller percent of the network bandwidth being used. In contrast, applications like Web JetAdmin send blasts over the network. As a consequence, these types of applications require scheduling of data collection, typically during off-peak hours. This is a product design difference that shows up in the timing of when data is available and the amount of network traffic generated. Collection by Data Type SiteAudit printer data is of two types: Volatile Data (Data that can change frequently): - Page Counts - collected every 3 hours - Print Jobs collected every 4 hours - Toner Information - collected every 40 minutes - Alerts - checked for changes every 10 minutes - Thresholds checked every 30 minutes - Device Status checked every 10 minutes - Move Add Change checked every 10 minutes Stable Data: (Data that does not change frequently) - Network and Identification information - Checked every 12 hours - Configuration Information (input/output options) - Checked every 12 hours SiteAudit also stores data about addresses that are discovered by SiteAudit but are not printers. This data includes SNMP Information, Port Information For Windows hosts, Make/Model/Last Reboot time and Logged in User. For Windows hosts that are print servers and have queues located on them, SiteAudit will also collect job data (if configured to). 2012 Netaphor Confidential CHANNEL PARTNER ONLY 3 Last Updated: 3/5/2012

Network Traffic Volume Network traffic is dependent on the number of devices that SiteAudit is monitoring. The following factors go into calculating the number of packets: Discovery Traffic: - ICMP: An ICMP packet is sent to each IP address for each network on the list for discovery. If the broadcast address for a network is included then an ICMP broadcast is sent to that network. The packet is retried 3 times for devices that do not respond. - SNMP: An SNMP packet is sent to each IP address for each network on the list for discovery. If the broadcast address for a network is included then an ICMP broadcast is sent to that network. The packet is retried 3 times for devices that do not respond. The packet is retried for each community string in the list of community strings that are provided. This particular packet type can be reduced by removing community strings that are not required from the list of pre-seeded community strings that have been provided. - Port Scan: Each device that responds to an ICMP packet will also receive port scan packets. The port numbers that are scanned for each device are 161, 80, 8080, 9100, 1650, 631 and 135. All these are TCP ports with the exception of port 161 which is a UDP port. Each scan is retried 3 times. Monitoring Traffic: - Volatile data: This depends on the type of the device and the number of counters and consumable information available for each device. Advanced devices support about 20 counts. Each count requires one packet. Typical devices support 3-4 counts. Each packet is 512 bytes. There are no retries. Consumable data is similar to count data. Advanced devices support 3-4 types of consumables and each consumable has 6 pieces of information required for it. Thus, 18-24 packets for advanced devices may be required. Alerts are polled by examining the alert table. If there are no changes in the alert table then it is not retrieved. The alert table has 7 individual pieces of data for it that is retrieved. - Stable data: Typically about 100 packets of data per device are retrieved per day. Local Printers and Queue Data: - All of this data is retrieved using WMI. WMI uses RPC and windows authentication. 5 separate queries per host that is to be polled are issued. The packets are TCP and the size and number of the packets depends on the network packet size, the type of authentication present and the query being issued. SQL Traffic: SQL traffic is used to update the DB when data changes. This is TCP traffic to the server. SQL traffic also exists for queries between SiteAudit viewer applications and the database. The amount of traffic depends on the number of devices present, the maximum size of the network packet and the type of authentication used. The traffic is only between the hosts running SiteAudit and the SQL server. 2012 Netaphor Confidential CHANNEL PARTNER ONLY 4 Last Updated: 3/5/2012

Other Traffic: Other traffic may exist if email notifications need to be generated. Additionally, if scheduled reports are used then these reports will be emailed to the destinations. Email traffic is to the SMTP server. How to Measure Network Traffic Of course, quantifying and forecasting network traffic is difficult based on each environment. Among the variables is the network configuration, the device types, for example a high-end MFP with many whistles and bells does generate more messages than a desktop monochrome laser printer. While SiteAudit has not had a problem relating to generation of excessive network traffic, testing this in the customer environment is important. A simple way to do this is run a network analyzer application in a small test lab to see what traffic is generated. Netaphor can recommend a free application called Wireshark for testing. It is available at www.wireshark.com/. 2012 Netaphor Confidential CHANNEL PARTNER ONLY 5 Last Updated: 3/5/2012

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information