TABLE OF CONTENTS It is an unfortunate fact of life that network security is only glamorous to geeks. For everyone else, seeing an IDS purr away, or watching swatch grind through gigabytes of log messages is pretty dull, and more importantly, meaningless. There will inevitably be occasions where you need to demonstrate the state of your network to a less-technical audience. In some cases you need to justify a recent expense, in other cases you may need to provide support for a proposed expense. It is at these times that some useful tools to help turn the bits and bytes into graphs can go a long way. We covered Wireshark extensively in Chapters 7, 8, and 9. So in this chapter, we will focus on additional tools for data analysis and network troubleshooting.
If you ve ever been in a position to request approval to upgrade your Internet bandwidth, one of the first questions that often comes up is, What are we using the bandwidth for now? You don t want to have to admit you don t have any idea. In these cases, some type of reporting mechanism on network traffic would come in really handy. Or maybe the Internet responsiveness is slow because your Internet connection is being saturated and you want to know what it s being used for. A report based on the protocols and ports being used would do the job nicely. There are administrative uses for traffic statistics, but where does security fit...
