〈Cause Investigation〉

Upon checking the traffic statistics of the Internet Gateway using the MRTG tool, it was observed that the downstream (from the internet to Company A) traffic reached almost the bandwidth limit (100 Mbps) and remained at that level throughout the morning of that day (see the blue broken line graph in Figure 2).

When checking the trend of internet traffic via the Proxy servers using NetEyez connected to the mirror port of the server switch (see Figure 1), a similar pattern was observed (shown in the green line graph in Figure 3).

Furthermore, when examining the traffic rankings for individual hosts, it was observed that a specific user terminal (Host A) generated the highest amount of traffic, surpassing even the Proxy server responsible for handling the entire organization’s web communication (see Figure 4).

Upon checking the partners of Host A, it was found that the majority of the traffic was internet communication through the Proxy servers (see Figure 5).

Checking the web end-to-end analysis screen of NetEyez revealed that a significant number of HTTP commands are being issued by Host A to an online storage on the Internet (Figure 6).

〈Solution〉

A Significant Amount of Data Downloaded

Upon conducting an interview with the user of Host A, an IT department learned that there was a significant amount of data downloaded from an online storage on the Internet during the morning of the same day. Company A typically experiences higher network traffic on Monday mornings after holidays, but this user’s activity coincided, leading to network congestion.

Company A had plans to expand the bandwidth of the internet connection. However, in the meantime, the user of Host A was requested to perform tasks involving large data transfers during time periods that would have minimal impact on the regular tasks of other employees.

Click here for details about NeEyez.