Router traffic analysis

Routers are critical network infrastructure components that need to be monitored at all times. Regularly monitoring routers helps administrators make sure that routers are communicating properly. Routine monitoring also sheds light on the traffic that passes through the network. Analyzing router traffic lets security admins identify possible network incidents early on, therefore avoiding downtime.

At a bare minimum, there are few simple but essential router details admins need to know. Basic router traffic data include:

• Denied and allowed traffic based on source and destination.
• Protocol-based traffic like TCP, UDP, and ICMP.
• Denied ARPs and permitted ARPs.
• Denied traffic based on DHCP snooping.

EventLog Analyzer is an ideal router traffic analyzer and allows you to monitor router traffic in real-time, extract useful information from router syslogs. Router traffic log reports are categorized into the following sections: 

Router traffic report by protocol

Conduct an in-depth traffic audit and obtain a complete overview of all the traffic that passes through a router. Track router traffic based on different protocols such as TCP, UDP, and ICMP, including the top traffic connections based on protocol and source. 

Router traffic errors

Keep track of router transmission errors, such as when there are too many fragments, when fragments overlap, or when a fragment length is invalid. View reports for permitted and allowed ARPs or denied traffic based on DHCP snooping.

Router accepted connections

Reports on router connection logs allow you to review accepted connections to visualize the kind of traffic navigating through your network. View information on all successful connections based on authorization, source, destination, protocol, and trend.

Router denied connections

Look up denied router connections to see what kind of traffic wants to enter your network and detect anomalies. Audit all denied connections based on source, destination, protocol, and trend.