[unisog] Quota system based on netflows

Glenn Forbes Fleming Larratt gl89 at cornell.edu
Tue Jan 30 14:41:12 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We let economics dictate bandwidth limiting (from Cisco routers' NetFlow 
data):

   http://www.cit.cornell.edu/ncs/netrates/

Pro: self-policing
Con: overhead of monthly billing, appeals, angry parents, etc.

We have other pieces of infrastructure that look for usage "spikes",
as these are better indications of possible security issues.

- --
Glenn Forbes Fleming Larratt
Cornell University IT Security Office

On Mon, 29 Jan 2007, Joe Bazeley wrote:

> We're looking to implement a bandwidth-limiting system for our
> residential users, something on the order of "if you use more than X
> gigs in a 24 hour period we'll put a bandwidth cap on your connection
> until the time period resets".  I've heard other schools do this by
> monitoring netflow data and putting some scripts together around that
> data.  If there are any schools who have implemented something like this
> in a Cisco environment and would be willing to answer some questions
> about their setup, please send me an email and I'll follow up with
> specific questions.
>
> Thanks,
>
> Joe Bazeley
> Loyola University Chicago
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFFv1kNLyw7nZwiKgQRAnKSAKCyO0X8LrKyelTFvnqhnqiXJ0OCdwCeOuI0
0PrWr1hVVnUUWipk/4dWFe4=
=zBYt
-----END PGP SIGNATURE-----


More information about the unisog mailing list