Many of us mix a bit of our personal internet hobbies with the time we spend at work. How this is justified differs from person to person, but the impact our personal internet usage can have on the corporate network can be harmful to business operations.

Take Facebook.com for example.  I checked out several photos posted by my friends and posted a few comments.  Minutes later I went into Scrutinizer and viewed he Top Domains gadget in Flow Analytics and noticed that Facebook.com was now in the top 10.

Top Domains Gadget

I then drilled in and found that I was the one causing the traffic:

Details on who is hitting facebook.com
DoD blocks Facebook.com
It is no wonder that the Department of Defense and other organizations are now blocking these popular social-networking sites.  Not only do they take bandwidth away from business operations, they can also cause additional DNS look ups for the ads they display.

Blocking Facebook may not be Smart
Blocking them may not be the answer as marketing departments are finding that the ‘permission’ based marketing opportunities these sites offer can be very helpful to the company’s sales.  Perhaps a memo to employees on appropriate internet usage is a better strategy?

Introducing Cisco AVC: The latest exports today from Cisco routers allow us to monitor Facebook traffic in two new and improved ways:

  1. Routers now export NBAR in NetFlow which forces the router to observe a series of packets to identify applications such as Facebook, Linkedin, iTunes, etc.
  2. Cisco AVC support is now available in IOS where the router exports IPFIX with details on the HTTP Host connected to.  This is a very effective method and it includes the above NBAR feature!

When I wrote this blog, the only method to track Facebook traffic was by using DNS on IP address which in many cases is only about 25% effective. Cisco AVC is a sure bet when trying to monitor Facebook traffic.

Mike Patterson author pic


Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.