Facebook is Hurting your Bandwidth?

Overview
Many of us mix a bit of our personal internet hobbies with the time we spend at work. How this is justified differs from person to person, but the impact our personal internet usage can have on the corporate network can be harmful to business operations.

Take Facebook.com for example.  I checked out several photos posted by my friends and posted a few comments.  Minutes later I went into Scrutinizer and viewed he Top Domains gadget in Flow Analytics and noticed that Facebook.com was now in the top 10.

I then drilled in and found that I was the one causing the traffic:

DoD blocks Facebook.com
It is no wonder that the Department of Defense and other organizations are now blocking these popular social-networking sites.  Not only do they take bandwidth away from business operations, they can also cause additional DNS look ups for the ads they display.

Blocking Facebook may not be Smart
Blocking them may not be the answer as marketing departments are finding that the ‘permission’ based marketing opportunities these sites offer can be very helpful to the company’s sales.  Perhaps a memo to employees on appropriate internet usage is a better strategy?

Introducing Cisco AVC: The latest exports today from Cisco routers allow us to monitor Facebook traffic in two new and improved ways:

1. Routers now export NBAR in NetFlow which forces the router to observe a series of packets to identify applications such as Facebook, Linkedin, iTunes, etc.
2. Cisco AVC support is now available in IOS where the router exports IPFIX with details on the HTTP Host connected to.  This is a very effective method and it includes the above NBAR feature!

When I wrote this blog, the only method to track Facebook traffic was by using DNS on IP address which in many cases is only about 25% effective. Cisco AVC is a sure bet when trying to monitor Facebook traffic.