We have NetFlow Analyzer set up to monitor our edge routers.

In particular I want to monitor bandwidth utilization between one of our firewalls and a remote site.  Al traffic is through an IPSEC tunnel.  The far end is a 10Mb connection and my end is 200Mb.

The IP group is set to include the IP address of the far end of the VPN tunnel.  

If I go to the IP Group -> Traffic -> Speed I get  (Last 24 Hours):

Total      102.72GB

Max      645.97 Mbps

Min       0.0

Ave      9.5 Mbps

95%       51.68

There are a lot of spikes in the graph

When I change the Data points from 1 minute to 5 minutes

Total      20.54 GB

Max      137.06Mbps

Min      0.0      

Avg      9.47 Mbps

At 15 Minutes

Total      6.84 GB

Max      54.45 Mbps

Min      122.45 bps

Avg      9.41 Mbps

95%      42.05

Why does the total change depending on the data point time average?  

How can the 95% be at 40Mbps if I only have a 10Mbps connection at the other end?

If I look at the data points where the spikes are, I see traffic as high as 800Mbps.  How can that be?

Most of the traffic is overnight backup between sites, I can see from the graph that it pretty much runs from 6:00PM to 6:00AM and that matches our backup software logs.  If I am only maxing out my connection for 50% of the time shouldn't my average be around 5%?

Am I missing something or do I have something configured incorrectly?

Really what I need is to accurately measure total transfers in a 24 hour or weekly period and how much bandwidth they are using.