Hi. I need to monitor and analyze Citrix traffic and I am not sure where to start.
Versions :
Orion Platform 2013.2.1,
IPAM 4.0, NCM 7.2.2,
NPM 10.6.1,
NTA 4.0.3,
UDT 3.0.2,
IVIM 1.9.0,
VNQM 4.1
Hi astral,
When you say you want to analyze Ctitix traffic, what sort of detail are you looking for? Do you just want flow type information (IP addresses, volumes) or do you want to do a deeper dive into the taffic and report on applications and associated metadata?
Darragh
Thank you for your reply. I need to do both. Especially with in house applications that we use.
First up if you have not done so already you may want to consider virtual IPs. More reading here - http://support.citrix.com/article/CTX111898
That will give you network data to work with as you will be able to see what session is connecting to what. Next up you would need to monitor the traffic going to and from your Citrix servers. Either use flow capture if your switch supports it or setup a SPAN or mirror port. Looks like you have NTA already so you could use this to process the flows or if want want to look further into the traffic try something like LANGuardian. It does deep packet inspection to extract metadata from packets and integrates with Orion
NPM 11 may be another option if you are after application names and timing info.
As each session will have its own IP you can cross reference your AD logs to see what user is associated with the activity
Hope this helps,
Thank you very much for you reply . This really helped. cheers!
