Hi,
Is it possible to monitor Internet usage by endpoints, right down to accessed URLs, using NTA? Pls advise.
Hi ugo.ahukannah@heineken.com
First up some interesting reading at this link on the subject. Most flow type data does not include packet content information like URL's.
Loopback Mountain: Why NetFlow Isn't A Web Usage Tracker
Other device features like Cisco NBAR will allow you to identify HTTP traffic but from what I hear it is hard to get good reporting of URL activity using this protocol. One way to address your needs is to use deep packet inspection technology which can extract the URL and URI information from the HTTP headers. We develop one such product called LANGuardian which can also integrate with SolarWinds Orion. Your can try out a demo at the link below. Drill down on the domain in the middle resource and you will see URL and URI information. This can also be associated with usernames through AD integration
demo2.netfort.com/Orion/SummaryView.aspx?viewid=31&AccountID=guest
Many of our customers are using LANGuardian this week to track down hosts which are downloading Windows 10 upgrades which is a subject I covered in my latest blog post.
Hope this helps,
Darragh
