This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

How to identify traffic/file types

Hi, I'm very new to NTA, and am wondering if its possible to identify the file names/types that users are downloading on the network?

For example,

I drilled down into Top conversations, and found a user who has ingress of 1GB of data. Drilling further down, however, I can only see either the IP address or the domain of the host where the Ingress flow came from. It doesn't show what activity/type of traffic the user was using.

Thanks

Parents
  • NetFlow technology does not have the capability to identify the downloaded file type. NetFlow data exported from your device tells you the source and destination IP address, source and destination port, and protocol used, among other things but no information on what was the actual message content or what was being downloaded. Because of this tools such as SolarWinds NTA can only tell you the IP address involved and the application/protocol used for the download.

  • Hi There,

    I agree with donthomas, NetFlow will only focus on IP addresses, ports and traffic volumes. If you want to understand more about applications and users you need to look at network packets (deep packet inspection). To give you an idea what can be done we have integrated our LANGuardian product with Orion so that you can really see what users are doing on your network. You can access a demo of the integration at this link:

    http://demo2.netfort.com/Orion/SummaryView.aspx?viewid=1

    The video below also shows this integration in acttion.

    Darragh

Reply Children
No Data