cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

How to identify traffic/file types

Hi, I'm very new to NTA, and am wondering if its possible to identify the file names/types that users are downloading on the network?

For example,

I drilled down into Top conversations, and found a user who has ingress of 1GB of data. Drilling further down, however, I can only see either the IP address or the domain of the host where the Ingress flow came from. It doesn't show what activity/type of traffic the user was using.

Thanks

Labels (2)
0 Kudos
2 Replies
Level 12

NetFlow technology does not have the capability to identify the downloaded file type. NetFlow data exported from your device tells you the source and destination IP address, source and destination port, and protocol used, among other things but no information on what was the actual message content or what was being downloaded. Because of this tools such as SolarWinds NTA can only tell you the IP address involved and the application/protocol used for the download.

0 Kudos

Hi There,

I agree with donthomas, NetFlow will only focus on IP addresses, ports and traffic volumes. If you want to understand more about applications and users you need to look at network packets (deep packet inspection). To give you an idea what can be done we have integrated our LANGuardian product with Orion so that you can really see what users are doing on your network. You can access a demo of the integration at this link:

http://demo2.netfort.com/Orion/SummaryView.aspx?viewid=1

The video below also shows this integration in acttion.

Darragh

0 Kudos