I would like to see an improvement in the DNS resolution.
For example, if the DNS cannot be resolved, perhaps NTA can do a whois lookup to give the domain that owns the block that the IP address resides in. Recently I saw high traffic on an unresolved IP address within NTA and the manual lookup could not resolve the IP address. When I did a whois lookup on from an Internet web site it showed that the IP address belonged to www.youtube.com. Knowing what web site is being accessed allows me to determine if the traffic is work related or not. It would be much easier if NTA would display this information rather than me having to look it up manually.
Would be very useful to have 'View Options' on NTA Top XX graphs like on all other charts. I'm just preparing new summary view of Last Month and added Top 5 Applications graph but it has only default time setup and no way to customize it:
Maybe you know any tricky way to have 'View Options' on customized views outside NETFLOW menu but I can not find it.
My installation: Orion Core 2011.2.1, APM 4.2.0 SP1, NPM 10.2.1, NTA 3.8.0, IVIM 1.2.0
I've had several requests for this. Everyone wants to be able to view more than 15 minutes, but they don't want to wait 5 minutes every time for the page to load an hour of data. It would be really nice for them to be able to select the time period they want to see.
not sure if this is a feature request, or just me not know the product that well. We have ALOT of streaming video floating around on our network - we have something like 200 IP based cameras installed, and probably as many folks trying to watch them.
With NTA, i can see traffic to our video servers, but its all "Unmonitored Traffic". I hope over to the NTA settings and see that RTP isnt in the list of managed protocols. I also see that I cannot ADD a protocol.
My questions/request is -
1. Will we (users) be able to add custom/missing protocols in the futre?
2. Can we please get RTP added?
It would be awesome if the Manage Sources had the tree structure like the Nodes in NPM. We have a lot of Netflow sources and we would really like to organize them a little better than listing everything in alphabetical order.
I believe the below can be easily developped as a new feature which is not time consuming at Lab levels side
Looking for a way to filter out unwanted incoming NetFlow traffic. We wish if there is a Configuration form that enables us to define filters to utilize only the relevant flow packets for traffic flow monitoring. The filtering mechanism shoul enable to either drop or keep flow packets based on the filter definitions that we create.
Filters based on:
§ · IP address of the system where the flow collector is located.
§ · IP address of the system where the traffic flow originated.
§ · IP address of the system where the traffic flow terminated.
§ · Protocoused by the traffic flow.
§ · SNMP index of the egress interface
§ · SNMP index of the ingress interface
§ · Ingress port
§ · TCP flag of the traffic flow
§ · Type of Service property of the traffic flow
This is a major performance improvement (storage) and technically easy for Labs to develop in future release of NTA I believe