Hi Community,
How can you monitor if someone plugs in a unrecognized network device or computer in your network, excluding wireless?
Solarwinds UDT can do this. I know you can disable networking on an active node for say virus containment..etc. You might be able to use LEMs snort to accomplish this, or if you had another sniffing device in your network sending its logs to LEM. If your trying to find a rouge DHCP server for example. You may be able to find the information in some of LEMs reports as well. But in the end LEM is really just a receptacle its going to depend on what network devices you have sending their logs to LEM, and how verbose those log settings are. If you do find a quick and easy solution that works for you please let me know.
Hi There,
Agree with evanr there, UDT will keep a database of what devices are connected to what ports. When it comes to monitoring devices on a network we develop a product called LANGuardian which integrates with Orion applications. It uses a deep packet inspection engine to collect device and application data from network packets so you dont need to worry about installing agents or enabling logs on client systems. You can see what the integration with UDT looks like in this short video
Darragh
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.