3 Replies Latest reply on Jan 21, 2014 3:10 PM by jswan

    SHOULD NTA PROVIDE USER DETAILS?

    mebway

      I think we can all agree why we initially saw the value of using NetFlow for troubleshooting and to provide the necessary data for apply policies around managing the data that traverses our networks.  Now that your solution is in place and adoption activities are over now what? As my solution matures and new supporting processes are in place, I begin to look for ways to do more with the data that I am collecting. 

       

      I wanted to see what the community thought about the following questions.

       

      1. What is the benefit/use case for being about to see the actual user name logged into the device that is consuming the most data?
      2. Would you want NTA to handle directly or use another tool to pull that information?
      3. Which group(s) would benefit most from this? i.e network, security, etc.

        

        • Re: SHOULD NTA PROVIDE USER DETAILS?
          Radioteacher

          I have a link in Orion that pulls a report from SCCM.  The report shows the host IP, hostname andlast user to login to that host.

           

          All I do is search for the IP or hostname and it gives me the User ID from the report.  I then query the directory for the username and phone number.

           

          It would be nice if this was automated.

           

          RT

          1 of 1 people found this helpful
          • Re: SHOULD NTA PROVIDE USER DETAILS?
            jswan

            One thing you need to make sure that you do is to add a blacklist capability for AD accounts. We had User Device Tracker for a while but we had to get rid of it because of the lack of this feature.

             

            The problem is that we have a desktop management system that does logins to all workstations periodically, which would overwrite UDT's knowledge about the user login. There needs to be a way to tell any user-to-IP mapping feature that's based on AD logs to ignore all activity by a list of accounts.