Table of Contents
Advertisement
36
M
Y
ANAGING
OUR
Step 7
Step 8
Investigating Flows
N
A
ETWORK
CTIVITY
Inbound Local -The highest level of activity for inbound local bytes.
•
Inbound Remote -The highest level of activity for inbound remote bytes.
•
•
Outbound Local - The highest level of activity for outbound local bytes.
Outbound Remote - The highest level of activity for outbound remote bytes.
•
To continue investigating or to search flows, point your mouse to a TopN horizontal
bar and click the bar to freeze the information.
The bar becomes highlighted and the following appears:
Value - Displays the numeric value of network activity.
•
Rate - Displays the rate of transfer for the network object.
•
•
Percent - Displays the percentage of network traffic the object is producing.
To further investigate, select one of the following:
Point your mouse to the IP address to reveal the following details:
a
- Country - Identifies the country of origin.
- Network - Identifies the network location.
- Offenses - Identifies any previous offenses.
- Resolver Actions - Identifies Resolver Actions assigned to the IP address.
Double-click the horizontal bar to use the search flow function to investigate the
b
data.
You can investigate flows that were processed to generate the views. STRM
visually profiles and displays network traffic activity on color-coded graphs based
on time of day, traffic type, and network depth. STRM uses traffic profiles to
analyze the activity. It reveals details between local and remote activity allowing
you to analyze traffic and extract vital information on network communications. The
View Flows function connects you to the Flow Viewer tab functionality to assist you
in the discovery of communicating hosts, servers, ports, corresponding IP
addresses, and user identification for the selected traffic. This function also reveals
STRM Users Guide
Advertisement
Table of Contents
