Distribution by protocols shows contribution of each protocol to the specific traffic. 

To view traffic distribution by protocol:

  1. Choose a node type (Exporters, Traffic Patterns, Subnet Sets or Favorites) from the accordion in the Menu Panel
  2. Select desired node from the Node Tree
  3. Choose Protocol from the Tab panel

 

 

NetVizura NetFlow - Top talkers by Protocols

 

Usually, most of traffic (around 90%) will belong to TCP and UDP network protocols. If protocols other than TCP and UDP have considerable traffic, this may be a sign of a security threat. Click on the name of the protocol in the table to isolate it (show traffic for that protocol only).
If you want to take a closer look at protocols other than TCP or UDP you can create a Traffic Pattern excluding TCP and UDP protocols. For more details on how to do this, see Fine-tuning a Traffic Pattern.

The screenshot above indicates that on the San Francisco exporter TCP and UDP are the main protocols. Other protocols with minor traffic are also presented.

  • NetVizura gives the possibility of viewing the traffic which is transferred over IP protocols (such as TCP, UDP, ICMP, etc.). All protocols are monitored and analyzed over a standardized protocol number used in IP packets and received from netflows.
  • In order to perform the network traffic analysis in a way that best suits your needs, you might need to define some protocols not included in NetVizura. To learn how to define new protocols, go to Configuring Protocol

 

  • No labels