NetMon Deep Packet Analytics

Available Functions

• Determine Flow State
• Access Metadata
• Packet-Level Functions
• Alarming and Capture
• Custom Metadata Fields
• Logging

Deep Packet Analytics System Rules

• Data Rules
• Phishing Rules
• Suspicious Behaviors
• Operations and Company Policy Rules
• Add a Custom DPA Rule to NetMon

Deep Packet Analytics Rule Examples

• Alarm for HTTPS Protocol Mismatch
• Capture Traffic from Specific IPs
• Classify Custom Networks
• Classify Newegg Traffic
• Detect Applications in Flow
• Detect External Network Traffic
• Detect Protocol Mismatch
• Detect Reverse PowerShell
• Detect SMTP Domain Mismatch
• Detect TLS Version
• Display Hex Dump for DNS Traffic
• Get Content in Flow
• Get FTP Data Content in Flow
• Get Metadata Fields from DpiMessage (String, Int, Long)
• Get or Set Custom Fields
• Get Packet Length
• Get Packet String
• Get Payload Length
• Get SMTP Content in Flow
• Get Strings as Table
• Get VLAN Offset
• Trigger User Alarms

Manage Deep Packet Analytics Rules

• Download Deep Packet Analytics Rules
• View a System Deep Packet Analytics Rule
• Edit Custom Deep Packet Analytics Rules
• Delete Custom Deep Packet Analytics Rules
• Add Custom Deep Packet Analytics Rules