Showing results for 
Search instead for 
Did you mean: 
Level 7

Identify SQL traffic

Which is the best way to configure NPS to detect and log all traffic (god and bad) going to an SQL Server from a specific subnet?

0 Kudos
2 Replies
Level 13

Re: Identify SQL traffic

Hi Guillote,

You can use the Packet Capture option at Devices > (Sensor_Name) > Troubleshooting > Packet Capturing > Capture Now and specify the destination address.


0 Kudos
Level 12

Re: Identify SQL traffic

I'm not sure I understand your question... Where do you have the IPS sensors?

Is the traffic going through the devices? If the answer is Yes, then you already have visibility on that traffic.

If the answer is no, then you need to find a way to route the traffic through an IPS device or mirror the subnet traffic and send it to a SPAN port on an IPS sensor

0 Kudos