NetScope Blog

When social media use is out of control

How can you tell if social media use is out of control?

Monitoring user social media activity can be quite tricky, for reasons outlined in this article. In short, because of Content Delivery Networks (CDNs) it is not easy to see the websites and social media apps that people are using on your network.

If we use conventional Internet monitoring

Using layer 3 and 4 of the OSI model we will get a lot of information on our Internet traffic. We can see at the port level we're getting some port 80 and port 443 traffic (http and https). However, at this level we don't know what websites users are visiting.

NOTE: Social media traffic is difficult to see with layer3/4

Let's look at our http(s) proxy server

What information can we get from our web/http(s) proxy server? Well a web proxy server, or a domain name server for that matter, will give you domain name information to go on.


What domain information can we see?

Some useful domains but a lot of Content Delivery Networks that obscure some application types

Look at the same traffic with Deep Packet Inspection

Deep packet inspection gives us application level monitoring

With deep packet inspection we get more information about each packet that travels to and from the Internet on our network. We can see past the content delivery network information which doesn't really tell us anything.

Much more useful information. In this chart we see applications

Findings and conclusion

With deep packet inspection we're able to quickly determine what users are actually doing on our network. In the chart above we have highlighted the social media sites that were accessed. We can also see other application types we may not want on our network, such as BitTorrent and Steam. What does this enable us to do?

  • Track social media use throughout the day
  • Determine if social traffic negatively impacts business application traffic
  • Find the local PCs/Macs/Phones which are accessing social media
  • With Active Directory integration and NetScope find out which users are responsible
  • Protect your important application traffic with QoS

What NetScope will do for you