Configuring the Flow Inspection Level
Flow Inspection Level | Description |
---|---|
Basic | Lowest level of inspection. Flows are detected by 5-tuple, and the number of bytes and packets that are flowing in each direction are counted. |
Enriched | Each flow is identified and inspected by one of the protocol or domain inspectors, and many kinds of attributes can be generated from that inspection. |
Advanced | The default setting. The highest level of inspection. Flows are subjected to more rigorous content extraction processes, including scanning and inspecting the content of the files that it finds. |
By default, the Flow Inspection Level for each appliance is inherited from the global setting that is defined in the System Settings on the Admin page. When you change the global setting, the new value is inherited by all Network Insights appliances that are configured to use the global setting. This includes new appliances that you add after the setting is changed.
For the Network Insights appliances, you can override the global setting by configuring a custom inspection level for the individual appliances.
Deploy the Network Insights Processor.