Thank you for the video-it was very helpful. I have a question regarding your explanation. From what I understand, for both NetFlow v9 and Encrypted Traffic Analytics (ETA) to function properly with XDR (via the ONA sensor), only the specified 9-tuple fields can be used, as the receiving system will handle only these nine fields simultaneously. Is my understanding correct? Additionally, what would happen if optional fields were included-would they be ignored, or could this cause issues with the data processing? Looking forward to your insights
That has been my observation as well (the 9-Tuples). In fact, I think I'm going to update this video to reflect that and a few other items as well. I'm going to test your question in the lab to get the right answer. 'What happens to any extra fields besides the standard 9-tuples when also sending ETA.' I'll ping you when I post it.
Thank you for the video-it was very helpful. I have a question regarding your explanation. From what I understand, for both NetFlow v9 and Encrypted Traffic Analytics (ETA) to function properly with XDR (via the ONA sensor), only the specified 9-tuple fields can be used, as the receiving system will handle only these nine fields simultaneously. Is my understanding correct? Additionally, what would happen if optional fields were included-would they be ignored, or could this cause issues with the data processing? Looking forward to your insights
That has been my observation as well (the 9-Tuples). In fact, I think I'm going to update this video to reflect that and a few other items as well. I'm going to test your question in the lab to get the right answer. 'What happens to any extra fields besides the standard 9-tuples when also sending ETA.' I'll ping you when I post it.