NEW

The True Cost of a Security Breach

Products
Solutions
Why ExtraHop
Blog
Resources

Products

Security

Performance

RevealX platform

Deployment

Integrations

Network Detection and Response

RevealX NDR

Harness network visibility to reduce cyber risk and detect, investigate, and respond to threats.

Experience NDR

Capabilities

FAQs

Security Modules

Extend your network security

Intrusion Detection System

Forensics

Network Performance Management

RevealX NPM

Anticipate network disruptions, rapidly respond to incidents, and ensure availability across your enterprise.

Experience NPM

Capabilities

FAQs

Performance Modules

Extend your visibility

Forensics

Solutions

Security Use Cases

Performance Use Cases

Business Initiatives

Industry

Solutions

Ransomware Attacks

Detect ransomware at every step in the attack chain.

Advanced Threat Hunting

Proactively hunt for known and unknown threats on your network.

Threat Detection and Response

Discover how network visibility speeds threat detection, investigation, and response.

Network Forensics and Investigation

Accelerate incident response with 90 days of traffic look-back.

Security Hygiene

Get visibility into all devices on your network to strengthen security hygiene.

Cloud Workload Security

Defend critical cloud workloads from advanced threats with RevealX.

Operational Resilience

Build operational resilience at scale with powerful network performance monitoring.

Troubleshooting and Resolution

Move from alert to insight in three clicks or less.

Cloud Migration

Secure your cloud migration with application-layer visibility, asset discovery, and monitoring.

Cloud Workload Monitoring

Keep critical cloud workloads free from IT disruption.

Network Forensics

Accelerate root cause analysis with an extensible packet capture repository.

Zero Trust

Discover how RevealX supports a zero trust security architecture.

Multicloud & Hybrid Cloud Security

Enhance cloud security with agentless network detection and response.

XDR Strategy

Learn why NDR is essential to XDR strategies.

SOC Modernization

Maximize SOC efficiency and take threat response from reactive to proactive.

Financial Services

Seize business opportunities, accelerate IT transformation, maintain customer trust.

Education

Protect our kids and the education system from disruption.

Public Sector

Maintain the security and resiliency of vital public services.

Federal Civilian Agencies

Accelerate cyber modernization and meet national security mandates.

Defense and Intelligence

Achieve operational resilience and preserve the cyber advantage.

State and Local Government

Keep every digital interaction with constituents safe and secure.

Why ExtraHop

Partners & Integrations

Professional Services

Customer Support

Why ExtraHop

Customer Stories

News

Careers

Partners & Integrations

Our partners help extend the upper hand to more teams across more platforms.

Technology Partners

Discover how easily RevealX integrates with other leading security solutions.

Channel Partners

Explore the benefits of our partner program and become a partner.

Managed Service Providers

Gain the benefits of RevealX without having to manage it yourself.

Become a partner

Professional Services

Accelerate time to value with RevealX through our robust training and professional services offerings.

Service Credits

Explore our straightforward, credit-based packages for professional services.

Professional Services Integrations

Resident Experts

Augment your team with a dedicated or partially dedicated ExtraHop solutions architect.

Deployments

Let us deploy and configure your ExtraHop appliances.

Customer Support

Experience the dedication and passion of our world-class global support team.

Customer Community

Connect with peers and learn from ExtraHop engineers in our thriving community.

Technical Support

Exceptional support for our exceptional customers

Education Services

Explore our expert-delivered, live and virtual training and certification offerings.

Blog

Cybersecurity news and analysis, insights and perspectives from CISOs, threat briefings, and company announcements.

Explore all articles

Topics

C-Level

Security Threats

Company

Products

How-To

NDR

NPM

Ransomware

Zero Trust

Resources

Learn about the value and capabilities of RevealX through analyst reports, videos, and more.

Explore all resources

Content categories

Reports

Demos & Videos

Customer Stories

Webinars

Papers & E-books

Data Sheets

Products
Solutions
Why ExtraHop
Blog
Resources

Blog

FTP Dashboard: Detect and Mitigate FTP Data Leaks

Ken Pickles

February 5, 2015

Most administrators rarely understand their FTP traffic profile until it's too late. The following are some basic questions every administrator should know when trying to secure their data:

How many systems are running the FTP service?
What are the most active FTP nodes?
Who are the most active users?
How much throughput does FTP consume?
What are the most requested files?

My kneejerk reaction was to turn to the ExtraHop community. It's a burgeoning ecosystem of users collaborating and sharing to solve similar problems. I found a number of users with similar needs but no published solution, so I thought, "OK, let's do it!"

Identifying FTP Nodes

The Most Active FTP widget shown below tracks internal and external FTP requests and responders in real time. This provides a simple interface that quickly recognizes FTP talkers and list them by volume. If you see unusual communication with an unauthorized node you can promptly take action. If you believe there is a data leak this would be a great starting point to investigate further.

FTP most active requesters

FTP most active responders

Identifying FTP Users

FTP requests by users

Identifying Files Sent Over FTP

FTP requests by file 2

FTP Server Resources

FTP RTT vs processing time

FTP Status Codes

FTP status codes

Summary

Get an up-to-date list of available bundles.

Discover more

TechAnalysisGood ReadsGood Reads

Experience RevealX NDR for Yourself

Schedule a demo