Using Citrix AppFlow, IPFIX or Flexible NetFlow to Monitor Social Media traffic is available today but, it shouldn’t necessarily be your company’s deterrent strategy. In fact, you may not want to stop the use of social media during work hours however, you may want your network monitoring solution to help you determine how much bandwidth social media consumes and who the top people consuming bandwidth with social media are.  After all, social media is not the problem.  Bad behavior might be.

Key myths many employees believe about social media:


  • It’s protected under freedom of speech: Employees must understand that the First Amendment does not apply in the private workplace
  • I can post whatever I want away from work: Firing employees for unsettling speech made outside of the workplace is usually legal
  • I’m covered by the right to privacy: The right to privacy is different, and much more limited, in the workplace
  • I only told the truth: If it harms the company, the truth of what was said may not matter

Legal Rights: Social networking site traffic
Avant Resources offers a video that covers the legal side of what action a company can take against employees who engage in social media abuse.  It answers tough questions like: Can companies fire disgruntled workers who trash-talk bosses, pay or work conditions on social media networks?

Video on Social Media Use

The first amendment of the United States constitution is not protecting all behaviors.  In their course they claim to provide insight on:


  • The four-part test to ascertain legality of employment policies by the NLRB
  • The legal limits of a social media policy
  • How far employers can go in regulating off-duty conduct
  • Steps to drafting social media policies that work for your company
  • How and when it is acceptable to monitor employee activities
  • Genetic Information Non-Discrimination — what to do if you learn of medical conditions via social media
  • Why providing unlimited on-the-job Internet access poses risks for your company
  • What to do — and not do — when social media postings disparage your company, products or reputation
  • Social Media and confidential business information, misuse of company time, name, resources, offensive statements…

Monitor Facebook with NetFlow
Once everyone understands what is and isn’t OK to post on sites like Facebook we can then consider monitoring the traffic.  Our NetFlow collector reports on domains that could include thousands of IP addresses.  It also dynamically learns the IP addresses as they are discovered.  Nothing has to be defined.

I wouldn’t even consider a NetFlow or IPFIX reporting tool that forces you to enter ranges of IP addresses for a domain that you want to track traffic to.   IP addresses change and get passed around.  Statically assigning them to means they could be out of date in no time.  If you define a lot of domains this way, it doesn’t scale as it is way to difficult to manage.

Facebook Traffic Monitoring

Notice above the pagination for all the IP which make up  I can then change the report and find out who is receiving the most traffic from

Social Media Network Traffic

If you have an nProbe or a SonicWALL exporting IPFIX, you can filter on both the domain and the end user and list the URLs the end system is hitting.  The nProbe was the first to offer URL and latency using IPFIX.  Citrix AppFlow then followed suit.  And, like the nProbe, AppFlow can also provide SSL details on encrypted connections.

Monitoring Facebook traffic with NetFlow

I can change the report and provide details on how many megabytes were sent, etc.   A good NetFlow solution provides these details on social networking traffic.  Our network traffic monitoring solution can help you get a handle on social networking traffic.

September 2013 Update on Monitoring Facebook Traffic: Cisco AVC is the best way today to monitor traffic.


Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.


Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…

Leave a Reply