Fluke Computer Accessories manual Security Settings, VPNs

Page 62

User’s Guide – version 3.5

NetFlow Tracker

If you wish to prevent interfaces that never report any NetFlow data from appearing in the interface status report and Filter Editor check the box corresponding to the interface in the “inactive” column. If the configuration of the device has changed there may be some unused interfaces listed separately; it is likely you will want to mark these as inactive.

VPNs

NetFlow Tracker can associate an interface on a device with a VPN for reporting and filtering. Any number of interfaces on any number of devices can be associated with a single VPN, and their traffic will be grouped together in the VPNs report and by the VPN filters. NetFlow Tracker will assign the customer-facing interfaces of an MPLS PE router using MPLS VPN and supporting the standard SNMP MIB automatically; you can override this or assign interfaces manually by first clicking “add/delete” in the heading of the VPN column of the interfaces box for any device. Each VPN must have a unique id and name; a description is optional. To set the VPN for an interface, simply click the VPN name and choose another in the dropdown box that appears. You can set the VPN to “none” if the interface is not part of a VPN; the P interface(s) on an MPLS PE router should have their VPN set to “none” as they carry traffic from multiple VPNs.

Deleting a Device

Finally, you can delete a device by clicking “Delete”; although the device will only be deleted when you click “Ok” in the main device settings page there is no way to cancel deleting a device except by pressing “Cancel” in the main device settings page an thus losing any other changes. You should also note that if the device is still sending exports to the software it will reappear.

Security Settings

You can set up password protection of the web front end to NetFlow Tracker by adding user accounts here. To add an account, type a login and the same password twice, and tick the administrator box if you wish the user to be able to configure the system. Click “Add” to add the user. To delete an existing user, tick the box above the “Delete” button corresponding to the user and click “Delete”. You can also reset a user’s password and whether or not the account is an administrator.

You must also choose what level of protection you desire. You can choose not to protect access at all; to protect only access to the settings pages or to protect both configuration and normal access. If you protect access of any sort you will need to add at least one administrator account.

You can also change the page that users see when they access the server without specifying a page (i.e., http://server/). You can specify a custom homepage that applies to all users, including the default one when logging in is not required. You can also specify a custom homepage for any user account.

Ensure that the URL of any custom homepage is relative to the server’s root; for example, the standard homepage would be specified as “index.jsp” and the Network Overview would be specified as “report.jsp?cid=_topdevices”. Note that since version 2.1, new installs of NetFlow Tracker have the Network Overview pre-configured as a custom homepage.

62

Image 62
Contents NetFlow Tracker Contents LONG-TERM Reports Appendix 2 CSV File Format Software License Agreement Grant of Licence and Payment of FeesCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Undertakings by You Support ServicesSupport Charges Supplier’s UndertakingsTermination Limitation of Liability and indemnityIntellectual Property Rights Confidential Information and Security MiscellaneousResponse Times Exceptions to Support ServicesSupport Hours Features and Benefits What is NetFlow?What is NetFlow Tracker? IntroductionUser’s Guide version NetFlow Tracker Minimum System Requirements InstallationPre-installation Checks Operating System SupportInstallation on Microsoft Windows Installation on Linux Post-installation Tasks Configure your routers and switches Set up Snmp community stringsSet up web front-end security Add listener portsUsing NetFlow Tracker Device traffic meters InterfacesChart legend Working with ChartsChanging the displayed chart Per-AS dataZooming View a standard chart as a pie chartView a standard chart as a tabular report Zooming outPrint the chart Alter the filter applied to a standard chartExport a chart to another application Open the chart in a new windowWorking with Pie Charts Working with Tabular ReportsSort a tabular report Examine a single rowSession Reports Report TemplatesAddress Reports QoS Reports Network ReportsTraffic Identification Reports Creating Filtered ReportsInterface Reports Other ReportsSource data Report templateSample size Start timeInterface Time zoneSource device Out interfaceDest port ProtocolSource port Src/dest portSource AS DiffServTraffic class Dest ASPer-device and Per-interface Long-term Reports Long-term ReportsDevices and Interfaces Filter EditorUser’s Guide version NetFlow Tracker Reports Report Format Parameters Report URL FormatGeneral Form 0025 00230024 0026Number ChartPie True128 FeaturesSections 256Time Range Parameters Day MillisHour WeekTime range will extend for this number of units Calendar-based advancedDay1-day2/time1-time2 HHmmApplying a time-of-day mask to the time range 100 110105 113140 115120 125Minute 285300 DailyFilter Parameters Port1-port2 NameAddr1-addr2 Port1-port2/name Port/namePort/number Port1-port2/numberPrec%20tos PrecTos CodeAddr/mask MaskUsername PasswordSecurity Parameters Null Management Portal Access Control ParametersSecret VPN Out VPN Filter Editor button, if applicable Chart scrollbarChart selection headers Refresh and Resolve All buttons, if applicableDisk Speed Performance TuningDatabase Server Settings Query SizeLicensing Configuration GuideSnmp Settings Listener PortsDevice List Device SettingsDevice Settings Sampled Data Scaling Security Settings VPNsHttp//tracker1/report.jsp?portalsecret=secret&aclif= Management Portal SettingsHttp//proxy/tracker1/report1 Http//proxy/tracker1/report.jsp?portalacl=RewriteRule /tracker1/.*$ http//1.2.3.4/$1 P,L,QSA Using Apache as a Portal ServerRewriteEngine On ProxyPassReverse /tracker1/ http//1.2.3.4Real-time Reports Report SettingsGeneral Settings Saved Filters Scheduled ReportsLong-term Reports Executive Reports Span class=repdesctextTest/span Sub-reports Nelements=5 and chartWidth=400Content User’s Guide version NetFlow Tracker DiffServ Names Hostname Resolution SettingsIP Application Names Subnet Names Database SettingsAS Names Backup Performance Counters Memory SettingsArchiving Ignored Flows NetFlow Data ReceivedTraffic Described Unprocessed FlowsetsAbout No In InterfaceIp cef Appendix 1 Device ConfigurationEnabling Netflow Export on an IOS Device Ip flow-export destination addressShow ip flow export Ip flow-cache timeout activeIp flow-cache timeout inactive Show ip cache flow Show ip cache verbose flowMls nde sender version Ip route-cache flow infer-fieldsMls netflow Mls aging longUser’s Guide version NetFlow Tracker Set system name name Set mls bridged-flow-statistics enable vlanlistSet mls nde enable Set mls nde addressFlow-sampler-map allflows mode random one-out-of 1 exit Enabling Flow Detail Records on a Packeteer DeviceEnabling NetFlow on an Enterasys Device Appendix 2 CSV File Format Chart CSV formatPie chart CSV format Tabular report CSV formatAppendix 3 XML Format Chart XML formatPie chart XML format Tabular report XML formatAppendix 4 Third Party Software Components JspSmartUpload Quartz