Fluke Computer Accessories manual Management Portal Settings, Http//proxy/tracker1/report1

Page 63

User’s Guide – version 3.5

NetFlow Tracker

You can use your own html page if you wish by putting it in the “customweb” folder under the NetFlow Tracker install folder; it is then available from the NetFlow Tracker server as, for example, http://server/customweb/file.html, so the homepage would be simply customweb/file.html.

Management Portal Settings

NetFlow Tracker allows a management portal to offer interactive NetFlow Tracker reports with device or interface level access control to multiple users, so long as the portal’s HTTP proxy server can conceal the initial URL sent to NetFlow Tracker, and can direct subsequent HTTP requests from the user interacting with the page to the correct NetFlow Tracker server, It is possible to use an Apache web server as a proxy if the management portal does not contain one or it is not sufficiently programmable.

Note that it is essential that NetFlow Tracker is password protected to prevent the system from being bypassed.

In order to set up portal access control you must first configure one or more secure secret values in NetFlow Tracker using the Management Portal Settings page. Each secret value has a tag that is simply used to identify it if you need to change or delete it. To add a new secret value enter a tag and the secret value twice and click “Add”. To remove a secret value, tick the box above the “Delete” button corresponding to it and click “Delete”.

Access control works as follows:

1.A user’s web browser requests a URL from the portal’s proxy server (probably as a result of an IFRAME in a portal page) that identifies a particular NetFlow Trracker report, e.g.:

http://<proxy>/tracker1/report1

2.The portal’s proxy server sends a request to the correct Tracker server that selects the correct report and contains one of the configured secret values and some access control parameters describing what the user can access:

http://<tracker1>/report.jsp?portalsecret=<secret>&aclif=...

3.NetFlow Tracker creates a session for the portal and logs it in. This session is restricted so that any request that does not contain an access list identifier (see below) is rejected.

4.The report generated by NetFlow Tracker ensures that any interaction such as clicking a link results in a request containing a securely-generated access list identifier:

http://<proxy>/tracker1/report.jsp?portalacl=...

5.The portal’s proxy server sends the request, unaltered, to the correct NetFlow Tracker server:

http://<tracker1>/report.jsp?portalacl=...

63

Page 62 Page 64
Image 63
Page 62 Page 64
Contents NetFlow Tracker Contents LONG-TERM Reports Appendix 2 CSV File Format Grant of Licence and Payment of Fees Software License AgreementCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Supplier’s Undertakings Support ServicesSupport Charges Undertakings by YouLimitation of Liability and indemnity Intellectual Property RightsTermination Miscellaneous Confidential Information and SecurityExceptions to Support Services Support HoursResponse Times Introduction What is NetFlow?What is NetFlow Tracker? Features and BenefitsUser’s Guide version NetFlow Tracker Operating System Support InstallationPre-installation Checks Minimum System RequirementsInstallation on Microsoft Windows Installation on Linux Post-installation Tasks Add listener ports Set up Snmp community stringsSet up web front-end security Configure your routers and switchesUsing NetFlow Tracker Interfaces Device traffic metersPer-AS data Working with ChartsChanging the displayed chart Chart legendZooming out View a standard chart as a pie chartView a standard chart as a tabular report ZoomingOpen the chart in a new window Alter the filter applied to a standard chartExport a chart to another application Print the chartWorking with Tabular Reports Working with Pie ChartsExamine a single row Sort a tabular reportReport Templates Address ReportsSession Reports Network Reports QoS ReportsOther Reports Creating Filtered ReportsInterface Reports Traffic Identification ReportsStart time Report templateSample size Source dataOut interface Time zoneSource device InterfaceSrc/dest port ProtocolSource port Dest portDest AS DiffServTraffic class Source ASFilter Editor Long-term ReportsDevices and Interfaces Per-device and Per-interface Long-term ReportsUser’s Guide version NetFlow Tracker Reports Report URL Format General FormReport Format Parameters 0026 00230024 0025True ChartPie Number256 FeaturesSections 128Time Range Parameters Week MillisHour DayCalendar-based advanced Time range will extend for this number of unitsHHmm Applying a time-of-day mask to the time rangeDay1-day2/time1-time2 113 110105 100125 115120 140Daily 285300 MinuteFilter Parameters Name Addr1-addr2Port1-port2 Port1-port2/number Port/namePort/number Port1-port2/nameCode PrecTos Prec%20tosMask Addr/maskPassword Security ParametersUsername Management Portal Access Control Parameters SecretNull VPN Out VPN Refresh and Resolve All buttons, if applicable Chart scrollbarChart selection headers Filter Editor button, if applicableQuery Size Performance TuningDatabase Server Settings Disk SpeedListener Ports Configuration GuideSnmp Settings LicensingDevice Settings Device SettingsDevice List Sampled Data Scaling VPNs Security SettingsHttp//proxy/tracker1/report.jsp?portalacl= Management Portal SettingsHttp//proxy/tracker1/report1 Http//tracker1/report.jsp?portalsecret=secret&aclif=ProxyPassReverse /tracker1/ http//1.2.3.4 Using Apache as a Portal ServerRewriteEngine On RewriteRule /tracker1/.*$ http//1.2.3.4/$1 P,L,QSAReport Settings General SettingsReal-time Reports Scheduled Reports Saved FiltersLong-term Reports Executive Reports Span class=repdesctextTest/span Nelements=5 and chartWidth=400 ContentSub-reports User’s Guide version NetFlow Tracker Hostname Resolution Settings IP Application NamesDiffServ Names Database Settings AS NamesSubnet Names Backup Memory Settings ArchivingPerformance Counters Unprocessed Flowsets NetFlow Data ReceivedTraffic Described Ignored FlowsNo In Interface AboutIp flow-export destination address Appendix 1 Device ConfigurationEnabling Netflow Export on an IOS Device Ip cefShow ip cache flow Show ip cache verbose flow Ip flow-cache timeout activeIp flow-cache timeout inactive Show ip flow exportMls aging long Ip route-cache flow infer-fieldsMls netflow Mls nde sender versionUser’s Guide version NetFlow Tracker Set mls nde address Set mls bridged-flow-statistics enable vlanlistSet mls nde enable Set system name nameEnabling Flow Detail Records on a Packeteer Device Flow-sampler-map allflows mode random one-out-of 1 exitEnabling NetFlow on an Enterasys Device Tabular report CSV format Chart CSV formatPie chart CSV format Appendix 2 CSV File FormatTabular report XML format Chart XML formatPie chart XML format Appendix 3 XML FormatAppendix 4 Third Party Software Components JspSmartUpload Quartz
Top Page Image Contents