Net Optics none manual Typical Application, Network Links

Page 10

Director

Typical Application

The following diagram shows a typical application using Director to implement a comprehensive, consolidated monitoring infrastructure.

2

1

www.netoptics.com

IDS

Analyzer 2

RMON 1

A	B
A
B
Analyzer 1
Forensic

RMON 2

Figure 2: Director-centric network monitoring infrastructure

In this example, eight network links are monitored by six monitoring devices. The company's external access is protect- ed by a firewall, shown in the upper left of the diagram. The link runs through a router, then in-line through Director, and then to a switch that distributes traffic throughout a department.

Network Links

The rest of the department's switches are shown, but only the connections to Director are illustrated. The four depart- ment switches shown in the lower right are cross-connected for fault tolerance. All four of the cross-connected links are passed in-line through Director (as indicated by the slanting purple lines) so they can be thoroughly monitored for performance tuning, security, and trouble-shooting. Because so many critical links pass in-line through Director, it's good to know that they are completely passive connections—Director does not slow down or interfere with the in-line traffic, and the links stay open to pass traffic even if both of the Director power supplies are removed. (When power is removed, 10/100/1000 Copper in-line links may be dropped for a short period of time—less than 1 second—while relays switch to open the link. Subsequently, the network re-establishes the links and traffic resumes flowing.)

Purple line indicates an in-line Tap

Figure 3: Detail of in-line Taps shown in Figure 2

In the middle of Figure 2, three other departmental switches are monitored through their Span ports. One of the switches handles 10GbE traffic, so its Span port goes to one of the Director 10GbE XFP ports. One of the other switches' 1GbE Span ports carries three distinct types of traffic–e-mail, VoIP, and Web pages–as indicated by the three colored circles on the Span link.

6

*** Confidential - DO NOT Distribute ***

Image 10

Contents Smart Filtering Appliance Trademarks and Copyrights Contents Appendix C Appendix aAppendix B Filter parametersChapter Introduction Monitor port Filtering Key FeaturesEase of Use Passive, Secure TechnologyAbout this Guide DescriptionDirector Architecture Director internal architectureUSB port Director ManagementTypical Application Network LinksMonitoring Tools In-line Monitoring of 10 Gigabit Links IBypass Switch MethodExternal Network Tap method Monitor Port LEDs Power LEDsDirector Front Panel DNM / Network Port LEDsDirector Rear Panel XFPChapter Installing Director Plan the Installation Unpack and Inspect the Director deviceInstall SFP and XFP Monitor port Modules Install Director Network ModulesRack Mount the Director device Connect Power to Director Connect the local CLI InterfaceTip Connect the remote CLI InterfaceBaud Data bits No parity 1 stop bit No flow control To connect the CLI for remote use over the Management portLog into the CLI To log into the CLIChange Director User Name and Password Configure Director using the CLITo change the user name and password To assign a new Manager IP address to Director To change the port modeAssign a New Manager IP Address Change Port ModesSave and Load Director Configurations Set the Current Date and TimeUsing the CLI Help Command To view CLI help informationUsing the CLI Command History Buffer Current config fileConnect Span Ports to Director To connect a Span portConnect Director With In-line Network Links To connect an in-line network linkCheck the Installation Configure a Matrix Switch connection in DirectorConnect Monitoring Tools to Director Chapter Configuring Filters Using the CLI SyntaxEnter filter commit. The switch connection is activated Copy Traffic From Any Network Port to Any Monitor PortRegenerate Traffic to Any Set of Monitor Ports Lter add inports=n1.1 action=redir redirports=m.3-m.5Create Filters To create a filter that selects IPv4 packets by protocolCreate Complex Filters Logical and filter connectionView filters UDPWork with configurable 10 Gigabit ports Configurable 10 Gigabit XFP ports used as Network portsNetwork Port 11 XFP Port Understand filter interactions CAMFlow diagram now looks as follows Exclusive filters N1.1 ipproto=UDP action=drop N1.1 m.1To change the Director filter configuration Understand pending and active filtersEnter filter list to view the pending filter list User interactions Filter capacityDaisy-chaining Multiple Director Chassis Appendix a Director Specifications Specifications, chassisCertifications Specifications, DNMEnvironmental Available ModelsAppendix B Command Line Interface Command Sub-Command Parameters Example and descriptionFilter add ipv6=n inports=n1.1-n1.3 ip Command may includeFilter add and filter ins commands Src=10.1.1.1 action=dropFilter running Load myconfiguration-1Filter list Filter syncPasswd Save myconfiguration-1Show myconfiguration-1 PingSysip show Sysip commitSysip ipaddr=192.168.1.2 netmask=255.255.0.0 TimeUser add name=bob pw=bob-pw priv=3 This This command is only available at root level CommandUser show Is onlyFilter parameters Director Filter Parameters Qual Value Example DescriptionAppendix C Protocol Numbers Num Keyword ProtocolMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved