Net Optics none manual Chapter Introduction

Page 5

Director

Chapter 1

Introduction

Net Optics Director is a key component for building a comprehensive, consolidated monitoring infrastructure for both network management and security. It extends the range of visibility for data monitoring across converged data and digital voice networks, while eliminating monitoring port contention and minimizing the number of tools needed to optimally manage the network.

A single Director device enables you to tap into multiple network links, and direct their traffic to multiple monitoring ports. It includes aggregation and regeneration functions, so the link-to-monitor-port mapping can be one-to-one, one-to-many, many-to-one, or many-to-many. In addition, it provides filtering: Each Monitor port can be programmed to receive only traffic meeting user-defined filter criteria based on protocol, source and destination addresses, and network utilization. This filtering capability enables specific types of traffic such as voice over IP (VoIP) to be directed to particular monitoring tools.

Matrix switching, aggregation, and regeneration

Each Director chassis supports up to 12 in-line network links or 26 Span ports. For monitoring, up to 12 ports are provided. Network and Span ports can be aggregated and regenerated to output ports in almost any combination.

Modular design

Director is modular to provide configuration flexibility.

Director Network Modules (DNMs) support SX (multi-mode) and LX (single-mode) fiber links and 10/100/1000

Copper links.

Each DNM provides either 6 in-line network links or 12 Span ports.

The Director Chassis includes two DNM slots; they can be populated with the same or different DNM types.

Ten 1-Gigabit Monitor ports are SFP-based, accepting any mix of Copper, SX, and LX interface modules.

Four 10-Gigabit ports are XFP-based, accepting SR, LR, and ER interface modules.

Flexible 10 Gigabit support

Two 10 Gigabit ports on the front of the unit can be configured as Network, Span, or Monitor ports. They can be configured for the same or different functions. Traffic from multiple 1-Gigabit Network or Span ports can be aggregated to a 10-Gigabit Monitor port. Conversely, traffic from a 10 Gigabit Network or Span port can be dis-aggregated to multiple 1 Gigabit Monitor ports through appropriate filtering. For example, traffic from different IP address ranges could be directed to separate Monitor ports.

Expandable

An additional two 10 Gigabit ports on the rear of the unit enable daisy-chaining up to ten Director chassis to expand the number of available ports, for a total of 380 ports in a fully expanded system (when available).

Monitor port-based filtering

Director avoids the confusion of pre-filtering versus post-filtering by strictly tying filtering to the Monitor ports. Each Monitor port can be configured to have traffic from any number of Network or Span ports directed to it, and each Monitor port applies up to 30 protocol-, address-, and utilization-based filters to the traffic.

1

*** Confidential - DO NOT Distribute ***

Page 4 Page 6
Image 5
Page 4 Page 6
Contents Smart Filtering Appliance Trademarks and Copyrights Contents Appendix B Appendix aAppendix C Filter parametersChapter Introduction Ease of Use Key FeaturesMonitor port Filtering Passive, Secure TechnologyDescription About this GuideDirector internal architecture Director ArchitectureDirector Management USB portNetwork Links Typical ApplicationMonitoring Tools External Network Tap method IBypass Switch MethodIn-line Monitoring of 10 Gigabit Links Director Front Panel Power LEDsMonitor Port LEDs DNM / Network Port LEDsXFP Director Rear PanelChapter Installing Director Unpack and Inspect the Director device Plan the InstallationRack Mount the Director device Install Director Network ModulesInstall SFP and XFP Monitor port Modules Connect the local CLI Interface Connect Power to DirectorBaud Data bits No parity 1 stop bit No flow control Connect the remote CLI InterfaceTip To connect the CLI for remote use over the Management portTo log into the CLI Log into the CLITo change the user name and password Configure Director using the CLIChange Director User Name and Password Assign a New Manager IP Address To change the port modeTo assign a new Manager IP address to Director Change Port ModesSet the Current Date and Time Save and Load Director ConfigurationsTo view CLI help information Using the CLI Help CommandCurrent config file Using the CLI Command History BufferTo connect a Span port Connect Span Ports to DirectorTo connect an in-line network link Connect Director With In-line Network LinksConnect Monitoring Tools to Director Configure a Matrix Switch connection in DirectorCheck the Installation Syntax Chapter Configuring Filters Using the CLICopy Traffic From Any Network Port to Any Monitor Port Enter filter commit. The switch connection is activatedLter add inports=n1.1 action=redir redirports=m.3-m.5 Regenerate Traffic to Any Set of Monitor PortsTo create a filter that selects IPv4 packets by protocol Create FiltersLogical and filter connection Create Complex FiltersUDP View filtersConfigurable 10 Gigabit XFP ports used as Network ports Work with configurable 10 Gigabit portsNetwork Port 11 XFP Port CAM Understand filter interactionsFlow diagram now looks as follows N1.1 ipproto=UDP action=drop N1.1 m.1 Exclusive filtersUnderstand pending and active filters To change the Director filter configurationEnter filter list to view the pending filter list Filter capacity User interactionsDaisy-chaining Multiple Director Chassis Specifications, chassis Appendix a Director SpecificationsEnvironmental Specifications, DNMCertifications Available ModelsCommand Sub-Command Parameters Example and description Appendix B Command Line InterfaceFilter add and filter ins commands Command may includeFilter add ipv6=n inports=n1.1-n1.3 ip Src=10.1.1.1 action=dropFilter list Load myconfiguration-1Filter running Filter syncShow myconfiguration-1 Save myconfiguration-1Passwd PingSysip ipaddr=192.168.1.2 netmask=255.255.0.0 Sysip commitSysip show TimeUser show This This command is only available at root level CommandUser add name=bob pw=bob-pw priv=3 Is onlyDirector Filter Parameters Qual Value Example Description Filter parametersNum Keyword Protocol Appendix C Protocol NumbersMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved
Top Page Image Contents