Field Usage Notes | Cisco Systems NAM, 5 specification

Chapter 5 User and System Administration

User Administration

Step 2 Select the username.

Step 3 Click Delete.

Note If you delete user accounts while users are logged in, they remain logged in and retain their privileges. The session remains in effect until they log out. Deleting an account or changing permissions in mid-session affects only future sessions. To force off a user who is logged in, restart the NAM.

Establishing TACACS+ Authentication and Authorization

Terminal Access Controller Access Control System (TACACS) is an authentication protocol that provides remote access authentication, authorization, and related services such as event logging. With TACACS, user passwords and privileges are administered in a central database instead of an individual switch or router to provide scalability.

TACACS+ is a Cisco Systems enhancement that provides additional support for authentication and authorization.

When a user logs into the NAM Traffic Analyzer, TACACS+ determines if the username and password are valid and what the access privileges are.

To establish TACACS+ authentication and authorization:

Step 1 Choose Administration > Users > TACACS+. The TACACS+ Authentication and Authorization Dialog Box displays.

Step 2 Enter or select the appropriate information in the TACACS+ Authentication and Authorization Dialog Box (Table 5-10).

Table 5-10 TACACS+ Authentication and Authorization Dialog Box

Field	Usage Notes

Enable TACACS+ Authentication and	Determines whether TACACS+ authentication and
Authorization	authorization is enabled.
	• To enable, check the check box.
	• To disable, uncheck the check box.

Primary TACACS+ Server	Enter the IP address of the primary server.

Backup TACACS+ Server	Enter the IP address of the backup server
	(optional).
	Note If the primary server does not respond
	after 30 seconds, the backup server will be
	contacted.

Secret Key	Enter the TACACS+ password.

Verify Secret Key	Reenter the TACACS+ password.

		User Guide for the Cisco Network Analysis Module (NAM) Traffic Analyzer, 5.0

	OL-22617-01			5-19
	OL-22617-01			5-19

Image 207

Cisco Systems NAM, 5 manual Establishing TACACS+ Authentication and Authorization, Field Usage Notes

Contents

Text Part Number OL-22617-01 Americas HeadquartersPage N T E N T S Span Network Sites URL Nbar System Administration Resources Audit Trail Understanding Traffic Patterns at the Network Layer Chapter Overview About This Guide Boldface font AudienceConventions Convention Obtaining Documentation and Submitting a Service Request Xiv A P T E R Introducing NAM Traffic Analyzer Logical Site Dashboards Standards-Based NBI New Application Classification Architecture Historical Analysis NetFlow v9 Data Export WS-SVC-NAM-2-250S Cisco Branch Routers Snmp v3 Support -- NAM to Router/Switch SupportOverview of the NAM Platforms WS-SVC-NAM-1-250S Menu Bar LoggingNavigating the User Interface Common Navigation and Control Elements Detailed Views Quick Capture Context Menus Interactive Report Chart View / Grid View Mouse-Over for Details Zoom/Pan Charts Sort Grid Bytes / PacketsStatistics Context-Sensitive Online Help Understanding How the NAM Works Configuration/guide/span.html Configuration/guide/nde.htmlPorts VLANs Guide/span.html Understanding How the NAM Uses SpanUnderstanding How the NAM Uses VACLs Module Cisco IOS Software Guide/vacl.html Understanding How the NAM Uses NDE Understanding How the NAM Uses Waas Action Description GUI Location User Guide Location Configuration Overview Setup Alarms Actions Administration SystemSetup Data Export Setup Network Sites Capture/Decode Configuring and Viewing DataAdministration Users Capture Packet Cisco Waas NAM Virtual Service Blade Traffic Analysis Default Functions Voice Signaling/RTP Stream Monitoring Application Response Time MetricsAnalyze Media Voice Call Statistics SPAN, Data Sources, Hardware Deduplication, TrafficTraffic Usage Statistics About Span Sessions Supervisor portCopyTable Snmp Switch CLIMethod Usage Notes NAM Traffic Analyzer the NAM GUI Column Description State Description Creating a Span Session Field Description Choose Setup Traffic Span Sessions Editing a Span SessionDialog Box Data Sources Deleting a Span SessionSPAN, ERSPAN, VACL, NetFlow, WAAS, Data Port if it is a local physical port, or the IP address Router or switch or WAE deviceOr Disabled Fields are explained in -7, NAM Data Sources Click Setup Traffic NAM Data Sources Enabling Auto-Creation of Erspan Data Sources Using the CLI Creating Erspan Data Sources Using the Web GUI Disabling Auto-Creation of Erspan Data Sources Using the CLI Creating Erspan Data Sources Using the CLI Deleting Erspan Data Sources Using the Web GUI Enter the device ID from StepEnter the name you would like for the data source required Deleting Erspan Data Sources Using the CLI Use the no data-sourcecommand to delete the data sourceClick the Delete button along the bottom of the window Sample Configuration of Erspan Destination Configuring Erspan on DevicesUse the no device command to delete the device Sample Configuration of Erspan Source Sample Configuration Configuring Vacl on a WAN Interface NetFlow Configuring Vacl on a LAN Vlan Understanding NetFlow Flow Records Understanding NetFlow Interfaces Configuring NetFlow on Devices Managing NetFlow Data SourcesOutput Interface Are Flows Reported? For Devices Running Cisco IOS For NAMs Located in a Device Slot Creating NetFlow Data Sources Using the Web GUI Enabling Auto-Creation of NetFlow Data Sources Using the CLI Snmp Credentials Creating NetFlow Data Sources Using the CLI Security Level Deleting NetFlow Data Sources Using the CLI Deleting NetFlow Data Sources Using the Web GUI Testing NetFlow Devices Understanding Waas Contact information for the deviceSnmp read test result. For the local device only Configure a Server WAN data source Setting DescriptionConfigure a Client data source Point, configure a Client WAN data source Server data source Monitoring Client Data SourcesMonitoring WAN Data Sources Monitoring Server Data Sources Managing Waas Devices Deployment ScenariosDeployment Scenario Adding Data Sources for New Waas Device Choose Setup Traffic NAM Data Sources Deleting a Waas Data Source Editing Waas Data Sources Choose Setup Traffic Hardware Deduplication Hardware DeduplicationAuto Create of New Waas Devices Alarms Alarm ActionsAlarm Actions, Thresholds, User Scenario, Alarm Action Configuration Editing Alarm Actions Deleting Alarm ActionsChoose Setup Alarms Actions Site associated with this threshold ThresholdsName of the threshold Application associated with this threshold Field Setting Host ThresholdsAlarm Summary dashboard Monitor Overview Alarm Summary Choose Setup Alarms Thresholds Setting Conversation Thresholds Dashboard Monitor Overview Alarm Summary , where you Setting Application Thresholds Setting Response Time Thresholds Chose a Dscp value from the list Setting Dscp ThresholdsGive the Dscp Alarm Threshold a name Dashboard Monitor Overview Alarm Summary, where you Alarm actions Setting RTP Stream ThresholdsGive the RTP Streams Alarm Threshold a name High, Low, or High and Low alarms Setting Voice Signaling Thresholds Choose a data source from the list Setting NDE Interface ThresholdsDashboard Monitor Overview Alarm Summary , where you can Give the NDE Interface Alarm Threshold a name Deleting a NAM Threshold Editing an Alarm Threshold NetFlow, Scheduled Exports, Custom Export, Data ExportUser Scenario NetFlow Viewing Configured NetFlow Exports Choose Setup Data Export NetFlowNetFlow Exports screen appears shown in Figure Valid characters 1-9. Length Min 1, Max Configuring NetFlow Data ExportDescription of the NetFlow Export Port number of the device to be exported to ART Client Server Application Record types supported by NAM for NetFlow areApplication Host Scheduled Exports Editing NetFlow Data ExportClick Choose Setup Data Export Scheduled Exports Editing a Scheduled ExportDeleting a Scheduled Export Managed Device Custom ExportDevice Information Name of the Snmp read-write community string configured on Choose Setup Managed Device Device InformationTotal time the switch has been running Name of the network administrator for the router Nbar Protocol Discovery Sites, NDE Interface Capacity, Dscp Groups, NetworkSites Field / Operation Description Specifying a Site Using Subnets Specifying a Site Using WAE devices Waas Data SourcesDefinition Rules Specifying a Site Using Multiple Rules Viewing Defined SitesResolving Ambiguity Overlapping Site Definitions Description of what the site includes Shows if the site is Enabled or DisabledDefining a Site Name of the site Subnet Detection See -7for an exampleUnique text string for naming a site Optional text string for describing site Editing a Site Subnet DetectionEnter an IPv4 or IPv6 address NDE Interface Capacity Dscp GroupsCreating an NDE Interface Through Dscp AF/EF/CS Format Bit Field Format Choose Setup Network Dscp GroupsCreating a Dscp Group Field Description Usage Notes Classification Editing a Dscp GroupDeleting a Dscp Group 8shows an example of what the screen may look like Applications Creating a New Application Choose Setup Classification Applications Editing an Application That list, highlight it and click the left arrowRepeat through as many times as desired Creating an Application Group Choose Setup Classification Application GroupsApplication Groups Deleting a Protocol To edit an application group URL-based ApplicationsEditing an Application Group Deleting an Application Group Example Choose Setup Classification URL-based Applications Deleting a URL-based Application Editing a URL-Based Application Aggregation Intervals, Response Time, Voice, RTP Filter, Choose Setup Classification EncapsulationsMonitoring Encapsulations Choose Setup Monitoring Aggregation Intervals Aggregation IntervalsURL, Waas Monitored Servers, Normal Minimum Choose Setup Monitoring Response TimeResponse Time Short-Term Long-Term Field Appliance Choose Setup Monitoring VoiceMonitor Setup Window Voice Enabling a URL Collection Changing a URL Collection Choose Setup Monitoring RTP FilterRTP Filter 10,000 500 1,750 000 1,000 250 Choose Setup Monitoring URL Enabling a URL CollectionDisabling a URL Collection URL page -10displays Changing a URL CollectionElement Description Usage Notes To change a URL collection Adding a Waas Monitored Server Choose Setup Monitoring URL CollectionWaas Monitored Servers Disabling a URL Collection Choose Setup Monitoring Waas Servers Deleting a Waas Monitored ServerTo delete a Waas monitored server data source Navigation, MonitorAnalyze Interactive Report Navigation Saving Filter Information Saving Filter Parameters Traffic Summary Response Time Summary Site Summary Alarm Summary Top N Applications by Site and Alarm Count Top N Sites by Alarm CountTop N Hosts by Site and Alarm Count Top N Applications by Alarm Count Analyzing Traffic Hosts Detail Application Applications Detail Host Traffic rate number of bytes per second NDE Interface Traffic AnalysisApplication group set of applications that can be Monitored as a whole Viewing Interface Details Dscp DetailDscp value Applicable site or Unassigned if no site Application Groups Detail Viewing Collected URLs Filtering a URL Collection List URL HitsViewing Collected URLs Filtering a URL Collection List Host Conversations Network ConversationTop Application Traffic Top Application Traffic WAN Optimization Application Traffic By HostTop Talkers Detail Conversation Multi-Segments Application Performance Analysis NAM Application Response Time Measurements Response Time Metric Description 7lists and describes the ART metrics measured by NAM Metric Description Application Response Time Network Response TimeNetwork Server Application Responses Server Response TimeClient Response Time Client-Server Response Time Detailed Views Server Application Transactions Server Application Transactions Server Network Responses Client-Server Application Responses Client-Server Application Transactions Client-Server Network Responses Server-response packet, excluding retransmission timePacket as observed at NAM probing point Interface, Interface Interfaces Stats TableHealth, NBAR, Switch Health HealthInterface Statistics Over Time Backplane Utilization Chassis HealthChassis Information CPU usage Crossbar Switching Fabric Ternary Content Addressable Memory Information Router Health Router Health Router Information Time in hundredths of a second since the network management Information on how to contact this personCurrent state of the power supply being instrumented Media RTP Stream Stats Summary RTP StreamsPurpose RTP Stream Information Voice Call Statistics Monitoring RTP StreamsRTP Stream Stats Details Calling number as it appears in the signaling protocol Called number as it appears in the signaling protocolCalls Table Time when the call was detected to end From inspecting the call signaling protocolInspecting call signaling protocol Time when the call was detected to start Field Purpose RTP Conversation Duration of the stream Synchronization source number as it appear in the RTPHeader NAM calculated score that takes into account OL-22617-01 Quick Capture Capturing and Decoding Packet Data Sessions Size of the session Viewing Capture SessionsName of the capture session Many times as necessary Configuring Capture Sessions Operation DescriptionChoose Capture Packet/Capture Decode Sessions Name of the capture Enter a capture name Configure Capture Session Window Administration System Capture Data Storage Maximum Capture Session Sizes for NAM PlatformsMaximum Session NAM Platform Size 300 MB Software FiltersMaximum Session NAM Platform Size Creating a Software Filter Choose Capture Packet Capture/Decode SessionsSoftware Filter Dialog -4 displays Hexadecimal number from 0 to 9 or a to f. The default is IPv4 address in dotted-quad format n.n.n.n, where n is 0 toDefault if blank is For MAC address, enter hh hh hh hh hh hh, where hh is a Choose GTP.IPv6 for IPV6 address for tunneled packet over To edit software capture filters Editing a Software Capture Filter Vlan and IP IP and TCP/UDP IP and Payload Data Configuring a Hardware FilterTo cancel the changes, click Cancel Hardware Assisted Filters List is also shown in Figure Vlan and IP IP and Payload Data IP and TCP/UDP Payload Data Files Delete files Display the packets in a file Displays packets and bytes transferred for each protocol Error ScanAnalyzing Capture Files Displays a graphic image of network traffic KB/second Choose Capture Packet Capture/Decode Files Downloading Capture Files Deleting Multiple Files Deleting a Capture File Load and decode the next block of packets from the NAM Viewing Packet Decode InformationStop packet loading Load and decode the previous block of packets from the NAM Choose an Address Filter Choose a Filter ModeBrowsing Packets in the Packet Decoder Filtering Packets Displayed in the Packet Decoder Define a Protocol Filter Viewing Detailed Protocol Decode Information To create custom display filters Using Alarm-Triggered CapturesCustom Display Filters Creating Custom Display Filters Custom Decode Filter Dialog Box Format Tips for Creating Custom Decode Filter ExpressionsSee Tips for Creating Custom Decode Filter Expressions Operator Meaning Choose Capture Packet Capture/Decode Display Filters Editing Custom Display FiltersField Filter By Format Examples of Custom Decode Filter Expressions To delete custom display filters Deleting Custom Display Filters OL-22617-01 System Administration User and System Administration Choose Administration System Network Parameters ResourcesNetwork Parameters Snmp Agent Snmp Agent Dialog Box displays Choose Administration System Snmp AgentWorking with NAM Community Strings Creating NAM Community Strings To delete the NAM community strings Testing the Router Community StringsSystem Time Deleting NAM Community Strings Clock set hhmmss mm/dd/yyyy Synchronizing the NAM System Time with the Switch or RouterChoose Administration System System Time Synchronizing the NAM System Time Locally Mail Setting Configuring the NAM System Time with an NTP ServerChoose Administration System E-Mail Setting Capture Data Storage To enable Web Data PublishingChoose Administration System Web Data Publication Web Data Publication Configuring the NFS Server Configuring the NFS Storage Location on the NAMCreating NFS Storage Locations Editing NFS Storage Locations Name of the remote storage entry ISCSI target name configured on the remote iSCSI serverCreating iSCSI Storage Locations Editing iSCSI Storage Locations Choose Administration System Snmp Trap Setting Syslog SettingSnmp Trap Setting Choose Administration System Syslog Setting Preferences Editing a NAM Trap DestinationDeleting a NAM Trap Destination System Alerts, Audit Trail, Tech Support, DiagnosticsSystem Alerts Audit Trail Downloading Core Files Choose Administration Diagnostics Audit TrailChoose Administration Diagnostics Tech Support Tech Support Local Database User AdministrationRecovering Passwords Privilege Access Level Choose Administration Users Local Database Creating a New UserTo create a new user Choose the Administration Users Local Database Editing a UserDeleting a User Field Usage Notes Establishing TACACS+ Authentication and Authorization Click Submit/Restart Configuring a Cisco ACS TACACS+ ServerClick Network Configuration Click Add Entry For Windows NT and 2000 Systems Adding a NAM User or User Group Configuring a Generic TACACS+ Server Parameter Enter Current User Sessions NAM Traffic Analyzer 5.0 Usage Scenarios Deploying NAMs for WAN Optimization DeploymentDeploying NAMs in the Branch Deploying NAMs for Voice/Video applications Autodiscovery Capabilities of NAM Creating Custom ApplicationsIntegrating NAM with Third Party Reporting Tools See Application Response Time, See Thresholds, Integrating NAM with LMSUnderstanding Traffic Patterns at the Network Layer See Dscp Groups, Using NAM for Problem Isolation Troubleshooting Using NAM for SmartGrid Visibility General NAM Issues Troubleshooting NAM Not Responding Error MessagesDoes the session from the switch/router work? Packet Drops NAM Behavior Waas Troubleshooting OL-19530-02 Module Object Identifier OID and Description Source Supported MIBs Mib-21.rmon16.tokenRing10.ringStation RFC OrderTable3 Mib-21.rmon16.tokenRing10.ringStationConfig RFCObjects10 Power, Temperature and Fan Status Mib-21.rmon16.tokenRing10.ringStation RFC Crossbar statistics Cisco9.workgroup5.ciscoStackMIB1.ciscoStatckCiscoMgmt9.ciscoCat6kCrossbarMIB217.cisco Cat6kXbarMIBObjects1 OL-22617-01 Creating Capture settings, configuringDownloading to a file Custom display filters IN-2 Configuring as datasource Ipesp IPIP4 Alarm thresholds IN-4 Creating Deleting Editing Spanning, directing traffic for Server, configuring to support NAM Authentication and authorization, establishing See Virtual Switch Software Waas data sources Voice data Collecting Viewing Voice signaling thresholds