Gigastor
Page
GigaStor User Guide
Trademark Notices
Limited Warranty-Software
Ownership and Confidentiality
Technical Support
Rev
Contents
Packet Capture or GigaStor Capture
GigaStor GigaStor Expandable Controller unit Expansion unit
Using the Observer console locally on the GigaStor
What is a probe instance?
Rev
About the GigaStor
GigaStor models
GigaStor versions
GigaStor versions
GigaStor versions About the GigaStor
Installing Your GigaStor
Unpacking and inspecting the parts
Setting the GigaStor’s IP address
Installing the GigaStor and connecting the cables
Default TCP/IP settings
Probe Service Configuration Applet
Redirecting the GigaStor probe
Connecting Observer to the GigaStor
Edit Remote Probe Entry
Probe Instance Redirection
Probe administration
Remote Probe Administration
Edit Probe Instance Capture Buffer Memory
GigaStor Instances
Edit Probe Instance Configure Memory
GigaStor Control Panel
GigaStor Capture Analysis
GigaStor Settings Schedule tab
Jumbo Frame Support Gigabit Ethernet
Configuring Observer for your Gigabit device
Configuring Terms of Service and Quality of Service settings
ToS/QoS tab
Configuring Observer for your WAN device
Digital DS3/E3/HSSI Probe Settings
Thermometer
Digital T1/E1 Probe Settings
Projects on the link
Serial T1/E1 probe settings
Serial T1/E1 Probe Settings
10/100/1000, 10GbE Optical, and Fibre Channel
Tapping an Ethernet or Fibre Channel connection
Gen2 card port assignments
GigaStor with an optical nTAP
Port Gen2 card port assignments
Gigabit copper
GigaStor with a copper TAP
T1/E1
Tapping a WAN connection
Digital T1/E1 Tap
Serial
WAN Serial T1/E1 TAP
DS3/E3
DS3/E3 TAP
Serial/HSSI
WAN Hssi
Installing the drives in your GigaStor
GigaStor drive locations
Cable diagram for the GigaStor Expandable
Connecting the GigaStor Expandable to the expansion units
Packet Capture or GigaStor Capture
Packet capture buffer and statistics buffer
Capturing Packets with the GigaStor
You want a buffer that will handle your largest, worst case
Rev
GigaStor Control Panel
GigaStor Control Panel
Display Controls
Right-click menus
Chart right-click menu
GigaStor Control Panel Analyze button
Analyze button
Compatible feature
Processing for features you are not interested
GigaStor Analysis Filter
Otherwise leave it unchecked
Configuring the GigaStor through the Control Panel
GigaStor Options tab
GigaStor Options tab
Capture Buffer size
Administration dialog
Memory, and disk storage consumption
Links or networks, you can decrease the capture buffer size
Specify a Fixed Sampling Ratio to consider when updating
Wireless Channel Change
GigaStor Control Panel Charts and statistical displays
Start/Stop Packet Capture marker
GigaStor Outline
GigaStor Chart tab
GigaStor Outline
Capture Graph tab
Allows you to select which item will be configured
Dropdown
Item line thickness
Schedule tab
GigaStor Schedule tab
Adding, Modifying, and Deleting Time Intervals
Statistics Lists tab
Statistics Lists tab
Subnet
GigaStor Subnet tab
Subnet and IP Stations
GigaStor Reports tab
GigaStor reports
Report Setup
Exports tab
Export
Rev
Using Observer with a WAN Probe
Discover Network Names
Setting the Committed Information Rate CIR for a Dlci
Edit Dcli
WAN bandwidth utilization
WAN Bandwidth Utilization
WAN Vital Signs by Dlci pane
WAN Vital Signs by Dlci
DCE KBits/s Max DTE KBits/s Max
WAN Load by Dlci
Though it is still labeled Dlci
WAN Load by Dlci
WAN Load by Dlci Graph View
WAN Top Talkers
TIP
WAN Filtering
Active Filters
Triggers and Alarms
Probe Alarm Settings
Triggers and Alarms Using Observer with a WAN Probe
Forensic Analysis using Snort
Starting Forensic Analysis using Snort rules
Select Forensic Analysis Profile dialog
GigaStor Analysis Options Forensic Analysis section
Forensic Settings
Forensic Settings
Rules tab
Forensic Summary
About Forensic Analysis tab
Forensic Analysis Log tab
About the Forensic Analysis Log tab
Forensic Analysis Profile field descriptions
Forensic Analysis Profile Settings tab
Settings, and share them with other Observer consoles
Settings Profile
IP Flow
Considered active
FieldDescription
103
Forensic Analysis Profile Settings tab
ARP Inspection
Template when changing values of address and port variables
Traffic resulting from these types of attacks
Forensic Summary Window
Rules tab
Observer on the GigaStor
Using the Observer console locally on the GigaStor
Expert Probe interface
TIP! Switching Back to Expert Probe
Probe Instances
Active probe instance compared to passive
What is a probe instance?
TIP! Active Probe Instance Best Practices
RAID
Gen2 Capture Card
Swapping the Gen2 card’s SFP or XFP interfaces
Configuring virtual adapters on the Gen2 card
GigaStor probe
Assign Port to Virtual Adapter Default view
Edit Port Description
Make Instance Active
Computer Management window
Rev
TCP/IP ports, NAT, and VPN
NAT
TCP/IP ports
VPN
126 VPN Appendix a TCP/IP ports, NAT, and VPN
GigaStor, GigaStor Expandable, Expansion Unit Cases
GigaStor
Controller unit
GigaStor Expandable
C D E F G
Expansion unit
Alarm Button
Temperature probe
Reset Button
Rev
GigaStor Portable
134 Appendix C GigaStor Portable
TAP bay
Portable GigaStor
Running Observer passively
Using the portable GigaStor as a probe
Rev
Encapsulation 34-35 Hssi
Index
Capture Buffer Memory 26ff
DS3/E3 TAP 47ff
Hssi 15, 34, 48-49 probe settings
Packet filters
Packet alert threshold
T1/E1 WAN
T1 82 Dlci 83 monitoring
25 80, 82, 84-85 XFP 14-15, 116 Gen2 card
WAN
Rev 145
146 Rev