NetFlow Auditor Manual Getting Started



Similar documents
Overview of Network Traffic Analysis

Fluke Networks NetFlow Tracker

SolarWinds Technical Reference

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Tech Note #015. General requirements

Enabling NetFlow and NetFlow Data Export (NDE) on Cisco Catalyst Switches

Configuring NetFlow Switching

SolarWinds Technical Reference

A message from Plixer International:

LogLogic Cisco NetFlow Log Configuration Guide

Cisco ASA and NetFlow Using ASA NetFlow with LiveAction Flow Software

Using The Paessler PRTG Traffic Grapher In a Cisco Wide Area Application Services Proof of Concept

How-To Configure NetFlow v5 & v9 on Cisco Routers

WhatsUpGold. v NetFlow Monitor User Guide

SolarWinds Technical Reference

CHAPTER 1 WhatsUp Flow Monitor Overview. CHAPTER 2 Configuring WhatsUp Flow Monitor. CHAPTER 3 Navigating WhatsUp Flow Monitor

Network Traffic Analyzer

6.0. Getting Started Guide

Catalyst 6500/6000 Switches NetFlow Configuration and Troubleshooting

Configuring NetFlow Secure Event Logging (NSEL)

S&C IntelliTeam CNMS Communication Network Management System Table of Contents Overview Topology

LogLogic Cisco NetFlow Log Configuration Guide

NetFlow Subinterface Support

Using the Content Distribution Manager GUI

LAB THREE STATIC ROUTING

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

NetFlow v9 Export Format

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

How to Program a Commander or Scout to Connect to Pilot Software

Tue Apr 19 11:03:19 PDT 2005 by Andrew Gristina thanks to Luca Deri and the ntop team

I cannot find the answer to my problem in the manuals, what do I need to do?

Novell ZENworks Asset Management 7.5

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Flow Monitor for WhatsUp Gold v16.2 User Guide

NMS300 Network Management System

Configuring the MNLB Forwarding Agent

M2M Series Routers. Port Forwarding / DMZ Setup

Network Load Balancing

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Firewall VPN Router. Quick Installation Guide M73-APO09-380

INET1005 May 2009 Getting Started with MyUH

HP IMC User Behavior Auditor

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

The data between TC Monitor and remote devices is exchanged using HTTP protocol. Monitored devices operate either as server or client mode.

NetFlow Analytics for Splunk

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export

Managing User Security: Roles and Scopes

WebSphere Business Monitor V7.0 Business space dashboards

HDA Integration Guide. Help Desk Authority 9.0

Configuring Security for FTP Traffic

exacqvision Web Server Quick start Guide

Enabling and Monitoring NetFlow on Subinterfaces

Using the VCDS Application Monitoring Tool

SolarWinds Technical Reference

MyOra 3.0. User Guide. SQL Tool for Oracle. Jayam Systems, LLC

IBM Business Monitor V8.0 Global monitoring context lab

How do I use ProofPoint anti-spam software at the GC

Setting Up groov Mobile Apps. Introduction. Setting Up groov Mobile Apps. Using the ios Mobile App

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

Configure Cisco Unified Customer Voice Portal

Sampled NetFlow. Feature Overview. Benefits

Flow-Based per Port-Channel Load Balancing

Task Manager. Tasks. Starting Task Manager CHAPTER

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

NetBrain Security Guidance

SOS SO S O n O lin n e lin e Bac Ba kup cku ck p u USER MANUAL

Scan to Quick Setup Guide

Scrutinizer. Getting Started Guide. A message from Plixer International:

Manual Wireless Extender Setup Instructions. Before you start, there are two things you will need. 1. Laptop computer 2. Router s security key

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc.

Sophos UTM. Remote Access via IPsec Configuring Remote Client

Delegated Administration Quick Start

Multi-Homing Dual WAN Firewall Router

Cloudfinder for Office 365 User Guide. November 2013

LAB II: Securing The Data Path and Routing Infrastructure

Quick Start Guide.

QUICK START GUIDE MONDOPAD/WIN

Load testing with. WAPT Cloud. Quick Start Guide

Flow Monitor for WhatsUp Gold v16.1 User Guide

Dynamic DNS How-To Guide

Virtual Data Centre. User Guide

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

Application Notes for Configuring Dorado Software Redcell Enterprise Bundle using SNMP with Avaya Communication Manager - Issue 1.

Assets, Groups & Networks

System Administration and Log Management

WhatsUpGold. v15.0. Flow Monitor User Guide

Network performance monitoring. Performance Monitor Usage Guide

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

Chapter 8 Monitoring and Logging

Pandora FMS 3.0 Quick User's Guide: Network Monitoring. Pandora FMS 3.0 Quick User's Guide

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令

Netflow Overview. PacNOG 6 Nadi, Fiji

Workflow Automation Support and troubleshooting guide

Appendix A Remote Network Monitoring

Home Internet Filter User Guide

Barracuda Link Balancer Administrator s Guide

Deploying Riverbed Cascade and Steelheads. A Best Practices Whitepaper

Transcription:

NetFlow Auditor Manual Getting Started Setting up NetFlow Check if your Routers or Switches Supports NetFlow. Almost all Cisco devices support NetFlow since its introduction in the 11.1 train of Cisco IOS Software and because of this, NetFlow is most likely available in any devices in the network. Some caveats apply. Please check your Cisco documentation. ref: http://www.cisco.com/en/us/products/ps6601/products_white_paper0900aecd80406 232.shtml Device Cisco 800, 1700, 2600 Cisco 1800, 2800, 3800 Cisco 4500 Cisco 6500 Cisco7200, 7300, 7500 Cisco 7600 Cisco 10000, 12000, CRS-1 Supported Cisco 2900, 3500, 3660, 3750 No NetFlow commands quick start summary This quick start will help you with the commands but we strongly advise you read the NetFlow commands for NetFlow Auditor explained (http://digitoll.net/forum/viewtopic.php?f=42&t=50) to understand why the options below were chosen. General NetFlow commands: Enable on each interface (Except when using CEF with a NetFlow Daughter card)

* ip route-cache flow General Commands * ip cef * ip flow-export source Loopback0 * ip flow-export version [5/7/9] [peer-as origin-as] * ip flow-cache timeout inactive 15 * ip flow-cache timeout active 1 * ip flow ingress infer-fields * snmp-server ifindex persist * ip flow-export destination [DigiToll IP NetFlow Auditor IP] 2055 When running NetFlow on Cisco 7600 switches in native mode use Enable on each interface * ip route-cache flow * mls nde sender version 5 * mls flow ip interface-full * mls aging long 64 * ip flow-export source Loopback0 * ip flow-export version [5/7/9] * ip flow-export destination [DigiToll IP NetFlow Auditor IP] 2055 * snmp-server ifindex persist Software Platform Configuration The following is an example of a basic router configuration for NetFlow. NetFlow basic functionality is very easy to configure. NetFlow is configured on a per interface basis. When NetFlow is configured on the interface, IP packet flow information will be captured into the NetFlow cache. Also, the NetFlow data can be configured to export the NetFlow data to a collection server if a server is deployed. 1. Configuring the interface to capture flows into the NetFlow cache. CEF followed by NetFlow flow capture is configured on the interface Router(config)# ip cef Router(config)# interface ethernet 1/0. Router(config-if)# ip flow ingress Or Router(config-if)# ip route-cache flow Note: Either ip flow ingress or ip route-cache flow command can be used depending on the Cisco IOS Software version. Ip flow ingress is available in Cisco IOS Software Release 12.2(15)T or above. 2. This step is required if exporting the NetFlow cache to a reporting server. The version or format of the NetFlow export packet is chosen and then the destination IP address of

the export server. The 2055 is the default UDP port NetFlow Auditor server will use to receive the UDP export from the Cisco device. You can setup multiple Port numbers and is required when using NetFlow Auditor Enterprise or Telco versions. Router(config)# ip flow-export version [1 5 7 9] Router(config)# ip flow-export destination [DigiToll NetFlow Auditor IP] 2055 Ensure SNMP is enabled and you have secured it appropriately and that you have the SNMP community string and password available to configure NetFlow Auditor auto discovery. http://www.cisco.com/en/us/tech/tk648/tk362/technologies_tech_note09186a0080094aa 4.shtml Logging into Netflow Auditor The Netflow Auditor front end is a web application. You can enter it from any browser with an internet connection. To log into the Netflow Auditor front end: 1. Enter the following IP in you browser s address bar: http://{host-address}/digitoll/login.do NOTE: The {host-address} path is supplied by your Network Administrator. You will be presented with the Login screen. 2. Enter you Username and Password in the appropriate boxes. 3. Click [Login] to proceed. Successful login will send you to the Control Centre, Netflow Auditor s main screen. To load your license key. Click Configuration -> Administrator -> License

On selecting the License menu, the right side of the screen should look like the screenshot below. Note the screen is made up of two components, the top section is used to manipulate the data, you have at hand. The bottom section presents the data in a tabular form. The screen below is used to edit, find, and delete license details. Here the screen is in its default search mode, this can be seen in the image below. To search for the details of the license, you can press the Search button and enter criteria to search for a license. The table can be seen more clearly below. If this is the first time you are installing NetFlow Auditor delete the freeware license key. Click on the license key, click Delete and Confirm

In order to use NetFlow Auditor, you will need to have a valid license that can be verified by the program. To do this once you have received your license, you can load it into the program by simply pressing the Load button. Once the license is loaded, press the Apply Now button to finalise the procedure, you will then be prompted to press the Confirm button. The Netflow Auditor Main Screen

Navigation Pane The navigation pane allows you to navigate between the various Netflow Auditor features. Netflow Auditor s main features are represented by the following sections: Long-Term - produce pre-structured traffic analysis reports for: o The last month o The last year Real-Time - produce pre-structured traffic analysis reports for: o The last hour o The last week My Analytics - manage and configure previously saved custom reports. This includes: o One-off historical reports o Report templates for repetitive use o Scheduling the automatic production and delivery of these reports My Alerts - displays system alerts. These include: o Critical alerts (red column) o Warning alerts (yellow column) o Information alerts (green column) Configuration - define and configure the following: o Business Groups o Devices o Applications o Administrators

Toolbar The Toolbar provides the following options: Navigate to previously produced report Navigate to next produced report Drill down into the current report to reveal more details. Configure graph display. Navigate to the Filter screen, where you can fine-tune the current report or produce a new custom report. Save the current report for future production and delivery. Refresh the screen. Print the current report. Display Window You can toggle between different forms of display: view the report as a Timeline Graph display. view the report as a Stacked Timeline Graph display. view the report as a Bar Chart display. view the report as a 3D Bar Chart display. view the report as a Stacked Bar Chart display. view the report as a 3D Stacked Bar Chart display. view the report as a Pie Chart display. view the report as a 3D Pie Chart display.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information