SPAN and Mirror Port Monitoring



Similar documents
MAPI Acceleration. Exinda ExOS Version Exinda, Inc

Exinda How to Guide: SSL Acceleration

Exinda How to Guide: Virtual Appliance. Exinda ExOS Version Exinda, Inc

EXINDA NETWORKS. Deployment Topologies

Cisco 7940 How To. (c) Bicom Systems

Step by Step Bandwidth Management

Aastra 55i How To. (c) Bicom Systems

WatchManager Data Backup

Linksys SPA-941 How To. (c) Bicom Systems

UTM Quick Installation Guide

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Analyzing your network traffic using a onearmed

How To Configure Syslog over VPN

Enprise License Management. Online and Manual License Management. May Enprise Enprise Job

SSL-VPN 200 Getting Started Guide

Best Practices: Pass-Through w/bypass (Bridge Mode)

Riverbed Steelhead. Configure Hardware Client

Integration with IP Phones

Application Note Gigabit Ethernet Port Modes

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

IP Address and Pre-configuration Information

Using Cisco UC320W with Windows Small Business Server

Using IPsec VPN to provide communication between offices

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Silver Peak WAN Optimization Appliances. Network Deployment Guide. VXOA 6.2 March 2015 PN Rev L

Network Agent Quick Start

WAN Optimization. Riverbed Steelhead Appliances

Blue Coat Security First Steps Transparent Proxy Deployments

Installing and Using Wireshark for Capturing Network Traffic

Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM

Special Note Ethernet Connection Problems and Handling Methods (CS203 / CS468 / CS469)

TS2 VRack. User and Installation Manual

Application Note: GateManager Internet requirement and port settings

Cisco TelePresence VCR MSE 8220

Auditing UML Models. This booklet explains the Auditing feature of Enterprise Architect. Copyright Sparx Systems Pty Ltd

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Integration Guide. Zen Load Balancer Ubuntu/Microsoft Windows

NETFORT LANGUARDIAN INSTALLING LANGUARDIAN ON MICROSOFT HYPER V

ADTRAN SBC and Cisco Unified Call Manager SIP Trunk Interoperability

IPS Anti-Virus Configuration Example

Configuring a FortiGate unit as an L2TP/IPsec server

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

Starting a Management Session

Firewall Defaults and Some Basic Rules

Using SonicWALL NetExtender to Access FTP Servers

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

How To - Deploy Cyberoam in Gateway Mode

Using a USB 3.0 Dual Gigabit Ethernet Bypass Adapter with VMware vsphere for VXOA

Monitor Print Popup for Mac. Product Manual.

MS Skype for Business and Lync. Integration Guide

NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1)

Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1

LotWan Appliance User Guide USER GUIDE

If you re not using Citrix XenCenter 6.0, your screens may vary. Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0

Deploying Blue Coat and FireEye Inline with Gigamon

7 6.2 Windows Vista / Windows IP Address Syntax Mobile Port Windows Vista / Windows Apply Rules To Your Device

Clustering. Configuration Guide IPSO 6.2

VXOA AMI on Amazon Web Services

IP videoconferencing solution with ProCurve switches and Tandberg terminals

User Manual. Page 2 of 38

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG5 How-To Guide. Network Address Translation. July 2011 Revision 1.0

Blue Coat Systems. Reference Guide. WCCP Reference Guide. For SGOS 5.3

Blue Coat Systems. PacketShaper Redundant Setup

Technical Configuration Notes

Barracuda Link Balancer Administrator s Guide

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Blue Coat Systems. Reference Guide. WCCP Reference Guide. For SGOS

GVRP Overview. Overview

Cisco Collaboration with Microsoft Interoperability

Syslog Server Configuration on Wireless LAN Controllers (WLCs)

How To Use An Iboss For Free On A Network With A Network (Networking) On A Pc Or Mac Or Ipod On A Server (For A Pnet) On An Ipon (For Free) On Your Ipon On A

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

F-Secure Messaging Security Gateway. Deployment Guide

bintec Workshop IP Load Balancing Copyright November 8, 2005 Funkwerk Enterprise Communications GmbH Version 0.9

ADSP Infrastructure Management Compliance Audit. How-To Guide

Lab - Configure a Windows 7 Firewall

How To - Implement Clientless Single Sign On Authentication with Active Directory

Getting Started. Websense V10000 Appliance. v1.1

Flow Publisher v1.0 Getting Started Guide. Get started with WhatsUp Flow Publisher.

Efficient Video Distribution Networks with.multicast: IGMP Querier and PIM-DM

SonicWALL NAT Load Balancing

3CX Guide sip.orbtalk.co.uk

Application Notes. How to Configure Application Control for the UTM

Deploy the ExtraHop Discover Appliance with Hyper-V

e-builder Online User Assistance esignature Setup Guide

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

IPS Attack Protection Configuration Example

Deploying the Barracuda Link Balancer with Cisco ASA VPN Tunnels

Deploying Riverbed Cascade and Steelheads. A Best Practices Whitepaper

SuperLumin Nemesis. Administration Guide. February 2011

StarWind Virtual SAN Installation and Configuration of Hyper-Converged 2 Nodes with Hyper-V Cluster

Getting Started with PRTG Network Monitor 2012 Paessler AG

Application Note. IP8000 Conference Phone Configuration Guide. Table of Contents. Overview. Requirements. ST October 25, 2007

Dell One Identity Cloud Access Manager How to Configure for High Availability

Lab Configure Cisco IOS Firewall CBAC

Broadband Phone Gateway BPG510 Technical Users Guide

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

Transcription:

SPAN and Mirror Port Monitoring Exinda ExOS Version 6.3

2 SPAN and Mirror Port Monitoring Table of Contents Part I Introduction 4 1 Using... this Guide 4 2 Further... Reading 5 Part II Overview 7 Part III Configuring Mirror Port Mode 9 1 Configure... IP Settings 9 2 Configure... Network Objects 11 Part IV Monitoring Traffic 13

Part I

4 1 SPAN and Mirror Port Monitoring Introduction SPAN and Mirror Port Monitoring Exinda Firmware Version: 6.3 All rights reserved. No parts of this work may be reproduced in any form or by any means graphic, electronic, or mechanical, including photocopying, recording, taping, or information storage and retrieval systems - without the written permission of the publisher. Products that are referred to in this document may be either trademarks and/or registered trademarks of the respective owners. The publisher and the author make no claim to these trademarks. While every precaution has been taken in the preparation of this document, the publisher and the author assume no responsibility for errors or omissions, or for damages resulting from the use of information contained in this document or from the use of programs and source code that may accompany it. In no event shall the publisher and the author be liable for any loss of profit or any other commercial damage caused or alleged to have been caused directly or indirectly by this document. 1.1 Using this Guide Throughout the manual the following text styles are used to highlight important points: Useful features, hints and important issues are called "notes" and they are identified in a light blue background. Note: This is a note. Practical examples are presented throughout the manual for deeper understanding of specific concepts. These are called "examples" and are identified with a light green background. This is an example. Warnings that can cause damage to the device are included when necessary. These are indicated by the word "caution" and are highlighted in yellow. Caution: This is a caution.

Introduction 1.2 5 Further Reading In addition to this How to Guide, the following relevant user documentation is available and should be read in conjunction with this guide: Exinda User Manual Exinda Topologies Guide Please visit http://www.exinda.com for more information.

Part II

Overview 2 7 Overview The Exinda appliance can operate out-of-path (e.g. ON-LAN mode) with any hub or switch (that supports port mirroring or SPAN ports). This topology is used when customers need to monitor only, without installing the Exinda in in-line mode. The Exinda will monitor and report on all applications presented on the SPAN/ mirror port. This is regularly used to perform network audits as it provides great flexibility in restricted and complex network environments. Figure 1: Topology diagram showing how to cable MGMT and Mirrorports for Mirror/SPAN port monitoring.

Part III

Configuring Mirror Port Mode 3 9 Configuring Mirror Port Mode To enable Mirror/SPAN port monitoring, you will first need to configure a switch port to mirror traffic to. Typically, the WAN port on the core switch is configured to mirror traffic to an unused port, which is cabled to the Exinda appliance. Alternatively, a network hub can be deployed in-path, and the Exinda appliance can be caballed directly to the hub (since a hub, by design, mirrors all traffic to all ports). Any port not enslaved to a bridge or in use for another function (e.g. Cluster or WCCP) may be used to receive mirror port or SPAN port traffic. 3.1 Configure IP Settings To enable Mirror/SPAN port monitoring, navigate to the System Network IP Address page on the Web UI, advanced mode. Here, you will see all bridged and unbridged interfaces. Above each unbridged interface there are a number of checkbox's which show the Roles assigned to an interface. To use an interface as a Mirror port, check the Mirror box and then click on Apply Changes. The selected interface will now accept Mirror/SPAN traffic.

10 SPAN and Mirror Port Monitoring Figure 2: Web UI form showing where to enable Mirror/SPAN port monitoring. The following commands can be executed from the CLI in order to enable or disable Mirror/ SPAN port monitoring on an interface. > en # con t (config) # mirror interface <inf>

Configuring Mirror Port Mode 11 (config) # no mirror interface <inf> 3.2 Configure Network Objects In order for the Exinda appliance to determine traffic direction, all internal subnets need to be defined as internal Network Objects. Navigate to the Objects Network Objects page and ensure all internal subnets are defined as internal Network Objects. The Exinda appliance will determine packet direction based on the following rules: Rule Result Packet's source IP matches an Internal Network Object AND Packet's destination IP DOES NOT match an Internal Network Object Packet is monitored and classified as outbound. Packet's source IP DOES NOT match an Internal Network Object AND Packet's destination IP matches an Internal Network Object Packet is monitored and classified as inbound. Packet's source IP matches an Internal Network Object AND Packet's destination IP matches an Internal Network Object Packet is not monitored. Packet's source IP DOES NOT match an Internal Network Object AND Packet's destination IP DOES NOT match an Internal Network Object Packet is not monitored. Table 2: Packet processing rules for Mirror/SPAN traffic received on the Exinda appliance. Note: The "Ignore Internal-to-Internal" setting has no effect in Mirror/SPAN port monitoring mode.

Part IV

Monitoring Traffic 4 13 Monitoring Traffic Once Mirror/SPAN monitoring is enabled and the appropriate Internal Network Objects have been defined, the Exinda appliance will monitor traffic received on the Mirror/SPAN receiving port as if it were in-line. The only exception is the Interface Reports will be blank, because the Exinda appliance has no concept of packet direction at the Interface level.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information