ebook img

Configuring SolarWinds NetFlow Traffic Analyzer - Lifeboat PDF

280 Pages·2014·3.39 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Configuring SolarWinds NetFlow Traffic Analyzer - Lifeboat

Copyright©1995-2014SolarWindsWorldwide,LLC.Allrightsreservedworldwide.Nopartofthis documentmaybereproducedbyanymeansnormodified,decompiled,disassembled,publishedor distributed,inwholeorinpart,ortranslatedtoanyelectronicmediumorothermeanswithoutthe writtenconsentofSolarWinds.Allright,title,andinterestinandtothesoftwareanddocumentation areandshallremaintheexclusivepropertyofSolarWindsanditsrespectivelicensors. SOLARWINDSDISCLAIMSALLWARRANTIES,CONDITIONSOROTHERTERMS,EXPRESS ORIMPLIED,STATUTORYOROTHERWISE,ONSOFTWAREANDDOCUMENTATION FURNISHEDHEREUNDERINCLUDINGWITHOUTLIMITATIONTHEWARRANTIESOF DESIGN,MERCHANTABILITYORFITNESSFORAPARTICULARPURPOSE,AND NONINFRINGEMENT.INNOEVENTSHALLSOLARWINDS,ITSSUPPLIERS,NORITS LICENSORSBELIABLEFORANYDAMAGES,WHETHERARISINGINTORT,CONTRACTOR ANYOTHERLEGALTHEORYEVENIFSOLARWINDSHASBEENADVISEDOFTHE POSSIBILITYOFSUCHDAMAGES. TheSolarWinds,theSolarWinds&Design,ipMonitor,LANsurveyor,Orion,andotherSolarWinds marks,identifiedontheSolarWindswebsite,asupdatedfromSolarWindsfromtimetotimeand incorporatedherein,areregisteredwiththeU.S.PatentandTrademarkOfficeandmayberegistered orpendingregistrationinothercountries.AllotherSolarWindstrademarksmaybecommonlaw marksorregisteredorpendingregistrationintheUnitedStatesorinothercountries.Allother trademarksorregisteredtrademarkscontainedand/ormentionedhereinareusedforidentification purposesonlyandmaybetrademarksorregisteredtrademarksoftheirrespectivecompanies. Microsoft®,Windows®,andSQLServer®areregisteredtrademarksofMicrosoftCorporationinthe UnitedStatesand/orothercountries. SolarWindsNetFlowTrafficAnalyzer4.0.3 Documentrevised:7/8/2014 Table of Contents Chapter1:Introduction 12 WhyInstall NTA 12 How NTA Works 13 WhyUse NTA 14 What’snew in NTA 4.0 17 NTA Flow Storage Database 17 More DeploymentOptions 18 Migration 18 Hostand Domain Names 18 Update Operations 19 Chapter2:Installing SolarWinds NetFlowTraffic Analyzer 22 Licensing SolarWindsNetFlow TrafficAnalyzer 22 NTA Requirements 23 NTA Polling Engine Requirements 23 NTA Flow Storage Database Requirements 24 PortRequirements 25 Virtual Machine Requirements 26 NTA Flow Requirements 26 Required Fields 27 Sampled Flow Supported Fields 28 AutonomousSystemsRequirements 29 NTA 4.0 DeploymentOptions 30 Installing a Localized Version ofNTA 31 Installing NTA 4.0 and NTA Flow Storage Database Locally 32 Installing NTA and Remote NTA Flow Storage Database 33 3 NTA AdministratorGuide Installing NTA on a 32-BitOperating System 34 Installing Additional Pollersand Web Consoles 35 Installing NTA 36 Completing the Configuration Wizard 37 Installing NTA Flow Storage Database 39 Configuring Remote NTA Flow Storage Database 40 Upgrading NTA 41 Upgrade Pathsand Compatibility 41 Upgrade Steps 42 Database Migration 45 Moving the NTA Flow Storage Database 47 Uninstalling NTA 50 Chapter3:Configuring SolarWinds NetFlowTraffic Analyzer 51 Configuring NetFlow ManagementSettings 51 Adding Flow-Enabled Devicesand Interfaces 52 Configuring Flow Sourcesand CBQoS Devices 53 Enabling the AutomaticAddition ofFlow Sources 54 Enabling Flow Monitoring fromUnmanaged Interfaces 54 CBQoS Polling Settings 56 Adding Flow Sourcesand CBQoS-Enabled Devices 56 Deleting Flow Sourcesand CBQoS-Enabled Devices 58 Configuring Monitored Portsand Applications 59 Configuring Data Retention forFlowson Unmonitored Ports 61 Enabling/Disabling Monitoring forPortsorApplications 61 Adding PortsorApplications 63 Editing PortsorApplications 63 Deleting PortsorApplications 64 Selecting IP AddressGroupsforMonitoring 64 Selecting IP Rangesto Be Monitored 65 Adding a New IP AddressorIP AddressGroup 66 Editing IP AddressesorIP AddressGroups 66 4 Table ofContents Deleting IP AddressorIP AddressGroups 67 Configuring NetFlow CollectorServicesPorts 67 Configuring Protocol Monitoring 68 Configuring NetFlow TypesofServices 69 Configuring Top TalkerOptimization 70 Configuring DNS and NetBIOS Resolution 71 Enabling NetBIOS Resolution 71 DNS Resolution Optionsin NTA 72 How DoesDefaultDNS Resolution Workin NTA? 73 Configuring DNS Resolution 74 Configuring IP AddressProcessing 74 Configuring Database Settings 75 Database Maintenance 76 Compression And Aggregation Settingsin NTA 78 Configuring NTA Flow Storage Database Backups 79 BestPractices 79 Scheduling RegularBackups 81 Backing up the NTA Flow Storage Database Manually 81 Specifying Backup FoldersForNTA Flow Storage Database 82 Restoring Backups 83 Configuring Charting and Graphing Settings 84 Enabling Progressive Charting 84 Configuring Percentage Type forTop XX Lists 85 Top XX ListResource Percentages 85 Configuring Area ChartsDisplayUnits 87 Configuring Resource DefaultTime Periods 88 Configuring the NTA View Refresh Rate 88 Optimizing Performance ofNTA 89 Configuring On Demand DNS resolution 90 Limiting Flow CollectionsTo Top Talkers 90 Limiting the Data Retention Period forthe Orion SQL Database 91 5 NTA AdministratorGuide Setting Retention Period forNTA Flow Storage Database 92 Adjusting Data Aggregation Settings 93 Chapter4:Viewing NetFlowTraffic AnalyzerData in the Orion Web Console 96 Editing Resources 97 Working with Charts 97 Pie Charts 98 Area Charts 102 Customizing Charts 107 Selecting ClassicorInteractive Charts 108 Customizing Resourcesforthe CurrentSession 110 Customizing Interactive Charts 111 Customizing ClassicCharts 113 Customizing Views 115 Enabling the NetFlow TrafficAnalysisSummaryView 115 Creating New Views 116 Creating CustomViewswith the Flow Navigator 117 Adding NetFlow Resourcesto Web Console Views 123 Adding an EndpointCentricResource 124 Configuring View Limitations 125 Editing Views 125 Editing Time SettingsforViews 127 Editing Flow Direction in Views 128 Copying Views 128 Deleting Views 129 Deleting a Filtered View 129 ViewsbyDevice Type 129 Monitoring TrafficFlow Directions 130 Setting Flow Direction 131 Viewing Class-Based QualityofService (CBQoS)Data 132 Chapter5:Working with NTA 136 Implementing and Monitoring CBQoS Policies 136 6 Table ofContents Using NTA to Prepare a CBQoS Implementation 136 DynamicallyMonitoring CBQoS 139 Monitoring AutonomousSystemNetworks(through BGP) 141 Preparing to MonitorAutonomousSystemNetworks 141 Managing AutonomousSystemNetworks 145 Monitoring AutonomousSystemNetworks 147 Top XX AutonomousSystems 147 Top XX AutonomousSystemConversations 148 Finding the Cause ofHigh Bandwidth Utilization 148 Tracking TrafficbySite 149 Performing an Immediate Hostname Lookup 154 Interacting with the thwackUserCommunity 154 UserScenarios 154 Locating and Isolating an Infected Computer 155 Locating and Blocking Unwanted Use 156 Recognizing and Thwarting Denial ofService Attacks 157 Chapter6:Troubleshooting NetFlowTraffic Analyzer 158 NetFlow CollectorServices 158 Editing orAdding Collection Ports 159 Deleting Collectors 159 Troubleshooting CollectorServices 160 NetFlow Sources 161 NTA Events 162 Filtering Eventsand Displaying Historical Events 164 Clearing Events 167 NetFlow EventsList 168 NetFlow ReceiverService Stopped 168 License Limitation 168 No Valid License 168 No Space LeftOn NTA Flow Storage Database 168 Invalid Template 169 7 NTA AdministratorGuide Invalid IPFIX Template 169 No Template Received 169 NotEnabled NetFlow Data Export 170 NetFlow Time Difference Error 170 Unmanaged NetFlow Node 170 Unmanaged NetFlow Interface 171 Unmonitored NetFlow Interface 171 NotPrimaryNPMNode IP Address 171 Running OutOfSpace NTA Flow Storage Database 172 Unmonitored Interface AutomaticallyAdded 172 NetFlow Time Difference Warning 172 NetFlow Time Difference Warning Ended 173 NetFlow ReceiverService Started 173 NetFlow ReceiverService SettingsChanged 173 NetFlow Event:Interface IndexMapping Used forA Node 173 NetFlow Event:Removing Interface IndexForA Node 173 NetFlow Database Maintenance 173 Scheduled ShrinkPerformed 174 Updating Data To Be Used In Top XX Aggregated Resources 174 WindowsFirewall IsTurned On 174 NetFlow Licensing 174 Unable To StartListening On Port 175 PortIsFree Listening 175 Notification EventStatusReset 175 Enough Space Available On NTA Flow Storage Database 175 Resolving Unknown Traffic 176 Enabling Flow Monitoring fromUnmanageable Interfaces 178 Unmanageable Interface Speed 179 Chapter7:NetFlowTraffic AnalyzerReports 180 Reportsin NTA 4.0 180 Managing Reports 181 8 Table ofContents Printing Reports 181 Scheduling Reports 181 Using CustomPropertiesforCreating Reports 182 ReportWriterReports 182 Web-Based Reports 182 Using Customized ReportWriterReportsin the Orion Web Console 183 NetFlow-SpecificPredefined Reports 184 Historical NetFlow Reports 184 Historical CBQoS Reports 186 Executing Reports 187 Creating Web-Based ReportsforNTA 188 Creating Web-Based ReportsUsing SWQL 190 Editing Web-Based Reports 192 Example:Creating Customized ReportWriterReportsasWeb-Based 200 Defining the Objectto ReportOn 203 Defining Column Detailsforthe Report 206 Chapter8:Using NTA Advanced Alerts 210 NetFlow-SpecificPredefined Alerts 210 Top TalkerAlerts 210 CBQoS Alerts 211 Configuring NetFlow Advanced Alerts 212 Using Orion Advanced Alerts 214 Creating and Configuring Advanced Alerts 215 Creating a New Advanced Alert 216 Naming,Describing,and Enabling an Advanced Alert 217 Setting a TriggerCondition foran Advanced Alert 218 Setting a ResetCondition foran Advanced Alert 221 Setting Suppression foran Advanced Alert 223 Setting the Monitoring Period foran Advanced Alert 224 Setting a TriggerAction foran Advanced Alert 225 Setting a ResetAction foran Advanced Alert 226 9 NTA AdministratorGuide AlertEscalation 226 Understanding Condition Groups 227 Using the Advanced AlertManager 228 Adding Advanced AlertActions 232 Available Advanced AlertActions 232 Sending an E-mail/Page 233 Playing a Sound 234 Logging an Advanced Alertto a File 235 Logging an Advanced Alertto the WindowsEventLog 237 Logging an Advanced Alertto the NetPerfMon EventLog 238 Sending a Syslog Message 239 Executing an External Program 240 Executing a Visual BasicScript 241 Emailing a Web Page 242 Using Textto Speech Output 243 Sending a WindowsNetMessage 244 Sending an SNMP Trap 245 Using GET orPOST URL Functions 246 Dial Paging orSMS Service 247 Testing AlertActions 247 Viewing Alertsin the Orion Web Console 249 Acknowledging Advanced Alertsin the Web Console 249 Escalated Advanced Alerts 250 Escalated AlertExample 250 Creating a SeriesofEscalated Alerts 251 Viewing AlertsfromMobile Devices 254 Appendix A:Managing Software Licenses 255 Activating YourNTA License 255 Activating an NTA Evaluation License 255 Activating an NTA License with InternetAccess 256 Activating an NTA License withoutInternetAccess 256 10

Description:
Jul 8, 2014 are and shall remain the exclusive property of SolarWinds and its Best Practices. 79 .. Note: NPM uses SNMP to monitor your network.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.