Integración de la tecnología de Red NETFLOW


ServicePilot network-netflow


# Network NetFlow

Overview

This package is designed to summarize NetFlow statistics collected for a single interface, in order to identify any suspicious host or application activity on the specified interface.

Description

The network-netflow package, based on collection made by the ServicePilot Agent, gets aggregated statistics for network flows. The ServicePilot Agent can collect NetFlow (v5, v9), sFlow or Jflow.

Aggregated statistics are provided for each monitored interface: Conversations, Bytes In/Out, Packets In/Out. These are calculated by summing all of the received flow packets for an interface. Depending on the flow protocol used, these values will either be representative of the total traffic passed through the interface or only representative of the samples that the flow protocol takes from the interface.

The ServicePilot Agent summarizes the flow data received to keep only the top 10 flows (conversations between the same IP addresses and port numbers) by volume of data transferred per minute. These conversations details are stored in a specific collection "IP Flow" in order to provide advanced dashboards presenting the top consumers of bandwidth by host and application per interface monitored.

Requirements

  • NetFlow Collection must be configured and started on each NetFlow router.

  • Network Flows

    • It is necessary to ensure network connectivity between ServicePilot and the monitored device. In case of a network infrastructure with a firewall, the following flows must be opened:

    • UDP/2055 (NetFlow): Between NetFlow Router and ServicePilot Agent

  • ServicePilot Requirements

    • ServicePilot Manager minimum version: 8.5
    • ServicePilot Agent minimum version: 8.5 installed and configured

Installation

Before adding a resource to monitor, make certain that all pre-requisites are in place and that ServicePilot Agent is communicating correctly with the ServicePilot Manager. Resources can be added to ServicePilot configuration using Views Configuration web interface

  1. As an administrative user of ServicePilot, open the ServicePilot web interface.
  2. Navigate to Administration. The Configuration > Views web page will open.
  3. Click on the view in which to place the new resource in the Views hierarchy on the left of the interface. The View editor section will show the existing view contents.
  4. From the Packages list on the right of the interface, click and drag the network-netflow package into the View editor and let go.
  5. The Resource properties dialog box will open to allow resource configuration.
  6. Click OK to close the Resource properties dialog box. Note that the dialog box will not close if required parameters are not set.
  7. Click Save to apply the new resource to ServicePilot configuration.
  8. Check if the object has been created in your map and that indicators are populated after a few minutes.

License

Object TypeLicense object ConsumedCondition
NetFlow Interface1

This package will also consume data in the IP Flow collection (Bytes/day part of the license).

Key field notes

  1. In the Policies tab, specify the policy or policies to apply to the resource
  2. Basic Parameters tab:
    1. Source IP address Router or Switch IP address, sending flow records.
    2. Source interface index: SNMP table index of the interface to monitor.
  3. Interface Speed Parameters tab:
    1. Speed In (bps): The incoming interface speed in bps used to enable in load calculation.
    2. Speed Out (bps): The outgoing interface speed in bps used to enable out load calculation.
  4. Agent access tab:
    1. Agent URL: Provide a link to the ServicePilot Agent Netflow live traffic web page. This link will be made available in the against the Netflow object in the ServicePilot Manager web interface.
Red NETFLOW 0

Red NETFLOW 1

Red NETFLOW 2

Red NETFLOW 3

Red NETFLOW 4

Red NETFLOW 5

Red NETFLOW 6

Red NETFLOW 7

Red NETFLOW 8

Red NETFLOW 9

Red NETFLOW 10


Podemos ayudarte

O llámenos a +33 2 40 60 13 30