manualshive.com logo in svg

3Com Traffix Transcend Traffix Manager, User Manual

Share
Download
3Com Traffix Transcend Traffix Manager User Manual Download Page 79

Using Event Rules

79

The Map can provide you with immediate information about which 
devices have been using particular servers. 

Detecting Unauthorized Servers

You can use the Detect Network Sweep Attack rule to spot users creating 
unauthorized servers on the network. For example, you can detect 
unauthorized FTP servers by creating a rule which detects FTP traffic on 
the network, but which ignores traffic to and from known FTP servers.

Monitoring WAN

Links and Backbone

Links

Monitoring Congestion on WAN Links

You can configure a Monitor Critical Connections event rule to inform 
you when a link is becoming congested. You can either set an absolute 
threshold at a level of traffic which you think is acceptable on the link, or 
you can use the event rule to tell you when traffic levels on the link 
change significantly. A Connection Activity report can be used to give you 
regular information on the activity of a link. See 

“Connection Activity 

Report”

 on 

page 100

 for more information.

Monitoring Single Devices Which are Overusing the Capacity of a 
Link

You can configure a Monitor Network Resource Usage event rule to tell 
you when one device is using a lot of bandwidth on a link. Similar 
information can be obtained on a regular basis using a Top N 
Connections report. See 

“Top N Connections Report”

 on 

page 105

 for 

more information.

Detecting Network Misuse

Sometimes congestion on a link can be caused by misuse. You can 
configure a Detect Network Misuse event rule to spot users using a WAN 
link for Web traffic during working hours. 

For example, if you know that a connection should only be used for Lotus 
Notes traffic then you could configure a Detect Network Misuse rule to 
spot any 

application

 except Notes. See 

Chapter 4

“Grouping Network 

Devices in the Map”

 for more information about applications.

If you have a network with multiple servers in different sites, you can 
configure a Detect Unauthorized Machine Access rule to make sure 
people access their local server rather than accessing a server across a 
WAN link.

Summary of Contents for Traffix Transcend Traffix Manager

Page 1: ... http www 3com com Transcend Traffix Manager User Guide Software version 3 0 for Windows NT Part No 09 1825 000 Published August 1999 ...

Page 2: ...d developed solely at private expense Software is delivered as Commercial Computer Software as defined in DFARS 252 227 7014 June 1995 or as a commercial item as defined in FAR 2 101 a and as such is provided with only such rights as are provided in 3Com s standard commercial license for the Software Technical data is provided with limited rights only as provided in DFAR 252 227 7015 Nov 1995 or F...

Page 3: ...G STARTED WITH TRAFFIX MANAGER 1 TRAFFIX MANAGER OVERVIEW What to Read First 19 Features of Traffix Manager 20 How Does Traffix Manager Work 21 Strategy for New Users 23 2 LAUNCHING TRAFFIX MANAGER FOR THE FIRST TIME Installing RMON Agents on Your Network 25 Launching the Traffix Manager Server 26 Launching the Traffix Manager Client 26 Stopping Traffix Manager 28 About the Main Window 28 Grouping...

Page 4: ... Groupings 43 Creating and Assigning Attributes 44 Creating Groups and Ordering Attributes 45 PART III RUNNING TRAFFIX MANAGER 5 LAUNCHING TRAFFIX MANAGER AFTER THE FIRST TIME Launching the Traffix Manager Server 49 Launching a Traffix Manager Client 49 Client Access Levels 50 6 CONFIGURING AGENTS FOR DATA COLLECTION Supported RMON Agents and Interfaces 51 Finding Agents for Data Collection 52 Con...

Page 5: ...n 61 Removing and Hiding Traffic 61 Protocols Applications and Favorites 61 Protocol Tools 62 User defined Protocols 62 Device Aggregation 64 8 DISPLAYING TRAFFIC IN GRAPHS Overview 65 Using the Graph Panel 66 Using the Launch Graph Dialog Box 67 Graph Settings 69 9 USING EVENT RULES Overview 71 Predefined Event Rules 72 Examples of Event Rules 73 Security Event Rules 73 Traffic Event Rules 74 Con...

Page 6: ...ERVIEW OF REPORTING Overview 89 Types of Report 89 Report Instances 90 Output 90 Periods Covered by Reports 90 Managing Reports 92 Creating Editing and Deleting Reports 93 Scheduling Reports 94 Rescheduling Reports and Running Ad Hoc Reports 94 Managing Raw Data and Report Output 94 Setting Output Options 95 Viewing HTML Output 95 Monitoring Report Generation and Output 96 Setting the Lifetime of ...

Page 7: ...ESHOOTING TRAFFIX MANAGER Troubleshooting Traffix Manager 115 Troubleshooting Reports 116 Diagnosing Reporting Problems 116 B DATABASE MANAGEMENT USING TRAFFIX CONTROL PANEL Overview of Traffix Control Panel 121 Overview of Database Applications 122 Database Setup 122 Database Maintenance 123 Subnets Editor 125 Attribute Lookup 125 DHCP Setup 125 Startup Options 125 Default DNS Domain 126 Upgradin...

Page 8: ... 140 Using the fileattrs Program 140 Configuration File Format 140 Running fileattrs 141 How fileattrs Works 141 Using the dblookup Program 142 Lookup Database Structure 142 Default Values 143 Access Database 143 Excel Worksheet 144 Excel Workbook 144 Running dblookup 144 How dblookup Works 144 Writing your own program 145 Structure of an Attribute Lookup Program 145 Writing and Building Your Own ...

Page 9: ... 1 AGENTS Monitoring Network Segments Using RMON 1 Agents 159 J RMON AND SNMP TABLES RETRIEVAL SNMP Tables used by Traffix Manager 161 K TECHNICAL SUPPORT Online Technical Services 163 World Wide Web Site 163 3Com Knowledgebase Web Services 163 3Com FTP Site 164 3Com Bulletin Board Service 164 3Com Facts Automated Fax Service 165 Support from Your Network Supplier 165 Support from 3Com 165 Returni...

Page 10: ......

Page 11: ...llow the instructions in the release notes Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format PDF or HTML on the 3Com World Wide Web site http support 3com com infodeli tools netmgt How To Use The Traffix Manager Documentation Table 1 shows where to find information in the Traffix Manager User Guide and Online Help Table 1 Where to find specific infor...

Page 12: ...ix Manager and a guide to interpreting the charts in generated reports Chapter 12 Procedures for troubleshooting Traffix Manager process and agent problems Appendix A Procedures for troubleshooting reporting problems Appendix A Procedures for managing the Traffix Manager database using the Traffix Control Panel Appendix B Procedures for aggregating traffic and filtering data Appendix C Information...

Page 13: ... appears on the screen Syntax The word syntax means that you must evaluate the syntax provided and then supply the appropriate values for the placeholders that appear in angle brackets Example To enable RIPIP use the following syntax SETDefault port RIPIP CONTrol Listen In this example you must supply a port number for port Commands The word command means that you must enter the command exactly as...

Page 14: ...om infodeli tools netmgt traffix family htm Transcend Management Software Network Troubleshooting Guide at http support 3com com infodeli tools netmgt tncsunix family htm Web Sites RMON 1 RMON 2 RMON 1 and RMON 2 Backgrounder http www 3com com nsc 501305 html RMON 1 Request for Comment http www it kth se docs rfc rfcs rfc1757 txt RMON 2 Request for Comment http www it kth se docs rfc rfcs rfc2021 ...

Page 15: ... Database http www cforc com cwk net manage cgi Documentation Comments Your suggestions are very important to us They will help make our documentation more useful to you Please e mail comments about this document to 3Com at pddtechpubs_comments 3com com Please include the following information when commenting Document title Document part number on the title page Page number if appropriate Example ...

Page 16: ...16 ABOUT THIS GUIDE Year 2000 Compliance For information on Year 2000 compliance and 3Com products visit the 3Com Year 2000 Web page http www 3com com products yr2000 html ...

Page 17: ...I GETTING STARTED WITH TRAFFIX MANAGER Chapter 1 Traffix Manager Overview Chapter 2 Launching Traffix Manager for the First Time ...

Page 18: ......

Page 19: ...to understand How Traffix Manager can facilitate network monitoring and administration How to start using Traffix Manager How to launch Traffix Manager for the first time and subsequently What you will see displayed in the main window when you launch Traffix Manager How Traffix Manager works and how to use it to collect data from your network From Chapter 6 onwards the guide contains concepts for ...

Page 20: ...out conversations servers and other devices on the network You can access historical information to help you make informed decisions regarding resource utilization capacity planning and network growth Generation of traffic events Once data collection from your network has begun you can build up a picture of typical network usage You can then specify rules to monitor unusual events on your network ...

Page 21: ...abase for Storage Traffix Manager has a relational database as its core data repository enabling easy management of large quantities of data collected from several monitoring points How Does Traffix Manager Work Traffix Manager is a client server application The Traffix Manager server periodically polls RMON 1 and RMON 2 agents on your network for data about conversations between devices See RMON ...

Page 22: ...ed data or to configure the operation of the Traffix Manager server The collected data can be viewed as traffic conversations on the Map in various charts or in one of the various reports See About the Main Window on page 28 for more information about the Map Network management station Printer Printers Workstations Servers Network Traffix Manager server processes the collected data Dedicated embed...

Page 23: ...being communicated with for example World Wide Web WWW sites Over a few weeks you can regularly view Traffix Manager reports to get a feel for the normal and peak traffic rates on your network At that point you can Specify rules defined by your use of Traffix Manager to generate exception events See Chapter 9 Using Event Rules for more information Combine groups of low priority devices on your net...

Page 24: ...24 CHAPTER 1 TRAFFIX MANAGER OVERVIEW ...

Page 25: ... Agents on Your Network Before you can launch Traffix Manager you need to have at least one RMON agent installed on your network to collect traffic data See Chapter 8 of the Transcend NCS Network Administration Guide for information on how to deploy RMON agents on your network The TNCS Network Administration Guide is available from the 3Com web site http support 3com com infodeli tools netmgt tncs...

Page 26: ...ent select Programs from the Start menu and open the directory in which you installed the client The default path is Start Programs Transcend Traffix Manager Transcend Traffix Manager v3 0 Client The first time that you start the Traffix Manager client after installation you will be automatically logged in as the Traffix Manager Administrator to give you the rights to configure Traffix Manager See...

Page 27: ... When you choose to aggregate devices on your network by default any devices within your local network will be kept in detail and not aggregated See Appendix C Aggregating Devices for more information Once you have specified your local network the startup wizard automatically finds RMON 2 agents within a given range of addresses or uses the subnet address of the management station See RMON Overvie...

Page 28: ... server click Stop Server in the Traffix Control Panel Stopping the server will exit all clients About the Main Window In the main window of Traffix Manager you can view both a tree and a graphical representation of the objects devices and groups of devices in your network and the traffic between them The main window is divided into three main parts Object List Contains a hierarchical tree of the ...

Page 29: ...jects in the Object List only To collapse a group click the minus sign next to the group Main Window Reference This section contains a quick reference guide to the menu options in the main window Table 4 Traffix Manager Main Window Menu Options Menu Option Function File Load Traffic Launches the Load Traffic dialog box from which you can specify a time range of data to load into the client User Au...

Page 30: ...en specific groups Traffic must be loaded first Remove Connections Between Removes traffic connections between selected objects on the Map Remove All Connections Removes all traffic connections on the Map regardless of what is selected Show Mapped Connections Toggle Shows or hides connections on the Map Use to view groupings which are hidden by connection lines If connections are shown a tick appe...

Page 31: ...hich you can download firmware to agents change the mode of agents and reboot agents Aggregation Launches the Aggregation dialog box from which you can specify the aggregation policy Database Size Launches the Database Size dialog box which shows how much disk space the database is using Events Event Rules Launches the Event Rules dialog box from which you can add edit and enable disable event rul...

Page 32: ...Window for detailed information on working with objects in the main window Index Launches online help with the Index tab selected About Launches the About Traffix Manager screen giving the version name and numbers of the application Table 4 Traffix Manager Main Window Menu Options continued Menu Option Function ...

Page 33: ...II HOW TRAFFIX MANAGER WORKS Chapter 3 Collecting Data Chapter 4 Grouping Network Devices in the Map ...

Page 34: ......

Page 35: ...Traffix Manager Processes Collected Data Traffix Manager collects and correlates data from stand alone and embedded RMON 1 and RMON 2 agents from both 3Com and other vendors This data provides a complete picture of enterprise network traffic for performance management and trend analysis At scheduled intervals Traffix Manager s Collector process uploads the collected traffic data processes the cont...

Page 36: ... Graphs The contents of the relational database can be retrieved by the Map and Reporter processes The Map retrieves data for a given period and displays it graphically You can manipulate the display grouping network devices and filtering traffic to view your network in any way you want See Chapter 4 Grouping Network Devices in the Map for more information The Reporter uses the same data to genera...

Page 37: ...n then transfer it on command to an analysis site RMON agents have the following benefits They improve the efficiency of staff by allowing them to remain in a centralized site while collecting information from widely dispersed LAN segments They can continuously monitor and collect information and deliver it before problems occur allowing you to take a proactive approach to managing your network Ea...

Page 38: ... devices and the traffic flowing between them including network layer addresses and protocols seen This information is then retrieved by Traffix Manager and is used to build a graphical topology of your network the Traffix Manager Map and to compile a list of active devices on your network As a result of the RMON 2 method of discovering devices you may see more than one object corresponding to the...

Page 39: ...ta further by selecting which protocols to display You can then view traffic connections using these specified protocols only When used with the reporting tools in Traffix Manager you can monitor and document the use of the network by selected groups and distribute this information as and where needed See Chapter 11 Overview of Reporting for further information Using the events functionality in Tr...

Page 40: ...tributes in Traffix Manager that you can use to create your own groupings For these predefined attributes values are usually assigned automatically as each device is discovered You cannot delete a predefined attribute or change its name Table 5 Predefined Attributes Name Description Name DNS Name or Network Layer address NL Type Network Layer protocol NL Addr Network Layer IP address Network Proto...

Page 41: ...dir TraffixServer config vendor map DNS Layer 1 The top level of the DNS naming scheme for example com DNS Layer 2 DNS Layer 3 DNS Layer 8 Lower levels of the DNS naming scheme Non IP devices do not have DNS Layer attributes assigned IP devices will only have DNS Layer attributes assigned if the following criteria are met Domain Name System DNS is implemented at your site DNS name lookup is enable...

Page 42: ... by a router Figure 4 Observed Network Devices If Device A communicates with Device B the agent interface on LAN2 records an entry for both devices and both devices appear in the database However although Device B has a MAC address associated with it in the database Device A does not Because the conversation is taking place across a router Traffix Manager is not able to associate Device A with the...

Page 43: ... in a higher level assigned group instead Predefined Groupings There are four predefined groupings in Traffix Manager DNS Devices are grouped according to their DNS name This grouping is made up of the predefined attributes Network Layer Type for example IP IPX DECNet ATALK and DNS Layer 1 through DNS Layer 8 See Table 5 for more information about these attributes Type and Network Devices are grou...

Page 44: ...d by a given physical device This grouping is made up of the MAC Address attribute and the NL Type attribute See Table 5 for more information about these attributes Vendor and MAC This grouping is useful for identifying devices from different vendors It is made up of the Vendor attribute and the MAC Address attribute See Table 5 for more information about these attributes Creating and Assigning At...

Page 45: ...t are loaded into the Map You can choose to list the attributes for any grouping You cannot delete an attribute which is included in a grouping To delete an attribute you must first remove it from all groupings or delete all groupings which contain the attribute Creating Groups and Ordering Attributes You use the Groupings dialog box to create and manage groupings and control the order of attribut...

Page 46: ...46 CHAPTER 4 GROUPING NETWORK DEVICES IN THE MAP Figure 6 Groupings dialog box ...

Page 47: ... the First Time Chapter 6 Configuring Agents for Data Collection Chapter 7 Displaying Network Traffic in the Main Window Chapter 8 Displaying Traffic in Graphs Chapter 9 Using Event Rules Chapter 10 Viewing Events Chapter 11 Overview of Reporting Chapter 12 Report Types ...

Page 48: ......

Page 49: ...anel by clicking Start Programs Transcend Traffix Manager Transcend Traffix Manager v3 0 Control Panel The Traffix Control Panel can only be run on the server machine Only one server can be run on a machine at any given time For support of multiple servers within the same broadcast domain see Startup Options on page 125 Launching a Traffix Manager Client You can only successfully start a Traffix M...

Page 50: ... Manager server There are two access levels for running the client The Traffix Administrator level allows the user to configure all aspects of the operation of Traffix Manager such as data collection and report generation To avoid security conflicts between multiple clients there can be only one Traffix Administrator logged in at any one time All other clients are read only and as such can view al...

Page 51: ...all agents which implement all the relevant groups of RMON 1 and RMON 2 standards Refer to RFCs 1757 2021 and 2074 for a list of the RMON groups which are retrieved by Traffix Manager RMON 1 Request for Comment http www it kth se docs rfc rfcs rfc1757 txt RMON 2 Request for Comment http www it kth se docs rfc rfcs rfc2021 txt RMON 2 Protocol Identifiers http www it kth se docs rfc rfcs rfc2074 txt...

Page 52: ...out finding agents to collect network traffic data and launch the Traffix Manager client with no data collected This will display an empty Map on your workstation from which you can perform limited management and configuration tasks See Launching the Traffix Manager Client on page 26 for further details You can then add agents for data collection at a later stage without having to go back through ...

Page 53: ...e with the same IP address and community name as another agent in the agent tree Traffix Manager does not support duplicate agents Duplicate error checking is handled by the Add Agent dialog box If an invalid duplicate IP address or community string is entered an error message appears When Traffix Manager retrieves agent details a list of the interfaces on that agent is displayed You select the in...

Page 54: ...ation Suspending and Resuming Data Collection Manually You may want to suspend data collection if you have collected sufficient data to give you a clear picture of the normal level of traffic on your network You enable or disable individual agents for collection using the agent tree in the Configure Agents dialog box You can also suspend and resume collection for all enabled agents from this dialo...

Page 55: ...Finding Agents for Data Collection 55 Traffix Manager See Appendix G for more information about setting the mode on 3Com standalone RMON 2 agents ...

Page 56: ...56 CHAPTER 6 CONFIGURING AGENTS FOR DATA COLLECTION ...

Page 57: ...y traffic data you need to use Traffix Manager to collect it from your network To find out if there is data already collected open the Load Traffic dialog box from the File menu If no data has been collected see Chapter 6 Configuring Agents for Data Collection for information about collecting data from your network Loading Network Traffic Data You can select how to load and display traffic data in...

Page 58: ... can display information about objects on your network search for and select objects and locate objects in the Map Displaying Object Information There are three types of object information available Device names Group and device status Group statistics Group Device Status The color of a device icon and the perimeter color of a group in the Map reflect the status of that object ...

Page 59: ... above the Object List or the Find dialog box Refer to How do I display network traffic in the Map in the online help for more information Selecting and Deselecting Objects You can select objects directly in the Object List or Map by clicking on them Locating Objects in the Map For detailed information on locating objects and zooming in on objects and areas in the Map refer to How do I display net...

Page 60: ...g to or from the object If you select a group the traffic to and from all objects within the group is mapped Table 7 Description of Display Buttons Button Function Add Connections To and From Shows all traffic connections going to and from the selected objects to any other objects on the network Use to determine who the selected objects are talking to Remove Connections To and From Removes all tra...

Page 61: ...that time Traffix Manager provides two ways to define protocol filters so that you can select and view network traffic at higher levels of abstraction These are applications and favorites An application is a folder containing one or more protocols Applications are used to make encapsulated protocols easier to select and therefore enable you to monitor a particular type of traffic more easily Traff...

Page 62: ...dd applications and protocols to a favorite in the same way Two applications cannot contain the same protocol a protocol can appear in more than one favorite however As applications do not overlap you can display all applications in the Map simultaneously by selecting the predefined favorite All Applications Change the color used to denote an item protocol application or favorite in the Map Settin...

Page 63: ...ent so that the agent no longer collects data for the protocol Check whether a specific protocol is registered with an agent Notes on User defined Protocols There are some limitations on the user defined protocols which 3Com agents support Refer to the firmware documentation for lists of the 3Com protocols and user defined protocols that this firmware supports Data collected using newly defined pr...

Page 64: ...our agent vendor Device Aggregation Aggregation is a way of limiting the number of devices Traffix Manager has to track As more devices are displayed in the Map it becomes more difficult for you to determine traffic patterns on your network Aggregation reduces the amount of memory and disk resources required by collating data which has been collected See Appendix C Aggregating Devices for a descri...

Page 65: ...llowing factors Grouping Graphs are used to analyze mapped traffic They are therefore dependent upon the grouping currently applied in the Map Grouping is described in Groupings on page 42 The default groupings provide good data for basic analysis Level Panel graphs are generated for the level currently applied in the Map only The level refers to the hierarchy imposed by the selected grouping and ...

Page 66: ...Map are displayed in the main window Summary Bar Shows the sum of all the traffic displayed in the Map for the object s selected in the Map Top Objects If a single group is selected in the Map this graph shows the busiest objects in the selected group at the level selected in the Map If more than one object is selected in the Map this graph shows the busiest of the objects selected Top Connections...

Page 67: ...easurement used when calculating the charts Media Types Only active if bits per second or utilization are selected in the Units field Fixed Automatic Logarithmic scaling If automatic scaling is selected Traffix Manager adjusts the size of the bars in each chart to fill the space available Using the Launch Graph Dialog Box Use the Launch Graph dialog box to display detailed information about items ...

Page 68: ...n the Map when the graph is launched You can display multiple instances of the dialog box to compare data for various protocols or connections for example The Launch Graph dialog box has five main areas Protocol Breakdown Each of the bars shows the total for each protocol of the filtered traffic for each of the selected objects Timeline Shows the traffic generated over the time period loaded into ...

Page 69: ...dialog box to control the display of charts in the Launch Graph dialog box The options are Scope The comparative point of reference for all the connections If devices or groups are selected in the Map you can produce a graph for either the Busiest Talkers among the objects selected the Busiest Listeners or the Busiest Link If a connection is selected in the Map you can produce a graph for the traf...

Page 70: ...70 CHAPTER 8 DISPLAYING TRAFFIC IN GRAPHS ...

Page 71: ...es are applied to traffic data as it is collected When the conditions of a rule are met Traffix Manager generates one or more events which you can view in the Event List See Chapter 10 for more information on viewing events and analyzing the causes of events Rule based event generation provides you with the following benefits for proactive network monitoring It enables you to monitor security poli...

Page 72: ...s ways of using the various types of event rule to implement strategies for managing your network Predefined Event Rules Traffix Manager is supplied with a number of predefined event rules which are applicable to most networks These event rules generate events when significant changes occur on the network They are Detect new devices on the local network Detect changes on the local network Check fo...

Page 73: ...isuse You use this type of event rule to prohibit or limit certain access to the network at certain times An event is generated if traffic is detected during the prohibited time You can limit the event rule to monitor specific parts of your network or specific protocols For example you can use this event rule to Detect any traffic other than backup traffic on the WAN link at night Detect anyone us...

Page 74: ...ent rule of this type you can use it to monitor the usage of specific network services For example you can use this event rule to Monitor for devices which use an excessive amount of Novell bandwidth Monitor for devices which are using the Internet connection excessively Monitor Critical Devices You use this type of event rule to monitor a set of devices and generate an event if the network traffi...

Page 75: ... services on the connections For example you can use this event rule to Monitor the activity of your WAN link to another city Monitor FTP traffic activity on the Internet connection Monitor Network Trends You can use an event rule of this type to monitor changing long term traffic levels on the whole network or on part of the network Events are generated if significant changes over time are detect...

Page 76: ...ring through all these rules is therefore dynamic and may change if the devices in the group change By default the grouping used for a rule is that currently applied in the Map However once created a rule always uses the same grouping Selecting Protocols Typically an event rule applies to all traffic regardless of the kind of protocol being used You can restrict the scope of a rule by choosing a s...

Page 77: ...tivity in response to the number of events that it generates The Event List makes it easy for you to adjust the sensitivity of event rules in this way See Chapter 10 Viewing Events for further information To specify sensitivity with more precision or to understand exactly what the sensitivity of a rule means open the Thresholds tab in the Sensitivity dialog box in the Event Rule Creation Wizards U...

Page 78: ... Monitoring Changes in Server Activity If you expect the activity of your servers to be fairly constant you can configure a Monitor Critical Devices event rule to tell you if the activity of your servers changes unexpectedly An event rule of this type Monitor critical devices is preconfigured See Monitor Critical Devices on page 74 Preventing Server Congestion You can configure a Monitor Network R...

Page 79: ... of a link See Connection Activity Report on page 100 for more information Monitoring Single Devices Which are Overusing the Capacity of a Link You can configure a Monitor Network Resource Usage event rule to tell you when one device is using a lot of bandwidth on a link Similar information can be obtained on a regular basis using a Top N Connections report See Top N Connections Report on page 105...

Page 80: ...traffic during the night which is not backup traffic You might also require that bandwidth be available on certain links for certain activities at certain times of day For example you could use a Detect Network Misuse event rule to spot Web traffic on a WAN link during working hours You can create Detect Unauthorized Machine Access event rules to check that only authorized devices access important...

Page 81: ...ic on your network and network security When the conditions for a rule are met an event is generated See Chapter 9 for information on configuring event rules Events are also generated by the Collector and Reporter processes The Event List in Traffix Manager displays events generated by all these sources and supports various viewing options With the Event List you can view selected events in greate...

Page 82: ...categorized by four levels of severity information being the least severe and critical the most severe Information Warning Error Critical Date and Time the event was generated Source whether the event was generated from the Collector the Reporter or from an Event Rule You can choose to display events from one or more sources Description of the event More detail on the event Click More Detail on th...

Page 83: ...aused the event You can sort filter and summarize the display of events These last two operations are described in more detail below Filtering Events You filter event data from the Filter dialog box Figure 13 Filter dialog box You can filter the event data in a number of ways including To show only unacknowledged events By severity By the source of the event Event Rules Reporter Collector ...

Page 84: ...y one entry is shown for a number of events When events are summarized the number of events related to the summarized entry is displayed Events which have been filtered out are not displayed in the summary You can summarize events in one of the following ways Summarize by device You can show the number of events associated with each device that is not filtered out Summarize by severity Shows one e...

Page 85: ... period of time This is the same amount of time for which trend data is stored You can specify the maximum amount of disk space that will be used to store this data from the Traffix Control Panel See Database Maintenance on page 123 Ignoring Devices or Connections You can modify the event rule that generated an event to ignore certain devices or connections This only applies to events triggered by...

Page 86: ... Configuring Traffix Manager to Forward Events as SNMP Traps Select an event in the the Event Generation dialog box to forward as an SNMP trap to your own Open Management Platform OMP You can enter the trap destination as an IP address or DNS name The generated event appears in the event viewer for the OMP Integrating Traffix Manager SNMP Traps with HP OpenView This section gives an example of how...

Page 87: ...k the Event Message tab and complete the following fields a Select Log and display in category in the Actions field b Select Traffix Manager in the Log and display in category list c Select a severity level to control the severity rating that Network Node Manager assigns to this alarm d Do not edit the Event Log Message field 5 You can define actions for Network Node Manager to perform automatical...

Page 88: ...88 CHAPTER 10 VIEWING EVENTS ...

Page 89: ...hedule the generation of daily weekly and monthly reports These reports are automatically run overnight and delivered to your Web server or printer or stored as data files for later use You can also generate reports on demand ad hoc reports at any time Types of Report Reporting focuses on four kinds of object connections devices groups of devices and segments For each kind of object there are two ...

Page 90: ...heduled time or ad hoc raw data is generated You can output or view raw report data as many times as you require without having to regenerate the report Output Traffix Manager uses the raw data to output professional reports as hard copy to a printer on the server as HTML files or as Comma Separated Value CSV files CSV files can be read into a spreadsheet or database application for further analys...

Page 91: ...use data collected on the specified day of the month and the calendar month following including that day The report is generated in the early hours of the day following the last day covered by the report For example if you select from the first day through to the end of each month Figure 16 the raw data for the whole of June June 1st 00 00 to June 30th 24 00 is covered by the report The report is ...

Page 92: ...s in the tree You can display reports by the Date they were created or by Report Type Report Specification Displays a summary of key information about a report instance You can reschedule reports and run ad hoc reports Report Displays a summary of key information about raw report data or HTML output You can output and view reports and display detailed output status information The use of these thr...

Page 93: ...duled generation and output See Interpreting Summary Information on page 94 for more information When you add a report instance the grouping currently applied in the Map is used Raw data Each time a report instance is run either scheduled or ad hoc Traffix Manager stores the raw report data in the relational database The raw data is shown as a child of the report instance and labeled with the date...

Page 94: ...reports at any time If you do not specify a report period the report instance is saved in the Report Manager but no raw report data is gathered and no reports are output You can use a report instance that is saved without scheduling output to generate ad hoc reports or you can later reschedule it Rescheduling Reports and Running Ad Hoc Reports You use the Report Specification area of the Report Ma...

Page 95: ...r server and has the necessary permissions If you wish to link to the overall index page generated for HTML reports the file name is index html in the chosen reports output directory Printer When the report is run a graphical report including contents page is printed Reports can be delivered automatically only to a printer visible to the server If you want to print a report using a printer visible...

Page 96: ...t particular raw report data indefinitely or you can use the Global Options dialog box to change the lifetime of that raw report data or output If your global policy is specified in the Global Options dialog box as Keep Forever you cannot change the lifetime of raw data or output Setting Global Report Options From the Global Report Options dialog box or Report Schedule dialog box you can set the f...

Page 97: ...etermine the top 10 devices from a network containing 100 000 devices over a period in which 1 million connections were seen could take an hour or more to run Therefore scheduled reports are run overnight to be delivered to your Web server or printer in the morning Ad hoc reports can be started from the Report Manager but according to the quantity of data being processed and the number of reports ...

Page 98: ... activity reports on any objects of particular interest Effects of Grouping on Reports The creation and content of your reports is influenced in the following ways by how devices are grouped in the Map The current grouping in the Map determines the groups that can be selected when configuring a report See Chapter 4 Grouping Network Devices in the Map for more information about groupings If you try...

Page 99: ...n ad hoc and when it was created Top N Reports Top N reports can be run in two modes Summary mode just identifies the top N objects Summary plus detail mode generates a report including detailed information for each of the top N objects Reports run in this mode take longer to generate Each top N report consists of two or three sections The first section identifies the top N objects according to on...

Page 100: ...US to Edinburgh Table 8 Connection Activity Report Charts Report Section Chart Title Description 1 Connection Activity 1 1 Protocol Distribution Of Connection By Octets A pie chart showing the total octets within the connection broken down by protocol Protocol Distribution By Octets With Packets Overlaid A stacked bar chart showing the total octets within the connection over the report time period...

Page 101: ...device broken down by protocol Top Conversations A stacked bar chart showing the top 10 devices talking to the detail device by total octets sent and received broken down by protocol Protocol Distribution By Octets With Packets Overlaid A stacked bar chart showing the total octets sent and received by the device over the report time period broken down by protocol The left hand axis refers to the o...

Page 102: ...nt and received broken down by protocol Only conversations with groups at the same level of the grouping scheme as the detail group are considered Protocol Distribution By Octets With Packets Overlaid A stacked bar chart showing the group s total internal external or overall octets over the report time period broken down by protocol The left hand axis refers to the octet totals The right hand axis...

Page 103: ...col Distribution Of Segment By Octets A pie chart showing the top 10 protocols seen on the segment Top Hosts A stacked bar chart showing the top 10 hosts on the segment by total octets sent and received The octets are broken down by protocol Protocol Distribution By Octets With Packets Overlaid A stacked bar chart showing the octets over the report time period broken down by protocol The left hand...

Page 104: ...mation does not appear immediately You may need to generate historical data for several weeks before the baselines can be calculated Generic Line Stats A table showing counts for some generic media independent variables over the report period Media Specific Line Stats A table showing counts for various media specific variables This table varies depending on the media type of the segment Ethernet T...

Page 105: ... city to city connections contained within the U S to U K connection There are lots of ways to use the top N connections report Use the Level options to specify how the connections should be broken down at each end Typically you may want the connection to be broken down at the same level at each end If you are interested in the top N connections between actual devices choose one of the following o...

Page 106: ...ic with server1 Table 12 Top N Connections Report Charts Report Section Chart Title Description 1 1 Top Connections By Octets A stacked bar chart containing the top N connections as measured by total octets between the two end points broken down by protocol Protocol Distribution Of Top Groups A pie chart showing the top 10 protocols seen within all of the N connections If more than 10 protocols ar...

Page 107: ...s Top Conversations Within The Connection A stacked bar chart showing the top 10 device to device conversations within the detail group broken down by protocol Long Term Trend A line chart showing the total octets within the connection for as long as Traffix Manager has records 3 Report Information Information about the report itself Table 12 Top N Connections Report Charts continued Report Sectio...

Page 108: ... pie chart showing the total octets sent and received by the device broken down by protocol Top Conversations A stacked bar chart showing the top 10 devices talking to the detail device by total octets sent and received broken down by protocol Protocol Distribution By Octets With Packets Overlaid A stacked bar chart showing the total octets sent and received by the device over the report time peri...

Page 109: ...versations broken down by protocol Protocol Distribution Of Top Groups A pie chart showing the top 10 protocols seen across all of the N groups If more than 10 protocols are seen the remainder are grouped as other Group History A multiple line chart showing the history of the total octets for each of the N groups over the report period 2 Detail For Top Groups 2 1 Protocol Distribution Of Group By ...

Page 110: ...up broken down by protocol The octet total has the same internal external or overall filter as the detail group applied 3 Report Information Information about the report itself Table 14 Top N Groups Report Charts continued Report Section Chart Title Description Table 15 Top N Segments Report Charts Report Section Chart Title Description 1 1 Top Segments By Utilization A bar chart containing the to...

Page 111: ...ppear in descending order For example the errors on a 10Mbps Ethernet segment may be higher than those on a 100Mbps segment but the octet count on the 100Mbps segment may be considerably higher Error History A multiple line chart showing the history of the errors for each of the N segments over the report period Error Health Chart An alternative way of viewing the error history Error values are sh...

Page 112: ...eport period as a line This is overlaid on bands representing normal borderline and unusual error totals These baselines are calculated using a statistical analysis of data from previous report periods Note that baseline information does not appear immediately You may need to generate historical data for several weeks before the baselines can be calculated Generic Line Stats A table showing counts...

Page 113: ...el Appendix C Aggregating Devices Appendix D Using the SubnetsDB File Appendix E Automatic Attribute Assignment Appendix F Supported RMON 2 Devices Appendix G Configuring 3Com Standalone RMON 2 Agents Appendix H DHCP Appendix I TFTP Server Appendix J RMON and SNMP Tables Retrieval Appendix K Technical Support Glossary Index ...

Page 114: ......

Page 115: ...ager and their solutions Table 16 Diagnosing Traffix Manager Problems Problem Cause Solution Client Will Not Start Traffix server is not running Use the Traffix Control Panel to check that the Traffix server is running If not start it from the Traffix Control Panel Traffix server is running in a different broadcast domain to the client On the machine running the client Set the OSAGENT_ADDR environ...

Page 116: ...are only run once every hour and that historic event rules can take up to a day depending on how they are configured When you manually enter the IP address of an agent you want to collect data from and start collection you get a series of collection error messages in the Event List Agent does not support RMON 1 or RMON 2 Consult your agent vendor s documentation to find out if the agent supports R...

Page 117: ...ontain a browser On Windows platforms the cause is likely to be that HTML file types are not set up properly Refer to your Windows documentation If Browser is not in your path message is displayed Exit the Traffix Manager client Update path to include Browser Restart Traffix Manager client Viewing reports takes very long time or never completes If you selected a raw data entry for which no HTML re...

Page 118: ... the report they are currently generating is complete If there is a queue of reports waiting to be run it may take some time before the ad hoc report is run Use the Report Manager to see which report is currently running You do not need to keep the Run Now progress window open You can request several ad hoc reports at one time and leave them running overnight Use the Report Manager and output queu...

Page 119: ...ilename in event viewer The reporter was unable to create an output file This is most often caused by insufficient permissions you do not have permission to create output files where requested Table 17 Diagnosing Reporting Problems continued Problem Cause Solution ...

Page 120: ...120 APPENDIX A TROUBLESHOOTING TRAFFIX MANAGER ...

Page 121: ...t is available at http support 3com com infodeli tools netmgt traffix family htm If you choose to use the Database Schema documentation to configure your Traffix Manager database 3Com can only provide limited support regarding any issues with the Traffix Manager database that occur as a result of your actions 3Com strongly recommends that you do not customize or directly access the Traffix Manager...

Page 122: ...ons The Traffix Manager Configuration panel in the Traffix Control Panel provides the following applications for managing databases Refer to the online help for detailed information about the functions of each application Database Setup Allows you to manage the Traffix Manager databases In this dialog box you can view the following The status of the Traffix Server The location of the database whic...

Page 123: ...as the current database Copy delete and move databases CAUTION You should never move or copy a database using ordinary file operations for example Windows NT Explorer You should use the Move Database and Copy Database features from the Traffix Control Panel instead Change the location of the current destination of HTML reports Import Database You can import a database that has been created by eith...

Page 124: ...base the agent configurations and local DNS domains are not deleted When you then start running against the newly cleaned database you will not see the startup wizard again as the agents and local DNS domains have already been configured from before the clean In addition after cleaning a database collection is suspended for the configured agents so in order to start collecting data you have to tur...

Page 125: ...rganizes the physical location of parts of the database so that the database can be accessed more efficiently It therefore works in an similar way to the defragmentation utility in the Windows operating system Subnets Editor Allows you to group the devices on your network by subnet and assign default DNS domains using the SubnetsDB file See Using the SubnetsDB File on page 133 Attribute Lookup All...

Page 126: ...on the same system Before you can install Traffix Manager 3 0 you must deinstall Traffix Manager 2 0 This section describes the actions you must complete before attempting to deinstall Traffix Manager 2 0 It then describes the process for de installing Traffix Manager 2 0 The de installation process is divided into two steps Deinstalling Traffix Manager 2 0 Deleting the Transcend Traffix Manager 2...

Page 127: ...ccess message is displayed Click OK to exit the dialog and return to the Add Remove Programs Properties dialog box 6 In the list of programs that may be deinstalled select XVision and click Add Remove 7 When prompted to confirm your selection click Yes to continue with the deinstallation or No to abandon it If you chose Yes the Maintenance Setup dialog box is displayed Click Remove All and when pr...

Page 128: ... select Delete 4 When prompted confirm the deletion of this program group by clicking Yes or click No to abandon it If you click Yes The Traffix Manager program group is removed and placed in your system s Recycle Bin The following error message is displayed Start Menu Programs Transcend Traffix Manager NT v2 0 is not accessible This folder was moved or removed This indicates that the Start menu e...

Page 129: ...akes any data analysis for data which crosses an aggregation change boundary hard to interpret In this case 3Com recommends that you start a new database See Appendix B Database Management Using Traffix Control Panel for more information Default Aggregation Aggregation provides a solution to the problem of large numbers of devices on your network without forcing you to discard any devices Any loss...

Page 130: ...fore only IP addresses are considered for aggregation Non IP network devices are always be considered to be local and so will be kept in detail You can assign DNS domains to subnets using the SubnetsDB file Subnets can be assigned any DNS domain but 3Com suggests that you use local domains If you provide a local DNS domain name for a subnet a device in this subnet will be placed in this domain if ...

Page 131: ...nting engineering acme com When all domains at this lowest level have been aggregated Traffix Manager then aggregates each domain at the next level Following this example engineering acme com and office acme com are both aggregated to acme com You cannot undo aggregation If you add an aggregated DNS domain to a local domain all newly discovered addresses will be mapped to the aggregated representa...

Page 132: ...affix Manager device representing this DNS layer For example if DNS layer 2 is selected the device mydevice acme com is aggregated into the device representing the DNS domain acme com Discard Any network device that has a non local DNS domain is discarded immediately and no data for that device is collected Setting a Maximum Device Limit You can specify a device limit of 100 000 devices This allow...

Page 133: ...not be used All addresses must be in dotted decimal format To set up subnets 1 Edit the SubnetsDB file using the Subnets Editor provided in the Traffix Control Panel 2 For each subnet you wish to add you must specify the following The significant part of the subnet address A subnet mask The name of the group The DNS domain Check the Event Log for errors after you have changed the SubnetsDB program...

Page 134: ...IP device on your network it performs a DNS lookup for the DNS name of that device If this lookup fails or if your site has no DNS Traffix Manager will check the SubnetsDB file to see if the device is in a given subnet If so it will assign the DNS name of the subnet to the device If the device is not found in SubnetsDB then a final check is done to see if it is in the same subnet as the Traffix Se...

Page 135: ...11111111111110000000000000000 Result of AND 10001100000001100000000000000000 To determine whether a device qualifies for a subnet the key value is compared with the value created by ANDing the subnet mask with the device s IP address If these values are not equal Traffix Manager does not accept the devices as part of the subnet For example Traffix Manager has detected a device with the IP address ...

Page 136: ...subnets would be placed in Group 2 as this has 16 set bits in its subnet mask whereas Group 1 has only 8 set bits If a device matches two subnets and both subnets have the same number of set bits in their masks then Traffix Manager may assign the device to either of these groups subnet mask name domain 89 0 0 0 255 0 0 0 Group1 3com com 89 0 0 0 255 255 0 0 Group2 3com com ...

Page 137: ...le a Microsoft Excel spreadsheet a Microsoft Access database or a program that you write A program can carry out arbitrary processing such as searching a file or performing a database lookup Attributes can also be manually assigned to objects using the Attributes option see Chapter 4 Grouping Network Devices in the Map for more information on attributes Automatic attribute assignment is set up usi...

Page 138: ...e subnet to which the request should be restricted for example home subnet It creates two attributes OS Type and User OS Type is set to Windows if the device responds to the NetBios message and User is set to the NetBios user name if there is one You could set up a grouping using the NL Type OS Type and User attributes in that order to see the traffic generated by a particular PC user The code for...

Page 139: ...uments to pass to fileattrs and dblookup are described in Using the fileattrs Program on page 140 and Using the dblookup Program on page 142 If your arguments contain the space character then surround them with double quotes The flag column should normally be TRUE If this column is FALSE then the attribute program in question is not used to determine attributes when devices are newly discovered it...

Page 140: ...rce c fileattrs installdir TraffixServer examples source vb fileattrs The program itself is in installdir TraffixServer Configuration File Format The configuration file must take the following format KEY number of key fields ATT comma separated list of attribute names comma separated list of attribute values comma separated list of attribute values KEY fields are those fields which should be used ...

Page 141: ...NFO TXT were contained in c data then you could add the following two lines to the user defined attribute configuration file Country fileattrs exe c data country txt TRUE machineinfo fileattrs exe c data machineinfo txt TRUE Attributes would then be assigned to devices based on the contents of these two configuration files If you change the contents of the configuration file then you must restart ...

Page 142: ...mmon structure The information should be stored in tables named as follows where N is a number between 1 and 10 which determines how many key attributes the lookup is based on this is similar to the KEY N line in fileattrs configuration file lookup_N general lookup table or ARP_N lookup table for ARP devices IP_N lookup table for IP devices IPX_N lookup table for IPX devices NetBEUI_N lookup table...

Page 143: ...okup does not set any attribute but waits for a new device to be looked up Table 19 shows an example of this lookup_2 is a general lookup table based on 2 attributes NL Layer Type and DNS Layer 1 This lookup table sets the value for the Country attribute An IP device called www demon co uk gets the U K Country attribute An IP device called www yahoo com gets the unknown Country attribute An IPX de...

Page 144: ...information apart from your lookup data Running dblookup The user can have many different lookup databases each running with its own copy of dblookup and so with its own entry in the user defined attribute configuration file The database location should be passed to dblookup as its first parameter For example if two lookup databases companies mdb Access database and continents xls Excel workbook w...

Page 145: ... are familiar with programming either C or Visual Basic All example programs are included in installdir TraffixServer examples Structure of an Attribute Lookup Program Every time Traffix Manager wants to find out attributes for a device it calls all the attribute lookup programs in the user defined attribute lookup configuration file see Contents of the User defined Attributes Configuration File o...

Page 146: ...d devices on your network with the Map This shows the fundamental structure of any attribute lookup program Calling the GetNextLookup function causes your program to wait until Traffix Manager wants your program to lookup another attribute or until Traffix Manager exits The function returns the value 1 if there is a device whose attributes should be looked up or 0 if it wants your program to exit ...

Page 147: ...ther program Writing and Building Your Own Attribute Lookup Program To build your own attribute lookup program you should copy one of the example programs and modify it You can also look at these programs for more examples of how to write attribute lookup programs There are 6 example programs supplied as shown in Table 20 Table 20 Example Programs Name Language Description fileattrs C Complex prog...

Page 148: ...up program and copied it if necessary you should add it to the user defined attribute program configuration file see Contents of the User defined Attributes Configuration File on page 138 Library functions available Table 21 shows a full list of the functions available to attribute lookup programs in the attripc DLL library country Visual Basic Simple example program which assigns an attribute cou...

Page 149: ...tribute lookup programs before adding it to the user defined attribute program configuration file there is a very simple utility provided which allows you to do this This utility can only test GetAttribute Should be called sometime after GetNextLookup Takes an attribute name as an argument Returns the currently assigned value of that attribute for the current device as a string Returns an empty st...

Page 150: ...Note that the user defined attribute program configuration file is not used If your program is working properly then a dialog box appears which allows you lookup attributes for any device you choose Set the Name NL Type NL Address and Network controls on the dialog to appropriate values for some device and then click Lookup The list on the right of the dialog box shows the attributes returned by y...

Page 151: ...ents for Y2K compatibility SupportedInterface Types Traffix Manager supports agents with the following interface types Table 22 Supported Interface Types Interface Type MIB2 ifType Supported on RMON 1 RMON 2 Compliant Agents Ethernet 6 Both ISO 8802 3 7 Both Token Ring 9 Both FDDI 15 RMON 2 only Point to Point Serial 22 RMON 2 only Frame Relay 32 RMON 2 only AAL5 ATM 49 RMON 2 only Fast Ethernet 6...

Page 152: ...152 APPENDIX F SUPPORTED RMON 2 DEVICES ...

Page 153: ... files are stored on the machine where the Traffix Server is installed When you install the Traffix Server you automatically install the TFTP server on the same machine For instructions on how to download the latest version of firmware refer to the Firmware Upgrade documentation that ships with Traffix Manager Before you can download agent firmware you must launch the TFTP server as it serves out ...

Page 154: ...memory sizes are decreased to make the best use of the agent s resources Table 23 An agent set to RMON 2 Traffix Mode can still be used for network management by LANsentry Manager or any other software which uses the RMON tables CAUTION If you change the RMON 2 mode the agent automatically cold restarts for the changes to take effect Refer to the Firmware Upgrade documentation or your agent docume...

Page 155: ...les RMON 2 With RMON 2 disabled you can download SmartAgent software to the device If you disable RMON 2 on an agent which supports both RMON standards RMON 1 will still be enabled Traffix Manager can only collect limited data in the form of line statistics reports from an agent that supports RMON 1 only See Appendix I Using RMON 1 Agents for more information ...

Page 156: ...156 APPENDIX G CONFIGURING 3COM STANDALONE RMON 2 AGENTS ...

Page 157: ...identify using this method You can open this file by clicking DHCP Setup in the Traffix Control Panel What Effect Do DHCP Devices Have On The Map If a device which is managed using DHCP is discovered on your network it may appear on the Traffix Manager Map as a normal device until Traffix Manager realizes it is a DHCP device A DHCP device requests an IP address from the DHCP server DHCP is a dynam...

Page 158: ...dress although with a different MAC address attribute These are represented by a unique icon Each IP address listed in the DhcpDB file is polled every POLLINGINTERVAL minutes using a Netbios NCBSTAT request This request returns the MAC address of the device provided the device supports Netbios Windows based operating systems and DOS support Netbios but other systems such as UNIX generally do not Y...

Page 159: ...add and enable the RMON 1 devices and interfaces you want to use to collect network traffic data Traffix Manager will automatically begin to collect data from the enabled interfaces 2 From the Report Manager schedule a daily Segment Activity report for the next morning weekly and monthly reports can also be scheduled When you look at the report you will find that the following graphs are incomplet...

Page 160: ...160 APPENDIX I USING RMON 1 AGENTS ...

Page 161: ...074 txt SNMP Tables used by Traffix Manager Table 24 SNMP Tables Used By Traffix Manager MIB Table Mandatory Comments MIBII system yes Used to get sysDescr MIBII interfaces yes Used to get interface list RMON probeConfig no Used by agentAdmin to reboot probe and download new firmware RMON etherStats trPStats trMLStats no Line statistics for reports only 3Com fddiStats no FDDI line statistics for r...

Page 162: ...bution reports only RMON 2 addressMap no Network Layer to MAC address mapping RMON 2 alMatrixTopN alMatrix nlMatrixTopN nlMatrix At least one must be supported for RMON 2 data RMON 2 conversation traffic Table 24 SNMP Tables Used By Traffix Manager continued MIB Table Mandatory Comments ...

Page 163: ...m Facts Automated Fax Service World Wide Web Site To access the latest networking information on the 3Com Corporation World Wide Web site enter this URL into your Internet browser http www 3com com This service provides access to online support information such as technical documentation and software as well as support options that range from technical education to maintenance and professional ser...

Page 164: ...roducts This service is available through analog modem or digital modem ISDN 24 hours a day 7 days a week Access by Analog Modem To reach the service by modem set your modem to 8 data bits no parity and 1 stop bit Call the telephone number nearest you Country Data Rate Telephone Number Australia Up to 14 400 bps 61 2 9955 2073 Brazil Up to 28 800 bps 55 11 5181 9666 France Up to 14 400 bps 33 1 69...

Page 165: ...e qualified to provide a variety of services including network planning installation hardware maintenance application training and support services When you contact your network supplier for assistance have the following information ready Product model name part number and serial number A list of system hardware and software including revision levels Diagnostic error messages Details about recent ...

Page 166: ...61 00137 or 021 6350 1590 800 6161 463 00798 611 2230 0 2 3455 6455 0080 611 261 001 800 611 2000 Europe From anywhere in Europe call 31 0 30 6029900 phone 31 0 30 6029999 fax Europe South Africa and Middle East From the following countries you may use the toll free numbers Austria Belgium Denmark Finland France Germany Hungary Ireland Israel Italy 0800 297468 0800 71429 800 17309 0800 113153 0800...

Page 167: ...9900 31 30 6029999 Latin America 1 408 326 2927 1 408 326 3355 From the following countries you may call the toll free numbers select option 2 and then option 2 Austria Belgium Denmark Finland France Germany Hungary Ireland Israel Italy Netherlands Norway Poland Portugal South Africa Spain Sweden Switzerland U K 0800 297468 0800 71429 800 17309 0800 113153 0800 917959 0800 1821502 00800 12813 1800...

Page 168: ......

Page 169: ...Protocol for dynamically mapping Internet addresses to physical hardware addresses on LANs It is limited to LANs that support hardware broadcast attribute A label for a piece of information about devices for example the location of a device or its IP address Traffix Manager is supplied with a number of predefined attributes and you can add your own See Chapter 4 Grouping Network Devices in the Map...

Page 170: ...ce Model This layer is responsible for controlling message traffic default gateway The IP address of a device usually a router or gateway to which the probe directs all packets not destined for its subnet device A generic term used to refer to any device seen on the network by way of the addresses recorded in the RMON tables device attribute A piece of information about a device for example an att...

Page 171: ...ns and protocols so that you can select and view network traffic at higher levels of abstraction Traffix Manager contains a number of predefined favorites and you can add your own as required See Chapter 7 Displaying Network Traffic in the Main Window for more information about setting up favorites firewall A combination of specifically configured network hardware and software products that limit ...

Page 172: ...being managed multicast A message sent to a specific group of nodes on a network simultaneously NL Network Layer The third layer of the OSI Reference Model This layer is responsible for controlling message traffic It receives data that has been framed by the Data Link Layer below it converts this data into packets and passes the result to the Transport Layer that directs the packets to their desti...

Page 173: ...ral management station Usually configured and controlled by the client protocol As used in Traffix Manager this is the RMON 2 decoding of the type of traffic seen on the network protocol number The port or program number as defined by the parent protocol For example if you are adding a TCP child protocol the protocol number will be the TCP port number RMON 1 Remote MONitoring Subset of SNMP MIB II...

Page 174: ... of computer equipment TFTP Trivial File Transfer Protocol Allows you to transfer files such as software upgrades and configuration files to and from a remote device TNCS Transcend Network Control Services A suite of standards based integrated management applications for configuring monitoring and troubleshooting 3Com network systems top N The top N components of your network are calculated using ...

Page 175: ...cifying agent details yourself 52 supported interface types 151 supported RMON 2 agents 51 supported RMON 2 interfaces 51 viewing agent statistics 54 which support user defined protocols 63 aggregating devices default aggregation action 131 local domain specification 130 local domains 130 overview 64 129 setting maximum device limit 132 specifying aggregation policy 130 aggregation policy specifyi...

Page 176: ...rol Panel See Traffix Control Panel conventions notice icons 13 text 13 creating events 20 36 reports 93 CSV files description 95 D daily reports producing 90 data collection adding agents 53 disabling agents 52 editing agents 53 enabling agents 52 54 polling interval 54 resuming 52 54 RMON 1 agents only 38 suspending 52 54 data loss cold restart 154 database maintenance 123 Database Maintenance d...

Page 177: ... Load Traffic 57 Number of Devices 59 Output Monitor 96 Report Manager 92 Report Schedule 94 95 User Authorization 50 disabling agents 52 events 85 RMON 2 54 154 discovering agents 52 display of data effect on reporting 98 displaying events in graphs 85 events in the Map 85 groups and devices in the Object List 29 traffic in graphs 65 traffic in the Map 59 DNS aggregation local domain specificatio...

Page 178: ...troubleshooting missing HTML files 117 viewing HTML output 95 Filter dialog box 83 filtering events in the Event List 83 finding agents 52 firmware cold restart 154 downloading to agents 153 finding files 153 RMON 2 functionality 153 TFTP server 153 forwarding events as SNMP traps 86 G generating events overview 20 36 getting started reporting 97 with Traffix Manager 19 23 global deletion policy 9...

Page 179: ...kup program 144 M MAC and Type predefined grouping 44 main window displaying traffic 59 Graph Panel 29 Map 27 29 menu options 29 Object List 28 overview 28 reference to menu options 29 management software See firmware managing the Traffix Manager database 121 to 126 Map displaying traffic 59 60 effect of DHCP devices 157 locating areas 59 locating objects 59 overview 29 maximum device limit settin...

Page 180: ...rom 61 removing connections between 60 removing connections to and from 60 searching for 59 selecting and deselecting in the main window 59 statistics 59 zooming to in Map 59 online technical services 163 Output Monitor dialog box 96 overviews collector 35 device aggregation 23 events 20 36 71 graphs 20 65 grouping devices in the Map 39 launching Traffix Manager after the first time 49 launching T...

Page 181: ...ader and footer options 96 how long does report generation take 97 HTML output 90 94 interpreting raw data and HTML output 94 interpreting summary information 94 modifying reports 93 monitoring generation and output 96 monthly reports 91 overview 89 periods covered by reports 90 printing reports 90 95 raw report data 93 report formats 96 report instances 93 94 Report Manager 92 report output 90 94...

Page 182: ...5 stopping Traffix Manager 28 structure of User Guide 19 subnets grouping 135 local DNS domains 130 setting up 133 subnets editor 125 SubnetsDB file 133 SubnetsDB program 133 summarizing events 84 suspending data collection 52 54 T technical support 3Com Knowledgebase Web Services 163 3Com URL 163 Bulletin Board Service 164 fax service 165 network suppliers 165 product repair 167 testing attribute...

Page 183: ...twork misuse 73 detecting network sweep attacks 73 detecting new devices on your network 73 detecting unauthorized machine access 73 monitoring critical connections 75 monitoring critical devices 74 monitoring network resource usage 74 monitoring network trends 75 overview 72 U unassigned groups 43 upgrading Traffix Manager v2 0 126 URL 163 URLs RMON 38 User Authorization dialog box 50 User Guide ...

Page 184: ...184 INDEX ...

Page 185: ...ing is feasible refund to Customer the purchase price paid for such product Any software update or replaced or repaired product will carry a Year 2000 Warranty for ninety 90 days after purchase or until April 1 2000 whichever is later OBTAINING WARRANTY SERVICE Customer must contact a 3Com Corporate Service Center or an Authorized 3Com Service Center within the applicable warranty period to obtain...

Page 186: ... AND LIMITS ITS LIABILITY TO REPAIR REPLACEMENT OR REFUND OF THE PURCHASE PRICE PAID AT 3COM S OPTION THIS DISCLAIMER OF LIABILITY FOR DAMAGES WILL NOT BE AFFECTED IF ANY REMEDY PROVIDED HEREIN SHALL FAIL OF ITS ESSENTIAL PURPOSE DISCLAIMER Some countries states or provinces do not allow the exclusion or limitation of implied warranties or the limitation of incidental or consequential damages for ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands