80
C
HAPTER
9: U
SING
E
VENT
R
ULES
Implementing
Business Policies
Some organizations and network administrators have specific policies
about how the network can be used, in general or at different times of
day. Detect Network Misuse and Detect Unauthorized Machine Access
event rules are powerful tools for detecting behavior that does not
conform to such policies.
You might require that most of your network bandwidth is available for
backups at night. You could configure a Detect Network Misuse event
rule to spot significant traffic during the night which is not backup traffic.
You might also require that bandwidth be available on certain links for
certain activities at certain times of day. For example, you could use a
Detect Network Misuse event rule to spot Web traffic on a WAN link
during working hours.
You can create Detect Unauthorized Machine Access event rules to check
that only authorized devices access important machines at critical times,
for example, during backup.
As all rules have a time filter, you can configure event rules that only
apply at certain times of day. For example, you could configure a Monitor
Critical Devices event rule to generate an event if the behavior of your
backup server changes significantly during the night.
Summary of Contents for Traffix Transcend Traffix Manager
Page 10: ......
Page 18: ......
Page 24: ...24 CHAPTER 1 TRAFFIX MANAGER OVERVIEW ...
Page 34: ......
Page 46: ...46 CHAPTER 4 GROUPING NETWORK DEVICES IN THE MAP Figure 6 Groupings dialog box ...
Page 48: ......
Page 56: ...56 CHAPTER 6 CONFIGURING AGENTS FOR DATA COLLECTION ...
Page 70: ...70 CHAPTER 8 DISPLAYING TRAFFIC IN GRAPHS ...
Page 88: ...88 CHAPTER 10 VIEWING EVENTS ...
Page 114: ......
Page 120: ...120 APPENDIX A TROUBLESHOOTING TRAFFIX MANAGER ...
Page 152: ...152 APPENDIX F SUPPORTED RMON 2 DEVICES ...
Page 156: ...156 APPENDIX G CONFIGURING 3COM STANDALONE RMON 2 AGENTS ...
Page 160: ...160 APPENDIX I USING RMON 1 AGENTS ...
Page 168: ......
Page 184: ...184 INDEX ...