EasyManua.ls Logo

Alcatel-Lucent OmniSwitch 6800 Series - Monitoring Group

Alcatel-Lucent OmniSwitch 6800 Series
926 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring Network Security Network Security Overview
OmniSwitch 6800/6850/9000 Network Configuration Guide March 2008 page 39-5
Monitoring Group
A monitoring-group is used by Network Security to configure the anomaly detection on sets of ports. A
monitoring-group is identified by a name and has a set of ports as its members. A monitoring-group is
created by adding a set of ports to the group or by configuring an anomaly parameter for the group. A
monitoring-group exists as long as it has a member port or has at least one of its anomaly parameters
configured.
The network security configurations are applied according to the monitoring-groups. The anomaly detec-
tion parameters of monitoring-groups can be configured by the user. Also, the user can add or remove a
port in the monitoring-group. A port can be moved from one monitoring-group to another, but it cannot
exist in more than one monitoring-group at a time. Network security is disabled on a port that is not a
member of a monitoring-group.
Network Security changes an anomaly parameter configuration across all monitoring-groups in the follow-
ing ways:
Group-name “all”, overwrites the configuration for all the monitoring-groups.
Anomaly “all”, overwrites the configuration for all the anomalies.
Network Security has a predefined monitoring-group “default”, and allows a maximum of 32 monitoring-
groups including "default" at a time. Network Security applies the rules to match the specific packets
when a port is in a monitoring-group. These rules exist as long as the port is a member of any monitoring-
group.
The statistics for the packets are maintained on a per-port basis and are available when a port is a member
of the monitoring-group. When a port is removed from the monitoring-group, the statistics for the packets
are cleared. If a monitoring port is moved from one monitoring-group to another, the statistics of the port
do not get cleared. A port's anomaly statistics are tracked when that anomaly is configured to be moni-
tored on that port, and are cleared when monitoring is stopped for that anomaly.
Fin Scan Occurs when a host receives a burst of FIN packets.
Fin-Ack Diff Occurs when a host sees more or fewer FINACK packets than it sent.
Rst Count Occurs when a host receives a flood of RST packets.

Table of Contents

Other manuals for Alcatel-Lucent OmniSwitch 6800 Series

Preview: User Guide
User Guide32 pages
Preview: Management Guide
Management Guide292 pages
Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals