Scribd Logo
Upload

Welcome to Scribd!

  • 14 views

    FlowMon and Network Services

    Uploaded by

    nagasato
    The document discusses the various network services used by FlowMon, an appliance-based solution for network visibility, traffic monitoring, reporting, analysis and anomaly detection. It provides details on the default ports and configuration for services like flow collection, remote access, SNMP monitoring, time synchronization, email notifications, alerts, DNS, software updates and LDAP authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    FlowMon and Network Services

    Uploaded by

    nagasato
    14 views2 pages
    The document discusses the various network services used by FlowMon, an appliance-based solution for network visibility, traffic monitoring, reporting, analysis and anomaly detection. It provides details on the default ports and configuration for services like flow collection, remote access, SNMP monitoring, time synchronization, email notifications, alerts, DNS, software updates and LDAP authentication.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses the various network services used by FlowMon, an appliance-based solution for network visibility, traffic monitoring, reporting, analysis and anomaly detection. It provides details on the default ports and configuration for services like flow collection, remote access, SNMP monitoring, time synchronization, email notifications, alerts, DNS, software updates and LDAP authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    14 views2 pages

    FlowMon and Network Services

    Uploaded by

    nagasato
    The document discusses the various network services used by FlowMon, an appliance-based solution for network visibility, traffic monitoring, reporting, analysis and anomaly detection. It provides details on the default ports and configuration for services like flow collection, remote access, SNMP monitoring, time synchronization, email notifications, alerts, DNS, software updates and LDAP authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 2

    FlowMon and Network Services

    FlowMon and Network Services


    FlowMon is appliance-based solution for network visibility, traffic monitoring, reporting, analysis
    and anomaly detection. FlowMon appliances provide and consume various network services to
    ensure maximal usability and benefits. To help configure network services, firewall rules or proxy
    servers properly we provide this summary of all network services that are being used by FlowMon.

    Flow Collection
    Ensure that there are no firewall or ACL restrictions between flow sources (routers, Probes) and
    listening ports of FlowMon Collector. Default ports are UDP/2055 (NetFlow), UDP/3000 (NetFlow),
    UDP/9996 (NetFlow) and UDP/6343 (sFlow).

    User remote access


    FlowMon provides HTTPS based web interface to access the system through modern web
    browser. HTTP is redirected to HTTPS service. Ensure that TCP/443 is accessible. In addition to
    web based interface FlowMon provides SSH console. Ensure that TCP/22 is accessible. Do not
    forget to change the default passwords and consider access restrictions by firewall or ACL.

    SNMP-based monitoring
    FlowMon includes standard SNMP monitoring through ports UDP/161 and UDP/162 and Zabbix
    client running on port TCP/10050. Both services might be disabled. We recommend changing the
    default SNMP community string when using SNMP monitoring.

    Time synchronization
    For precise network traffic monitoring it is necessary to ensure time synchronization using NTP
    service. Please ensure that FlowMon can access defined NTP servers on port UDP/123. For other
    configuration options (e.g. built-in NTP server) please consult FlowMon User Guide, chapter
    FlowMon Configuration Center, section System Settings.

    E-mails
    E-mail notifications are available through user configured SMTP server. SSL/TLS security is
    available as well as SMTP authentication or custom SMTP server port. Use “Send test email”
    feature to check your settings.

    Alerts
    In addition to e-mail notifications FlowMon can generate syslog messages in CEF (common event
    format) or SNMP traps. Default port for syslogging is UDP/514 and SNMP traps operate on port
    UDP/162. Both ports are configurable. Use “Send testing syslog message” or “Send testing SNMP
    trap” to ensure that third party system is able to receive alerts from FlowMon.

    1/2
    INVEA-TECH, U Vodarny 2965/2, 616 00 Brno, Czech Republic
    + 420 511 205 250 | [email protected]
    www.invea.com
    FlowMon and Network Services

    DNS
    FlowMon will use configured DNS servers to automatically translate IP address to corresponding
    DNS names. We recommend using internal DNS servers to ensure local IP addresses are
    translated correctly. FlowMon needs to have access to DNS server on port UDP/53.

    INVEA-TECH remote services portal


    INVEA-TECH operates portal services.invea.com to provide automatic software updates, IP
    reputation feeds and whois information. To take advantage of that services enable TCP/443 to
    services.invea.com or enable usage of proxy server in FlowMon.

    LDAP-based authentication
    FlowMon supports external users defined in LDAP or Active Directory. Default ports are TCP/389
    and TCP/636 when using LDAP over SSL. Both ports are configurable in user interface. Use
    “Check Connection” to ensure that FlowMon can connect to LDAP identity source.

    Other network services


    For more details about configuration of FlowMon Remote Access please consult FlowMon User
    Guide, chapter FlowMon Configuration Center, section Remote Access.

    2/2
    INVEA-TECH, U Vodarny 2965/2, 616 00 Brno, Czech Republic
    + 420 511 205 250 | [email protected]
    www.invea.com

    You might also like