Deutsch dropdown-ico

Net Optics none Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

Zur Seite of

Ähnliche Gebrauchsanleitungen

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Net Optics none an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Net Optics none, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Net Optics none die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Net Optics none. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung Net Optics none sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Net Optics none
- Den Namen des Produzenten und das Produktionsjahr des Geräts Net Optics none
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Net Optics none
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Net Optics none zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Net Optics none und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Net Optics finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Net Optics none zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Net Optics none, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Net Optics none widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    User Guide "Smart Filtering" Appliance Doc. PUBDIRU Rev . 2, 9/08 ww w.netoptics.com 1 2 B A A B IDS Analyzer 2 Analyzer 1 RMON 1 RMON 2 Forensic *** Condential - DO NOT Distribute ***[...]

  • Seite 2

    PLEASE READ THESE LEGAL NOTICES CAREFULL Y . By using a Net Optics Director device you agree to the terms and conditions of usage set forth by Net Optics, Inc. No licenses, express or implied, are granted with respect to any of the technology described in this manual. Net Optics retains all intellectual property rights associated with the technolog[...]

  • Seite 3

    Director *** Condential - DO NOT Distribute *** Contents Chapter 1 Introduction .............................................................................................. 1 Key Features ............................................................................ 2 About this Guide .............................................................[...]

  • Seite 4

    Director *** Condential - DO NOT Distribute *** Create Complex Filters ................................................................... 29 V iew lters ............................................................................ 3 0 W ork with congurable 10 Gigabit ports ..................................................... 3 1 Understan[...]

  • Seite 5

    1 *** Condential - DO NOT Distribute *** Director Chapter 1 Intr oduction Net Optics Director is a key component for building a comprehensive, consolidated monitoring infrastructure for both network management and security . It extends the range of visibility for data monitoring across converged data and digital voice networks, while eliminating[...]

  • Seite 6

    2 *** Condential - DO NOT Distribute *** Director K ey Fea tur es Ease of Use T ap, aggregation, regeneration, matrix switch, and lter functions in a single device • 19-inch rack frame, 1U high • Front-mounted connectors for quick and easy installation • LED indicators show Power , Link, and Activity status • Modular design for con[...]

  • Seite 7

    3 *** Condential - DO NOT Distribute *** Director About this Guide Please read this entire guide before installing Director . This guide applies to the following part numbers: Chassis Part Number Description DIR-3400 Director Main Chassis with 10 SFP monitor ports DIR-____ Director Main Chassis with 10 SFP monitor ports, -48VDC power DIR-7400 Di[...]

  • Seite 8

    4 *** Condential - DO NOT Distribute *** Director Director Ar chitecture The fo llowing diag ram shows a schematic v iew of the architecture of the Dir ector device shown as a Matri x Switch wit h ltering. The black dots indicate aggregating Matrix Switch connections between Network Ports and Monitor Ports. K e y : Network or Span port Monito[...]

  • Seite 9

    5 *** Condential - DO NOT Distribute *** Director The input s are divide d int o t hree g roups: two D NMs p lus th e 10Gb E port s. In -li ne DNM model s supp ort 6 in-li ne lin ks, whi le Spa n DNM models supp ort 12 Sp an por ts. The d iag ram sh ows on e in-l ine an d one Span DNM. B oth in -line an d Span DNMs are available with either Copp[...]

  • Seite 10

    6 *** Condential - DO NOT Distribute *** Director Typical Application The following diagram shows a typical application using Director to implement a comprehensive, consolidated monitoring infrastructure. ww w.netoptics.com 1 2 B A A B IDS Analyzer 2 Analyzer 1 RMON 1 RMON 2 Forensic Director-centric network monitoring infrastructure Figure 2: I[...]

  • Seite 11

    7 *** Condential - DO NOT Distribute *** Director In this installation, Director has ten additional Span ports and one in-line link that are available for expansion, when more links need to be monitored. Monitoring T ools St ill re fer ri ng to Fig ure 2, si x m on it ori ng too ls a re con nec te d to Dir ect or . Th ey inc lud e pr oto col an [...]

  • Seite 12

    8 *** Condential - DO NOT Distribute *** Director In-line Monitoring of 10 Gigabit Links T o create an in-line link on a 10 Gigabit network segment, use and external iBypass Switch or network T ap. These two methods are explained in the following sections. iBypass Switch Method One method for creating a fail-safe, passive in-line 10 Gigabit netw[...]

  • Seite 13

    9 *** Condential - DO NOT Distribute *** Director Director Front Panel The features of the Director front panel are shown in the following diagram. www.netoptics.com ™ Director 1 2 B A 1 6 2 7 3 8 5 10 4 9 A B In-Line 10/100/1000 10 100 1000 LINK ACT In-Line GigaBit 1 2 3 4 5 6 7 8 9 10 11 12 A B A B A B 10 SFP Monitor Ports 2 XFP Configurable[...]

  • Seite 14

    10 *** Condential - DO NOT Distribute *** Director Director Rear P anel The features of the Director rear panel are shown in the following diagram. Management Port RS232 INPUT OUTPUT SERIAL NUMBER XXXXXX Power Supply Module Managemen t Port RS-232 Port 2 XFP Daisy-chain 10GbE Ports SR, LR, or ER Fiber XFP Modules Redundant Hot-swappable Power Su[...]

  • Seite 15

    11 *** Condential - DO NOT Distribute *** Director Chapter 2 Installing Dir ector This chapter describes how to install and connect Director devices. The procedure for installing Director follows these basic steps: Plan the installation 1. Unpack and inspect the Director device 2. Install the DNM modules 3. Install the SFP and XFP modules 4. Rac[...]

  • Seite 16

    12 *** Condential - DO NOT Distribute *** Director Plan the Installation Before you begin the installation of your Director device, determine the following: Name that will identify the Director device • IP address of the Director device, or • a range of IP addresses if you are deploying multiple Director devices Net Mask for Director • IP [...]

  • Seite 17

    13 *** Condential - DO NOT Distribute *** Director Install Director Networ k Modules If the Director Network Modules (DNMs) are not already installed when you receive the unit, install them by sliding them into the DNM slots in the front panel. (If there is a plate covering the DNM slot, remove it by unscrewing two thumb- screws, and then instal[...]

  • Seite 18

    14 *** Condential - DO NOT Distribute *** Director Connect P ower to Director For power fault protection, Director is equipped with redundant power connections. If one power source becomes unavailable due to an interruption in AC power or failure of the power brick, the other power source keeps Director operating normally . If both power sources[...]

  • Seite 19

    15 *** Condential - DO NOT Distribute *** Director Launch terminal emulation software and set communication parameters to: 2. 1 15200 baud 8 data bits No parity 1 stop bit Noowcontrol The Net Optics CLI banner and login prompt are displayed in the T erminal Emulation software. ********************************************************** *[...]

  • Seite 20

    16 *** Condential - DO NOT Distribute *** Director Enter 4. netoptics as the password. For security , the password is not displayed as you type it. The Director CLI runs and the CLI sign-on banner and login prompt are displayed. login as: customer customer@10.60.4.8's password: Last login: Thu Sep 4 09:40:31 2008 from 10.30.1.62 ***********[...]

  • Seite 21

    17 *** Condential - DO NOT Distribute *** Director Congure Dir ector using the CLI Y ou should be logged into the Director CLI. The factory-set default values for Director are: Username: • admin Password: • netoptics IP Address: • 10.60.4.180 (address for remote CLI, and for Compass manager software, when available) Netmask: • 255.0.0[...]

  • Seite 22

    18 *** Condential - DO NOT Distribute *** Director Assign a New Director IP Ad dress, Netmask, and Gateway IP Address If you are using the local RS-232 serial interface to access the CLI, then you need to congure the IP Address that Compass management software, when available, will use to communicate with Director . If Director must communica[...]

  • Seite 23

    19 *** Condential - DO NOT Distribute *** Director Tip! ___________________________________________________________________________________________________ Y ou can change the modes of multiple ports in a single command by specifying the ports in the portlist. Use a comma to separate items in the list, and use a dash (-) to indicate a range. For[...]

  • Seite 24

    20 *** Condential - DO NOT Distribute *** Director Using the CLI Help Command T o view CLI help information: Enter 1. Help at the "Net Optics:" prompt. The list of help topics is displayed. Net Optics> help ![#] - !number or up/down key for previous command commit - save local cong to hardware date - set system date del - delete [...]

  • Seite 25

    21 *** Condential - DO NOT Distribute *** Director Using the CLI Command Histor y Buffer Y ou can save a lot of typing by using the command history buf fer maintained by the CLI. The up- and down-arrow keys scroll forward and backward through the history buffer . T o execute a command again, simply scroll to that com- mand and press enter . Alte[...]

  • Seite 26

    22 *** Condential - DO NOT Distribute *** Director Connect Span P or ts to Director T o connect Director to the network using Span ports, be sure that at least one of your DNMs is a Span model. Use ports in that DNM to connect to the network. Span port numbering is shown in the following diagram. It is the same for Span DNMs and in-line DNMs. ww[...]

  • Seite 27

    23 *** Condential - DO NOT Distribute *** Director Connect Director W ith In-line Networ k Links T o connect Director to the network using an in-line installation, be sure that at least one of your DNMs is an in-line model. T ap port-pairs for each link are located side by side, with three links across the top row and three links across the bott[...]

  • Seite 28

    24 *** Condential - DO NOT Distribute *** Director ww w.netoptics.com ™ Director 1 2 B A 1 6 2 7 3 8 5 10 4 9 A B In-Line 10/100/1000 10 100 1000 LINK ACT In-Line GigaBit 123456789 10 11 12 A B A B A B In-line Network connections Figure 21: Connect Monitoring T ools to Director T o connect a monitoring tool to Director, simply plug the appropr[...]

  • Seite 29

    25 *** Condential - DO NOT Distribute *** Director Chapter 3 Conguring Filter s Using the CLI This chapter describes how to use the CLI to determine which monitoring tools are connected to which Network ports. It also explains how to create lters to limit the amount of trafc copied to Monitor ports, so the monitoring tools receive only [...]

  • Seite 30

    26 *** Condential - DO NOT Distribute *** Director When you dene a lter , you specify and action to be taken when the lter conditions are met. The action can be either drop or r edir (meaning redirect). If the action is drop , then packets which meet the lter criteria are dropped, that is, they are not copied to any Monitor port. If [...]

  • Seite 31

    27 *** Condential - DO NOT Distribute *** Director Network Port 1 Network Port 2 Monitor Port 3 + lter add in_ports=n1.1,n1.2 action=redir redir_por ts=m.3 T rafc aggregation Figure 23: R e gener ate T r afc to Any Set of Monitor P or ts Director can be used like a Regeneration T ap, copying trafc from a Network port (or aggregated g[...]

  • Seite 32

    28 *** Condential - DO NOT Distribute *** Director Create Filter s Filters process a trafc stream by selecting packets based on criteria in the packet header . A lter is dened using a lteradd command, which also species the Network ports and Monitor ports the lters apply to. The lteradd com mand species the fo[...]

  • Seite 33

    29 *** Condential - DO NOT Distribute *** Director ip_dst IP destination address • ip_dst_mask IP source address mask • ip_proto IP protocol • l4_src_port Layer 4 source port • l4_dst_port Layer 4 destination port • vlan VLAN number • Create Comple x Filter s Multiple lter parameters can be specied in a single lteradd [...]

  • Seite 34

    30 *** Condential - DO NOT Distribute *** Director Monitor Port 1 Network Port 5 lter add in_ports=n1.5 ip_proto=6 action=redir redir_ports=m.1 lter add in_ports=n1.5 ip_proto=17 action=redir redir_ports=m.1 Protoc ol = TC P Protoc ol = UDP + Logical OR lter connection Figure 29: View lter s T o view a list of all pending lters, e[...]

  • Seite 35

    31 *** Condential - DO NOT Distribute *** Director W or k with congur able 10 Giga bit por ts The two congurable 10 Gigabit XFP ports on the front panel are designated t.1 (on the left) and t.2 (on the right). They can be used in network port lists and monitor port lists. The 10 Gigabit ports are congured for Network or Monitor as requi[...]

  • Seite 36

    32 *** Condential - DO NOT Distribute *** Director lter add in_ports=n1.11 action=redir redir_por ts=t.2 lter add in_ports=n1.1-n1.4 action=redir redir_por ts=t.1 XFP Port 2 XFP Port 1 Network Port 11 Network Port 1 Network Port 4 Network Port 2 Network Port 3 + Congurable 10 Gigabit XFP ports used as Monitor ports (with aggregation) Fi[...]

  • Seite 37

    33 *** Condential - DO NOT Distribute *** Director Under stand lter interactions It is important to understand that Director uses Content Addressable Memory (CAM) technology to implement lters. As each lter is dened, it is stored in the next available entry in the CAM. Each packet header is compared in the CAM, and the CAM returns th[...]

  • Seite 38

    34 *** Condential - DO NOT Distribute *** Director Have we achieved our goal of sending all the TCP trafc to Monitor Port 2? Not quite. What happens when an TCP packet arrives from 192.186.10.0? It matches the lter at CAM address 1, so it is copied to Monitor Port 1. But that is all that happens; it does not go to Monitor Port 2. The ow[...]

  • Seite 39

    35 *** Condential - DO NOT Distribute *** Director Note: __________________________________________________________________________________________________ Instead of lteradd , you can use a lter ins command to dene lters. The only difference is that lter ins allows you to specify the lter's ID, which is its posit[...]

  • Seite 40

    36 *** Condential - DO NOT Distribute *** Director Under stand pending and activ e lter s T o understand the actions of lter commands such as ltercommit,lterdiscard, and lter delete, it is helpful to visualize the pending lter list and the CAM that holds the active lters. The previous section explained how [...]

  • Seite 41

    37 *** Condential - DO NOT Distribute *** Director Pending lter list Address Filter 1 n1.1 ip_proto=UDP action=drop 2 n1.1 m.1 CAM Address Filter 1 n1.1 ip_proto=UDP action=drop 2 n1.1 m.1 After lter sync Figure 41: Use 3. lter add,lterins, and lter del commands to change lters as desired. Pending lter list Ad[...]

  • Seite 42

    38 *** Condential - DO NOT Distribute *** Director Be aware of these similar pairs of commands: lterdiscard • clears the pending lter list, while lterclear clears the CAM lterlist • shows the pending lter list, while lterrunning shows the CAM ltercommit • copies the pending lter list to th[...]

  • Seite 43

    39 *** Condential - DO NOT Distribute *** Director Chapter 4 Daisy-c haining Multiple Dir ector Chassis This chapter describes how to expand the capacity of Director by daisy-chaining multiple Director chassis. The complete set of chassis becomes a single logical system with up to 380 total ports. By using long-reach ER links, chassis can be phy[...]

  • Seite 44

    40 *** Condential - DO NOT Distribute *** Director A ppendix A Dir ector Specica tions Specications, c hassis Mechanical Dimensions: 1.6” high x 15.65” deep x 17” wide Mounting: Surface or 19” rack mount (1U) W eight: TBA Connectors Network Port Slots: (2) Director Network Module (DNM) Monitor Ports: (10) SFP Congurable 10Gigabi[...]

  • Seite 45

    41 *** Condential - DO NOT Distribute *** Director Specications, DNM Copper Interface (12) RJ45 Network Ports 10/100/1000Mbps (6) In-line links or (12) Span ports depending on model 22-24 A WG unshielded twisted pair cable, CA T5e or better recommended Fiber Optic Interface (12) Gigabit SX, LX, or ZX Network Ports, LC type (6) In-line links o[...]

  • Seite 46

    42 *** Condential - DO NOT Distribute *** Director A ppendix B Command Line Interface Tip! ___________________________________________________________________________________________________ The command line interface (CLI) is not case sensitive. ____________________________________________________________________________________________________[...]

  • Seite 47

    43 *** Condential - DO NOT Distribute *** Director Command Sub-Command Parameters Example and description lter add ipv6=< y | n > in_ports=<network_portlist>* <qual>=<value> action=< redir | drop > redir_ports=<monitor_portlist> Notes: T h e command may include any number of <qual>, up to the limit of[...]

  • Seite 48

    44 *** Condential - DO NOT Distribute *** Director Command Sub-Command Parameters Example and description lter (continued) list ipv6=< y | n > lter list Parameters: ipv6=y for IPv6 addressing; ipv6=n for IPv4 ad- dressing (defaults to IPv4 if parameter is omitted) Displays all pending lters (with lter IDs) running ipv6=< y |[...]

  • Seite 49

    45 *** Condential - DO NOT Distribute *** Director Command Sub-Command Parameters Example and description passwd passwd Interactively changes the password of the SSH user account ping <address>* ping 10.1.1.4 Parameters: <address> is an IP address Pings the specied IP address to check for connectivity port set ports=<portlist&g[...]

  • Seite 50

    46 *** Condential - DO NOT Distribute *** Director Command Sub-Command Parameters Example and description sysip commit sysip commit Activates pending changes dened with sysip set set ipaddr=<address> netmask=<netmask> gw=<gateway> sysip ipaddr=192.168.1.2 netmask=255.255.0.0> Parameters: <address> is the IP address [...]

  • Seite 51

    47 *** Condential - DO NOT Distribute *** Director Command Sub-Command Parameters Example and description user This command is only available at root level show user show Lists all the currently dened user accoounts This command is only available at root level add name=<username>* pw=<password> priv=<level> Notes: All three [...]

  • Seite 52

    48 *** Condential - DO NOT Distribute *** Director Filter parameter s Switches and lters are dened using the lteradd and lter ins commands. The lteradd command syntax is: lter add in_ports=< portlist > <lter_parameter_list> action=<redir|drop> redir_ports=< portlist > The <lter[...]

  • Seite 53

    49 *** Condential - DO NOT Distribute *** Director A ppendix C Pr otocol Number s The ofcial Assigned Internet Protocol Numbers list is maintained by the Internet Assigned Numbers Authority and can be found at http://www .iana.org/assignments/protocol-number s. The list as of April 18, 2008 is reproduced in the following table (without refere[...]

  • Seite 54

    50 *** Condential - DO NOT Distribute *** Director Num Keyword Protocol 55 MOBILE IP Mobility 56 TLSP Transport Layer Security Protocol using Kryptonet key management 57 SKIP SKIP 58 IPv6- ICMP ICMP for IPv6 59 IPv6- NoNxt No Next Header for IPv6 60 IPv6-Opts Destination Options for IPv6 61 any host internal protocol 62 CFTP CFTP 63 any local ne[...]

  • Seite 55

    51 *** Condential - DO NOT Distribute *** Director Num Keyword Protocol 1 15 L2TP Layer T wo T unneling Protocol 1 16 DDX D-II Data Exchange (DDX) 1 17 IA TP Interactive Agent T ransfer Protocol 1 18 STP Schedule Transfer Protocol 1 19 SRP SpectraLink Radio Protocol 120 UTI UTI 121 SMP Simple Message Protocol 122 SM SM 123 PTP Performance T rans[...]

  • Seite 56

    52 *** Condential - DO NOT Distribute *** Director Limitations on W ar ranty and Liability Net Optics of fers a limited warranty for all its products. IN NO EVENT SHALL NET OPTICS, INC. BE LIABLE FOR ANY DAMAGES INCURRED BY THE USE OF THE PRODUCTS (INCLUDING BOTH HARDW ARE AND SOFTW ARE) DE - SCRIBED IN THIS MANUAL, OR BY ANY DEFECT OR INACCURAC[...]

  • Seite 57

    © 2008 by Net Optics, Inc. All Rights Reserved. www .netoptics.com[...]