3Com Traffix Transcend Traffix Manager User Manual
  1. Manuals
  2. Brands
  3. 3Com Manuals
  4. Software
  5. Traffix Transcend Traffix Manager
  6. User manual
3Com Traffix Transcend Traffix Manager User Manual

3Com Traffix Transcend Traffix Manager User Manual

For windows nt
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
®
http://www.3com.com/
Part No. 09-1825-000
Published August 1999
Transcend

User Guide

Software version 3.0 for Windows NT
Traffix
®
®
Manager

Advertisement

Table of Contents
loading

Related Manuals for 3Com Traffix Transcend Traffix Manager

Summary of Contents for 3Com Traffix Transcend Traffix Manager

  • Page 1: User Guide

    Transcend User Guide ® Software version 3.0 for Windows NT http://www.3com.com/ Part No. 09-1825-000 Published August 1999 Traffix Manager ® ™ ®...
  • Page 2 3Com Corporation. Traffix is a trademark of 3Com Corporation. 3Com Facts is a service mark of 3Com Corporation. Adobe and Acrobat are registered trademarks of Adobe Systems Incorporated. HP and OpenView are registered trademarks of Hewlett-Packard Company. AIX and IBM are registered trademarks of International Business Machines Corporation.

  • Page 3: Table Of Contents

    ONTENTS BOUT How To Use The Traffix Manager Documentation Conventions Terminology Used in this Guide Related Documentation Documents Web Sites Documentation Comments Year 2000 Compliance ETTING TARTED WITH RAFFIX ANAGER What to Read First Features of Traffix Manager How Does Traffix Manager Work? Strategy for New Users AUNCHING RAFFIX...
  • Page 4 RAFFIX OLLECTING How Traffix Manager Processes Collected Data RMON Overview Remote Monitoring RMON-2 Standard How Traffix Manager Discovers Network Devices Using RMON-2 ROUPING Overview Attributes Predefined Attributes Groupings Predefined Groupings Creating and Assigning Attributes Creating Groups and Ordering Attributes UNNING RAFFIX AUNCHING Launching the Traffix Manager Server...
  • Page 5 ISPLAYING ETWORK Loading Network Traffic Data Working with Objects in the Main Window Displaying Object Information Searching for Objects Selecting and Deselecting Objects Locating Objects in the Map Displaying Network Traffic Data Displaying Connections Between Objects Displaying Connections To and From Objects Combining To and From and Between Removing and Hiding Traffic Protocols, Applications and Favorites...
  • Page 6 Deleting Events Ignoring Devices or Connections Displaying an Event in the Map Displaying an Event in the Launch Graph Dialog Box Forwarding Events as SNMP Traps Integrating Traffix Manager SNMP Traps with HP OpenView VERVIEW OF EPORTING Overview Types of Report...
  • Page 7 EPORT YPES Report Templates Activity Reports Top N Reports Connection Activity Report Device Activity Report Group Activity Report Segment Activity Report Top N Connections Report Top N Devices Report Top N Groups Report Top N Segments Report PPENDICES AND ROUBLESHOOTING Troubleshooting Traffix Manager Troubleshooting Reports Diagnosing Reporting Problems...
  • Page 8 GGREGATING EVICES Overview Default Aggregation Specifying an Aggregation Policy SING THE UBNETS Using the SubnetsDB File How Subnet Grouping Works UTOMATIC TTRIBUTE Overview Contents of the User-defined Attributes Configuration File File Format Performing Attribute Assignment Using the fileattrs Program Configuration File Format Running fileattrs How fileattrs Works Using the dblookup Program...
  • Page 9 ONFIGURING Downloading Firmware to 3Com Standalone Agents Setting the Operational Mode on 3Com Standalone RMON-2 Agents DHCP How Traffix Manager Monitors DHCP Devices What Effect Do DHCP Devices Have On The Map? RMON-1 A SING Monitoring Network Segments Using RMON-1 Agents RMON SNMP T SNMP Tables used by Traffix Manager...

  • Page 11: About

    This guide describes Transcend Windows NT. This application gathers, displays and analyzes enterprise-wide network traffic. Procedural information on how to perform all tasks using Traffix Manager, as well as context-sensitive information about each dialog box, is provided in the online help. This guide is intended for network administrators.
  • Page 12 BOUT UIDE Table 1 Where to find specific information (continued) If you are looking for An overview of the RMON-1 and RMON-2 standards, and an introduction to how Traffix Manager uses RMON-2 agents to collect data from your network. Information on grouping devices to create views of your network in the Map. Procedures for launching Traffix Manager after the first time.

  • Page 13: Conventions

    Table 1 Where to find specific information (continued) If you are looking for Information about what’s new in this release of Traffix Manager. A list of known problems in this release of Traffix Manager. Conventions Table 2 Table 2 Notice Icons Icon Table 3 Text Conventions Convention...

  • Page 14: Terminology Used In This Guide

    BOUT UIDE Table 3 Text Conventions (continued) Convention Words in italics Terminology Used Refer to the in this Guide terms. Terms which are defined in the Glossary are italicized at their first use in the User Guide. Related The following documents and Web sites contain useful networking Documentation information.

  • Page 15: Documentation Comments

    RMON-2 Protocol Identifiers: http://www.it.kth.se/docs/rfc/rfcs/rfc2074.txt Miscellaneous List of third-party agents which are supported by Traffix Manager: http://www.3com.com/network_management/probe_interop Links to network management information: http://snmp.cs.utwente.nl Internet Engineering Task Force home page: http://www.ietf.cnri.reston.va.us Network Management Resource Database: http://www.cforc.com/cwk/net-manage.cgi Documentation Your suggestions are very important to us. They will help make our Comments documentation more useful to you.

  • Page 16: Year 2000 Compliance

    BOUT UIDE Year 2000 For information on Year 2000 compliance and 3Com products, visit the Compliance 3Com Year 2000 Web page: http://www.3com.com/products/yr2000.html...

  • Page 17: Etting Tarted With Traffix Manager

    ETTING ANAGER Chapter 1 Traffix Manager Overview Chapter 2 Launching Traffix Manager for the First Time TARTED WITH RAFFIX...

  • Page 19: Traffix Manager Overview

    This chapter introduces you to Traffix It contains the following sections: What to Read First Chapters 1–5 contain a conceptual overview of the processes you need to follow in order to get to the stage where Traffix Manager is displaying network traffic data for analysis.

  • Page 20: Features Of Traffix Manager

    1: T HAPTER RAFFIX ANAGER The Traffix Manager online help contains detailed procedural information on how to perform all tasks, and information about each application dialog box. The Traffix Manager Release Notes contain installation information, and a list of known problems with this release. Features of Traffix Traffix Manager collects and displays information about the application Manager...

  • Page 21: How Does Traffix Manager Work

    How Does Traffix Traffix Manager is a client/server application. The Traffix Manager server Manager Work? periodically polls RMON-1 and RMON-2 agents on your network for data about conversations between devices. See page 37 Industry standards — Traffix Manager supports the IETF RMON-2 standard, which enables information about network and application layer protocol communication patterns to be collected.
  • Page 22 Map, in various charts, or in one of the various reports. See for more information about the Map. VERVIEW Network management station Servers Network Workstations Printers Chapter “Using Event “About the Main Window” Printer Network Printer Rules”, for more information. page 28...

  • Page 23: Strategy For New Users

    Strategy for New If you have just begun using Traffix Manager to monitor your network, Users you should do the following: Keep the Traffix Manager server running at all times so that data is continuously stored and prepared for reporting. The client does not need to be kept running.
  • Page 24 1: T HAPTER RAFFIX ANAGER VERVIEW...

  • Page 25: Launching Traffix Manager For The First Time

    FOR THE This chapter provides information on launching Traffix first time. Information on installing Traffix Manager is documented in the Release Notes which are shipped with this product. It contains the following sections: Installing RMON Before you can launch Traffix Manager, you need to have at least one Agents on Your RMON agent installed on your network to collect traffic data.

  • Page 26: Launching The Traffix Manager Server

    2: L HAPTER AUNCHING RAFFIX Launching the There are two steps to launching Traffix Manager: you must launch the Traffix Manager Traffix Manager server first and then launch the Traffix Manager client. Server To launch the Traffix Manager server: 1 Select Programs from the Start menu, and open the directory in which you installed the Traffix Control Panel.
  • Page 27 configuration of data sources, and take you to the point where traffic data is displayed in the main window. The startup wizard first prompts you for the DNS domain(s) of those devices which you want to monitor in detail. Traffix Manager considers this specified DNS domain to be your “local network”.

  • Page 28: Stopping Traffix Manager

    2: L HAPTER AUNCHING RAFFIX Figure 2 Traffix Manager Main Window Stopping Traffix To stop a Traffix Manager client, click Exit on the File menu in the main Manager window. To stop the Traffix Manager server, click Stop Server in the Traffix Control Panel.

  • Page 29: Grouping Of Objects

    Also allows you to change between Traffix administrator and read-only user. Launches the standard Printer Options dialog box from which you can output the contents of the main window to a printer or file.
  • Page 30 2: L HAPTER AUNCHING RAFFIX Table 4 Traffix Manager Main Window Menu Options (continued) Menu Option Groupings... Reload Attributes Display Add Connections To and From Remove Connections To and From Add Connections Between Remove Connections Between Remove All Connections Show Mapped Connections Map All Objects Map Connected Objects Labels...
  • Page 31 Table 4 Traffix Manager Main Window Menu Options (continued) Menu Option Zoom... Graph Panel Settings... Launch Graph Collection Configure Agents... Agent Hardware Maintenance... Aggregation... Database Size... Events Event Rules... Show Rules for Current Selection... Event List (All)... Event List (Current Selection)... Reports Report Manager…...
  • Page 32 2: L HAPTER AUNCHING RAFFIX Table 4 Traffix Manager Main Window Menu Options (continued) Menu Option Index About detailed information on working with objects in the main window. ANAGER FOR THE IRST Function Launches online help with the Index tab selected. Launches the About Traffix Manager screen, giving the version name and numbers of the application.

  • Page 33: Ow Raffix Anager Orks

    Chapter 3 Collecting Data Chapter 4 Grouping Network Devices in the Map RAFFIX ANAGER ORKS...

  • Page 35: How Traffix Manager Processes Collected Data

    This chapter describes how Traffix network. It contains the following sections: How Traffix Traffix Manager collects and correlates data from stand-alone and Manager Processes embedded RMON-1 and RMON-2 agents, from both 3Com and other Collected Data vendors. This data provides a complete picture of enterprise network traffic for performance management and trend analysis.
  • Page 36 The Reporter uses the same data to generate scheduled reports, which can then be distributed as HTML files for viewing by a web browser or to your printer. See information. Reporter Relational...

  • Page 37: Rmon Overview

    RMON Overview Traffix Manager supports all agents that are compliant with the Internet Engineering Task Force (IETF) Remote MONitoring Management Information Base Version 1 (RMON-1 MIB), defined in RFC 1757, and Version 2 (RMON-2 MIB), defined in RFCs 2021 and 2074. The RMON standards bring the following advantages to network monitoring: An RMON agent can be deployed as a stand-alone probe or embedded...

  • Page 38: How Traffix Manager Discovers Network Devices Using Rmon-2

    3: C HAPTER OLLECTING single segment. Traffix Manager uses RMON-2 functionality to build up a picture of communicating devices on the network and the traffic flowing between them, including network layer addresses and protocols seen. For further information on RMON-1 and RMON-2, refer to the 3Com RMON-1 and RMON-2 Backgrounder on the 3Com Web Site: http://www.3com.com/nsc/501305.html.

  • Page 39: Grouping Network Devices In The Map

    This chapter contains the following sections: Overview With Traffix your own criteria. You can view the use of your network by, for example, cost center, business unit, workgroup, business-critical connection or geographical location. You can then filter the display of traffic data further by selecting which protocols to display.

  • Page 40: Attributes

    4: G HAPTER ROUPING ETWORK Attributes To understand how Traffix Manager groups devices in the Map, it helps to be familiar with the concepts of attributes and groupings. An attribute is a label for a piece of information about a device: for example, location or IP address.
  • Page 41 Table 5 Predefined Attributes (continued) Name Description MAC Addr Only devices which are in the same broadcast domain as the interface on an RMON-2 agent will have the MAC address attribute assigned to them. “Assigning MAC Addresses” page 42 Vendor The Vendor attribute is only assigned if the following criteria are met: The MAC Address attribute is...

  • Page 42: Groupings

    4: G HAPTER ROUPING ETWORK EVICES IN THE Assigning MAC Addresses When the client is first started, it tries to locate the Traffix Manager server through the use of a broadcast message. If the system on which the client is running is not in the same broadcast domain as the server, this broadcast message will fail, and the client will not be able to connect to the server.

  • Page 43: Predefined Groupings

    The Map shows a hierarchical view of the devices in your network according to the selected grouping. By selecting a Geographical grouping for example, devices will be grouped according to which country they are in. Within each country, devices may be grouped according to which city they are in.

  • Page 44: Creating And Assigning Attributes

    4: G HAPTER ROUPING ETWORK a Add appropriate entries to the SubnetsDB configuration file. See b Either start a new database or use Reload Attributes... with Subnets c Create a new grouping using the following attributes (in the order d Select this grouping. Creating and You must create attributes, or select predefined attributes, to include in Assigning Attributes...

  • Page 45: Creating Groups And Ordering Attributes

    Groupings Figure 5 Attributes dialog box The Attributes dialog box displays, in rows, a list of selected devices on your network, and in columns, a list of available attributes. By default, devices currently selected in the Map are listed, with values for the attributes that apply to the selected grouping.
  • Page 46 4: G HAPTER ROUPING ETWORK EVICES IN THE Figure 6 Groupings dialog box...

  • Page 47: Running Traffix Manager

    UNNING Chapter 5 Launching Traffix Manager After the First Time Chapter 6 Configuring Agents for Data Collection Chapter 7 Displaying Network Traffic in the Main Window Chapter 8 Displaying Traffic in Graphs Chapter 9 Using Event Rules Chapter 10 Viewing Events Chapter 11 Overview of Reporting Chapter 12...

  • Page 49: Launching The Traffix Manager Server

    This chapter provides information on how to launch Traffix after the first time. It contains the following sections: Launching the Start the Traffix server using the Traffix Control Panel. The Traffix Control Traffix Manager Panel is also used for database administration. See Server “Database Management Using Traffix Control Panel”...

  • Page 50: Client Access Levels

    5: L HAPTER AUNCHING RAFFIX To use a remote server, you must add the IP address of the machine running the server to the shortcut in the Start menu. To do so, follow these steps: 1 Select Settings from the Start menu, and then Taskbar... 2 In the Taskbar Properties dialog box, select the Start Menu Programs tab.

  • Page 51: Configuring Agents For Data Collection

    This chapter describes how to use Traffix enable RMON agents on your network for data collection. It contains the following sections: agents. Supported RMON Traffix Manager supports all agents which implement all the relevant Agents and groups of RMON-1 and RMON-2 standards. Interfaces Refer to RFCs 1757, 2021 and 2074 for a list of the RMON groups which are retrieved by Traffix Manager:...

  • Page 52: Finding Agents For Data Collection

    6: C HAPTER ONFIGURING Finding Agents for The agents used may be devices with RMON-1 or RMON-2 embedded Data Collection within them, such as switches or hubs, or they may be dedicated stand-alone RMON probes. You can search for compatible agents from the startup wizard and from the Configure Agents dialog box.
  • Page 53 To enable you to manage large numbers of collection agents, agent folders can be created in the tree and the agents dragged and dropped into them. Adding and Editing Agents From the Configure Agents dialog box you can use Traffix Manager to automatically find agents on your network, or you can add agents yourself.

  • Page 54: Downloading Agent Firmware

    6: C HAPTER ONFIGURING GENTS FOR Viewing Agent Statistics You can view the statistics of a selected agent from the Agent Statistics dialog box. This dialog box displays various statistics related to SNMP communication with the agent. Refer to the online help for more detailed information about the Agent Statistics dialog box.
  • Page 55 Finding Agents for Data Collection Traffix Manager. See Appendix G for more information about setting the mode on 3Com standalone RMON-2 agents.
  • Page 56 6: C HAPTER ONFIGURING GENTS FOR OLLECTION...

  • Page 57: Displaying Network Traffic In The Main Window

    This chapter contains the following sections: Before you can display traffic data, you need to use Traffix collect it from your network. To find out if there is data already collected, open the Load Traffic dialog box from the File menu. If no data has been collected, see information about collecting data from your network.

  • Page 58: Working With Objects In The Main Window

    7: D HAPTER ISPLAYING ETWORK Figure 7 Load Traffic dialog box Working with Once you have loaded network traffic data, you can display information Objects in the Main about objects on your network, search for and select objects, and locate Window objects in the Map.

  • Page 59: Searching For Objects

    A selected object is colored blue. The shade of grey used to color the inside of a group is only used to make it more visible in the Map and does not denote a specific state. Group Statistics You can use the Number of Devices dialog box to find out how many devices are in a selected group, and how many of those devices are active (transmitting/receiving traffic).

  • Page 60: Displaying Connections Between Objects

    7: D HAPTER ISPLAYING ETWORK Table 7 menu and from buttons in the main window. Table 7 Description of Display Buttons Button Displaying With two or more objects selected, click Add Connections Between to Connections Between display traffic going between the selected objects only. Objects With a single group selected, selecting Add Connections Between maps traffic going between objects within that group only.

  • Page 61: Combining To And From And Between

    Combining To and You can use the To and From and Between options in combination to From and Between turn off a subset of the traffic connections. Removing and Hiding To remove all traffic from selected objects in the Map, select Remove All Traffic Connections from the Display menu.

  • Page 62: Protocol Tools

    7: D HAPTER ISPLAYING ETWORK If you want to change the protocols in an application, create a new favorite rather than edit a predefined application grouping. The concept of having applications and favorites (collections of related protocols) also applies also to graphs, reports and events, as well as to viewing in the Map.
  • Page 63 You might then create a favorite called Server, containing both user-defined protocols. You could display this favorite in the Map as a single color, to show the overall use of both protocols on your network. To set up a user-defined protocol, you need: The name of the parent protocol over which it runs, for example The protocol number.

  • Page 64: Device Aggregation

    7: D HAPTER ISPLAYING ETWORK Many current implementations of RMON-2 agents do not support user-defined protocols. If in doubt, check with your agent vendor. Device Aggregation Aggregation is a way of limiting the number of devices Traffix Manager has to track. As more devices are displayed in the Map, it becomes more difficult for you to determine traffic patterns on your network.

  • Page 65: Displaying Traffic In Graphs

    This chapter contains the following sections: Overview You can use the graph tools in Traffix traffic. The graph panel of the main window shows summary information about the most significant items selected in the Map. In addition to this, you can open the Launch Graph dialog box to display more detailed information about selected items.

  • Page 66: Using The Graph Panel

    8: D HAPTER ISPLAYING RAFFIC IN Using the Graph The Graph Panel of the main window shows basic information about the Panel network activity of selected items in the Map as a number of graphs. Figure 8 Graph Panel The following graphs of objects selected in the Map are displayed in the main window: RAPHS Summary Bar —...

  • Page 67: Using The Launch Graph Dialog Box

    Use the Graph Panel Settings dialog box to configure the display of the Graph Panel. Figure 9 Graph Panel Settings dialog box The options for display are: Using the Launch Use the Launch Graph dialog box to display detailed information about Graph Dialog Box items in the Map.
  • Page 68 8: D HAPTER ISPLAYING RAFFIC IN Figure 10 Launch Graph dialog box The settings used to create the launched graph are those used in the Map at the time you launch the dialog box. If the data is filtered in some way, for example by protocol, that filtering is used when producing the graphs.

  • Page 69: Graph Settings

    Top Objects — Show the busiest objects. Which objects are considered depends on the level set in the Graph Settings dialog box. Top Connections — Shows the busiest connections. Which connections are considered depends on the Level and Unit Total set in the Graph Settings dialog box.
  • Page 70 8: D HAPTER ISPLAYING RAFFIC IN RAPHS...

  • Page 71: Using Eventr Rules

    This chapter describes how to use event rules to analyze the data collected by Traffix your network. This chapter contains the following sections: Overview Using Traffix Manager, you can set up event rules to provide you with information about the security of your network, and the level of traffic on the network.

  • Page 72: Predefined Event Rules

    9: U HAPTER SING VENT The event rules in Traffix Manager fall into two broad categories: The various types of event rule are discussed in more detail in the following section. Traffix Manager provides a number of predefined event rules that cover common network issues.

  • Page 73: Examples Of Event Rules

    Examples of Event There are a total of eight types of event rule, the possible uses of which Rules are discussed below. Security Event Rules These types of event rule help you to protect your network from unauthorized access or improper use. Detect Unauthorized Machine Access You use this type of event rule to help you enforce policies about access to specified machines.

  • Page 74: Traffic Event Rules

    9: U HAPTER SING VENT ULES Traffic Event Rules These types of event rule help you to detect significant changes in the behavior of a machine or connection. Such changes are often causes or indicators of problems on the network. They may also indicate that some part of the network is overloaded, and could give advance warning that the load on a device is increasing.

  • Page 75: Configuring Event Rules

    By applying the protocol filter to an event rule of this type, you can use it to monitor the usage of specific network services on the devices. For example, you can use this event rule to: Monitor Critical Connections Changes on an important link can lead to unexpected congestion. You can use an event rule of this type to monitor a list of WAN or backbone links and generate an event if the network traffic on the link changes significantly.

  • Page 76: Refining Event Rules

    9: U HAPTER SING VENT ULES Figure 11 Event Rules dialog box Traffix Manager provides wizards to help you add and edit event rules. Refining Event Rules When you add or edit an event rule, you can modify it to monitor the traffic on your network and your network security, according to your own requirements.

  • Page 77: Using Event Rules

    Specifying the Time Filter With certain types of event rule, you can specify the times at which rules apply. For example, you could choose to restrict unauthorized traffic at all times, or only during certain periods. Specifying Sensitivity For most event rule types, you can specify how sensitive you want the rule to be: When you create an event rule, you can set the sensitivity of that rule approximately on a simple slider.

  • Page 78: Monitoring Servers

    9: U HAPTER SING VENT ULES Maintaining Network Security You can configure Detect Network Sweep Attack and Detect New Devices event rules to generate security events. There are event rules of both types already preconfigured. However, your firewall may be a more appropriate source of information about attacks from outside the network than Traffix Manager.

  • Page 79: Monitoring Wan Links And Backbone Links

    Using Event Rules The Map can provide you with immediate information about which devices have been using particular servers. Detecting Unauthorized Servers You can use the Detect Network Sweep Attack rule to spot users creating unauthorized servers on the network. For example, you can detect unauthorized FTP servers by creating a rule which detects FTP traffic on the network, but which ignores traffic to and from known FTP servers.

  • Page 80: Implementing Business Policies

    9: U HAPTER SING VENT ULES Implementing Some organizations and network administrators have specific policies Business Policies about how the network can be used, in general or at different times of day. Detect Network Misuse and Detect Unauthorized Machine Access event rules are powerful tools for detecting behavior that does not conform to such policies.

  • Page 81: Viewing

    This chapter describes use of the Event List. It contains the following sections: Overview Traffix your network and network security. When the conditions for a rule are met, an event is generated. See event rules. Events are also generated by the Collector and Reporter processes. The Event List in Traffix Manager displays events generated by all these sources, and supports various viewing options.

  • Page 82: Viewing Events

    10: V HAPTER IEWING VENTS Viewing Events You use the Event List to display information about events. Figure 12 Event List The Event List provides the following information about each event: Acknowledged — whether the event has been acknowledged. By default only unacknowledged events are displayed.

  • Page 83: Filtering Events

    The severity of the event. The rule that generated the event. A detailed explanation of the reason for the event. The activity of the device before and after the change that caused the event. You can sort, filter, and summarize the display of events. These last two operations are described in more detail below.

  • Page 84: Summarizing Events

    10: V HAPTER IEWING VENTS Only events generated by event rules can be displayed in this way. Summarizing Events You can manage the display of the Event List by summarizing events, so that only one entry is shown for a number of events. When events are summarized, the number of events related to the summarized entry is displayed.

  • Page 85: Viewing And Managing Selected Events

    Viewing and By selecting an event in the Event List, you can carry out the following Managing Selected actions. These actions do not apply to events generated by the Collector Events or the Reporter. The last three operations depend on the type of event, and are described in more detail in the remainder of this section.

  • Page 86: Forwarding Events As Snmp Traps

    This section gives an example of how to integrate Traffix Manager SNMP Manager SNMP Traps Traps forwarded from the Event List with HP OpenView. At the time of with HP OpenView writing, the Traffix Manager Event forwarding feature uses the 3Com RMON Event Trigger SNMP Trap PDU (Specific ID 82).
  • Page 87 2 The MIB files that define events are supplied by a number of enterprises. Select 3Com in the Enterprises field of the Event Configuration dialog box. The system object ID corresponds to the value supplied with the SNMP Trap. 3 The list in the bottom half of the Event Configuration dialog box lists events associated with the enterprise selected in the top half.
  • Page 88 10: V HAPTER IEWING VENTS...

  • Page 89: Overview Of Reporting

    You can schedule the generation of daily, weekly and monthly reports. These reports are automatically run overnight and delivered to your Web server or printer, or stored as data files for later use. You can also generate reports on demand (ad hoc reports) at any time.

  • Page 90: Report Instances

    Output Traffix Manager uses the raw data to output professional reports as hard copy to a printer on the server, as HTML files, or as Comma Separated Value (CSV) files. CSV files can be read into a spreadsheet or database application for further analysis.
  • Page 91 Weekly Reports These reports use all data collected on the day specified and the following 6 days. The report is generated in the early hours of the day after the last day covered by the report. For example, if you select from Friday through to the following Thursday (Figure of the following week is used.

  • Page 92: Managing Reports

    11: O HAPTER VERVIEW OF Managing Reports You use the Report Manager to add, schedule, edit and delete reports. Figure 17 Report Manager The Report Manager has three main areas: The use of these three areas in managing reports is explained in more detail in the remainder of this section.

  • Page 93: Creating, Editing And Deleting Reports

    The reporting features available depend on the client access level. A read-only user can browse existing reports, view report details, and view reports in the output queue. An administrator can also add, edit and delete reports, change report scheduling and output options, and run ad hoc reports.

  • Page 94: Scheduling Reports

    11: O HAPTER VERVIEW OF You can choose to delete raw data to reclaim disk space if required. See “Setting Global Report Options” deleting raw report data. Scheduling Reports The Report Schedule dialog box is displayed automatically when you add a new report instance.

  • Page 95: Setting Output Options

    Reports can be delivered automatically only to a printer visible to the server. If you want to print a report using a printer visible to the client, you should output the report as HTML. You can then print the required pages from your Web browser.

  • Page 96: Monitoring Report Generation And Output

    (Report output could fail if, for Output example, a file cannot be written to, or a printer is off line. See “Troubleshooting Reports” You can show output for all reports, or only for the report currently selected in the Report Manager.

  • Page 97: Strategy For Reporting

    Therefore, scheduled reports are run overnight, to be delivered to your Web server or printer in the morning. Ad hoc reports can be started from the Report Manager but, according to the quantity of data being processed and the number of reports queued, they may not be output immediately.

  • Page 98: Effects Of Grouping On Reports

    11: O HAPTER VERVIEW OF groups, rather than for your entire network. See Attributes” Generate a top N Summary Report to Determine Objects for an Activity Report You can run top N reports in two modes: To identify key network objects, generate a top N report in summary mode.

  • Page 99: Report Types

    This chapter describes in detail each type of report in Traffix Report Templates For each kind of object — connections, devices, groups of devices, and segment — there are two types of report template, activity and top N. Activity Reports Each activity report consists of two sections: Top N Reports Top N reports can be run in two modes:...

  • Page 100: Connection Activity Report

    12: R HAPTER EPORT YPES The different types of report are described in turn in the remainder of this chapter. Connection Activity This report contains detailed information on each specified connection. Report Traffic flowing in both directions between the selected end points is used. When selecting end points, you can select any two objects from the Map as the end points of a connection.

  • Page 101: Device Activity Report

    Table 8 Connection Activity Report Charts (continued) Report Section Chart Title Device Activity This report contains detailed information on each specified device. Report Table 9 Device Activity Report Charts Report Section Chart Title Description Report Information about the report itself. Information Description Device Activity...

  • Page 102: Group Activity Report

    12: R HAPTER EPORT YPES Group Activity This report contains detailed information on each specified group. Report There are three ways you can report on groups: Table 10 Group Activity Report Charts Report Section Chart Title External — Traffic flowing into or out of the group only Internal —...

  • Page 103: Segment Activity Report

    Segment Activity This report contains detailed information on each specified segment. For Report the purposes of reporting, it is assumed that each separate segment of your network is monitored by an agent interface. Many sites (particularly in a switched environment) have large numbers of segments and it may be too expensive to instrument all of them with RMON-2 agents.
  • Page 104 12: R HAPTER EPORT YPES Table 11 Segment Activity Report Charts (continued) Report Section Chart Title Description Error History A baseline chart showing the actual total number of With Baseline error packets over the report period as a line. This is overlaid on bands representing normal, borderline and unusual error totals.

  • Page 105: Top N Connections Report

    Top N Connections This report calculates the top N connections by total octets sent and Report received over the report period. A connection can be one of the following: You can limit the report to consider only connections between groups or devices at specified levels in the grouping, and also where each end of the connection must be within a specified parent group.
  • Page 106 12: R HAPTER EPORT YPES The following are examples of reports on the default Type and Network grouping. See more information about the default groupings. Table 12 Top N Connections Report Charts Report Section Chart Title (continued) “From at Country level to the U.K.

  • Page 107: Top N Devices Report

    Table 12 Top N Connections Report Charts (continued) Report Section Chart Title Top N Devices This report calculates the top N devices by total octets sent and received, Report and by the number of “hits” over the report period. You can limit the report to consider only devices within a specified group.
  • Page 108 12: R HAPTER EPORT YPES Table 13 Top N Devices Report Charts (continued) Report Section Chart Title Description Top Devices By A stacked bar chart containing the top N devices as Hits measured by total hits, broken down by protocol. A hit is a conversation of a particular protocol between the device and another device.

  • Page 109: Top N Groups Report

    Top N Groups This report calculates the top N groups by total octets sent and received Report over the report period. You can limit the report to consider only groups at a specified level in the grouping scheme within a parent group. Some examples of group reports are: The information contained in the report is shown below.

  • Page 110: Top N Segments Report

    12: R HAPTER EPORT YPES Table 14 Top N Groups Report Charts (continued) Report Section Chart Title Top N Segments This report calculates the top N segments by utilization, and by Report percentage of errors. For most networks it is sufficient to allow Traffix Manager to select automatically the top N segments by selecting All Segments for the top N segments report.
  • Page 111 Table 15 Top N Segments Report Charts (continued) Report Section Chart Title Description Utilization A multiple line chart showing the history of the History utilization for each of the N segments over the report period. Utilization An alternative way of viewing the utilization history. Health Chart Utilization values are shown as cells with the cell color indicating the band of utilization.
  • Page 112 12: R HAPTER EPORT YPES Table 15 Top N Segments Report Charts (continued) Report Section Chart Title Description Utilization A baseline chart showing the actual utilization over the History With report period as a line. This is overlaid on bands Baseline representing normal, borderline and unusual utilization.

  • Page 113: Ppendices And Index

    Appendix A Troubleshooting Traffix Manager Appendix B Database Management Using Traffix Control Panel Appendix C Aggregating Devices Appendix D Using the SubnetsDB File Appendix E Automatic Attribute Assignment Appendix F Supported RMON-2 Devices Appendix G Configuring 3Com Standalone RMON-2 Agents Appendix H DHCP Appendix I...

  • Page 115: A Troubleshooting Traffix Manager

    This appendix is divided into two sections: For information on reporting problems to 3Com, see “Technical Troubleshooting Table 16 Traffix Manager running Traffix Table 16 Diagnosing Traffix Manager Problems Problem Cause Client Will Not Start. Traffix server is not running. Traffix server is running in a different broadcast domain to...

  • Page 116: Troubleshooting Reports

    A: T PPENDIX ROUBLESHOOTING Table 16 Diagnosing Traffix Manager Problems (continued) Problem Cause No Data in the Map. Event Rule does not generate any events. When you manually Agent does not enter the IP address of support RMON-1 or an agent you want to RMON-2.
  • Page 117 Table 17 Diagnosing Reporting Problems Problem Cause Raw report fails when Database directory is running ad hoc or full (raw report data is scheduled reports. stored in the database). HTML output fails even HTML output directory though raw data is is not writable.
  • Page 118 A: T PPENDIX ROUBLESHOOTING Table 17 Diagnosing Reporting Problems (continued) Problem Cause Reports take very long Reports using large time to run. amounts of data can take some time to complete. Scheduled reports do Traffix Manager not run. processes are not running.
  • Page 119 Table 17 Diagnosing Reporting Problems (continued) Problem Cause The reporter was “ERROR could not unable to create an open output file: <filename>” in event output file. viewer. Troubleshooting Reports Solution This is most often caused by insufficient permissions — you do not have permission to create output files where requested.
  • Page 120 A: T PPENDIX ROUBLESHOOTING RAFFIX ANAGER...

  • Page 121: Database Management Using Traffix Control Panel

    This appendix contains: Overview of Traffix From the Traffix Control Panel, you can manage the operation of the Control Panel Traffix Traffix Manager uses a database to store topology, trend data, collector configurations, device attributes, scheduled report templates and report data.

  • Page 122: Overview Of Database Applications

    B: D PPENDIX ATABASE ANAGEMENT Figure 18 Traffix Control Panel These applications help you to manage and organize a number of databases, for example, if you want to keep extra databases for backup purposes or to provide snap shots of your network or portions of your network over time.

  • Page 123: Database Maintenance

    The amount of free disk space remaining on your PC for data collection to the database. The location of HTML reports. From this dialog box, you can launch the following operations: Create a new database to write data from the network to. Unless you want to get rid of the contents of a database entirely, you should always use the Clean Database application instead of deleting a database and creating a new one.
  • Page 124 B: D PPENDIX ATABASE ANAGEMENT You can carry out the following operations from the Database Maintenance dialog box: Clean databases Clean the current Traffix Manager database by selecting from the following options: When you clean a database, the agent configurations and local DNS domains are not deleted.

  • Page 125: Subnets Editor

    3Com recommends that you back up your database regularly, the frequency depending on how important your trend data is to the way you monitor your network. If you want to view and report on your weekly data, you should back up your database once a week. If viewing and storing your trend data is less important, backing up your database once a month may be adequate.

  • Page 126: Default Dns Domain

    B: D PPENDIX ATABASE ANAGEMENT This dialog box also allows you to select whether Traffix Manager starts automatically every time you log on to your machine. Default DNS Domain Allows you to set a default DNS domain, if you wish to change the previously configured default.

  • Page 127: Deinstalling Traffix Manager

    Deinstalling Traffix To deinstall Traffix Manager 2.0 for NT: Manager 2.0 1 Close Traffix Manager and all related processes. To check which processes are running, right-click the Windows NT Taskbar and select Task Manager. The Applications and Processes tabs contain a list of any active programs. 2 From the Start menu, select Settings >...
  • Page 128 B: D PPENDIX ATABASE ANAGEMENT 1 To display a program group, right-click Start and select Open All Users. Double-click a program entry to display the program group. 2 Right-click the control button in the top left corner of the Traffix Manager program group title bar.

  • Page 129: Aggregating Devices

    This appendix describes: Overview Aggregation reduces the amount of memory and disk resources required by Traffix a single device. For example, in sites where there is a lot of Internet traffic, some or all external devices can be aggregated together. This may be the only way to limit the resource usage to an acceptable level.

  • Page 130: Specifying An Aggregation Policy

    C: A PPENDIX GGREGATING Specifying an To aggregate devices on a particular network, it is necessary for the Aggregation Policy aggregator to be configured for that network. This is done by specifying an aggregation policy. Once an aggregation policy has been configured, it only affects data collected from that point on.
  • Page 131 Selecting the Default Aggregation Action The default aggregation action is the method of aggregation applied to network devices which have a DNS name, but which are not contained within one of the local DNS domains. There are three default aggregation actions, from which you can select and apply one to non-local DNS domains.
  • Page 132 C: A PPENDIX GGREGATING Setting a Maximum Device Limit You can specify a device limit of 100,000 devices. This allows you to monitor local devices in detail, but reduce the detail of data kept about non-local devices. This setting is treated as a “hint” by Traffix Manager: if new local devices are seen after this user-defined limit is reached, the setting is increased gradually, up to the maximum version limit, to allow for the new local devices to be stored.

  • Page 133: Sing The Subnets Db File

    Using the This facility allows you to group the devices on your network by subnet. SubnetsDB File Click Subnets Editor in the Traffix definition file, which contains information about subnet groupings. This file can be edited and reapplied at any time. To set up subnets: 1 Edit the SubnetsDB file using the Subnets Editor provided in the Traffix Control Panel.
  • Page 134 D: U PPENDIX SING THE UBNETS Subnet masks must comply with the primary internet network class types by covering at a minimum the part of the address that represents the network bits. In Table 18 Subnet Masks Class Description If a subnet mask spans more than one class A/B/C subnet then only the first entry should be used.

  • Page 135: How Subnet Grouping Works

    4 If you already have devices showing in the Map, reload the subnets attributes using the Reload Attributes dialog box, which you access from the Edit menu in the main window. 5 Create a subnets grouping. See information on how to create a site-specific subnet grouping. 6 Apply the grouping.
  • Page 136 D: U PPENDIX SING THE UBNETS subnet 89.0.0.0 89.0.0.0 DB F For example, if the SubnetsDB file was to contain the following entries with the same subnet address: mask name 255.0.0.0 Group1 255.255.0.0 Group2 Any device matching both of these subnets would be placed in Group 2, as this has 16 set bits in its subnet mask, whereas Group 1 has only 8 set bits.

  • Page 137: Automatic Attribute Assignment

    This appendix describes: Overview Automatic attribute assignment within Traffix automatically import attribute values from various data sources to create groupings and to identify objects in the Map. The data sources could be a text file, a Microsoft Excel spreadsheet, a Microsoft Access database or a program that you write.

  • Page 138: Contents Of The User-Defined Attributes Configuration File

    E: A PPENDIX UTOMATIC TTRIBUTE By editing the user-defined attributes configuration file, you select which programs are used to determine attributes for objects. You can use the standard programs supplied, or you can create your own custom programs. There are two standard programs and one example program provided: Contents of the This file can be viewed or edited by double clicking on Attribute Lookup User-defined...

  • Page 139: File Format

    File Format Lines beginning with # are comments and are ignored. All other lines take the form: <Name> <label> <filename> <arguments> <flag> <label> is used in the collector event logs to refer your attribute lookup program. Otherwise it is unused. <filename>...

  • Page 140: Performing Attribute Assignment

    E: A PPENDIX UTOMATIC TTRIBUTE Performing Attribute assignment is carried out on any newly discovered devices. In Attribute addition, you can force a refresh at any time by using the Reload Assignment Attributes dialog box. Refer to the online help for the Reload Attributes dialog box for more information.

  • Page 141: Running Fileattrs

    Configuration File Example 2 To assign user and operating system information to devices based upon their address: *KEY:2 *ATT:NL Type, NL Address, User, O/S IP, 104.240.20.10, Joe Bloggs, Solaris 2.5 IP, 104.240.20.8, Joe Bloggs, Windows 95 IP, 104.240.20.13, John Smith, Solaris 2.5 IP, 104.240.20.14, General Use, AIX 4.1 If the discovered device has the NL Type IP and an NL Address of 104.240.20.13, this matches the key fields of the third entry and assigns...

  • Page 142: Using The Dblookup Program

    E: A PPENDIX UTOMATIC TTRIBUTE The KEY attribute(s) for that device can be any of the attributes which are assigned automatically by Traffix Manager, for example, NL Address and NL Type. See “Predefined Attributes” on page 40 for a list of attributes which are automatically assigned by Traffix Manager.

  • Page 143: Default Values

    network-type lookup tables: for example, a database containing only IP_1 and other_2 lookup-tables is valid. For specific information about Access or Excel lookup-tables, see below. Default Values Devices may be assigned default values. If no full match was found for the current device, dblookup looks for default entries defined with star (’*’) as the key attribute values, and assigns the new attributes with the values of the best match (the one with as few stars as possible).

  • Page 144: Excel Worksheet

    E: A PPENDIX UTOMATIC TTRIBUTE SSIGNMENT Excel Worksheet The lookup-tables are stored in Excel named-ranges. Lookup named-ranges can be stored on separate worksheets or in the same worksheet. To create a named-range, simply select the cells containing your data, select Insert/Name/Define from the menu, supply a name for your range and click Add.

  • Page 145: Writing Your Own Program

    Then, when a device is discovered, dblookup does the following: 1 dblookup builds a SQL string with the device’s key attributes values and runs a query against the database to find a match. 2 If no match is found, it waits for the next device. 3 Otherwise it takes the best match, that is to say the one with as few stars as possible.
  • Page 146 E: A PPENDIX UTOMATIC TTRIBUTE (there is one version in Visual Basic and one in C): Figure 19 Simple attribute lookup process in C while ( GetNextLookup() ) Figure 20 Simple attribute lookup process in Visual Basic While GetNextLookup <> 0 Wend The idea behind this program is that every newly discovered IP device on the network is assigned a value of TRUE for the New Device attribute.

  • Page 147: Writing And Building Your Own Attribute Lookup Program

    By replacing this simple loop with your own code, you can write a program which assigns your own attributes to devices using your own algorithm. GetAttribute returns the value of any attribute which has already been assigned, for example, NL Address and NL Type. See “Predefined Attributes”...
  • Page 148 E: A PPENDIX UTOMATIC TTRIBUTE Table 20 Example Programs (continued) Name country template The C examples are located in C:\Transcend Traffix Manager\TraffixServer\examples\c and the Visual Basic examples are in C:\Transcend Traffix Manager\TraffixServer\examples\vb. You should copy one of these samples to your own directory before modifying it. Attribute lookup programs must be able to find the attripc.dll file when they are running.

  • Page 149: Testing Attribute Lookup Programs

    Table 21 Functions available to lookup programs in the attripc DLL library Function GetAttribute SetAttribute IsAttributeSet Should be called sometime after GetNextLookup. Takes an LogError, LogInfo Other points to note about user-defined attribute lookup programs: If your program exits prematurely, for example, it crashes, then the Traffix Service stops.
  • Page 150 E: A PPENDIX UTOMATIC TTRIBUTE SSIGNMENT attribute lookup programs which depend on the Name, NL Type, NL Address, Network or DNS attributes. Run the program AttrLooktest.exe <installdir>TraffixServer (this is not on the Windows Start Menu). The program displays a dialog box which allows you to run an attribute lookup program, providing command-line parameters if necessary.

  • Page 151: 3Com Agents

    3Com Agents The current list of 3Com agents is available from the 3Com web site: http://www.3com.com/network_management/probe_interop Using Firmware version 4.17, the agents support all RMON-1 and RMON-2 groups. Version 4.10 or later is needed on the single port and dual port agents for Y2K compatibility. Supported Interface Traffix Types...
  • Page 152 F: S RMON-2 D PPENDIX UPPORTED EVICES...

  • Page 153: Downloading Firmware To 3Com Standalone Agents

    This appendix contains the following sections: Downloading You should always run the latest version of management software Firmware to 3Com (firmware) in the agents on your network. Running the most up-to-date Standalone Agents version of agent firmware has the following benefits: Firmware files are stored on the machine where the Traffix Server is installed.
  • Page 154 G: C PPENDIX ONFIGURING CAUTION: Downloading firmware to an agent causes the agent to cold restart. Refer to the Firmware Upgrade documentation or your agent documentation for a description of the data lost when an agent is cold restarted. The latest version of the Firmware Upgrade documentation is available from the 3Com web site: http://www.support.3com.com/infodeli/tools/netmgt/rmonprob/ family.htm...
  • Page 155 Setting the Operational Mode on 3Com Standalone RMON-2 Agents Traffix Mode Sets appropriate table sizes on the device for use with Traffix Manager. Off Disables RMON-2. With RMON-2 disabled you can download SmartAgent ® software to the device. If you disable RMON-2 on an agent which supports both RMON standards, RMON-1 will still be enabled.
  • Page 156 G: C RMON-2 A PPENDIX ONFIGURING TANDALONE GENTS...

  • Page 157: How Traffix Manager Monitors Dhcp Devices

    DHCP This appendix contains the following sections: How Traffix Traffix Manager Monitors IP address, IPX address) as the unique way to identify objects on your DHCP Devices network. However, the IP address of devices managed using the Dynamic Host Control Protocol (DHCP) can change, and therefore this is an unreliable method of identification for these devices.
  • Page 158 H: DHCP HAPTER (with the old MAC address) will also remain on the Map. There will therefore be two devices on the Map with the same IP address, although with different MAC addresses. Any conversation data retrieved for this IP address is subsequently assigned to the new device.

  • Page 159: Using Rmon-1 Agents

    Monitoring Many sites (particularly in a switched environment) have large numbers of Network Segments network segments, and it may be too expensive to monitor all segments Using RMON-1 with RMON-2 agents. You can use any existing embedded RMON-1 only Agents devices (hubs, switches, routers etc.) instead, to produce lightweight activity reports for these segments.
  • Page 160 I: U RMON-1 A PPENDIX SING GENTS...

  • Page 161: Snmp Tables Used By Traffix Manager

    RMON This appendix lists the SNMP tables retrieved by Traffix Refer to the following URLs for descriptions of RMON tables: SNMP Tables used by Traffix Manager Table 24 SNMP Tables Used By Traffix Manager Table MIBII system MIBII interfaces RMON probeConfig RMON etherStats /...
  • Page 162 J: RMON SNMP T PPENDIX Table 24 SNMP Tables Used By Traffix Manager (continued) Table RMON-2 protoDist RMON-2 addressMap RMON-2 alMatrixTopN / alMatrix / nlMatrixTopN / nlMatrix ABLES ETRIEVAL Mandatory At least one must be supported for RMON-2 data Comments For protocol distribution (reports only) Network Layer to MAC address mapping...

  • Page 163: K Technical Support

    3Com variety of services. This appendix describes these services. Information contained in this appendix is correct at time of publication. For the most recent information, 3Com recommends that you access the 3Com Corporation World Wide Web site. Online Technical 3Com offers worldwide product support 24 hours a day, 7 days a week, Services through the following online systems: World Wide Web Site...

  • Page 164: 3Com Ftp Site

    K: T PPENDIX ECHNICAL UPPORT 3Com FTP Site Download drivers, patches, software, and MIBs across the Internet from the 3Com public FTP site. This service is available 24 hours a day, 7 days a week. To connect to the 3Com FTP site, enter the following information into your FTP client: You do not need a user name and password with Web browser software such as Netscape Navigator and Internet Explorer.

  • Page 165: 3Com Facts Automated Fax Service

    Access by Digital Modem ISDN users can dial in to the 3Com BBS using a digital modem for fast access up to 64 Kbps. To access the 3Com BBS using ISDN, call the following number: 1 847 262 6000 3Com Facts The 3Com Facts automated fax service provides technical articles, Automated Fax diagrams, and troubleshooting instructions on 3Com products 24 hours a...
  • Page 166 K: T PPENDIX ECHNICAL UPPORT When you contact 3Com for assistance, have the following information ready: Here is a list of worldwide technical telephone support numbers: Country Telephone Number Asia, Pacific Rim Australia 1 800 678 515 Hong Kong 800 933 486 India +61 2 9937 5085 Indonesia...

  • Page 167: Returning Products For Repair

    Returning Products Before you send a product directly to 3Com for repair, you must first for Repair obtain an authorization number. Products sent to 3Com without authorization numbers will be returned to the sender unopened, at the sender’s expense. To obtain an authorization number, call or fax: Country Asia, Pacific Rim Europe, South Africa, and...

  • Page 169: Glossary

    LOSSARY agent A standalone or embedded source of RMON-1 or RMON-2 data. aggregation The process of adding the data from multiple devices in the same domain, and representing those devices as a simple “aggregated” device. Used to limit database growth. ™...
  • Page 170 LOSSARY Either of the digits 0 or 1 when used in the binary numeration system. Eight bits equals a single byte. broadcast All good frames destined for the broadcast address, in other words sent out to all stations on the network. Some broadcasts are limited to the local network, and some broadcasts may cross onto other networks.
  • Page 171 LOSSARY of the destination IP address, the station sends the message to the destination station. Due to the static nature of DNS, it can only be used when network stations have static IP addresses obtained through manual configuration, BOOTP or DHCP in static mode. domain Part of the naming hierarchy used on the Internet and represented by a series of names separated by dots.
  • Page 172 LOSSARY IP (network) address Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with full-stops (periods), and is made up of a network part, identifying which network the device resides on, and a host part, identifying individual devices on a given network.
  • Page 173 Open Systems Interconnection, a body of standards set by the International Standards Organization to define the activities that must occur when computers communicate. The OSI Reference Model is a 7-layer framework within which communications protocols and standards have been defined. packet A unit of information that contains data, origin information and destination information, which is switched as a whole through a...
  • Page 174 LOSSARY separated by periods. Devices and routers use the mask to identify the subnet on which a device resides. switch A device which filters, forwards and floods packets based on the packet’s destination address. The switch learns the addresses associated with each switch port and builds tables based on this information to be used for the switching decision.
  • Page 175 NDEX Numbers 3Com Bulletin Board Service (3Com BBS) 164 3Com Knowledgebase Web Services 163 3Com URL 163 3ComFacts 165 Access tables dblookup program 143 acknowledging events 85 activity reports 89, 99 ad hoc reports 90, 94 Add Agents dialog box 53 adding agents 53 connections between objects 60...
  • Page 176 NDEX Bulletin Board Service 164 client access levels 50 administrator access 50 description 37 launching after the first time 49 launching for the first time 26 read-only user 50 running multiple clients against a single server 50 cold restart losing data 154 collecting data adding agents 53 disabling agents 52...
  • Page 177 network sweep attacks 73 new devices on your network 73 unauthorized machine access 73 device activity report contents 101 device aggregation default aggregation action 131 local domain specification 130 local domains 130 overview 23, 64 setting maximum device limit 132 specifying aggregation policy 130 device limit setting 132...
  • Page 178 NDEX excepting devices or connections from rules 85 filtering 83 forwarding as SNMP traps 86 generating 20, 36 ignoring devices or connections 85 modifying 85 monitoring critical connections 75 monitoring critical devices 74 monitoring long term trends 77 monitoring network resource usage 74 monitoring network trends 75 monitoring protocol usage 78 monitoring server devices 78...
  • Page 179 HTML can’t find HTML files? 117 index file 94, 95 lifetime of files 96 report directory, moving and linking to 94, 95 serving directory to Web server 94, 95 troubleshooting 117 viewing report output 95 interface types supported 51, 151 invalid IP addresses 53 IP addresses default gateway device 170...
  • Page 180 NDEX detecting unauthorized machine access 73 general rules 78 network supplier support 165 network traffic typical 36 network traffic rules configuring events 71 monitoring critical connections 75 monitoring critical devices 74 monitoring long term trends 77 monitoring network resource usage 74 monitoring network trends 75 monitoring protocol usage 78 monitoring server devices 78...
  • Page 181 report directory linking to HTML reports 94, 95 report formats 96 report instances overview 93 Report Manager 92 displaying information about output status 92 displaying information about raw data 92 displaying information about report instances 92 interpreting raw data and HTML output 94 interpreting summary information 94 regenerating output 92 report instances 93...
  • Page 182 NDEX RMON-2 Standard mode description 154 setting 54 RMON-2 Traffix mode description 154 setting 54 rules. See events running multiple clients against a single server 50 scenarios reporting 97 scheduling reports 90, 92, 94 searching for objects in the main window 59 security configuring events 71 detecting network misuse 73, 79...
  • Page 183 Traffix Manager assigning attributes automatically 137 database management 121 to 126 features 20 getting started 19, 23 how it works 21 how to use the documentation 11 launching after the first time 49 launching for the first time 25 launching with no data collected 52 main window 27, 28 menu options 29 monitoring DHCP devices 157...
  • Page 184 NDEX...
  • Page 185 3Com Corporation L IMITED ® ™ Transcend Traffix Manager 3.0 for Windows NT OFTWARE 2000 W ARRANTY BTAINING ARRANTY ERVICE ARRANTIES XCLUSIVE ARRANTY ® 3Com warrants that each software program licensed from it will perform in substantial conformance to its program specifications, for a period of ninety (90) days from the date of purchase from 3Com or its authorized reseller.
  • Page 186 IMITATION OF IABILITY ISCLAIMER OVERNING THE ALLEGED DEFECT OR MALFUNCTION IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO OPEN, REPAIR OR MODIFY THE PRODUCT, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING, OTHER HAZARDS, OR ACTS OF GOD.

This manual is also suitable for:

Transcend traffix manager 3.0

Table of Contents