Exinda EXNV-3062 Administration Manual
  1. Manuals
  2. Brands
  3. Exinda Manuals
  4. Network Router
  5. EXNV-3062
  6. Administration manual

Exinda EXNV-3062 Administration Manual

Network orchestrator
Hide thumbs Also See for EXNV-3062:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
Table of Contents

Advertisement

Quick Links

See also: Administration Manual
ADMINISTRATION GUIDE
Find out how to set up and configure Exinda Network Orchestrator in different
environments and how to customize advanced features.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the EXNV-3062 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Exinda EXNV-3062

Summary of Contents for Exinda EXNV-3062

  • Page 1 ADMINISTRATION GUIDE Find out how to set up and configure Exinda Network Orchestrator in different environments and how to customize advanced features.
  • Page 2 If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical. GFI and Exinda Network Orchestrator are trademarks or registered trademarks of GFI Software or its affiliates in the US and other countries.

  • Page 3: Table Of Contents

    2.5.4 Running on VMware vSphere (ESX and ESXi) 2.5.5 Running on Citrix XenServer 2.5.6 Running on Microsoft Hyper-V 2.6 Managing multiple appliances with the Exinda Management Center 2.6.1 Getting started with EMC 2.6.2 How EMC fits into the appliance feedback loop 2.6.3 Exinda Management Center Concepts...
  • Page 4 3.2.10 Monitoring subnets 3.2.11 Monitoring virtual circuits 3.2.12 Monitoring the effects of controls 3.2.13 Monitoring optimization reports 3.2.14 Monitoring Exinda Appliance system performance 3.3 Monitoring applications with the [[[Undefined variable MyVariables.ExSoluCtr]]] 3.3.1 How performance reports work 3.3.2 Using Application Performance reports 3.3.3 Using the Application Performance Monitor VoIP report...
  • Page 5 3.6.4 Configuring your Appliances through the CLI 3.7 Service Delivery Point (SDP) 3.7.1 SDP Web User Interface (WUI) and Features 3.7.2 Getting started with SDP 3.7.3 Changing the default view settings in SDP WUI 3.7.4 Tools 3.7.5 Managing appliances in SDP 3.7.6 The SDP dashboard 3.7.7 Viewing reports in SDP 3.7.8 Viewing the config log in SDP...
  • Page 6 5.6.2 WMI Service is not running 5.6.3 System account showing in traffic reports 5.6.4 No Communication Between the Exinda AD Connector and the Exinda Appliance 5.6.5 Exinda AD Connector stops running 5.6.6 Excluded Users Still Appear on the Exinda Appliance 5.6.7 Changes to the Exinda Active Directory Controller have no effect...
  • Page 7 7.2 GNU General Public License (GPL) 7.2.1 Preamble 7.2.2 TERMS AND CONDITIONS 7.3 BSD 2.0 8 Safety and Compliance 8.1 EMC Notice 8.2 Compliances 8.2.1 CE 8.2.2 FCC Class A 8.3 Safety Guidelines 8.3.1 Lithium Battery Caution 9 Predefined Applications and Application Groups 9.1 Predefined Applications and Supported L7 Signatures 9.2 Predefined Application Groups...

  • Page 8: Introduction

    Exinda Appliance learns about your network. Then you specify policies to regulate traffic in your network. After that, you use Exinda's robust set of monitoring tools to gain total insight into the traffic on your network and adjust your policies as needed.
  • Page 9 Network Orchestrator 3062 Series Screenshot 1: Front view of the Exinda 3062. Screenshot 2: Rear view of the Exinda 3062. Specification Details Designed for Small Office Supported Users Up to 1,600 Traffic Shaping Shaping Throughput 150 Mbps Concurrent Flow 45,000...
  • Page 10 2 Bridge Pairs, or 1 Bridge Pair plus 1 Management NICs (expandable to) Redundant Power Network Orchestrator 4062 Series Screenshot 3: Front view of the Exinda4062. Screenshot 4: Rear view of the Exinda 4062. Specification Details Designed for Medium Office...
  • Page 11 3 Bridge Pairs, 1 Management, 1 Cluster (10GbE and 1Gb Fiber options available) NICs (expandable to) 5 Bypass Bridges Redundant Power Network Orchestrator 8063 Series Screenshot 5: Front view of the Exinda 8062. The hardware of the Exinda 8062 and 8063 is the same. Screenshot 6: Exinda Network Orchestrator 1 Introduction...
  • Page 12 1 half height occupied, 1 full height NICs (expandable to) 4 bypass bridges Redundant Power Network Orchestrator 10063 Series Screenshot 7: Front view of the Exinda 10062. The hardware of the Exinda 10062 and 10063 is the same. Exinda Network Orchestrator 1 Introduction...
  • Page 13 Screenshot 8: Rear view of the Exinda 10062. The hardware of the Exinda 10062 and 10063 is same. Specification Details Designed for Medium to Large Data Center Supported Users Up to 400,000 Traffic Shaping Shaping Throughput 10 Gbps Concurrent Flow...

  • Page 14: Exinda Virtual Appliances

    Capacity is determined by a combination of licensing and underlying hardware. Exinda Virtual A virtual Exinda Network Orchestrator runs on a host machine under a hypervisor, using dedicated resources. The minimum dedicated hypervisor hardware requirements are listed in the table below:...

  • Page 15: Product Naming Conventions

    Disk extending techniques are not supported on virtual appliances. Adding additional storage requires a hard disk. 1.4 Product naming conventions Encoded within the Exinda Network Orchestrator model numbers are the features and licensing of the appliance. This is the model number syntax: <hardware series>...

  • Page 16: Getting Started

    (page 374). Find solutions and get notified The Exinda appliance displays solutions and notifies you if certain undesirable thresholds are exceeded or if other notable traffic patterns are identified so that you can take action to tune your network. For more information, refer to Monitoring applications with the [[[Undefined variable MyVariables.ExSoluCtr]]]...

  • Page 17: Deployment Options

    Exinda Appliance to get to their destinations. For example, con- necting an Exinda Appliance to a switch or hub on the LAN. In this case, the Exinda Appliance behaves like any other network client and requires specific protocols or modes to enable packet monitoring and inspection.

  • Page 18: In-Path Topologies

    Exinda Appliances are often deployed between a core switch and a WAN/Internet router. In this type of deployment, the Exinda Appliance is referred to as inline, which is a way to describe a network device in a primary network path that receives packets and forwards them to their destinations.
  • Page 19 In this setup, the Exinda Appliance is connected to the switch and the router on the Main Site. So network traffic emanating from the Main Site to the Internet and traffic from the Internet to the Main Site must pass through the Exinda Appliance.
  • Page 20 Overcoming the limitations of the main site internet link topology If you only have one Exinda Appliance but need to monitor and control network traffic to the Internet from users out- side the Main Site, disable direct access to the Internet for branch offices and route all Internet-bound traffic through the Main Site.
  • Page 21 Screenshot 11: Main Site WAN Link topology deployment Installing the Exinda Appliance in a main site WAN link topology Plug your Exinda Appliance in line between the switch and router or firewall. If you have a VPN, refer to Topologies with VPNs 1.
  • Page 22 The sites are connected to the Internet and to each other via direct routes. All the network traffic at each site passes through an Exinda Appliance on its way to and from the Internet and WAN. The Exindas may work together to enhance network performance and accelerate specific network traffic.
  • Page 23 4. Check for Internet connectivity. 5. Turn on the Exinda Appliance and check for Internet connectivity again. There are a few Exinda Appliance basics to keep in mind while planning a deployment. For more information, refer to Basic characteristics and behaviors of Exinda Appliances (page 17).
  • Page 24 Acceleration of traffic to and from the DMZ. NOTE Define a network object called DMZ and mark it as "Internal," so the Exinda appliance can ignore all traffic between the local LAN and the DMZ. Installing an Exinda Appliance in a network environment with a firewall 1.
  • Page 25 Screenshot 14: Topologies with VPNs deployment - Scenario 1 In scenarios where the Exinda Appliance is placed between the VPN terminator and the router, the Exinda Appliance sees only encrypted tunnel traffic. Screenshot 15: Topologies with VPNs deployment - Scenario 2...
  • Page 26 2. Connect the Exinda LAN port into the external interface of the VPN terminator using a crossover cable. 3. Connect an Exinda unbridged interface (e.g., eth1 on a 4060) into the LAN switch and configure an address to man- age the appliance.

  • Page 27: Out-Of-Path Topologies

    The environment is critical and failover is necessary. Typically, one network link is active and the other is passive. The Exinda Appliance on the passive link clusters with the active Exinda Appliance so it has all the required data and con- figuration settings in case the active link fails.

  • Page 28: Rolling Back To The Previously Installed Version Of Exos

    2.3.2 Rolling back to the previously installed version of ExOS If you have updated the version of ExOS running on your Exinda Appliance, you can rollback to the previously installed version. Exinda Appliances have two partitions for installing ExOS updates. The current (running) ExOS version is installed on one partition and the previously installed version is on the other partition.

  • Page 29: Installing An Exinda Appliance

    Exinda Virtual Appliances 2.4.1 Gathering required information Use this list prior to installing your Exinda Appliance to check that you have the requisite physical hardware and information to ensure a smooth installation. 1. Inspect the package contents. The package contents vary slightly depending on the model. In general, the package includes the following items: 1 ×...

  • Page 30: Connecting The Appliance To The Physical Network

    It also provides the option to upgrade the firmware and create the initial set of traffic policies. 1. The Exinda appliance by default picks up an IP Address from DHCP. The IP address is available on the management interface.
  • Page 31 You can either manually specify these settings or select Autoconf to automatically acquire these settings. The type of auto configuration selected depends on your network. For IPv4 networks select DHCP , for IPv6 use SLAAC . Exinda Network Orchestrator 2 Getting started...
  • Page 32 Basic Wizard Step 3 - HTTP Proxy Settings : To allow the appliance to access Exinda's HTTP server for firm- ware updates, license updates, and messages, specify an HTTP proxy. If you have SDP enabled, ensure your proxy supports HTTPS.
  • Page 33 Basic Wizard Step 6 - Storage : This screen displays the available disks that can be added to the volume group. Basic Wizard Step 7 - Firmware : This screen displays the status of the firmware running on the Exinda appli- ance. If the appliance has Internet connectivity, the system checks for any newer firmware that may have been released.

  • Page 34: Licensing Information

    On first-boot, they automatically generate a unique Host ID. Exinda must be notified of this Host ID before a license can be issued. All Virtual Appliances must have access to the Exinda licensing server, and must be able to access https://license.exinda.com...
  • Page 35 Unique identifier of each Exinda appliance software. Model Exinda appliance model. SS Expiry Expiry date of Exinda Software Subscription. After this date, you are no longer entitled to support and no new software updates can be installed on the appliance. Maximum monitoring and QoS bandwidth. Bandwidth Optimizer Entitlement for QoS and Acceleration.
  • Page 36 Entitlement to Edge Cache Acceleration and the maximum number of edge cache objects. 2. Please contact your local Exinda representative if you wish to enable a feature. To see the last time that the auto-license service checked for a new license 1.
  • Page 37 Contact Exinda TAC to re-enable your virtual appliance. To generate a virtual appliance trial license In this step you will go to the Exinda website to create your trial license. Your trial license will be emailed to you after you complete this step.

  • Page 38: Installing An Exinda Virtual Appliance

    1. In a browser, navigate to the address of your Exinda Virtual Appliance. 2. Log into your Exinda VM. The default user name is admin , and the password is exinda . 3. On the Dashboard > System tab, find the Host ID that the hypervisor created for this virtual machine. You must have your purchase order number that details the type of license and number of licenses you have purchased.

  • Page 39: Sizing And Resource Requirements

    VT Enabled & 64-bit. The Exinda virtual appliance has a Flexible Storage option, with which you can adjust the size of the storage for Edge Cache, SMB1 cache and WAN Memory cache. By increasing the virtual file sizes for each of these caches, you can greatly improve the performance of your Exinda virtual appliance.
  • Page 40 Quality, speed, performance of the host CPUs. Quality and performance of host NICs. Host disk I/O bandwidth. Use these topics for more guidance on sizing, specifications and resource requirements: Exinda virtual model 3062 Exinda virtual model 4062 Exinda virtual model 6062 Exinda virtual Model 8063...
  • Page 41 These CPUs must be VT Enabled and 64-Bit Minimum Storage (GB) 250GB Minimum Memory (GB) EC-IOPS Monitoring-IOPS Exinda Virtual Appliance model 3062 specifications Requirement Details Diagnostics Licensed Bandwidth (in 150M mbps) Diagnostics and Shaping Licensed...
  • Page 42 Exinda Virtual Appliance model 4062 specifications Specification Details Diagnostics Licensed Bandwidth1 (in gbps) Diagnostics and Shaping Licensed 100M 250M 500M Bandwidth (in mbps) Diagnostics, Shaping, and Acceleration Licensed Bandwidth (in mbps) Max Concurrent Flows 220,000 Max L7 New Connection Rate...
  • Page 43 These CPUs must be VT Enabled and 64-Bit Minimum Storage (GB) 500GB Minimum Memory (GB) 12GB EC-IOPS Monitoring-IOPS Exinda virtual Model 8062 Specification Details Diagnostics Licensed Bandwidth (Gbps) Diagnostics and Shaping Licensed Bandwidth (Gbps) Diagnostics, Shaping, and Acceleration Licensed Bandwidth (Mbps) 100M...

  • Page 44: Exinda Virtual Appliance Use Cases

    VMware vSphere and Citrix XenServer, but NOT on Microsoft Hyper-V. Inline deployment with externally attached LAN In this use case, the Exinda Virtual Appliance is set up for inline mode deployment with an externally attached LAN. There are primarily two scenarios for inline deployment of the virtual appliance:...
  • Page 45 1. The LAN-side users and applications connect to the Exinda Virtual Appliance through a physical NIC interface. 2. The applications are virtualized and isolated on the same host as the Exinda, on the LAN side interface of the Exinda Virtual Appliance.
  • Page 46 For more information refer to Virtual Appliance Deployment Options. The data path from a client on the local LAN goes through the Exinda virtual appliance in Inline Mode and out to the WAN. Exinda Exinda Virtual Appliance software version is 7.4.2.
  • Page 47 One physical NIC interface is configured to the WAN side link. Two virtual switches are bridged together in the virtual Exinda Virtual Appliance. The first switch is on the LAN side; the second one is for the WAN side. This results in isolating the applications behind the Exinda Virtual Appliance.
  • Page 48 Screenshot 21: Use-case for Inline deployment with an isolated virtual LAN and virtual applications In the diagram above, a virtual LAN is isolated and sits behind the Exinda Virtual Appliance all running on the same host hypervisor. The host has two NICs; NIC 0 is dedicated for management of the system and NIC 1 is idle or used for other purposes.
  • Page 49 This configuration can be done either at a branch office with virtual infrastructure, or in the data center where the application and local user traffic accessing the WAN is redirected to the Exinda Virtual Appliance for diagnostics, shaping, and acceleration.
  • Page 50 In this use case, there are multiple Exinda Virtual Appliances set up for out-of-band mode and configured for High Availability. PBR is the protocol used for redirection while the appliances act as VRRP nodes. One Exinda acts as the Master node, receiving all redirected traffic from the WAN router, and all remaining Exinda Virtual Appliances act as Backup nodes in case the Master fails.
  • Page 51 Path two is through the re-directed path invoked by the router (using PBR) to the Exinda virtual appliances. The traffic is received by the Exinda configured as the VRRP Master. In case of acceleration, the Exinda Virtual Appliances have the capability to share load, this happens automatically and requires no user intervention.
  • Page 52 In this use case, the Exinda Virtual Appliance is set up to monitor and collect traffic for only reporting only, without installing the appliance in the inline mode. The appliance monitors and reports on all applications presented on the SPAN/mirror port.
  • Page 53 In this use-case: The customer has selected Exinda for its monitoring and reporting service. The EXN-V is configured as a virtual machine on a hypervisor or as an ESXi hypervisor (for VMware), on a dedicated NIC2 interface, and dedicated virtual switch SW2.
  • Page 54 Switch Port Analyzer (SPAN) Encapsulated Remote SPAN (ERSPAN) VMware versions - 5.5 and 6.0 XenServer EXN-V versions – 7.4.4 The Nexus 1000V is configured and mapped to NIC1, which has a direct connection to the WAN router. Exinda Network Orchestrator 2 Getting started...
  • Page 55 The applications (APP1 to 3) are connected to a separate switch port on the Nexus 1000V. VMware High Availability (HA) In this use case, we discuss the recommended configuration and best practices for installing the Exinda virtual appliance where the requirement is for: Exinda firmware –...
  • Page 56 This configuration assumes INLINE mode; optionally you can run in out of path mode, but WCCP is required. Downtime for any workload in HA mode is for the duration of the virtual workload and/or the Exinda Virtual Appli- ance to reboot.
  • Page 57 Exinda Virtual Appliance active and a second running as a cold standby and Fault Tolerant. Optionally, move the Exinda Virtual Appliance to co-reside on the same hosts as the virtual workloads; however if vMo- tion is a requirement you must provide an external switch and separate NIC to pass the traffic between the workloads and the Exinda Virtual Appliance.
  • Page 58 NOTE Any physical NIC interface can be used, NIC1 is used for illustration purposes. VMware software version = 5.5 and 6.0 Exinda Virtual Appliance firmware version = 7.4.4 WANEM Virtual Simulator software = 2.3 http://wanem.sourceforge.net/ You can use your own WAN simulator of choice Four virtual switches have been defined on the ESX/ESXi host: BR_LAN –...

  • Page 59: Hypervisor Limitations

    No Silicom Hardware Bypass Card driver support. Exinda is working with our NIC vendor to provide this support. Promiscuous mode is supported, and must be configured via the CLI. You can find the commands in the Exinda Vir- tualization How to Configure Guide, or refer to the Citrix site for XenServer hypervisor configuration guidance.

  • Page 60: Running On Vmware Vsphere (Esx And Esxi)

    External storage is supported and recommended for virtual machine workloads, and the Exinda virtual appliance In the diagram below, the Exinda is running in Active/Active mode with a Heartbeat between the two systems. There must be a separate Virtual NIC configured for Heartbeat traffic to transit.
  • Page 61 APP2 on ESXi 1 and fails because vSwitch2 mapped to APP2 is not mapped to an external NIC. If an Exinda Virtual Appliance has at least one vSwitch mapped to it, and the vSwitch is not mapped to an external NIC interface, vMotion will not work for Exinda Virtual Appliance or workloads isolated behind it.
  • Page 62 3. Select File > Deploy OVF Template . 4. Copy the URL of the latest release of the Exinda VMware Virtual Appliance from Exinda.com, and paste it into the Deploy from... field, and click Next . 5. Confirm the OVF template details are correct, and click Next .
  • Page 63 By default, all Virtual Appliances come configured with two virtual CPUs. Increase the number of CPUs to suit your requirements. NOTE If the memory or hard disk space needs to be adjusted, please contact Exinda Support. 1. Open the VMware vSphere Client . 2. Right-click on the Exinda Virtual Appliance, and select Edit Settings .
  • Page 64 Adjusting the NICs available to the Virtual Machine By default, all Exinda Virtual Appliances come with four NICs. Of these, the first NIC is the Management Interface (for managing the Virtual Appliance), the second NIC is the Auxiliary Interface (for HA topologies, clustering and out-of-path deployments), while the remaining two ports are bundled as a bridge for inline deployments.
  • Page 65 Interface becomes a WAN Interface. Start the virtual appliance and then… 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password . 3. Click Login . The Exinda Web UI appears.
  • Page 66 LAN and WAN ports are capable of accepting and bridging packets that are not destined for them. 1. Open the VMware vSphere Client . 2. Select the ESXi server, and switch to the Configuration tab. Exinda Network Orchestrator 2 Getting started...
  • Page 67 Add Storage to the VMware Virtual Machine By default, all Exinda Virtual Appliances come with a single 50GB (fixed-size) disk. Usually, you will want more storage for features such as WAN Memory and Edge Cache. This is achieved by adding an additional disk to the Virtual Appliance.
  • Page 68 4. Specify the size of the additional disk to create. This space will be added to the default 50GB that comes with the Vir- tual Appliance. So if you add a 200GB disk here, the total storage for the Virtual Appliance will be 250GB. Exinda Network Orchestrator 2 Getting started...
  • Page 69 5. Click Next . 6. Attach the new disk to the next available SCSI node for best performance. Exinda Network Orchestrator 2 Getting started...
  • Page 70 Total: 36.22 Unallocated: 0 10. The output shows that our new 200G disk is called 'sdb' and it's currently not in use. The storage disk add command is used to provision the new disk. Exinda Network Orchestrator 2 Getting started...
  • Page 71 The VMware Tools state 'Unmanaged' is normal. This simply means that VMware Tools are installed and running, but are managed by the guest (the Exinda Virtual Appliance) rather than the host. If the first NIC is not able to obtain an address using DHCP, you'll need to use the VMware console to enter the following CLI commands to set a static IP address.
  • Page 72 SSH on the virtual console of the ESXi host. RECOMMENDATION Have your virtual Exinda already installed with the number of interfaces already set, keep it turned off, we will work with it later. 2. Query the existing VIBs. Make sure you are in maintenance mode: # vim-cmd /hostsvc/maintenance_...
  • Page 73 13. Turn the Exinda ON When the Exinda Appliancecomes back, you should see the bypass capability available and the duplex/speed negotiations pointing to the right values. One vSwitch should have both the LAN interface of the bridge and the bpvm0...
  • Page 74 4 interfaces, the first two are standalone interfaces while the last two are for bridging purposes): NOTE From ESXI v6.0, it is possible that after assigning the bpvm0 driver to the “LAN” switch, the driver will not show up as a Physical Adapter (unused) as in the above screenshot.
  • Page 75 IOPS are measured in both Commands per Second (IO operations per second) or Throughput (Megabytes per Second). In the sizing charts for the Exinda virtual appliance (EXN-V) we have represented the measurement in Commands per Second. There are three numbers for IOPS:...
  • Page 76 1. On the Custom Performance Chart for the EXN-V, select Virtual disk > Real-time . 2. Select Average write requests per second (inbound and outbound) . The report indicates the Minimum, Maximum, and Average Commands per Second. Exinda Network Orchestrator 2 Getting started...

  • Page 77: Running On Citrix Xenserver

    8. Review the information and clear the 'Start VM(s) after import' box if you want to add extra NICs or storage, and click Finish to deploy the Virtual Appliance. 9. Select the Exinda virtual machine you are importing, and switch to the Log tab to see the progress and the com- pletion notification.
  • Page 78 14. You will be prompted with a series of questions as part of the initial configuration Wizard. It is recommended you accept the defaults, as you have the option to configure the system later from the Exinda GUI. Press Yes . Use the fol- lowing defaults to complete the wizard configuration.
  • Page 79 Before you can make changes to the virtual appliance, you will need to shut it down. If more interfaces are needed, please follow the next procedure (the Exinda appliance will recognize that if two NICs are added they can then be bridged). The following steps describe how to add extra NICs to the Virtual Appliance. In order to create LAN/WAN bridges, you need to add extra NICs in pairs, .
  • Page 80 2. Choose the network to which to map this new NIC, then click Add . Additional NICs By default, all Exinda Virtual Appliances come with four NICs. The first NIC is the Management Interface (for managing the Virtual Appliance) and the second NIC is the Auxiliary Interface (for use with HA, clustering, and out-of-path deployments).
  • Page 81 The following steps describe how to add extra NICs to the Virtual Appliance. You need to add extra NICs in pairs, in order to create LAN/WAN bridges. 1. From the Networking tab in the Exinda Virtual Appliance settings, click Add Interface . 2. Choose the network to map this new NIC to, then click Add .
  • Page 82 4. When the Virtual Appliance is next booted, the new NICs will be automatically detected and any additional NIC pairs will be bridged. Below is what the System -> Network -> IP Address page on the Web UI looks like after 2 extra NICs have been added. Exinda Network Orchestrator 2 Getting started...
  • Page 83 Add storage to the XenServer virtual appliance By default, all Exinda Virtual Appliances come with a single 50GB (fixed-size) disk. Usually, you will want more storage for features such as WAN Memory and Edge Cache. This is achieved by adding an additional disk to the Virtual Appliance.
  • Page 84 Total: 36.22 Unallocated: 0 5. The output shows that our new 200G disk is called 'xvdb' and it's currently not in use. The storage disk add command is used to provision the new disk. Exinda Network Orchestrator 2 Getting started...
  • Page 85 XenCenter console. At this point, you can login with the default username admin and password Exinda . If the first NIC is connected to a network that provides addresses using DHCP, the Virtual Appliance should have picked up an IP address.

  • Page 86: Running On Microsoft Hyper-V

    (if required) and deploy the Virtual Appliance either in line or out-of-path. 2.5.6 Running on Microsoft Hyper-V The following sections describe how to deploy Exinda Virtual Appliance as well as to customize the virtual hardware to suit your requirements. The Exinda Virtual Appliance are available for Microsoft Hyper-V hypervisors.
  • Page 87 5. Click the Browse button and navigate to and select the local folder where you unzipped the downloaded file. The wizard then recognizes the virtual machine. Exinda Network Orchestrator 2 Getting started...
  • Page 88 8. If you prefer not to use the default folders, select the Store the virtual machine… checkbox and for each of the three folder options browse to and select your preferred folder. Exinda Network Orchestrator 2 Getting started...
  • Page 89 9. Click Next . The "Choose Folders to Store Virtual Disks" page of the wizard opens. 10. Click the Browse button and select the folder to use. Exinda Network Orchestrator 2 Getting started...
  • Page 90 12. Review the settings in the right pane. If they are correct, click Finish . The installation proceeds. When the installation is complete, an entry for the new virtual machine appears in the Virtual Machines pane in the Hyper-VManager . Exinda Network Orchestrator 2 Getting started...
  • Page 91 The Virtual Machine, as supplied by Exinda, may not have all of the configuration options you prefer. For example, the disk storage is confined to 50GB, which is unlikely to be sufficient for your needs. When preparing the Exinda Virtual Appliance for download, it is not possible to know just what hardware is available on the host machine.
  • Page 92 Adjusting the number of CPUs available to the Virtual Machine After installing the virtual machine, you may need to adjust the number of CPUs that are available to the Exinda Virtual Appliance. The basic virtual machine configuration includes a minimal number of CPUs, but if you have spare CPUs on the host machine, you may want to make these available to the virtual machine.
  • Page 93 Consult the Hyper-V documentation for more information on these settings. 5. Click OK . The number of CPUs available to the virtual machine is immediately adjusted. NOTE These instructions also apply to changing the configuration after the virtual appliance has entered service. Exinda Network Orchestrator 2 Getting started...
  • Page 94 After installing the virtual machine, you may need to adjust the amount of RAM that is available to the Exinda Virtual Appliance. There is a basic amount of RAM provided in the Exinda Virtual Appliance, but if you have spare RAM on the host machine, you may want to make this available to the virtual machine.
  • Page 95 Hyper-V documentation for more information on these settings. 5. Click OK . The amount of RAM available to the virtual machine is immediately adjusted. NOTE These instructions also apply to changing the configuration after the virtual appliance has entered service. Exinda Network Orchestrator 2 Getting started...
  • Page 96 Adjusting the NICs available to the Virtual Machine After installing the virtual machine, you will need to enable the NICs that are available to the Exinda Virtual Appliance. The basic virtual machine configuration does not include the configuration necessary to link the virtual devices to the physical hardware on the host machine.
  • Page 97 DVD Drives present by default given that these are not needed in the appli- ance. In such a case, Controller 0: Location 1 and Controller 1: Location 0 will also be available for further use. Exinda Network Orchestrator 2 Getting started...
  • Page 98 6. Click New . The New Virtual Hard Disk wizard opens. Exinda Network Orchestrator 2 Getting started...
  • Page 99 7. Select VHDX as the Disk Format type and click Next . Exinda Network Orchestrator 2 Getting started...
  • Page 100 8. In the Choose Disk Type section, select the Fixed Size option and click Next . Exinda Network Orchestrator 2 Getting started...
  • Page 101 9. Specify a Name and Location for the virtual hard drive, and click Next . Exinda Network Orchestrator 2 Getting started...
  • Page 102 10. Set the Disk Size based on the license you have acquired and then click Next . The minimum recommended sizes are the following: EXNV-2061: 250 GB Total (Add a 200GB Disk) EXNV-3062: 250 GB Total (Add a 200GB Disk) EXNV-4062: 250 GB Total (Add a 200GB Disk) EXNV-6062: 500 GB Total (Add a 450GB Disk)
  • Page 103 10. Find the IP address assigned to the management interface by right-clicking on the VM and selecting the Connect option. This provides console access. 11. Log on to the appliance using the default credentials (username: admin, password: exinda). You might need to accept the EULA before proceeding.
  • Page 104 The new space appears as “unallocated storage” inside the “Storage Configuration” section. NOTE Exinda recommends that you resize the “monitor” partition to at least 100GB. If you are licensed for acceleration, you should allocate most of the remaining storage in "wan memory" partition (cache partition for all TCP protocols), but if you are accelerating CIFS/SMB protocols, allow some storage in the "cifs"...

  • Page 105: Managing Multiple Appliances With The Exinda Management Center

    Hyper-V Manager. There are many settings that you can change, but for the purposes of configuring the Exinda Virtual Appliance, these task instructions are limited to what is necessary for bringing the appliance into an operational state. If you need more information, please consult the documentation for Hyper-V.

  • Page 106: How Emc Fits Into The Appliance Feedback Loop

    Make sure all your appliances are configured to call EMC. 1. On the Exinda Web UI of the appliance, go to the Configuration > System > Setup > SDP. 2. Enable the SDP Client option and key-in mc.exinda.com as the SDP Server.

  • Page 107: Best Practices

    Here are the best practices when configuring the Exinda Management Center. Deployment Regardless of the number of Exinda Appliances you are working with, it is very important to test EMC configuration on a single appliance before pushing the configuration onto other appliances.

  • Page 108: Configuring The Emc

    After you complete the steps, you are ready to create policy and send it to your appliance groups. Step 1: Identify the SDP Location on the Exinda Management Center (if forwarding data to an SDP server). Configure the location of your SDP so that data from the appliances is forwarded to this SDP.
  • Page 109 The mail server is used to send emails when a user needs to use the Forgot Password functionality. At the top right of the interface, click Admin > SMTP Server Settings and specify the location of your Mail Server settings. Exinda Network Orchestrator 2 Getting started...
  • Page 110 On each of your appliances, set the SDP setting to your EMC location using Configuration > System > Setup > SDP tab. The appliance then calls into Exinda Management Center every 5 minutes to retrieve new configuration and to provide traffic data, which will be forwarded from Exinda Management Center to SDP.
  • Page 111 After you have created the tenant, click the tenant in the list to start managing the appliances in the tenancy. Step 5: Add Appliances to Tenants Wait for your appliance(s) to call in. If using the Exinda-hosted service or an on-premises instance with a single tenant, the appliance appears in the Not Deployed group.

  • Page 112: Importing Appliance Configuration

    Select an appliance in the Not Deployed list and click Move Appliances . For more information, refer to Managing Exinda Appliances with EMC (page 334). 2.6.6 Importing appliance configuration Although not compulsory, it is highly recommended that you import the available appliance configuration into the tenant library to reduce redundancy and avoid re-programming the same configuration in the EMC.
  • Page 113 If any network objects already exist in the library, a green checkmark appears in front of it. Once used, you will not be able reuse it. 2. Click Add Selected Network Objects to the Library . Importing applications To import any applications that exist in the configuration of the appliance: Exinda Network Orchestrator 2 Getting started...
  • Page 114 3. Click Add Selected Virtual Circuits to Library . 4. Click Next . Importing policies To import any policies that exist in the configuration of the appliance: 1. Click Import Policies , or click Next to skip this step. Exinda Network Orchestrator 2 Getting started...
  • Page 115 EMC does not import policies that already exist in library or policies linked to a network object that does not exist in the library. Hover over the error icon to see the related error message. 6. Click Add Selected Policies to the Library to successfully add selected policies into the library: Exinda Network Orchestrator 2 Getting started...
  • Page 116 To import any service level agreements that exist in the configuration of the appliance: 1. Click Import Service Level Agreements , or click Next to skip this step. 2. Use check-boxes to select the virtual circuits you need to import. Exinda Network Orchestrator 2 Getting started...

  • Page 117: Configuring An Appliance Manually

    LAN behind your Network Orchestrator appliance. In the Configured Appliances area, select Local Network Objects in the menu. Click the appliance Exinda Network Orchestrator 2 Getting started...
  • Page 118 When appliances are moved out of the Configured Appliances group to the Unallocated Appliances group or the Appliance Pool, the configuration that was applied using the edit forms is automatically removed from the appliances upon the next call into the Exinda Management Center. Step 6: Create named Circuit Types The circuit type specifies the intended use of a circuit, for example, "Internet", "Voice", or "MPLS".
  • Page 119 Once you move the appliance to a group, and you push configuration to the group, the appliance then receives the updated configuration when it next calls in to the EMC. Screenshot 31: First communication between the appliance and EMC Exinda Network Orchestrator 2 Getting started...

  • Page 120: Configuring A Bridge

    EMC, you should first focus on creating common Circuit Types and Circuits to create consistency throughout the appliances. By labeling circuits and circuit types within the library, and then mapping the library items to bridges, you can create an Optimizer Policy Tree that covers multiple scenarios. Exinda Network Orchestrator 2 Getting started...
  • Page 121 Create and map the circuit types to the appliance's bridges 1. Go to Configured Appliances > Bridge/Circuit Type Mapping . 2. Click Host ID or Bridge ID of the appliance to bind the circuit type to the bridge. Exinda Network Orchestrator 2 Getting started...
  • Page 122 Why does it say Pending in the Bridge/Circuit Type Mapping column? Pending means that the Exinda Management Center has not received the list of bridges from the appliance yet. The first time the appliance calls in, the Exinda Management Center requests bridge information from the appliance. Note that in general, there should not be much time between the first communication and the second communication with the bridge information.

  • Page 123: Optimizer Policy Tree

    MPLS. When the configuration is sent to this appliance, the circuit "Internet" is mapped to the appliance's bridge br10 and the circuit "MPLS" is mapped to the appliance's bridge br20. The "Voice" circuit is not be sent to the appliance as there is not a matching circuit type. Exinda Network Orchestrator 2 Getting started...
  • Page 124 Go to Configured Appliances > Optimizer Policy Tree . To add a circuit to the Policy Tree 1. Click Create new circuit… . 2. Name the circuit, program the desired bandwidth and bind the circuit to the circuit type. Exinda Network Orchestrator 2 Getting started...
  • Page 125 Virtual circuits logically partition the circuit. A virtual circuit defines the traffic that is processed in the partition and the bandwidth it consumes. Each virtual circuit has its own set of policies. 1. Click Create new virtual circuit… Exinda Network Orchestrator 2 Getting started...
  • Page 126 Similar to circuits, virtual circuits can be added from the library, if present. To add a policy set to the Policy Tree Polices define what actions are to be taken on different types of traffic. 1. There are two options: Exinda Network Orchestrator 2 Getting started...
  • Page 127 Click Add Policy Set from Library… to select a pre-defined policy set template for a different type of traffic. 2. In this example, the Internet outbound policy set is selected and it automatically populates all the policies within this set into the virtual circuit: Exinda Network Orchestrator 2 Getting started...
  • Page 128 You cannot delete elements from the Policy Tree if you are looking at a sub appliance group that inherits the Policy Tree. You must edit the Policy Tree in the appliance group that defined the tree. Exinda Network Orchestrator 2 Getting started...

  • Page 129: Sending Configuration Changes To The Appliances

    2. Click Stop inheriting Policy Tree . The tree is removed and you can start building up another Policy Tree. 2.6.10 Sending configuration changes to the appliances Changes that you make in the Exinda Management Center are not sent to the appliances until you choose to send them. To do so, click the Send Configuration icon next to the appliance group.
  • Page 130 Screenshot 35: The life cycle of configuration status Exinda Network Orchestrator 2 Getting started...

  • Page 131: Using

    3.7 Service Delivery Point (SDP) 3.1 Defining a network environment One of the first things you do after connecting an Exinda to your network, is define how the Exinda sees your network and its components. As an analogy, imagine walking around your office or data center and placing sticky notes on all the servers, cables and racks to identify them and note what they do.
  • Page 132 When creating network objects that have location set to "inherit", you can use the CLI command show network-object <name> to show the location. 3. Select whether the traffic for this network object should be shown on the Subnet reports. See For more information, refer to Monitoring subnets (page 235). . Exinda Network Orchestrator 3 Using...
  • Page 133 Subnets: 192.168.1.11 /32 EXAMPLE – Head office defining a network object for a remote branch Create a network object that defines the Head Office location, that has a subnet 10.0.100.0/24, where this Exinda appliance is NOT deployed: Name: Head Office Location: External Subnets: 10.0.100.0 /24...
  • Page 134 An Exinda appliance must be configured with a DNS server if it is to perform name resolution using FQDN. Each record retrieved has a life cycle equal to the TTL (Time to live) defined for such a record. When the TTL is exceeded, Exinda automatically refreshes the record to verify that the IP address has not changed.
  • Page 135 3. Key-in a Name for the object. 4. In the Subnets section, define subnets to include in this network object by IP Network Address and Mask Length or by Fully Qualified Domain Name (FQDN) . Exinda Network Orchestrator 3 Using...
  • Page 136 8. Select one or more network objects to add and click Add Network Object to 'Configured Appliances' . 9. To define whether to include monitor information of network objects in subnet reporting, edit the required network objects and check Include in subnet reporting option, within the Reporting section. Exinda Network Orchestrator 3 Using...
  • Page 137 LAN on which it operates. The local network objects cannot be deleted. For reporting purposes, hosts and users are defined as internal or external by comparing the IP address with the network objects. Exinda Network Orchestrator 3 Using...
  • Page 138 Screenshot 37: Diagram depicting separated local network objects for each appliance. To configure the local network object: 1. Go to Configured Appliances > Local Network Objects . 2. Click Local to Appliance (Host ID ) of the appliance to configure the local network object. Exinda Network Orchestrator 3 Using...
  • Page 139 3. Key-in the IP Network Address and Mask Length . Screenshot 38: Defining local network object by subnet. 4. Click Save . Exinda Network Orchestrator 3 Using...
  • Page 140 Importing network objects If you have existing appliances that are already configured with network objects, in the Exinda Management Center you can import these network objects into the library (one at a time) from the Not Deployed list. When importing network objects, the importer indicates if the network object already exists in the library (or is included in another network object), or if it conflicts with another network object in the library.

  • Page 141: Working With Dynamically Created Network Objects

    3.1.2 Working with dynamically created network objects Dynamic network objects are network objects that are automatically updated and maintained by the Exinda Appliance. They can be used anywhere static network objects are used, however, they cannot be manually modified.

  • Page 142: Working With Users And Groups As Objects

    There are two ways the Exinda Appliance can learn about user and group information: Active Directory : The Exinda Appliance can receive user and group information using the Exinda Active Directory Ser- vice, installed on Active Directory Servers. 2. Static Users and Groups: Static users and group information can be only entered using the CLI "networkuser" com- mand.
  • Page 143 Defining network user objects The Network Users page displays a pre-populated list of users (and their associated IP addresses) from either the Exinda AD Connector, or from static users entered using the CLI. Select which individual users you want to define as dynamic network objects.

  • Page 144: Configuring Vlan Objects

    Configuring network user group objects The Network Groups page displays a pre-populated list of groups from either the Exinda AD Connector, or from static groups entered using the CLI. This page allows you to select which groups you want to define as dynamic network objects.
  • Page 145 Once VLAN Objects are defined, they can be used in Optimizer policies to filter traffic. By default, the Exinda Appliance has a single VLAN defined called ALL , which matches all traffic (regardless if that traffic is part of a VLAN or not).
  • Page 146 VLAN. Leaving both fields blank would give the same result. To define a lesser range, type a range somewhere between the maximum range. To define just one priority, type the same value in both the Start and End fields. Exinda Network Orchestrator 3 Using...
  • Page 147 Also the ALL VLAN object is protected and cannot be deleted. 1. Go to Library > VLANs . 2. In the list of VLAN library objects, find the VLAN you need to delete. Exinda Network Orchestrator 3 Using...

  • Page 148: Adding Protocol Objects

    All the defined protocol objects are shown in the table. Each protocol object can be edited or deleted by clicking the appropriate button in the table. Some protocols are protected and cannot be edited or deleted. Screenshot 45: Adding a new protocol. To configure protocol objects: Exinda Network Orchestrator 3 Using...

  • Page 149: Adding Application Objects

    Applications based on only TCP/UDP port number or ranges. For example, you could create an application based on a particular port. Network objects cannot be used in conjunction with a layer 7 signature. Screenshot 46: Adding a new application object. Exinda Network Orchestrator 3 Using...
  • Page 150 Many of the L7 signatures have sub-type classifications, which makes layer 7 visibility much more granular. For instance, for reporting on specific web applications, most vendors can only report on port 80 traffic. Exinda allows a deeper look into Layer 7 applications. For example, by comparison:...
  • Page 151 Adding application objects in the EMC The Exinda Management Center provides a comprehensive set of built-in Applications for you to use, These cannot be edited, but you can define Custom Applications. You can add the custom application as part of an ignore policy at the bottom of the optimizer tree that is sent to the appliances.

  • Page 152: Adding And Updating Application Group Objects

    The Exinda Appliance comes with a long list of predefined applications used to classify your network traffic. If, however, you want to create your own application, you can create new applications based on L7 signatures, TCP/UDP port numbers and port ranges, or network objects.
  • Page 153 Predefined Application Groups (page 612). Adding application groups in the EMC The Exinda Management Center provides a comprehensive set of built-in Application Groups for you to use, but you can also define Custom Application Groups. Exinda Network Orchestrator 3 Using...
  • Page 154 You can modify application groups either within the configured appliances or from the library. 1. Click the desired application group name to edit. 2. You can configure monitoring status and add or remove applications within this group. Exinda Network Orchestrator 3 Using...
  • Page 155 3. You could also view which policies are currently using this application group under In Use . How do I create an custom application group? 1. Go to Library > Application Groups and click Create new application group in the library… Exinda Network Orchestrator 3 Using...
  • Page 156 How do I know which application groups are enabled for monitoring? By default, all the built-in application groups are enabled for monitoring. On the main Application Groups page, you can view the specific groups that are set for monitoring. Exinda Network Orchestrator 3 Using...

  • Page 157: Configuring Anonymous Proxy Detection And Monitoring

    The anonymous proxy application is a special application object that is used to detect anonymous proxy websites and services. However, the anonymous proxy service is disabled by default. If the anonymous proxy service is enabled, the Exinda appliance fetches a list of anonymous proxy definitions from the Exinda web servers on a daily basis.
  • Page 158 To enable the anonymous proxy traffic classification, go to Configuration > System > Setup > Monitoring . To enable the anonymous proxy traffic classification 1. Check the Auto Update Service Enable checkbox. The appliance will communicate with the Exinda web servers daily and fetch any new anonymous proxy definitions.

  • Page 159: Configuring Service Level Agreement Objects

    The Service Level Agreement (SLA) objects are used to monitor the availability of a particular IP site. By creating a SLA object, you indicate which IP site to monitor. The Exinda appliance will send one ICMP ping every 10 seconds to the IP address.
  • Page 160 The Service Level Agreement (SLA) library objects are used to monitor the availability of particular IP addresses. By creating an SLA object, you identify the IP address to monitor. The Exinda Management Center then sends one ICMP ping every 10 seconds to the IP address. You can specify the ping packet size to use. You can also specify when an alert is triggered by defining the ping latency threshold and the duration by which the ping latency threshold was exceeded.
  • Page 161 0 – Disabled – this disables the alert 30 seconds 60 seconds 5 minutes 30 minutes 1 hour – the Default setting The default delay is 1 hour. If this setting fits your needs, you do not need to change anything here. Exinda Network Orchestrator 3 Using...
  • Page 162 0 – Disabled – this disables the alert 30 seconds 60 seconds 5 minutes 30 minutes 1 hour – the Default setting The default delay is 1 hour. If this setting fits your needs, you do not need to change anything here. Exinda Network Orchestrator 3 Using...
  • Page 163 1. Go to Library > Service Level Agreements . 2. In the list of SLA library objects, locate the SLA item you need to delete. 3. In the SLA item row, click 4. Confirm and click Delete . Exinda Network Orchestrator 3 Using...

  • Page 164: Configuring Schedule Objects

    3.1.10 Configuring schedule objects The Exinda Appliance allows you to automate your network optimization polices for different times of the day and different days of the week. For example, you may wish to lock down your network at night to improve security, while still allowing automated backup services and email to function.

  • Page 165: Configuring Adaptive Response Limits

    In 7.0.1 and above releases in the 7.0 firmware product line, the option to set Adaptive Response Limits is based on the amount of time a user is using the network. To implement such policies, the following steps are required: Exinda Network Orchestrator 3 Using...
  • Page 166 IP in the external exception network object. You can also create an alert that sends an email to the Exinda Appliance email recipients when a specified quota threshold has been exceeded. The email will contain all the IP addresses that have exceeded the threshold. Note that the Info Emails checkbox must be checked for each recipient on the email configuration page.
  • Page 167 As an example, consider an educational institution that has a group of students who have IP addresses in the subnet 192.168.0.0/16. Each student is allowed 10GB data transfer (uploads and downloads) per month. The resident assistants are excepted from the rule as well as students who are trying to access a particular university server. Exinda Network Orchestrator 3 Using...
  • Page 168 Consider an educational institution that has a group of students who have IP addresses in the subnet 192.168.0.0/16. Each student is allowed 10GB data transfer (uploads and downloads) per month. Go to Configuration > Objects > Network > Dynamic and select the appropriate dynamic network object. Exinda Network Orchestrator 3 Using...
  • Page 169 To disable an adaptive response rule, run the following command. No IPs will belong to the destination network object, so any Optimizer virtual circuits or policies using the destination network object will effectively do nothing. (config) # no adaptive limit Students-AR enable Exinda Network Orchestrator 3 Using...
  • Page 170 The following examples illustrate how to exclude IP addresses or subnets from the Adaptive Response quota. The first example excludes an internal IP address that exists on the LAN-side of the Exinda Appliance. The second example excludes an entire subnet that exists on the WAN-side of the Exinda appliance.

  • Page 171: Configuring Application Performance Score Objects

    You can also set alerts so that you will be notified when the score drops below a certain threshold value. There is an alert trigger delay setting which requires that the score remains below the alert threshold for a specified period of time before triggering the alert. This prevents brief temporary poor scores from appearing like an emergency. Exinda Network Orchestrator 3 Using...
  • Page 172 When editing the APS object, you can modify the alert configuration, restart the baselining operation, and modify the threshold values. If you change the network object settings, it is recommended that you re-evaluate the metric thresholds and possibly re-start a baseline. Exinda Network Orchestrator 3 Using...
  • Page 173 The scores can focus on specific internal and/or external network objects, or on ALL in one or both categories. Before you begin… If you need to enable alerts, ensure that you have set Email on the Configuration > System > Setup > Alerts page. For more information, see the Exinda Web UI help. Exinda Network Orchestrator 3 Using...
  • Page 174 You also need to set up SNMP on the Configuration > System > Network > SNMP page. for more information, see the Exinda Web UI help. Creating and application performance score object in the Exinda Web UI To create the object: 1.
  • Page 175 3. Click Name to expand the section. Provide a meaningful name for the new performance score. Screenshot 57: Setting up a performance score for email services. 4. Click Application section to expand. 5. Use the Application drop-down list to select the application you need. Exinda Network Orchestrator 3 Using...
  • Page 176 Type an alert level between 0.0 and 10.0. This is a measure of how important is the service the application provides. Threshold For example, an application that provides real-time communications would require a higher alert level than one whose responsiveness is not as critical. Exinda Network Orchestrator 3 Using...
  • Page 177 APS to the configured appliances. You can hover over to view details about the issue on a tooltip. 5. Expand the Network Object… section. Exinda Network Orchestrator 3 Using...
  • Page 178 The calculation will start at the beginning of the hour the configuration is pushed. For example, if it is pushed at 4:37, the baseline calculation will start at 4:00. If there is no data for that period, it will extend the duration to the next longest period. Exinda Network Orchestrator 3 Using...
  • Page 179 1. Go to Configured Appliances > Application Performance Scores . The currently assigned APS items appear on the page. 2. In the Name column, locate the APS item and use the icon on the right to delete. Screenshot 63: Confirming removal 3. Confirm and click Remove . Exinda Network Orchestrator 3 Using...
  • Page 180 2. In the Name column, click on the name of the APS item you need to modify. 3. Do the following, as needed: Modify the APS Name . Change the Application Exinda Network Orchestrator 3 Using...
  • Page 181 2. On the Add New APS Object form, uncheck the Auto Baseline checkbox. Note if a baseline analysis is running, you'll need to press the Stop Baseline button. The threshold values are only editable there is not a baseline running. The met- Exinda Network Orchestrator 3 Using...
  • Page 182 Normalized server delay – the time taken for a server to respond to the request, where the delay is measured independent of the transaction size by assuming a normalized packet size of 1024 bytes Round-trip time – the time taken for a packet to travel from a client through the Exinda appliance to the server and back Jitter –...

  • Page 183: Configuring An Application Performance Metric Object

    An alert is triggered when the threshold is exceeded for a given length of time. The following metrics are available: bytes lost network delay server delay transaction delay normalized network delay normalized server delay normalized transaction delay round trip time tcp connections aborted tcp connections ignored Exinda Network Orchestrator 3 Using...

  • Page 184: Before You Begin

    If you need to enable alerts, ensure that you have set Email on the Configuration > System > Setup > Alerts page. For more information, see the Exinda Web UI help. You also need to set up SNMP on the Configuration > System > Network > SNMP page. for more information, see the Exinda Web UI help.

  • Page 185: Monitoring Your Network

    12. Click Add New APM Object . The object is added to the list of configured APM objects. 3.2 Monitoring your network After installing and configuring your Exinda Appliance you can monitor your network, gaining full visibility into the applications users access, inbound traffic, outbound traffic and network throughput. Before customizing the Optimizer, best practices suggest letting the Exinda Appliance collect enough data to help you make informed decisions and policies.

  • Page 186: Dashboards

    3.2.14 Monitoring Exinda Appliance system performance 3.2.1 Dashboards The Exinda Web UI provides dashboards you can use to monitor the operation of an Exinda Appliance. One dashboard displays system health and status information about the Exinda Appliance. The other dashboard provides statistical data to show the benefits and impact of the Exinda Appliance in your network.
  • Page 187 Exinda recommends Every night after midnight, your Exinda Appliance analyzes the traffic it saw during the previous day and, if there was something remarkable or unusual, it makes a recommendation, displays it on the dashboard and sends it to the email addresses configured in Network Setup >...
  • Page 188 "remembered" and delivered from the local appliance rather than end-to-end from server to client resulting in a reduction in the amount of data sent across the network. The reduction ratio compares After Exinda to Before Exinda.
  • Page 189 Having visibility into key recreational applications is the first step to managing them. These applications are generally undesirable because they can impact the performance of key business applications, negatively impact customer experiences, reduce productivity, introduce viruses to the network and enable downloading of illegal or copyrighted material. Exinda Network Orchestrator 3 Using...
  • Page 190 WAN optimization. The After value is the actual amount of time taken with WAN optimization. The difference between the Before and After values is then shown as a time value and as a percentage. Before = LAN Data / WAN Throughput Exinda Network Orchestrator 3 Using...

  • Page 191: Monitoring Network Traffic In Real Time

    A Savings value of 50% means that the time taken to transfer an application's data was reduced by half. 3.2.2 Monitoring network traffic in real time This section describes real-time reporting with the Exinda Web UI. The real-time monitors display information related to traffic that has passed through monitored links during the previous 10 seconds.
  • Page 192 The Realtime Monitor separates inbound and outbound host/user traffic. The traffic is sorted by transfer rate. The packet rate and number of flows in the preceding 10 second period are shown. The user name of the internal hosts will also be displayed if configured. Exinda Network Orchestrator 3 Using...
  • Page 193 To show the user associated with the internal hosts, check the Show Users checkbox. NOTE Active Directory must be configured on the Exinda Appliances before user names can be displayed in reports. See For more information, refer to Integrate with Active Directory (page 381).
  • Page 194 For example, the FTP connection below is accelerated and processed by WAN Memory, indicated by the icon. Conversations processed by Edge Cache (see the Edge Cache "How-to" Guide ), are highlighted in blue. Exinda Network Orchestrator 3 Using...
  • Page 195 To show the user associated with the internal hosts Check the Show Users checkbox. NOTE You must have Active Directory configured to display user names. See For more information, refer to Integrate with Active Directory (page 381). . Exinda Network Orchestrator 3 Using...
  • Page 196 10 second boundary. That is, if it refreshes at 9:38:17, the chart will show data from 9:33:10 - 9:38:10. NOTE This report is only shown when there are two or more Exinda Appliances. Screenshot 72: The reduction statistics report.
  • Page 197 10 seconds. NOTE A new internal mechanism was implemented in the ExOS 7.4.2 firmware that prevents Exinda Appliances from being affected by DDoS attacks. As a consequence, the “Ignored Connections” historical report is no longer available, but the Realtime Health report includes the number of ignored connections.
  • Page 198 Connections, and Flow Count for each internal and external host monitored by the Exinda appliance. VERSION INFO A new internal mechanism was implemented in the ExOS 7.4.2 firmware that prevents Exinda Appliances from being affected by DDoS attacks. As a consequence, the “Ignored Connections” historical report is no longer available, but the Real Time TCP Health report still includes the number of ignored connections.
  • Page 199 5. To change how often the table is refreshed, select an Auto-Refresh Rate from the list. Display the report in the Exinda CLI 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 200 Monitoring edge cache traffic in real time The Realtime Conversations monitor shows the top conversations by throughput observed by the Exinda Appliance during the last 10 seconds. This report answers questions such as: Is traffic being processed by Edge Cache properly?

  • Page 201: Monitoring Network Interfaces

    The Interfaces Throughput report shows throughput for a defined period of time for a particular interface or for all interfaces aggregated. This report answers questions such as: Is my link congested? Which bridge is congested? Exinda Network Orchestrator 3 Using...
  • Page 202 (s), and the maximum and average throughput rates for the selected time period. NOTE Because this report shows all data on the wire, it may include traffic not seen on the WAN, such as local LAN broadcasts, etc. Exinda Network Orchestrator 3 Using...
  • Page 203 Screenshot 76: The Interface Throughput report displays inbound and outbound network traffic. Where do I find this report? Go to Monitor > Interfaces > Packets per Second . Exinda Network Orchestrator 3 Using...
  • Page 204 WAN-side interface(s) for the selected time period. The values in the table are automatically updated when the interactive graphs are manipulated. NOTE Because this report shows all data on the wire, it include traffic not seen on the WAN such as local LAN broadcasts, etc. Exinda Network Orchestrator 3 Using...

  • Page 205: Monitoring Network Throughput

    What would happen to the throughput if I created a policy to block a particular app, application group, user, or host? The charts help you diagnose issues and perform what-if scenarios to determine the right size of your network. Exinda Network Orchestrator 3 Using...
  • Page 206 You can then determine an appropriate amount of bandwidth required. To identify which throughput falls above a specific percentile Select the desired percentile level from the Select Percentile Marker to Display selector. Exinda Network Orchestrator 3 Using...

  • Page 207: Monitoring Service Levels

    Learn how to view application performance reports, the availability of your ISP, and the health and efficiency of TCP traffic. Monitoring application performance scores The Application Performance Score (APS) report shows scores that assess network performance and user experience when using business-critical applications. These charts can answer questions such as: Exinda Network Orchestrator 3 Using...
  • Page 208 Each metric that contributes to the score has a threshold value set. The threshold may have been set manually or may have been determined automatically by the Exinda Appliance observing the traffic for the period of time to determine a...
  • Page 209 Generate a PDF report of APS results Create a report that contains the APS, TCP health, and TCP efficiency for a specified period of time. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 210 Generally, you should use the transaction delays unless the protocol that is being monitored has large or variable sized packets. The normalized delay measure normalizes the score to reflect a 1024 packet size allowing you to more easily compare delays when the packets are variable in size. Exinda Network Orchestrator 3 Using...
  • Page 211 10 flow samples have a RTT of < 40 ms (satisfied samples) The APS score is calculated as follows: aps = 10 * ( 1 * (6 + 10) + 0.5 * (3 + 1) + 0 * 2) / 22 = 8.1 Exinda Network Orchestrator 3 Using...
  • Page 212 The appropriate thresholds for an application is unique for each network environment. Thresholds can be set manually when configuring an APS object or the Exinda appliance can analyze the traffic for an application for a baseline period and create a recommended set of thresholds.
  • Page 213 Availability is the percentage of time a resource is reachable by the Exinda appliance. Latency is the delay in getting an ICMP echo reply for an ICMP echo request generated from the Exinda appliance. It represents both the delay from the local Exinda appliance to a remote host and back again.
  • Page 214 How do I interact with the interactive flash time graphs? Using Inter- To understand how to get a better look at traffic patterns and to remove clutter on the time graph, see active Time Graphs Exinda Network Orchestrator 3 Using...
  • Page 215 VERSION INFO A new internal mechanism was implemented in the ExOS 7.4.2 firmware that prevents Exinda Appliances from being affected by DDoS attacks. As a consequence, the “Ignored Connections” historical report is no longer available, but the Real Time TCP Health report still includes the number of ignored connections.
  • Page 216 The most unhealthy applications or hosts are shown in the table below the charts. The table shows the number of connections, number of aborted, ignored, and refused connections. You can click the name of the application or host to view the TCP Health details and a graph for that item. Exinda Network Orchestrator 3 Using...

  • Page 217: Monitoring Applications

    You can drill into the application group by clicking on the application group name in the tables below the charts. This shows the Hosts Report which lists hosts in the selected application group. You can then drill into a particular application to see the hosts using that application. Exinda Network Orchestrator 3 Using...
  • Page 218 - not relative to all the traffic through the appliance. That is, if one wedge showed 50% of the traffic, that means it is 50% of the top items, not 50% through the appliance. Exinda Network Orchestrator 3 Using...
  • Page 219 Each table shows the top application groups together with the number of packets, number of flows data transferred and throughput statistics. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 220 Host Type: When you first load the Hosts report, Internal hosts are graphed by default. Click the Internal hosts button and then select External hosts to change the type. Note that you cannot graph both internal and external hosts at the Exinda Network Orchestrator 3 Using...
  • Page 221 In the data table, each application has a filter icon on the right-hand-side of the row. By clicking on the filter icon, as shown below for Google Encrypted, only the selected application will be charted. Exinda Network Orchestrator 3 Using...
  • Page 222 To understand how to print the report or schedule the report, see Viewing unclassified applications The Applications report may contain links to Discovered Ports. These are links to inbound and outbound applications which have not been classified. Exinda Network Orchestrator 3 Using...
  • Page 223 5. Click Monitor > Applications . 6. If unclassified applications are sending traffic through the Exinda Appliance, a link to Discovered Ports is displayed. To display the unclassified applications, click Displayed Ports . The Discovered Ports report is displayed with source and des- tination ports for each unclassified applications.
  • Page 224 - not relative to all the traffic through the appliance. That is, if one wedge showed 50% of the traffic, that means it is 50% of the top items, not 50% through the appliance. Exinda Network Orchestrator 3 Using...
  • Page 225 Click on the Show Details link in the Name column to see more metrics like round-trip time (RTT), network and server delays, and TCP efficiency. Exinda Network Orchestrator 3 Using...

  • Page 226: Monitoring Network Users

    You can drill into the user by clicking on the user name in the tables below the charts. This will show the Report for the user that you drilled into. You can then use the selector on the Applications report page to show URLs or conversations or hosts that involved the user. Exinda Network Orchestrator 3 Using...
  • Page 227 - not relative to all the traffic through the appliance. That is, if one wedge showed 50% of the traffic, that means it is 50% of the top items, not 50% through the appliance. Exinda Network Orchestrator 3 Using...
  • Page 228 To limit report data to specific periods of time, set the date range. Viewing reports by date range is available on all reports except Realtime reports. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .

  • Page 229: Monitoring Hosts Traffic Volume

    Hosts are IP Address endpoint's in IP transactions and are usually client PCs or servers. During a flow, traffic flows from one host to another. Typically, one host is considered internal to your network; the other is external: Exinda Network Orchestrator 3 Using...
  • Page 230 Mouse Hover: Hover the mouse pointer over the graph to view data throughput at a given date and time. Refer to WUI Guided Tour Chart Interactions - Drill in & Data brush in for details. Exinda Network Orchestrator 3 Using...
  • Page 231 Type a single IP Address in the Search field to locate data for a particular host. If entering an IPv6 host, use the full IPv6 address only. When the data is retrieved, the individual host is shown on the filter bar below the button bar. To Exinda Network Orchestrator 3 Using...

  • Page 232: Monitoring Network Conversations

    A conversation is defined as data transacted between two host machines using the same application within a specified time period. Conversations may also be referred to as sessions. Exinda Network Orchestrator 3 Using...
  • Page 233 - not relative to all the traffic through the appliance. That is, if one wedge showed 50% of the traffic, that means it is 50% of the top items, not 50% through the appliance. Exinda Network Orchestrator 3 Using...
  • Page 234 If the row is colored yellow, then the flow is remotely accelerated. Locally Bridged + Locally Accelerated: The connection is passing through this appliance in the cluster and is being accel- erated on this appliance. Exinda Network Orchestrator 3 Using...

  • Page 235: Monitoring Subnets

    Average bandwidth is calculated as the total bits observed in the charting interval divided by the number of seconds in that interval. E.g. For a chart with an hour of data, the intervals are five minutes. Where do I find this report? Go to Monitor > Subnets . Exinda Network Orchestrator 3 Using...
  • Page 236 Top hosts data is mapped to a bar graph. You can brush over any host to view it's IP Address and throughput data. NOTE Toggling the Top Internal Hosts per Subnet and Top External Hosts Per Subnet within this report is available in version 7.0.3 and higher. Exinda Network Orchestrator 3 Using...
  • Page 237 How Traffic Direction is Determined and its Implications reating a detailed subnet activity report - invalid topic - NA in v7.4.4 Create a PDF report that lists all network activity for Applications, Conversations, Hosts, URLs, and Users on the selected subnets. Exinda Network Orchestrator 3 Using...
  • Page 238 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password . 3. Click Login . The Exinda Web UI appears. 5. Click Report > PDF Reports . 6. Click Add New PDF Report .

  • Page 239: Monitoring Virtual Circuits

    Drill into the applications for a specific virtual circuit by clicking on the virtual circuit name in the charts or the tables below the charts. The applications graph will be shown filtered for the specified virtual circuit. Exinda Network Orchestrator 3 Using...
  • Page 240 Mouse Hover: Hover the mouse pointer over the graph to view data throughput at a given date and time. Refer to Chart Interactions - Drill in & Data brush in WUI Guided Tour for details. Exinda Network Orchestrator 3 Using...
  • Page 241 In general, yes. However, there are some cases where the traffic direction is different for subnets versus virtual circuits and so the totals will not match. For more information, refer to Determining traffic direction and the implications of directional flow on reports (page 238). Exinda Network Orchestrator 3 Using...

  • Page 242: Monitoring The Effects Of Controls

    The table beneath the graph shows some additional information for the selected time period. Maximum Bandwidth is the amount of bandwidth specified in the virtual circuit. The maximum, average, and current rates are measured as per-second throughput. Exinda Network Orchestrator 3 Using...
  • Page 243 Screenshot 101: Control graph for a specified circuit When showing a particular virtual circuit, the average throughput of the underlying top policies are shown in a stacked graph. The peak throughput for the virtual circuit is shown as a line. Exinda Network Orchestrator 3 Using...
  • Page 244 Screenshot 102: Control graph for a specified virtual circuit When showing a particular policy, the average throughput for the selected policy is shown in the throughput chart. The peak throughput for the virtual circuit is shown as a line. Exinda Network Orchestrator 3 Using...
  • Page 245 The hosts that exceeded the hosts limit were not handled by this virtual circuit and would have been captured in another virtual circuit. If the virtual circuit selected is a dynamic virtual circuit, then the following graph will appear above the throughput graph. Exinda Network Orchestrator 3 Using...
  • Page 246 10-second interval. The maximum of these 30 possible calculations is considered the peak throughput for that five-minute interval. To determine if any of the policies appear to be limited Select the desired circuit, the desired virtual circuit, and the desired policy. The average throughput for the selected Exinda Network Orchestrator 3 Using...
  • Page 247 Policy selector. Only virtual circuits and policies that have reported packet discards will appear in the selectors at the point in time where the packets were discarded, which gives an indication where more traffic would have appeared on the network if that traffic had not been blocked. Exinda Network Orchestrator 3 Using...
  • Page 248 To understand how to print the report or schedule the report, see Monitoring prioritization of applications The Prioritization report shows how often applications were prioritized (also referred to as re-ordering or re-queuing). This report answers questions such as: Exinda Network Orchestrator 3 Using...

  • Page 249: Monitoring Optimization Reports

    Monitoring traffic reduction The Optimization Reduction report shows the amount of traffic reduction achieved due to WAN memory techniques. It also shows the amount of reduction per Exinda Appliance peer and per application. This report answers questions such as: Exinda Network Orchestrator...
  • Page 250 Screenshot 106: The Total Reduction Throughput graph displays reduction statistics over time. NOTE When reduction statistics are displayed as percentage reduction, one line graph represents the reduction ratio, which compares the amount of data transferred after or before Exinda: Exinda Network Orchestrator 3 Using...
  • Page 251 Screenshot 107: The Total Reduction Ration graph displays reduction ratios over time. The table below the graphs show reduction statistics broken down by a remote Exinda Appliance peer and by application. Exinda Network Orchestrator 3 Using...
  • Page 252 Go to Monitor > Optimization > Reduction . How is the reduction ratio calculated? Reduction Ratio = (Data Transfer Size Before Exinda - Data Transfer Size After Exinda) / Data Transfer Size Before Exinda How do I interact with the interactive flash time graphs?
  • Page 253 Screenshot 109: The Edge Cache Throughput graph. When displayed as percentage reduction, it displays one line graph to represent the percentage of data transferred that was sent from Edge Cache instead of from the application server. Exinda Network Orchestrator 3 Using...
  • Page 254 Go to Monitor > Optimization > Edge Cache . How to change the Edge Cache Throughput chart to a Edge Cache Reduction Ratio chart? Select the desired type of chart from the Edge Cache Graph Type selector below the chart. Exinda Network Orchestrator 3 Using...

  • Page 255: Monitoring Exinda Appliance System Performance

    To understand how to print the report or schedule the report, see 3.2.14 Monitoring Exinda Appliance system performance Learn about the reports that provide feedback on the performance of your Exinda Appliance. The reports cover aspects of operational performance like number of concurrent connections, CPU utilization, CPU temperature, memory usage, disk IO and swap space usage.
  • Page 256 To find the report, go to Monitor > System > Accelerated Connections . Screenshot 113: The Accelerated Connections graph displays accelerated connections over time. The second chart shows accelerated connections for each type of accelerated traffic: SSL, SMB1, SMB2, and NCP. Exinda Network Orchestrator 3 Using...
  • Page 257 Setting the Time Range Printing and Scheduling Reports To understand how to print the report or schedule the report, see Monitoring Exinda Appliance CPU usage The CPU Usage report shows how hard the CPU is working over time. Exinda Network Orchestrator...
  • Page 258 To diagnose a CPU usage problem, for each period where the CPU usage is high, compare with the Connections report, the Accelerated Connections report, the Reduction report, and the VoIP Solution report. Screenshot 115: The CPU utilization graph shows how hard the Exinda Appliance works over time. Where do I find this report? Go to Monitor >...
  • Page 259 To understand how to print the report or schedule the report, see Printing and Scheduling Reports Monitoring Exinda Appliance CPU temperature The CPU Temperature report shows the temperature in degrees Celsius of the appliance CPU over time for the selected time period.
  • Page 260 Printing and Scheduling Reports To understand how to print the report or schedule the report, see Monitoring Exinda Appliance RAM usage The RAM Usage report shows how much memory the appliance is using relative to the amount of memory available for the selected time period.
  • Page 261 Printing and Scheduling Reports To understand how to print the report or schedule the report, see Monitoring Exinda Appliance swap space usage The Swap Usage report shows how much the appliance is swapping over time for the selected time period.

  • Page 262: Monitoring Applications With The [[[Undefined Variable Myvariables.exsoluctr]]]

    FTP, SSH, Salesforce.com, Office365 VoIP and many more. The generated reports answer questions, such as: How is salesforce.com performing for network users? How are critical applications performing on the network? How can I best mitigate data center disasters? Exinda Network Orchestrator 3 Using...

  • Page 263: How Performance Reports Work

    The baseline process may not take an hour. If an Exinda Appliance has observed and stored traffic for the application within the hour the baseline process starts, the baseline process uses that stored information and only waits enough time for a total hour of data to be collected.
  • Page 264 Application Performance link to bring up a list of applications to choose from. NOTE The report description lists the minimum version of Exinda OS required to run the report. If your Exinda OS does not meet or exceed the requirement, the Run button will not be available.

  • Page 265: Using The Application Performance Monitor Voip Report

    MOS, or Mean Opinion Score, is a measure of all quality. Historically, users would rate their call experience on a five point scale. An Exinda Appliance automates MOS ratings, taking into account network dependency conditions. The scores have the following meanings.

  • Page 266: Recreational Traffic

    How to set up this report? The report for recreational traffic can be created by visiting the Exinda Solution Center 1. Go to Solution Center > Show Solution Center . 2. Under Network Governance , click Recreational Traffic > Run . A confirmation screen opens.
  • Page 267 If no traffic is observed for an application during a baselining period, the baselining process repeats until traffic is observed and thresholds are calculated. The baselining process may not always take an hour if an Exinda Appliance has observed and stored traffic for the application within the hour the baselining process starts.

  • Page 268: Adding And Deleting Solutions

    VoIP Performance, you cannot create the solution more than once. 3.3.6 Adding and deleting Solutions Use the instructions that follow to add Exinda Solutions to your configuration , and later, if necessary, delete them. When defined, the solutions provide access to reports that focus on the specified applications.

  • Page 269: Setting A New Baseline

    Round trip time – the amount of time for data to travel from a device across a network and return Jitter – a measure of the variability of Network Delay. We define it as one standard deviation of the Network Delay. Inbound loss and outbound loss – the amount of data retransmitted Exinda Network Orchestrator 3 Using...

  • Page 270: Investigating Unusual Performance

    3.4 Managing network traffic As you monitor your traffic, you may recognize patterns of activity that you need to manage. The Exinda Appliance provides the ability to define policies, based on several criteria, that you can use to control, by either limiting or giving priority to, specified classes of traffic on your network.

  • Page 271: The Exinda Policy Tree

    3.4.1 The Exinda policy tree All network behavior that you want to modify by using the Exinda Appliance is specified by policies in the optimizer. This includes traffic shaping, prioritization, acceleration, and packet marking. These policies are arranged hierarchically in a tree so that you can assign different policy rules to different types of traffic on your network.
  • Page 272 If the traffic did not match a given policy in the virtual circuit that was matched, then the traffic would be evaluated against the next policy. Exinda Network Orchestrator 3 Using...
  • Page 273 WiFi network. For example, you have policies for P2P, streaming, and web, but you do not have policies for software updates. The system will automatically define a policy for the remaining traffic called Auto Exinda Network Orchestrator 3 Using...

  • Page 274: Circuits

    When defining circuits, ensure each bridge is bound to a circuit; otherwise network traffic on any bridge that is not bound to a circuit, will not be affected by policy and will be monitored in a catch-all circuit. Exinda Network Orchestrator 3 Using...
  • Page 275 If the type of traffic does not match any policy in the first circuit, then it will attempt to match the policy in the second circuit. For example, consider where circuits, virtual circuit, and policy are defined as: Exinda Network Orchestrator 3 Using...
  • Page 276 On an Exinda Appliance, a circuit specifies the named bridge (or bridges) to which it is bound. In the Exinda Management Center, the binding to bridges is through a designated Circuit Type. Circuit Types represent the intended use of a circuit.
  • Page 277 To add a circuit to a Policy Tree 1. Go to the (desired appliance group) > Optimizer Policy Tree . 2. Click Add circuit from library . 3. Select the desired circuit from the drop-down list. Exinda Network Orchestrator 3 Using...
  • Page 278 The Circuit Type library items can be found in Library > Circuit Types . To assign the Circuit Type to a circuit, see Circuits Bridge/Circuit Type Mapping To assign Circuit Types to appliance bridges, see Exinda Network Orchestrator 3 Using...

  • Page 279: Virtual Circuits

    BEST PRACTICE It is a best practice to create an overflow virtual circuit immediately after a virtual circuit with a connection limit or a host limit, to capture the connections or hosts that were excluded. Exinda Network Orchestrator 3 Using...
  • Page 280 Configuring a Virtual Circuit as a Dynamic Virtual Circuit Sharing bandwidth equally Ensuring minimum bandwidth when sharing equally Capping bandwidth usage per host Capping bandwidth usage per host with minimum bandwidth Limiting the number of hosts sharing bandwidth Troubleshooting Virtual Circuits Exinda Network Orchestrator 3 Using...
  • Page 281 Creating a virtual circuit Use the following instruction to create a new virtual circuit (VC). You use VCs to manage bandwidth through the Exinda Appliance. Before you begin… If you need to manage oversubscription to the VC, see the following: How to handle oversubscription in a Virtual Circuit As you create the new VC, you may want to employ the Dynamic Options.
  • Page 282 13. Click Add New Circuit . The virtual circuit appears in the policy tree. 14. If necessary, in the policy tree, change the ranking of the VC. This ensures the VC is handled in the correct order. Exinda Network Orchestrator 3 Using...
  • Page 283 5. In the Bandwidth section, type the desired bandwidth for this virtual circuit. 6. Also specify how to share bandwidth with other virtual circuits when there is insufficient bandwidth due to over sub- scription.. NOTE The bandwidth can be specified in %, Kbps, Mbps or Gbps. Exinda Network Orchestrator 3 Using...
  • Page 284 See Dynamic Virtual Circuits for more information about configuring dynamic virtual circuits. 8. In the Schedule section, set the time values for when the virtual circuit will be enforced. NOTE Schedules Options in the list are determined by the library category Exinda Network Orchestrator 3 Using...
  • Page 285 Configuring a virtual circuit as a dynamic virtual circuit When defining a VC, you can configure it as a dynamic virtual circuit (DVC). DVCs have the flexibility to manage the available bandwidth based on the number of active hosts. Exinda Network Orchestrator 3 Using...
  • Page 286 In the configuration, you set the VC to automatically calculate the per host bandwidth and the number of allowed hosts. The system then assigns bandwidth by dividing what is available to the virtual circuit by the number of active hosts. Exinda Network Orchestrator 3 Using...
  • Page 287 You can specify an automatic calculation of the per host bandwidth and the number of allowed hosts. The system then divides the virtual circuit bandwidth by the number of active hosts. Adding a dynamic virtual in the Exinda Web UI On the Add New Virtual Circuit form, do the following: 1.
  • Page 288 Ensuring minimum bandwidth when sharing equally Limiting the number of hosts sharing bandwidth Adding a dynamic virtual circuit in the EMC The options available in the Exinda Management Center appear in the following screenshot: Screenshot 131: Dynamic virtual circuit options Consider the following: While allocating bandwidth usage to each host on the network.
  • Page 289 On the Add New Virtual Circuit form, do the following: 1. Select the Dynamic Virtual Circuit checkbox. 2. Set the DVC settings to: Per Host Bandwidth: Automatically Share Per User Max Bandwidth: No burst; set limit to your manual cap value Max Hosts: Auto Exinda Network Orchestrator 3 Using...
  • Page 290 = allocated-bandwidth If the allocated bandwidth is less than the virtual circuit bandwidth, then you are making some of the bandwidth inaccessible. Exinda Network Orchestrator 3 Using...
  • Page 291 5. If your traffic is falling into the wrong virtual circuit, check the definition of the affected virtual circuits and ensure the most specific virtual circuit is higher in the policy tree. Exinda Network Orchestrator 3 Using...

  • Page 292: Policies Overview

    Policies are part of the policy tree. To learn how circuits, virtual circuits, and policies work together, see Policy Tree Related Topics Creating a policy for a specific Virtual Circuit Creating a policy for use with any Virtual Circuit Exinda Network Orchestrator 3 Using...
  • Page 293 This is true for policies as well. That is, more specific policies need to be ordered higher in the virtual circuit's set of policies as compared to more general virtual circuits. Exinda Network Orchestrator 3 Using...
  • Page 294 Configuring a policy to redirect HTTP traffic to an HTTP Response webpage Configuring a policy to redirect HTTP traffic to a URL To create a policy in the Exinda Web UI 1. Go to Configuration > Optimizer . The right side of the screen refreshes.
  • Page 295 For the second host, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance. ToS/DSCP – Select traffic based on particular ToS/DSCP marks in the IP header.
  • Page 296 Creating a policy for a specific Virtual Circuit VERSION INFO Exinda Management Center 1.5.0 does not support policies for HTTP Redirect or HTTP Response. When you create policies, they are added to the Policies Library. If you amend a policy definition, any changes made to it affect all Virtual Circuits that use that policy.
  • Page 297 While creating the policy set, if you create a new policy but cancel creating the policy set, the new policy is retained in the library. Creating a policy for a specific virtual circuit in the Exinda Web UI Use the following instructions to create a policy that relates to a specific virtual circuit (VC). While these instructions assume that the policy is intended for a specific VC, it can later be used with other VCs.
  • Page 298 For the second host, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance. ToS/DSCP – Select traffic based on particular ToS/DSCP marks in the IP header.
  • Page 299 Configuring a policy to accelerate traffic in the Exinda Web UI Use the following instructions to configure a policy that enables acceleration to the traffic identified by the policy. 1. From the Action drop-down list select Optimize , and then select the Acceleration section checkbox to enable accel- eration and reduction techniques.
  • Page 300 How traffic-shaping queue modes work When shaping traffic as specified by the policies, the Exinda Appliance needs to maintain a queue of packets for each policy within their respective virtual circuits. There are three different queuing methods to address the needs of different use scenarios when using a multi-processor appliance.
  • Page 301 In this case, the flow is handled by a single CPU and the other CPUs are idle. It then appears that they are getting 1/N of the amount of traffic that they are expecting even though in more realistic use of the network, where the flows can be distributed more evenly, they will get the appropriate amount of bandwidth. Exinda Network Orchestrator 3 Using...
  • Page 302 If the circuits are oversubscribed, then the shaping queuing mode will revert to the multi-queue mode . Exinda Network Orchestrator 3 Using...
  • Page 303 Screenshot 137: Multi per VC Queue Mode Configuring a policy to discard (block) traffic in the Exinda Web UI Use the following instructions to configure a policy that discards (blocks) identified traffic. 1. From the Action drop-down list, select Discard and optionally check the Discard only the first packet of a con- nection option.
  • Page 304 1. From the Action drop-down list, select the Return HTTP Response and select the HTML Response object checkbox. The HTML Response object allows you to "host" a webpage on the Exinda appliance. You create the HTML Response webpage at Configuration > Objects > HTML Response . For more information refer to HTML Response Objects.
  • Page 305 Reading and writing ToS and DiffServ packet marks Exinda Appliances can read and write ToS/DSCP marks in packets, allowing fine-grained control and classification of applications that are marked with Tos/DSCP values as well as applying marking policies to ensure traffic is treated appropriately by onward network equipment.
  • Page 306 DSCP Class Name Binary Value Decimal Value BE (best effort, default) 000000 AF11 (assured forwarding, see RFC 2597) 001010 AF12 001100 AF13 001110 AF21 010010 AF22 010100 AF23 010110 AF31 011010 AF32 011100 AF33 011110 AF41 100010 Exinda Network Orchestrator 3 Using...
  • Page 307 Mark Packets with ToS/DSCP Values Matching packets to ToS/DSCP values When defining Optimizer Policies on the Exinda appliance, there is a ToS/DSCP drop down that allows users to match only those packets with the specified ToS/DSCP value. Exinda Network Orchestrator...
  • Page 308 Optimizer Policies. Traffic Priority Class IETF DiffServ Traffic Priority Class DSCP Setting Real Time (Gold) Expedited Forwarding Mission Critical (Silver High) Assured Forwarding AF31 Business Critical (Silver Low) Assured Forwarding AF32/33 General Business (Bronze) Best Effort Exinda Network Orchestrator 3 Using...
  • Page 309 3. Click Create new policy set 4. In the Name section, key-in a name for the policy. The name must be unique within the tenant. 5. In the Policies section, add policies to the list. Exinda Network Orchestrator 3 Using...

  • Page 310: The Optimizer Wizard

    Step 3: Do you want to accelerate? - Selecting YES will create policies that accelerate WAN applications. You must have another Exinda appliance on the WAN for this to work. Step 4: Do you want to apply QoS? - Selecting YES will apply traffic shaping.
  • Page 311 Screenshot 139: The Optimizer Wizard configuration. This will enable both QoS (traffic shaping) and Application Acceleration. You will need to select the WAN topology that bests represents your deployment and also type the inbound and outbound bandwidths for this Exinda appliance. Scenario 2: QoS Only...
  • Page 312 And you will also need to type the inbound and outbound bandwidths for this Exinda appliance. Scenario 3: Acceleration Only Step 3: Do you asymmetric traffic? - YES Step 4: Do you want to enable Optimization? - NO Exinda Network Orchestrator 3 Using...
  • Page 313 Limit Low 2%-10% Limit Med 3%-50% Limit High 4%-70% Guarantee Low 5%-100% Guarantee Med 8%-100% Guarantee High 10%-100% Guarantee Critical 15%-100% Guarantee Low 5%-100% - Accelerate Guarantee Med 8%-100% - Accelerate Guarantee High 10%-100% - Accelerate Exinda Network Orchestrator 3 Using...

  • Page 314: Configuring For Common Use Cases And Scenarios

    You should note that you should ensure that DNS traffic for the unauthenticated users is not blocked. Since the Exinda Appliance matches traffic to the filters in the policies (and virtual circuits) from the top of the Optimizer policy tree, you need to ensure that the most specific filters appear first in the tree. The policies should appear in the following order.
  • Page 315 Creating a Virtual Circuit for Authenticated Users Creating a Virtual Circuit for Unauthenticated Users Creating policies to filter for Authenticated Users with no Virtual Circuit available Creating policies that redirect traffic Creating policies that block unwanted unauthenticated traffic Exinda Network Orchestrator 3 Using...
  • Page 316 8. Click Add New Virtual Circuit . The page refreshes and the new VC appears on the tab. Related Topics Creating a Virtual Circuit for Authenticated Users Creating policies to filter for Authenticated Users with no Virtual Circuit available Exinda Network Orchestrator 3 Using...
  • Page 317 Creating a Virtual Circuit for Unauthenticated Users Creating policies that redirect traffic Creating policies that block unwanted unauthenticated traffic Creating policies that redirect traffic Use the following instructions to create policies that redirect unauthenticated users to an identified URL. Exinda Network Orchestrator 3 Using...
  • Page 318 Creating policies that block unwanted unauthenticated traffic Use the following instructions to block any unauthenticated traffic that is not already identified in other policies. To create the policy: 1. Go to Configuration > Optimizer . Exinda Network Orchestrator 3 Using...

  • Page 319: Backhauling Internet Traffic

    . Because of the layout, the traffic may go through an Exinda Appliance at the headquarters twice. The traffic flows from the client through the appliance, turns around at a router, and goes back through the appliance to the destination.
  • Page 320 TCP connection. Normally, the Exinda appliance at the headquarters would send a SYN with an attached TCP option 30 to the server on the Internet just in case there is another Exinda appliance closer to the server. The End Acceleration...

  • Page 321: Setting And Enforcing Quotas

    When they have HTTP traffic, you can also choose to redirect them to a webpage that you host or respond with a webpage that the Exinda Appliance hosts. If needed you can combine these, such that the first policy filters for HTTP traffic and then shows a webpage, but then other types of traffic are caught by a second policy that blocks the remaining traffic.
  • Page 322 2. Create an adaptive response limit object that defines the 10GB limit as well as the destination dynamic network object that will contain the students who exceeded their quota using the Configuration > Objects > Adaptive Response page. Exinda Network Orchestrator 3 Using...
  • Page 323 Screenshot 150: Setting parameters for a virtual circuit. 4. Create an HTML Response object that defines what the webpage will look like once the shoppers have exceeded 2 hours of usage. See the Configuration > Objects > HTML Response page. Exinda Network Orchestrator 3 Using...
  • Page 324 Web traffic matching this policy will be sent back an HTML response with the contents of the HTML Response object, which will cause the a web page to be presented to the client. 3. Type the Filter Rules . Exinda Network Orchestrator 3 Using...

  • Page 325: Creating Applications From Dscp-Marked Traffic (Like Riverbed Accelerated Traffic)

    Some times you might find that the Exinda Appliance is located between two other types of network appliances that modify the traffic in a way that obscures the visibility of the Exinda appliance into the traffic. An example of this would be having the Exinda Appliance located between two Riverbed appliances doing acceleration.

  • Page 326: Clustering And High Availability

    Screenshot 154: A typical clustering topology. In this example, there are two physical links: from Router1 to Switch 1 and from Router2 to Switch2. An Exinda appliance is deployed between each switch and router, and a cable is connected between the two appliances for synchronization.
  • Page 327 In the event that the Cluster Master fails, is rebooted, or powered off, a new Cluster Master is automatically elected. The offline node (previously the Cluster Master) is treated as a regular offline node. When it comes back online, it does not necessarily become the Cluster Master. Exinda Network Orchestrator 3 Using...
  • Page 328 Master IP address when managing a cluster. CAUTION When upgrading the firmware of appliances that are part of a cluster, Exinda recommends that you break the cluster before starting the upgrade (Either by disconnecting the cluster link or by clearing the “Cluster” option for the appropriate interface).
  • Page 329 4. In the Cluster Master Settings area, select eth1 and type the external address used to access the appliances. 5. Repeat these steps all each Exinda Appliance joining the cluster. Once these settings are saved, the appliances will auto-discover each other and one will be elected as the Cluster Master.
  • Page 330 Screenshot 157: Cluster Master (External) configuration on both Exinda Appliances. In the example above, Exinda 1 has a Management IP of 192.168.0.161 and Exinda 2 has a Management IP of 192.168.0.162. The Cluster External IP is configured as 192.168.0.160 on both appliances – regardless of which of these two appliances becomes the Cluster Master, it will be reachable on the 192.168.0.160 IP address.
  • Page 331 Exinda appliance on the active one is offline. In order to do this, you need the appliance that went offline to purposefully break the traffic so the HA protocol can hand it over to the backup link.
  • Page 332 3. On the original master appliance, turn clustering back on. This appliance will now be the standby appliance. Configuring Exinda Appliances for clustering Before configuring clustering, the Exinda Appliances must be correctly cabled. It is recommended that each appliance in the cluster be connected and configured with a dedicated management port.

  • Page 333: Controlling Anonymous Proxy Traffic

    Cluster node count: 2 ID Role State Host External Addr Internal Addr ----------------------------------------------------------------- 1* master online exinda-A 192.168.0.161 192.168.1.1 2 standby online exinda-B 192.168.0.162 192.168.1.2 3.5.6 Controlling anonymous proxy traffic Users who want to bypass security policies that prevent tools from monitoring what they are doing, typically find an open and anonymous HTTPS transparent proxy.

  • Page 334: Managing Exinda Appliances With Emc

    The Exinda Appliance can identify traffic that is served through an anonymous proxy and classify it as the Anonymous Proxy application. As such, any anonymous proxy traffic appears on the real-time monitoring screen and on other monitoring reports as"Anonymous Proxy", and can then be controlled by the Optimizer.

  • Page 335: Viewing Appliances In The Tenancy

    Delivered – configuration has been delivered to the appliance. 3.6.1 Viewing appliances in the tenancy There are several locations in the Exinda Management Center where you can see the list of appliances in your tenancy, each providing a different scope of which appliances are shown.
  • Page 336 When appliances are moved out of the Configured Appliances group to the Unallocated Appliances group or the Appliance Pool , the configuration that was applied via the edit forms will be automatically removed from the appliances upon the next call into the Exinda Management Center. To move an appliance 1.
  • Page 337 3. Type the name of the group to create the group. To delete an appliance group 1. Click the appliance group header menu and click the menu icon of the group that you want to delete. 2. Select the Delete menu item. Exinda Network Orchestrator 3 Using...

  • Page 338: Configuration Library

    – The Service Level Agreement (SLA) objects are used to monitor the availability of a par- ticular IP site. VLANs – Virtual LAN (VLAN) Objects are used to logically separate hosts (or groups of hosts) on a functional basis rather than on a physical basis. Exinda Network Orchestrator 3 Using...

  • Page 339: Configuring Your Appliances Through The Cli

    SDP simplifies the tasks of installing, configuring, monitoring and reporting WAN optimization appliances. It is a key differentiator in the traffic shaping & WAN optimization space. A fundamental component of Exinda's Unified Performance Management solution, it rounds out the Exinda product line and makes it the most comprehensive and effective solution for achieving peak application performance.

  • Page 340: Sdp Web User Interface (Wui) And Features

    Update firmware on a single or multiple device(s). Scheduling future firmware update. Central reporting manager Provides access to predefined reports. Custom report wizard enables user creating new reports as well as editing, saving and deleting them. Exinda Network Orchestrator 3 Using...

  • Page 341: Getting Started With Sdp

    3.7.2 Getting started with SDP Users can register with Exinda SDP via the Exinda web site. Your email address must be the registered 'End User' contact in our database for an Exinda product. The registered email address can be found on the maintenance certificate sent to the end user.

  • Page 342: Logging Out

    To register a new user 1. Click Register New User . 2. Fill in all fields. 3. Click Save . 4. An email notification with account details will be sent to the new user. Exinda Network Orchestrator 3 Using...
  • Page 343 2. Select the appliance you would like to allocate to a user. 3. Click Allocate . 4. Select a user from the drop down menu. 5. Click Confirm . NOTE You cannot allocate an appliance to multiple users. Exinda Network Orchestrator 3 Using...
  • Page 344 4. Click Deallocate . To change the Admin email 1. Click Change Admin Email . 2. Enter the new email address. 3. Click Save. 4. An email notification will be sent to the new address. Exinda Network Orchestrator 3 Using...
  • Page 345 Exinda Website. 4. Enter the release code. Please email on sdp@exinda.com to obtain the release code. 5. Enter a link to the release notes of the new firmware. The release notes can be found on the support section of the Exinda Website.
  • Page 346 URLs navigate to Network Settings, enter the new IP and click Save. The firmware links will be automatically updated. To replace an existing exinda hardware 1. You can use this option in case of a hardware failure, where an existing appliance will be replaced by a new one. By following this process all the SDP information of the old unit will be transferred to the new one.

  • Page 347: Network Configuration

    To configure the postfix mail server - 1st Option 1. Go to Servers > Postfix configuration . 2. Click Edit Config Files . 3. Scroll down and replace exinda.com with the customer's domain name. 4. Click Save . To configure the postfix mail server - 2nd Option 1.
  • Page 348 2. Click Factory Default . This action will restore the server to its factory default settings. Any existing data will be erased. To update your SDP license 1. Navigate to Others > Custom commands . Exinda Network Orchestrator 3 Using...

  • Page 349: Changing The Default View Settings In Sdp Wui

    SDP release notes from this page. If you are the owner of the device you'll have the option to create user accounts, user groups and devices groups. For more information, refer to Users and groups administration (page 350). Exinda Network Orchestrator 3 Using...
  • Page 350 5. Enter the new user's email address 6. Click Save . After creating a new user account, you need to set users privileges. You can select which Exinda devices the user will have access to when logging in and whether read or write access is required.
  • Page 351 Select the users you wish to include in the group. Hold the ctrl key down for multiple selections. Click Save . To set user group privileges 1. Click Setup . 2. Click Users and Groups . 3. Click View User Groups . Exinda Network Orchestrator 3 Using...
  • Page 352 SDP Policy Service provides functionality to minimize user input and to ensure that the network maintains pre-defined service levels. SDP Auto-Pilot and Semi-Assist modes are available for hosted service subscribers only. To change the Policy Service mode 1. Click Setup . 2. Click Users and Groups . 3. Choose a mode: Exinda Network Orchestrator 3 Using...

  • Page 353: Tools

    Click Tools on the menu located at the top right corner. The Tools menu gives the option to search a device's details, such as software subscription (SS) expiration date, firmware version and product/hardware/activation keys.This feature is only available on hosted Exinda SDP. You can also log a configuration recommendation request to Exinda TAC via this page.
  • Page 354 6. Give a detailed explanation of what you are trying to achieve with the exinda. 7. Click Submit . 8. Exinda TAC will send you recommendations, based on the information you have submitted, within 48 hours. Exinda Network Orchestrator 3 Using...

  • Page 355: Managing Appliances In Sdp

    Setup > User and Groups Settings > View Appliance Groups . When selecting a device the following information is displayed. If the device is online you can view the device's config, Edit Config Upgrade Firmware edit it or upgrade it. For more information see Exinda Network Orchestrator 3 Using...
  • Page 356 You'll be directed to the Config Log, which will show your request as pending. After 5 minutes go back to the "Show Diagnostics file" page. The diagnostics file will now be available. Send the diag file to Exinda TAC upon request.
  • Page 357 When a device is online you can view the config and perform any required changes. The available options depend on the firmware version currently installed in your exinda. The options available on V5 appliances differ to the ones available on v4 appliances.
  • Page 358 If an appliance is online, you can upgrade to the latest firmware. To update a device: 1. Go to the Appliances page. 2. Select a device. The device status must be online. 3. Click Update Firmware . 4. Select a firmware upgrade version. Exinda Network Orchestrator 3 Using...
  • Page 359 Configuration templates allow for easier and quicker configuration of one or multiple appliances. Templates can be saved and reused at any time. To create a configuration template: 1. Go to the Appliances page. 2. Select the Configuration templates for the V5 tools 3. Click Create New configuration template . Exinda Network Orchestrator 3 Using...

  • Page 360: The Sdp Dashboard

    16. Click Save . You can repeat steps 9-16 to include additional components in your dashboard. Use the arrows to arrange all components on your dashboard. Click on the graphs to view complete individual reports. Exinda Network Orchestrator 3 Using...

  • Page 361: Viewing Reports In Sdp

    Click Reports on the top menu to view or edit existing reports, create new ones and set report schedules. To create a custom report: 1. Click Reports on the top menu to enter the device management view 2. Click Create Custom Report . 3. Enter a Name and Description for the new report. Exinda Network Orchestrator 3 Using...
  • Page 362 1. Click Reports on the top menu. 2. Select a report that you want to view from the report list. 3. All reports are listed by category. You can also click on any column to sort records by the selected parameter. Exinda Network Orchestrator 3 Using...

  • Page 363: Viewing The Config Log In Sdp

    The config log is divided into the access containing the user login and configuration, containing the configuration changes and firmware updates . You can view both log types or select a specific one by checking the appropriate tick box. Exinda Network Orchestrator 3 Using...
  • Page 364 NOTE The time/date are based on your time zone settings.To configure your time zone settings navigate to Setup > Timezone settings . Exinda Network Orchestrator 3 Using...

  • Page 365: Settings

    Interface Settings You need the Exinda appliance and devices that are connected to the appliance to have the same speed and duplex settings for their network interfaces. In most cases the default settings will work as the Exinda is setup to auto-negotiate.
  • Page 366 Link State Mirroring With link state mirroring, the Exinda appliance will bring down the second port of a bridge if the first port goes down. This feature allows the Exinda appliance to sit between a WAN router and a switch without blocking detection of switch outages by the router.
  • Page 367 HW Address - Indicates the MAC address of the interface. 2. Specify the Speed and Duplex at which the Exinda will negotiate with neighboring equipment. Use Auto speed to allow the Exinda appliance to auto-negotiate the speed with neighboring equipment. Use Auto duplex to allow the Exinda appliance to auto-negotiate the duplex with neighboring equipment.

  • Page 368: Ip Address Configuration

    4.1.2 IP address configuration The Exinda appliance allows you to configure bridges and network interfaces as required. A bridge consists of a LAN and WAN interface. Bridges can be enabled, and roles can be assigned to an interface (Cluster, Mirror or WCCP) and IP settings applied.
  • Page 369 Exinda Network Orchestrator 4 Settings...
  • Page 370 PBR - One interface may be configured in Policy-based Routing (PBR) mode. PBR allows for acceleration of only the types of traffic specified in the policy. The DHCP option is enabled by default on the Exinda appliance. If a DHCP server is available, an IP address will be automatically assigned. From a web browser go to www.findmyexinda.com...

  • Page 371: Routes Configuration

    Routing table entries can have multiple sources: static A manually configured route. interface Derived from the addresses assigned to an interface. SLAAC Assigned from SLAAC autoconfiguration. DHCP Assigned from DHCP autoconfiguration. Exinda Network Orchestrator 4 Settings...

  • Page 372: Dns And Domain Names Configuration

    4.1.4 DNS and domain names configuration The DNS page is used to set a host name for your Exinda appliance and to configure the location of your DNS server(s). You can also configure domain names that can be used to resolve hostnames in other configuration screens.
  • Page 373 2. Click Apply Changes . How to know if the DNS was configured by the DHCP server? In the Static and Dynamic Name Servers section, there will be an IP address where the source is indicated to be dynamic. Exinda Network Orchestrator 4 Settings...

  • Page 374: Http Proxy Configuration

    4.1.5 HTTP proxy configuration Specify a HTTP proxy if you would like the appliance to access Exinda's server via HTTP proxy. Access to Exinda's HTTP server is required for firmware updates, license updates, and Anonymous Proxy updates. If you have SDP enabled, please ensure your proxy supports HTTPS.
  • Page 375 2. In the SMTP Server Name field, type the name. NOTE You can use IPv4 or IPv6 addresses, or DNS names. 3. In the SMTP Server Port field, type the port number. NOTE The default port number is 25. Exinda Network Orchestrator 4 Settings...
  • Page 376 1. Go to Configuration > System > Network > Email > Notify Recipients . 2. In the list, select the user to be deleted. 3. Click Remove Recipients . The user is removed from the list, and will no longer receive email notifications. Exinda Network Orchestrator 4 Settings...

  • Page 377: Snmp Configuration

    Testing the SMTP configuration Adding notification email recipients 4.1.7 SNMP configuration The Exinda appliance allows data export to SNMP systems. Configure the SNMP settings or download the Exinda SNMP MIB. NOTE To disable or enable SNMP traps for system alerts, see For more information, refer to Alerts (page 454).
  • Page 378 7. Click Apply Changes . Removing an unwanted SNMP Community Use the following instructions to remove an unwanted SNMP community. 1. Go to Configuration > System > Network > SNMP > List of configured SNMP Communities . Exinda Network Orchestrator 4 Settings...
  • Page 379 Use the following instructions to download the SNMP MIB file. The file contains additional monitoring information. 1. Go to Configuration > System > Network > SNMP . 2. Under SNMP Configuration , click Download SNMP MIB . The EXINDA-MIB.txt file downloads to the loc- ation you specify. Changing SNMP authentication for Admin user Use the following instructions to change the SNMP authentication for the Admin user.
  • Page 380 1. Go to Configuration > System > Network > SNMP . 2. In the Add New Trap Sink area, specify the hostname or IP address of the SNMP trap sink server. You can specify IPv4 or IPv6 addresses, or a hostname. Exinda Network Orchestrator 4 Settings...

  • Page 381: Integrate With Active Directory

    Active Directory server. After configuration, the Connector functions as a gateway between the Active Directory Server and the Exinda Appliances to supply user and group information. As each user logs in using their Active Directory credentials, the information is gathered by the Connector and passed to the Exinda Appliances. Within the Monitor reports, IP Addresses are replaced by the user and group names where obtained from Active Directory.
  • Page 382 To integrate Active Directory with the Exinda Appliance, you need to install the Exinda AD Connector service on a Windows server that can then connect to the Active Directory server. Each Exinda AD Connector can talk to up to 20 Exinda appliances.
  • Page 383 Providing the required permissions to the Exinda AD service When installing the Exinda AD Connector on a server that is not a domain controller, ensure that the account in charge of running the service is an Active Directory domain admin account.
  • Page 384 (page 382). To install the Connector Service 1. On the server where the Exinda Active Directory Connector should be installed, run the installation file. 2. Read and accept the end-user license agreement, and then proceed through the screens, making the selections indicated below, and clicking Next where needed: Specify the directory where the Exinda Active Directory Connector should be installed.
  • Page 385 IMPORTANT When installing the Exinda AD Connector on a server that is not a domain controller, ensure that the account in charge of running the service is an Active Directory domain admin account. See To ensure the Exinda AD service has the appropriate permissions below.
  • Page 386 2. To send a list of users and groups to Exinda appliances when the service starts, select Send Active Directory user and group information to Exinda appliances . The list of users and groups that is sent to the appliance can be used to cre- ate user or group-based policy.
  • Page 387 Identify the Active Directory Server The Exinda AD Connector can be installed on any server in the network that has access to the Active Directory server. If the Connector is installed somewhere other than on the Active Directory server, you must specify the location and authentication credentials of the Active Directory server.
  • Page 388 1. From the Start menu select Control Panel > Administrative Tools . 2. Double-click Services , and verify the status of the Exinda AD service. If the service is stopped, restart the service. 3. In the Windows Logs > Application area, a “Service started successfully” message should be displayed from Exinda Networks Active Directory Connector.
  • Page 389 Regardless of the case of usernames in Active Directory, the Exinda Appliance displays the usernames with the first name capitalized and the surname in lower case; for example Domain/Test.user. Do not use the value in the Exinda Appliance when adding a username to the Excluded list.
  • Page 390 Because the Citrix XenApp server is treated as a single IP address by the Exinda appliance, and the IP address of the clients connecting to the server are ignored, the Exinda Appliance cannot include the names of users who are accessing the applications on the XenApp server.
  • Page 391 When a user on a client computer logs into a Citrix XenApp server (1), their IP address and user name are captured by the Exinda Citrix XenApp Plugin and sent on to the Exinda AD Connector (2). The connector then sends the user name and IP address of the XenApp user to the Exinda Appliance to include in reports (3).
  • Page 392 Capture the Exinda Citrix XenApp Plugin Activity in a Log File Depending on the logging level selected, the Exinda Citrix XenApp Plugin records various types of data in a log file. The available log levels include Error, Warning, Info, and Verbose. By default, the log sensitivity is Warning. The location of the log file and the level of detail recorded in the log file are configurable.
  • Page 393 Request Updated User Information from the Exinda Citrix XenApp Plugin If the synchronizations of the user data between the Exinda Citrix XenApp Plugin and the Exinda AD Connector are infrequent, trigger the Exinda Citrix XenApp Plugin to send the data to the Exinda AD Connector immediately.
  • Page 394 EXAMPLE To create an application object that matches traffic to and from the Exinda.com website, in the L7 Signature field, select http ---> , host , and type exinda.com . 5. In the Ports/Protocols controls, specify either TCP ports/port ranges, UDP ports/port ranges, or a layer 3 protocol. Mul- tiple ports and port ranges can be specified at the same time by comma separating values.
  • Page 395 The keywords for HTTP are: host, file, user_agent, content_type, method, content_ len and encoding Examples: (url =% "index" or file =% "login") and host =% "example.org" and content_type.case = "MyContentType" (host =% "facebook.com" and file !% "cgi-bin/abcd") or host =% "facebook2.com" Exinda Network Orchestrator 4 Settings...
  • Page 396 Allows you to define an Application Object based on the 'codec' used in a RTP stream. windowsmedia host Allows you to define an Application Object based on the 'host' field in the HTTP header (where windowsmedia is running over http). Exinda Network Orchestrator 4 Settings...
  • Page 397 Top Internal and External Users on the Network The Network - Users (Internal) and Users (External) reports displays the top users sending traffic through the network. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 398 This means that traffic may go through your Exinda appliance at headquarters twice: from the source through the Exinda appliance, turning around at a router, back through the Exinda appliance, and on to the destination. This is problematic for accelerated traffic because you do not want to re-accelerate the traffic. The dual bridge bypass feature allows each bridge to treat traffic differently, so that the traffic is accelerated on one bridge on the way in and bypasses the acceleration handling from the second bridge on the way out.
  • Page 399 If you have two circuits configured on the Exinda such that traffic between the headquarters appliance and the branch appliance goes through one circuit and the traffic between the headquarters appliance and the internet goes through a second circuit, then the traffic for a single flow will be counted in the appropriate virtual circuit for each circuit.

  • Page 400: Ipmi Configuration

    ToS/DSCP or Application traffic to be affected. 9. Click Create New Policy . NOTE Once the desired policies are in place on all Exinda appliances, restart the Optimizer. On the appliance status bar, click Restart . 4.1.9 IPMI Configuration The Intelligent Platform Management Interface (IPMI) is a specification for remote server management.
  • Page 401 The appliance can be managed on the specified IPv4 address either from another Exinda appliance or by a connection to the specified IPv4 address (e.g. http://10.0.100.238, assuming a web interface is supported). When a web interface is not supported, a command line tool such as ipmitool may be used.
  • Page 402 2. Enter the New Password and then type it again in the Confirm Password field. 3. Click Change Details . Which Exinda models support IPMI? The table below shows the Exinda models that support IPMI and their capabilities. Model User Interface...

  • Page 403: Overview Of Qos By Host

    Manage Power Settings on an IPMI Enabled Appliance Manage Power Settings on an IPMI Enabled Appliance To use an Exinda appliance to manage the power settings of another appliance that has IPMI enabled, navigate to Configuration > System > Tools > IPMI .
  • Page 404 The Exinda Appliance enables greater system throughput, up to 10GB, by using multiple queues to handle the traffic. The multiple queues are based on the licensed bandwidth, but the multiple queues are used when the licensed bandwidth exceeds 1.8GB per second.
  • Page 405 The following examples describe various Dynamic Virtual Circuit configurations. Name: Example 1 Internal Users is a Network Object that defines all hosts on the LAN side of the Exinda appliance: Bandwidth:1024 If there is 1 user, the user gets the full 1024 kb/s.
  • Page 406 Max Hosts: 16 Name: Example 4 Internal Users is a Network Object that defines all hosts on the LAN side of the Exinda appliance. "Citrix" is an Bandwidth: Application that defines Citrix traffic. This VC will match all Internal User's Citrix traffic: 1024kbps If there is 1 user, the user gets 64kbps for their Citrix traffic and cannot burst.
  • Page 407 "Average Rate" is the average policy throughput for the time specified in the time range. The "Current Rate" is the policy throughput averaged over the last 20 seconds. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 408 With Max Hosts set to "Auto", a maximum of 5000 hosts can fall into this Dynamic Virtual Circuit. This is calculated by assuming each host is entitled to a minimum bandwidth of 10 kbps as "Automatically Share" is selected. Exinda Network Orchestrator 4 Settings...
  • Page 409 P2P applications on the WAN. The per host bandwidth is 100 kbps, but the P2P policy caps bandwidth at 32 kbps which will be fairly shared between each user. So we would expect to see P2P traffic per user at approx 320 bps. Limit Application Bandwidth EXAMPLE Limit P2P to 20 kbps. Exinda Network Orchestrator 4 Settings...
  • Page 410 In the P2P Dynamic Virtual Circuit, each host is limited to 20 kbps of P2P traffic. With Max Hosts set to Auto , a maximum of 500 hosts can fall into this Dynamic Virtual Circuit. Additional hosts will share bandwidth allocated in the P2P Overflow Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 411 Screenshot 168: P2P Overflow Virtual Circuit Exinda Network Orchestrator 4 Settings...
  • Page 412 Screenshot 169: Dynamic Virtual Circuit To Share Remaining Bandwidth Create a Dynamic Virtual Circuit using the remaining bandwidth. Each user is limited to a maximum bandwidth of 100 kbps for all other applications. Exinda Network Orchestrator 4 Settings...
  • Page 413 Guarantee Application Bandwidth EXAMPLE Guarantee 30 kbps per host, for the Citrix application. Citrix typically requires 20 to 30 kbps of bandwidth to work effectively. Exinda Network Orchestrator 4 Settings...
  • Page 414 In this example, each user is guaranteed 30 kbps for Citrix. Furthermore, each user can burst up to 100% of the Dynamic Virtual Circuit bandwidth. With Max Hosts set to Auto , a maximum of 333 hosts can fall into this Dynamic Virtual Circuit. Additional hosts will share bandwidth allocated in the second Dynamic Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 415 The WAN Dynamic Virtual Circuit has Per Host Bandwidth set to Automatically Share . Each user will be allocated a percentage of the Dynamic Virtual Circuit bandwidth. This is calculated by dividing the Dynamic Virtual Circuit bandwidth by the number of active hosts. Exinda Network Orchestrator 4 Settings...
  • Page 416 EXAMPLE Restrict users in the Active Directory 'Students' group to 100 kbps. 1. Using the Web UI - Advanced Mode, go to Configuration > Objects > Users & Groups . Edit the "Students (DEV)" group. Exinda Network Orchestrator 4 Settings...
  • Page 417 2. Each host is limited to a maximum bandwidth of 100 kbps. With Per Host Bandwidth set to Automatically Share , a maximum of 400 hosts can fall into this Dynamic Virtual Circuit. 3. Create a Network Object from the Active Directory group. Exinda Network Orchestrator 4 Settings...
  • Page 418 Screenshot 173: Map AD Group 'Students' To Network Object 'Students' 4. The Network Object "Students" can now be used in a Dynamic Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 419 5. Each host in the "Students" Network Object is limited to 100 kbps. With Max Hosts set to "Auto", a maximum of 2400 hosts can fall into this Dynamic Virtual Circuit. Additional hosts will share bandwidth allocated in the "Students Overflow" Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 420 Screenshot 175: Students Overflow Virtual Circuit Exinda Network Orchestrator 4 Settings...
  • Page 421 Screenshot 176: Dynamic Virtual Circuit For Remaining Bandwidth 6. Another Dynamic Virtual Circuit can be created to share the remaining bandwidth for other hosts. In this example, each host is guaranteed 100 kbps with No Bursting Allowed . Exinda Network Orchestrator 4 Settings...
  • Page 422 2. Using the Web UI - Advanced Mode, go to Configuration > Objects > Adaptive Response . 3. Create a new Adaptive Response rule based on the Students Network Object. Each host is allowed to download 100 MB per day before being placed into the Students_Shaped Network Object. Exinda Network Orchestrator 4 Settings...
  • Page 423 Dynamic Virtual Circuit. 5. Each host is limited to a maximum bandwidth of 100 kbps. With Per Host Bandwidth set to Automatically Share , a maximum of 400 hosts can fall into this Dynamic Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 424 Screenshot 178: Students Dynamic Virtual Circuit 6. Additional hosts will share bandwidth allocated in the Students Overflow Virtual Circuit. Exinda Network Orchestrator 4 Settings...
  • Page 425 Screenshot 179: Students Overflow Virtual Circuit Screenshot 180: Virtual Circuit To Share Remaining Bandwidth Exinda Network Orchestrator 4 Settings...

  • Page 426: System Setup

    4.2.1 Date and Time Configuration It is important to accurately set the date and time of your Exinda appliance so that all time-based functions use the appropriate time. It is highly recommended to set the date and time using an NTP server. This is particularly important if you have multiple Exinda appliances where you need to correlate or aggregate the monitoring data or if you need the exported NetFlow records to be synchronized with NetFlow records from other network appliances.
  • Page 427 1. Add one or more NTP servers by entering the IP address or hostname of the NTP server, the version of NTP supported by the server, and enabling it by checking the enable checkbox in the Add New NTP Server area, Only hostnames and Exinda Network Orchestrator 4 Settings...

  • Page 428: Ui Access Configuration

    If desired, you can also choose to disable the web UI altogether. You can specify whether CLI access is through telnet or SSH. NOTE Once you disable the Web UI, you can only re-enable it via the CLI. Exinda Network Orchestrator 4 Settings...
  • Page 429 3. To enable HTTPS access, check the HTTPS Access checkbox and specify the HTTPS Port number to use. The default port number is 443. 4. Click Apply Changes . To disable the Web UI 1. Uncheck the Web UI Enable checkbox. 2. Click Apply Changes . Exinda Network Orchestrator 4 Settings...

  • Page 430: Sdp Configuration

    In order to use this feature, SQL access needs to be configured on the Exinda appliance, and an ODBC driver needs to be installed and configured on a client. ODBC aware applications running on the client will then be able to query the Exinda appliance's internal monitoring database.
  • Page 431 Apply the changes. The SQL access will be made available immediately. A successfully configured appliance would look something like: Once remote SQL access has been configured on the Exinda appliance, the next step is to create an ODBC data source on the client.
  • Page 432 (User DSN) or all users (System DSN). Then click Add..This will start a wizard that allows you to create a new data source. 3. Select MySQL ODBC Driver and click Finish . You will be prompted to enter details about the SQL access using the form below: Exinda Network Orchestrator 4 Settings...
  • Page 433 Description Server Enter the IP address of the Exinda appliance. User Enter the username you specified when enabling SQL access on the Exinda appliance. Password Enter the password you specified when enabling SQL access on the Exinda appliance. Database Once the above fields are configured, press the 'Test' button. If the connection attempt is successful, the 'Database' drop down will be populated with a list of available databases.
  • Page 434 Click OK . This will add the 'Exinda SQL Database' to the list of available data sources that can be used by 3rd party applications on this client. Exinda Network Orchestrator 4 Settings...
  • Page 435 Select the User DSN tab or the System DSN tab depending on weather you wish the SQL data to be made available to only the current user (User DSN) or all users (System DSN). Then click Add..This will start a wizard that allows you to create a new data source. Exinda Network Orchestrator 4 Settings...
  • Page 436 Select MySQL ODBC Driver and click Finish . You will be prompted to enter details about the SQL access using the form below: Data Source Enter a descriptive name for the DSN. E.g. 'Exinda SQL Database'. Name / Description Exinda Network Orchestrator...
  • Page 437 'Database' drop down will be populated with a list of available databases. Select 'monitor'. Here is what a successful configuration looks like: Click OK . This will add the 'Exinda SQL Database' to the list of available data sources that can be used by 3rd party applications on this client.
  • Page 438 From the Data tab in Excel, select From Other Sources > From Microsoft Query . You will be presented with a dialog box that allows you to select the DSN you created in the previous chapter. Exinda Network Orchestrator 4 Settings...
  • Page 439 Select the Exinda SQL Database DSN. This will allow you to choose from the available tables and select the columns to query. Select a table and click the > button to move that table's fields into the list of columns to query.
  • Page 440 The Exinda appliance will now be queried and the data will be returned to the Excel spreadsheet. SQL Schema There are a total of 10 tables available for access via SQL. Name Description flows_hourly Flow records at an hourly resolution, that is, information for each flow is stored hourly, on the hour.
  • Page 441 Exinda appliance) of the flow. IPv4 addresses are represented as IPv4 mapped format. in_port unsigned The TCP or UDP port number on the internal side (the LAN side of the Exinda appliance) of the flow.1 24-bit integer ex_port unsigned...
  • Page 442 32-bit integer bytes_ unsigned The number of bytes lost due to retransmissions (WAN -> LAN).2 lost_in 64-bit integer bytes_ unsigned The number of bytes lost due to retransmissions (LAN -> WAN).2 lost_out 64-bit integer Exinda Network Orchestrator 4 Settings...
  • Page 443 Application Performance Score. A measure of an applications performance on the network.2 64-bit integer in_port and ex_port are only defined when the IP protocol is TCP (6) or UDP (17) and the Exinda was unable to classify the flow (so the app_id is 0). For more information, refer to Using Application Performance reports (page 263).
  • Page 444 Type Description in_port unsigned 24- The TCP or UDP port number on the internal side (the LAN side of the Exinda appliance)1 bit integer ex_port unsigned 24- The TCP or UDP port number on the external side (the WAN side of the Exinda appliance)1...
  • Page 445 The number of bytes lost due to retransmissions (LAN -> WAN).2 lost_out bit integer in_port and ex_port are only defined when the IP protocol is TCP (6) or UDP (17) and the Exinda was unable to classify the flow (so the app_id is 0). For more information, refer to Using Application Performance reports (page 263).

  • Page 446: Monitoring Configuration

    Maximum URL Size - Sets the maximum length of URLs displayed on the Real Time report tables. Graph Display Options - Specifies whether the graphs display in Flash or non-Flash format. The default is flash. Exinda Network Orchestrator 4 Settings...
  • Page 447 Go to Configuration > System > Setup > Monitoring tab - ASAM form. The Exinda appliance analyzes traffic and attempts to match it against criteria specific to the traffic type. The criteria for matching traffic is defined within Application Specific Analysis Modules (ASAM). Enable and disable the modules that are important for your network.
  • Page 448 The collection of global application statistics also will not be collected since the global application statistics are derived from the virtual circuit stats. Note that application reporting within a subnet is not affected by this Exinda Network Orchestrator 4 Settings...
  • Page 449 All Detailed Monitor Records - Deletes all detailed data, that is, deletes all the drill down data for applications, hosts, URLs, users, conversations. Summary information, that is, the totals for the entire appliance will still be available. Exinda Network Orchestrator 4 Settings...

  • Page 450: Netflow Configuration

    1. Use the form below to configure these Netflow targets. Property Description Specify the IP Address of the Netflow target. The Exinda appliance will export Netflow data to this IP Address. Address Port Specify the Port number of the Netflow target. The Exinda appliance currently supports Netflow export on UDP ports.
  • Page 451 Exinda Network Orchestrator 4 Settings...
  • Page 452 Export VoIP MoS and Export MoS and rFactor values for VoIP calls. rFactor Export Extra Exports extra flow information, such as domain name for HTTP flows, published application name for Information Citrix. Export traffic class Export traffic class. Exinda Network Orchestrator 4 Settings...

  • Page 453: Create A Scheduled Job

    Go to Configuration > System > Setup > Scheduled Jobs . To schedule a job 1. In the Add New Job area, type a unique ID for the job. 2. Type a Name for the job. Exinda Network Orchestrator 4 Settings...

  • Page 454: Alerts

    The job is added to the list, and is now available for selection in the Pre-population Object, if desired. 4.2.8 Alerts Alerts will notify you when there are issues or potential issues with either the Exinda appliance system (such as CPU utilization and memory paging) or with your traffic (such as an application performance score dropped).The alerts can either be sent by email or by SNMP traps.
  • Page 455 Connection Limiting – Alert raised when one or more Virtual Circuits has connection limits enabled, and the threshold was reached. Max Accelerated Connections Exceeded – Alert raised when the number of accelerated connections exceeds the licensed limit. Connections over the licensed limit pass through the appliance and are not accelerated. Exinda Network Orchestrator 4 Settings...
  • Page 456 Bridge Link – Alert raised when one of the links on an enabled bridge is down. Bridge Direction – Alert raised when the appliance cabling is incorrect. In most cases, it indicates the Exinda WAN interface has been incorrectly plugged into the LAN and vice versa.

  • Page 457: Control Configuration

    4.2.10 Disk storage explained The Exinda appliance has the capability to dynamically change the amount of storage allocated to system services. The Storage configuration page allows you to see how much disk storage is currently allocated to each system service, as well as the amount currently in use.
  • Page 458 – The storage is online and available to the service. growing – The storage size was increased, and the file system is being reconfigured to use the newly cre- ated space. Exinda Network Orchestrator 4 Settings...
  • Page 459 Deleting all data stored for a service Use the following instructions to delete all data from the disk storage for a service. These instructions apply to all services Exinda Network Orchestrator 4 Settings...
  • Page 460 Formatting a services storage will remove all associated application data and should not be necessary in most cases. Contact Exinda Support if you are unsure if this is necessary. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .
  • Page 461 There is now 647.82G of storage to be allocated to the edge-cache and monitor services. Increase the monitor space by 73.03G to a total of 200G. (config) # storage service monitor size 200G(config) # show storage service monitorService: monitor Status: growing Encrypted: no Free: 132.07G Size: 200G Exinda Network Orchestrator 4 Settings...

  • Page 462: Certificates

    HDD manufacturers label storage capacity using a base 10 convention, where 1GB = 1,000,000,000 bytes. On the Exinda appliance storage sizes are represented in GiB, where 1 GiB = 1,073,741,824 bytes. So the actual storage of a hard disk, when represented in GiB, is less than what is labeled.
  • Page 463 NOTE Certificates and keys are stored securely on the Exinda appliance. It is not possible to export or view the private key once it has been imported. If you lose the configuration or need to migrate the configuration to another appliance, you must manually load the private key again.
  • Page 464 4. If the key is password protected, in the Key Passphrase field type the password. 5. In the Certificate File field, click Choose File and navigate to the file to be uploaded to the Exinda Appliance. 6. If the PEM format is selected, the private key must be uploaded. In the Private Key File field, click Choose File and nav- igate to the private key file.

  • Page 465: View All Certificates And Private Keys

    2. To return to the list of certificates, click the Back button below the table. To export a certificate If an SSL certificate is only available on one appliance, export the certificate so it can be imported onto the other Exinda appliances on the network.

  • Page 466: Optimization Services

    To export a certificate If an SSL certificate is only available on one appliance, export the certificate so it can be imported onto the other Exinda appliances on the network. 1. In the All Certificates and Keys table, locate the certificate in the list, and click Export .
  • Page 467 Optionally an IP address corresponding to one of the appliances can be sent. In addition to this, each appliance must keep a list of the host IP/appliance ID pairs, which indicates which Exinda appliance terminates the acceleration for conversations with a given host IP.
  • Page 468 Exinda Community A group of Exinda appliances in a network is referred to as a community. Exinda appliances that are part of the same community can accelerate to and from each other. The community is generally those Exinda appliances that were automatically discovered.

  • Page 469: Configuring The Optimization Services

    Go to Configuration > System > Optimization > Services . At the bottom of the page you can start, restart, and stop the Exinda Community service (for pre v6.4.0 appliances) and the SMB Acceleration service (for pre v6.3.0 appliances).

  • Page 470: Universal Acceleration Service

    Configure Exinda Appliance Community A group of Exinda appliances in a network is referred to as a community. Exinda appliances that are part of the same community can accelerate to and from each other. Generally, Exinda appliances automatically discover each other when attempting application acceleration, however, if an appliance is not automatically discovered, you can manually add the Exinda appliance to the community.
  • Page 471 Manually adding an Exinda appliance to the community 1. Go to Configuration > System > Optimization > Community . 2. In the Manually Add New Community Node area, type a Name and the IP Address for the Exinda appliance. 3. Click Apply Changes .
  • Page 472 3. To remove all appliances from the community, click Remove all community peers from system . WAN Memory WAN Memory is the data deduplication module of Exinda's Application Acceleration Technology. It is a bi-directional and universal byte-level cache that stores repetitive patterns on the Exinda appliances's hard disk drive and uses these patterns to compress accelerated traffic between two or more Exinda appliances.

  • Page 473: Protocol-Specific Acceleration

    1. Select LZ Compression to compress accelerated traffic with a standard LZ-based compression algorithm. This is in addition to data deduplication operations. 2. Select Persistent Cache to ensure that WAN memory patterns will be stored on the Exinda appliance's hard disk and will survive a system reboot.
  • Page 474 Only traffic to servers that are explicitly configured is SSL accelerated. Any SSL traffic that the Exinda appliance sees that does not belong to a configured server is ignored.
  • Page 475 This option, by default, is disabled. When you know that a particular Exinda is always at the end of an acceleration chain, you can indicate that it is the end and therefore should not pass through option 30 packets.
  • Page 476 Exinda appliances do this by injecting TCP option 30 into any TCP-SYN pack- ets that the Exinda appliance is attempting to accelerate. If unknown TCP options are removed or blocked by other equipment in your network (e.g., VPN terminators, firewalls, IPS/IDS systems, etc.) then auto-discover may not work or traffic may be blocked.
  • Page 477 Congestion Control – Indicates which congestion control algorithm should be used. The most common congestion control algorithms are listed together with their intended usage. Set this according to the type of WAN the Exinda appli- ances are deployed into. This setting only affects outbound traffic to the WAN, so the same setting should be applied to all Exinda appliances on the WAN.
  • Page 478 30, it will return a SYN/ACK without an option 30. Enabling this setting allows the server- side Exinda to know that it is the last appliance in the chain and so it will not send out a SYN with option 30 and it terminates the acceleration connection.
  • Page 479 IMPORTANT Before a server with an SNI extension can be added to the Exinda Appliance, the server must be added to the appliance without the SNI extension. A server without an SNI extension can be used as a fallback in event that the client is unable to process the SSL certificate with SNI.
  • Page 480 Any — SSL Acceleration accepts and processes the connection if the server's certificate matches any cer- tificate (CA or non-CA) that is loaded on to the Exinda appliance. 8. If Certificate is selected as the Validation type, select the certificate to validate against.
  • Page 481 You can create your own self-signed CA certificate for signing other certificates. In this case, the certificates that your self- signed CA certificate signs will have no chain of trust. Similar to self-signed certificates, using your own self-signed CA Exinda Network Orchestrator 4 Settings...
  • Page 482 How Exinda accelerates the SSL protocol For SSL acceleration, a server-side Exinda appliance and a client-side appliance is put in line for this SSL traffic. The traffic between these appliances are accelerated. The benefits that can be gained by generic application acceleration on encrypted data are limited.
  • Page 483 NOTE If you are concerned about any decrypted data on the Exinda appliance, then you can choose to use storage disk encryption. To configure SSL acceleration Configure SSL certificates and private keys (or configure SSL CA certificates and private keys) to use for SSL accel- eration.
  • Page 484 1. Go to Configuration > System > Setup > Storage . 2. To encrypt WAN memory storage, click the Encrypt button for wan-memory. Ciphers supported in SSL acceleration SSL Acceleration supports the following ciphers (encryption/decryption algorithms). Exinda Network Orchestrator 4 Settings...
  • Page 485 Managing Certificates and CA Certificates Configure SSL Acceleration Servers Install IIS 8.0 on Windows Server 2012 IIS 8.0 must be installed on the Windows server before certificates with Server Name Indicators (SNI) can be configured. Exinda Network Orchestrator 4 Settings...
  • Page 486 In the command, /V is the number of days the certificate is valid, /S is the ID of the site. Use the values that correspond to your site in the command. selfssl.exe /N:CN=TEST.SITE.3 /K:1024 /V:<days-valid> /S:<site-ID> /P:443 The certificate is created. Exinda Network Orchestrator 4 Settings...
  • Page 487 9. Repeat this task for each site configured on the server. Export SSL certificates from Windows Server 2012 Export the certificates from the Windows server so they can be imported onto the Exinda Appliance. 1. In the Server Manager , and click IIS .
  • Page 488 The block will look similar to this: <VirtualHost *:443> ServerName "secure2.example.com" ServerAdmin webmaster@example.com DocumentRoot /home/demo/public_html/secure1.example.com/public ErrorLog /home/demo/public_html/secure2.example.com/log/error.log LogLevel warn CustomLog /home/demo/public_html/secure2.example.com/log/access.log combined <Directory /home/demo/public_html/secure2.example.com/public> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> Exinda Network Orchestrator 4 Settings...
  • Page 489 SMB server are often opened from a SMB client. The Exinda SMB Acceleration addresses slow downloads by pre- fetching the file data and populating it on the client side Exinda. Consequently, all SMB client requests for the file data are served from the client side Exinda at LAN speeds.
  • Page 490 Manage optimization services Configuring SMB File Acceleration Use the following instructions to configure the Exinda Appliance to use the SMB optimization features. The SMB file acceleration configuration has several options for managing transfers under a variety of situations. 1. Go to Configuration > System > Optimization .
  • Page 491 The primary goal of Exinda SMB acceleration is to reduce the overall accumulated latency introduced by the "chattiness" of the SMB protocols. Each Exinda appliance can act on behalf of an SMB client and server to make the interaction Exinda Network Orchestrator...
  • Page 492 Reading ahead of the data stream is an optimization by which the appliance pre-fetches the contents of a file ahead of the client that is attempting to read it. When the Exinda Appliance detects a client attempting to perform a sequential bulk read of a file, the appliance fabricates read requests to the server on behalf of the client.
  • Page 493 This means that for large data centric operations like reading and writing a file, the appliance is actually operating on large blocks of data as opposed to individual packets of fragmented data. In doing so, Exinda passes off these large blocks of data to our WAN memory framework.
  • Page 494 Turn off MAPI encryption in Microsoft Outlook Exinda recommends that encryption of contents and attachment for output messages should be disabled to maximize reduction, as each user will encrypt files with a different key. MAPI Encryption is a client side configuration parameter in Outlook.
  • Page 495 Ensure the Encrypt data between Microsoft Outlook and Microsoft Exchange checkbox is not selected. f. To close the dialog and save the settings, click OK . g. To close the Server Settings dialog, click Next and Finish . Exinda Network Orchestrator 4 Settings...
  • Page 496 Disable encryption on the Exchange server For 2007, 2010, and 2013 Exchange servers, Exinda recommends that encryption of the MAPI protocol should be disabled to maximize reduction, as each user will encrypt files with a different key. You must disable encryption on all Microsoft Outlook clients as well as the Exchange server to maximize the benefit.
  • Page 497 View MAPI Acceleration Results Conversations in Real Time Compare compression of MAPI traffic The following two tests compare the performance of Exinda's compression and WAN Memory technologies to Microsoft Outlook and Exchange compression. Exchange Results 1 recipient: 3.3MB was compressed to 3MB – 10% reduction 2nd and subsequent recipients: 3.3MB was compressed to 3MB –...
  • Page 498 View MAPI Acceleration Results View the reduction in MAPI traffic on the network. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password . 3. Click Login . The Exinda Web UI appears.

  • Page 499: Data Caching

    YouTube, Google Video, Vimeo. NOTE The Acceleration feature (including universal & protocol-specific acceleration) is licensed separately. Edge Cache is also licensed separately. Please contact your local Exinda representative if you wish to enable either of these features. Related topics How Edge Cache Works...
  • Page 500 Caching Internet-based Content To cache web traffic, a client-side Exinda appliance is put in line with the traffic. When a network user visits a URL with cacheable content, Edge Cache first determines if the content is available in its cache. If not, Edge Cache retrieves the content from the URL.
  • Page 501 The next time a client requests the same content, the same negotiation happens where the client requests a secure communication channel with the server, the Exinda appliance intercepts and forms a secure communication channel with the server, forges the certificate and establishes a secure communication channel with the client (on behalf of the server).
  • Page 502 0. For more information, refer to Licensing information (page 34). Please contact your local Exinda representative if you wish to enable this feature. Overview - Configuration & Usage To use Edge Cache,you'll need to ensure all the required configuration is set.
  • Page 503 Whitelisting is only available for HTTPS caching. You can specify your whitelist and blacklist as source IP, destination IP, source domain, or destination domain. Domains are resolved using the DNS. Exinda Network Orchestrator 4 Settings...
  • Page 504 For versions prior to 7.0.2, you will need to restart Edge Cache for the changes to take effect. Go to Configuration > System > Optimization > Services , and click the Edge Cache Restart button. Exinda Network Orchestrator 4 Settings...
  • Page 505 VERSION INFO For versions prior to 7.0.2, you need to restart Edge Cache for the changes to take effect. Go to Configuration > System > Optimization > Services , and click the Edge Cache Restart button. Exinda Network Orchestrator 4 Settings...
  • Page 506 5. In the Add IP or Domain area, specify the type of traffic you want to blacklist and the Value (IP or domain name) for that type of traffic. You can specify Source IP , Destination IP , Source Domain , or Destination IP . Exinda Network Orchestrator 4 Settings...
  • Page 507 Only https traffic specified in the policy and in this whitelist will be cached. Screenshot 194: Enabling HTTPS caching with whitelisted sites 1. In the HTTPS Caching area, select the Enable caching of HTTPS content checkbox. Exinda Network Orchestrator 4 Settings...
  • Page 508 To manage with which appliance peers to share Edge Cache content When Edge Cache appliance peers are specified, if the requested content is not available in the appliance's cache, Edge Cache can request the content from it's appliance peers. Exinda Network Orchestrator 4 Settings...
  • Page 509 For all practical purposes, this certificate becomes a root certificate and you become a Root To create a CA certificate and private key using OpenSSL Use the following OpenSSL commands: openssl genrsa -out myCompanyCA.key 2048 Exinda Network Orchestrator 4 Settings...
  • Page 510 Edge Cache over SSL. You will need to export the certificate from the appliance and import it to the desired computers. To export the certificate from the appliance: Exinda Network Orchestrator 4 Settings...
  • Page 511 Chrome and Explorer on Windows machines Both Chrome and Internet Explorer on Windows Machines use the Windows certificate store to trust the Exinda Edge Cache SSL certificate. Two methods are available to distribute the certificates: using a domain controller or using a manual method.
  • Page 512 3. Click View Certificates . 4. Click Import . 5. Navigate to the certificate you generated and exported from the Exinda appliance and import it. MAC OS If installing the certificate on a MAC, you must use the Keychain Access program. To start the Keychain Access program,double-click certificate file.
  • Page 513 4. Create the filter rules for the policy, ensuring that HTTP (or HTTPS) or an application based on protocol, port, network object, or dscp is selected from the application list. 5. Click Add New Policy . To apply Edge Cache to a subset of the network Exinda Network Orchestrator 4 Settings...
  • Page 514 Create a pre-population job in the Exinda Web UI Add and configure pre-population jobs in the Exinda Web UI. SMB traffic can be stored in SMB object cache and WAN memory cache, and HTTP can be stored in either WAN memory cache or Edge cache depending on the configuration of your policies.
  • Page 515 13. To begin pre-populating the selected cache, in the list of configured pre-population jobs click Start . The content from the specified location begins to populate the cache. 14. To view the communication between the server and the Exinda appliance, click Monitor > Real Time > Con- versations .
  • Page 516 Schedule a Pre-population Job in the CLI Scheduling a pre-population job can be done from the Exinda Web UI or through the CLI. The following example schedules a pre-population request daily at 12:30AM for the “Documentation” job configured in an earlier section of this guide.

  • Page 517: Authentication

    7. To enter configuration mode, type enable then configure terminal . The prompt exinda-appli- ance (config) # is displayed. 8. To schedule the pre-population job type the following commands: exinda-appliance (config) # job <job_number> command <command_number> "acceleration prepopulate <prepopulation_name> start"...

  • Page 518: Aaa

    1. To configure AAA, navigate to Configuration > System > Authentication > AAA on the Web UI, advanced mode. 2. Specify the order in which users are authenticated. When a user logs in, the Exinda appliance will try to authenticate them using the authentication methods specified here, in the order they are configured.

  • Page 519: Ldap Authentication

    5. Click Apply Changes . 4.5.4 LDAP Authentication LDAP authentication allows you to configure the Exinda appliance to authenticate user login attempts with a remote LDAP (including Active Directory) server. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ).

  • Page 520: Radius Authentication

    9. Click Add New LDAP Server . 10. To remove an LDAP servers from the Exinda appliance, select the checkbox for the server and click Remove Server . To save the changes to the configuration file, in the status bar click the Unsaved changes menu and select Save configuration changes.

  • Page 521: System Maintenance

    10. Click Add New TACACS+ Server . 11. To remove TACACS+ servers from the Exinda appliance, select the checkbox for the server and click Remove Server . To save the changes to the configuration file, in the status bar click the Unsaved changes menu and select Save configuration changes.
  • Page 522 Firmware upgrade Generally users configure Exinda once and the configuration file doesn't have to be changed over and over again. Hence simply use the steps below to save the configuration file locally. If for any reason a backup is required periodically, you can also schedule a job for the same.
  • Page 523 Use the form below to execute a batch of CLI commands on the Web UI. The CLI commands will be executed in order and any configuration changes will be applied to the running configuration. Exinda Network Orchestrator 4 Settings...

  • Page 524: Factory Defaults

    4.6.2 Factory Defaults The Factory Defaults screen allows you to restore the configuration of the Exinda appliance to factory default settings. This includes removing any system logs, WAN Memory cache, and monitoring statistics. NOTE To restore Factory Defaults, navigate to Configuration > System > Maintenance > Factory Defaults on the Web UI, advanced mode.
  • Page 525 Shutdown the Exinda Appliance If the Exinda appliance needs to be powered off, shut it down from within the Exinda Web UI. IMPORTANT Any unsaved configuration changes will be lost if the Exinda appliance is rebooted or shutdown without saving the changes first.

  • Page 526: System Tools

    4.7.6 iPerf Server 4.7.1 Ping Use the Ping Tool to test network connectivity from the Exinda appliance to other hosts on the WAN or Internet. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .

  • Page 527: Dns Lookup

    7. Click Lookup . It may take a few seconds for the operation to complete and display the results. 4.7.4 Query a remote IPMI Exinda appliance Use the IPMI Tool to query the power status, power cycle/power off, or reset a remote Exinda appliance via IPMI. The remote appliance must have...

  • Page 528: Iperf Client

    Example: Power cycle the Exinda appliance with IPMI address 192.168.110.61 - ipmi power address 192.168.110.61 username admin password exinda control cycle Example: Show the current power state of the Exinda appliance with IPMI address 192.168.110.61 - show ipmi power address 192.168.110.61 username admin password exinda 4.7.5 iPerf Client iPerf is a tool used for network throughput measurements.

  • Page 529: Iperf Server

    In Exinda, there is a Web User Interface option to configure an Exinda appliance as an iPerf client: To configure an Exinda Appliance as the iPerf client: 1. Click Configuration > System > Tools > Iperf Client .
  • Page 530 -h, --help print this message and quit -v, --version print version information and quit For instance, if the Iperf server is to listen to UDP packets on port 319, then you must use the following options: -u –p 319 Exinda Network Orchestrator 4 Settings...
  • Page 531 Server listening on TCP port 5001 TCP window size: 85.3 KByte (default) ------------------------------------------------------------ [ 4] local 10.10.1.200 port 5001 connected with 10.2.6.228 port 58665 [ ID] Interval Transfer Bandwidth [ 4] 0.0-10.1 sec 112 MBytes 93.2 Mbits/sec Exinda Network Orchestrator 4 Settings...

  • Page 532: Troubleshooting

    5.6 Troubleshoot issues with Active Directory configuration 5.7 Troubleshooting Edge Cache 5.8 Topology troubleshooting 5.1 Diagnostics Learn the various diagnostics tools available on your Exinda Appliance, You can use these tools to help troubleshoot issues you might encounter. 5.1.1 Diagnostics Files 5.1.2 Acceleration Diagnostics 5.1.3 Monitor...

  • Page 533: Acceleration Diagnostics

    Exinda TAC for further troubleshooting. NOTE Valid SMTP and DNS settings are required for diagnostics to be sent to Exinda TAC. 5.1.2 Acceleration Diagnostics Acceleration diagnostics aid in troubleshooting TCP Acceleration, SMB Acceleration and WAN Memory issues by displaying the current configuration for those areas.
  • Page 534 All subsequent attempts to validate credentials of a signed connection against the IP address of the server are marked as Exinda Network Orchestrator 5 Troubleshooting...
  • Page 535 2. From the Module drop-down, select TCP Acceleration . The configuration settings and statistics for TCP acceleration appear. EXAMPLE Viewing WAN Configuration and Statistics Use the following instructions to view the WAN configuration and operational statistics. Exinda Network Orchestrator 5 Troubleshooting...

  • Page 536: Monitor

    2. From the Module drop-down, select WAN Memory . The configuration settings for WAN memory acceleration appear. EXAMPLE 5.1.3 Monitor The monitor diagnostics display the current monitor settings and the status of monitor and collector processes. Exinda Network Orchestrator 5 Troubleshooting...

  • Page 537: Nic Diagnostics

    The first lines show a summary of installed network adapters. Detailed information is available from the CLI "show diag" command. NOTE To configure NIC settings, navigate to Configuration > System > Network > NICs on the Web UI, advanced mode. Exinda Network Orchestrator 5 Troubleshooting...

  • Page 538: Optimizer Diagnostics

    5.1.5 Optimizer Diagnostics The optimizer diagnostics display the current optimizer status and the optimizer configuration. Exinda Network Orchestrator 5 Troubleshooting...

  • Page 539: Raid Diagnostics

    5.1.6 RAID Diagnostics The RAID diagnostics page is available on models that support Redundant Storage. A summary of the logical volume status is shown as well as details for RAID adapters, logical volumes and physical drives. Exinda Network Orchestrator 5 Troubleshooting...

  • Page 540: Tcp Dump

    5.1.7 TCP Dump A TCP Dump captures packets being transmitted or received from the specified interfaces and can assist in troubleshooting. A TCP Dump may be requested by Exinda TAC. Run a TCP Dump from the Exinda appliance Click Configuration > Diagnostics > TCP Dump .
  • Page 541 To collect traffic to / from a subnet net <IP subnet> Example: net 1.2.3.0/24 To collect traffic between two subnets src net <IP subnet> and dst net <IP subnet> Example: src net 1.2.3.0/24 and dst net 1.2.4.0/24 Exinda Network Orchestrator 5 Troubleshooting...

  • Page 542: View The Status Of An Alert

    Alert raised when one of the links of an enabled bridge is down. Bridge Direction Alert raised when the appliance cabling is incorrect. In most cases, it indicates the Exinda WAN interface has been incorrectly plugged into the LAN and vice versa.

  • Page 543: View The Status Of The Community

    Route Detection goes out through another interface or node. MAPI Encrypted Alert raised when encrypted MAPI traffic to a Microsoft Exchange server is detected on an Exinda Appliance. Connections Encrypted MAPI traffic cannot be accelerated. 5.1.9 View the status of the community Display the state of the community and details of the individual hosts that have joined.

  • Page 544: Open A Case With Exinda Networks Support Services

    After the case is submitted, a confirmation message containing a case number is sent to the email address identified in the case. 5.2 Log Files Learn about the various log files stored on an Exinda Appliance, and how you can use these logs in your efforts to troubleshoot issues that you might encounter. 5.2.1 Viewing System Log Files 5.2.2 Live Log...

  • Page 545: Viewing System Log Files

    1. Go to Configuration > System > Logging > View . 2. Select the log file to view. By default, the Current Log is displayed. The Exinda appliance periodically archives log files. These archived log files can also be viewed by selecting them from the Logfile list.

  • Page 546: System Logging Configuration

    To save the changes to the configuration file, in the status bar click the Unsaved changes menu and select Save configuration changes. Add a remote syslog server Add remote syslog servers to the Exinda appliance, allowing you to forward system log entries at a defined severity level to one or more remote syslog servers. Exinda Network Orchestrator...

  • Page 547: Troubleshoot Problems With Mapi Acceleration

    Remove a remote syslog server To stop forwarding system log entires to a remote syslog server, remove the server from the Exinda appliance. 1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password .

  • Page 548: Outlook Cannot Connect To The Exchange Server

    Troubleshoot other areas of your network to find the problem. 2. If Microsoft Outlook can connect to the Exchange server while the Exinda Appliance is in bypass mode, collect a sys- dump and packet captures while attempting to connect Microsoft Outlook to the Exchange server, and contact Exinda Support.

  • Page 549: Reduction Ratio For Mapi Is Different Between Client-Side And Server-Side Exindas

    If you have a mix of 7.4, 7.0, 6.4.3, and pre-6.4.3 appliances, perhaps the Acceleration TCP Option Mode is not set cor- rectly. Exinda had used option 30 to indicate acceleration but needed to change this when option 30 was assigned to indicate multi-path TCP.

  • Page 550: Troubleshoot Issues With Active Directory Configuration

    Solution 1. On each instance of the Exinda AD Connector, check whether the Send Active Directory user and group inform- ation to Exinda appliance(s) at startup option is selected.

  • Page 551: Wmi Service Is Not Running

    5.6.2 WMI Service is not running Problem When I try to access the Exinda AD Connector, a message opens that states “The installer has detected that WMI Service is not running. Consult Windows Help files to find information on how to start WMI Service.”.

  • Page 552: Excluded Users Still Appear On The Exinda Appliance

    To fix this: 1. The Exinda AD Connector requires .NET version 4.0 for it to run successfully on a server other than the Active Directory server. Ensure .NET 4.0 or later is installed on the server running the Exinda AD Connector.

  • Page 553: The Ip Addresses Are Not Being Mapped To The Ad Users And Groups

    5.6.8 The IP addresses are not being mapped to the AD users and groups Problem When integrating the AD client with the Exinda appliance, the IP addresses are not being mapped to the users and groups on the Exinda appliance.

  • Page 554: Troubleshooting Edge Cache

    5. In the policy list on the right, click on Audit logon events and ensure that Success is checked. 6. On the Exinda appliance, go to Configuration > System > Network > Active Directory . 7. Click the Renumerate button.
  • Page 555 If Edge Cache is not rendering layouts as expected, the problem is likely due to the certificate format. Using the Certificate generator of the Exinda appliance lets you export PEM and DER Certificate formats, but some formats require a PKCS12 certificate and these cannot be exported from the Exinda appliance. To correct the problem, use openssl to generate Certificates and import them into the appliance: 1.

  • Page 556: Topology Troubleshooting

    2x straight Ethernet cables, while others may require 2x cross-over Ethernet cables. My network traffic is blocked after deploying the Ensure the speed/duplex settings are correct on both the Exinda appliance and Exinda appliance in line, after I have booted it any neighboring equipment.

  • Page 557: Exinda Command Line Interface (Cli)

    3. Telnet 4. Serial Console Interface Use this tool to connect to the Exinda appliance's Command Line Interface (CLI) from the Web UI. This tool connects to the appliance via the web interface and does not require SSH access. Exinda Network Orchestrator...

  • Page 558: Cli Configuration Jumpstart

    1. On your browser, open the Exinda Web UI ( https://UI_IP_address ). 2. Key-in the User Name and Password . 3. Click Login . The Exinda Web UI appears. 4. Click Configuration > System > Tools > Console . 5. Type the appliance username and password at the prompts. Do one of the following: To enter privileged EXEC (enable) mode, at the prompt run the command: hostname >...

  • Page 559: Configure Command Line Options

    Allow insecure (unverified certificate) SSL (Y/N)? 13. Do you want to check for a new license online (Y/N)? - Enter 'Y' to have the Exinda appliance check for a newer license on the Exinda website (if the Exinda appliance has Internet connectivity). If a newer license is found, you will be asked if you wish to install it.
  • Page 560 3. To enable or disable paging use the following command: hostname (config)# [no] cli default paging enable 4. Use the show cli command to see current CLI settings. 5. To save the running configuration, type configuration write . Exinda Network Orchestrator 6 Exinda Command Line Interface (CLI)

  • Page 561: Copyright

    PTY LTD, all rights reserved. The software remains the sole and exclusive property of Exinda at all times. Limited warranty : Exinda warrants that for a period of thirty (30) days from the date of shipment from Exinda: (i) the software will be free of defects in workmanship under normal use, and (ii) the software substantially conforms to its published specifications.

  • Page 562: Gnu General Public License (Gpl)

    No other warranties : None of the Exinda parties warrant that the software is error free. Except for the "limited warranty" in section 4 ("limited warranty"), the Exinda parties disclaim all other warranties with respect to the software, either express or implied.

  • Page 563: Terms And Conditions

    A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. Exinda Network Orchestrator 7 Copyright...
  • Page 564 License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. Exinda Network Orchestrator 7 Copyright...
  • Page 565 A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In Exinda Network Orchestrator 7 Copyright...
  • Page 566 Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. Exinda Network Orchestrator 7 Copyright...
  • Page 567 (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. Exinda Network Orchestrator 7 Copyright...
  • Page 568 For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. Exinda Network Orchestrator 7 Copyright...

  • Page 569: Bsd

    Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. 7.3 BSD 2.0 The BSD 2.0 License Copyright (c) 2009 Kontron America, Inc. All rights reserved. Exinda Network Orchestrator 7 Copyright...
  • Page 570 (including negligence or otherwise) arising in any way out of the use of this Software, even if advised of the possibility of such damage. Exinda Network Orchestrator 7 Copyright...

  • Page 571: Safety And Compliance

    Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense. Exinda Network Orchestrator 8 Safety and Compliance...

  • Page 572: Safety Guidelines

    Wear an ESD-preventive wrist strap, ensuring that it makes good skin contact. If no wrist strap is available, ground yourself by touching the metal part of the chassis. Periodically check the resistance value of the antistatic strap, which should be between 1 and 10 megohms (Mohms). Exinda Network Orchestrator 8 Safety and Compliance...

  • Page 573: Predefined Applications And Application Groups

    9 Predefined Applications and Application Groups This section provides information about the predefined applications and application groups that your Exinda Appliance (s) is pre-configured to manage. 9.1 Predefined Applications and Supported L7 Signatures 9.2 Predefined Application Groups 9.1 Predefined Applications and Supported L7 Signatures The protocol of network traffic is identified based on a combination of deep packet inspection (DPI) and behavioral analysis, regardless of whether they are plain text, or use advanced encryption and obfuscation techniques.
  • Page 574 Ares Filepipe KCEasy Ariel Armagetron Audiko Audiogalaxy Audiogalaxy iOS Audiogalaxy Android AURP AVG Antivirus Avira Antivirus Avira Backweb Baidu Battlefield BattleNet Bebo Biff bini Bitdefender BitTorrent BitTorrent-plain BitTorrent-encrypted Acquisition Anatomic P2P Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 575 Bits on Wheels BitSpirit BitSticks BitTornado BitTorrent/Mainline BitTyrant Blizzard Downloader BtManager burst! CTorrent Deluge FlashGet Freeloader FrostWire G3 Torrent Gnome BitTorrent Halite KTorrent LimeWire MLDonkey MonoTorrent MooPolice Opera Pando qBittorrent QTorrent Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 576 μTorrent Mac WizBit Xtorrent ZipTorrent BitTorrent-UTP BitTorrent-UTP-encrypted Blackberry Blackberry-encrypted Blackberry-email Blackberry-messenger ORB-client BlackBerry Internet Service BlackBerry Management Center BlackBerry Messenger Unknown Blackberry Mail Blackberry Messenger Bluejeans BOLT Bolt Android Booking Com BootPC Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 577 Channel 4oD Chargen CIFS CiscoDiscovery Citrix Citrix-application Citrix-priority Citrix-user CloudME Club Penguin clussvc CNTV ComodoUnite Comodo EasyVPN Constant Contact CORBA Crashplan Pro Crime City Crossfire CtiTV CUDev CVSpserver CyberGhost Dailymotion dameware Daytime Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 578 Destiny DHCP DHCPv6 Diameter DICOM DICOM TLS DiDi IM DiDi Voice DirectConnect DirectConnect-hub DirectConnect-peer DirectConnect-adc-peer ApexDc++ BCDC++ CZDC DC++ DCTC Dolda Connect Elise fulDC GtkDC LDCC LinuxDC++ Microdc Microdc2 Revconnect SababaDC Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 579 139pan.com 163pan.com 1-clickshare.com 1clickshare.net 1fichier.com 1-upload.com 1-upload.to 2shared.com 4fastfile.com 4share.ws 4shared.com 4shared.vn 4us.to adrive.com alldrives.ge allshares.ge annonhost.net badongo.net banashare.com bestsharing.com bigfilez.com biggerupload.com bitshare.com boosterking.com cash-file.net chinamole.com cobrashare.sk coolshare.cz cramit.in crocko.com cum.com Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 580 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 581 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 582 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 583 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 584 Discard Dofus Doom3 Doook Dota 2 Dota Legend DriveLock Dropbox Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 585 BrowserApplet eBuddy iOS echo eDonkey eDonkey-plain eDonkey-encrypted aMule Hydranode Jubster Lphant MLDonkey Morpheus Shareaza WinMX MP3 XoloX Endomondo enLegion Eset Evernote ExindaAD ExindaCom ExindaSSL ExindaWM F-Prot Facebook Facetime Feidian FiCall Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 586 QuickFIX Flash Flash-host Flickr Florensia Forfone Foursquare Freenet Friendster FTP-control FTP-data Fring Fring-unknown Fring-video Fring-voice Fring Android Fring Symbian Fring iOS FTP-SSL Funshion Funshion Fuze Meeting Gadu-Gadu Gadu-Gadu-server Gadu-Gadu-file-transfer Gadu-Gadu-voice Gadu-Gadu-video Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 587 GameKit Gmail Gnutella Acqlite Acquisition Apollon BearFlix Cabos CocoGnut DM2FrostWire Filepipe giFT Gluz Gnucleus Gtk-gnutella iMesh Light KCEasy Kiwi Alpha LimeWire Morpheus Mutella Phex Poisoned Qtella Shareaza Swapper.NET Symella WinMX MP3 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 588 Google Play Music Google Plus Google Talk Google Talk-file-transfer Google Talk-unknown Google Talk-video Adium Ayttm GMX Multimessenger iChat Instantbird Miranda Pidgin (previously Gaim) Kopete Pidgin Proteus Qnext Trillian/Trillian Pro Web.de Multimessenger Google Talk-voice Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 589 Groupwise GTP-control GTP-prime GTP-user-data GuildWars H323 Ekiga NetMeeting OpenH.323 XMeeting Half-Life 2 HamachiVPN LogMeIn Hamachi HiDrive Hike Messenger HiNet Hotmail HTTP HTTP-advanced HTTP-content type HTTP-file HTTP-host HTTP-method HTTP-referer HTTP-x_forwarded_for HTTP-ALT HTTPS Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 590 Kiax LoudHush PURtel YakaPhone ZiaxPhone ICAP Icecast iCloud Orkut iOS ICMP ICMPv6 ICQ Webchat ident IDrive IEC61850 IEC61850-goose IEC61850-manufacturing message IEC61850-sampled values IGMP iHeart Radio iLeader iLive.to IM+ Android IM+ Blackberry Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 591 IMO Browser Applet IMO for iPad IMO iOS Instagram Intralinks IOS OS Update IP mobility iPerf IPIP iPlayer iPlayer iOS IPSEC IPSEC-control Cisco VPN Client HotSpot Shield iOS IPSEC-data IPSEC over UDP Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 592 Mibbit Web IRC Miranda mIRC Pidgin IRC-unknown IRC-SSL isakmp iSkoot iTunes iTunes Radio ITV-stream ITV-web ITV Player iOS iWow systex Jabber Jabber-encrypted Jabber-file-transfer Jabber-unknown Jabber-voice Jabber-video Adium Ayttm GMX Multimessenger iChat Instantbird Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 593 JAP/JonDo Java-RMI JBK3000 JD.com JDENet Kakao Kakao-generic Kakao-kakaotalk Kakao Talk Kaspersky Kaspersky Antivirus Kazaa-Fasttrack Apollon Filepipe iMesh Light Kazaa Kazaa Lite Mammoth Kerberos Kik Messenger Kontiki L2TP OpenL2TP Label Distribution Protocol Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 594 Line-generic Line-video LinkedIn Live.com LiveJasmin LivePerson LLMNR lockd LotusNotes LoveFilmLync Lync-audio Lync-file-transfer Microsoft Lync Lync-unknown Lync-video Lync macfile Magine TV MagV MagV Kids Manolito Blubster Piolet MAPI MapleStory MATIP McAfee mDNS Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 595 Microsoft Dynamics NAV Microsoft Exchange Microsoft Exchange-generic Microsoft Exchange-outlook web acess Microsoft Media Server Mig33 mig33 Android Mitake Windows Media Player Modern War Mojo Move Player Moves MPEG Jupster Screamerradio Winamp MPlus Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 596 Fire GMX Multimessenger Instantbird Kopete Mercury Microsoft Messenger Mac Miranda Pidgin Pidgin (previously Gaim) Web.de Multimessenger Qnext Trillian/Trillian Pro Windows Live Windows Live iOS MSRP Blink MSRPC mstask Mute MyBook MyCard Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 597 MyVideo Stream Jupster Screamer Radio Winamp nat-t National Baseball Naver Net2Phone NETBIOS Netbus Netflix Netflix-generic Netflix-video Netflix iOS Netflow Netlogon NetMotion Next TV Nike+ Nimbuzz Nimbuzz Android Nimbuzz Blackberry Nimbuzz Mac Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 598 Open FT OpenVPN Hotspot Shield MyFreedom Opera Mini Opera Mini Symbian Opera Mini Android Opera Mini Blackberry Opera Mini iOS Oracle Oracle DB Oracle-SSL ORB-server ORB-client ORB-client-3gp ORB-client-flash Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 599 Windows Phone Oscar Oscar-file-transfer Oscar-picture-transfer Oscar-unknown Oscar-video AIM Android AIM for Mac AIM for iPad AIM iOS Adium Ayttm Fire Oscar-voice GMX Multimessenger iChat ICQ Android ICQ Mac OS X ICQ iOS Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 600 Web.de Multimessenger OSPF Paltalk Paltalk-file-transfer Paltalk-server Paltalk-video Paltalk Android Paltalk iOS Paltalk-voice Panda Security Pando Pandora Path PCanywhere PCoIP PDProxy PeerEnabler Periscope PinkFong Pinterest PlayTales Pochta Rossii Poison Ivy POP-encrypted POP-plain POP-SSL Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 601 PPStream Ubuntu PPStream iOS PPTP Print pubu bookbuffet QIP.RU QQ-file-transfer QQ-unknown QQ-voice QQ-video Instantbird QQ HD iOS QQ International QQ iOS QQ for Mac QQ for Pad Android QQ Games QQLive Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 602 Quake HalfLife Qualsys QUIC QuickTime Quicktime-host iTunes Quotd QVOD Radius radmin Rally RC5DES Rdio RealDataTransport RealMa RealMedia RealMediaPlayer Redmine RedTube Remote Telnet Remote Web Workplace Renren Replify rFactor Rhapsody rlogin RSVP rsync Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 603 SAP.MCAST.NET SCTP Scydo Scydo Android Scydo iOS Second Life SecureSight SecureSight-SSL Shell-SSL Shoutcast Fishradio iTunes Silverlight Silverfast-host Simfy Sina Weibo SinaTV SIP-audio SIP-gadu-gadu SIP-ichat-facetime SIP-MagicJack SIP-mplus SIP-msn SIP-oscar SIP-oscar-video SIP-unknown SIP-video Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 604 Skinny Skout SkyDrive Skyking Skype Skype-chat Skype-file transfer Skype-out Skype-unknown Skype-video Skype Android Skype for iPad Skype iOS Skype Linux Skype Symbian Skype-voice Skype for Business – File Transfer Skype Video Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 605 Socks v5 SoftEthernet Sohu SOPCAST Soribada Soulseek iSoul Nicotine Plus SolarSeek SoulSeeX pySoulSeek SoundCloud SPDY Speakaboos Speedtest SpiderOak SplashFighter Spotify Spotify Android Spotify iOS Spotify Mac Spreecast Spreed SPTG TV sqidproxy Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 606 SSL-common name SSL-organization name SSL-SPDY SSTP StealthNet Steam StreamWorks StreetVoice STUN Sudaphone Sudaphone Android Sudaphone iOS SugarSync SunRPC svrloc Sybase Syncplicity SyncServer-SSL syslog T.120 Taaze TACACS Tango Tango-audio Tango-file-transfer Tango-im Tango-unknown Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 607 TeamViewer for Meetings iPad TeamViewer iOS TeamViewer for Meetings iOS Telegram Telnet Telnet-generic Telnet-tn3270 Telnet-SSL Teredo textPlus TFTP Three Bamboo Threema Thrift Tibia TigerText Timbuktu Time Server Timely TV TMall TN3270 Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 608 TTPoD Tudou Tumblr TVAnts TVBS TVUPlayer TVUPlayer Android TVUPlayer Mac TVUPlayer iOS Twitch Twitter Ubuntu One UltraBac UltraSurf Unreal UppTalk Usenet iLoad UseNeXT uucp UUSee vBulletin Vcast Ventrilo VeohTV VeohTV-generic VeohTV-flash Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 609 Vippie Android Vippie iOS VoIP Tunnel Voxer VPN-X VRRP VTUN VyprVPN WAP TLS Warcraft 3 Watchever Wealth God WebDAV Cadaver Goliath Webex WebEx Meeting Center Applet Webex for iPad Webex iOS WebQQ Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 610 Whois Wickr Windows Azure Windows Phone OS Update Windows Updates WindowsMedia WindowsMedia-host WinMX XNap WINNY Wins Workout Trainer World of Kung Fu World of Warcraft Wowza WSM Server WSM Server-SSL Wuala Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 611 Yahoo-webmail Adium Ayttm GMX Multimessenger Instantbird Kopete Miranda Pidgin Pidgin (previously Gaim) Qnext Trillian/Trillian Pro Web.de Multimessenger Yahoo Messenger Yahoo Messenger Android Yahoo Messenger for Mac Yahoo Messenger iOS Yahoo Games Exinda Network Orchestrator 9 Predefined Applications and Application Groups...

  • Page 612: Predefined Application Groups

    Zynga 9.2 Predefined Application Groups The Exinda appliance includes predefined groups of applications that can be used when setting policy for the appliance and for monitoring. Custom application groups can also be defined, and custom applications can be added to existing application groups.
  • Page 613 Battlefield Call of Duty Club Penguin Crime City Crossfile Destiny Dofus Doom3 Dota 2 Dota Legend Fiesta Florensia Game of War Gamekit GuildWars Half-Life 2 King of Pirates MapleStory Modern War Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 614 World of Kung Fu World of Warcraft xbox-live Zynga Instant Messaging Blackberry Messenger DiDi IM eBuddy enLegion FETnet Google Talk Hike Messenger ICQ Webchat iMessage Jabber Kik Messenger Live Person Meebo Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 615 PalTalk Path Telegram textPlus TigerText Vibe Voxer WebQQ WeChat WhatsApp Wickr Yahoo IM Interactive echo Remote Telnet rlogin Telnet Time Server TN3270 Mail Blackberry Mail GMail Hotmail IMAP IMAP-SSL LotusNotes MAPI Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 616 BitTorrent Edonkey Feidian Filetopia Gadu-Gadu Gnutella Kazaa-Fastrack Kontiki OFFSystem Open FT POPO PPLive PPSteam QQLive Soulseek StealthNet UUSEE Webthunder ZATTOO Recreational Anonymous Proxy Audiko Audiogalaxy DirectDownload Duokan Endomondo Facebook Flash Flickr Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 617 Mig33 Mojo Moves MyFitnessPal MySpace National Baseball Nike+ Orkut Pinterest PlayTales RealMedia Run Keeper Runtastic Sina Weibo Snapchat Sohu Speakaboos Spotify SPTG TV TTPod Tumblr UltraSurf Vine VoIP Tunnel Watchever WindowsMedia Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 618 L2TP LDAP-SSL MS Global Catalogue SSL NNTP-SSL Oracle-SSL Orbix2000 SSL POP-SSL PPTP SecureSight Shell-SSL SIP-SSL SyncServer-SSL Tacacs Telnet-SSL WAP TLS WSM Server-SSL Social Networking aimini Bebo Doook Facebook Flickr Foursquare Friendster Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 619 Yik Yak YouTube Software Updates Adobe Updates Android OS Update Antivirus Lab Apple Updates Avira Bitdefender Eset F-Prot Grisoft iOS OS Update Kaspersky McAfee Norton Antivirus Panda Security Windows Phone OS Update Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 620 Ciaomobile HDTV CNTV CtiTV Dailymotion Deezer Demand 5 Flash Funshion Google Play Music Grooveshark Hulu Icecast iHeartRadio iLive.to iPlayer IPTV iTunes Radio last.fm LoveFilm Move Player MPEG MyMusic TW MyVideo Netflix Octoshape Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 621 RealMedia Rhapsody RTSP Shoutcast Silverlight Simfy SinaTV Soribada SoundCloud Spreecast Timely TV TTPod TuDou TVBS VeohTV Vimeo Watchever WindowsMedia Youku Thin Client AdobeConnect Citrix GoToMeeting GoToMyPc PCAnywhere PCoIP Spreed TeamViewer Webex Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 622 Fring Goober Lync ooVoo Scydo Tango Truphone UppTalk Ventrilo Voice Burner DiDi Voice Facetime H323 Megaco H.248 MGCP Net2Phone Nimbuzz RTCP Skinny Skype Skype Video Skype Voice Sudaphone Vippie CpmodoUnite CyberGhost Exinda Network Orchestrator 9 Predefined Applications and Application Groups...
  • Page 623 IPSEC over UDP isakmp L2TP NetMotion OpenVPN PDProxy PPTP SoftEthernet SSTP Teredo VPN-X VyprVPN Baidu BOLT Google Google Cloud Google Drive Google Encrypted HTTP HTTP-ALT HTTPS Live.com Naver OperaMini SPDY squidproxy WebDAV WebSocket Exinda Network Orchestrator 9 Predefined Applications and Application Groups...

This manual is also suitable for:

Exnv-4062Exnv-12063Exnv-8063Exnv-10063

Table of Contents