1. Manuals
  2. Brands
  3. Lancope Manuals
  4. Firewall
  5. StealthWatch System
  6. Hardware installation manual

Flowsensors; Udp Director (Also Known As Flowreplicator); Identity Devices - Lancope StealthWatch System Hardware Installation Manual

Hide thumbs
Table of Contents

Advertisement

FlowSensors

The StealthWatch FlowSensor is a network appliance that operates similarly to a
traditional packet capture appliance or IDS in that it plugs into a switch port analyzer
(SPAN), mirror port, or Ethernet test access port (TAP). The FlowSensor augments
visibility into the following network areas:
Where NetFlow is not available.
Where NetFlow is available, but you want deeper visibility into
performance metrics and packet data.
By directing the FlowSensor toward any NetFlow v9-capable flow collector you can
derive valuable detailed traffic statistics from NetFlow. When combined with the
StealthWatch FlowCollector for NetFlow, the FlowSensor also provides deep insight
into performance metrics and behavioral indicators. These flow performance
indicators provide insight into any round-trip latency introduced by the network or by
the server-side application.
Because the FlowSensor has packet-level visibility, it can calculate round-trip time
(RTT), server response time (SRT), and packet loss for TCP sessions. It includes all of
these additional fields in the NetFlow records that it sends to the StealthWatch
FlowCollector for NetFlow.

UDP Director (also known as FlowReplicator)

The StealthWatch UDP Director (also known as FlowReplicator) is a high-speed,
high-performance UDP packet replicator. The UDP Director s very helpful in
redistributing NetFlow, sFlow, syslog, or Simple Network Management Protocol
(SNMP) traps to various collectors. It can receive data from any connectionless UDP
application and then retransmit it to multiple destinations, duplicating the data if
required.
Note:
When you use the UDP Director High Availability (HA) configuration (failover),
you must connect two UDP Directors with crossover cables. For specific
instructions, see
"Connecting to the Network" on page

Identity Devices

The StealthWatch system includes identity devices such as the StealthWatch IDentity
appliance and the Cisco ISE (Identity Services Engine). These devices map IP
addresses to user names by passively pulling user authentication information from
user identity databases. The SMC seamlessly manages multiple identity appliances.
For information on the installation of StealthWatch IDentity, see its accompanying
CD.
Pre-Configuration Considerations
43.
11

Advertisement

Table of Contents
loading

Table of Contents