Table of Contents
Advertisement
Configuring Intrusion Detection and Prevention Devices Guide
Protocol Profiler
Table 10: Protocol Profiler Data
Column
Src IP
Dst IP
User
Role
Context
Value
Src MAC
Dst MAC
Src OUI
Dst OUI
Src OS Name
Dst OS Name
Hits
First Time
Last Time
Domain
22
The Protocol Profiler tab displays information about applications that are running on
your network.
Table 10 on page 22 describes the protocol profiler data.
Description
Source IP address of the session.
NOTE: Profiler tracks all traffic through the IDP appliance, including traffic for hosts not in your
tracked hosts list. It records a value of 73.78.69.84 for the IP address for hosts not defined in the
Tracked Hosts tab, such as external hosts you would not know and therefore could not configure.
Destination IP address.
NOTE: Communication between an internal host and an external host is recorded only once. For
example, the device records internal host A communicating to
http://edition.cnn.com
as one entry in the Profiler DB.
The user associated with the session.
The role to which the user belongs.
Matching contexts.
Value retrieved from matching context.
Source MAC addresses.
Destination MAC addresses.
Source OUI.
NOTE: The Organizationally Unique Identifier (OUI) value is a mapping of the first three bytes
of the MAC address and the organization that owns the block of MACs. You can obtain a list of
OUIs at
http://standards.ieee.org/regauth/oui/oui.txt
Destination OUI.
Operating-system version running on the source IP.
Operating-system version running on the destination IP.
Number of occurrences that match the session.
Timestamp for the first time the device logged the event (within the specified time interval).
Timestamp for the last time the device logged the event (within the specified time interval).
NSM domain.
http://ca.yahoo.com
and
.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
