Configuring Profiler Database Preferences (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring intrusion detection and prevention devices guide

Hide thumbs Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01:

Manual (444 pages)

Administration manual (1026 pages)

Installation manual (244 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Configuring Intrusion Detection and Prevention Devices Guide

Table 12: Profiler Settings

Setting

Purge profiler database if size exceeds (in

MB)

Max profiler database size after purging (in

MB)

Profiler query timeout (in seconds)

Hour of day to perform db optimization

(local time)

Number of sessions to display per

application

Hours of session data to display from

present time

Documentation

Configuring Profiler Database Preferences (NSM Procedure)

Modify settings as described in Table 12 on page 26.

Click OK.

Description

Removes the profiler database for the selected size in MB. The default value is

1000 MB.

Specifies the maximum size of the purged profiler database. The default value is

750 MB.

Specifies the timeout entry for a profiler query. The default value is 120 seconds.

Specifies the time to perform the database optimization. The default value is

00:00 GMT.

Determines the number of sessions displayed in the Application Profiler application

volume tracking session tables.

The default value is 10 sessions. You can specify from 5 to 10,000 sessions.

Determines the hours of application volume tracking data displayed in the

Application Profiler tab session tables.

The default value is 1 hour. You can specify from 1 to 24 hours.

This setting is also a data retention policy. By default, data older than 1 hour is

deleted. If your change to 12 hours, data older than 12 hours is deleted.

Configuring Profiler Options (NSM Procedure) on page 13

Querying the Profiler Database (NSM Procedure) on page 28

ScreenOS 6.2 supports application volume tracking (AVT), a feature that enables NSM

to track network bandwidth usage on a per-application basis. The security device sends

the NSM server periodic update messages containing details about port activity. NSM

listens and processes these periodic update messages and maintains a cumulative count

for each port. NSM displays this count on the console. NSM provides reports about

application volume tracking. The AVT feature has the following limitations:

Periodic updates maintained per port for each active session can slightly affect CPU

performance.

Accuracy of AVT data is dependent on communication with the NSM server. NSM,

however, lacks a mechanism to ensure that periodic updates sent by AVT from

ScreenOS are received, which may result in a lag between traffic instances and reporting

of those instances. NSM maintains a cumulative count for all traffic on each port

regardless of session, node, or protocol. The count displayed is a total across all

Table of Contents

Configuring Profiler Database Preferences (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring Profiler Database Preferences (NSM Procedure)

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Table of Contents