nLive 4.0

nLive 4.0

User Manual

Vigiliti Systems, Inc.

Revision: 0.95

Copyright © 2010-11 Vigiliti Systems, Inc.

The contents of this documentation are copyrighted and are the property of Vigiliti Systems, Inc. You may read, download and/or print it for your own use. All rights reserved.

2011/2/1

Table of Contents

1. Introduction

1.1. How to Use this Manual

1.2. Overview

1.2.1. What to Monitor
1.2.2. Netflow or Packet
1.2.3. nLive Editions

1.3. Deployment

1.3.1. nLive Core Deployment
1.3.2. nLive Flow Deployment
1.3.3. nLive Enterprise Deployment

2. Installation

2.1. Special Notes

2.2. System Requirements

2.3. Deployment of nLive on Windows

2.3.1. Precautions
2.3.2. Installing on Windows
2.3.3. Updating the installation on Windows
2.3.4. Uninstalling on Windows

2.4. Deployment of nLive on Linux

2.4.1. Network interface setup for sensing packets
2.4.2. OS components and applications
2.4.3. Installing on Linux
2.4.4. Updating the installation on Linux
2.4.5. Uninstalling on Linux

2.5. Initial Setup Screen

2.6. License Screen

2.7. Preparation of Switch, Router and Client PC

2.7.1. Client PC
2.7.2. Router preparation
2.7.3. Switch preparation

3. Basic Concepts

3.1. Terminology

3.1.1. Event
3.1.2. Event Count and Volume
3.1.3. Behavior
3.1.4. Tuning
3.1.5. Business group
3.1.6. Problem
3.1.7. Normal and Abnormal Traffic
3.1.8. Score
3.1.9. Sensors and Regions
3.1.10. Applications and Activities
3.1.11. Devices, Interfaces and their Groups
3.1.12. Servers and Clients
3.1.13. Data Streams and Types

3.2. Initial setup

3.3. Ongoing usage and maintenance

4. User Interface

4.1. User Interface Organization

4.2. Dashboards with Charts

4.3. Dashboards with Graphs

4.4. Dashboards with Problems

4.5. Standard Reports

4.6. Searching into Data Streams

4.6.1. Search Preferences
4.6.2. Console and Sensor local times

4.7. Explorer

4.8. Settings

4.8.1. Global Settings, Local Overrides
4.8.2. Profile Tuning
4.8.3. Manage Profiles
4.8.4. Business Groups
4.8.5. Flow Devices
4.8.6. Flow Interfaces
4.8.7. Manage Problems
4.8.8. Alerting
4.8.9. Problem Detection
4.8.10. Port Limiting Mask
4.8.11. Scheduled Reporting
4.8.12. Search Preferences
4.8.13. Console
4.8.14. Topology Module
4.8.15. Sensors::General
4.8.16. Sensors::Database
4.8.17. Sensors::Host Identity
4.8.18. Manage Users
4.8.19. Change My Password
4.8.20. Manage Sensors
4.8.21. Manage Regions
4.8.22. License Management

5. Problem Detection

5.1. Behavior Based Analysis

5.2. Behavior Profiling

5.3. Problem Detection Customization

5.3.1. Turning off detectors
5.3.2. Turning off detectors for specific cases
5.3.3. Modifying detector sensitivity
5.3.4. Modifying severity

6. How To Exercises

6.1. Bandwidth Measurement How To's

6.1.1. How To Measure Bandwidth for Subnets
6.1.2. How To Measure Bandwidth for Applications
6.1.3. How To Measure Bandwidth for Departments
6.1.4. How To Look for Top Talkers
6.1.5. How To Measure Utilization for Routers

6.2. Problem identification How To's

6.2.1. How To Look for Problems

List of Figures

1.1. Deployment of nLive Core
1.2. Deployment of nLive Core at Core of Network
1.3. Deployment of nLive Flow
1.4. Alternate deployment of nLive Flow
1.5. Yet another deployment topology of nLive Flow
1.6. Typical deployment of nLive Enterprise
1.7. Alternate deployment of nLive Enterprise
1.8. Yet another deployment of nLive Enterprise
2.1. Initial Setup Screen
2.2. License Screen
4.1. Top bar
4.2. Host details
4.3. Dashboard example 1
4.4. Dashboard example 2
4.5. Graph example
4.6. Graph control icons
4.7. Graph legend
4.8. Graph edge tooltip
4.9. Graph edge menu
4.10. Graph node menu
4.11. Graph dashboard tree
4.12. Problem list
4.13. Problem details
4.14. Abnormal Hosts
4.15. Problem Hosts
4.16. Problem types and counts
4.17. Reports menu
4.18. Highlighting of report tree
4.19. Reports options
4.20. Drill-down menu
4.21. Report pane bottom tabs
4.22. Search form
4.23. Data Streams selection dialog
4.24. Search criteria choices
4.25. Search preferences dialog
4.26. Explorer
4.27. Discovery Dialog
4.28. Discover and Reload buttons
4.29. Quick Links
4.30. Hosts with problems
4.31. Explorer Search pane
4.32. Search criteria for hosts
4.33. Search criteria for device ports
4.34. Settings tree menu
4.35. Profile Tuning
4.36. Manage Profiles
4.37. Business Groups
4.38. Flow Devices
4.39. Flow Devices SNMP Community Strings
4.40. Flow Interfaces
4.41. Manage Problems
4.42. Alerting: Global Settings
4.43. Alerting: Local Overrides
4.44. Problem Detection
4.45. Port Limiting Mask
4.46. Scheduled Reporting
4.47. Console
4.48. Topology Module
4.49. Sensors::General
4.50. Sensors::Database
4.51. Sensors::Host Identity
4.52. Manage Users
4.53. Change My Password
4.54. Manage Sensors
4.55. Edit Sensors Dialog
4.56. Manage Regions
4.57. Edit Region Dialog

List of Tables

1.1. nLive Product Editions


		Chapter 1. Introduction

Windows Help & PDF formats available here

Vigiliti Systems, Inc.

Copyright © 2010-11 Vigiliti Systems, Inc.