1. VS-1200

Application. Datacom Systems VS-1210SFP, VS-1200 Series, VS-1200, VS-1206SFP, VS-1208BT

Add to My manuals
54 Pages

advertisement

Application. Datacom Systems VS-1210SFP, VS-1200 Series, VS-1200, VS-1206SFP, VS-1208BT | Manualzz

Application 47

7 Application

This section will present techniques and applications describing the practical use and new remedies for performing network analysis requirements using VS-1200 series solutions.

7.1

Gathering the Data (HyperTerminal configuration example)

PREMISE: This application consists of workgroup switches that allow end users to access a group of servers. The servers are connected to a single server switch and the users are distributed across several workgroup switches. The security department wants to see all server bound access from the users and server to server traffic.

GOAL: This application will use a VS-1210BT/SFP as follows:

1. TAP access to critical server

2. Aggregate SPAN.

3. Provide access for analysis, security and recording devices.

The first goal requires an external tap between the server switch and the critical financial server. The tap copies all the data going to the financial server, and can't be shutdown like a SPAN port. The tap allows enhanced visibility for security purposes.

The second goal requires that a SPAN port is configured on the workgoup switches. This will only allow workgroup traffic to be replicated out the SPAN port.

The third goal involves aggregating and replicating traffic from the two previous goals for specific security and network analysis to be done.

© 2009 Datacom Systems Inc

48 VS-1200 Data Acccess Switch

SOLUTION: The VS-1210BT/SFP solves all goals by accepting the input from the two SPAN ports along with the output from the TAP, aggregating and replicating the traffic to multiple ports and ports 9 and 10 provide small form pluggables that allow either fiber or copper connectivity.

CONFIGURATION: The IP address (default 192.168.1.1), Subnet Mask and Default Gateway is set during the 'Initial Configuration' for your Local Area Network settings and will not be covered in this section, see the ' IP Address Configuration with HyperTerminal

28

' section for those steps. Use the syntax below in the Command Line Interface (CLI) to setup Tap and Any-to-Any ports (syntax is shown with either user > or Superuser # prompts):

For configuration, open HyperTerminal on your Management PC using the VS-1210BT/SFP

SERIAL DB9 port. Settings are found in the 'Initial Configuration', 'SERIAL Port Configuration

(DB9)', ' HyperTerminal

26

' section.

Press twice Enter key and Enter key. Enter Username (default: Administrator) and Enter key.

Enter Password (default: admin) and Enter key. Default prompt is the > symbol. Enter superuser mode, type su and Enter key. Enter Password (default: password) and Enter key. Default prompt is the # symbol. Use the following syntax to set the input/output for Any-to-Any ports as well as the output for Tap ports.

The VS-1200 Series factory default for all Any-to-Any ports is off.

Ensure there are no previous settings present, go through Ports 1-10 and set them to OFF as shown:

# SET PORT MONITOR 1 OFF

# SET PORT MONITOR 2 OFF

# SET PORT MONITOR 3 OFF

# SET PORT MONITOR 4 OFF

# SET PORT MONITOR 5 OFF

# SET PORT MONITOR 6 OFF

# SET PORT MONITOR 7 OFF

# SET PORT MONITOR 8 OFF

# SET PORT MONITOR 9 OFF

# SET PORT MONITOR 10 OFF

© 2009 Datacom Systems Inc

Application 49

Now you can begin setting the ports as to which port inputs the data and which ports aggregate and/ or output the data.

Port 4 is set as output for Port 1’s input which is set with this syntax:

# SET PORT MONITOR 4 FROM 1

Port 5 is set as output for Port 1’s input which is set with this syntax:

# SET PORT MONITOR 5 FROM 1

Port 6 is set as output for Port 2’s input which is set with this syntax:

# SET PORT MONITOR 6 FROM 2

Port 7 is set as output for Port 2’s input which is set with this syntax:

# SET PORT MONITOR 7 FROM 2

Port 8 is set as output for Port 3’s input which is set with this syntax:

# SET PORT MONITOR 8 FROM 3

Port 9 is set as output for Port 3’s input which is set with this syntax:

# SET PORT MONITOR 9 FROM 3

Port 10 is set as output for Ports 1, 2, and 3’s input which is set with this syntax:

# SET PORT MONITOR 10 FROM 1,2,3

CONCLUSION: The VS-1210BT/SFP provides the ability to aggregate data streams from TAPs and from SPAN or Port Mirrors. Aggregating streams together improves overall visibility for the tools and permits specific departmental devices to only see the traffic they need. The VS-1210BT/

SFP allows many devices to share a single SPAN output. The VS-1210BT/SFP Small Form

Pluggable capacity, allows users to send data across multimode or single-mode fiber.

© 2009 Datacom Systems Inc

50 VS-1200 Data Acccess Switch

7.2

All Pluggable in Optical Network (TELNET configuration example)

PREMISE: This network application consists of several workgroup optical switches that allow end users to access a group of servers.; The servers are all connected to a single server optical switch and the users are distributed across several workgroup switches. The security department wants to view all server bound access from the users and view server to server traffic.

GOAL: This application will use a VS-1210SFP as follows:

1. Fiber TAP access to optical networks

2. Aggregate traffic to provide access for analysis, security and recording devices.

The first goal requires an external fiber taps between the optical network devices. The tap makes a copy of all the data going to the financial server, and can not be shutdown like a SPAN port. The tap will allow enhanced visibility for security purposes.

The second goal involves aggregating and replicating traffic from the previous goal for specific security and network analysis to be done.

© 2009 Datacom Systems Inc

Application 51

SOLUTION: The VS-1210SFP solves the goals by accepting both sides of each optical network traffic from four optical tap full-duplex ports and aggregating and replicating the traffic to multiple ports. The VS-1210SFP also provides media conversion with the small form pluggables so that both copper and fiber ports are available for connectivity.

CONFIGURATION: The IP address (default 192.168.1.1), Subnet Mask and Default Gateway is set during the 'Initial Configuration' for your Local Area Network settings and will not be covered in this section, see the ' IP Address Configuration with TELNET 32 ' section for those steps. Use the syntax below in the Command Line Interface (CLI) to setup Tap and Any-to-Any ports (syntax is shown with either user > or Superuser # prompts):

For Configuration, open TELNET on your Management PC and open a hostname connection with the VS-1210SFP MANAGEMENT RJ45 port. Settings are found in the 'Initial Configuration',

'MANAGEMENT Port Configuration (RJ45)', ' TELNET 28 ' section.

Enter Username (default: Administrator) and Enter key. Enter Password (default: admin) and Enter key. Default prompt is the > symbol. Enter superuser mode, type su and Enter key. Enter

Password (default: password) and Enter key. Default prompt is the # symbol. Use the following syntax to set the input/output for Any-to-Any ports as well as the output for Tap ports.

The VS-1200 Series factory default for all Any-to-Any ports is off.

Ensure there are no previous settings present, go through Ports 1-10 and set them to OFF as shown:

# SET PORT MONITOR 1 OFF

# SET PORT MONITOR 2 OFF

# SET PORT MONITOR 3 OFF

# SET PORT MONITOR 4 OFF

# SET PORT MONITOR 5 OFF

# SET PORT MONITOR 6 OFF

# SET PORT MONITOR 7 OFF

# SET PORT MONITOR 8 OFF

# SET PORT MONITOR 9 OFF

# SET PORT MONITOR 10 OFF

© 2009 Datacom Systems Inc

52 VS-1200 Data Acccess Switch

IMPORTANT: Fiber taps are not capable and CAN NOT auto-negotiate link with the VS-

1210SFP ports and MUST BE be hard set to 1,000 Mbs and full-duplex.

Port 1, 2, 3, and 4's is set to 1,000 Mbs and full-duplex with this syntax:

# SET PORT SPEED 1,2,3,4 1000FULL

Now you can begin setting the ports as to which port inputs the data and which ports

aggregate and/or output the data.

Port 5 is set as output for Port 1 and 3’s input which is set with this syntax:

# SET PORT MONITOR 5 FROM 1,3

Port 6 is set as output for Port 1 and 3’s input which is set with this syntax:

# SET PORT MONITOR 6 FROM 1,3

Port 7 is set as output for Port 2 and 4’s input which is set with this syntax:

# SET PORT MONITOR 7 FROM 2,4

Port 8 is set as output for Port 2 and 4’s input which is set with this syntax:

# SET PORT MONITOR 8 FROM 2,4

Port 9 is set as output for Port 1, 2, 3 and 4’s input which is set with this syntax:

# SET PORT MONITOR 9 FROM 1,2,3,4

Port 10 is set as output for Ports 4’s input which is set with this syntax:

# SET PORT MONITOR 10 FROM 4

CONCLUSION: The VS-1210BT/SFP provides the ability to aggregate data streams from TAPs.

Aggregating streams together improves overall visibility for the tools and permits specific departmental devices to only see the traffic they need. The VS-1210SFP allows many devices to share a single output. The VS-1210SFP Small Form Pluggable capacity, allows users to send data across multimode, single-mode fiber or copper.

© 2009 Datacom Systems Inc

advertisement

Related manuals

Datacom Systems VS-1200-S Series User guide

Datacom Systems

VS-1200-S Series

  • User guide
Datacom Systems SS series SPAN User guide

Datacom Systems

SS series SPAN

  • User guide
Datacom Systems SS-1204LX-BT-S, SS-2206BT-BT-S User Manual

Datacom Systems

SS-2206BT-BT-S

  • User manual
Datacom Systems VS-1224-F Quick Install Manual

Datacom Systems

VS-1224-F

  • Quick Install Manual
Datacom FVS-1044, FVS-1080 User Manual

Datacom

FVS-1044

  • User manual
Datacom Systems 1000BT-AT-SX Quick Installation Manual

Datacom Systems

1000BT-AT-SX

  • Quick Installation Manual

advertisement

Table of contents