OmniEngine Enterprise Version: 4.0 serial key or number

OmniEngine Enterprise Version: 4.0 serial key or number

OmniEngine Enterprise Version: 4.0 serial key or number

OmniEngine Enterprise Version: 4.0 serial key or number

Scalability with Omni Distributed Analysis Platform

Watch the full OnDemand Webcast: http://hasu.com.ar/OmniScalability
The term "scalability" is used a lot in networking, to mean many different things: more speed, more paths, more ports, more uptime, more packets. In general, it implies an architecture which can grow without requiring an extensive redesign. Unfortunately, a lot of this growth generates hidden complexity when it comes to network analysis: each new interconnect increases the total number of links which are capable of moving data, but tracking the end-to-end health of that data requires correlation from a larger number of discrete points. To monitor health and performance, your visibility solution must scale at least as easily as your network.

WildPackets is leading the charge with its Omni Distributed Analysis Platform. Join us to see how WildPackets scales across all facets of network analysis, and continues to push the boundaries in high-speed, highly distributed network analysis and troubleshooting with a single distributed cost-effective solution.

In this webinar, we will cover:

- The key areas of scalability that must be addressed by a network analysis solution
- Best practices in addressing key areas of scalability
- Practical distributed network analysis scenarios

You will learn how to:

- Deal with highly interconnected 10G and 40G networks
- Eliminate choke-points without eliminating visibility
- Design distributed network analysis solutions to meet various scenarios

Источник: [hasu.com.ar]
, OmniEngine Enterprise Version: 4.0 serial key or number

OmniAnalysis Platform ? Getting Started Guide Getting Started Guide Copyright ? , WildPackets, Inc. All rights reserved. Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form, or by any means, electronic or mechanical, including photocopying, for any purpose, without the express written permission of WildPackets, Inc. AiroPeek SE, AiroPeek NX, AiroPeek VX, EtherPeek SE, EtherPeek NX, EtherPeek VX, Gigabit Analyzer Card (GAC), GigaPeek NX, iNetTools, NAX, NetDoppler, NetSense, Network Calculator, Omni?, Omni Capture Engine, Omni Desktop Engine, Omni DNX Engine, OmniEngine Desktop, OmniEngine Enterprise, OmniEngine Workgroup, Omni Management Console, Omni PacketGrabber, OmniPeek, OmniPeek Enterprise, OmniPeek Enterprise Connect, OmniPeek Personal, OmniPeek Workgroup, OmniPeek Workgroup Pro, OmniPeek Personal, Omnipliance, OmniSpectrum, PacketGrabber, Peek DNX, ProConvert, ProtoSpecs, RFGrabber, RMONGrabber, WAN Analyzer Card (WAC), WANPeek NX, WildPackets, WildPackets Academy, and WildPackets OmniAnalysis Platform are trademarks of WildPackets, Inc. All other trademarks are the property of their respective holders. The material in this document is for information purposes only and is subject to change without notice. While reasonable efforts have been made in the preparation of this document to assure its accuracy, WildPackets, Inc. assumes no liability resulting from errors or omissions in this document, nor from the use of the information contained herein. WildPackets, Inc. reserves the right to make changes in the product design without reservation and without notification to its users. Contacting WildPackets Mailing Address WildPackets, Inc. Treat Blvd., Suite Walnut Creek, CA Voice/Fax 8 AM - 5 PM (PST) () () (US only) Fax: () info@hasu.com.ar Sales sales@hasu.com.ar Web hasu.com.ar Technical Support hasu.com.ar Resources See hasu.com.ar for white papers, tutorials, technical briefs and more. ii Training and Certification WildPackets Academy offers the most effective and comprehensive network and protocol analysis training available, meeting the professional requirements of corporate, educational, government, and private network managers. Our instructional methodology is centered on practical applications of protocol analysis techniques. See hasu.com.ar for course catalog, current public course scheduling, web-delivered courses, and consulting services. WildPackets Academy () training@hasu.com.ar Product Support and Maintenance WildPackets Product Maintenance Programs ensure that you grow along with our products as new features and enhancements to existing features are added. All WildPackets customers are entitled to technical support for the life of their purchased product(s). Enhanced support services are available through our Premium Maintenance Programs. Premium Maintenance offers Remote Trace File Analysis assistance and free seats in our WildPackets Academy Training courses, in addition to our standard maintenance services. Standard or Premium Maintenance can be purchased by contacting sales@hasu.com.ar About WildPackets, Inc. Since , WildPackets has been delivering real-time fault analysis solutions that enable the world's leading organizations to keep their networks running securely and reliably, day after day. From the desktop to the datacenter, from wireless LANs to Gigabyte backbones, on local segments and across distributed networks, WildPackets products enable IT organizations to quickly find and fix problems affecting mission-critical network services. WildPackets products are sold in over 60 countries through a broad network of channel and strategic partners. More than 5, customers, spanning all industrial sectors and including 80% of the Fortune , use WildPackets products daily to troubleshoot networks and maximize network uptime. WildPackets customers include Agilent, Cisco Systems, Comcast, EDS, Microsoft, Siemens AG, Qualcomm, Unisys, Motorola, and Deutsche Bank. Strategic partners include Aruba, Atheros, Cisco, 3Com, Intel and Symbol Technologies. For further information, please visit hasu.com.ar E-OP40_d4 iii Contents Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 System requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installing the OmniPeek console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installing an OmniEngine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Main program window and Start Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Displaying the Remote Engines window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Connecting to a remote engine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 3 3 4 5 6 Chapter 2 Capturing Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Capturing packets into a Capture window. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Capturing packets on a remote engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Chapter 3 Viewing Decoded Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 The packet decode window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Chapter 4 Forensics Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Creating forensic captures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Using the remote engine files tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Chapter 5 Monitoring the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Displaying Monitor statistics on the console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Baselining with summary statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Using the remote monitoring capture template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Chapter 6 Creating Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Creating a graph from a console Capture window . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Creating a top ten protocols graph on a remote engine. . . . . . . . . . . . . . . . . . . . . . . 35 Chapter 7 Wireless Statistics in Capture Windows . . . . . . . . . . . . . . . . . . 37 The WLAN view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 The Channels view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 The Signal view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 v Contents Chapter 8 Troubleshooting with the Expert . . . . . . . . . . . . . . . . . . . . . . . . 41 The Expert view. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Using the Expert EventFinder Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Using the Visual Expert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Chapter 9 Creating Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Enabling a filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Creating filters with the Make Filter command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Creating a simple filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Chapter 10 Using the Peer Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 The Peer Map view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Chapter 11 Using VoIP Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 The VoIP view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Analyzing a single call or channel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Appendix A Keyboard Shortcuts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 vi CHAPTER Introduction Welcome to OmniPeek, the software console for distributed network analysis from WildPackets! 1 The OmniPeek console provides centralized expert analysis for 10/ Ethernet, full-duplex Gigabit Ethernet, WLAN, and WAN networks by managing and interacting with remotely installed OmniEngines. With OmniPeek’s intuitive user interface, network engineers can quickly troubleshoot problems on remote segments, drill down through multiple layers of analysis, and pinpoint problems that need correction. Important! The OmniPeek console and the OmniEngines are described here in their full-featured versions. Please visit our web site at hasu.com.ar for details about how to order the Omni features and media types that precisely fit the needs of your distributed network. System requirements The system requirements for the OmniPeek console are: ● ● ● Windows XP Professional (SP2), Windows (SP4) or Windows Server (SP1) Internet Explorer (SP1) Microsoft .NET Framework Note OmniPeek with Enhanced Voice Option does not support Windows Server OmniPeek supports most rack mount, desktop and portable computers as long as the basic system requirements to run the supported operating systems are met. Depending on traffic and the particular usage of OmniPeek, the requirements may be substantially higher. The following system is recommended for OmniPeek: 1 Chapter 1: Introduction ● ● ● P4 2 GHz Processor (P4 GHz Processor for OmniPeek with Enhanced Voice Analysis) MB RAM (1 GB RAM for OmniPeek with Enhanced Voice Analysis) 10 GB Available Hard Disk Space (20 GB Available Hard Disk Space for OmniPeek with Enhanced Voice Analysis) Factors that contribute towards superior performance include high speed CPU, dual CPUs, two or more GB of RAM, high performance disk storage subsystem (RAID 0), and as much additional hard disk space as is required to save the trace files that you plan to manage. Note Supported operating systems require users to have “Administrator” level privileges in order to load and unload device drivers, or to select a network adapter for the program’s use in capturing packets. For more information, please see our web site at hasu.com.ar Optional hardware requirements To analyze wireless, Gigabit, WAN, or traffic, a supported network analyzer card (GAC or WAC) or wireless LAN adapter is required for OmniPeek: ● Full-duplex capture of Gigabit Ethernet networks: requires a WildPackets Gigabit Analyzer Card (GAC). Note Capture on Gigabit Ethernet networks is also possible using other supported Gigabit Ethernet interfaces, but not in full-duplex mode. ● ● Capture from T1/E1 WAN links: requires a WildPackets WAN Analyzer Card (WAC). Capture from T3/E3 WAN links: requires a WildPackets WAN Analyzer Card (WAC). For more information, refer to the documentation that ships with the product or visit our website at hasu.com.ar For information on configuring wireless, Gigabit, and WAN analyzer cards, please refer to the OmniPeek User Guide or online help. Network connectivity and drivers OmniPeek and the OmniEngines communicate over TCP/IP through port , the default port for the WildPackets DNX proprietary protocol. 2 System requirements OmniPeek Getting Started Guide WildPackets has developed a set of driver APIs for WLAN cards, the Gigabit Analyzer Cards, and the WAN Analyzer Cards. OmniPeek and the OmniEngines ship with a number of drivers that support the WildPackets APIs. For the most recent information on network adapter cards and drivers, please visit http:// hasu.com.ar Installing the OmniPeek console To install the OmniPeek console, follow these steps: 1. Uninstall any earlier versions of OmniPeek. 2. Insert the OmniPeek Installer CD into your CD or DVD drive. 3. Follow the installation instructions that appear on the screen. During installation you are asked to enter a valid Activation Key. When prompted, you can select Automatic or Manual: ● Automatic: The installer uses your Internet connection to send an encrypted message to an activation server, which retrieves and displays your Activation Key. Please write down the Activation Key for future reference. Manual: The installer allows you to enter the Activation Key manually. You can obtain an Activation Key in the following ways: Go to a computer with an Internet connection and web browser and complete the request form, or call WildPackets Technical Support. For more information about the product activation process, please see our website at: hasu.com.ar ● 4. When the Installer has finished installing the program files, you can choose to view the Readme or launch the program. Installing an OmniEngine For complete instructions on how to install, configure, and update settings for an OmniEngine, See the Getting Started Guide that ships with the OmniEngine or the online help in the Omni Management Console application. Installing the OmniPeek console 3 Chapter 1: Introduction Main program window and Start Page To start OmniPeek: ● Choose Start > All Programs > WildPackets OmniPeek. The main program window and Start Page appears. The parts of the main program window are described below. Toolbar Status Bar ● Toolbar: Provides icons for frequently-used tasks in OmniPeek. The function of each icon appears at a tooltip. Choose View > Toolbars > Show Toolbars to toggle the display of the icons in this toolbar. ● Status Bar: Shows brief context-sensitive messages on the left and the current monitor adapter on the right. Choose View > Status Bar under the menu to toggle the display of this status bar. Start Page: Provides links to useful resources, both local and online. You can: ● ● ● open recently saved Capture files (click Open Capture File button) start a new OmniPeek console capture (click New Capture button) 4 Main program window and Start Page OmniPeek Getting Started Guide ● ● ● ● ● ● start a new remote engine capture (click View Remote Engines button) view the Readme file open the HTML version of the Getting Started Guide open PDF versions of related hardware documents access online resources and technical support Network Statistics Gauge: Shows network utilization as analog dials with corresponding digital displays. Choose Monitor > Network to display. OmniPeek Log: Records Start, Stop, and other OmniPeek events. Choose View > Log to ● display. Displaying the Remote Engines window The Remote Engines window is used for interaction between the OmniPeek console and the OmniEngines. The Remote Engine window allows you to perform many of the same operations on a remote engine that you can perform locally with OmniPeek. Do one of the following to display the Remote Engines window: ● ● Choose View > Remote Engines. Click the View Remote Engines button on the Start Page. The Remote Engines window appears. Insert Engine Discover Engine Insert Group Delete Connect Disconnect Displaying the Remote Engines window 5 Chapter 1: Introduction Connecting to a remote engine In order to view packets and data from a remote engine, you must first connect to the engine from the Remote Engines window. To connect to a remote engine: 1. From the Remote Engines window, click the Insert Engine icon. The Connect dialog appears. 2. Complete the dialog: ● ● Host: Enter the IP address of the OmniEngine that you want to connect to. Port: Enter the TCP/IP Port used for communications. Port is the default port for the WildPackets OmniEngine. Authentication: Select the method used to authenticate the user. Typically, you would select Default if you don’t use a third-party authentication server. Domain: Type the Domain for login to the remote engine. If the remote engine is not ● ● a member of any Domain, leave this field blank. ● ● Username: Type the Username for login to the remote engine. Password: Type the Password for login to the remote engine. 3. Click Connect. When the connection is established, the remote engine appears in the Remote Engines window. 6 Connecting to a remote engine OmniPeek Getting Started Guide Tip You can add multiple OmniEngines to the Remote Engines window by using the Insert Engine icon. 4. Click the Insert Group icon to add a group of engines to the Remote Engines window. 5. Select the engine group and click Insert Engine to add an engine to the group. Connecting to a remote engine 7 Chapter 1: Introduction Discover OmniEngines When you click the Discover button in the Remote Engines window, the Discover Engines dialog appears. This dialog lets you search for OmniEngines installed on the network. You can then select the specific OmniEngines that you want to display in the Remote Engines window. ● Engines: Displays the OmniEngines found on the network. Select the check box of the OmniEngine that you want to display in the Remote Engines window. Discover: Click to search for OmniEngines installed on the local segment of your network. The box on the right will change from Listening to Finished when all network- ● available OmniEngines are discovered. ● Advanced Settings: ● Listen time: Enter the number of seconds that the OMC will listen for responses to the discovery request. You can enter a minimum of 2 and a maximum of 30 seconds. Device backoff time: Enter the number of seconds that the devices will wait before ● responding to a Discover request. The Device backoff time should always be less than the listen time. You can enter a minimum of 0 and a maximum of 10 seconds. 8 Connecting to a remote engine OmniPeek Getting Started Guide Note You will need to select an engine in the Remote Engines window and connect to it before capturing packets and analyzing data. Discover OmniEngines 9 Chapter 1: Introduction 10 Connecting to a remote engine CHAPTER Capturing Packets 2 Packets are the units of data carried on the network and the basis for all higher level network analysis. The Packets view of a Capture window is where you can view information about the individual packets transmitted on your network. OmniPeek and the OmniEngines can capture packets in multiple configurable Capture windows, each with its own dedicated capture buffer and settings for filters, triggers, and statistics output. You can establish and view multiple Capture windows up to the limits of available system resources. Capture windows allow you to: ● ● View and monitor network traffic in real time Use a different adapter for each Capture window, or use the same adapter for multiple Capture windows Apply filters, both before and after capture Start or stop capture based on network events or time settings View statistics based on selected network traffic View packet contents, raw and/or decoded Save packets for post-capture analysis in Capture file windows ● ● ● ● ● Capturing packets into a Capture window Note For remote capture, see Capturing packets on a remote engine on page To capture packets: 1. To start a new capture, do one of the following: ● ● Click the New Capture button on the Start Page Choose File > New… 11 Chapter 2: Capturing Packets The General view of the Capture Options dialog appears. Capture window title Save to disk options Continuous capture options Packet slicing options Capture buffer size “Show this dialog” 2. Configure the options in the General view. 3. Click the Adapter view to select the capture adapter. Note For information on configuring settings in the other views of the Capture Options dialog, see the OmniPeek User Guide or online help. 4. Click OK. A new Capture window appears. 12 Capturing packets into a Capture window OmniPeek Getting Started Guide Start/Stop Capture 5. Click Start Capture to begin capturing packets. The Start Capture button changes to the Stop Capture button and packets begin populating the Capture window. Note You can right-click a column heading to hide or display available column headings in the Packets tab. 6. Click Stop Capture when you want to stop capturing packets. Capturing packets into a Capture window 13 Chapter 2: Capturing Packets Tip To resume capturing from where you left off, hold down the Shift key and click the Start Capture button. To empty the capture buffer and start a new capture, simply click the Start Capture button again. Capturing packets on a remote engine To capture packets on a remote engine, you must first be connected to a remote engine in the Remote Engines window. Please see Connecting to a remote engine on page 6. To capture packets on a remote engine: 1. Select New Capture under Captures on the Home tab. Tip You can also click the Insert icon on the Captures tab, or select New Capture under the name of the adapter you wish to use on the Adapters tab. The General view of the remote Capture Options dialog appears. Capture window title Save to disk options Continuous capture options Packet slicing options Capture buffer size Start capture immediately Open capture window Save as template 2. Configure the options in the General view. 3. Select an adapter in the Adapter view. 14 Capturing packets on a remote engine OmniPeek Getting Started Guide Note For information on configuring settings in the other views of the Capture Options dialog, please see the OmniPeek User Guide or online help. 4. Click OK. A new remote engine Capture window appears. 5. Click Start Capture to begin capturing packets. The Start Capture button changes to Stop Capture and packets begin populating the capture window. Tip You can right-click a column heading to hide or display available column headings in the Packets view. 6. Click Stop Capture when you want to stop collecting packets into the remote capture buffer. Capturing packets on a remote engine 15 Chapter 2: Capturing Packets For instructions about using the Forensics Capture template, see Creating forensic captures on page For instructions about using the Monitoring Capture template, see Using the remote monitoring capture template on page Note Users without permission to create or modify remote engine Capture windows will find features grayed out, missing, or receive an error message indicating the task is not allowed. For details, see the OmniEngine Getting Started Guide or the online help in the Omni Management Console application. 16 Capturing packets on a remote engine CHAPTER Viewing Decoded Packets 3 Network problems are revealed more quickly by looking at the detailed information contained in individual packets. Looking into the packets can help you troubleshoot your network, track down a security breach, or examine protocol structure and compliance. The packet decode window You can view detailed information about each packet by viewing the packet’s decode. To view the decode of a packet: 1. Double-click a packet in the Packets view of a Capture window. The Packet Decode window appears. The decoded packet data is presented in byte order from top to bottom. Window navigation Decoder options Window header Information added by OmniPeek Decode view Offsets Hex and ASCII view 17 Chapter 3: Viewing Decoded Packets Tip You can open individual Packet Decode windows for up to 10 packets at once. When multiple packets are selected in the active Packet List, click Enter to open them all. 2. Click on the - minus or + plus signs in the margin to collapse or expand the view of any header section. ● Window header: ● Click the Decode Previous or Decode Next buttons at the top of the window to step through the packets shown in the Packet List of the active Capture window. ● Decode view: ● The items in green at the top of the Decode view include information on the Flags, Status, Packet Length, and Timestamp of the packet. This information is not in the packet itself, but is added by OmniPeek. The body of the Decode view is laid out in the same order as it appears in the packet. A quick glance at this section often reveals the source of trouble. Problems like a misconfigured client, or incompatible versions of the same protocol from different vendors can be easily understood when you can see and compare the packets themselves. ● ● Hexadecimal view: ● The Hex view at the bottom of the decode window shows the offset of the first character in each line, the raw packet data in hex, and the ASCII version of raw packet data 3. Highlight an item in one part of the window. The same bytes of the packet are highlighted in all the other views or panes as well. The highlight matches in the Decode, Hex, and ASCII panes. Color coding is used to link the Decode view with the Hex view for both Hex and its ASCII equivalent. The Hex and ASCII views are in turn linked to the color of the protocol shown in the Protocols column of the Packet List. Tip Right-click and choose Show Colors to toggle display of colors. 18 The packet decode window OmniPeek Getting Started Guide Toggle Orientation Highlights match: Decode Hex ASCII Tip Use the Toggle Orientation icon in the toolbar to tile the Decode and Hex views vertically or horizontally. The packet decode window 19 Chapter 3: Viewing Decoded Packets 20 The packet decode window CHAPTER Forensics Analysis 4 Data reduction is the key to network forensics. Using the remote engine Files tab, you can select one or more Capture files on the remote engine and search them for the specific data you wish to analyze. Creating forensic captures On a remote engine, you can create a new Capture window based on a pre-defined Forensics Capture template configured with capture settings optimized for post capture forensic analysis. Forensics captures are saved automatically to the OmniEngine. Their filenames are listed in the Dashboard view of Capture windows and in the remote engine Files tab. From the Files tab, you can refine your search by start time, end time, any available filter, and specify which Capture window views you want to display for further analysis. To start a Forensics Capture: 1. On the Home tab, select New Forensics Capture under New Capture. The remote Capture Options dialog appears with settings configured for a Forensics Capture, such as Continuous capture with save to disk. 2. Click the Adapters view and select an adapter for the capture. 3. Click the Performance view. Notice that all of the statistics are disabled in order to optimize packet capture to disk. 4. Click OK. A remote engine Capture window appears with capture already under way. 5. Click the Dashboard view. The Files area displays the list of files saved to the OmniEngine computer as the user-defined buffer fills. 21 Chapter 4: Forensics Analysis Note The Top Talkers by IP Address area is blank for Forensic Captures, since it is available only when statistics are enabled. 6. Return to the Remote Engines window and click the Files tab. The forensics capture will appear in the list of files saved to the OmniEngine computer. 22 Creating forensic captures OmniPeek Getting Started Guide Tip Captures that are still under way will have a small gear on the icon to the left of their filenames. Using the remote engine files tab The Files tab of a connected remote engine allows you to search one or more files by means of specific criteria to find the data that you want to analyze. You can set a start and end time, use any available filter, and restrict the resulting remote File View window to the Capture window views you require for analysis: ● ● ● ● ● Packets Expert Statistics Analysis Modules Graphs The Files tab lists the Capture files that are saved to the Data folder on the OmniEngine computer. The Data folder is configured in the General view of the Omni Engine Wizard. For details, see the OmniEngine Getting Started Guide or the online help in the Omni Management Console application. Delete Save Refresh New Files View The clickable icons are described below. ● New Files View: Opens the New Files View dialog, where you can enter criteria for the forensics search. See New file view dialog on page Using the remote engine files tab 23 Chapter 4: Forensics Analysis ● ● Save: Saves selected file(s) to the OmniPeek console computer. Delete: Deletes selected file from the Files tab and from the Data folder where it is stored on the OmniEngine computer. ● Refresh: Updates the list of files in the Files tab. New file view dialog The New File View dialog allows you to configure the criteria for the forensic search. To open the New File View dialog, do one of the following: ● ● ● Click the New File View icon in the toolbar. Double-click a single selected file. Right-click one or more selected files and choose New File View. The New File View dialog appears. The parts of the dialog are identified below. ● ● Network Media: This section lets you select a the Media type of Adapter for the search. Time Range: This section lets you set the Start time and End time for your File View results. 24 Using the remote engine files tab OmniPeek Getting Started Guide ● Filters: Click this button to select one or more filters to use in your File View selection; otherwise, Accept all packets. Analyze: Select the check boxes next to the views that you want to view in the new File View window. ● Discovering and analyzing data To search for data from within Capture file(s): 1. Click the Files tab of a connected remote engine. 2. Select one or more files that you wish to search. 3. Right-click and choose New File View. The New File View dialog appears. 4. Complete the dialog with the search criteria of your choice. 5. Click OK. A new File View window appears with the data you have selected for analysis. Note that this OmniEngine File View window does not contain the Graphs view, since it was deselected in the New File View dialog. 6. Select the views of the remote engine Capture window containing the data you wish to analyze. 7. Right-click on one or more selections to choose other post-capture analysis methods to further analyze your results. Discovering and analyzing data 25 Chapter 4: Forensics Analysis 26 Using the remote engine files tab CHAPTER Monitoring the Network 5 The Monitoring statistics function provides insight into the overall flow of network traffic. It is like the view from a traffic helicopter and can indicate bottlenecks and anomalies. Use Monitor statistics to identify trends and current conditions that may signal unexpected network problems. To enable Monitor statistics on the console: 1. Choose Monitor > Monitor Options The Monitor Options dialog appears. 2. Click the Adapter view. 3. Select a locally installed network adapter listed under Local machine. 4. Click OK. 5. Select Monitor Statistics in the Monitor menu to enable the collection of Monitor statistics. 27 Chapter 5: Monitoring the Network The program begins monitoring traffic from the selected adapter in the background. The OmniPeek console will continue to collect Monitor statistics from the selected adapter until you quit the program or deselect Monitor statistics from the Monitor menu. Displaying Monitor statistics on the console You can view various Monitor statistics windows by going to the Monitor menu and selecting a type of statistic to view: ● ● Nodes: Displays real-time data organized by network node. Protocols: Displays network traffic volume, in packets and in bytes, broken down by protocol and subprotocol. Network: Displays network statistics in two different ways: ● ● The Gauge tab displays network statistics as three analog dials with corresponding digital displays at their centers. A history graph under the gauges displays maximum (red line) and average (yellow line) values. The Value tab displays network statistics: duration, aggregate counts and volumes, error packets, and both Total Errors and CRC. ● ● Size: Displays the Packet Size Distribution graph, showing what percentage of the packets on the network are in each size class (according to their length in bytes). 28 Displaying Monitor statistics on the console OmniPeek Getting Started Guide ● Summary: Displays summary of key network statistics in real time. You can use summary Statistics to baseline “normal” network activity, save the data, then compare saved statistics with those observed during periods of erratic network behavior. See Baselining with summary statistics. History: Displays a graph of network performance at selected intervals over time. Channel: Displays channels statistics in two different ways: ● ● ● The Channel tab displays a variety of statistics and counts for each channel, laid out in tabular form. The Signal tab displays continuously updated bar graphs of signal strength for monitored network traffic ● ● WLAN: Displays an SSID (Service Set Identifier) tree view of wireless nodes. Note Equivalent views of Monitor statistics windows are available in Capture windows. See Chapter 7, Wireless Statistics in Capture Windows. Baselining with summary statistics The summary statistics feature allows you to monitor key network statistics in real time and save these statistics for later comparison. Use this feature to baseline “normal” network activity, save the data, then compare saved statistics with those observed during periods of erratic network behavior to help pinpoint the cause of the problem. Summary statistics are also extremely valuable in comparing the performance of two different network segments. For example, a field support engineer could compare the real-time statistics on a client’s network with a saved “healthy” router snapshot and easily diagnose or eliminate the source of inconsistent or poor router performance. To baseline with summary statistics: 1. Choose Monitor > Summary. The Summary Statistics window appears. Baselining with summary statistics 29 Chapter 5: Monitoring the Network Snapshot icon 2. Click the Snapshot icon. The real-time network traffic data displayed in the Current column is copied to a new column identified as Snapshot # (where # is the sequence number of the Snapshot). The new Snapshot column also shows the date and start time at which the Snapshot was made. Tip Right-click in the column of a Snapshot you wish to remove and select Delete Snapshot #. 3. Choose File > Save Summary Statistics to save the information to a text file. 30 Baselining with summary statistics OmniPeek Getting Started Guide Using the remote monitoring capture template On a remote engine, you can use the Monitoring Capture template to view and analyze Expert and statistical data. The template is optimized to display high level network statistics produced from a monitoring capture. To use the Monitoring Capture template: 1. In the Remote Engines window, select New Captures on the Home tab of a connected remote engine. See Connecting to a remote engine on page 6. 2. Choose New Monitoring Capture The Capture Options dialog appears, with settings preconfigured for a Monitoring Capture, such as Continuous capture with no save to disk. 3. Click the Adapters view and select an adapter. 4. Click the Performance view and notice that all the statistics are enabled. 5. Click OK. A new remote engine Capture window appears. 6. Click the statistics views to see various displays of the data in the remote capture. 7. Click the Dashboard view to see network statistics for this capture. Using the remote monitoring capture template 31 Chapter 5: Monitoring the Network The Dashboard view of a remote engine Capture window displays: ● Traffic History—30 Minute Window (10 second average): Graph of network traffic in Bits/second. ● Current Activity: Three analog gauges with corresponding digital displays at their centers showing: ● ● ● network utilization (as a percent of capacity) traffic volume (in packets per second), error rate (total errors per second) ● Files: Displays list of files saved to the remote engine computer when Capture-to-disk is enabled in the General view of the remote Capture Options dialog. This feature is automatically enabled for remote engine captures using the Forensics Capture template. See Creating forensic captures on page ● Top Talkers by IP Address: Graph of top “talkers” on the network, broken out by node. Note Top Talkers by IP Address is automatically enabled for remote engine captures based on the Monitoring Capture template. This area displays Not Available for remote engine captures using the Forensic Capture template. See Creating forensic captures on page 32 Using the remote monitoring capture template CHAPTER Creating Graphs 6 In addition to the standard statistical displays available from the Monitor menu and Capture window views, the OmniPeek console and the OmniEngines offer multiple methods for displaying individual statistical items or groups of statistics in user-defined graphs. Creating a graph from a console Capture window This section shows you how you can easily create a graph from a Capture window. You can graph any statistics item calculated in the Nodes, Protocols, Summary, WLAN, or Channels views of a Capture window. Note You can also create graphs from any equivalent window of Monitor Statistics in the console. To create a graph from a statistics view: 1. From a Capture window, select one of the statisticsor wireless views. 2. Right-click the item you wish to graph and then select Graph. The Graph Data Options dialog appears. 33 Chapter 6: Creating Graphs 3. Select Display graph in new window. 4. Complete the dialog and click OK. The graph is displayed in a new window. Area Bar Line Options Pause 5. Click the Bar, Area, and Line icons to vary the display of the graph. Tip Click the Options icon for more graph display options. 34 Creating a graph from a console Capture window OmniPeek Getting Started Guide Creating a top ten protocols graph on a remote engine This example shows you how to create a graph displaying the top ten protocols used in a remote engine Capture window. To create a Top Ten Protocols graph from a remote engine Capture window: 1. Open the Protocols view in a remote engine Capture window. 2. Select the Flat view of the Protocols view. 3. Select and highlight the first ten protocols in the list. 4. Right-click the selected protocols and then click Graph The Create / Edit Graph Template dialog appears. 5. Change the Name to “Top Ten Protocols” and click OK. 6. Click the Graphs view of the remote engine Capture window and enable the Top Ten Protocols graph template. Creating a top ten protocols graph on a remote engine 35 Chapter 6: Creating Graphs 7. Click the Start Capture button to begin capture. As the capture progresses, you will see the graph forming in the right pane of the Graphs tab. Tip Right-click in the graph area and choose Gallery for alternative graph options. 36 Creating a top ten protocols graph on a remote engine CHAPTER 7 Wireless Statistics in Capture Windows OmniPeek calculates a variety of key statistics in real time and presents these statistics in intuitive graphical displays. You can save, copy, print, or automatically generate periodic reports on these statistics in a variety of formats. (Please see the OmniPeek User Guide or online help for information on generating statistics reports.) Two distinct program functions—Monitor statistics and packet capture—provide statistics in the program. The two differ in the traffic stream on which their statistics are calculated: ● Statistics presented by the Monitor statistics function of the OmniPeek console are based on all the traffic seen on the adapter selected in the Monitor Options dialog since Monitor statistics calculations began. (See Chapter 5, Monitoring the Network). Statistics in a Capture window reflect all the packets accepted into the buffer of the Capture window since capture began, based on traffic seen on the adapter selected in the Capture Options dialog. Capture windows provide the following statistics views: Nodes, Protocols, Summary, Graphs (and, when an adapter is selected), WLAN, Channels, and Signal. ● This chapter introduces the features in the WLAN, Channels, and Signal views of Capture windows. The WLAN view The WLAN view shows an SSID (Service Set Identifier) tree view of wireless nodes. The hierarchy is: ● ESSID (Extended Service Set Identifier): the name of a logical group of access points ● BSSID (Basic Service Set Identifier): a single access point ● STA (Station): a client associated to the particular access point The parts of the WLAN view are identified below. 37 Chapter 7: Wireless Statistics in Capture Windows Node Type Summary Counts Color Globe ● The header section provides summary counts of Wireless Networks, Ad Hoc Networks, Access Points, and Clients (STAs). Node Type: Lets you limit the display to selected nodes. Color globes: Indicate the type of node. ● ● ● ● ● ● ● Blue: ESSID Pink: AP or Ad Hoc equivalent Orange: STA or client Gray: Admin or otherwise unknown Gray with (?): Indications for a particular node are contradictory or unexpected. 38 The WLAN view OmniPeek Getting Started Guide The Channels view The Channels view of a Capture window shows a variety of statistics and counts for each channel, laid out in a tabular form. You can choose to display information by Packets, Bytes or All. Make Filter Graph Make Alarm Refresh The arrow in the left column shows which channel is being scanned. Tip Right-click in the column headers to add or remove columns from the display. The Channels view 39 Chapter 7: Wireless Statistics in Capture Windows The Signal view The Signal view shows continuously updated graphs of signal strength for traffic in the Capture window. All or AP only view Node Type Units Pause Options Geiger Counter ● All or AP only: Choose to show signals on all channels, or show only the signals of access points detected on the channels advertised in AP beacon and probe response packets. Node Type: Limit the display to traffic between certain types of nodes. Units: Choose the units of display. Options: Opens the Signal Statistics Options dialog, where you can choose to Reset graph occasionally or to toggle the Legend in the Signal view on or off. Pause: Temporarily suspend the update of the display. Geiger Counter: Acts as toggle. When enabled, makes an audible click each time the userspecified number of packets is processed on the selected adapter. ● ● ● ● ● 40 The Signal view CHAPTER Troubleshooting with the Expert 8 The Expert features in the OmniPeek console and the remote engines provide real-time analysis of response time, throughput, and a wide variety of network events and potential problems in a flow-centered view of traffic in a Capture window. The Expert EventFinder detects nearly different network events and provides descriptions, possible causes, and possible remedies organized by OSI layer. Depending on your version of the program, network events specifically related to VoIP, Wireless, WAN, and user-defined Network Policy items are also shown. The Visual Expert presents a variety of ways to look at an individual flow found in the Expert view, providing a static snapshot of all of the packets that were in the buffer for a particular flow at the time the window was created. The Expert view The Hierarchical view of the Expert view makes it easy to track events and to see them in the context of peer-to-peer or client-server traffic patterns. To display events in the Expert view: 1. From the Capture window, click Hierarchical under the Expert view. Pairs of nodes are displayed at the top level, individual conversations (flows) underneath them, and individual events nested under each flow. Color coded traffic indicator lights show whether or not packets were received in the last few seconds: ● ● green (active) white (inactive) 41 Chapter 8: Troubleshooting with the Expert EventFinder Settings Network Policy Refresh 2. Right-click in the upper pane to collapse or expand the hierarchy to display the most relevant information. Tip For information about the Expert Application view and how to determine an Apdex score for user-satisfaction with application performance, see the OmniPeek User Guide or online help. Using the Expert EventFinder Settings You can view more details about individual events in the Expert EventFinder Settings dialog. To open the Expert EventFinder Settings window: 1. Select an individual event in the Hierarchical view of the Expert view. 2. Click the EventFinder Settings icon. The Expert EventFinder Settings window appears with the particular class of event highlighted. 42 Using the Expert EventFinder Settings OmniPeek Getting Started Guide The Expert EventFinder Settings window provides information on what sensitivity or setting value was used to flag this event as significant. Tip Click Show Info to see a more complete description of the event, possible causes, and possible remedies. Using the Visual Expert The Visual Expert provides various ways of looking at an individual flow at the time the window was created. To open the Visual Expert: 1. Select Flat under the Expert view of a Capture window. 2. Right-click any flow and choose Visual Expert. The Visual Expert window appears. Using the Visual Expert 43 Chapter 8: Troubleshooting with the Expert The six tabs at the bottom of the window are described below. ● ● ● Packet Visualizer: This tab displays all of the packets for both sides of a flow. Payload: This tab reconstructs the TCP data without the header information. Graphs: This tab displays five types of graphs: ● Throughput: Displays the rolling average throughput for the flow, in TCP Sequence Number order over time. Latency: Displays the time between a packet and the request packet that it acknowledges. Sequence: Displays TCP SEQ numbers across time, a simple version of the information in the tcptrace graph. tcptrace: Displays varied visualizations of a TCP flow. TCP window: Displays the size of the available TCP window as it expands and ● ● ● ● contracts through the course of the TCP session in the current flow. 44 Using the Visual Expert OmniPeek Getting Started Guide Tip Highlight the graph names in the navigation bar to see all of the graphs at once. ● What If: This tab lets you estimate the effects of changes in various network and application parameters on throughput, utilization, and response times in the current flow. ● Compare: This tab can find a particular flow in any other open file or capture, and display the two separately captured instances of that flow side by side, noting any detailed differences between the two. Summary: This tab displays the same data that appears in the Node Details pane of the Expert tab. ● Using the Visual Expert 45 Chapter 8: Troubleshooting with the Expert 46 Using the Visual Expert CHAPTER Creating Filters 9 Filters let you focus on specific traffic. If you want to check a problem between two particular devices, perhaps a computer and a printer, address filters can capture just the traffic between these two devices. If you are having a problem with a particular function on your network, a protocol filter allows you to focus on traffic related to that particular function. Filters work by testing packets against the criteria specified in the filter. Packets whose contents meet these criteria match the filter. You can build filters to test for just about anything found in a packet: addresses, protocols, sub-protocols, ports, error conditions, and more. Filters are so easy to create in that you can often create a custom filter on-the-fly while analyzing suspect traffic on your network. Enabling a filter In addition to the filters that you create, the program includes numerous pre-defined filters. You can enable one or more filters when capturing or monitoring packets. To enable filters when capturing packets: 1. Click the Filters view in a Capture window. 47 Chapter 9: Creating Filters Reject Matching Start/Stop Capture 2. Select the filter or filters that you want to enable. Note For a remote engine, you will need to send your selections to the remote engine by clicking the yellow bar below the toolbar icons labeled Click here to send changes. 3. Click the Start Capture button to begin capturing packets. Any packets that match the filters that are enabled are placed into the capture buffer. Alternately, you can choose to place the packets that do not match the filter in the capture buffer by clicking the Reject Matching icon. Creating filters with the Make Filter command You can use the Make Filter command to easily create a filter based on the address, protocol, and port settings of an existing packet, node, protocol, conversation, or packet decode. To create a filter with the Make Filter command: 1. Right-click a packet, node, protocol, conversation, or packet decode item from one of the views available in a Capture window and choose Make Filter. The Insert Filter dialog appears with the Address, Protocol, and Port settings already configured with the information from the packet that was selected. 2. Enter a new name in the Filter text box and make any additional changes. 48 Creating filters with the Make Filter command OmniPeek Getting Started Guide 3. Click OK. The new filter is now available whenever a list of available filters is displayed. 4. To enable the new filter in your Capture window, click the Filters view and select the check box of the new filter. The filter is applied immediately, even if a capture is already under way. Creating a simple filter You can create a simple filter by manually entering the parameters for the filter that you want to create. Unlike creating a filter using the Make Filter command, you will have to manually define the parameters (address, protocol, and port settings) for the filter you want to create. Note For information on creating more advanced filters, refer to the OmniPeek User Guide or online help. To create a simple filter by defining an address and protocol: 1. Do one of the following to open the Filters view: ● ● ● Click the Filters view in an open Capture window Choose View > Filters from the main menu Click the Filters view in the remote Capture Options dialog Insert Creating a simple filter 49 Chapter 9: Creating Filters 2. Click the Insert icon. The Insert Filter dialog appears. 3. Give your new filter a name. 4. Complete the address, protocol, or port setting information and click OK. The new filter is now available whenever a list of available filters is displayed. 5. To enable the new filter in your Capture window, click the Filters view and select the check box of the new filter. The filter is applied immediately, even if a capture is already under way. 50 Creating a simple filter CHAPTER Using the Peer Map 10 The Peer Map view in the OmniPeek console is a powerful tool for visualizing network traffic in a Capture window. The Peer Map graphically displays all of the nodes, or a user-defined subset, detected in a particular Capture window. Communications between nodes is indicated with line segments. The line between nodes can be color-coded to show which protocol is used. The thickness of the line indicates the volume of traffic between nodes. The Peer Map view To display the Peer Map: 1. Open a Capture window and begin capturing traffic. 2. From the Capture window, click the Peer Map view. 51 Chapter Using the Peer Map Peer Map Options Peer Map Header Peer Map Tabs 3. Click the Peer Map Options icon to open the Peer Map Options dialog. This dialog lets you choose to show or hide displayable icons, node visibilities, and protocol line segment gaps. 4. Use the tabs in the right pane to configure Peer Map settings: ● Profiles: This tab lets you configure settings into a profile that controls the appearance and layout of the Peer Map. The toolbar in the task pane allows you to save, edit, duplicate, delete, import, and export profiles. ● Configuration: This tab lets you set the basic parameters of the Peer Map, what part of the traffic in the Capture window’s buffer is displayed, and how the protocols (line segments) are displayed in the Peer Map. ● Node Visibilities: This tab displays node counts and nodes that are both shown and hidden in the Peer Map. 5. Right-click in the Peer Map area for other options, including: 52 The Peer Map view OmniPeek Getting Started Guide ● Arrange: If you have changed the appearance of the Peer Map by dragging nodes to new positions, this option arranges the node back to the ellipse of the Peer Map. ● Node Details: This option opens the Detailed Statistics dialog and shows details of the selected node. Tip Hold the cursor over a particular node in the Peer Map to see a tooltip with more information about this node. The Peer Map view 53 Chapter Using the Peer Map 54 The Peer Map view CHAPTER Using VoIP Analysis 11 VoIP (Voice over IP) refers to the protocol suites used to set up and maintain two-way voice and video communications over the Internet. If you have purchased OmniPeek with Enhanced Voice Analysis, a VoIP view is available in Capture windows. The VoIP view provides real-time data and statistics on both open and closed calls found on a particular network interface. Note OmniPeek and OmniEngines may also have a Voice Media view in the Expert view of Capture windows. Please see the OmniPeek User Guide or online help for details. The VoIP view The VoIP view of a Capture window opens in Call oriented mode, displaying a view of all calls in the Capture window. To display the VoIP tab: 1. From a Capture window, click the VoIP view. 55 Chapter Using VoIP Analysis 2. Click Start Capture. VoIP calls appear first under Open Calls and then under Closed Calls as they are completed. Toolbar Open Calls Closed Calls Export Settings Import Settings VoIP Filter Setup Open Call Statistics Closed Call Statistics Find Save csv 3. Click the Closed Call Statistics button. The Statistics view for the sum total of current closed calls appears. 4. Click the tabs to see each type of statistics, such as Bandwidth Utilization below. 56 The VoIP view OmniPeek Getting Started Guide Analyzing a single call or channel The VoIP tab offers many ways to view the details of a particular call or channel. To open the Call Details window for an individual call: 1. Double-click a closed call with media from the initial VoIP tab. (A call with media is one with data in the Media Channels column.) The Call Details window appears. Analyzing a single call or channel 57 Chapter Using VoIP Analysis Save txt Back Help Initial VoIP view 2. Double-click a media channel in the Media table. The Channel Properties window appears. 58 Analyzing a single call or channel OmniPeek Getting Started Guide 3. Click the tabs to see the information available in each field. 4. Click the Audio button. The playback feature allows you to hear what difference various jitter buffer settings will make in the sound quality of the selected media channel. Analyzing a single call or channel 59 Chapter Using VoIP Analysis 60 Analyzing a single call or channel APPENDIX A Keyboard Shortcuts Shortcut Ctrl + N Ctrl + O Ctrl + S Ctrl + P Alt + F4 Ctrl + Z Ctrl + X Ctrl + C Ctrl + V Ctrl + B Ctrl + A Ctrl + D Ctrl + E Description Creates a new Capture window. Opens an OmniPeek Capture file or other supported file type in a new Capture file window. Opens the Save dialog to save all packets in the active window. Prints the active window in a format appropriate to its type. Quit OmniPeek. Undoes the last edit. Cuts the highlighted item(s) and copies to the clipboard. Copies highlighted item(s) to the clipboard. Pastes the current contents of the clipboard. Deletes all packets from the active Capture window. Selects all packets, text, or items in a window. Removes all highlighting and selection. Opens the Select dialog, where you can use filters, ASCII or hex strings, packet length, and Analysis Modules to select captured packets. Removes selected packets from the display without deleting them. Hidden packets are not processed further. Removes unselected packets from the display without deleting them. Hidden packets are not processed further. Ctrl + H Ctrl + Shift + H 61 Appendix A: Keyboard Shortcuts Shortcut Ctrl + U Ctrl + G Description Restores all previously hidden packets to normal status. Opens the Go To dialog where you can choose a packet number to jump to. If packets are selected, the number of the first selected packet is shown. Jumps to the next selected packet. Undoes the last edit. Opens the Filters window. Opens the Log window. Toggles the packet capture function. Opens the monitor Node Statistics window. Opens the monitor Protocol Statistics window. Opens the monitor Network Statistics window. Opens the monitor packet Size Statistics window. Opens the monitor Summary Statistics window. Opens the monitor History Statistics window. Opens the monitor Channel Statistics window. Opens the monitor WLAN Statistics window. Makes the next window in sequence the active window. Makes the previous window in sequence the active window. Launches the Online Help.

Источник: [hasu.com.ar]
OmniEngine Enterprise Version: 4.0 serial key or number

Installing an OmniEngine - WildPackets

Copyright © , WildPackets, Inc. All rights reserved. Information in this document is subject to change withoutnotice. No part of this document may be reproduced or transmitted in any form, or by any means, electronic ormechanical, including photocopying, for any purpose, without the express written permission of WildPackets, hasu.com.arek SE, AiroPeek NX, AiroPeek VX, Compass Live, EtherPeek SE, EtherPeek NX, EtherPeek VX, GigabitAnalyzer Card, GigaPeek NX, iNetTools, NAX, NetDoppler, NetSense, Network Calculator, Omni³, Omni CaptureEngine, Omni Desktop Engine, Omni DNX Engine, OmniAdapter, OmniAdapter 10G, OmniAdapter 40G,OmniEngine Desktop, OmniEngine Enterprise, OmniEngine Manager, OmniEngine Workgroup, Omni ManagementConsole, Omni PacketGrabber, Omni Virtual Network Service, OmniPeek, OmniPeek Basic, OmniPeek Connect,OmniPeek Enterprise, OmniPeek Enterprise Connect, OmniPeek Personal, OmniPeek Professional, OmniPeekWorkgroup, OmniPeek Workgroup Pro, OmniPeek Personal, Omnipliance, Omnipliance Core, Omnipliance Edge,Omnipliance Portable, Omnipliance SuperCore, OmniSpectrum, OmniVirtual, OmniWatch, PacketGrabber, PeekDNX, ProConvert, ProtoSpecs, RFGrabber, RMONGrabber, TimeLine, TimeLine Network Recorder, WAN AnalyzerCard, WANPeek NX, WatchPoint, WildPackets, WildPackets Academy, WildPackets Compass, and WildPacketsOmniAnalysis Platform are trademarks of WildPackets, Inc. All other trademarks are the property of their respectiveholders.WildPackets, Inc. reserves the right to make changes in the product design without reservation and withoutnotification to its hasu.com.arting WildPacketsMailing AddressWildPackets, Inc Treat Blvd., Suite Walnut Creek, CA Voice/Fax8 AM - 5 PM (PST)() () (US only)Fax: () Salessales@hasu.com.arhasu.com.arhnical Supporthasu.com.ar hasu.com.ar for white papers, tutorials, technicalbriefs and hasu.com.ar


Professional ServicesWildPackets offers a full spectrum of professional services, available onsite or remote, to help customers make themost of their network infrastructure investment. The WildPackets Professional Services team stands ready to partnerwith you to maximize our network performance and to minimize your network downtime. WildPackets technicalinstructors, network systems engineers, and custom software developers can help you design, build, manage, andsecure a better network for your hasu.com.ar hasu.com.ar for course catalog, current public course scheduling, web-delivered courses,and consulting services.WildPackets Academy() training@hasu.com.arduct Support and MaintenanceWildPackets Maintenance Programs ensure that you grow along with our products as new features and enhancementsare added and that your usage is fully supported by our Technical Services staff. Enhanced support services areavailable with remote or onsite consulting. Developer support is also available for customers adding customenhancements to WildPackets products. All Maintenance inquiries and purchases can be accommodated bycontacting sales@hasu.com.arper CommunityTo join the WildPackets Developer Network and gain access to product plugins, plugin wizards, and APIdocumentation, please visit hasu.com.ar WildPackets, Inc.WildPackets delivers software and hardware solutions that drive network performance, enabling organizations of allsizes to actively monitor, analyze, troubleshoot, optimize, and secure their wired and wireless networks. WildPacketsproducts are sold in over 60 countries and deployed in all industrial sectors, including 80 percent of the Fortune WildPackets is a Cisco Technical Development Partner. For further information, please visit hasu.com.ar-OE70aiii


ContentsOmniEngines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1About OmniEngines. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1System requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Supported adapters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2InstallinganOmniEngine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Disable Windows guest network logins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4Windows firewall settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4Disable User Account Control (UAC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5Using the OmniEngine Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Navigating the OmniEngine Manager window . . . . . . . . . . . . . . . . . . . . . . . . . . .5Creating new engine groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8Connecting to anOmniEngine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9OmniEngine details windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Discover OmniEngines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Reconnect button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Configuring anOmniEngine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Engine Configuration—General. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Engine Configuration—Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Engine Configuration—Edit Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Updating OmniEngine software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Updating OmniEngine settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Updating OmniEngine ACL settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Credentials dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Using OmniEngines with OmniPeek . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Connecting to anOmniEngine from OmniPeek. . . . . . . . . . . . . . . . . . . . . . . . 32Capturing from anOmniEngine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Third-party authentication with OmniEngines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38OmniEngine Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38OmniEngine Linux. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40v


OmniEnginesAbout OmniEnginesBuilding on WildPackets’ award-winning network analysis technology, OmniEngines performreal-time network analysis on traffic from one or more network interfaces, including Ethernet,Gigabit, 10 Gigabit, and a/b/g/n wireless. OmniEngine captures and analyzes data inreal-time, and records data for post-capture analysis. With WildPacketsOmniEngines,network engineers can rapidly troubleshoot faults – even faults occurring at remote locations -without leaving their office.OmniEngines can be purchased in Enterprise, Desktop, and OmniVirtual versions, offering avariety of licensing and feature options. Additionally, OmniEngines are available in bothWindows and Linux flavors. Please visit our Web site at hasu.com.ar for detailsabout how to select the OmniEngine configuration that precisely fit the needs of hasu.com.arOmniEngine Linux is available only as a pre-installed configuration on the WildPacketsOmnipliance hasu.com.ar Getting Started Guide describes the features of the OmniEngines and providesinstructions on how to install, configure, and update OmniEngines with the OmniEngineManager hasu.com.ar requirementsYou can install OmniEngine on any computer meeting the following system requirements:• Windows 7, Windows Server R2, Windows Server , Windows XP Professional• Internet Explorer The following system is recommended for OmniEngine:• Intel Core i3 or higher Processor1


OmniEngine Getting Started Guide• 4 GB RAM (OmniEngine Enterprise) / 2 GB RAM (OmniEngine Desktop andOmniVirtual)• 40 GB Available Hard Disk Space (OmniEngine Enterprise) / 20 GB Available Hard DiskSpace (OmniEngine Desktop and OmniVirtual)Supported adaptersTo capture or monitor packets, you will need one or more of the following network adaptersinstalled on the computer where you install the OmniEngine:• Ethernet: For packet capture on a 10// Ethernet network, an NDIS 3 or highercompatible Ethernet, Fast Ethernet, or Gigabit promiscuous mode network adapter isrequired. For more information, visit hasu.com.ar• Full-Duplex Gigabit: For packet capture on a Gigabit Ethernet network at full-duplexmode, a WildPackets Gigabit analyzer card (OmniAdapter) is required. For informationon installing and configuring OmniAdapters, please see the documentation that shipswith the product or visit the Web site at hasu.com.aranalysis_cards.• Full-Duplex 10 Gigabit: WildPackets offers 10GbE adapter cards (OmniAdapter 10G) tocapture and analyze high-speed, full-duplex 10 Gigabit networks. For more information,please visit hasu.com.aranalysis_cards/10GbE.• Wireless (WLAN) (OmniEngine Windows only): For wireless packet capture on a WLANnetwork, a supported WLAN adapter that has the special NDIS driver installed isrequired. WildPackets has tested Atheros, Marvell, and Ralink cards for wireless hasu.com.ar more information and to download other compatible wireless drivers, please visithasu.com.arInstallinganOmniEngineYou will need Administrator level privileges to install and configure anOmniEngine. Pleasenote the IP address of the computer where you are installing the OmniEngine. You will needthe IP address to configure and connect to the OmniEngine.NoteOmniEngine Linux is available only as a pre-installed configuration on the WildPacketsOmnipliance system. If you have an Omnipliance system, you can proceed to Using theOmniEngine Manager on page 5 to configure the OmniEngine hasu.com.ar install anOmniEngine Uninstall any earlier version of the OmniEngine.2 Supported adapters


OmniEngine Getting Started GuideIf you are upgrading from a previous version of anOmniEngine, you must use theOmniEngine installer to migrate your settings from the OmniEngine. If you remove theprevious OmniEngine via the Control Panel, your settings will be lost Insert the OmniEngine Installer CD into your CD or DVD drive Follow the installation instructions that appear on the hasu.com.ar installation you are asked to enter a valid Activation Key. You can select Automaticor Manual:• Automatic: The installer uses your Internet connection to send an encrypted messageto an activation server, which retrieves and displays your Activation Key. Please writedown the Activation Key for future reference.• Manual: The installer allows you to enter the Activation Key manually. You canobtain an Activation Key in the following ways: Go to a computer with an Internetconnection and web browser and complete the request form, or call WildPacketsTechnical hasu.com.ar more information about the product activation process, please see our Web siteat hasu.com.ar You can choose to start the Remote Update Service when prompted to duringinstallation. When enabled, this service lets you use the OmniEngine Manager to scheduleand run remote software updates for the OmniEngine When the Installer has finished installing the program files to your hard disk, you canchoose to view the Readme or launch the OmniEngine Configuration Wizard of theOmniEngine Manager to configure settings for the OmniEngine. Make sure LaunchOmniEngine Configuration Wizard is selected and then click hasu.com.arant!The OmniEngine Manager is installed by default when you install OmniPeek. TheOmniEngine Manager is used to configure the OmniEngine as well as update software andsettings on multiple OmniEngines. If you do not launch the OmniEngine ConfigurationWizard here, you can access the wizard as described in Configuring anOmniEngine on page Click Yes when prompted to stop the OmniEngine. Once the OmniEngine is stopped, theGeneral view of OmniEngine Configuration Wizard appears Configure the settings in the General view and then click Next (see EngineConfiguration—General on page 14 for information on the settings) Configure the settings in the Security view and then click Next (see EngineConfiguration—Security on page 15 for information on the settings).InstallinganOmniEngine 3


OmniEngine Getting Started Guide9. Configure the settings in the Edit Access Control view and then click Next (see EngineConfiguration—Edit Access Control on page 17 for information on the settings) To start the OmniEngine so that it runs in the background, select Start the engine andthen click hasu.com.arme users may want to install both an OmniPeek console and anOmniEngine on the samecomputer. The only console that was designed to work simultaneously with anOmniEngine isthe OmniPeek Connect hasu.com.are Windows guest network loginsOmniEngines support authentication using Windows authentication services. In order toallow remote users to connect to anOmniEngine, the system administrator must disable guestnetwork logins on the OmniEngine hasu.com.ar default, a network login will give each user “guest” credentials. This must be changed sothat network logins will provide credentials based on the user’s identity. If your network used adomain to control access, you must disable the Guest account on the domain hasu.com.arant!Users allowed to use the OmniEngine are NOT required to have Administrative privileges andwe recommend restricting their rights to minimize potential security risks, especially if theOmniEngine is accessed from outside of a hasu.com.ar disable guest network logins in Windows Open the Local Security Policy editor by choosing Start > Control Panel >Administrative Tools Click Security Options under the Local Policies heading Verify that the following Policies are set:• Accounts: Guest Account Status is disabled• Network Access: Sharing and security model for local accounts is set to Classic - localusers authenticate as themselvesWindows firewall settingsIf you have firewall settings enabled on the OmniEngine computer, you must open Port and through the Windows firewall, or disable the Windows firewall completely.4 InstallinganOmniEngine


OmniEngine Getting Started GuideTo manage Windows firewall settings Open the Windows Security Center editor by choosing Start > Control Panel >Security Center Click Windows hasu.com.are User Account Control (UAC)OmniEngine is not compatible with User Account Control (UAC) in Windows 7 andWindows Server You must disable UAC in those operating systems in order to runOmniEngine.To disable UAC in Windows 7 and Windows Server Open the User Accounts editor by choosing Start > Control Panel > User Accounts Click Change User Account Control settings Move the slider to the Never Notify position Click OK If you are prompted for an administrative password or confirmation, type the passwordor provide confirmation Restart the hasu.com.ar the OmniEngine ManagerThe OmniEngine Manager is installed by default when you install OmniPeek. You can run theOmniEngine Manager from the OmniPeek computer to do the following:• Configure OmniEngines• Schedule and run remote software updates for multiple OmniEngines (OmniEngineWindows only)• Distribute settings for filters, alarms, and graphs templates across multiple OmniEngines• Distribute Access Control Lists (ACLs) to multiple OmniEngines in a single Domain(OmniEngine Windows only)Navigating the OmniEngine Manager windowTo start the OmniEngine Manager from the OmniPeek computer:• Choose Start > All Programs > WildPacketsOmniEngine Manager. The OmniEngineManager window hasu.com.are User Account Control (UAC) 5


OmniEngine Getting Started GuideThe parts of the OmniEngine Manager window are described hasu.com.arrWorkspaceOmniEngineDetailsWindowLogStatus Bar• Toolbar: The toolbar allows you to control the following program functions:View Workspace DeleteConfigurationOpenDiscover DisconnectRestartUpdate SoftwareUpdate SettingsUpdate ACLInsertSaveView Log WindowRefreshConnectHelp Topics• Open: Click to open anOmniEngine Manager Workspace (*.omc) file.• Save: Click to save the selected OmniEngine Manager Workspace (*.omc) file.• View Workspace: Click to hide/show the Workspace pane.• View Log Window: Click to hide/show the Log pane.• Insert: Click to insert a new OmniEngine group or single OmniEngine.6 Using the OmniEngine Manager


OmniEngine Getting Started Guide• Discover: Click to discover OmniEngines via UDP multicast. See DiscoverOmniEngines on page • Delete: Click to delete the selected OmniEngine group or single OmniEngine.• Connect: Click to display the Connect dialog, allowing you to connect to the selectedOmniEngine. See Connecting to anOmniEngine on page 9.• Disconnect: Click to disconnect the OmniEngine Manager from the OmniEnginedisplayed in the active window.• Refresh: Click to update the active OmniEngine window with the latest informationfrom the OmniEngine.• Configuration: Click to start the OmniEngine Configuration Wizard to configure theOmniEngine. See Configuring anOmniEngine on page • Restart: Click to restart the OmniEngine. See Reconnect button on page • Update Software: Click to update the OmniEngine software for one or moreOmniEngines using the Update Service. See Updating OmniEngine software on page• Update Settings: Click to update the settings for Filters, Alarms, or Graphs for oneor more OmniEngines. See Updating OmniEngine settings on page • Update ACL: Click to distribute a single Access Control List (ACL) to multipleOmniEngines running on machines belonging to the same Domain. See UpdatingOmniEngine ACL settings on page • Help Topics: Click to display online help for the OmniEngine Manager application.• Workspace: This area displays the hierarchy of OmniEngine groups and singleOmniEngines. At initial program start, this area is empty containing only the root listing,Workspace. As you add OmniEngines, you can save the list of OmniEngines in theWorkspace to a Workspace file (*.omc) that can also be opened in other computersrunning the OmniEngine Manager.• OmniEngine Details window: This area displays the details and tabbed views for theOmniEngine. Each OmniEngine window can have Status, Filters, Alarms, and Graphsviews. Double-click any OmniEngine in the Workspace to view the details for thatOmniEngine.• Log: This area shows the messages sent to the Log file, including program start and thestatus of update tasks.• You can right-click to Copy, Clear, or Save the contents of the Log file.• Choose File > Save log to save the Log file as a text hasu.com.arting the OmniEngine Manager window 7


OmniEngine Getting Started Guide• Status Bar: The status bar displays the status of the program and the full path and filename of the current Workspace hasu.com.ar can float the Workspace and Log panes, or drag either to dock it in a different location. Totoggle between floating and docking, double-click the title bar of the hasu.com.arng new engine groupsYou can organize OmniEngines in groups or add single OmniEngines one at a time to hasu.com.ar create a new group in the Workspace Select the location in the Workspace under which the new group should appear Click the arrow beside the Insert icon in the toolbar and choose Insert hasu.com.ar new group appears with its default name (New Group) ready to hasu.com.ar change the name of a group in a Workspace file, right-click and choose Rename.8 Using the OmniEngine Manager


OmniEngine Getting Started GuideConnecting to anOmniEngineYou can connect to anOmniEngineand add it to the hasu.com.ar add anOmniEngine to the Workspace Select the location in the Workspace under which the new OmniEngine should appear Click the arrow beside the Insert icon in the toolbar and choose Insert Engine. TheConnect dialog appears Complete the dialog:• Remote Engine: Enter the IP address of the OmniEngine that you want to connect to.• Port: Enter the TCP/IP Port used for communications. The default port for theWildPackets DNX protocol is • Authentication: Select the method used to authenticate the user. Typically, you wouldselect Default if you don’t use a third-party authentication hasu.com.arr OmniEngine Linux, select Third Party authentication.• Domain: Type the Domain for login to the OmniEngine. If the OmniEngine is not amember of any Domain, leave this field blank.• Username: Type the Username for login to the OmniEngine.• Password: Type the Password for login to the OmniEngine.NoteIf you leave the Username and Password fields blank, the OmniEngine Manager attempts tolog in using the current Windows login hasu.com.arting to anOmniEngine 9


OmniEngine Getting Started Guide4. Click OK. The OmniEngine is added to the Workspace and its OmniEngine window isdisplayed showing details for that OmniEngine. See OmniEngine details windows on pageNoteWhen you close the OmniEngine Manager window, you are automatically disconnected fromany OmniEngine displayed in the OmniEngine Manager. When you start the OmniEngineManager again, all OmniEngines are in a disconnected state. You will need to reconnect to anyOmniEngine that you want to configure or update.OmniEngine details windowsAn OmniEngine details window displays status information about the OmniEngineand liststhe filter, alarm, and graph settings that can be distributed from the OmniEngine to otherOmniEngines using the OmniEngine Manager. An OmniEngine details window can have thefollowing tabs: Status, Filters, Alarms, and Graphs Using the OmniEngine Manager


OmniEngine Getting Started Guide• The Status tab displays details about the connected OmniEngine. It includes the Name,IP Address and Port configured for the OmniEngine, User, product and file Version forthe OmniEngine, and whether or not the Update Service is running. For details, seeUpdating OmniEngine software on page • Captures: Shows all the captures defined for the OmniEngine, including the Name,Status (Capturing or Idle), Duration, Adapter it is using, and the Owner.• Adapters: Shows all the adapters available to the OmniEngine, including the Title,Description, physical Address, and the network hasu.com.ar print the Status tab of anOmniEngine window, make it the active window and choose File> Print….• The Filters tab lists all the filters defined for the OmniEngine• The Alarms tab lists each Alarm defined for the OmniEngine• The Graphs tab lists all the remote graph templates defined for the OmniEngine• The Audit Log tab lists all available information regarding events taking place on theOmniEngineOmniEngine details windows 11


OmniEngine Getting Started GuideYou can distribute settings from the Filters, Alarms, Graphs, and Audit Log tabs to otherOmniEngines. For details, see Updating OmniEngine settings on page Important!When you close anOmniEngine window, you are automatically disconnected from thatOmniEngine. In order to connect or reconnect to anOmniEngine, you must first select itsname in the OmniEngine Manager Workspace to re-open its OmniEngine hasu.com.arer OmniEnginesWhen you click the Discover icon in the toolbar, the Discover Engines dialog appears. Thisdialog lets you search for OmniEngines installed on the local segment of your network. Youcan then insert one or more of the OmniEngines that are found into the hasu.com.ar discover OmniEngines Click the Discover icon in the toolbar. The Discover Engines dialog appears.• Engines: Displays the OmniEngines found on the local segment of your network.• Discover: Click to search for OmniEngines installed on the local segment of yournetwork. The status message will change from Listening to Finished when allnetwork-available OmniEngines are discovered.• Listen time: Enter the number of seconds that the OmniEngine Manager will listenfor responses to the discovery request. You can enter a minimum of 2 and amaximum of 60 seconds Click the Discover button on the dialog. All OmniEngines found on the local segment ofyour network are displayed in the Engines list Discovered OmniEngines have the check box next to their name selected. Clear the checkboxes of the OmniEngines that you do not want to add to the Workspace and click hasu.com.ar the selected OmniEngines are added to the Workspace Using the OmniEngine Manager


OmniEngine Getting Started GuideTipRight-click in the Engines pane of the Discover Engines dialog and select Uncheck all todeselect all OmniEnginehasu.com.arect buttonTo reconnect to anOmniEngine listed in the Workspace Open the Status tab of the OmniEngine window for the desired OmniEngine Click the Reconnect hasu.com.ar you click Reconnect, the OmniEngine Manager applies the most recently used logininformation for the selected OmniEngine.NoteIf you wish to log in under a different Username, or if the configuration for the IP addressand/or port have changed since your last login in the same session, you must use the Connectdialog directly. See Connecting to anOmniEngine on page hasu.com.aruring anOmniEngineTo configure anOmniEngine, you must use the OmniEngine Configuration Wizard of theOmniEngine Manager. The OmniEngine Configuration Wizard of the OmniEngine Managerfirst appears when you install anOmniEngineand are prompted to configure it. See InstallinganOmniEngine on page hasu.com.ar configure OmniEngine Linux, you must do so using the OmniEngine Manager from theOmniPeek computer as described hasu.com.arect button 13


OmniEngine Getting Started GuideTo configure anOmniEngine from the OmniPeek computer Choose Start > All Programs > WildPacketsOmniEngine Manager. The OmniEngineManager window appears Connect to anOmniEngine in the Workspace (see Connecting to anOmniEngine on page9) and click the Configuration icon in the toolbar. The OmniEngine ConfigurationWizard appears Click Next. The General view of the OmniEngine Configuration Wizard appears Configure the settings in the General, Security, and Edit Access Control views. SeeEngine Configuration—General on page 14; Engine Configuration—Security on page 15;and Engine Configuration—Edit Access Control on page When prompted, click Yes to send the configuration changes to the OmniEngine. Theconfiguration changes won’t take effect until the OmniEngine is hasu.com.ar Configuration—GeneralThe General view of the OmniEngine Configuration Wizard lets you set the name, address,capture restart, and local disk use settings.• Name: Type a name for the OmniEngine. This name appears in the OmniEngineswindow in OmniPeek.• Enable AutoDiscovery: Select this check box to enable the OmniEngine to respond toautodiscovery requests which arrive from the OmniEngine Manager Configuring anOmniEngine


OmniEngine Getting Started Guide• Use any available IP address: Select this check box to accept communications on any andall IP addresses assigned to the computer on which the OmniEngine is installed.• IP address: Select the IP address used to communicate with the OmniEngine. TheOmniEngine will respond to communications only on that address. This option is notavailable when Use any available IP address is selected.• Port: Type a port used for communications. The default port for WildPackets DNXProtocol is • Maximum concurrent connections: Type or select the maximum number of concurrentconnections allowed for the OmniEngine.• Automatically restart captures: Select this check box to automatically restart captureswhenever the OmniEngine restarts. When enabled, the OmniEngine remembers anycapture (active or idle) defined for it, and restores the capture whenever the OmniEngineitself is restarted.• Data folder: Type or browse to the location for the data folder containing the programsettings for the OmniEngine. The OmniEngine also uses this location to store files createdby users. The contents of the data folder appear in the Files tab of the OmniPeekOmniEngines hasu.com.ar you have a WildPackets TimeLine network recorder, you cannot specify the Data hasu.com.arant!Whether you accept the default location or choose a new location, the directory you choose asthe Data folder must be accessible by all users of this OmniEngine.Engine Configuration—SecurityThe Security view of the OmniEngine Configuration Wizard lets you set security, datacompression, authentication, and auditing hasu.com.ar Configuration—Security 15


OmniEngine Getting Started Guide• Authentication:• Enable OS Authentication Only: Select this check box to use the Operating Systemauthentication only, and to disable all other third-party authentication mechanisms.• Enable Third-party Authentication: Select this check box to enable third-partyauthentication using an Active Directory, RADIUS, or TACAS+ authenticationserver. For more information on enabling Third-party authentication, see Thirdpartyauthentication with OmniEngines on page • Insert: Click this button to display the Edit Authentication Setting dialog, whichallows you to name the setting and select from one of the following Third-partyAuthentication types:• Active Directory: Select this type to enable Active Directory authentication, andthen configure the host information: Host (domain controller) and Port settings(OmniEngine Windows); or Realm (domain controller) and KDC settings(OmniEngine Linux).• RADIUS: Select this type to enable RADIUS authentication, and then configurethe Host (IP address), Port, and Secret settings (select Hide Typing to hide thesettings) for the RADIUS authentication server.• TACACs+: Select this type to enable TACAS+ authentication, and then configurethe Host (IP address), Port, and Secret settings (select Hide Typing to hide thesettings) for the TACACs+ authentication server.• Edit: Click this button to edit the selected authentication setting.• Delete: Click this button to delete the selected authentication setting Configuring anOmniEngine


OmniEngine Getting Started Guide• Move Up: Click this button to move the selected authentication setting higher up inthe list.• Move Down: Click this button to move the selected authentication setting lower up inthe hasu.com.are order of the authentication settings in the list determines the order an authenticationserver is authenticated hasu.com.ar OmniEngine Windows, authentication settings are attempted in a top/down order. If anauthentication server can not be reached because of either an incorrect or unreachable serverIP, incorrect port, or incorrect shared secret, then the next setting in the list is attempted. Ifcommunication with the authentication server is good, but the user cannot be authenticatedbecause of either an incorrect username, password, or a disabled account, then theauthentication process is rejected (‘Fail’) and is stopped hasu.com.ar OmniEngine Linux, authentication settings are attempted in groups in a top/down hasu.com.ar example, if the first setting at the top is a RADIUS setting, then all RADIUS settings in thelist are attempted first before attempting the next group type in list. If an authentication servercan not be reached because of either an incorrect or unreachable server IP, incorrect port, orincorrect shared secret, then the next setting in the group is attempted. If communication withthe authentication server is good, but the user cannot be authenticated because of either anincorrect username, password, or a disabled account, then the next group type is attempted (ifauthenticating a RADIUS or TACACS+ setting), or the next setting in the list is attempted (ifauthenticating an Active Directory setting).• Update omni-admin pwd (OmniEngine Windows only): Select this check box andenter a new password for the administrator. Select Hide Typing to hide the entry.• Update omni-user pwd (OmniEngine Windows only): Select this check box and entera new password for the user. Select Hide Typing to hide the hasu.com.are OmniEngine operates within the security environment configured in the operatingsystem. Refer to your operating system documentation for instructions on configuringsecurity settings for your operating hasu.com.ar Configuration—Edit Access ControlThe Edit Access Control view of the OmniEngine Configuration Wizard lets you definewhich users have access to anOmniEngineand which classes of actions (policies) each user isallowed to hasu.com.ar Configuration—Edit Access Control 17


OmniEngine Getting Started GuideNoteThere are several ways to create a new user in your operating system. Refer to your operatingsystem documentation for instructions on creating new user profiles.• Use access control: Select this check box to enable Access Control.• The Policy column lists the pre-defined policies:• System: Allow usage• Capture: Create new capture• Capture: Delete captures created by others• Capture: Modify captures created by others• Capture: Start/Stop captures created by others• Capture: View packets from captures created by others• Capture: View stats from captures created by others• Configuration: Configure engine settings• Configuration: View/modify matrix switch settings (OmniEngine Windows only)• Configuration: View the audit log• Configuration: Upload files• The User column lists which users have access to a certain policy Configuring anOmniEngine


OmniEngine Getting Started Guide• Edit: Select a policy and then click the Edit button to define which users have access to thepolicy. The Add Users to ACL dialog appears:Browse Users• Domain (OmniEngine Windows only): Type the Domain for login to theOmniEngine. If the OmniEngine is not a member of any Domain, leave this fieldblank.• Refresh: Click this button to poll the Domain controller to retrieve the list of hasu.com.arrge Domains with hundreds of users may take several minutes to load.• Name/Description: Displays the name and description for each defined user. Both thename and the description are taken from the operating system security settings (localor Domain).• Add: Click this button to add the selected user to the Selected Users hasu.com.ar User (OmniEngine Windows only)• Domain: Type the Domain for login to the OmniEngine.• User: Type the name of the User you wish to add to the Selected Users table.• Add: Click this button to add the selected user to the Selected Users hasu.com.ar Configuration—Edit Access Control 19


OmniEngine Getting Started GuideSelected Users• Name/Description: Displays the name and description of users allowed to performthe selected policy.• Delete: Click this button to remove the selected user from the Selected Users table.• Delete all: Click this button to remove all users from the Selected Users hasu.com.ar Policy that has no users associated with it is effectively reserved for users with Administratoror root level hasu.com.arers do require the network login privilege in order to connect to the OmniEngine, and read/write access to the directory selected as the Data hasu.com.arerations when configuring Access ControlPlease note the following when configuring Access Control:• Users with Administrator or root level privileges always have access to all features of theOmniEngine.• If the OmniEngine is installed on a machine under local control, the local user withAdministrator or root level privileges (and equivalents) has access to the OmniEngineregardless of the settings in the Edit Access Control view.• If the OmniEngine is installed on a machine under Domain control, the DomainAdministrator always has access regardless of the settings in the Edit Access Controlview.• When Use access control is selected and no other users are added to the Edit AccessControl view (the initial default settings), then only the user with Administrator (local orDomain, depending on the computer setup) or root level privileges has access to theOmniEngine.Considerations when disabling Access ControlWhen access control is disabled, the only restrictions on the use of the OmniEngine are thoseimposed by the operating system security settings. Examples of relevant permissionscontrolled by operating system security settings include:• Login privilege: A user must be able to log in to the machine on which the OmniEngine isrunning in order to use the program Configuring anOmniEngine


OmniEngine Getting Started Guide• Read/write access: The OmniEngine saves configuration information and the packet filescreated by the remote capture Save to Disk options to a directory called the Data hasu.com.ar location is defined in the OmniEngine configuration. A user must have read/writeaccess to the Data folder in order to configure the program, use the Save to Disk options,or access the resulting packet files.• Start/Stop service: A user must have sufficient privileges to start, stop, and restart theOmniEngine service in order to use the OmniEngine Configuration Wizard or to haveconfiguration changes take effect when they are made from the OmniEngine Manhasu.com.arng OmniEngine softwareThe OmniEngine Manager lets you distribute OmniEngine software updates simultaneouslyto one or more OmniEnginehasu.com.ardating OmniEngine software is not supported in OmniEngine hasu.com.ar distributing updates, make sure that:• The Update Service is running on each OmniEngine you are updating. The current stateof the Update Service is shown as Running or Stopped in the Properties section of theStatus tab of the OmniEngines window. To change the state, click the Stop / Startbutton.• You have Administrator level privileges (local or Domain) on each OmniEnginecomputer you are hasu.com.ar update the software for one or more OmniEngines Click the Update Software icon in the toolbar. The Start view of the OmniEngineUpdate Software Wizard appears Click Next. The List of Engines view hasu.com.arng OmniEngine software 21


OmniEngine Getting Started Guide3. Click the Add or Import button to add the IP Address and port of the OmniEngines youare updating to the list of OmniEngines:• Add: Click to add anOmniEngine to the list one at a time. You must enter the IPaddress for the OmniEngine. Accept the default value of for the port.• Import: Click to add a tab-delimited text file (*.txt) containing the IP address andport values for multiple OmniEnginesNoteYou can click the Credentials button to enter the login credentials that can be used to connectto multiple OmniEngines when distributing software updates or new settings. See Credentialsdialog on page Click Next to open the Update Installer view of the OmniEngine Update SoftwareWizard Updating OmniEngine software


OmniEngine Getting Started Guide• Update Pack: Click Browse… to browse to where you have the installer.• Schedule: Set the date and time for starting the software hasu.com.are Schedule is evaluated based on local time for each separate OmniEngine. That is, itfollows the system clock of the machine on which each targeted OmniEngine is running. Besure to take this into consideration when scheduling software updates for OmniEngines inother time zones Click Next. The Review and execute view of the OmniEngine Update Software Wizardappears, showing all the listed OmniEngines and the current status of the software updateprocess for hasu.com.arng OmniEngine software 23


OmniEngine Getting Started Guide6. Click the Start button to send the Update Pack to each of the target machines. The TaskStatus column shows the progress of the file transfer for each target OmniEngine.When the update for each OmniEngine is completed, the new version number appears inthe Status view of the OmniEngines hasu.com.arn you click the Start button, the button changes to Stop. The Finish, Cancel, and Backbuttons are grayed out until the update process is complete. To stop the Update Pack transfer,click the Stop button Click Finish when the file transfers are completed for all the OmniEngines on the hasu.com.arng OmniEngine settingsThe OmniEngine Manager lets you distribute settings for filters, alarms, and graphs from oneor more connected OmniEngines to one or more selected OmniEnginehasu.com.arant!You must have Administrator or root level privileges for the OmniEngine where you aredistributing hasu.com.ar update settings for one or more OmniEngines Click the Update Settings icon in the toolbar. The Update Settings dialog appears Updating OmniEngine settings


OmniEngine Getting Started Guide2. Click Browse… to open the Select Engines dialog, showing all the OmniEngines in hasu.com.aru can click the Credentials button to enter the login credentials that can be used to connectto multiple OmniEngines when distributing software updates or new settings. See Credentialsdialog on page Select the check box of the OmniEngines you are updating Click OK. The selected OmniEngines are added to the Select engines hasu.com.arng OmniEngine settings 25


OmniEngine Getting Started GuideTo remove anOmniEngine from the list, click Browse… again and clear the check box ofthe OmniEngine in the Select Engines dialog. Click OK. The Select engines list isupdated Open the OmniEngine window of any connected OmniEngine in the Workspace andselect one of the tabs (Filters, Alarms, or Graphs) Drag-and-drop any item in one of the tabs to the Add items section of the UpdateSettings dialog. You can add any combination of filters, alarms, or graphs settings Click the Start button to send the settings to the OmniEngines in the Select engines list Click the Status tab to see the current status of all configuration updates for each targetOmniEngine.NoteTo update the settings for a target OmniEngine that has Use access control enabled, you mustlog in either as a user associated with the System: Allow usage policy or as a user withAdministrator or root level privileges (local or Domain) for the host machine. If the targetOmniEngine does not have Use access control enabled, any user with read/write privileges tothe Data folder directory of the target OmniEngine can use the Update Settings dialog Updating OmniEngine settings


Updating OmniEngine ACL settingsOmniEngine Getting Started GuideThe Access Control List (ACL) limits access to anOmniEngine by associating Users (defined inthe operating system) with classes of tasks on the OmniEngine, called Policies. Theseassociations are set in the configuration of each OmniEngine.The OmniEngine Manager also lets you add the same Domain username and Policyassociations to the ACLs of multiple OmniEngines, all of which are operating under the sameDomain hasu.com.ardating OmniEngine ACL settings to multiple OmniEngines is not supported inOmniEngine hasu.com.aronally, to use the ACL with Omnipliance Linux, you must first add the user to the LinuxOS and then add the same user to the first ACL policy, “System: Allow usage.” You can thenlimit that user’s permission by adding the user to any of the other ACL hasu.com.arant!The OmniEngine Manager must be able to log in to each target OmniEngine as a user with thecorrect permissions to update the ACL on that OmniEngine, as described above. For detailedlogin information, see Credentials dialog on page NoteTo make use of the OmniEngine Update ACL Wizard, you must present the correct logincredentials for each target machine. For anOmniEngine with Use access control enabled, anyuser associated with both the System: Allow usage and Configuration: Configure enginesettings policies can configure the OmniEngine. Any user with Administrator privileges (localor Domain) on the target machine can configure the OmniEngine, regardless of any settings inits hasu.com.ar distribute an ACL update to multiple OmniEngines in a single domain Open a Workspace file that contains all the OmniEngines whose ACLs you wish toupdate Click Update ACL in the toolbar. The Start view of the OmniEngine Update ACLWizard appears Click Next to open the Select engines view of the OmniEngine Update ACL Wizard, inwhich you can specify all the OmniEngines to which you would like to distribute the hasu.com.arng OmniEngine ACL settings 27


OmniEngine Getting Started GuideNoteYou can click the Credentials button to enter the login credentials that can be used to connectto multiple OmniEngines when distributing software updates or new settings. See Credentialsdialog on page Click Browse… to open the Select Engines dialog Select the check box of the OmniEngines you are updating Click OK. The selected OmniEngines are added to the Select engines hasu.com.ar remove anOmniEngine from the list, click Browse… again and clear the check box ofthe OmniEngine in the Select Engines dialog. Click OK. The Select engines list isupdated Updating OmniEngine ACL settings


OmniEngine Getting Started Guide7. Click Next to open the Edit policy view of the OmniEngine Update ACL Wizard, inwhich you can associate any User defined for the current Domain with any Policy definedfor all OmniEngines in the Select engines view Select a Policy in the list and click the Edit button. The Add Users to ACL dialog appears Enter the name of the Domain and click the Refresh button. The dialog will poll theDomain Controller to retrieve a list of users Select a user you want to associate with the current Policy and click the Add button. Theuser will appear in the Selected Users table of the dialog. Repeat this step until you haveadded all the users you wish to associate with the current hasu.com.arant!When you create an ACL in the OmniEngine Update ACL Wizard, you are adding entries tothe ACLs of the target OmniEngines. In order to delete a user already entered in the ACL foranOmniEngine, you must use the OmniEngine Configuration Wizard. See EngineConfiguration—Edit Access Control on page Click the OK button to close the Browse users list dialog and return to the Edit policyview of the OmniEngine Update ACL Wizard. The users from the Selected Users tablewill appear in the Users column beside the appropriate hasu.com.arng OmniEngine ACL settings 29


OmniEngine Getting Started Guide Continue in this manner until you have fully defined the ACL Click Next to open the Review and send view of the OmniEngine Update ACL Wizard Review the list of OmniEngines included in the ACL update. If you need to make changes,you can use the Back buttons to return to earlier views Click the Start button to begin distributing the ACL to the listed OmniEngines Updating OmniEngine ACL settings


OmniEngine Getting Started GuideNoteIn order to be able to retrieve the list of Domain users, you must be logged on as a user withAdministrator privileges (local or Domain). Additionally, you must have logged on to acomputer under the Domain control of the target Domain during the current session ofWindows. Your Domain login can have been as a Domain user of any kind, Administrator orotherwise Click Finish to close the OmniEngine Update ACL hasu.com.artials dialogThe Credentials dialog lets you present a single set of credentials when you distribute softwareupdates or new settings to multiple OmniEngines. It is only available in the context of anupdate operation that allows you to connect to multiple OmniEngines during a single hasu.com.ar open the Credentials dialog Click the Credentials… button in any of the following views:• the List of Engines view of the OmniEngine Update Software Wizard (seeUpdating OmniEngine software on page 21).• the Items view of the Update Settings dialog (see Updating OmniEngine settings onpage 24).• the Select engines view of the OmniEngine Update ACL Wizard (see UpdatingOmniEngine ACL settings on page 27) Select the Use following credentials check box to enable credentials Complete credential information for Authentication, Domain, Username, and hasu.com.ar Connecting to anOmniEngine on page 9 for details Click OK to accept your chanhasu.com.artials dialog 31


OmniEngine Getting Started GuideUpdating multiple OmniEnginesWhen updating multiple OmniEngines, you may need to present multiple sets of hasu.com.ar available credentials are presented in the following order:• Existing connection: For any OmniEngine to which you are already connected, theUpdate functions will attempt the update using the credentials you used to log on to thatOmniEngine.• Credentials dialog: If the check box beside Use following credentials is selected, theUpdate function will present the Domain, Username, and Password found in theCredentials dialog to any OmniEngine to which you are not already connected.• Local machine login: If you do not use the Credentials dialog (Use following credentials isnot selected) the Update function will present the credentials you used to log in to thecomputer on which the OmniEngine Manager is running as your login credentials for anyOmniEngine to which you are not already hasu.com.aren using the OmniEngine Update Software Wizard, your login is supplied to the UpdateService, not to the OmniEngine. In this case, only the latter two choices are relevanhasu.com.ar taking advantage of the order in which the OmniEngine Manager presents credentials, youcan update any set of network accessible OmniEngines (for which you have the correctpermissions) in a single hasu.com.ar OmniEngines with OmniPeekOmniEngines have no user interface of their own and rely on an OmniPeek console to providea user interface through the OmniEngines window. The OmniEngines window in OmniPeekis used for interaction between OmniPeek and anOmniEngine.Connecting to anOmniEngine from OmniPeekIn order to view packets and data from anOmniEngine, you must first connect to theOmniEngine from the OmniEngines hasu.com.ar connect to anOmniEngine from OmniPeek Do one of the following to display the OmniEngines window:• Choose View > OmniEngines.• Click View OmniEngines on the Start hasu.com.ar OmniEngines window appears Using OmniEngines with OmniPeek


OmniEngine Getting Started GuideInsert Engine Discover EngineInsert Group Delete ConnectDisconnect2. Click the Insert Engine button. The Insert Engine dialog hasu.com.aru can also click the Discover Engine icon in the toolbar to find all of the OmniEnginesavailable on your network segment. See Discover OmniEngines on page 12 for hasu.com.arting to anOmniEngine from OmniPeek 33


OmniEngine Getting Started Guide3. Complete the dialog:• Host: Enter the IP address of the OmniEngine that you want to connect to.• Port: Enter the TCP/IP Port used for communications. The default port of for theWildPackets DNX protocol is • Authentication: Select the method used to authenticate the user. Typically, you wouldselect Default if you don’t use a third-party authentication server such as ActiveDirectory, RADIUS, TACACS+.NoteFor OmniEngine Linux, you must select Third Party authentication.• Domain: Type the Domain for login to the OmniEngine. If the OmniEngine is not amember of any Domain, leave this field blank.• Username: Type the Username for login to the OmniEngine.• Password: Type the Password for login to the OmniEngine Click Connect. When the connection is established, the OmniEngine appears in theOmniEngines window Using OmniEngines with OmniPeek


OmniEngine Getting Started GuideTipYou can add multiple OmniEngines to the OmniEngines window by using the Insert Engineicon Click the Insert Group icon to add a group of OmniEngines to the OmniEngineswindow Select the OmniEngine group and then click the Insert Engine icon to add anOmniEngine to the hasu.com.arting to anOmniEngine from OmniPeek 35


OmniEngine Getting Started GuideCapturing from anOmniEngineYou can select from the following options to capture packets from anOmniEngine:• New Capture…: This option lets you create a new capture window based on the capturesettings that you define.• New “Forensics Capture”: This option lets you create a new capture window based on preconfiguredcapture settings optimized for post-capture forensics analysis.• New “Monitoring Capture”: This option lets you create a new capture window based onpre-configured capture settings optimized to produce higher level expert and statisticaldata in a continuous capture.• Edit Capture Templates: This option opens the Capture Templates dialog and allows youto create new or edit existing capture hasu.com.arr more information about each of the optimized capture formats, please see the OmniPeekUser Guide or online help Using OmniEngines with OmniPeek


OmniEngine Getting Started GuideTo begin a remote capture from anOmniEngine Do one of the following:• On the Home tab, select the type of remote capture to perform by selecting NewCapture under the Captures heading.• On the Captures tab, select the type of remote capture to perform by clicking thesmall arrow next to the Insert icon.• On the Adapters tab, select the type of remote capture to perform by selecting NewCapture under the name of the adapter you wish to hasu.com.ar remote Capture Options dialog appears Make any desired changes to the capture option settings Click OK. An OmniEngine capture window hasu.com.are views in the left-hand navigation pane that are available in anOmniEngine capturewindow depend on the type of OmniEngine that is connected, and the Analysis OptionsCapturing from anOmniEngine 37


OmniEngine Getting Started Guidecapture settings configured for that capture window. See the OmniPeek User Guide or onlinehelp for details on using the features available from OmniEngine capture windows Click the Start Capture button to begin capturing packets. The button changes to StopCapture Click Stop Capture when you want to stop collecting packets into the remote hasu.com.ar-party authentication with OmniEnginesThird-party authentication of OmniEngines allows administrators of OmniEngines to easilymanage logon credentials (after a set of OmniEngines have been deployed), without having tomake changes on every OmniEngine hasu.com.arstrators and users can also sign on to OmniEngines with one set of credentials withoutrequiring the same account on every OmniEngine computer. You can use Active Directory,RADIUS, and TACACS+ authentication to maintain logon credentials.OmniEngine WindowsTo use third-party authentication on OmniEngine Windows, you must first set up third-partyauthentication on the OmniEngine, and then log in to the OmniEngine from hasu.com.arg up third-party authentication on the OmniEngine Before installing OmniEngine, the administrator must create two new user accounts onthe OmniEngine computer:• omni-admin (in the Administrators group)• omni-user (in the Users group)For Active Directory, OmniEngine will determine the authenticating users groupmembership information:• If the user belongs to the Administrators group, or a sub group of Administrators, itwill allow the user to log on as omni-admin.• If the user does not belong to an Administrator group, it will allow the user to log onas hasu.com.ar RADIUS, OmniEngine will ask for user authentication and authorization level:• Service-Type of Login (1) will allow the user to log on as omni-user.• Service-Type of Administrative (6) will allow the user to log on as omni-admin Third-party authentication with OmniEngines


OmniEngine Getting Started GuideFor TACACS+, OmniEngine will ask for user authentication while specifyingauthorization level:• it will first ask for the level TAC_PLUS_PRIV_LVL_ROOT (15) for omni-admin.• if that is denied, it will ask for level TAC_PLUS_PRIV_LVL_USER (1) for omni-user Install the OmniEngineand run the OmniEngine Configuration Wizard. TheOmniEngine Configuration Wizard can be launched at the end of the OmniEngineinstallation. See Configuring anOmniEngine on page When the OmniEngine Configuration Wizard appears, click Next twice. The Securityview of the wizard hasu.com.ar Security view of the OmniEngine Configuration Wizard allows you to configure thethird-party authentication settings that allow the OmniEngine to communicate with, andauthenticate to, the authentication servers. See Engine Configuration—Security on pageLogging in to the OmniEngine from the OmniPeek computer From OmniPeek, click Insert Engine in the OmniEngines window. The Insert Enginedialog appears Complete the dialog:• Host: Enter the IP address of the OmniEngine that you want to connect to.• Port: Enter the TCP/IP Port used for communications. The default port of for theWildPackets DNX protocol is • Authentication: Select Third Party as the Authentication type.OmniEngine Windows 39


OmniEngine Getting Started GuideNoteTo log in using Active Directory, RADIUS, or TACACS+ authentication, you must chooseThird Party instead of Default as the Authentication type.• Domain: Type the Domain for login to the OmniEngine. If the OmniEngine is not amember of any Domain, leave this field blank.• Username: Type the Username for login to the OmniEngine using the specifiedcredentials.• Password: Type the Password for login to the OmniEngine using the specifiedcredentials Click Connect. The OmniPeek console sends the user’s supplied username/password/authentication type to the OmniEngine over an encrypted chanhasu.com.ar OmniEngine decrypts those arguments and sends a request to the specificauthentication server:• A negative response will prompt the OmniEngine to send an error message back tothe console (Access Denied).• An affirmative response lets the OmniEngine go on to try to impersonate one of thetwo default user accounts on the OmniEngine. (OmniEngines use impersonation forWindows account users in order to limit their abilities to create or modify files.)• If the impersonation is successful (depending on the supplied password from theOmniEngine Configuration Wizard), the OmniEngine logs in the ActiveDirectory/RADIUS/TACACS+ user.• If the impersonation is unsuccessful, the OmniEngine will send an AccessDenied message.OmniEngine LinuxTo use third-party authentication on OmniEngine Linux, you must first set up third-partyauthentication on the OmniEngine (using OmniEngine Manager from the OmniPeekcomputer), and then log in to the OmniEngine from hasu.com.arg up third-party authentication on the OmniEngine Start the OmniEngine Manager from OmniPeek, connect to the OmniEngine, and thenadd the OmniEngine to the Workspace. See Using the OmniEngine Manager on page Click Configuration to run the OmniEngine Configuration Wizard Third-party authentication with OmniEngines


OmniEngine Getting Started Guide3. When the OmniEngine Configuration Wizard appears, click Next twice. The Securityview of the wizard hasu.com.ar Security view of the OmniEngine Configuration Wizard allows you to configure thethird-party authentication settings that allow the OmniEngine to communicate with, andauthenticate to, the authentication servers. See Engine Configuration—Security on pageLogging in to the OmniEngine from the OmniPeek computer From OmniPeek, click Insert Engine in the OmniEngines window. The Insert Enginedialog appears Complete the dialog:• Host: Enter the IP address of the OmniEngine that you want to connect to.• Port: Enter the TCP/IP Port used for communications. The default port of for theWildPackets DNX protocol is • Authentication: Select Third Party as the Authentication hasu.com.arr OmniEngine Linux, you must select Third Party authentication.• Domain: Leave this field blank. This field is not used for OmniEngine Linux.• Username: Type the Username for login to the OmniEngine using the specifiedcredentials.• Password: Type the Password for login to the OmniEngine using the specifiedcredentials.OmniEngine Linux 41


OmniEngine Getting Started Guide3. Click Connect. The OmniPeek console sends the credentials to the OmniEngine over anencrypted chanhasu.com.ar OmniEngine decrypts the credentials, and then sends a request to the specificauthentication server:• A negative response will prompt the OmniEngine to send an error message back tothe console (Access Denied).• An affirmative response allows the user to log on Third-party authentication with OmniEngines


Index10 Gigabit wireless 2NumericsAabout OmniEngine

Источник: [hasu.com.ar]
.

What’s New in the OmniEngine Enterprise Version: 4.0 serial key or number?

Screen Shot

System Requirements for OmniEngine Enterprise Version: 4.0 serial key or number

Add a Comment

Your email address will not be published. Required fields are marked *