How do I monitor traffic by IP of Firesight

Similar Questions

• How JOINT can monitor interface FWSM

  Hello

  Three VLANs have been affected to the FWSM: 2 (outside), 3 (DMZ) and 4 (on the inside).

  Now, I would like to make an interface in mode inline monitoring traffic entering FWSM inside the interface.

  As the FWSM inside the interface makes sense, how can I set up JOINT monitoring.

  Rgds

  Yes the JOINT will FILL the two VLANS, there will be no ROUTING here since the two VLANS won't be in the same subnet

  You want to assign the sub-inteface 1 you created to the vs0 (virtual sensor). For each new sub-inteface you add (to a physical interface) you need to go and the virtual sensor.

  Just use the GUI, it will do everything very intuitive.

  Concerning

  Farrukh

• How can I monitor util programmatically

  Hello.

  How can I monitor util programmatically? in the Windows taskbar, in the Performance section Manager, I can read the util and the use of the CPU, but I want to read directly in Labview, it is posible? is it exists any vi that does this?

  Thank you

  There is an example .net @ C:\Program NIUninstaller Instruments\LabVIEW 8.5\examples\comm\dotnet\SimpleTaskMonitor.llb\SimpleTaskMonitor.vi.

  You can find it by searching examples of labview .net 'Find the examples' [: help find examples]

• How to apply internet traffic in VPN tunnel users

  Hello

  Perhaps it is a simple matter to most of you, but it confuses me right now.

  Here's my situation:

  home - internet - ASA 5510 users - CORP LAN

  We have remote Ipsec VPN and anyconnect VPN, I think that the solution must work on two of them.

  My question is: "how to apply internet traffic user home to the VPN tunnel?

  We have "split tunnel" to only"'interesting traffic' VPN tunnel access LAN CORP.

  but now I need apply all traffic (internet + CORP LAN) user through VPN tunnel passes.

  so far, I did what I know:

  1. remove the "split tunnle" group policy

  2. the address in "remote user VPN address pool" are perhaps NAT/PAT travers ASA5510

  but I don't get why it doesn't work.

  all suggestions are appreciate!

  Thank you!

  A few things to configure:

  (1) Split tunnel policy to be passed under split in tunnelall tunnel

  (2) configure NAT on the external interface to PAT to the same global address.

  (3) configure "allowed same-security-traffic intra-interface" so that the tunnel VPN for Internet traffic can make a u-turn.

  Please share the current configuration if the foregoing still does not solve the problem. Thank you.

• How to block all traffic except vpn traffic and traffic bureau HQ

  Hello

  Someone please advise me how to block all traffic except inbound traffic through the VPN and traffic from the IP of the HQ Office.

  My router is 881/K9 Cisco router. Currently, I have blocked all IP addresses with the exception of the IP Office HQ using access-list on the brance office website.

  I put the IP list allowed according to IP location of the VPN user. But now the VPN user become more and more and thus be difficult to block the IPs based on their current location. Sometimes not possible to know their WAN ip address.

  Thanks in advance.

  Have you considered allowing the IPSEC IP Protocol, TCP port, intellectual property all UDP ports and then by blocking all other traffic?

• How do I monitor/find where is the State of my download?  I don't know how long it takes or if there is a problem with the download that I can't find anything.  Also, is it supposed to be an icon for my purchase of Photoshop and light in my apps folder

  How do I monitor/find where is the State of my download?  I don't know how long it takes or if there is a problem with the download that I can't find anything.  Also, is it supposed to be an icon for my purchase of Photoshop and light in my apps folder?  Where can I find that when it's done download?

  Could you please confirm the operating system you are using.

  You can see the status of the application of CC desktop download.

  The CC app desktop click the creative cloud icon located in the taskbar (Windows) or the Apple bar (Mac OS) menu, to open the creative cloud desktop application.

  Hope this will help you.

  Kind regards

  Hervé Khare

• How to track the traffic source?

  I have a site 2 site IPSec vpn between a SRI of 1801 and an ASA 5510. Monitoring vpn on the ASA, I see there is constant traffic on that, when I would have waited only intermittent traffic. How can I find what is actually causing traffic through the vpn? I suspect something at the end of SRI sends out packets on the network of the SAA, but how do I know that?

  See you soon

  Cool

• DNS server records to monitor traffic.

  I do not understand much about it so I hope someone can explain to me.

  I have a server configured with a DNS server running successfully on my mac mini (dns primary server for the House).

  I was wondering if there is a way to capture the DNS server logs and monitor visited Web sites of specific host ips/name?

  I don't have an example to make immediately available, and I expect that it will be the analysis or an output channel created manually or otherwise searching the DNS server connects.

  If your firewall blocks all outgoing DNS traffic except for DNS queries on the server (this is to avoid without entering the DNS server, register via VPN or other), you can turn on extra logging through the command line, and then check the DNS server logs.

  This configuration is probably more commonly implemented with either a network sniffer I look for DNS queries arriving at your server, or perhaps a web proxy server, as this proxy server gets you the customer information and the target host information, as it won't be all kinds of activities related to the web-is in the DNS for a typical client newspapers.

  Activity network Apps, app updates (various which may seem HTTPS traffic, too), multiple streams of data, etc.

  HTTPS and VPN can throw a key in these listening and data collection activities, unfortunately.  They can hide the access or hide the DNS query, according to the monitored computers.

  There are approaches especially here, including the firewall of filtering (or notation) and the mechanisms of OS X such as Parental controls, depending on the specific details of your needs here.    There are examples posted around the network to use Wireshark or tcpdump to acquire the DNS of your network data, as well.

  Details on the management of the BIND 9 command line - i.e. when there is hair - are available in the ISC BIND documentation, such as 9.10.  Find statement grammar and record the setting up an output channel, as a starting point.

  For recent versions of OS X Server, BIND configuration files are under/Library/Server.  (See this discussion, as well.)

  Changes to the configuration files can sometimes fail.app, unfortunately.   Close.app, make the changes to a copy of the file, then restart.app (and I hope Server.app don't spill or undo your changes).

• How to restrict multicast traffic to specific ports on GS716Tv3?

  I can not find specific instructions to limit traffic of multicast on the smart switch GS715Tv3.

  I need to force all multicast traffic to travel on a specific set of interfaces, or at least stay within a given virtual LAN on the switch to which it is native. All the changes you want multicast servers and listeners will be on these interfaces in their separate vLAN.

  We have several GS715Tv3 switches configured identically, but multicast traffic does not pass between the switches.

  Topology:

  Eight GS716Tv3 smart switches, each configured with three VLANS identical.

  No traffic should pass between these VLANS on the switch or pass between the switches

  In other words, even if all the 8 switches each have a vLAN named "IOSubsystem", I do not considered the same vLAN.

  .

  vLAN 4 is corresponding to the hosts of Linux to address major

  vLAN 5 is for the audio subsystem

  vLAN 6 is for the IO subsystem

  VLAN each switch 4 has two active ports, a session to the external interface of the main Linux host and the other to a central switch of 9th GS716Tv3 where a system of software development is also linked.

  VLAN each 5 switch connects to the components of the audio subsystems (not shown).

  VLAN each switch 6 has two active ports, a going inward a lead Linux host interface and one for the IO subsystem.

             -> [vLAN4 | g10]---> [Switch #9]-+.
  
             -> [vLAN4 | g9]-> [Linux host #1: eth0]                 |
  
  [Switch #1]-> [vLAN6: g1]-> [Linux host #1 | eth1]                 |
  
             -> [vLAN6: g2]-> [e/s 1 subsystem]                   |
  
                                                                |
  
             -> [vLAN4 | g10]---> [Switch #9]- +---> [software Dev host]
  
             -> [vLAN4 | g9]-> [Linux host #2: eth0]                 |
  
  [Switch #2]-> [vLAN6: g1]-> [Linux host #2 | eth1]                 |
  
             -> [vLAN6: g2]-> [subsystem/o 2]                   |
  
  ...                                                           ~
  
                                                                |
  
             -> [vLAN4 | g10]---> [Switch #9]-+.
  
             -> [vLAN4 | g9]-> [Linux host #8: eth0]
  
  [Switch #8]-> [vLAN6: g1]-> [Linux host #8 | eth1]
  
             -> [vLAN6: g2]-> [i/o subsystem #8]

  We get multicast traffic unwanted between each of these systems, causing corruption of our stream. We limit the multicast traffic on vLAN6 of each switch to stay on the vLAN6 of this specific switch.

  Thanks for any help.

  To switch the management VLAN to 4.

  Make sure you have 2-way switch, one in VLAN4 in a VLAN1.

  4 and apply the value of the system you use to a static IP address to the switch and confirm the access to the web configuration and then change "management VLAN ID. then pass the system that you use on the port or any VLAN 4, then you should have access, otherwise, wait about 60-90sec and try again, because you might have PLEASE and it will block anything on the port for just under its set to "Enabled" 'Fast Link '.

  Then under "IP Configuration" value switches other IP address in IP range of VLAN4.

  For the love of Simplisicty, unmarked ports should never be in 1 VLAN simultaneously.

  And instead of using the point and click, goto "Port PVID Configuration" and just create the VLAN it.

  Member of the PVID and VLAN the same thing for a port, on what VLAN, it must be in the database

  And to confirm, you have a cable from switch to each VLAN? You can cut down on cables and ports if you tag/trunk ports to the next switch. then all VLAN 3 just 1 cable between each pair of switches, saving you at least 4 ports on each switch.

  Just an example of my GS724T (ignore ports g8 and g-19-20, their current PVID is because of something else you do not, LACP and Span/Monitoring):

  All ports are configured to a single VLAN, my 'LAN hand' is VLAN12, that the management VLAN is set for, g23-24 ports VLAN trunks, they are set on tagg VLAN12 and 14 when the traffic is out of these ports, then switch to the other side reads the consequence tagg and acts, that way I don't need 2 cables/port for each of them.

  

• How to change monitor 1 to monitor 2

  I have a gateway with HDMI and Vga outputs. I connect to a regular computer monitor VGA and HDMI to a new 37 HDTV, but by default, the HDMI output is identified as monitor 1 and vga for monitor 2, I again change the identity of the monitors so 1-2 and 2-1, please advice

  Hello

  Right click on the desktop - properties Graphics

  Right click on desktop - graphics Options

  Right click on desktop - customize - display settings

  These should help you put in place.

  How to set up dual monitors in Windows 7
  http://www.online-tech-tips.com/Windows-7/How-to-Setup-dual-monitors-in-Windows-7/

  Two screens are better than one
  http://www.Microsoft.com/athome/organization/twomonitors.aspx

  Work and play better with multiple monitors
  http://Windows.Microsoft.com/en-us/Windows7/work-and-play-better-with-multiple-monitors

  Move windows between multiple monitors
  http://Windows.Microsoft.com/en-us/Windows7/move-Windows-between-multiple-monitors

  Multiple monitors: frequently asked questions.
  http://Windows.Microsoft.com/en-AU/Windows-Vista/multiple-monitors-frequently-asked-questions

  I hope this helps.

  Rob Brown - Microsoft MVP - Windows Desktop Experience: bike - Mark Twain said that he right.

• How to change monitor assignment in the Middle bi-ecrans

  I have two monitors connected to my computer Windows 7 - a viewsonic monitor and a panasonic tv plasma.

  Before I installed the TV - my Viewsonic sonic was the primary monitor. However, for some unknown reason - when I connected my plasma Panasonic TV for my graphics card - Windows makes the TV as the number 1 primary monitor and my viewsonic as the secondary number 2 monitor.

  How can I get Windows 7 to reverse these assignments? I want my Viewsonic monitor as primary monitor, number one.

  When you click rt office and select the resolution of the screen, you will be presented with a window showing the two monitors, simply click / hold down one of the shown montors and drag it to the desired position.

  There are also other options, for example, identify and display, use the drop-down list to select the display (monitor) to use as the 'main' display (some options only have an impact if you are using Extended view and not duplicate display)

• Best possible way to monitor traffic AS2 and block the rogue traffic

  This is for AS2 on HTTP/S traffic.

  Our current set up is to filter the traffic on the firewall (incoming & outgoing) with respect to IP addresses and ports.

  But now we are about to change the settings on our firewall source = ANY (inbound traffic) and destination = ANY (for outbound traffic).

  Now, it's time to activate the IPS blade for this parameters to monitor the traffic and block traffic to rogue.

  Please can someone be useful helping as to what is required for protection?

  I look in the signature list but was not sufficiently confident to point out more specific.

  Also the pros and cons for change to "ANY" white list are welcome.

  The default configuration only triggers once the IPS is confident that an attack is underway at 90%.

  I would stick with the default value set if signatures enabled.  The selected set will vary as you update the IP addresses (make sure that update you regularly) in view of the current risks in the wild.

• How to lock monitor Adobe (emission of mercury associated with)

  I have installation AE to my current computer to a TV (Adobe Monitor 1). I want to do is keep a model specific to the TV while I change one of its comps in a separate window on my computer screen comp. With mercury pass, the image transmitted on television is still tied to my selected calendar.

  Normally when I work with two comps, I lock among the viewers of the model so that the AE pass the image when I pass a calendar to change the demo. I would like to be able to lock the model transmitted on television, so that I can change the demo on my primary monitor and see the direct differences on the computer on the TV.

  Is it possible and if yes, how can I do?

  This is possible in after effects CC 2015. You can "lock" a specific composition for external video preview by clicking the switch Viewer in the lower left corner of the Composition Panel. This switch also blocks the audio output of this composition.

  The switch Viewer is new in after effects CC 2015. After effects CC 2014 and earlier versions, the switch always found this view (also in the lower left corner of the Composition Panel) will act as the "lock" for the external video preview, in addition to its standard to choose what view of composition to use when you start a snapshot. In after effects CC 2015, now you can separately control these behaviors.

• How can I monitor hyperic several remote sites with hyperic?

  We have implemented a hyperic server in AWS.

  We have a lot of remote sites with a server on site. Each site has its own public static IP address.

  Here is how we have implemented hyperic right now:

  agent.setup.camIP = static public IP of the server in AWS

  agent.setup.camPort = 7080

  agent.setup.camSSLPort = 7443

  agent.setup.camSecure = yes

  agent.setup.camLogin = login

  agent.setup.camPword = pass

  IP #agent.setup.agentIP = public site

  agent.setup.agentPort = 2144

  #agent.setup.resetupTokens = no

  agent.setup.acceptUnverifiedCertificate = yes

  At each site, we have a router that port forwarding on the server. If each server is behind a router and has private static IP such as 192.168.30.101

  We have no problem setting up hyperic on the local server, the problem is that Hyperic HQ is overwhelming the servers. He takes the static private ip address and keep overwriting the latest version of the server.

  Even if we have different server names and the public IP address different when we put in place the agent, once we have put in place the agent and he start shooting the metrics, hyperic just replaces the last installed server monitoring.

  any way to disable the IP address local hyperic traction?

  This could be referred as "PIN to a specific IP address" that is required when a platform has multiple NICs or IP address addresses and is accomplished by adding additional guidance to the agent.properties file. Because you specified a specific port of installation, it is better to pin which as well.

  agent.listenIp =
  agent.listenPort = 2144

  I suggest that you also uncomment:

  #agent.setup.agentIP =

  as well as (properly defined):

  #agent.setup.unidirectional = no

  The setting is described in the header section of the agent.properties file.

  # Agent configuration file
  #
  # The following is the properties of the Agent recognizes:
  #
  # agent.listenPort
  # Default: "2144.
  #
  # Description: Port that listens to the agent.
  #
  # agent.listenIp
  # Default: «*»
  #
  # Description: Address that the agent to listen.  If the value "*",
  # the agent will listen on all available interfaces.

  1.), you now have:

  agent.setup.camIP = static public IP of the server in AWS
  agent.setup.camPort = 7080
  agent.setup.camSSLPort = 7443
  agent.setup.camSecure = yes
  agent.setup.camLogin = login
  agent.setup.camPword = pass
  IP #agent.setup.agentIP = public site
  agent.setup.agentPort = 2144
  #agent.setup.resetupTokens = no
  agent.setup.acceptUnverifiedCertificate = yes

  2.) stop of the agent:

  3.) change this option and add the additional guidance.

  agent.setup.camIP = static public IP of the server in AWS
  agent.setup.camPort = 7080
  agent.setup.camSSLPort = 7443
  agent.setup.camSecure = yes
  agent.setup.camLogin = login
  agent.setup.camPword = pass
  IP agent.setup.agentIP = public site
  agent.setup.agentPort = 2144
  agent.setup.resetupTokens = no
  agent.setup.acceptUnverifiedCertificate = yes
  IP agent.listenIp = public site
  agent.listenPort = 2144

  4.) remove the agent data directory (it is re-created later start)

  5.) restart the agent (this will trigger a reconfigure)

  6.) I accept agent inventory

• Port forwarding in vmware workstation 9 (how to transfer all traffic to a virtual machine)

  You are looking for here: Advanced Configuration of NAT

  I can see how to redirect ports via in a particular host vmware NAT service, but my question is how can I transfer ALL traffic to a host? I found no info on how to do that.

  Is there any way I can forward all traffic incoming on a virtual machine?

  The syntax is = : and as such it is singular in all references, so I don't know of a way around it.