cancel
Showing results for 
Search instead for 
Did you mean: 

Policy Rule Monitoring

Policy Rule Monitoring

Anonymous
Not applicable
Hi,

Do you know if there is a way of monitoring traffic being denied or approved for a given policy for a given port.

I think I remember seeing the ability to super impose policy rules on a Wireshark trace, which might be the only means of doing it?

The point is that in the creation of a policy role that denies all traffic, it would be really handy to simply build on the rules of traffic that you maybe seeing being denied but actually want to allow through or visa versa. You can with all the best intension create a role & rules that you think would do the job but there is always going to be something that could slip the net this would be invaluable for.

Many thanks in advance.
6 REPLIES 6

Anonymous
Not applicable
Great, thanks Tom!

Don't suppose you know when rule accounting will be available for XOS, just in case I can expect it anytime soon?

Cheers.

Martin, There are no plans to support Policy Rule Accounting to XoS. It's only supported on the S/K/N series products.

Tom_Currier
Extreme Employee
Martin, rule accounting is the feature that you're looking for that provides rule hit information but it's not currently supported on XoS based hardware. You have identified a possible solution already by utilizing the wireshark capabilities for a role and it's associated rules. You can run either live traffic or a captured trace through the Role's wireshark function and this will identify how traffic will be handled.

This KCS describes the process: https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-determine-which-Policy-Manager-serv...

Anonymous
Not applicable
Just bumping this one question as could really do with knowing how this is accomplished.

Many thanks.
GTM-P2G8KFN