Policy Rule Monitoring
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-11-2016 02:01 PM
Hi,
Do you know if there is a way of monitoring traffic being denied or approved for a given policy for a given port.
I think I remember seeing the ability to super impose policy rules on a Wireshark trace, which might be the only means of doing it?
The point is that in the creation of a policy role that denies all traffic, it would be really handy to simply build on the rules of traffic that you maybe seeing being denied but actually want to allow through or visa versa. You can with all the best intension create a role & rules that you think would do the job but there is always going to be something that could slip the net this would be invaluable for.
Many thanks in advance.
Do you know if there is a way of monitoring traffic being denied or approved for a given policy for a given port.
I think I remember seeing the ability to super impose policy rules on a Wireshark trace, which might be the only means of doing it?
The point is that in the creation of a policy role that denies all traffic, it would be really handy to simply build on the rules of traffic that you maybe seeing being denied but actually want to allow through or visa versa. You can with all the best intension create a role & rules that you think would do the job but there is always going to be something that could slip the net this would be invaluable for.
Many thanks in advance.
6 REPLIES 6
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-01-2016 12:57 PM
Great, thanks Tom!
Don't suppose you know when rule accounting will be available for XOS, just in case I can expect it anytime soon?
Cheers.
Don't suppose you know when rule accounting will be available for XOS, just in case I can expect it anytime soon?
Cheers.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-01-2016 12:57 PM
Martin, There are no plans to support Policy Rule Accounting to XoS. It's only supported on the S/K/N series products.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-01-2016 12:51 PM
Martin, rule accounting is the feature that you're looking for that provides rule hit information but it's not currently supported on XoS based hardware. You have identified a possible solution already by utilizing the wireshark capabilities for a role and it's associated rules. You can run either live traffic or a captured trace through the Role's wireshark function and this will identify how traffic will be handled.
This KCS describes the process: https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-determine-which-Policy-Manager-serv...
This KCS describes the process: https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-determine-which-Policy-Manager-serv...
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-01-2016 12:36 PM
Just bumping this one question as could really do with knowing how this is accomplished.
Many thanks.
Many thanks.
