Security/Monitoring Configure Packet Engine

Configure Packet Engine

Selecting Overview → Manage → Security/Monitoring → Configure Packet Engine displays the Packet Engine dashboard.

When dashboard initially loads you are presented with the following if no Packet Engines are configured:

Manage Security/Monitoring Packet Engine Dashboard

A Packet Engine is added by clicking Add Packet Engine and entering the required information.

Clicking Add initiates the function and returns a notification of success or failure and reason.

Adding a Packet Engine

To add a packet engine, click Add Packet Engine to display the Add Packet Engine dialog box.

Manage Security/Monitoring Add Packet Engine

Enter the Server Name, Host Name/IP and Port.

Click Fetch to obtain a list of Ethernet adapters available.

Enter the interface number, IP address and Name for the switch and click the  icon.

NOTE: Username and Password are only required for Remote PCAP and should not be entered.

Click ADD to continue with adding the Packet Engine or Cancel to return to the previous screen without adding a Packet Engine.

When added, the dashboard displays the Ethernet interface address and the assigned name of the packet capture agent, the IP address of the packet capture engine along with the port number – 8080 and the Ethernet adapter number and IP address of the UNUM host.

Manage Security/Monitoring Add Packet Engine

The following is an example of a populated packet capture engine configuration screen with multiple interfaces.

Manage Security/Monitoring Add Packet Engine Example

When the new packet engine is added, it is displayed on the dashboard.

Manage Security/Monitoring Added Packet Engine Example

Deleting Packet Engine Files

You delete a Packet Engine using the  icon on the dashboard.


Manage Security/Monitoring Delete Packet Engine

Clicking on Keep File will delete the PCAP agent data from the database. Clicking on OK will remove both the data from the database and delete the file.

Third Party Tools

Installed third party packet capture tools are listed in the dashboard and additional third-party tools are added by clicking on the Add Third Party Tool link.

Manage Security/Monitoring Packet Engine Add Third Party Tools

Enter the Server Name along with the Ethernet adapter interface number, the IP address and a name for the packet capture tool.

Click  to add the field to the dashboard and when complete click Add.

For example, Server Name = “Colossus”, Interface = “eth2”, IP Address = “” and Name = “Forbin”

Manage Security/Monitoring Packet Engine Add Third Party Tools Example

And, clicking Add, adds the third-party tool to the dashboard.

Manage Security/Monitoring Packet Engine Third Party Tools Added

Packet Engines can either be a packet capture endpoint controlled by UNUM or a Third-Party Tool.

Note: There is no management of any third-party tool, it is the responsibility of the user to manually upload any PCAP files generated by this third-party tool into UNUM.

Packet Engine Search Function

You easily search and filter multiple Packet Engine entries using the Filter By: feature in the dashboard. Begin by typing search or filter criteria and the dashboard automatically updates as shown in the example below:

Manage Security/Monitoring Packet Engine Search Filter Function