PACKET ENGINE


Security/Monitoring Configure Packet Engine


Configure Packet Engine


Selecting Overview → Manage → Security/Monitoring → Configure Packet Engine displays the Packet Engine dashboard.


When dashboard initially loads you are presented with the following if no Packet Engines are configured:


Manage Security/Monitoring Packet Engine Dashboard


A Packet Engine is added by clicking Add Packet Engine and entering the required information.


Clicking Add initiates the function and returns a notification of success or failure and reason.


Adding a Packet Engine


To add a packet engine, click Add Packet Engine to display the Add Packet Engine dialog box.


Manage Security/Monitoring Add Packet Engine


Enter the Server Name, Host Name/IP and Port.


Click Fetch to obtain a list of Ethernet adapters available.


Enter the interface number, IP address and Name for the switch and click the  icon.


NOTE: Username and Password are only required for Remote PCAP and should not be entered.


Click ADD to continue with adding the Packet Engine or Cancel to return to the previous screen without adding a Packet Engine.


When added, the dashboard displays the Ethernet interface address and the assigned name of the packet capture agent, the IP address of the packet capture engine along with the port number – 8080 and the Ethernet adapter number and IP address of the UNUM host.


Manage Security/Monitoring Add Packet Engine


The following is an example of a populated packet capture engine configuration screen with multiple interfaces.


Manage Security/Monitoring Add Packet Engine Example


When the new packet engine is added, it is displayed on the dashboard.


Manage Security/Monitoring Added Packet Engine Example


Deleting Packet Engine Files


You delete a Packet Engine using the  icon on the dashboard.

 

Manage Security/Monitoring Delete Packet Engine


Clicking on Keep File will delete the PCAP agent data from the database. Clicking on OK will remove both the data from the database and delete the file.


Third Party Tools


Installed third party packet capture tools are listed in the dashboard and additional third-party tools are added by clicking on the Add Third Party Tool link.


Manage Security/Monitoring Packet Engine Add Third Party Tools


Enter the Server Name along with the Ethernet adapter interface number, the IP address and a name for the packet capture tool.


Click  to add the field to the dashboard and when complete click Add.

For example, Server Name = “Colossus”, Interface = “eth2”, IP Address = “10.9.8.118” and Name = “Forbin”


Manage Security/Monitoring Packet Engine Add Third Party Tools Example


And, clicking Add, adds the third-party tool to the dashboard.


Manage Security/Monitoring Packet Engine Third Party Tools Added


Packet Engines can either be a packet capture endpoint controlled by UNUM or a Third-Party Tool.



Note: There is no management of any third-party tool, it is the responsibility of the user to manually upload any PCAP files generated by this third-party tool into UNUM.



Packet Engine Search Function


You easily search and filter multiple Packet Engine entries using the Filter By: feature in the dashboard. Begin by typing search or filter criteria and the dashboard automatically updates as shown in the example below:


Manage Security/Monitoring Packet Engine Search Filter Function