IP Group Management
The IP groups feature lets you monitor departmental, intranet
or application traffic exclusively. You can create
IP groups based on IP addresses and/or a combination of port and
protocol. You can even choose to monitor traffic from specific
interfaces across different routers. After creating
an IP group, you can view the top applications, top protocols, top
hosts, and top conversations in this IP group alone.
This section will help you understand IP Groups and walk you through
the steps needed to create and later delete an IP group if needed.
Understanding IP Groups
To further understand how the IP grouping feature can help in
understanding exclusive bandwidth usage, consider the following two
scenarios:
Enterprise Network Scenario
A typical enterprise setup where the main servers and
databases are located at a central office, and all branch offices are
given appropriate access privileges to these servers.
Problem: You need to track bandwidth used
by each branch office while accessing an ERP/CRM application
Solution: Create an IP
group for each branch office, along with the port and protocol of
the ERP/CRM application running in the central office.
The traffic reports for each IP group will then show details
on bandwidth used by the branch office while working with the ERP/CRM
application. This information is very useful during traffic accounting
and usage-based billing.
End Note: If the IP addresses in the branch
offices are NATed (network address translated) by the web server, you
can view overall bandwidth usage for the branch office, but not that of
individual hosts within the IP group.
Campus Network Scenario
A typical campus network with several departments. Here IP
addresses are usually not NATed by the web server.
Problem: You need to analyze bandwidth used
by each department
Solution: Create an IP
group for each department (IP address or address ranges), without
specifying any port/protocol values.
The traffic reports for each IP group will then show
bandwidth usage by that department along with information on top
talkers, and top conversations within that department.
Defining IP Groups
IP groups can be defined based on IP address and/or
port-protocol combinations. In addition, you can filter IP group
traffic based on interfaces. The following matrix shows the different
combinations possible, along with a typical example usage for each
combination.
Combination |
IP Address |
Port/Protocol |
Interfaces |
IP Address |
View bandwidth details for a range of IP addresses. |
View Web (80/TCP, 80/UDP) traffic details for a range
of IP addresses. |
View bandwidth details across multiple interfaces, for
a range of IP addresses. |
Port/Protocol |
View Web (80/TCP, 80/UDP) traffic details for a range
of IP addresses. |
View Web (80/TCP, 80/UDP) traffic generated across the
network |
View Web (80/TCP, 80/UDP) traffic generated across
multiple interfaces. |
Interfaces |
View bandwidth details across multiple interfaces, for
a range of IP addresses. |
View Web (80/TCP, 80/UDP) traffic generated across
multiple interfaces. |
[ Not possible ] |
Creating an IP Group
The IP Group Management link in the Admin
Operations box lets you create, modify, and delete IP groups.
Click this link, and then click Create to create a
new IP group. Fill in the following information and click Add
to add the new IP group to the current list of IP groups.
Field |
Description |
IP Group Name |
Enter a unique name to identify this IP group |
IP Group Description |
Enter descriptive information for this IP group to help
other operators understand why it was created. |
IP Group Based on |
Select whether you want to define this IP group based
on IP address or port-protocol combination. If you want to define the
IP group based on both IP address and port-protocol, select both
options. |
Specify IP/IP Range/Network |
Select the IP address, address range, or network that
this IP group is based on. Use the Add IP and Remove
IP buttons to add/remove additional IP addresses. |
Include/Exclude |
Include IP option includes
the particular IP address, address range, or network.
Exclude IP option excludes the particular IP address, address range, or
network.
|
Filter based on Port/Protocol |
(This option is shown if you have selected the Port/Protocol
option in step 3) Enter the port numbers or port range in the Port
Number field. Select the protocol in the Protocol
field. Use the Add Row and Remove Row
buttons to specify additional port-protocol options.
*See Note below. |
Select Interfaces |
If you need to filter this IP group further, based on
devices or different interface combinations, click the "Select Devices" link and select the
different devices and interfaces whose traffic needs to be included in
this IP group. |
IP Group Speed |
Enter the interface speed (in bits per second) for
calculating percentage of traffic for this IP group. |
 |
If you add a new combination of ports and
protocol, a popup opens stating that this combination of ports and
protocol has not been mapped to any application. Add the combination as
a new application in the same popup, and click Update
to update the Application Mapping list
with the new application. |
Managing IP Groups
Click the IP Group Management link in the Admin
Operations box to view the list of IP groups currently active.
Select the IP group that you want to modify, and click the Modify
button to edit its settings. Once you are done, click Add
to save and activate the new changes.
To delete an IP group, select the IP group and click the Delete
button. Deleting an IP group removes the IP group from the list of IP
groups managed. All users assigned to this IP group will not see this
IP group listed on their Dashboard.
|