The Advanced Settings option includes the Flow Filter Settings and the Radius Server Settings and their corresponding configuration settings.
Flow Filter Settings
The Flow Filter settings empower the administrator with the option to
• exclude ESP_App on user defined interfaces - This helps in ensuring that traffic is not double counted in case of ESP tunnels.
• suppress Access Control List related drops (based on destination interface being null) on user defined interfaces.
• suppress output interface accounting on user defined interfaces - Useful when working with WAN accelarator.
• apply GRE filter on the cryptomap tunnels to prevent double counting of GRE traffic.
Option Description
Select edge interfaces of a cryptomap tunnel to apply ESP
application filter
One could add or modify interfaces to apply the ESP application filter. Enabling NetFlow on cryptomap tunnel interfaces double counts the ESP traffic. To prevent this please apply this filter on cryptomap tunnel interfaces. It is possible to add or modify interfaces.
Select interfaces to apply access control traffic filter
Access control filter drops the flow information which contains data pertaining to dropped traffic due to Access Control List. Please apply this filter to drop such flows. These flows have the destination interface as null. If any interface is selected to apply this filter, all the traffic coming from this interface with destination as null interface will be dropped.
Select interfaces to apply output interface suppression filter
Please select any WAN optimizer's LAN facing interfaces to suppress the incorrect out traffic ( due to compression ) reported by them. This filter stops the out traffic for any interface that is coming as a destination interface of a flow for a selected interface. When a WAN optimizer sends a flow which has source and destination interfaces as A and B respectively , if you select interface A to perform output suppression, B will not get out traffic which is not a correct traffic if reported by interface A ( since compression is happening on interface B on the WAN optimizer )
Select edge interfaces of a cryptomap tunnel to apply GRE
application filter
Please select any cryptomap tunnel interface in which you want to apply GRE fiter. This prevents the GRE traffic getting double counted. Otherwise the cryptomap interface in which NetFlow is enabled double counts the GRE traffic.
Radius Server Settings
Radius Server ( Remote Authentication Dial In User Service ) is an AAA (Authentication, Authorization and Accounting ) protocol for controlling access to resources in a network. Radius Server is useful in centralised management of user credential details. It facilitates a single global set of credentials that are usable on many public networks.Once the user roles are defined in the User Management feature
Option Description
Radius Server IP The IP address of the Radius Server where credentials are configures Radius Server
Authentication Port
The authentication port of the Radius Server
Radius Server Protocol The Radius Server Protocol could be any of PAP, CHAP, MSCHAP, MSCHAP2
Radius Server Secret The Secret refers to the password that is necessary to access the Radius Server
Authentication Retries Authentication Retries can take one of the values from 1, 3, 5. This defines the number of times authentication attempt is allowed
Storage Settings
NetFlow Raw Data Settings
NetFlow Analyzer classifies data into 2 types namely Aggregated Data and the Raw Data. Aggregated Data represents the total IN and OUT traffic, the top 100 application and the top 100 conversation for each interface for every 10 minute intervals. Data is progressively stored in 10 minute, 1 hour, 6 hour, 24 hour and weekly data points for older data - the most recent data is available with 10 minute granularity and data older than 90 days is available in weekly granularity.
This mechanism of storing the top 100 is done to ensure that the database does not grow infinitely. The amount of hard disk space required to store the aggregated data forever is about 150 MB per interface.
In addition to the aggregated data, NetFlow Analyzer 5 allows you to store all raw netflow data for up to 1 month. The time period for which you can store this raw data (Raw Data Period) depends on the number of flows received by NetFlow Analyzer and the amount of free disk space available on your computer. Each flow is about 60 bytes. Troubleshooting and Alert reports are generated from Raw data since it provides high level of granularity.
NetFlow Analyzer indicates the flows received per second in the Raw Data Settings tab on the
Settings link. You should set the raw data period ( Retain Raw Data ) based on the calculation below: Free hard disk space - (150 MB * No. of Managed Interfaces)
Raw Data Period (in hours) = --- 60 Bytes * 3600 seconds * Flows Per Second
You can use the recommendation provided by the software to set your Raw data storage period. The maximum raw data storage period is 1 month and the minimum is a day. Similar to the alerting feature, you can choose to have a mail sent whenever the disk space is less than a threshold value( This is set as a percentage value). In addition you can specify the free disk space threshold below which old raw data will be cleared up. This could be as percentage value of the total disk space. This can also take on the value of "Never", in which case the disk place is not cleared up at all.
One minute Data-Storage Settings
To set the period for which one minute flow data has to be stored use the Retain One Minute Data option. You could choose one of 1 month, 3 months, 6 months or 1 year. You will require a free disk space of 2MB to store one month of one minute traffic data for a single interface. The default period is 3 Months.
NBAR Data-Storage Settings
You can use this option to specify the time period for which NBAR data has to be retained. You could retain the NBAR data a minimum of 1 day or a maximum of 1 year. You will require a free disk space of 30 MB in order to store NBAR data for a month for each interface. The default value is 2 months.