Vous êtes sur la page 1sur 39

BusinessCom Traffic Engineering Server (TES) Application Package

Ver. 2.1.2 User Guide

BusinessCom TES Platform 2.1.2 User Guide, Page 1 www.bcsatellite.net, www.bctes.com

Copyright 2006-2010, BusinessCom Networks, Ltd. All rights reserved. This guide may not be reproduced, in part or in whole, without the permission of BusinessCom Networks, Ltd.

The specifications and information regarding the products in this guide are subject to change without notice. All statements, information, and recommendations in this guide are believed to be accurate, but are presented without warranty of any kind, express, or implied. Users must take full responsibility for their application of any products.

Trademarks, brand names and products mentioned in this manual are the property of their respective owners. All such references are used strictly in an editorial fashion with no intent to convey any affiliation with the name or the products rightful owner.

User Guide Revision 29 March 2010 2:44 PM

BusinessCom TES Platform 2.1.2 User Guide, Page 2 www.bcsatellite.net, www.bctes.com

1 ABOUT THIS MANUAL ...................................................................................................................... 4 2 INTRODUCTION ................................................................................................................................. 5 3 APPLICATION PACKAGE INSTALLATION ..................................................................................... 7 4 USING TES AP.................................................................................................................................. 11 4.1 Bandwidth Management Setup .................................................................................................... 11 4.2 Quality of Service Setup ............................................................................................................... 17 4.3 Web Cache and Acceleration ....................................................................................................... 20 4.4 Firewall.......................................................................................................................................... 22 4.6 MAC/IP Filtering............................................................................................................................ 25 4.7 Network Intrusion Detection System, Failover, Updates and Reports ........................................ 27 4.8 Port Forwarding ............................................................................................................................ 28 4.9 Backup and Restore ..................................................................................................................... 29 4.10 Protocol Breakdown.................................................................................................................... 30 4.11 Web Cache Monitoring ............................................................................................................... 32 4.12 NIDS Reports.............................................................................................................................. 34 4.13 Traffic Analysis/Reports.............................................................................................................. 35 4.14 TES AP Terminal Access Panel................................................................................................. 37 5 INDEX .................................................................................................................................................. 39

BusinessCom TES Platform 2.1.2 User Guide, Page 3 www.bcsatellite.net, www.bctes.com

1 ABOUT THIS MANUAL

This user guide is intended for network administrators or field engineers deploying BusinessCom Traffic Engineering Server (TES) Platform with TES Application Package (AP) installed; as well as any other personnel involved into the installation, operation or monitoring your networks running BusinessCom TES Platform and TES AP. You will need the following software and equipment to install and use TES Application Package: A laptop or PC with web browser software installed. Hardware server with TES Platform software installed (see TES Platform User Guide for more details). TES Platform should be connected to Internet. A single computer or a LAN with multiple computers to perform final routing and performance tests during TES Platform and TES AP configuration stage.

BusinessCom TES Platform 2.1.2 User Guide, Page 4 www.bcsatellite.net, www.bctes.com

2 INTRODUCTION

Application Package (TES AP) is the extension for TES Platform containing proprietary toolset for advanced traffic engineering e.g. bandwidth management, QoS, filtering, traffic monitoring etc. TES AP adds extra functionality to already running TES Platform and doesnt require operating system reinstallation. The list of traffic engineering features carried together by TES Platform and Application Package: 1. Bandwidth Management 1.1. 1.2. 1.3. 1.4. 1.5. Accurate and flexible traffic shaping on Rx and Tx (download and upload) Hard and burstable bandwidth management Customizable bandwidth management groups Bandwidth management by IP address Smart Throttle Engine

2. Quality of Service (QoS) 2.1. 2.2. 2.3. 2.4. 2.5. 2.6. 2.7. 7 customizable QoS levels OSI Layer 7 QoS capabilities Wide range of Layer 7 fingerprints QoS for Peer-2-Peer, VoIP, games etc. Congestion avoidance mechanisms QoS for inbound and outbound traffic flows Lowest priority level for unwanted traffic

3. Web Cache 3.1. 3.2. 3.3. 3.4. 3.5. Semiautomatic Web Cache engine HTTP response time minimizing techniques Adjustable storage size Failover engine preventing web cache fails Transparent/interception web cache proxy

4. Acceleration 4.1. 4.2. BusinessCom Performance Enhancing Proxy (PEP) Transparent HTTP acceleration

5. Security 5.1. 5.2. 5.3. 5.4. Integrated semiautomatic Firewall Dropped packets tracking feature

MAC, IP and linked MAC+IP Filtering


Network Intrusion Detection System (NIDS) BusinessCom TES Platform 2.1.2 User Guide, Page 5 www.bcsatellite.net, www.bctes.com

6. Traffic Monitoring and Analyzing 6.1. Network throughput monitoring, netflow capabilities 6.2. Informative Protocol Breakdown 6.3. Detailed subscribers activity statistics 6.4. Top 20 pie charts 6.5. Long term monitoring data storage 6.6. Interactive traffic analysis capabilities 6.7. Real-time OSI layer 3 and layer 7 monitoring 7. Networking/Routing Features 7.1. 7.2. 7.3. Static routes Adjustable Ethernet settings (duplex, multicast, mtu etc.) Transparent Bridge and Router networking modes

8. Network Address Translation (NAT) and DHCP 7.1. 7.2. Automatic or fully customizable static NAT Automatic or fully customizable DHCP

9. HTML Graphical User Interface (GUI) and Terminal Panel 8.1. 8.2. Intelligent HTML GUI via secure HTTP (HTTPS) Local and remote (via SSH) access to Terminal Panel

10. Miscellaneous features 10.1. 10.2. 10.3. 10.4. 10.5. Health status monitoring E-mail reports and alerts Automatic Updates Completely failsafe operation One-click backup/restore

TES Application Package is available in two variants: Freeware and Commercial. The installation procedure is the same for both versions (see below). TES AP Freeware provides full range of traffic engineering functionality listed above free of charge for evaluating and testing. It can be easily installed over TES Platform by everybody and can handle up to 30 PCs in the LAN behind TES Platform. TES AP Freeware doesnt have PEP subscription Commercial TES AP comes with. TES AP Commercial brings complete range of traffic engineering functionality without any limitations and comes with full Performance Enhancing Proxy (PEP) subscription which allows to save expensive bandwidth and/or connect more subscribers to LAN without a need to buy more bandwidth on Rx and Tx. Consult with BussinessCom representative on how to get Commercial TES AP installed on your TES Platform (commercial@bctes.com).

BusinessCom TES Platform 2.1.2 User Guide, Page 6 www.bcsatellite.net, www.bctes.com

3 APPLICATION PACKAGE INSTALLATION

1. Connect TES Platform to Internet (see section 4.2.2 of TES Platform User Guide). 2. Go to System Controls section TES Platforms HTML GUI (see Figure 1). 3. Press Install TES AP button to move to the first step of installation (see Figure 2). 4. Follow instructions on the screen: a. If you want to get Commercial TES AP please send a request to BusinessCom representative (e-mail address commercial@bctes.com) with TES Platform license key (shown in green at Figure 22) and wait for reply with payment details and prices. b. In order to install Freeware TES AP just press Next (see Figure 3). 5. Read TES Platform and TES AP end users license agreements carefully and press I Agree or I do not Agree depending on your decision (Figure 4). 6. Fill in Registration Form shown at Figure 5. 7. As soon as TES AP installation is finished you will see the confirmation message (Figure 5a) and will need to initialize TES Platform so that TES AP components become accessible from HTML GUI and Terminal Access Panel click Finish. 8. If installation was successful you will see [tes.free] or [tes.comm] initialization steps during TES Platform initialization (see Figure 5b).

Figure 1 System Controls item in HTML GUI BusinessCom TES Platform 2.1.2 User Guide, Page 7 www.bcsatellite.net, www.bctes.com

Figure 2 System Controls section, button Install TES AP

Figure 3 First step of TES AP installation BusinessCom TES Platform 2.1.2 User Guide, Page 8 www.bcsatellite.net, www.bctes.com

Figure 4 TES Platform and TES AP licenses

Figure 5 Registration Form BusinessCom TES Platform 2.1.2 User Guide, Page 9 www.bcsatellite.net, www.bctes.com

Figure 5a Fourth step of TES AP installation

Figure 5b The last step of TES AP installation

BusinessCom TES Platform 2.1.2 User Guide, Page 10 www.bcsatellite.net, www.bctes.com

4 USING TES AP

4.1 Bandwidth Management Setup In order to start using of bandwidth management mechanisms of TES AP like traffic shaping and throttling, select Preferences in Bandwidth Management menu of TES Platforms the web administration panel. By default this feature comes with TES AP disabled so once you implemented TES into your network you might enable it and configure according to your bandwidth management needs (please see Figure 6 and 6a).

Figure 6 Disabled Bandwidth Management

Figure 6a - Part of Bandwidth Management configuration page (Router mode) BusinessCom TES Platform 2.1.2 User Guide, Page 11 www.bcsatellite.net, www.bctes.com

Bandwidth management configuration page and its working principles vary depending on selected networking mode. In Router mode TES shapes the traffic on its LAN interface applying different Rx/Tx speed limits to hosts in LAN only (see Figure 6b). When Bridge mode is selected TES shapes bandwidth on virtual bridge interface that comprises two network interfaces as bridge ports (see figure 6c).

Figure 6b Example network with TES in Router mode

Figure 6c Example network with TES in Bridge mode

Below are descriptions of the fields at bandwidth management configuration page, they should be filled carefully in order to configure traffic shaping and throttle features. WAN Maximum Uplink specifies the maximum available bandwidth on upload (from TES to Internet) in kbps e.g. '7000'.

BusinessCom TES Platform 2.1.2 User Guide, Page 12 www.bcsatellite.net, www.bctes.com

WAN Maximum Downlink field specifies maximum available Internet connection downlink speed (from Internet to TES) in kbps e.g. '15000'. TES AP supports bandwidth groups which enable you to allocate different bandwidth limits and throttling rules for defined IP addresses. Such exclusive groups are useful to define multiple service levels or packages for individual subscribers or groups of them. First specify group participants IP addresses, receive and transmit speeds etc.: IP address(es) field specifies network address(es) of LAN hosts you need to shape bandwidth for applying upload and download speed limits. For example, if you wish to limit speed for group of IPs staring from 192.168.1.10 and ending 192.168.1.13 (3 PCs), add the following line '192.168.1.10192.168.1.13'. Use empty space or - to define list or range of IP addresses respectively. NOTE: If Bridge networking mode is selected bandwidth management engine handles traffic on both bridge ports that means it shapes traffic generated by subscribers as well as by gateway (this usually is set up as default gateway in subscribers PC settings). Maximum uplink specifies maximum amount of bandwidth available on upload (from LAN user to the Internet) in kbps (e.g. '1000', '4000') for the group. Maximum downlink specifies maximum amount of bandwidth available on download (from Internet to LAN user) in kbps (e.g. '1000', '4000') for the group. Free bandwidth sharing, when enabled, allows your subscribers to exceed individual uplink and downlink rates (Rx/number-of-users and Tx/number-of-users), borrowing unused bandwidth to and from each other. Disabled setting prevents such a sharing. Throttle field enabled Smart Throttle Engine for each bandwidth group participant and is described below.

NOTE: BusinessCom always recommends setting up default maximum bandwidth limits per each local network subscriber to prevent malicious applications to consume excessive amounts of your Internet connection bandwidth.

NOTE: BusinessCom does NOT recommend enabling of free bandwidth sharing if your plans are to offer a particular fixed level of service for your end subscribers. Some of the users may be mislead by that you are delivering a nominal level of service only when sharing enables them to consume the extra. Recommended usage is corporate environment only.

Bandwidth management page section also represents Throttle Engine (Figure 7). This engine is a proprietary developed network mechanism used to temporarily suppress the bandwidth for network IP connections which consume uneven amount of traffic throughout for a long period of time. BusinessCom TES Platform 2.1.2 User Guide, Page 13 www.bcsatellite.net, www.bctes.com

Figure 7 Throttle Engine configuration

Throttle engine automatically analyses traffic consumption levels per each local IP in real-time mode and takes decisions to limit the bandwidth per any particular IP if the threshold level has been met. Throttle is useful to prevent small percentage of network subscribers occupying the large portion of your Internet access link by aggressively and continuously downloading large multimedia content. It also helps to prevent accidental flood and virus traffic to seize the whole link.

600 500 400 300 200 100 0


13 :0 0 13 :2 0 13 :4 0 14 :0 0 14 :2 0 14 :4 0 15 :0 0 15 :2 0 15 :4 0 16 :0 0

600 500
Customer-4 Customer-3 Customer-2 Customer-1

400 300 200 100 0

Customer-4 Customer-3 Customer-2 Customer-1

13 :0 0

13 :2 0

13 :4 0

14 :0 0

14 :2 0

14 :4 0

15 :0 0

15 :2 0

15 :4 0

Figure 7a Example of traffic flows with no throttling (left) and Throtte Engine enabled (right)

In order to understand the benefits of the Throttle Engine, please refer to Figure 7a above for an example situation. Assuming your Internet connection supports a maximum of 500 kbps, the throttling chart at Figure 7a depicts a Customer-1 steadily consuming 400 kbps of bandwidth with an always on download seizing almost all the Internet access link and compromising the service performance for the remaining customers. Such kind of a download abuse is a pretty frequent occurrence in nowadays networking world with larger media content now appearing in the Internet such as video and audio files, ISO images and similar files sizing hundreds of megabytes or even a couple of gigabytes. With a Throttling Engine turned on, the Customer-1 is automatically throttled back to 50 kbps every 4 minutes, allowing remaining customers to receive a better level of service. Please notice that these charts are for indicative purposes only and your throttling settings should be setup the way they reflect the actual throughput situation of your network and your Internet connection.

BusinessCom TES Platform 2.1.2 User Guide, Page 14 www.bcsatellite.net, www.bctes.com

16 :0 0

NOTE: Throttle Engine is not a complete panacea. Always invest attention to control the way the applications are used in your local network and the way they are prioritized via QoS mechanisms in TES. Throttling along with other available tools significantly helps to offer a better quality service.

To set up the TES Throttle Engine, check the following fields carefully (please refer to Figure 8 for a screenshot of the configuration menu):

Sampling interval specifies desirable time interval for Throttle engine to analyze traffic consumption levels in minutes. For example, setting the interval to '4' means the engine will check traffic statistics and will take decisions every four minutes.

NOTE: Setting the lowest interval possible is always better as it helps TES to gain a more frequent control over the traffic flows. Downsides are that more CPU resources are consumed with smaller intervals. We recommend to check CPU utilization with the TES heath monitoring tools once each new interval setting is applied.

Threshold limit defines the maximum allowed sustained throughput per each local network subscriber, specified in percents from the maximal allowed bandwidth per subscriber - on the downlink.

For example, if the Threshold limit is set to '30', Sampling interval set to '2' and the maximum amount of bandwidth on download is set to 300 kbps, the throttling Threshold will be defined as 90 kbps (300 * 30% = 90 kbps). In this particular case, if a single IP in your local network passes traffic at the speed of equal or more than 90 kbps during the whole 2 minutes interval, its bandwidth will be automatically limited to prevent such an abuse.

Recommended Threshold limit starting values are '30' or '40', although you may want to tweak these settings according to your actual demands.

NOTE: Use extensive monitoring tools TES AP offers to see if you need to tweak Threshold Limit or other throttling settings.

BusinessCom TES Platform 2.1.2 User Guide, Page 15 www.bcsatellite.net, www.bctes.com

Activity limit. If the global usage of your Internet access link is low, then it makes sense not to enable Throttle for subscribers and allow them to consume any amount of traffic they want, so the bandwidth isnt be wasted. The Activity limit defines the maximum Internet access link utilization percentage under which throttle engine will ignore all traffic consumption violations. For example, if you have a 10 Mbps link to the Internet on download and the Activity limit is set to '20', Throttle engine will not take any actions until the total link load is more than 2 Mbps (20% of 10Mbps). Throttled uplink specifies the maximum bandwidth amount on upload the IP will be limited to if threshold has been met. Throttled downlink specifies the maximum bandwidth amount on download the IP will be limited to if threshold has been met. Ignore activity limit enables TES to ignore Activity limit and throttle all the time.

NOTE: We strongly recommend you to test the ability of TES to route traffic with your current NIC settings before proceeding to the Throttle Engine setup. Misconfigured throttling may significantly overcomplicate troubleshooting.

Figure 8 - Throttle engine section

BusinessCom TES Platform 2.1.2 User Guide, Page 16 www.bcsatellite.net, www.bctes.com

4.2 Quality of Service Setup

Quality of Service (QoS) refers to the capability of a network to provide prioritization to certain network traffic. TES may control the traffic flows and prioritize your preferred applications traffic as well as deprioritize unwanted traffic. TES AP supports 7 QoS levels (from 0 to 6) for prioritization. QoS level zero is of highest priority and can be used to provide QoS for mission critical applications e.g. VoIP or DNS. Seventh level is of the lowest priority and is usually used for unwanted network applications (e.g. P2P). EXAMPLE: If you want to make sure your subscribers always receive the best browsing performance, you can put HTTP and HTTPS protocols into QoS level 0. Equivalently, if you want to defeat excessive levels of unwanted P2P traffic, you can put P2P applications in the QoS level 7 so they wont overlap applications traffic attributed to better QoS levels. Select item Quality of service in the main menu in order to configure TES QoS. Figure 9 depicts configuration page of QoS mechanisms of TES AP.

Figure 9 - Part of QoS management page To enable QoS engine, select enable option in the field QoS Engine (see Figure 9). In order to have QoS Engine working it is important and necessary to fill the following fields: BusinessCom TES Platform 2.1.2 User Guide, Page 17 www.bcsatellite.net, www.bctes.com

Prioritize browsing over downloads option enables or disables TES unique feature helping to achieve best browsing speeds for LAN users and thus fast load time of regular web pages. When this feature is enabled TES analyses HTTP sessions and prioritizes HTML content, gif, jpeg, png images and other components of regular web pages over file downloading sessions including RAR, EXE, MP3, AVI and other files downloading.

The next step of QoS setup is to configure QoS levels according to certain network and/or enterprise conditions. To add certain network application to one of the QoS levels, browse down the page to a desired QoS level and select the application in the dropdown fields (Figure 10). Network application type which is to be added to any QoS level can be specified in two ways: by destination TCP/UDP port it uses or by layer7 pattern it complies with (application level packet classifier).

Figure 10 Part of QoS Setup page

To define network application go to subsection Add New Network App. Definition and specify: Protocol/L7: UDP, ICMP and TCP protocols are supported. Select 'layer7' in order to enable application OSI layer 7 packet classifier which detects network applications by their traffic contents. DST IP: specifies destination IP address of network application uses to transmit traffic. In case when it's necessary to define network application regardless of destination IP it uses, keep this field empty or set it to 'any'. DST Port specifies destination port which is used by network application being added to QoS level. In BusinessCom TES Platform 2.1.2 User Guide, Page 18 www.bcsatellite.net, www.bctes.com

case when packet classifier is enabled (Protocol set to 'layer7') DST Port field is ignored. Layer7 pattern specifies network application pattern for OSI layer7 classifier (if it's enabled). In order to define traffic that can't be referred to any of layer7 patterns, select 'unknown' value at the dropdown list. To delete application definition from certain QoS level just select Delete? check box(es) at corresponding application definition(s) and press Save settings button.

TES AP comes with initially configured QoS mechanisms you may want to change immediately in the first configuration session.

BusinessCom TES Platform 2.1.2 User Guide, Page 19 www.bcsatellite.net, www.bctes.com

4.3 Web Cache and Acceleration

TES AP provides efficient and reliable web caching system as well as BusinessCom PEP acceleration client-server for bandwidth saving, delays and response time minimizations. The main goal of web caching and acceleration is to use Internet link as effectively as possible. Caching engine of TES implies transparent/interception proxy that means that there is no need to change Internet connection settings at network subscribers' side. All HTTP traffic (over TCP port 80) is caught by TES and processed by its proxy server that stores popular page elements/files locally at hard disk or in memory. In a few words web cache works as follows: when subscriber requests a file (web page, image etc.) using his/her browser TES returns cached file without requesting it from original server or access remote server and deliver the file to subscriber (an action depends on popularity of the file). When both web cache and PEP are enabled, the former has higher priority. To start configuring Web cache system as well as BusinessCom PEP accelerator choose item Web cache and acceleration in the main menu of TES Web Administration Panel (Figure 11).

Figure 11 - Web cache and acceleration management page

BusinessCom TES Platform 2.1.2 User Guide, Page 20 www.bcsatellite.net, www.bctes.com

Initially web cache engine and the PEP accelerator are disabled but preconfigured for the best performance when enabled. There are the following fields to be set up in order to tune web cache and PEP accelerator in regard to your network configuration: Web cache size is used to define maximum amount of web cache stored at TES in Kbytes. As bigger this value as more web elements (like pictures, pages and etc.) are to be stored to web cache in order to save bandwidth and Internet connection resources. After next requests to load these elements they will be retrieved from cache that will minimize delays, response time and bandwidth. We don't recommend setting up web cache size value to more than '60000' Mbytes (approximately 60 GB). Recommended value is '10000' Mbytes. PEP link coefficient specifies desirable percentage of HTTP traffic passing through Internet connection. For networks which are used mainly for web surfing we recommend to set this value to '70' or '80' %, for differently purposed network this PEP link coefficient can be set to smaller value like '50' %. PEP server and port specifies BusinessCom PEP server IP address and port. Login and Password: these data is used to access BusinessCom PEP server by each TES.

NOTE: If you dont have PEP login and password yet, please contact your BusinessCom sales or operations manager to obtain it (info@bctes.com).

In order to make sure traffic is going through PEP you may access http://www.whatismyip,com that will show 209.160.40.100 as an external IP instead of your ISPs public IP.

BusinessCom TES Platform 2.1.2 User Guide, Page 21 www.bcsatellite.net, www.bctes.com

4.4 Firewall

Firewall is the part of TES Platform and is available in two variants: IP Firewall (if Router mode is selected) and Bridge Firewall (when Bridge mode is selected). IP Firewall restricts network connections coming from WAN and LAN to increase security and integrity of the network infrastructure. When Bridge networking mode is selected you can specify Bridge Firewall rules which will block or allow incoming connections to TES Bridge itself (this to protect TES Bridge from outside attacks or to cover your networking needs) e.g. allow remote access to HTML GUI from certain IP in Internet etc. See section 4.2.3 of TES Platform Users Guide to get more information on configuring TES Firewall.

Figure 9 IP Firewall configuration page

BusinessCom TES Platform 2.1.2 User Guide, Page 22 www.bcsatellite.net, www.bctes.com

4.5 Network Applications Filtering

Feature named Applications Filter is used to control network services and/or applications available per every network subscriber. It is useful to define what kind of traffic can be delivered to subscriber and what traffic should be forbidden to pass through into your local network or from there. This is a concept similar to firewall, however it takes significantly less time to setup and maintain. The configuration of filtering engine of TES can be performed at Applications Filter section after you choose menu item of the same name at Bandwidth Management menu of TES configuration panel (see Figure 12).

Figure 12 Network application filtering configuration page In order to get a particular network application to be permitted or forbidden by the filtering engine, it's required to define the application with the following setting fields (see Figure 12a): Action specifies an operation to be performed in regard to the network operation being defined (permitted of forbidden). Protocol/Layer7 field is used to define protocol certain network application uses. Option 'layer7' enables application layer packet classifier which can identify network applications regardless protocol and destination ports they use. BusinessCom TES Platform 2.1.2 User Guide, Page 23 www.bcsatellite.net, www.bctes.com

Source IP address located at LAN certain network application transmits data from. Source port specifies TCP or UDP source port used to transmit data by network application. Destination IP specifies IP address located at Internet that provides certain network application or service. Destination Port allows to define destination TCP or UDP port used to transmit data by network application. Layer7 pattern specifies application layer packet classifier traffic pattern. In case when application layer packet classifier is enabled (Protocol field is set to 'layer7' value) field Destination port is ignored. In order to delete network application definition you can enable check box Delete and save settings (see Figure 12b).

Figure 12a Part of Network Applications Filtering page

Figure 12b -

Existing filtering rule

BusinessCom TES Platform 2.1.2 User Guide, Page 24 www.bcsatellite.net, www.bctes.com

4.6 MAC/IP Filtering

MAC and IP filtering mechanisms of TES AP make it possible to perform filtering based on hosts IP or MAC addresses as well as combined MAC and IP addresses filtering. Type of filtering (either you specify the list of addresses to be blocked or specify those only address you wish to permit) is selected by Policy checkbox. If IP filtering is enabled TES will accept or block connections from those hosts which IP addresses are listed in access/block list regardless their MAC addresses. TES will accept or block mentioned connections depending on the policy which is selected for certain filtering type. MAC filtering requires TES to block or accept hosts which MAC addresses are listed in MAC block/access list. This kind of authentication provides more control over your Internet connection utilization than previous type as MAC address is more difficult to forge than IP address. At the same time MAC or IP filtering are not panaceas as nowadays users can spoof MAC address, so use TES monitoring tools carefully to identify and prevent abuse. Combined MAC and IP filtering makes it possible to filter connections based on hosts MAC and IP addresses simultaneously. IP, MAC addresses as well as MAC+IP (for combined MAC and IP authentication) address should be listed at MAC/IP filtering configuration page (choose MAC/IP Filtering in the main menu of TES Platform configuration panel see Figure 13).

Figure 13 MAC/IP Filtering configuration page BusinessCom TES Platform 2.1.2 User Guide, Page 25 www.bcsatellite.net, www.bctes.com

To enable any type of filtering choose corresponding value at drop-down list Filtering by. After adding MAC, IP or MAC+IP addresses into corresponding access list please make sure that you listed the IP of the PC you are going to manage TES from in order not to loose connection. There is a list of connected IP/MAC addresses (ARP protocol cache) at the bottom of MAC/IP Filtering page (see Figure 13). When Bridge networking mode is selected TES examines traffic coming to both bridge ports so dont forget to add not only subscribers addresses but also gateways ones and other network devices subscribers should have connect to via TES Bridge.

BusinessCom TES Platform 2.1.2 User Guide, Page 26 www.bcsatellite.net, www.bctes.com

4.7 Network Intrusion Detection System, Failover, Updates and Reports

TES AP incorporates Network Intrusion Detection System (NIDS) which can be used to monitor all suspicious activity on your network (P2P, viruses, DoS attacks, floods, port scans and similar) and report it daily. NIDS is based on traffic signatures which are automatically updated. Output of NIDS engine can be analyzed at Daily NIDS report page (choose at the top menu). Failover feature of TES AP switches of web cache/PEP feature if one them fails e.g. due to lack of disk space if web cache size is too large. This feature will disable PEP if your login/password expires. We recommend to keep this Failover feature enabled. TES can be updated automatically by self updating system. Field Autoupdate source server should be changed only in case when it's actually needed. You can specify e-mail addresses which should be used to send daily reports that contain system statistics information as well as NIDS output. In case when several e-mail addresses should be set you can add them by syntax: '<e-mail> <e-mail> ...' e.g. 'test@test.com test1@test1.com'.

Figure 14 Miscellaneous features configuration page You can enable NIDS, Failover and auto updating system at page Bandwidth Management Preferences page by clicking item Preferences at the top menu Bandwidth Management of TES web based configuration panel (Figure 14).

BusinessCom TES Platform 2.1.2 User Guide, Page 27 www.bcsatellite.net, www.bctes.com

4.8 Port Forwarding

Port forwarding engine allows forwarding of TCP/UDP/ICMP and other traffic from Internet to hosts in local network when NAT feature is enabled at TES. This makes it possible for LAN hosts to get accessible from outside network e.g. Internet via IP address(s) assigned to WAN NIC of TES. Figure 14a shows default Port Forwarding configuration page.

NOTE: Port Forwarding as well as NAT feature is not available in Bridge networking mode.

Figure 14a Port Forwarding configuration page In order to add a new port forwarding rule it is enough to feel all fields in Create new instance and press Save settings button: Public IP specifies WAN network IP address that is to be used for accessing hosts or services in LAN. Public Port is TCP/UDP port that should be forwarded by particular port forwarding rule. Private IP field specifies IP address of the host in local network for traffic forwarding. Private Port is the port opened at LAN host used for the forwarding. Protocol specifies one of supported protocols like TCP, UDP, ICMP etc.

BusinessCom TES Platform 2.1.2 User Guide, Page 28 www.bcsatellite.net, www.bctes.com

4.9 Backup and Restore

TES AP adds backup/restore functionality to TES Platform. It allows saving complete configuration, monitoring and statistics data for later usage if this is necessary. To download, delete or apply previously created restore points use controls on Backup/Restore page of TES HTML GUI (see Figure 15). Any particular restore point contains: TES configuration including all features setup, users/passwords settings, all monitoring and statistical data displayed at corresponding sections of HTML GUI e.g. Protocol Breakdown, Traffic Analysis/Reports etc.

We recommend regularly create and download restore points (e.g. once a week).

Figure 15 Backup/Restore page

BusinessCom TES Platform 2.1.2 User Guide, Page 29 www.bcsatellite.net, www.bctes.com

4.10 Protocol Breakdown

Protocol Breakdown feature of TES AP is powerful tool for analyzing the data flowing within your network. To start using Protocol Breakdown interactive tool select Protocol Breakdown at the top menu of TES web administration panel. Figure 16 shows an example of TCP/IP statistics.

Figure 16 IP Monitoring page

Protocol Breakdown page helps to watch data flows statistics within the network by several attributes e.g. used protocols and the applications which generated these flows. Default view provided by IP Monitoring interactive page displays the traffic within 12 hours grouped by network applications generating it (different applications are displayed in different color). In order to change time period of view it's necessary to select desirable value at Time period dropdown list and press Generate button. For example, to get information regarding data flows generated by mail services select 'imap', 'pop3', 'pop3s', 'smtp' at Services list and press Generate button. Unrecognized data flows which were generated by unknown protocols and/or services will be displayed in black color until Show undefined traffic check box is deselected (see Figure 16). BusinessCom TES Platform 2.1.2 User Guide, Page 30 www.bcsatellite.net, www.bctes.com

You can easily re-define TCP/UDP applications monitored by this feature by pressing Services Configuration link at the top of Protocol Breakdown page (see Figure 17). Each line in Existing Protocol Breakdown Services Definitions section corresponds a line in Protocol Breakdown graph (Figure 16). To delete particular service definition select Delete checkbox and press Save configuration button. In case it is necessary to return to default configuration press Restore Default Services List (Figure 18). After making any changes in Services Configuration it will be necessary to reinitialize TES to apply those changes (see section 4.2.1 in TES Platform User Guide).

Figure 17 Services Configuration page

Figure 18 Restore and Save buttons at Services Configuration page BusinessCom TES Platform 2.1.2 User Guide, Page 31 www.bcsatellite.net, www.bctes.com

4.11 Web Cache Monitoring

Web cache statistics is provided by TES AP in order to show information regarding LAN subscribers' HTTP activity as well as web cache system status information (Figure 19).

Figure 19 Web cache monitoring Web cache Statistics shows subscribers web activity summary grouped by months and days (see Figure 19). It also displays system status data of web cache engine coming with TES AP. To get extended information about web cache usage by LAN subscribers just click on one of the links corresponding to particular day of the month (like 18 Dec 2008 at Figure 19). It's also possible to select different month or get information about popular sites downloaded by subscribers within a month or whole year (Figure 20). Web cache monitoring page is easy to use and at the same time provides a lot of information regarding usage of web cache. If necessary you can clear web cache by single click on corresponding button at Web cache statistics page (see Figure 19 again). BusinessCom TES Platform 2.1.2 User Guide, Page 32 www.bcsatellite.net, www.bctes.com

Figure 20 An EXAMPLE of popular sites accessed within 2007 year

Its generally a good idea to keep watching over popular sites statistics from time to time to prevent excessive amounts of traffic passing from single sites possible abusers. Thats yet another possibility of the bandwidth consumption optimization.

BusinessCom TES Platform 2.1.2 User Guide, Page 33 www.bcsatellite.net, www.bctes.com

4.12 NIDS Reports

In case when Network Intrusion Detection System is enabled Daily NIDS report page (choose corresponding item in Monitoring" menu) provides cumulative daily statistics of network accidents registered by NIDS running at TES (see Figure 21). If NIDS feature is disabled or there were no accidents registered by NIDS you will see corresponding message at Daily NIDS report page.

Figure 21 NIDS daily statistics Detailed NIDS statistics can be viewed by clicking on link Full daily report at the bottom of the page. High amount of events usually indicates there are troubles in your networks possibly P2P applications, viruses, trojans or similar stuff. If events are increasing, examine the NIDS log once TES AP sends you a report by e-mail every day and take appropriate actions. BusinessCom TES Platform 2.1.2 User Guide, Page 34 www.bcsatellite.net, www.bctes.com

4.13 Traffic Analysis and Reports

Traffic Analysis and Traffic Reports page can be accessed by clicking on Traffic item of Monitoring menu. This page shows detailed network activity on LAN interface of TES including summary of all traffic flows generated by LAN users. By default Traffic Analysis/Reports page gives you traffic information collected for 24 hours till the moment showing several Top 20 reports (see all of them at Figure 22). Use corresponding page controls to get needed report e.g. for greater period of time.

It may take some time to generate particular report depending on amount of data collected, current load of TES and other factors. Most times it will be loaded in less than 1 minute.

Details for every reported IP, network application and protocol can be fetched in by clicking on information icon (see Figures 22 and 23).

Figure 22 Traffic Analysis/Reports Page BusinessCom TES Platform 2.1.2 User Guide, Page 35 www.bcsatellite.net, www.bctes.com

Figure 23 Example of details window

BusinessCom TES Platform 2.1.2 User Guide, Page 36 www.bcsatellite.net, www.bctes.com

4.14 TES AP Terminal Access Panel

TES AP provides featured Terminal Access Panel (Terminal Shell) that has more options for configuring TES rather than one coming with TES Platform. Terminal Access Panel usage principles are exactly the same as one of TES Platform so consult with Platforms User Guide. TES Configuration menu item allows changing of TES Platforms and TES APs settings and components like QoS, Bandwidth Management, IP firewall, filtering mechanisms and others (see Figure 23). Configuration of TES components via Terminal Shell is similar to configuring them through web administration panel with single difference: item selections and other operations should be done by pressing keyboard buttons instead of mouse clicks as in HTML GUI. Use up and down arrow keys to move through menu items, tab key to change current field (see Figure 24) and rest of keyboard keys to fill in that field.

Figure 23 TES Configuration menu of Terminal Shell (Bridge mode)

BusinessCom TES Platform 2.1.2 User Guide, Page 37 www.bcsatellite.net, www.bctes.com

Figure 24 Internal interface settings setup via Terminal Shell of TES AP Item System control of Terminal Shell main menu is meant to perform basic operations with TES like re-initialization, rebooting and halting. You can also use this menu for sending system report or for resetting of TES settings (Figure 25).

Figure 25 System Controls section of Terminal Shell The rest of Terminal Shell functionality is similar to one coming with TES Platform so consult with corresponding manual to get more details. BusinessCom TES Platform 2.1.2 User Guide, Page 38 www.bcsatellite.net, www.bctes.com

5 INDEX A acceleration, 18 activity limit, 13 administration panel, 10, 18, 27, 34 application, 2, 16, 17, 20, 21 attacks, 24 authentication, 22, 23, 34 B bandwidth, 10, 11, 12, 13, 15, 18, 19, 30 browser, 4 C cache, 18, 19, 29 computer, 4 connection, 12, 18, 19, 22, 23 consumption levels, 11, 12 D daily report, 31 data flow, 27 DHCP, 24 DNS, 24 downlink, 11, 13 E e-mail, 24 F filtering, 20 firewall, 34 flood, 12 G gateway, 24 H HTTP, 15, 19, 29 I ICMP, 16 interactive traffic, 15 Internet, 11, 12, 13, 18, 19, 21 IP, 11, 13, 16, 19, 21, 22, 23, 24, 27, 34 ISO, 12 J jitter, 15 K kbps, 11, 12, 13 L LAN, 4, 21 laptop, 4 latency, 15 layer7, 16, 17, 20, 21 local network, 20 login, 19 M MAC, 22, 23 mail, 24, 27, 31 main menu, 10, 15, 18, 22, 35 management, 10, 11, 15, 18, 26, 34 monitoring, 4, 13, 27, 29 N network, 4, 11, 12, 13, 15, 16, 17, 18, 19, 20, 21, 24, 27, 31 networking, 12 NIC, 13 NIDS, 24, 31 P P2P, 15, 24, 31 password, 19 PC, 4, 23, 24 PEP, 18, 19 performance, 4, 12, 15, 18 port scan, 24 prioritization, 15 protocol, 16, 17, 20, 21 Q QoS, 12, 15, 16, 17, 34 QoS level, 15 Quality of Service, 15 R rebooting, 35 re-initialization, 35 routing, 4 S sampling interval, 12, 13 server, 4, 18, 19, 24 setup, 10, 12, 13, 15, 20 shaping, 10 smtp, 27 software, 4 subscriber, 10, 11, 13, 15, 18, 20, 22, 24, 29 system control, 35 T TCP, 16, 21 Terminal Shell, 34, 35 threshold, 11, 13 throttle, 11, 12, 13, 14 throughout, 11 time, 27 traffic, 11, 12, 13, 15, 16, 17, 19, 20, 21, 24, 27, 30 transmit, 10, 11, 16, 21 U UDP, 16, 21 uplink, 11, 13 user, 4, 10, 11 V virus, 12, 24, 31

BusinessCom TES Platform 2.1.2 User Guide, Page 39 www.bcsatellite.net, www.bctes.com

Vous aimerez peut-être aussi