Services on the QFX Series - Juniper.net

More documents

Recommendations

Info

<strong>Services</strong> on the QFX Series [edit firewall family ethernet-switching] user@switch# set filter watch-employee term employee-to-corp from destination-address 192.0.2.16/28 user@switch# set filter watch-employee term employee-to-corp from source-address 192.0.2.16/28 user@switch# set filter watch-employee term employee-to-corp then accept user@switch# set filter watch-employee term employee-to-web from destination-port 80 user@switch# set filter watch-employee term employee-to-web then analyzer employee-web-monitor 4. Apply the firewall filter to the appropriate interfaces as an ingress filter (egress filters do not allow analyzers): [edit interfaces] user@switch# set xe-0/0/0 unit 0 family ethernet-switching filter input watch-employee user@switch# set xe-0/0/6 unit 0 family ethernet-switching filter input watch-employee Results Check the results of the configuration: [edit] user@switch# show ethernet-switching-options analyzer employee-web-monitor { output { interface xe-0/0/47.0; } } } ... firewall family ethernet-switching { filter watch-employee { term employee-to-web { from { destination-port 80; } then analyzer employee-web-monitor; } } } ... interfaces { xe-0/0/0 { unit 0 { family ethernet-switching { filter { input watch-employee; } } } } xe-0/0/6 { family ethernet-switching { filter { input watch-employee; } } } } 16 Copyright © 2013, Juniper Networks, Inc.
Chapter 3: Configuration Examples Verification Verifying That the Analyzer Has Been Correctly Created Purpose Verify that the analyzer named employee-monitor or employee-web-monitor has been created on the switch with the appropriate input interfaces and appropriate output interface. Action You can verify that the port mirror analyzer has been configured as expected using the show analyzer command. user@switch> show analyzer Analyzer name : employee-monitor Output interface : xe-0/0/47.0 Mirror ratio : 1 Loss priority : Low Ingress monitored interfaces : xe-0/0/0.0 Ingress monitored interfaces : xe-0/0/6.0 Egress monitored interfaces : None Meaning This output shows that the employee-monitor analyzer: • Has a ratio of 1 (mirroring every packet, the default setting) • Has a loss priority of low (set this option to high only when the analyzer output is to a VLAN) • Is mirroring the traffic entering the xe-0/0/0 and xe-0/0/6 interfaces • Is sending the mirrored traffic to the xe-0/0/47 interface Related Documentation • Understanding Port Mirroring on page 3 • Configuring Port Mirroring on page 23 Example: Configuring Port Mirroring for Remote Analysis Use port mirroring to send traffic to applications that analyze traffic for purposes such as monitoring compliance, enforcing policies, detecting intrusions, monitoring and predicting traffic patterns, correlating events, and so on. Port mirroring copies packets entering or exiting an interface or entering a VLAN and sends the copies either to a local interface for local monitoring or to a VLAN for remote monitoring. This example describes how to configure port mirroring for remote analysis. • Requirements on page 18 • Overview and Topology on page 18 • Mirroring All Employee Traffic for Remote Analysis on page 18 • Mirroring Employee-to-Web Traffic for Remote Analysis on page 19 • Verification on page 21 Copyright © 2013, Juniper Networks, Inc. 17
Page 1 and 2: Services on the QF
Page 3 and 4: Table of Contents About the Documen
Page 5 and 6: Table of Contents Part 3 Administra
Page 7 and 8: List of Figures Part 2 Configuratio
Page 9 and 10: List of Tables About the Documentat
Page 11 and 12: About the Documentation Documentati
Page 13 and 14: About the Documentation [edit] user
Page 15 and 16: About the Documentation https://www
Page 17 and 18: PART 1 Overview • Port Mirroring
Page 19 and 20: CHAPTER 1 Port Mirroring Understand
Page 21 and 22: Chapter 1: Port Mirroring Table 3:
Page 23 and 24: Chapter 1: Port Mirroring • CPU-g
Page 25 and 26: CHAPTER 2 DHCP Relay DHCP and BOOTP
Page 27 and 28: PART 2 Configuration • Configurat
Page 29 and 30: CHAPTER 3 Configuration Examples
Page 31: Chapter 3: Configuration Examples u
Page 35 and 36: Chapter 3: Configuration Examples S
Page 37 and 38: Chapter 3: Configuration Examples }
Page 39 and 40: CHAPTER 4 Configuration Tasks Confi
Page 41 and 42: Chapter 4: Configuration Tasks c. S
Page 43 and 44: Chapter 4: Configuration Tasks rela
Page 45 and 46: CHAPTER 5 Configuration Statements
Page 47 and 48: Chapter 5: Configuration Statements
Page 83 and 84:
Chapter 7: Configuration Statements
Page 85 and 86:
PART 3 Administration • Monitorin
Page 87 and 88:
CHAPTER 8 Monitoring Commands for P
Page 89 and 90:
Chapter 8: Monitoring Commands for
Page 91 and 92:
PART 4 Troubleshooting • Troubles
Page 93 and 94:
CHAPTER 9 Troubleshooting Procedure
Page 95 and 96:
Chapter 9: Troubleshooting Procedur
show all

Services on the QFX Series - Juniper.net

Create successful ePaper yourself

Delete template?

Save as template?