| |
| Product Specifications |
| |
Traffic Performance
|
| |
|
Per
GenieATM 6167 Collector: 50,000 flows / per sec.
Per GenieATM 6135 Collector: 30,000 flows / per sec.
Report Accumulation: every 5 minutes
Anomaly Traffic Detection Response Time: 1 minute
|
|
|
| |
Data Source |
| |
|
Gather, aggregate, and analyze
traffic information from multiple Collectors
| Flow: NetFlow v1 / v5 / v7 / v9,
sFlow v4 / v5, NetStream |
| Routing: support BGP4 and encrypted
BGP with TCP MD5 Signature |
| Support SNMP v1, v2c GET/TRAP and
provide MIB |
|
|
|
| |
User Interface |
| |
|
Multi-language Support
on UI
English / Traditional Chinese / Simplified Chinese
|
|
|
| |
Traffic
Analysis Report |
| |
|
Type: Standard /
Comparison
Content: Bits / Packets / Flows (per sec.)
Period: Daily / Weekly / Monthly / Quarterly / Yearly
Format: Line, Stacked, or Pie Chart / Table / Top-N
Export: HTML / CSV or PDF |
|
|
| |
Network
Traffic Modellings |
| |
|
Build network topology
model basing on the Home, Internet Boundary, Neighbor,
Backbone link and Sub-network settings, and hence generate
various pre-defined traffic reports automatically without
inextricable individual report configuration.
| Network Boundary: |
Circular Cut / Segment Cut |
| Pre-defined Traffic Reports: |
Internet Analysis / Neighbor Analysis
/ Backbone Analysis / Router Analysis / Sub-Network
Analysis / Customer Analysis |
| Cross-analysis: |
provide cross-analysis of traffic between each
Sub-Network and Neighbor. |
| Top-N Analysis: |
analyze Application, Protocol, Protocol+Port,
TOS Value, and Packet Size with Top-N statistics
as well as comparison reports. |
| Peering Analysis: |
Peering & Transit Analysis on Neighbor ASes |
| BGP Routing Analysis: |
include AADIFF / AADUP / TUP / TDOWN / UPDATE
Message, and AS Path Length Analyses; provide the
monitoring on BGP routing stability and performance |
| Router Performance Analysis: |
CPU / Memory / Interface Traffic |
|
|
|
| |
Managed
Service Provision for Customers |
| |
|
The Managed Services
provided for the Customer users include,
| Traffic Analysis: |
Ingress/Egress (A Specific Customer) |
| Anomaly Traffic: |
Anomaly Traffic Analysis (A Specific
Customer) |
| Snapshot: |
Instant Top-N Analysis (A Specific Customer) |
| Anomaly Console: |
Traffic/Protocol-Misuse/Application Anomaly Report
(A Specific Customer) |
|
|
|
| |
Traffic
Snapshot |
| |
|
| Traffic Scope: |
Home/Neighbor/Sub-Network/Customer |
| Analysis Criteria: |
IP, Protocol+Port, Interface, Peer
ASN, Origin ASN, TOS Value, Next Hop, BGP Community,
TCP Flag, Time Duration, Anomaly |
| Aggregation Method: |
Source: IP / Protocol+Port / Interface / Peer
ASN / Origin ASN
Destination: IP / Protocol+Port / Interface /
Peer ASN / Origin ASN
Directionless: TCP Flag / TOS Value / Next Hop
|
| Report Format: |
Pie Chart + Top-N Table |
| Gradually drill down anomaly traffic
scope, thus acquire most precise snapshot results |
| Inspect latest 100 raw flows |
| Generate Cisco compatible ACL commands |
|
|
|
| |
Anomaly
Traffic Detection |
| |
|
| Three types of detections are supported,
Traffic Anomaly, Protocol-Misuse Anomaly, and Application
Anomaly. |
Built-in Known Application Attack
Detections:
- Dark IP Detection
- MS Blaster
- Sasser
- Code Red
- SQL Slammer
|
| Automatically build the traffic baseline. |
| Allow to review and reset historical
traffic baseline. |
| Threshold Configuration: Static &
Dynamic |
| Two-level Threshold Alarm: Red &
Yellow |
|
|
|
| |
Anomaly Traffic Mitigation |
| |
|
Three anomaly mitigation actions are supported:
- ACL command generation
- Black-hole routing
- 3rd-party traffic cleaning devices (e.g. Cisco Guard) triggering
|
|
|
| |
Console
for Anomaly & Alert |
| |
|
| Summary: |
anomaly summary report including events’
statistics, the latest ongoing anomalies, most recent
alerts, and system status (CPU, Memory, DB Disk,
Flow, & Packet Drop) |
| Anomaly Console: |
report all kinds of anomalies, including
Traffic Anomaly, Protocol-Misuse Anomaly, Application
Anomaly, and Interface Traffic Anomaly |
| Alert Log: |
Querying alert logs |
|
|
|
| |
System
Administration |
| |
|
| Web-based Interface: |
support HTTP & HTTPS |
| CLI Management: |
support Telnet & SSH encryption |
| Authentication Management: |
Username & Password / RADIUS / TACAS+ |
| User Account Management: |
account with different level of privilege / administration
access & user access; user group is also supported |
| Alarm Notification Method: |
Email, SNMP Trap, & Syslog |
| User Group: |
dispatch alarm notifications of different Customer
scopes / network resources to different user groups. |
| Configuration Management: |
modify, backup and restore configuration via Web
interface and dispatch to remote Collectors. |
| Expandable Storage: |
build in a 147GB HD (Controller), support external
SCSI & NFS |
| Data Management: |
configure storage duration for reports/logs &
disk usage auto-maintenance |
|
|
NetFlow™ is a trademark of Cisco
Systems, Inc.
NetStream™ is a trademark of Huawei-3Com Technology Co., Ltd.
sFlow ® is registered as a trademark of InMon Corp.
|
|
|
GenieATM
6000
