See System > Alerting in the Reference Manual to enable email alerts.
You will receive a GigaFlow alert email when a device in your network makes a connection to a blacklisted IP address. The embedded link will direct you to an Events page that summarises interactions with the blacklisted IP address during the reporting period.
See Determine if Bad Traffic is Affecting Your Network for more.
If you receive intelligence about a specific IP Address, MAC Address, network device or user, carry out a GigaFlow Search on the object. For this example, we will search by IP address.
After searching by IP address, click By Either in the panel on the left.
This will bring you to an Events page that summarises interactions with the IP address during the reporting period. Using this information, you can build a picture of the importance of the event.
See Determine if Bad Traffic is Affecting Your Network for more.
To view historical information, select the relevant dates and times at the top of the page.
See Reports > System Wide Reports > SYN Forensics Monitoring in the Reference Manual.
GigaFlow monitors all TCP flows where only the SYN bit is set. In normal network operations, this indicates that a flow has not seen a reply packet while active in a router's Netflow cache.
A lonely SYN can be an indicator that:
To view objects that are behaving anomalously, navigate to Reports > System Wide Reports > SYN Forensics Monitoring
You will see a summary of all the internal sources listed in order of the number of destination objects associated with each internal source.
Click the Drill Down icon for more information about each IP address.
© Copyright 2019 Anuview. All rights reserved. VIAVI and the VIAVI logo are trademarks of VIAVI Solutions Inc. ("VIAVI"). All other trademarks and registered trademarks are the property of their respective owners. No part of this guide may be reproduced or transmitted, electronically or otherwise, without the written permission of the publisher.
Reproduction and distribution of this guide is authorized for Government purposes only.