Last month, I wrote a blog featuring the value of Flow Analytics entitled: Downadup/Conficker Worm caught by using Flow Analytics, NetFlow Analyzer. Flow Analytics is a great tool that provides you with many useful algorithms. Today, I’ll focus on one of them: the IP Address Violation algorithm.IP Address Violations gadget

The IP Address Violation algorithm allows you to define permissable subnets/ CIDR across your network. (Exp. 10.1.0.0/16). The IP Address Violation algorithm can alert you, via exported syslogs, if there is traffic generated from an IP address that is not part of an allowed subnet defined within the gadget. For example, this gadget would come in handy if someone installed a Linksys wireless router on your network that started to hand out DHCP addresses, or even a laptop with a static IP.

Here are some instructions on how to configure approved subnets for your network.

First find the Flow Analytics Overview gadget in your MyView window, then click on the plus sign where it says IP Address Violations.

In the drop-down row, click on the icon with the little people in it. (Guess we don’t have an official name for that icon.) A window will pop up called Allowed Permissable SubnetsSubnets where you want to place the subnet and CIDR you want to allow on your network.

If you have any questions, please do not hesitate to call Tech Support at 207-324-8805 Ext:4

Jamie Lee author pic

Jamie Lee

Jamie Lee is the west coast Regional Manager at Plixer. He works with prospects to solve the unique needs of their network and visits existing customers to assist with training. He enjoys developing new partnerships and building long-lasting relationships with his clients. Jamie loves the outdoors and his favorite hobbies include fishing, hiking, and football.

Related

Leave a Reply