Table of Contents (Start)
- Topics
- Introducing SevOne
- Login
- Startup Wizard
- Dashboard
- Global Search - Advanced Search
- Report Manager
- Report Attachment Wizard
- Report Properties
- Report Interactions
- Instant Graphs
- TopN Reports
- Alerts
- Alert Summary
- Alert Archives
- Instant Status
- Status Map Manager
- Edit Status Maps
- View Status Maps
- FlowFalcon Reports
- NBAR Reports
- Telephony Reports
- Telephony Browser
- Logged Traps
- Unknown Traps
- Trap Event Editor
- Trap Destinations
- Trap Destination Associations
- Policy Browser
- Create and Edit Policies
- Threshold Browser
- Create and Edit Thresholds
- Probe Manager
- Discovery Manager
- Device Manager
- New Device
- Edit Device
- Object Manager
- High Frequency Poller
- Device Summary
- Device Mover
- Device Groups
- Object Groups
- Object Summary
- Object Rules
- VMware Browser
- Calculation Plugin
- CallManager Plugin
- Database Manager
- Deferred Data Plugin
- DNS Plugin
- HTTP Plugin
- ICMP Plugin
- IP SLA Plugin
- JMX Plugin
- NAM
- NBAR Plugin
- Portshaker Plugin
- Process Plugin
- Proxy Ping Plugin
- SNMP Plugin
- Telephony Plugin
- VMware Plugin
- Web Status Plugin
- WMI Plugin
- xStats Plugin
- Indicator Type Maps
- Device Types
- Object Types
- Object Subtype Manager
- Quality of Service
- Calculation Editor
- xStats Source Manager
- User Role Manager
- User Manager
- Authentication Settings
- Preferences
- Cluster Manager
- Processes and Logs
- Metadata Schema
- Baseline Manager
- Flow Rules
- Flow Interface Manager
- FlowFalcon View Editor
- MPLS Flow Mapping
- Flow Template Status
- Network Segment Manager
- Map Flow Objects
- Flow Protocols and Services
- FlowFalcon Views
- xStats Log Viewer
- SNMP Walk
- SNMP OID Browser
- MIB Manager
- Work Hours
- Administrative Messages
- Enable CallManager
- Enable Flow Technologies
- Enable JMX
- Enable NBAR
- Enable SNMP
- Enable Web Status
- Enable WMI
- IP SLA
- SNMP
- Telephony
- Perl Regular Expressions
- Trap Revisions
- Integrate SevOne NMS With Other Applications
- Email Tips and Tricks
- SevOne NMS Web APC Statistics
- SevOne NMS PHP Statistics
- SevOne NMS Usage Statistics
- Glossary
- Quick Starts and User Guides
- SevOne NMS 5.4 Best Practices Guide - Cluster, Peer, and HSA
- SevOne NMS 5.4 Device Certification Guide
- SevOne NMS 5.4 Quick Start Guide - CallManager
- SevOne NMS 5.4 Quick Start Guide - Flow
- SevOne NMS 5.4 Quick Start Guide - IP SLA
- SevOne NMS 5.4 Quick Start Guide - JMX
- SevOne NMS 5.4 Quick Start Guide - LDAP
- SevOne NMS 5.4 Quick Start Guide - SNMP
- SevOne NMS 5.4 Quick Start Guide - Telephony
- SevOne NMS 5.4 Quick Start Guide - VMware
- SevOne NMS 5.4 Quick Start Guide - Web Status
- SevOne NMS 5.4 Quick Start Guide - WMI
- SevOne NMS 5.4 Quick Start Guide - xStats
- SevOne NMS 5.4 Implementation Guide
- SevOne NMS 5.4 Installation Guide
- SevOne Installation Guide - Virtual Appliance
- SevOne NMS 5.4 Quick Start Guide - Self-monitoring
- SevOne NMS 5.4 Quick Start Guide - Metadata
- SevOne NMS 5.4 Quick Start Guide - Hierarchical Types
Flow Rules
This documentation applies to NMS version 5.4. An online version of the software can be found here.
The Flow Rules page enables you to define global rules to not process the flow data SevOne NMS receives. SevOne NMS evaluates the rules you define and applies the rule that is most specific to each source. When you enable devices to send flow data to SevOne NMS, SevOne NMS allows and processes all flow data by default. Networks have the potential to send large amounts of flow traffic. The Flow Rules page enables you to define global rules to deny the processing of flows. You can override the rules you define here for specific interfaces from the Flow Interface Manager.
To access the Flow Rules page from the navigation bar, click the Administration menu, select Flow Configuration, and then select Flow Rules.
Flow Rules List
The list displays all flow rules by default. Click the Display drop-down to display rules for All Sources, Allowed Sources, or Denied Sources.
-
Device - Displays the name of the device for which the rule is applicable. Displays New when the rule applies to new devices that have yet to send flow to SevOne NMS. Displays Unknown when you do not enable the SNMP plugin and the device name is not resolvable.
-
IP Address - Displays the device IP address.
-
Interface - Displays the interfaces for which the rule is applicable. Displays New when the rule applies to new interfaces that have yet to send flows to SevOne NMS.
-
Direction - Displays Incoming when the rule applies to incoming traffic. Displays Outgoing when the rule applies to outgoing traffic. Displays New when the rule applies to flows that are from devices that are new in SevOne NMS.
-
Permission - Displays Allow when SevOne NMS processes the flow data across the interface. Displays Deny when SevOne NMS does not process the flow data across the interface.
-
Peer – Displays the name of the peer to which you define the device to send flow data.
Add and Edit Flow Rules
Perform the following steps to manage the rules in the list.
-
– Select the check box for each rule to manage, click
, and then select one of the following options. -
Select Allow Selected Flows to process the flow data across the interface.
-
Select Deny Selected Flows to not process the flow data across the interface.
-
Select Delete to delete the rules.
-
Perform the following steps to add and edit flow rules.
-
Click Add Rule or click
to display the Add/Edit Flow Rule pop-up. -
Click the Peer drop-down and select the peer to which you define the device to send flow data.
-
Click the Device drop-down and select the device from which you want to define a flow rule. If you select Specify, enter the IP address in the IP Address field.
-
Click the Interface drop-down and select the interface for which you want to apply the rule. If you select Specify, enter the interface number in the Interface Number field.
-
Click the Direction drop-down.
-
Select New to apply the rule to any applicable new flow incoming or outgoing.
-
Select Incoming to apply the rule to data that comes into the device. V5 NetFlow is an ingress technology that can only report on data that the interface receives.
-
Select Outgoing to apply the rule to data that goes out from the interface. For v5 NetFlow, SevOne NMS uses data from other flows to create an estimation of outgoing flows.
-
-
Select a Permission option.
-
Select Allow to process the flow data across the interface.
-
Select Deny to not process the flow data across the interface.
-
-
Click Save. When the rule specifies both a device and an interface, a message appears to indicate the rule is specific enough to be a Flow Interface Manager rule and the rule appears on the Flow Interface Manager not the Flow Rules page.