Aratohu Kaiwhakamahi Pūoko Tātari Kapua Haumaru CISCO

Ko Cisco Secure Cloud Analytics (he wāhanga o Cisco XDR ināianei) he ratonga haumarutanga e hangai ana ki te SaaS e kitea ana, e whakautu ana hoki ki ngā tūmomo riri i roto i ngā taiao IT, i runga i te papaanga me te kapua. E whakamārama ana tēnei aratohu me pēhea te whakatinana i ngā pūoko Secure Cloud Analytics hei wāhanga o tō ratonga aroturuki whatunga tūmataiti, hei whakamahi i roto i ngā whatunga hinonga, i ngā pokapū raraunga tūmataiti, i ngā tari peka, me ētahi atu taiao i runga i te papaanga.

Mena kei te whakaaro koe ki te whakamahi i te Secure Cloud Analytics i roto i ngā taiao kapua tūmatanui anake, pērā i a Amazon Web Ratonga, Microsoft Azure, Google Cloud Platform rānei, kāore koe e hiahia ki te tāuta i tētahi pūoko. Tirohia ngā aratohu aroturuki kapua tūmatanui mō ētahi atu kōrero.
Kei roto i tēnei aratohu ngā tohutohu mō te tāuta i te pūoko ki runga i te Ubuntu Linux. Mō ngā tohutohu tāutanga ki runga i ētahi atu pūnaha whakahaere, tirohia te Aratohu Whirihoranga Matatau o te Pūoko Tātari Kapua Haumaru.

Ngā Whakaaro mō te Whakatakotoranga Pūoko

Ka taea e koe te whakatakoto i ngā pūoko hei kohikohi i ngā raraunga rere, pērā i a NetFlow, hei whakauru rānei i ngā waka whatunga e whakaatahia ana mai i tētahi pouara, i tētahi pana rānei i tō whatunga. Ka taea hoki e koe te whirihora i tētahi pūoko hei kohikohi i ngā raraunga rere me te whakauru hoki i ngā waka whatunga whakaata. Kāore he rohe mō te maha o ngā pūoko e whakatakotoria ana.
Ki te hiahia koe ki te whirihora i tētahi pūoko hei kohi raraunga rere, tirohia te Whirihora i tētahi Pūoko hei Kohi Raraunga Rere mō ētahi atu kōrero.
Ki te hiahia koe ki te whirihora i tētahi pūoko hei tango i ngā waka mai i tētahi tauranga whakaata, i tētahi tauranga SPAN rānei, tirohia te Whirihoranga Pūrere Whatunga mō ētahi atu kōrero mō te whirihora i ō pūrere whatunga hei whakaata i ngā waka.
Ka taea e te pūoko putanga 4.0, neke atu rānei, te kohikohi i te telemetry NetFlow whakarei ake. Mā tēnei ka taea e Secure Cloud Analytics te whakaputa i ngā momo tirohanga me ngā matohi hou. Mō ētahi atu kōrero, tirohia te Aratohu Whirihoranga Secure Cloud Analytics mō te Enhanced NetFlow.
Kāore te pūoko e tautoko i te IPv6.

Ngā Whakaritenga o te Pūoko

Ka taea e koe te tāuta i tētahi pūoko ki runga i tētahi taputapu tūturu, i tētahi mīhini mariko rānei, me ngā whakaritenga e whai ake nei:

Waehanga	Whakaritenga iti rawa
Atanga whatunga	kia kotahi te atanga whatunga, e tohua ana ko te atanga Mana, hei tuku mōhiohio ki te ratonga Tātari Kapua Haumaru. Mēnā kei te hiahia koe ki te whirihora i te pūoko ki te tango i ngā waka whatunga mai i tētahi taputapu whatunga e tārua ana i runga i tētahi tauranga whakaata, me whai koe i tētahi, neke atu rānei, atanga whatunga e tohua ana ko ngā atanga Whakaata.
RAM	4 GB
PTM	kia rua ngā matua, neke atu rānei
Mokowā Rokiroki	E whakamahia ana te wāhi Disk e 60 GB hei pupuri i ngā raraunga NetFlow whakaputa i mua i te tukunga o ngā rekoata ki Secure Cloud Analytics.
Te Uru Ipurangi	e hiahiatia ana hei tango i ngā mōkihi mō te tukanga tāutanga

Kia mōhio ki ngā mea e whai ake nei mō ngā atanga Mirror kua tohua:

Ka whiwhi ngā atanga whakaata i tētahi tārua o ngā waka pūtake katoa e tomo mai ana, e puta atu ana ki te ūnga. Me whakarite kia iti iho tō waka tino nui i te kaha o te hononga atanga whakaata o te pūoko.
He maha ngā pana ka maturuturu i ngā mōkihi mai i ngā atanga pūtake mēnā he nui rawa te rere o ngā raraunga kua whirihorahia ki tētahi ūnga tauranga whakaata.

Ngā Whakaritenga Tāpiri mō ngā Taputapu Tinana

Waehanga	Whakaritenga iti rawa
Tāutatanga File Tukuake	Ko tētahi o ēnei hei tukuake i te tāutanga .iso file: 1 tauranga USB, me te puku kohiko USB 1 puku kōpae whatu, me tētahi kōpae whatu ka taea te tuhi (pērā i te kōpae CD-R)

Ka taea e ngā mīhini mariko te whakaara tika ki te .iso file me te kore he whakaritenga tāpiri.

Ngā Whakaritenga Tāpiri mō te Mīhini Mariko
Mena kei te whakatinanahia tō pūoko hei mīhini mariko, me whakarite kua whirihorahia te kaihautū mariko me te whatunga mō te aratau pōturi i te atanga whatunga tuarua mena kei te whakaaro koe ki te whakauru i ngā waka mai i te tauranga whakaata, i te tauranga SPAN rānei.

Ina whakatinanahia te pūoko i roto i te taiao VMWare 8, ka kore te pūoko e utaina ina whakamahia te tautuhinga whakaara UEFI taunoa. Hei whakatika i tēnei raruraru, i te taahiraa Whakarite Pūmārō, tīpakohia Ngā Kōwhiringa VM > Ngā Kōwhiringa Whakaara, kātahi ka tīpakohia te BIOS mai i te rārangi taka-iho Pūmanawa.

VMware hypervisor
Mena kei te whakahaere koe i te mīhini mariko i runga i te hypervisor VMware, whirihorahia te pana mariko mō te aratau pōrearea:

Tīpakohia te kaihautū i roto i te rarangi taonga.
Tohua te ripa Whirihoranga.
Pāwhiritia te Whatunga.
Pāwhiritia Ngā Āhuatanga mō tō pana mariko.
Tīpakohia te pana mariko ka pāwhiri Whakatika.
Tīpakohia te ripa Haumarutanga.
Tīpakohia Whakaae mai i te tahua taka-iho Aratau Whakarerekētanga.

Tirohia te pūtake mātauranga VMware mō ētahi atu kōrero mō te aratau pōrearea. Me whakatakoto pea e koe te VLAN ID ki te 4095.

Pouaka Mariko
Mena kei te whakahaere koe i te mīhini mariko i roto i te VirtualBox, whirihorahia te urutau mō te aratau pōrearea:

Tīpakohia te urutau mō te atanga Mirror mai i ngā Tautuhinga Whatunga.
Tautuhia te aratau pōrearea ki te Whakaae i roto i ngā Kōwhiringa Arā Atu Anō.

Tirohia ngā tuhinga a VirtualBox mō te whatunga mariko mō ētahi atu kōrero.

Ngā Whakaaro Whakatakotoranga Pūoko
Nā te mea he rerekē rawa ngā āhuahanga whatunga, kia maumahara ki ēnei aratohu whānui i te wā e whakatū ana i ō pūoko:

Whakatauhia mēnā kei te hiahia koe ki te whakatakoto i ngā pūoko ki:
- kohikohi raraunga rere
- whakauru i te hokohoko whatunga whakaata
- me kohikohi ētahi i ngā raraunga rere, ā, me horomia e ētahi ngā waka whatunga whakaata
- e kohikohi ana i ngā raraunga rere me te horomi i ngā waka whatunga whakaata
Ki te kohikohi raraunga rere, whakatauhia ko ēhea ngā hōputu ka taea e ō pūrere whatunga te kaweake, pēnei i te NetFlow v5, NetFlow v9, IPFIX, sFlow rānei.
He maha ngā pareārai ahi e tautoko ana i te NetFlow, tae atu ki ngā pareārai ahi Cisco ASA me ngā Cisco Meraki MX Appliances. Tirohia ngā tuhinga tautoko a tō kaihanga kia mōhio ai mēnā kei te tautoko hoki tō pareārai ahi i te NetFlow.
Me whakarite kia taea e te tauranga whatunga i runga i te pūoko te tautoko i te kaha o ngā tauranga Whakaata.
Whakapā atu ki te Tautoko Cisco mēnā e hiahia ana koe ki te āwhina mō te whakatinana i ngā pūoko maha ki tō whatunga.

Te Tirotiro i tō Putanga Pūoko
Hei whakarite kei a koe te pūoko hou rawa atu kua whakatinanahia ki tō whatunga (putanga 5.1.3), ka taea e koe te tirotiro i te putanga o te pūoko o nāianei mai i te rārangi whakahau. Mena me whakapai ake koe, tāuta anō i te pūoko.

SSH ki roto i te pūoko kua whakatinanahia.
I te tohu, patohia te cat /opt/obsrvbl-ona/version ka pēhi i te Enter. Ki te kore e whakaatuhia te 5.1.3 e te papatohu, kua tawhito tō pūoko. Tikiake i te ISO pūoko hou rawa atu mai i te web atanga kaiwhakamahi o te tomokanga.

Ngā Whakaritenga Whakauru Pūoko
Me whai urunga te taputapu tūturu, te mīhini mariko rānei ki ētahi ratonga mā te ipurangi. Whirihorahia tō pareārai kia taea ai te whakawhiti i ngā raraunga e whai ake nei i waenga i te pūoko me te ipurangi o waho:

Momo waka	E hiahiatia ana	Wāhitau IP, rohe, me te tauranga, te whirihoranga rānei
Te waka HTTPS e puta atu ana mai i	āe	tauranga 443, ā, ko te wāhitau IP ko

Ko te atanga Whakahaere o te pūoko ki te ratonga Secure Cloud Analytics e manaakihia ana i runga i a Amazon Web Ratonga		tō wāhitau IP tomokanga Ngā wāhitau IP AWS S3 mō tō rohe Haumarutanga Kapua Tātari. I te mea ka rerekē pea ngā wāhitau IP AWS, tirohia te AWS Ka āwhina ngā awhe wāhitau IP i te kaupapa me te rapu mō te ratonga S3 me tō rohe AWS i roto i te JSON kua whakaratohia fileHei kimi i tō rohe AWS, haere ki tō papatohu Haumarutanga Kapua Tātari ka panuku ki raro o te whārangi. Ka whakaatuhia e te āpure i te hiku te ingoa o te rohe mō tō tomokanga e rite ana ki ngā rohe AWS e whai ake nei: Amerika ki te Raki (Te Tai Tokerau o Virginia): us-east-1 Uropi (Frankfurt): eu- pokapū-1 Ahitereiria (Sydney): ap- tonga-mā-rāwhiti-2
		1. Tāutahia te SSH ki te pūoko hei kaiwhakahaere.
		2. I roto i te tohu whakahau, tāuruhia tēnei whakahau:
Whakaūtia te pūoko kia kōrero noa ki ngā wāhitau Cisco e mōhiotia ana	kahore	sudo nano opt/obsrvbl-ona/config.local ka pēhi i te pātene Tomo hei whakatika i te whirihoranga file 3. Whakahōuhia te tautuhinga OBSRVBL_SENSOR_ EXT_ONLY kia pēnei: OBSRVBL_SENSOR_ EXT_ONLY=true.
		4. Pēhia te Ctrl + 0 hei tiaki i ngā huringa.

		5. Pēhia te Ctrl + x hei puta atu. 6. I te tohu whakahau, patohia te sudo service obsrvbl-ona restart hei tīmata anō i te pūoko.
Te whakawhiti i te atanga Whakahaere o te pūoko ki te tūmau Ubuntu Linux hei tango i te pūnaha whakahaere Linux me ngā whakahōutanga e pā ana.	āe	us.archive.ubuntu.com:443/TCP us.archive.ubuntu.com:80/TCP
Te whakawhiti i te atanga Whakahaere o te pūoko ki te tūmau DNS hei whakatau i te ingoa kaihautū	āe	[tūmau DNS ā-rohe]:53/UDP
Te rere o ngā waka mai i tētahi taputapu rapurongoā mamao ki tō pūoko	kahore	54.83.42.41:22/TCP

Mena kei te whakamahi koe i tētahi ratonga takawaenga, waihangahia he okotahi takawaenga mō ngā wāhitau IP atanga Mana pūoko.

Whirihoranga Pūrere Whatunga
Ka taea e koe te whirihora i tō pana whatunga, i tō pouara rānei kia whakaata i tētahi tārua o ngā waka, kātahi ka tukuna ki te pūoko.

Nā te mea kei waho te pūoko i te rere noa o te waka, kāore e taea e ia te awe tika i tō waka. Ngā huringa whirihoranga ka mahia e koe i roto i te web Ka awe te atanga kaiwhakamahi o te tomokanga i te whakaputanga whakatūpato, ehara i te āhua o te rere o ō waka. Ki te hiahia koe ki te whakaae, ki te aukati rānei i ngā waka i runga i ngā whakatūpato, whakahoutia ō tautuhinga pareārai.
Tirohia ngā mea e whai ake nei mō ngā mōhiohio e pā ana ki ngā kaihanga pana whatunga me ngā rauemi hei whirihora i te waka whakaata:

Kaihanga	Ingoa Pūrere	Tuhinga
NetOptics	pā whatunga	Tirohia te whārangi rauemi a Ixia mō ngā tuhinga me ētahi atu kōrero
Kikamona	pā whatunga	Tirohia ngā whārangi rauemi me ngā whārangi mōhiotanga a Gigamon mō ngā tuhinga me ētahi atu mōhiohio.

	Kaitātari (SPAN)
Hunipera	whakaata tauranga	Tirohia ngā tuhinga TechLibrary a Juniper mō tētahi tauira o muaampTe Whakatakotoranga i te Whakaata Tauranga mō te Aroturuki ā-Rohe o te Whakamahinga Rauemi Kaimahi i runga i ngā Pana Raupapa EX
NETGEAR	whakaata tauranga	Tirohia ngā tuhinga mō te pūtake mātauranga a Netgear mō tētahi tauira o muaampte māramatanga o te whakaata tauranga me tana mahi me tētahi pana whakahaere
ZyXEL	whakaata tauranga	Tirohia ngā tuhinga mātauranga a ZyXEL mō ngā mōhiohio e pā ana ki te whakamahi i te Whakaata i runga i ngā pana ZyXEL.
atu	tauranga aroturuki, tauranga tātari, tauranga pato	Tirohia ngā tuhinga wiki a Wireshark mō tētahi tohutoro whakawhiti mō ngā kaihanga maha.

Ka taea hoki e koe te whakatakoto i tētahi pūrere wāhi urunga whakamātautau whatunga (tap) hei tuku i tētahi tārua o te waka ki te pūoko. Tirohia ngā mea e whai ake nei mō ngā mōhiohio e pā ana ki ngā kaihanga tap whatunga me ngā rauemi hei whirihora i te tap whatunga.

Kaihanga	Ingoa Pūrere	Tuhinga
NetOptics	pā whatunga	Tirohia te whārangi rauemi a Ixia mō ngā tuhinga me ētahi atu kōrero
Kikamona	pā whatunga	Tirohia ngā whārangi rauemi me ngā whārangi mōhiotanga a Gigamon mō ngā tuhinga me ētahi atu mōhiohio.

Whirihoranga Rere
Me whirihora e koe tō pūrere whatunga kia tukuna ngā raraunga NetFlow. Tirohia https://configurenetflow.info/ or https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/netflow/Cisco Tirohia te NetFlow_Configuration.pdf mō ētahi atu kōrero mō te whirihora i te NetFlow i runga i ngā taputapu whatunga Cisco.

Tāutanga me te Whirihoranga Pāpāho Pūoko

I mua i to tiimata i te whakaurunga, review ngā tohutohu hei mārama ki te tukanga tae atu ki te whakarite, te wā me ngā rauemi e hiahiatia ana mō te tāutanga me te whirihoranga.
E rua ngā kōwhiringa mō tēnei tāutanga:

Te Tāuta i te Pūoko ki runga i te Mīhini Mariko: Ki te tāuta koe i tētahi pūoko ki runga i te mīhini mariko, ka taea e koe te whakaara mai i te .iso file tika.
Te Tāuta i te Pūoko ki runga i tētahi Taputapu Ā-tinana: Ki te tāuta koe i tētahi pūoko ki runga i tētahi taputapu ā-tinana, ka hangaia e koe he pāpāho ka taea te whakaara mā te whakamahi i te .iso file, kātahi ka tīmata anō te taputapu ka whakaara anō mai i taua pāpāho.

Ka horoia te kōpae e tāutahia ai te pūoko i mua i te tāutanga o te pūoko i te wā e tāutahia ana. I mua i te tīmatanga o te tāutanga, me whakaū kāore he raraunga e hiahia ana koe ki te tiaki i roto i te taputapu tūturu, i te mīhini mariko rānei e whakaaro ana koe ki te tāuta i te pūoko.

Te Waihanga i te Pāpāho Whakaara

Mena kei te whakatinana koe i tētahi pūoko ki tētahi taputapu tūturu, ka whakatinanahia e koe tētahi .iso file e tāuta ana i te pūoko, i runga i te Ubuntu Linux.
Ki te tuhia e koe te .iso file ki tētahi kōpae whatu, pērā i te CD, DVD rānei, ka taea e koe te whakaara anō i te taputapu tūturu me te kōpae whatu i roto i te puku kōpae whatu, ka whiriwhiri ki te whakaara anō mai i te kōpae whatu.
Ki te hanga koe i tētahi puku kohiko USB me te .iso file me te taputapu Rufus, ka taea e koe te whakaara anō i te taputapu tūturu, te whakauru i te puku kohiko USB ki te tauranga USB, me te whiriwhiri ki te whakaara anō mai i te puku kohiko USB.
Ki te whakatū koe i tētahi pūoko me te kore e whakamahi i tētahi ISO, me whakahou pea e koe ngā tautuhinga pareārai ahi o te taputapu ā-rohe kia taea ai te uru atu ki ngā raraunga. Ka tino taunaki mātou kia whakatūria e koe te pūoko mā te whakamahi i te ISO kua whakaratohia.
Mā te waihanga i tētahi puku kohiko USB whakaara anō ka mukua ngā mōhiohio katoa kei runga i te puku kohiko. Kia tino mohio kei roto i te puku kohiko ētahi atu mōhiohio.

Tikiake i te ISO o te pūoko file
Tikiake i te putanga hou o te pūoko ISO mai i te web tomokanga. Whakamahia tēnei hei tāuta (mō tētahi pūoko hou) hei tāuta anō rānei (hei whakapai ake i tētahi pūoko o nāianei).

Takiuru ki te Secure Cloud Analytics hei kaiwhakahaere.
Tīpakohia te Āwhina (?) > Tāuta Pūoko i te Wāhi Noho.
Pāwhiritia te pātene .iso hei tango i te putanga ISO hou.
Haere ki te Waihanga i tētahi Kōpae Whatu Ka Taea te Whakaara, Waihangatia rānei he Puku Kohiko USB Ka Taea te Whakaara.

Waihangahia he Kōpae Whatu Ka Taea te Whakaara
Whāia ngā tohutohu a tō kaihanga hei tārua i te .iso file ki tētahi kōpae whatu.

Waihangahia he Puku Kohiko USB Whakaara

Kōkuhua he puku kohiko USB kau ki roto i te tauranga USB i te taputapu e hiahia ana koe ki te whakamahi hei waihanga i te puku kohiko USB whakaara.
Takiuru ki te teihana mahi.
I roto i to web pūtirotiro, haere ki te taputapu Rufus webpae.
Tikiake i te putanga hou o te taputapu Rufus.
Whakatuwheratia te taputapu Rufus.
Tīpakohia te puku kohiko USB i te tahua taka-iho Pūrere.
Tīpakohia te ahua Kōpae, te ahua ISO rānei mai i te tahua taka-iho Kōwhiringa Whakaara.
Pāwhiritia te TĪWHIRI ka tīpako i te ISO o te pūoko file.
Patohia te START.

Mā te waihanga i tētahi puku kohiko USB whakaara anō ka mukua ngā mōhiohio katoa kei runga i te puku kohiko. Kia tino mohio kei roto i te puku kohiko ētahi atu mōhiohio.

Tāuta i te Pūoko

Kōwhiria te tikanga whakaara mō te .iso penei:
- Mīhini Mariko: Mena kei te tāuta koe ki tētahi mīhini mariko, whakaara mai i te .iso file.
- Taputapu Ā-tinana: Mena kei te tāuta koe ki tētahi taputapu ā-tinana, whakauruhia te pāpāho whakaara, tīmata anō te taputapu, ka whakaara anō mai i te pāpāho whakaara.
Tīpakohia te Tāuta ONA (Static IP) i te tohu tuatahi, kātahi ka pēhi i te Enter.
Tīpakohia he reo mai i te rārangi reo mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Enter.
Mō te whirihoranga Papapātuhi, kei a koe ēnei kōwhiringa e whai ake nei:
- Tīpakohia he Tahora me te Momo hei whirihora i te papapātuhi, kātahi ka pēhi i te Enter.
- Tīpakohia te Tāutuhia te papapātuhi, kātahi ka pēhi i te Enter.
Mō te whirihoranga Whatunga, tīpakohia te Ā-ringa, kātahi ka pēhi i te Tomo. Ka whirihorahia aunoatia ngā atanga whatunga katoa hei atanga Mirror.
Tāuruhia he Whatunga-iti mō te taputapu, tīpakohia te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo.
Tāuruhia he wāhitau IP mō te taputapu, tīpakohia te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo.
Tāuruhia he wāhitau IP o te pouara Gateway, tīpakohia te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Enter.
(Whiringa) Mō ngā rohe Rapu, tāuruhia te(ngā) rohe ka tāpirihia aunoa ki te ingoa kaihautū ina ngana ana ki te whakatau ki tētahi wāhitau IP, tīpakohia te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo.
Mā te taunoa, ka whakamahi aunoa te tāutanga i te DHCP, ā, ka haere tonu me te tāutanga. Hei whakakore i te wāhitau IP DHCP, me whakatika ā-ringa koe i te atanga i muri i te otinga o te tāutanga.
Ka tūtohu mātou kia tāuruhia e koe tētahi wāhitau tūmau ingoa mana ā-rohe mēnā kua whakatinanahia tētahi ki tō whatunga.
. Tāuruhia te Ingoa Katoa mō te kaiwhakamahi hou, e hono ana ki tētahi pūkete ehara i te pūtake mō ngā whakaaetanga whakahaere, kātahi ka tīpako i te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Enter.
Tāuruhia te ingoa o tō tūmau, koinei te ingoa ka whakamahia e te pūoko ina kōrero ana ki ētahi atu rorohiko, ā, ka kitea i roto i te tomokanga Secure Cloud Analytics, kātahi ka tīpako i te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Enter.
Tāuruhia te Ingoa Kaiwhakamahi mō tō pūkete, arā, te pūkete ehara i te pūtake me ngā whakaaetanga whakahaere, kātahi ka tīpako i te Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo.
Kōwhiria he kupuhipa mō te kaiwhakamahi hou, kātahi ka tīpako Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo.
Tāuruhia anō te kupuhipa hei manatoko, kātahi ka tīpako Haere Tonu mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo. Ki te kore koe i tāuru i te kupuhipa kotahi i ngā wā e rua, ngana anō.
Ko te pūkete ka waihangahia e koe i te wā whakatūnga anake te pūkete ka taea e koe te whakamahi hei uru atu ki te mīhini mariko. Kāore tēnei tāutanga e waihanga i tētahi pūkete tomokanga Haumaru Kapua motuhake.
Hei whakaū i te tukanga tāutanga, tīpakohia te Haere Tonu, kātahi ka pēhi i te Tomo.
Ka mukua e tēnei mahi ngā raraunga katoa kei runga i te puku. Me whakarite kia takoto kau i mua i te haere tonu.Taria kia torutoru meneti kia tāutahia e te kaiwhakauru te mea e hiahiatia ana files.
Ina whakaatuhia e te tāutanga te Tāutanga Kua Oti, tīpakohia te Tīmata Anō ināianei mā te whakamahi i ngā kī pere, kātahi ka pēhi i te Tomo hei tīmata anō i te taputapu.
Kia tīmata anō te taputapu, takiuru mā te pūkete kua hangaia kia tika ai ō taipitopito tuakiri.

Hei Mahi Panuku

Ki te whakawhāitihia te urunga ki ō taiao tūmataiti, kia tino whakaaetia te whakawhitiwhiti kōrero ki ngā IP e tika ana. Tirohia ngā Whakaritenga Uru Pūoko mō ētahi atu kōrero.
Mena kei te whakamahi koe i te pūoko hei kohikohi i ngā rerenga whatunga, pērā i te NetFlow, tirohia te Whirihora i tētahi Pūoko hei Kohikohi Raraunga Rere mō ētahi atu kōrero mō te whirihora i te pūoko.
Mena kei te whakamahi koe i te pūoko, ā, kei te tāpiri atu ki te SPAN, ki ngā tauranga whakaata rānei hei kohikohi i ngā waka whakaata, tirohia te Tāpiri i ngā Pūoko ki te Web Tomokanga mō ētahi atu kōrero mō te tāpiri i ngā pūoko ki te Secure Cloud Analytics web tomokanga.
Mena kei te whirihora koe i te pūoko kia tukuna te Enhanced NetFlow telemetry, tirohia te Cisco Secure Cloud Analytics Configuration Guide for Enhanced NetFlow mō ētahi atu kōrero.

Te tāpiri i ngā pūoko ki te Web Portal

Kia tāutahia he pūoko, me hono atu ki tō tomokanga. Ka mahia tēnei mā te tautuhi i te wāhitau IP tūmatanui o te pūoko me te whakauru ki roto i te web tomokanga. Mena kāore e taea e koe te whakatau i te wāhitau IP tūmatanui o te pūoko, ka taea e koe te hono ā-ringa i te pūoko ki tō tomokanga mā te whakamahi i tana kī ratonga ahurei.

Ka taea e te pūoko te hono atu ki ngā tomokanga e whai ake nei:

https://sensor.ext.obsrvbl.com (US)
https://sensor.ext.eu-prod.obsrvbl.com (EU)
https://sensor.ext.anz-prod.obsrvbl.com (Ahitereiria)

Mena he maha ngā pūoko he stagi tētahi wāhi pokapū, pērā i te MSSP, ā, he mea hanga mō ngā kiritaki rerekē, me tango te IP tūmatanui i muri i te whirihoranga o ia kiritaki hou. Mena he wāhitau IP tūmatanui o te stagKi te whakamahia te taiao rorohiko mō ngā pūoko maha, ka taea te hono hē o te pūoko ki te tomokanga hē.
Mena kei te whakamahi koe i te tūmau takawaenga, whakaotia ngā mahi i te wāhanga Whirihora Takawaenga hei whakahohe i te whakawhitiwhiti kōrero i waenga i te pūoko me te Tātari Kapua Haumaru. web tomokanga.

Te Kimi me te Tāpiri i te Wāhitau IP Tūmatanui o te Pūoko ki te Tomokanga

SSH ki roto i te pūoko hei kaiwhakahaere.
I te tohu whakahau, patohia te curl https://sensor.ext.obsrvbl.comandpressEnterKo te uara hapa o te tuakiri kāore i te mōhiotia ko te tikanga kāore te pūoko e hono ana ki tētahi tomokanga. Tirohia te ahua e whai ake nei mō tētahi tauiraample.Tō kaihautū ratonga URL tērā pea he rerekē i runga i tō tauwāhi. I roto i tō tomokanga Haumarutanga Kapua, haere ki Ngā Tautuhinga > Ngā Pūoko ka panuku ki raro o te whārangi hei kimi i tō kaihautū ratonga url.
Tāruatia te wāhitau IP tuakiri.
Takiuru atu i te pūoko.
Takiuru ki te Secure Cloud Analytics hei kaiwhakahaere pae.
Tīpakohia ngā Tautuhinga > Ngā Pūoko > IP Tūmatanui.
Pāwhiritia Tāpiri Wāhitau IP Hou.
Whakauruhia te wāhitau IP tuakiri ki te āpure Wāhitau Hou. 9. Pāwhiritia te Waihanga. Whai muri i te whakawhiti kī o te tomokanga me te pūoko, ka whakatūria e rātou te wā kei te heke mai
Pāwhiritia te Waihanga. Whai muri i te whakawhiti kī o te tomokanga me te pūoko, ka whakatūria he hononga ā muri ake nei mā te whakamahi i ngā kī, ehara i te wāhitau IP tūmatanui.
E 20 meneti pea te roa i mua i te whakaatahia mai o tētahi pūoko hou ki te tomokanga.

Tāpirihia ā-ringa te Kī Ratonga o te Tomokanga ki te Pūoko
Mena kāore e taea e koe te tāpiri i te wāhitau IP tūmatanui o te pūoko ki te web tomokanga, he tangata rānei koe
MSSP e whakahaere ana i ngā maha web ngā tomokanga, whakatikahia te whirihoranga whirihoranga ā-rohe o te pūoko file hei tāpiri ā-ringa i te kī ratonga o te tomokanga hei hono i te pūoko ki te tomokanga.
Ka mahia aunoatia tēnei whakawhiti kī ina whakamahia te wāhitau IP tūmatanui i te wāhanga o mua.

Takiuru ki te Secure Cloud Analytics hei kaiwhakahaere.
Tīpakohia Tautuhinga > Pūoko.
Whakatere ki te pito o te rārangi pūoko ka tārua i te Kī Ratonga. Tirohia te ahua e whai ake nei mō tētahi tauiraample.
Kī Ratonga:(whakaatu) Kaihautū Ratonga:
SSH ki roto i te pūoko hei kaiwhakahaere.
I te tohu whakahau, tāuruhia tēnei whakahau: sudo nano /opt/obsrvbl-ona/config.loca, kātahi ka pēhi i te Enter hei whakatika i te whirihoranga. file.
Tāpirihia ngā rārangi e whai ake nei, me te whakakapi me te kī ratonga o te tomokanga meurl>me tō kaihautū ratonga ā-rohe url# Kī Ratonga
KĪ_RATONGA_OBSRVBL = " "OBSRVBL_HOST="url>”
I roto i tō tomokanga Haumarutanga Kapua, haere ki Ngā Tautuhinga > Ngā Pūoko ka panuku ki raro o te whārangi hei kimi i tō kaihautū ratonga url.
Tirohia te whakaahua e whai ake nei mō tētahi tauira o muaample:
Pēhia te Ctrl + 0 hei tiaki i ngā huringa.
Pēhia te Ctrl + x hei puta.
I te tohu whakahau, patohia te sudo service obsrvbl-ona restart hei tīmata anō i te ratonga Secure Cloud Analytics.

E 20 meneti pea te roa i mua i te whakaatahia mai o tētahi pūoko hou ki te tomokanga.

Te Whirihora i te Proxy
Mena kei te whakamahi koe i te tūmau takawaenga, whakaotia ngā mahi e whai ake nei hei whakahohe i te whakawhitiwhiti kōrero i waenga i te pūoko me te web tomokanga.

SSH ki roto i te pūoko hei kaiwhakahaere.
I te tohu whakahau, tāuruhia tēnei whakahau: sudo nano /opt/obsrvbl-ona/config.local, kātahi ka pēhi i te Enter hei whakatika i te whirihoranga. file.
Tāpirihia te rārangi e whai ake nei, me te whakakapi i te proxy.name.com ki te ingoa manaaki, ki te wāhitau IP rānei o tō tūmau proxy, me te Port ki te tau tauranga o tō tūmau proxy: HTTPS_PROXY=”proxy.name.com:Tauranga.”
Pēhia te Ctrl + 0 hei tiaki i ngā huringa.
Pēhia te Ctrl + x hei puta.
I te tohu whakahau, patohia te sudo service obsrvbl-ona restart hei tīmata anō i te ratonga Secure Cloud Analytics.

E 20 meneti pea te roa i mua i te whakaatahia mai o tētahi pūoko hou ki te tomokanga.

Te Whakaū i te Hononga Tomokanga o te Pūoko
I muri i te tāpiri i tētahi pūoko ki te tomokanga, whakaūhia te hononga i roto i te Secure Cloud Analytics.

Mena i hono ā-ringa koe i tētahi pūoko ki te web tomokanga mā te whakahou i te config.local
whirihoranga file mā te whakamahi i te kī ratonga, mā te whakamahi i te curlte whakahau hei whakaū i te hononga mai i te pūoko, tērā pea kāore e whakahokia mai te web ingoa o te tomokanga.

Takiuru ki te Tātari Kapua Haumaru.
Tīpakohia Ngā Tautuhinga > Ngā Pūoko. Ka puta te pūoko i te rārangi.

Ki te kore koe e kite i te pūoko i te whārangi Pūoko, takiuru ki te pūoko hei whakaū i te hononga.

SSH ki roto i te pūoko hei kaiwhakahaere.
I te tohu whakahau, patohia te curl https://sensor.ext.obsrvbl.comandpressEnter. Ka whakahokia mai e te pūoko te ingoa o te tomokanga. Tirohia te ahua e whai ake nei mō tētahi tauiraample.Tō kaihautū ratonga url tērā pea he rerekē i runga i tō tauwāhi. I roto i tō tomokanga Haumarutanga Kapua, haere ki Ngā Tautuhinga > Ngā Pūoko ka panuku ki raro o te whārangi hei kimi i tō kaihautū ratonga url.
Takiuru atu i te pūoko.

Te Whirihora i tētahi Pūoko hei Kohi Raraunga Rere

Ka hangaia e te pūoko ngā rekoata rere mai i te waka i runga i ōna atanga Ethernet mā te taunoa. E whakaaro ana tēnei whirihoranga taunoa kua honoa te pūoko ki tētahi tauranga SPAN, ki tētahi tauranga Ethernet whakaata rānei. Mena ka taea e ētahi atu taputapu i runga i tō whatunga te whakaputa rekoata rere, ka taea e koe te whirihora i te pūoko i roto i te web te atanga kaiwhakamahi o te tomokanga hei kohikohi i ngā rekoata rere mai i ēnei pūtake ka tuku atu ki te kapua.
Mena ka whakaputahia e ngā taputapu whatunga ngā momo rere rerekē, me whirihora te pūoko kia kohia ia momo mā runga i tētahi tauranga UDP rerekē. Mā tēnei ka taea hoki te whakatau raruraru
māmā ake. Mā te taunoa, kei te tuwhera ngā tauranga 2055/UDP, 4739/UDP, me te 9995/UDP i te pareārai pūoko ā-rohe (iptables). Ki te hiahia koe ki te whakamahi i ētahi atu tauranga UDP, me whirihora e koe i roto i
te web tomokanga.

Ka taea e koe te whirihora i te kohinga o ngā momo rere e whai ake nei i roto i te web atanga kaiwhakamahi o te tomokanga:

NetFlow v5 – Tauranga 2055/UDP (tuwhera taunoa)
NetFlow v9 – Tauranga 9995/UDP (tuwhera taunoa)
IPFIX – Tauranga 4739/UDP (tuwhera taunoa)
sFlow – Tauranga 6343/UDP

Kua whakaratohia e mātou ngā tauranga taunoa, engari ka taea ēnei te whirihora ki ō tauranga e pai ana ki a koe i roto i te web atanga kaiwhakamahi o te tomokanga.

Me whiriwhiri ētahi taputapu whatunga i roto i te web te atanga kaiwhakamahi o te tomokanga i mua i te mahi tika:

Cisco Meraki – Tauranga 9998/UDP
Cisco ASA – Tauranga 9997/UDP
SonicWALL – Tauranga 9999/UDP

Ka hāngai te pūmanawa Meraki putanga 14.50 i te hōputu kaweake rangitaki Meraki ki te hōputu NetFlow. Mena kei te whakahaerehia e tō pūrere Meraki te pūmanawa putanga 14.50, neke atu rānei, whirihorahia tō pūoko ki te Momo Probe o NetFlow v9 me te Pūtake o Paerewa. Mena kei te whakahaerehia e tō pūrere Meraki he pūmanawa putanga tawhito ake i te 14.50, whirihorahia tō pūoko ki te Momo Probe o NetFlow v9 me te Pūtake o Meraki MX (kei raro i te putanga 14.50).

Te Whirihora i ngā Pūoko mō te Kohinga Rere

Takiuru ki te Secure Cloud Analytics hei kaiwhakahaere.
Tīpakohia Tautuhinga > Pūoko.
Pāwhiritia te tahua taka-iho Tautuhinga mō te pūoko i tāpirihia e koe.
Kōwhiria te whirihora i te NetFlow/IPFIX.
Me whai putanga pūoko hou tēnei kōwhiringa. Ki te kore koe e kite i tēnei kōwhiringa, tīpakohia te Āwhina (?) > Tāuta Pūoko On-Prem hei tango i te putanga o nāianei o te ISO pūoko.
Pāwhiritia Tāpirihia he Pūtirotiro Hou.
Kōwhiria he momo rere mai i te tahua taka-iho Momo Tirotiro.
Whakauruhia he nama Tauranga.
Ki te hiahia koe ki te tuku i te Enhanced NetFlow ki tō pūoko, kia mōhio koe kāore te tauranga UDP e whirihorahia ana e koe i te tauranga e whirihorahia ana mō te Flexible NetFlow, te IPFIX rānei i roto i tō whirihoranga pūoko. Hei tauiraampWhirihorahia te tauranga 2055/UDP mō te Enhanced NetFlow, me te tauranga 9995/UDP mō te Flexible NetFlow. Tirohia te Aratohu Whirihoranga mō te Enhanced NetFlow mō ētahi atu kōrero.
Kōwhiria he Kawa mai i te tahua taka-iho.
Kōwhiria he Pūtake mai i te tahua taka-iho.
Pāwhiritia Tiaki.

E 30 meneti pea te roa ka puta mai ngā whakahōutanga whirihoranga pūoko i roto i te tomokanga.

Raparongoā

Hopukia ngā Mōkihi mai i te Pūoko
I ētahi wā, me manatoko pea e te Tautoko Cisco ngā raraunga rere e whiwhihia ana e te pūoko. Ka tūtohu mātou kia mahia tēnei mā te whakaputa i tētahi hopunga mōkihi o ngā rere. Ka taea hoki e koe te whakatuwhera i te hopunga mōkihi i roto i te Wireshark hei whakahou.view nga raraunga.

SSH ki roto i te pūoko hei kaiwhakahaere.
I te tohu, patohia te sudo tcpdump -Dā, pēhi i te Enter hei view he rārangi o ngā atanga. Tuhia te ingoa o te atanga Mana o tō pūoko.
I te tohu, patohia te sudo tcpdump -i -n -c 100 “tauranga "-w" , whakakapi me tō ingoa atanga Mana, me te tau tauranga e rite ana ki ō raraunga rere kua whirihorahia, me me te ingoa mō te pcap i hangaia file, kātahi ka pēhi i te Enter. Ka whakaputa te pūnaha i tētahi pcap file me te ingoa kua tohua mō te rere o taua atanga, mā runga i te tauranga kua tohua.
Takiuru atu i tō pūoko.
Mā te whakamahi i tētahi papatono SFTP, pērā i te PuTTY SFTP (PSFTP), WinSCP rānei, takiuru ki te pūoko.
I te tohu, patohia te "get" , whakakapi me tō pcap i hangaia file ingoa, ka pēhi i te Enter hei whakawhiti i te file ki tō teihana mahi ā-rohe.

Tātarihia te Hopu Packet i roto i te Wireshark

Tikiake me te tāuta i te Wireshark, kātahi ka whakatuwhera i te Wireshark.
Tīpakohia File > Whakatuwheratia, kātahi ka tīpako i tō pcap file.
Tīpakohia Tātari > Wetewaehere Hei.
Pāwhiritia te + hei tāpiri i tētahi ture hou.
Tīpakohia te CFLOW mai i te tahua taka-iho o nāianei, kātahi ka pāwhiri i te ĀE. Ka whakahōu te atanga kaiwhakamahi ki te whakaatu i ngā mōkihi e pā ana ki a NetFlow, IPFIX, sFlow rānei. Ki te kore he hua e puta mai, kāore te pcap i roto i ngā mōkihi e pā ana ki a NetFlow, ā, kua hē te whirihoranga o te kohinga raraunga rere i runga i te pūoko.

Rauemi Tāpiri

Mo etahi atu korero mo te Secure Cloud Analytics, tirohia enei e whai ake nei:

https://www.cisco.com/c/en/us/products/security/stealthwatch-cloud/index.html mo te tianara ki rungaview
https://www.cisco.com/c/en/us/support/security/stealthwatch-cloud/tsd-products-support-series-home.html mo nga rauemi tuhinga
https://www.cisco.com/c/en/us/support/security/stealthwatch-cloud/products-installation-guides-list.html mo te whakaurunga me nga kaiarahi whirihoranga, tae atu ki te Aratohu Whakamahinga Tuatahi o te Kapua Kapua tātaritanga

Whakapā Tautoko
Mena kei te hiahia tautoko hangarau koe, mahia tetahi o enei e whai ake nei:

Whakapa atu ki to hoa Cisco rohe
Whakapā Cisco Tautoko
Hei whakatuwhera i tetahi keehi na web: http://www.cisco.com/c/en/us/support/index.html
Hei whakatuwhera i tetahi keehi ma te imeera: tac@cisco.com
Mo te tautoko waea: 1-800-553-2447 (US)
Mo nga nama tautoko o te ao: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html

Huri Hītori

Putanga Tuhinga	Te Ra Whakaputa	Whakaahuatanga
1_0	Paenga-whāwhā 27,2022	Putanga tuatahi
1_1	Akuhata 1,2022	Te whakahou i ngā mōhiohio Tautoko Cisco. Kua tāpirihia he tuhipoka mō ngā IP tūmatanui.
1_2	Hui-tanguru 17, 2023	Kua tāpirihia te wāhanga Whirihoranga Takawaenga. Kua whakahoutia ngā tautuhinga pūoko Meraki.
1_3	Pipiri 21,2023	I whakatikahia tētahi hapa tuhituhi. Te taunga kua whakahoutia mō ngā tukanga.
1_4	Paenga-whāwhā 8, 2024	Kua whakahoutia te kupu whakataki i roto i te Pāpāho Pūoko Te whakaurunga me te Whirihoranga wāhanga. Ngā huringa hōputu iti.
1_5	Oketopa 30, 2024	Whakahoutia te Ngā Whakaritenga Whakauru Pūoko wahanga.
2_0	Hakihea 4, 2024	Kua whakahoutia te putanga pūoko, kua tāutahia he Pūoko wāhanga, Te Kimi me te Tāpiri i te Wāhitau IP Tūmatanui o te Pūoko ki te Tomokanga wāhanga, me Ngā Whakaritenga o te Pūoko wahanga.
2_1	Paenga-whāwhā 21, 2025	Kua tāpirihia te tuhipoka kōwhiringa whakaara VMware ki te Ngā Whakaritenga Tāpiri mō te Mīhini Mariko wahanga. Whakahoutia te Tāpirihia ā-ringa te Kī Ratonga o tētahi Tomokanga ki tētahi Pūoko wāhanga hei whakauru i ngā mōhiohio whirihoranga OBSRVBL_HOST.
2_2	Oketopa 17, 2025	I tangohia te herenga o Amerika Te Raki-anake mō te whakamana i te pūoko kia kōrero noa ki ngā wāhitau Cisco e mōhiotia ana.

Nga korero Mana pupuri

Ko Cisco me te tohu Cisco he tohu tohu, he tohu rehita ranei na Cisco me ona hononga ranei i te US me etahi atu whenua. Ki view he rarangi o nga tohu tohu Cisco, haere ki tenei URL: https://www.cisco.com/go/trademarks. Ko nga tohu tohu-tuatoru kua whakahuahia ko nga rawa o ratou ake rangatira. Ko te whakamahi i te kupu hoa ehara i te mea he hononga hononga i waenga i a Cisco me etahi atu kamupene. (1721R)

FAQ

Ka taea e te pūoko te kohikohi i ngā rerenga IPv6?

Kāo, kāore te pūoko e tautoko i ngā waka IPv6.

Tuhinga / Rauemi

Pūoko Tātari Kapua Haumaru CISCO [pdf] Aratohu Kaiwhakamahi
Pūoko Tātari Kapua Haumaru, Pūoko Tātari Kapua, Pūoko Tātari, Pūoko

Tohutoro

Pukapuka Kaiwhakamahi

Waiho he korero

Whakakore whakautu