Справочник Пользователя для SonicWALL 5.8.1
Log > Flow Reporting
1378
SonicOS 5.8.1 Administrator Guide
Step 3
Select Netflow version-9 from the External Flow Reporting Format drop-down list.
Step 4
Specify the External Collector’s IP address in the provided field.
Step 5
For the Source IP to Use For Collector on a VPN tunnel, specify the source IP if the external
collector must be reached by a VPN tunnel. Note that this step is optional.
collector must be reached by a VPN tunnel. Note that this step is optional.
Step 6
Specify the External Collector’s UDP port number in the provided field. The default port is
2055.
2055.
Step 7
Select the Send IPFIX/Netflow Templates At Regular Interval checkbox. Note that Netflow
version-9 uses templates that must be known to an external collector before sending data.
version-9 uses templates that must be known to an external collector before sending data.
Step 8
Click the Generate ALL Templates button in the topmost toolbar.
Step 9
In Connection Report Settings, for Report Connections, do one of the following:
•
Select All to report all flows.
•
Select the INTERFACE-based option. Once enabled, the flows reported are based on the
initiator or responder interface.
initiator or responder interface.
•
Select the Firewall/App Rules-based option. Once enabled, the flows reported are based
on already existing firewall rules.
on already existing firewall rules.
Note
The above fields are the required fields for successful Netflow version 9 configuration. All
other configurable fields are optional.
other configurable fields are optional.
IPFIX (NetFlow version 10) Configuration Procedures
To configure IPFIX, or NetFlow version 10, flow reporting, follow the steps listed below.
Step 1
In Settings, select the checkbox to Enable AppFlow To Local Collector.
Step 2
In External Collector Settings, select the Send AppFlow and Real-Time Data To EXTERNAL
Collector checkbox to enable flows to be reported to an external flow collector. Remember, not
all collectors will work with all modes of flow reporting.
Collector checkbox to enable flows to be reported to an external flow collector. Remember, not
all collectors will work with all modes of flow reporting.
Step 3
Select IPFIX from the External Flow Reporting Format drop-down list.
Step 4
Specify the External Collector’s IP address in the provided field.
Step 5
For the Source IP to Use For Collector on a VPN tunnel, specify the source IP if the external
collector must be reached by a VPN tunnel. Note that this step is optional.
collector must be reached by a VPN tunnel. Note that this step is optional.
Step 6
Specify the External Collector’s UDP port number in the provided field. The default port is
2055.
2055.
Step 7
Select the Send IPFIX/Netflow Templates At Regular Interval checkbox.
Step 8
Click the Generate ALL Templates button in the topmost toolbar.
Step 9
In Connection Report Settings, for Report Connections, do one of the following:
•
Select All to report all flows.
•
Select the INTERFACE-based option. Once enabled, the flows reported are based on the
initiator or responder interface.
initiator or responder interface.
•
Select the Firewall/App Rules-based option. Once enabled, the flows reported are based
on already existing firewall rules.
on already existing firewall rules.