After successfully deploying your Virtual Network Sensor, configure your network based on your requirements.
Once your Virtual Network Sensor has successfully connected to Network Inventory,
use the
table below to find the recommended configurations for your network environment based
on
your throughput and traffic type. Traffic type is determined by how data is passed
from the
monitored appliance to the Virtual Network Sensor:
-
Internal traffic is passed from the monitored appliance to a Virtual Network Sensor on the same host system through a virtual switch (VSS/VDS).
-
External traffic is passed from the monitored appliance to the Virtual Network Sensor via an external network switch. Generally, the monitored appliance is not on the same system as the Virtual Network Sensor, but can be in the case of monitoring VM-to-VM traffic or when using PCI passthrough.
Before applying any recommended network settings to Open vSwitch mirror settings,
you must
first prepare
a vSwitch.
 |
ImportantIf your throughput is equal to or greater than 2 Gbps, using a PCI passthrough is
recommended. Your data port must be able to connect to the internet.
|
To determine which deployment scenario is best for your network security needs, see
Mapping your deployment with KVM.
|
Monitored Throughput
|
Traffic Type
|
Recommended Network Configuration
|
|
Less than 2 Gbps
|
Internal
|
Set up Open vSwitch on the host system, utilizing the SPAN protocol
For more information, see Configuring internal network traffic with
Open vSwitch (SPAN).
|
|
External (VM-to-VM traffic)
|
Enable ERSPAN on the Virtual Network Sensor
For more information, see Configuring external inter-VM traffic with
ERSPAN (KVM host).
|
|
|
External (external sources)
|
Set up Open vSwitch on the host system, utilizing either the SPAN or RSPAN
protocol
|
|
|
Equal to or greater than 2 Gbps
|
External
|
Use PCI passthrough
For more information, see Configuring external network traffic with
PCI passthrough (KVM host).
|