Understanding the vGW Series Network Module

The Network module of the vGW Security Design VM displays network traffic for guest virtual machines (VMs) that are selected in the VM tree. You can view network traffic for all VMs or selected ones.

This topic describes the Network module components. It includes the following sections:

The Network Module

The Network module displays network traffic for VMs that you select in the VM tree pane. You can view network traffic for all VMs or selected ones.

The Network module contains the following six tabs:

To display information for a VM, the VM must have a known IP address. The IP address is determined automatically if VMware Tools is installed on the VM. If it is not set automatically, you can set the IP address manually using the Settings module vGW Application section Machines page.

Manipulating Displayed Information

The Network Summary tab allows you to display information about all VMs, as shown in Figure 27.

A line graph displayed at the top of the screen plots bandwidth usage for the top VMs in the report. A table below the graph provides detailed network data for VMs selected in the VM tree. In this case, data for 1 hour is displayed.

Figure 27: Network Summary Tab for All VMs

 Network Summary Tab for All VMs

To display information about a single VM, you select the VM in the VM tree. Figure 28 shows the information displayed the Corp-AD-Secondary VM.

Figure 28: Main Module Network Module Summary Tab for a Single VM

 Main Module Network Module Summary Tab
for a Single VM

To view a VM’s connection, click an individual line in the graph. To display a filter for a protocol, click the protocol field.

Changing the Time Interval for Displayed Information

To change the period for which network data is plotted, use the Time Interval menu. Choose a different interval, and click Update. You can select a time interval or specify a custom period. The time interval feature is also available for other vGW Security Design modules.

Figure 29 and Figure 30 show information for all machines for two different time periods.

Figure 29: Displaying Network Data for Different Time Intervals: Part 1

Displaying Network Data for Different Time
Intervals: Part 1

Figure 30: Displaying Network Data for Different Time Intervals: Part 2

Displaying Network Data for Different Time
Intervals: Part 2

Real-time data from the last traffic interval populates the Total, In, Out, and Internal table columns. If you are charting protocols, sources, destinations, or top talkers, the interval selected is used to calculate the minimum, maximum, and average figures in the table shown below the graph.

For example, if you specified 4 minutes as the time interval, the graph would show a sample of the throughput every 10 seconds. Each dot show represents the average throughput value for that period.

You can view historical data by specifying a custom time period. In the Time Interval menu, select Custom Time Period. Enter dates in the From and Toboxes, or use the calendar pop-up window. If you do not specify a time, the field defaults to 00:00. See Figure 31.

Figure 31: Viewing Historical Network Data for a Custom Time Period

Viewing Historical Network Data for
a Custom Time Period

Note: Depending on the size of the database and the resources available to it, when you specify a custom time period, the vGW Security Design VM might take 30 minutes or more to chart the data and display it. When you want to examine a large data set, for example, data from a month or more, we recommend that you use the Reporting module.

Using Advanced Options for Filtering Network Data

You can filter information to be displayed. To display filtering options, click show advanced in the time interval bar. Figure 32 shows advanced filtering options used on network connections data.

Figure 32: Filtering on Network Data

Filtering on Network Data

Click the Filter 1 and Filter 2 menus to select filtering options, enter settings in their respective boxes, then click Update to refresh the graph and data displayed, based on your settings. Click Clear to reset filter boxes.

Note: Configured filters affect all data in the graph and tables.

Other advanced options differ somewhat depending on the tab you are viewing. Table 4 describes the Advanced options.

Table 4: Using Advanced Options for Filtering Network Data

Select

Action

Auto-refresh

Refreshes data automatically every 60 seconds.

mark verified VMs

Causes the vGW Series to automatically use the unique VMware ID/UUID as well as the IP address to validate that connections are actually coming from the identified server. Using both values protects against issues such as IP spoofing. VMs for which this extra validation occurs can be displayed in the interface.

multicast in table

Includes multicast packets when monitoring. Because multicast packets are not destined for a specific host and they are seen by all machines on the network, they are included in the connection session list for all VMs.

However, the amount of multicast traffic can be quite large, and it can obscure sessions specific to a selected VM. To remove multicast from this view, clear multicast in table check box.

To exit the advanced view, click show basic.

Sorting Table Data

You can sort table data in the Network page by column. Drag the pointer over the column headings. When the pointer changes to the pointing hand, click the column heading to sort.

Related Documentation