Configuring Byte25 Appliances

Setting IP Address Information

Access the network configuration menu screen from the 3 ‘ellipsis’ menu on the top right of the web interface. Network address settings are available under the ‘Configure’ option.  

Click on the port selected as a management port to have an IP address (labelled MGMT or Eth0) and apply the settings as appropriate from the left hand panel. Once done be sure to save the configuration and reboot.  

Out of Band Offline Mode

Out of Band mode is where the Byte25 Corporate Appliance is installed ‘offline’. That is, where the appliance is not installed in the main data path but rather collects data from a device such as an ethernet tap or configure switch mirror port.  Because the appliance is not in the network path, there is no risk of a network outage should the appliance lose power.

Follow the steps below to configure out of band mode:

1. 1. Select the ‘monitor’ port by clicking it on the appliance layout. The monitor port should be highlighted with a red box.
   2. In the Port Information panel, endure that ‘Capture Mode’ is set to ‘Enabled’
   3. Stop and start the Performance Engine and Threat Detect Engine in the right hand side Configuration Panel.

NetFlow Collection Mode

NetFlow mode is where the Byte25 Corporate appliance uses flow based agents in external devices such as switches and routers to collect statistical information on network performance.

Follow the steps below to configure NetFlow mode:

1. 1. From the right hand configuration panel, select the NetFlow v5 radio button
   2. Add the relevant port number in the ‘Port Number’ input dialog box. Note that the port number refers to the USP port hat the external device is using to send NetFlow data.
   3. Stop and start the Performance Engine and Threat Detect Engine in the right hand side Configuration Panel.

Configuring Data Export

The Byte25 hardware and virtual appliances do not store network performance or security data locally. The appliance must be configured to export data to a central database, either the Byte25 Cloud based server or a dedicated on premise server.

To export data, the Byte25 Corporate Appliance needs to have a ‘Customer ID’ to authenticate with the central database. The Customer ID will be different depending on whether the appliance is exporting to the Byte25 Cloud server or a dedicated on premise server;

• • When exporting to the Byte25 Cloud based server, you will need a unique customer ID that is provided as part of the Byte25 subscription. Contact Byte25 if you do not know your unique Customer ID.
  • When exporting to a dedicated Byte25 on premise server, unless you have a dedicated customer ID as part of your subscription, use the default Byte25 customer ID of 27badb594ea3.

From the right hand configuration panel, set the following parameters:

• • Remote Database Location: <Cloud or On-Premise>
  • Remote Address: <IP address of fully qualified domain name of remote database>
  • Customer ID: <Dedicated Customer ID>

Configuring Subnets for Reporting & Analysis

Byte25 classifies data by subnet so a much richer picture of network traffic is available if you configure known subnet or site addresses for your network.

To  configure subnets, first login to the Byte25 cloud server. Your login details should have been provided, if you do not have a Byte25 cloud login, please contact Byte25 support.

Once logged into the Byte25 cloud server, subnet configuration is accessed from the top right ‘three ellipsis’ menu under the ‘Configure Sites’ option.

From here you will see two ‘sub-tabs’ Site/Subnet Config and Flow Source Config – select Site/Subnet Config to add new subnets or sites sources.

To add a site, simply select the ‘Add New Site’ option an enter the relevant subnet details. The bandwidth field is used to calculate percent utilisation for the site and is typically set as the speed of provisioned bandwidth to the site.

Groups of sites can also be configured and to reflect the logical topology of the network.

Once configured, you will see the sites and groups appear on the left-hand panel. Sites can be dragged and dropped on this panel as required to help in building the topology.

Configuring Netflow Sources for Reporting & Analysis

When using NetFlow agents as the data source, it is often useful to be able to generate reports based on individual or specific NetFlow sources. Configuring NetFlow sources is similar to configuring subnets and can be achieved as follows.

To  configure NetFlow sources, first login to the Byte25 cloud server. Your login details should have been provided, if you do not have a Byte15 cloud login, please contact Byte25 support.

Once logged into the Byte25 cloud server, subnet configuration is accessed from the top right ‘three ellipsis’ menu under the ‘Configure Sites’ option. From here you will see two ‘sub-tabs’ Site/Subnet Config’and Flow Source Config – select Flow Source Config to add new NetFlow sources.

To add a site, simply select the ‘Add New Flow Source’ option an enter the relevant NetFlow Agent details.

Once configured, you will see the NetFlow soirces appear on the left-hand panel. Sites can be dragged and dropped on this panel as required to help in building the topology.

Synchronising Byte25 Collector Appliances

When changes are made to the flow source configuration, the changes need to be synchronised with the relevant Byte25 appliances installed onsite. The synchronisation process may take up to 5 minutes to complete.

Flow source changes will be pushed to all appliances for the specific customer.

The status of the synchronisation process can be checked from the Admin view under Appliances.

The synchronisation process is still pending when the Action Status for the specific appliance shows as Pending, The specific action to be completed is shown in the Action column. For flow source syncronisation, the action is Flowsource Synchronisation.