S Verifying Monitored Network Traffic
This appendix describes how you can use the TCP diagnostic facility to
verify that RUEI checks all required network traffic. It is recommended that a network
engineer within your organization validates collected network traffic after network
changes.
Introduction
The TCP diagnostics utility allows you to create 1-minute snapshots of the network traffic seen by a selected Collector. This snapshot can then be used to help determine whether there are gaps in the expected traffic flow. For example, there could be unconfigured port numbers, or an incorrectly specified VLAN ID.
The TCP traffic can be analyzed across client and server IP and MAC address, as well as port number and VLAN ID. Each snapshot's scope in terms of network traffic information is shown in Figure S-1.