GVFOC - Gigamon Visibility Fabric Overview and Configuration


GVFOC - Gigamon Visibility Fabric Overview and Configuration


Price
Length : 2 days
$1,995.00

This 2-day overview course walks you through the high level aspects of the features and functions of the Gigamon hardware and software solutions. It contains several labs and is ideal for people who are just getting introduced to Gigamon, or already have Gigamon deployed but have received no formal training.

About this Course

This two-day, instructor-led course will teach you how to implement and configure Gigamon® devices and services. Through this course you will learn the key features of Gigamon devices and the value of properly incorporating a Visibility Fabric™ into your network monitoring system.

With increasing demands for agility and automation in the IT infrastructure and with ever-changing threat patterns in the network traffic, there is a critical need to automatically detect, react, and respond to these threats while also integrating visibility into IT operations management. This course will teach you how to use Gigamon\'s technology to gain visibility into your network traffic to prevent these threats.

Who should attend

  • System Administrators
  • Systems Engineers

Class Prerequisites

  • Basic understanding of networking concepts
  • Familiarity with network monitoring tools

What You Will Learn

  • Describe the Visibility Fabric™ architecture
  • Describe the Gigamon products used to create a Visibility Fabric™
  • Define Visibility Fabric features and applicable usage
  • Deploy a GigaVUE® H Series appliance
  • Deploy Gigamon Fabric Manager, GigaVUE-FM
  • Perform initial setup configuration of GigaVUE H Series appliance
  • Configure Gigamon Fabric Manager to manage H-Series Node
  • Describe clustering of Gigamon Nodes
  • Describe packet distribution in the Visibility Fabric™
  • Configure Flow Mapping® using GigaVUE-FM Fabric Manager™
  • Describe the scope of GigaSMART® features
  • Perform configuration of select GigaSMART features
  • Implement GigaVUE-VM in a VMware environment

Outline

Module 1: Gigamon Solution Overview

  • Adoption trends
  • Key value propositions
  • Product family overview

Module 2: Planning and First Use

  • Selecting traffic sources
  • Initial setup of GigaVUE H Series

Module 3: Packet Distribution

  • Aggregate, replicate, filter
  • Flow Mapping
  • Pass-all, port pair, tool-mirror

Module 4: GigaSMART Overview

  • De-duplication
  • Packet slicing
  • Time stamping
  • Data masking
  • Source port labeling
  • Header stripping
  • Tunneling
  • Adaptive Packet Filtering
  • GTP correlation
  • NetFlow generation
  • FlowVUE®
  • SSL decryption
  • Load Balancing

Module 5: Introduction to Managing a Visibility Fabric™

  • GigaVUE-FM (Fabric Manager)

Module 6: System Maintenance and Troubleshooting

  • User Accounts
  • Backup and Restore
  • Upgrading and Licensing
  • Logging and Monitoring
  • Troubleshooting

Module 7: Implementing GigaVUE Clusters

  • Cluster design
  • Clustering configuration
  • Troubleshooting

Labs

Online help
This lab provides a brief exploration of the CLI and online help and directs the student’s attention to various ways to leverage the online help capabilities so that the User Guide is rarely needed.

Port Behavior Setup
This lab shows the student how to define the mode for network and tool ports in both the GigaVUE CLI and the Fabric Manager GUI interface.

Pass-all Configuration
The first traffic forwarding configuration example will forward all packets received on a Network port to a Tool port. This is the simplest possible traffic forwarding configuration and the student will configure this type of map from the CLI as well as Fabric Manager.

Adding a VLAN Tag to ingress traffic
It can be useful to know where traffic was collected, since the same packet can be gathered at multiple points along the way to its destination. It is also useful to have tools sort traffic according to traffic origin. For exercise 4 you will modify the port settings to have the GigaVUE node insert a VLAN Tag into packets received.

Simple Flow Map Configuration
Instead of indiscriminately forwarding everything flow maps are highly flexible, easily reconfigured sets of instructions for forwarding selected traffic from one or more Network ports over to one or more Tool ports. The you will configure a simple filter condition to forward only IP version 4 traffic from a Network ingress port to a Tool egress port.

More Complex Flow Map Configuration with Rule Prioritization
After reviewing the configurations with the show map command or the show running command, the you will practice removing previously defined mappings and replace those maps using the same ports, but different rules. You will practice using overlapping filters.

Shared Collector Configuration
An additional type of rule, which may be configured is the special shared collector rule. In exercise 7, You will configure a shared collector in the CLI and Fabric Manager to catch data that fails to meet the conditions defined in previously defined rules.

User-Defined Attribute (UDA) Filter
User-defined pattern matching supports either one or two 16-byte pattern matches in a map rule. For this lab you will configure a UDA filter for Q-in-Q inside VLAN Tag 102 within a stacked-tag packet.

Tool Mirror
Network owners are often faced with upgrading existing security and monitoring tools, or acquiring new security or monitoring capabilities. In this lab you will replicate traffic destined for one Tool egress port and sent an identical copy to a second Tool egress port as if you were performing a side-by-side Proof-of-Concept evaluation.

Replication and Egress Filtering
Replication is one of the most common uses of a Visibility Fabric. Only one tool can connect to any single SPAN or TAP port. To grant equal access to the same traffic stream you must replicate the packets. In this lab you will configure destination Tool ports to receive a complete and identical copy of the selected traffic stream.

The egress filter example takes replication to the next level. You will configure an egress filter that allows only a subset of the web traffic to be sent to an attached tool.

Hybrid Ports
A Hybrid port is similar to a Tool port, except that Tool ports are exclusively output ports while Hybrid ports can also be used as a Network ingress port for additional maps. In this lab you will configure a Hybrid port loopback function to allow any traffic forwarded to a port by any map or pass-all to be made available to other mapping operations.

Tool GigaStream®
Assume that the volume of web traffic, which is selected by the map exceeds the processing power or link capacity for the web analyzer attached to a Tool egress port, and a second web analyzer is required to process the load. You will reconfigure an existing map so that the web traffic is divided between Tool ports using a Tool GigaStream.

Port-Pair
A port-pair is a bidirectional connection in which traffic arriving on one port in the pair is transmitted out the other (and vice-versa). You will configure port pairs to operates like a TAP so that the copied output is available to the backplane of the GigaVUE node.

Removing All Configurations
When moving a node from one location to another, before adding a node to a cluster, or in situations such as this training class the configuration needs to be removed. During this lab you will practice techniques to remove Maps and configuration elements from the GigaVUE node.

 

Class Dates:

Classes being scheduled,
call 1-800-755-0142 or

Contact Us with your request.

On Site Class Available

ExpertONE Learning Solutions Provider Microsoft Certified Partner Logo GSA Advantage