cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
229
Views
0
Helpful
6
Replies
Beginner

Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

Hi my name is Ivan, 

My customer have a Cisco UCS working with a lot of virtual servers in production (database's in cluster) and he needs to pass the traffic netflow in a ethernet port dedicated (10gb) to spread the rspan vlan from the switch core, and also the management of flow sensor.

Someone give us an advice to use static pinning, but We don't know exactly which are the method to implement this.

Can you help us please?

Best regards Ivan.

6 REPLIES 6
Hall of Fame Master

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

In your ESXi environment you need to choose the option to “Create a vSphere standard switch” and select a physical interface on the ESXi server that has been or will be connected to a physical span/mirror/tap port. This interface cannot be used by any other vSwitch. In the Network Label field enter FSVE-Span01 as the name of the port group you are creating. In the VLAN ID field ensure that None (0) is selected.

That physical interface on the ESXi server must be cabled to the RSPAN port on your physical network switch.

Then edit the FSVE VM settings to add that adapter. Make sure you change the Adapter Type value to VMXNET 3 and the Network Label value to FSVE-Span01. Ensure that the “Connect at power on” option is enabled.

Beginner

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

Hi Marvin

Will exist anyone issues with the another vortual machines? 

Have i do another configuration to see the netflow traffic? The purpose is be able to see the traffic of the vlans, no the traffic into the ucs 

How can i configure the management of the flow sensor?

Best regards Ivan.

Hall of Fame Master

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

The interface I described is in addition to the normal one(s) you use for basic flows and management. Because it is a dedicated physical Network Interface on a dedicated vSwitch it does not interact with or affect any other VMs on the server.

If you are a partner, please refer to the Stealthwatch POV build guide on Salesconnect. It has 125 pages of details, including the small excerpt I provided earlier.

Beginner

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

Can i configure this in a Nutanix Server?. My customer wants to install cisco flow sensor in Nuxtanix server

Do you have any information about the configuration in this server?

Regards, Ivan 

Hall of Fame Master

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

Sorry I have never worked on the Nutanix platform and haven't seen any Cisco documentation advising on it either.

You'd be better off asking with Nutanix than here at a Cisco forum.

Highlighted
Beginner

Re: Cisco Stealthwatch Flow Sensor with ethernet port dedicated in UCS

Cisco documentation indicates that there is a virtual edition available that is supported on VMware and KVM. That should run on Nutanix as long as the underlying hypervisor version is supported by both Nutanix and Cisco. There are also specific hardware requirements spelled out in the documentation.

https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/system_installation_configuration/SW_7_0_0_Installation_and_Configuration_Guide_DV_3_1.pdf