FlowTraq® Q3/14 User Manual

FlowTraq, Inc

Copyright © 2009-2014 FlowTraq, Inc

September, 2014

Contents

1. Introduction
1.1. System Overview
1.2. Support, Training, and Professional Services
1.2.1. Technical Support
1.2.2. Training and Professional Services
1.3. Change Log
1.3.1. Changes in FlowTraq Q3/14
1.3.2. Changes in FlowTraq Q2/14
1.3.3. Changes in FlowTraq Q1/14
1.3.4. Changes in FlowTraq Q4/13
1.3.5. Changes in FlowTraq Q3/13
1.3.6. Changes in older versions of FlowTraq
1.3.7. FlowTraq
2. Installation
2.1. System Requirements
2.1.1. Server Hardware Requirements
2.1.2. Platform Requirements
2.2. Deploying the Virtual Appliance
2.2.1. Memory and Disk
2.2.2. Using a remote FlowTraq server
2.3. FlowTraq Server Daemon Installation
2.3.1. Preparing For Installation
2.3.2. Windows
2.3.3. Unix (including Mac OS X)
2.4. Installing the Web Portal
2.4.1. Software Prerequisites
2.4.2. Installation Overview
2.4.3. Detailed Installation Guides
2.4.4. Access
2.4.5. Installation Troubleshooting
2.5. FlowTraq Desktop Client
2.5.1. Preparing For Installation
2.5.2. Windows
2.5.3. Mac OS X
2.5.4. Unix
2.6. Initial Configuration
2.6.1. FlowTraq Login
2.6.2. Entering a License Key
2.6.3. Changing your Password
3. Operation
3.1. FlowTraq User Interface
3.1.1. The Workspace
3.2. Command Line Interface
3.2.1. Overview
3.2.2. Retrieving Raw Session Data from the Command Line with ftsq
3.2.3. Time Navigation
3.2.4. Filter String Syntax
3.2.5. Retrieving Statistical Queries from the Command Line with ftstat
3.2.6. Assigning Friendlynames from the Command Line with ftname
3.2.7. Session Key Reauthentication
3.3. The Java Desktop Interface
3.3.1. The Dashboard
3.3.2. Interactive Reports (Workspaces)
3.3.3. Session Explorer
3.3.4. Scheduled Reports
3.3.5. Alerts and Notifications
3.4. Network Behavioral Anomaly Detection Toolkit
3.4.1. Requirements
3.4.2. Detectors and Configuration
3.4.3. Command Line Configuration
3.4.4. Investigating Alerts
4. Administration
4.1. Partition Management
4.1.1. Defining Internal Blocks
4.1.2. Assigning Flows to Partitions
4.1.3. Managing Partitions from the Command Line with ftgroup
4.2. User Management
4.2.1. Managing Users in FlowTraq
4.2.2. Managing Users from the Command Line with ftum
4.2.3. Configuring LDAP External Authentication
4.3. NetFlow Export Configuration
4.3.1. Cisco Device Configuration
4.3.2. VMWare vSphere 5.1 (or later)
4.3.3. Open VSwitch SDN
4.3.4. Using Flow Exporter
5. Appendices
5.1. FlowTraq Web API Reference
5.1.1. Version 1
5.2. Legal Notices
5.2.1. END USER LICENSE AGREEMENT FOR FLOWTRAQ
5.2.2. Third-Party Software Components
   Next