A port exclusion filters the application port traffic at the monitoring device and maximizes the available resources on the management console, while at the same time focusing the management console user’s attention on the applications of interest. The monitoring device ignores TCP sessions that match a port exclusion. For example, every time a user connects to a remote share, such as \\myserver\sharename, the SMB (Server Message Block) protocol opens two TCP sessions, TCP-139 and TCP-445. If the remote session is established on 445 (any Windows-based system from Windows 2000 forward), the SMB protocol will reset (RST) the 139 session and use the session established on TCP port 445. TCP-139 is used for SMB to Windows machines prior to Windows 2000. To avoid monitoring the short-lived TCP-139 sessions on all specified server subnets, create a port exclusion for port 139 and, if necessary, assign it to a domain.
Port exclusions take precedence over system- and user-defined applications. For example, if you want to create a user-defined application, and there is an existing port exclusion that matches the port range you want, edit the port exclusion to allow the management console to monitor the port range, and then create the application.
You can also use port exclusions to ignore uninteresting application server traffic that would otherwise be automatically monitored by the management console. For example, let’s assume that all of your Microsoft SharePoint servers are hosted on the 192.168.43.0/24 server subnet, but 192.168.43.14 and 192.168.43.15 are test servers and you do not want to monitor them. To enable the management console to automatically monitor all of your production SharePoint servers:
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|