NSE-12 and NSE-22 quick start guide

Introduction

Network Service Element is available in two configurations and two storage sizes, respectively SPAN and TAP and 500GB and 2TB.  

The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.

The fail-safe TAP model has been designed to be installed inline between the CPE and the local switch.  No specific configuration of those devices is required.

Solution

Connect to the appliance

The appliance is accessible through ssh using a terminal emulator program and via a serial console located on the back of the appliance.  It ships with two local user accounts, Administrator and comcert. User Administrator has been created to be used by the end-user to safely shut-down and reboot the appliance.  User comcert is reserved for COMCERT Support (C-TAC). 

Using a computer or terminal:

From a computer running Windows: use a recent version of a program such as MobaXterm or Putty to connect to NSE.

From a computer running Linux: to connect to NSE, run the following command:

ssh -l Administrator <IPaddressPMA>

Using the serial console:

Use a serial cable to connect to the RS-232/RJ45 serial port on the backside of the NSE. Set the serial port on your computer to match the settings of the appliance: 9600, 8N1, no flow control.

Running commands

User Administrator has restricted access to the appliance and can only run a predefined set of commands as user root (sudo).  Please remember to add "sudo" in front of the classical nGenius commands.

Example:

./PS will become sudo ./PS

./localconsole will become sudo ./localconsole

systemctl restart vstream will become sudo systemctl restart vstream

Shutdown and reboot the appliance

All applications must be brought-down properly before shutting-down or rebooting the appliance. Failure to do so may result in loss of recorded data.

Connect to NSE and login as Administrator.

Once authenticated, run one of the following commands:

To restart the appliance:

$ nse-restart

To shut-down the appliance:

$ nse-shutdown

Power-off is the equivalent of removing the power cable from the appliance and it may cause data loss. Use only when restart and shutdown fails.

To power-off the appliance forcefully:

$ nse-poweroff