DC Netscope agent

The DC Netscope virtual machine offers on port 5000 (5443 if https is enabled) an HTTP communication, which allows:

  • DC Scope to access an internal API
  • users to access a DC Netscope administration interface

In this section we describe the DC Netscope administration interface. It looks like the screenshot next:

Status

This page displays information about the operation of the DC Netscope virtual machine. In particular, it includes:

  • The date when the Netflow collector processed the last Netflow flow
  • The fill state of the two disks of the DC Netscope virtual machine
  • A button to defragment the second disk of the DC Netscope virtual machine.

Defragmenting the second disk reduces the amount of space DC Netscope occupies by cleaning up data that have been removed and compressing the DC Netscope files. In principle, this step is performed automatically every night at 3.30 am.

Security

Securing communications between DC Netscope and DC Scope

Enabling HTTPS

Go to the URL of the DC Netscope agent you have entered in the DC Scope settings, you will arrive on a page that looks like the screenshot below:

Click on the activate to the right of the column Ssl enabled to enable HTTPS. After a few seconds, you will be redirected to the same URL, but this time to port 5443.

In the DC Scope parameters, the URL of the Netscope agent must now be changed so that it refers to port 5443.

Adding a security token for the API

Go to the URL of the DC Netscope agent you have entered in the DC Scope settings, you will arrive on a page that looks like the screenshot below:

Click on the generate to the right of the column Token to generate a token for the Netscope API.

In the DC Scope parameters, the API token must now be added to the Token for the API.

Restriction of communication ports between Netscope and ESXis

It is possible to restrict the number of communication ports allowed between ESXis servers and the DC Netscope virtual machine. According to our tests, DC Netscope does not requires the following ports:

  • port 9000 (UDP) between ESXis and DC Netscope

Proxy and DNS

This section allows you to configure:

  • an HTTP proxy that will be used by the APT (debian) and PIP (python) handlers to install dependencies when upgrading
  • A DNS server that will be used by the virtual machine. DNS is used for domain name resolution in DC Netscope

Misc

This section contains various options, including

  • update DC Netscope manually
  • reset the pre-computed data (cache) for DC Netscope visualisations
  • reset the pre-computed data (cache) for DC Netscope heatmaps
  • reset the pre-computed data (cache) for the daily DC Netscope data

When changing time zones, we recommend the following steps:

  • reset the pre-computed data (cache) for the daily DC Netscope data
  • reset the pre-computed data (cache) for DC Netscope visualisations
  • reset the pre-computed data (cache) for DC Netscope heatmaps

International

This section allows you to change the regional settings of DC Netscope:

  • the keyboard used in the VM Ware console of the DC Netscope virtual machine
  • the time zone in which the DC Netscope virtual machine is located

When changing time zones, we recommend the following steps:

  • reset the pre-computed data (cache) for the daily DC Netscope data
  • reset the pre-computed data (cache) for DC Netscope visualisations
  • reset the pre-computed data (cache) for DC Netscope heatmaps