Configuring Application Fingerprinting Quick Steps for Configuring AFP
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 30-4
Quick Steps for Configuring AFP
The following quick steps provide a brief tutorial for configuring Application Fingerprinting to monitor
and profile host applications on the network:
1 Use the app-fingerprint admin-state command to globally enable Application Fingerprinting func-
tionality on the switch:
-> app-fingerprint admin-state enable
2 Use the app-fingerprint port command to enable AFP functionality on one or more switch ports or
link aggregates. Once enabled, IP traffic received on the port is sampled and compared to application
REGEX signatures that reside in an ASCII text file on the local switch. For example, the following
command enables AFP on port 1/1/23 to monitor and identify IP packets that match the REGEX
signatures in the “my-p2p” application group:
-> app-fingerprint port 1/1/23 monitor-app-group my-p2p
Monitoring is one of three operational modes supported on AFP ports. See “Application Fingerprint-
ing Modes” on page 30-6 for more information.
3 Optional. By default, the “app-regex.txt” file located in the “/flash/app-signature/” directory on the
switch contains the REGEX signatures to which IP flows are compared. To specify a different filename
for the signatures, use the app-fingerprint signature-file command. For example:
-> app-fingerprint signature-file app2_regex.txt
4 Optional. Use the app-fingerprint reload-signature-file command to load the contents of a new or
updated application signature file into switch memory. For example:
-> app-fingerprint reload-signature-file
5 Optional. Use the app-fingerprint trap command to enable trap generation when an IP flow matches
an application signature. For example:
-> app-fingerprint trap enable
Note. Optional. Verify the Application Fingerprinting configuration using the show app-fingerprint
configuration and show app-fingerprint port commands. For example:
-> show app-fingerprint configuration
Admin-state: Enabled,
SNMP Trap: Enabled,
Signature File: app-regex.txt
-> show app-fingerprint port
Legend: * = Port or App-Group is invalid
Port Operation Mode App-group/Policy-list
--------+----------------+----------------------------------------
1/1/23 Monitoring my-p2p
1/1/24 QoS list1
1/1/25 Unp UNP
See the OmniSwitch AOS Release 8 CLI Reference Guide for information about the fields in this display.
To Next Page
Loading...
Need help?
General
