Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

SSL and TCP Insight on NetScaler MAS

$
0
0

With the latest release of NetScaler MAS 11.1 build 51, Citrix now has some cool new enhancements to the Insight Module which allows us for instance to monitor SSL Transactions/Ciphers/Protocol and such under Web Insight so we can see more in detail how SSL is behaving and such.

We also have some new enhancements with TCP Insight which allows us to see more in detail how TCP is behaving, so for instance it will allow us to check in more detail how a TCP profile is affetcing the performance.

So what do we need to have this feature enabled?

Now most of this is automatic setup when you add an instnace to MAS and define Insight for a couple of vServers that are SSL based which we want to monitor.

AppFlow enabled for a Virtual Server and make sure they are licensed correctly from within MAS. Have a forwarder defined to MAS UFLD enabled and a forwarder defind, this setting you can find under System > Auditing > ULFD Servers and define the MAS The following enabled on AppFlow settings on the MPX/VPX you want to monitor from
SSL and TCP Insight on NetScaler MAS
Last piece of the puzzle is to enable TCP insight on NetScaler MAS, which is a setting under System > Analytic Settings > Configure Features, and mark the checkbox under “Enable TCP Insight”

So now we just have to make some requests to the website and see what happens of AppFlow collection.


SSL and TCP Insight on NetScaler MAS

SSL Insight looks like this, it displays SSL information inside Web Insight on a server level. But we also have some more stuff stached away in the report pane which allows us to see more SSL transactions based.

And lastly there is TCP insight, which allows us to see TCP bandwidth going between Internet and Radio.


SSL and TCP Insight on NetScaler MAS

It can also show upstream/downstream of differnet interfaces and VLAN’s. Since this is my lab enviroment there isn’t much information to show.


SSL and TCP Insight on NetScaler MAS

Now this is a new feature, but I would like for Citrix to implement a form of “Configuration Advice” for TCP insight based upon what kind of traffic, bitrate and latency end-users are expecting. In stead of just showing stats.


Viewing all articles
Browse latest Browse all 12749

Trending Articles