User Guide 19.11 documentation

This Page

Licensing and Upgrades

Deployment Mode

Single Probe: Stand-alone Appliance

SkyLIGHT PVX in stand-alone mode is a single unit which analyzes the traffic, stores the statistics, and presents the data through an interface.

Multiple Probes: Distributed Architecture

SkyLIGHT PVX in a distributed mode will capture and analyze traffic in several physical locations through distinct appliances called “Captures”. They can be either physical or virtual appliances, which send their statistics to a central SkyLIGHT PVX unit called the “DataStore”. All of the data is aggregated into a single database and accessed through a single Graphical User Interface.

Licensing Model

Whether you have one local Capture or several remote ones, what is taken into account for the sizing is the amount of data processed by the central datastore.

Therefore, the licensing model has only one and simple criterion: the central database capacity in terms of number of flow analysis. There are different versions in the SkyLIGHT PVX product range with the following capacity levels.

Product Range and Platform

1. Hardware Appliances (1U & 2U Servers)

This product line is based on hardware appliances specifically tuned for high performance rates. The range of appliances available makes it possible to provide an adequate solution for all sizes of situations.

The hardware appliances only come in two versions:

  • The Full version enables administrators to monitor all network, application of large datacenters, including redundant ones and dealing with multiple locations through a distributed architecture. You will find below the recommended hardware depending on the amount of traffic to be analyzed.
  • Capture is a specific version for distributed environments that acts as a remote analysis point. One or several Captures can be positioned on different locations of your network to work in conjunction with a central DataStore.
_images/HardwareSpecifications-shadow.png

Hardware Appliance Range

2. Virtual Appliances (for VMware environments)

This product line is designed for virtualization servers in VMware systems. The range of appliances available makes it possible to provide an adequate solution for all sizes of situations, depending on the resources (CPU, memory and disks) allocated to the virtual instances.

The SkyLIGHT PVX virtual appliances come in several versions in order to accommodate different customer needs.

  • Full (Small, Medium, Large, ...) equipped with all features (just like for hardware versions).
  • Capture: remote probe for distributed environments.
  • Free: allows you to have some basic overview of the network level aspects on your traffic. Obviously, advanced features, application level, reporting, import/export features are not available, but... it’s free for one year.
  • Evaluation (alias Demo): free version that lets you test all of the features of the Full version for 15 days. After that period of time, it will automatically switch to the Free version.
  • Audit: this version is dedicated to our partners. With this version, valid for 15 to 30 days, they can provide value-added services to customers like performance assessments or in-depth usage audits.
  • Express: entry-level version designed for small network management and for small network assessments or audits. For a very affordable price, it enables administrators to control network and application usage and performance, even if some of the advanced features are not available.
_images/PV-Features-shadow.png

Complete SkyLIGHT PVX Range

Which version is the right one for me?

The simplest way is to deploy the Evaluation version. You will find a dedicated widget called Integrated and Truncated Rows located in the Flows dashboard. It displays the number of different flow analyzes integrated in the database over the time. You will then be able to determine, at a glance, what version best fits your for your specific traffic.

_images/dashboards_flows.png

Flows in the Dashboards page

_images/flows_integrated.png

Chart of the number of flows analyzed

Limits

Each SkyLIGHT PVX version supports a given number of flow analyzes. One flow analysis is either a set of exchanges between one client and one server for one application, or a layer 7 transaction.

If the data processed by the central datastore reaches the license limit, the system will still continue to work smoothly. An email alert will be sent to the administrator to make him/her aware that the limit has been reached.

A moving average over a period of one hour is used to determine if the licence limit is reached. This allows punctual, short data bursts. When the limit is exceeded, all flow analyzes will be ignored and will not be processed. In such a case, the result is that only a part of the total traffic will be analyzed. Flow analyzes start again once the hourly average goes back below the limit.

License and Upgrade Installation

Apart from the Evaluation version, virtual and physical appliances are not provided with a license key. The license key will be sent to you by email.

Each PV entity, whether virtual, Capture and DataStore (see Distributed Architecture) needs a specific license. The licenses are specific to a given hardware serial number (the device id), so that each device must be sent its own license package.

Note

With this system, you can transform an APS into an APP or an APS Free into an APS express for example. However, when you transform any APP probe into a non-APP, you must do a format_data_disk command after installation to be able to save captured data. (See Pulsar)

The same procedure must be performed for all the entities either for license or upgrades. Please follow the steps below:

  1. Connect to the FTP server of the probe with the default password. You can change this password using Pulsar.
user: ftp
password: S3c7r!
  1. Upload (put) your license or upgrade file.
_images/ftp_licenses.png

Filezilla uploading a license file

Wait a few minutes and it’s done! The installation is complete when the license key is no longer available anymore when you refresh the destination folder lists.

Check your license or new version with the status or capture commands. For upgrades, please redo the same procedure on all the entities.

Warning

To complete the upgrade, a reboot of all the probes is mandatory (use the reboot command in Pulsar or the button in the GUI).

Note

Security

The FTP access is writable only (no read). It only allows to put a SkyLIGHT PVX signed and encrypted file. This file will be automatically moved, checked and executed by an internal process.

The upgrade packages can now also be uploaded on the Nodes Management page. Once uploaded (using the Upgrade Package button), you may push this installation package to each registered node directly via the web interface.

_images/nodes_upgrade-shadow.png

The upgrade package has been uploaded and can now be dispatched to selected nodes (using the Upgrade button).

Check the license or upgrade

The status of the license can be validated in Pulsar with the “capture” command.

_images/validate_license-shadow.png

Pulsar: the ‘capture’ command.

You can also check these informations through the web interface, in the Nodes Management page of the Configuration section. The page displays the PV version and License status of each capture. See if your upgrade or license was correctly installed.

_images/validategraphic_licence-shadow.png

Nodes Management page: we can see that the licese is invalid.

© Copyright 2020, Accedian.