The NetScope service allows you to create your own traffic classes based on criteria that you determine. Traffic classes filter specific Internet or WAN traffic based on the following types of traffic:
- IP address or address range. E.g. 10.0.0.5, or 10.0.0.0/8.
- Port number, Source and/or Destination. E.g. port 80 (HTTP), port 22 (SSH).
- Application type (NetScope uses deep packet inspection). E.g. Skype, Email, Bittorrent, OpenVPN.
- Website address. E.g. youtube.com, yahoo.com, google.com, twitter.com, facebook.com.
- VLAN number.
You can create a new policy or edit an existing policy by selecting ‘Policy Manager’ from the top menu in the NetScope Web user interface.
- Select ‘Policy Manager’ from the top menu.
- Choose the policy you would like to edit. Alternatively you can Import, Duplicate or create a New policy.
- Click ‘Open’.
The next window that opens will be the ‘Policy Editor’ where changes can be made to the policy.
- On the left hand side is a list of the current traffic classes for this policy. All traffic classes in this example are listed under ‘Link’, and are therefore a ‘child’ of ‘Link’. You can created nested traffic classes to organise traffic in more detail. E.g. Under the traffic class ‘Web’ you could create a traffic class ‘Adobe’ in which only Web traffic to the Adobe site is shown.
- In the middle is listed each traffic class in more detail. It is this middle pane where you specify details of the traffic class you create / edit.
You may create a new traffic class to match Internet traffic of any type.
- Choose the parent of the new class, in this example we want the new class to fall under ‘Link’. As mentioned before, you can create a sub-class of any existing traffic class.
- Select ‘New’ from the side menu.
Enter your new Traffic Class name.
Once the new Traffic Class is created you need to add rules to match the traffic you’re interested in.
- Select the traffic class you have just named. In this case it’s called ‘New Traffic Class’.
- Expand both Inbound and Outbound. These are the direction filters, that is, Inbound is a match on traffic passing from the Internet to your network and Outbound is traffic passing from your network to the Internet.
- Select ‘Add Traffic Filter’ to create a new rule.
After you add a traffic filter you then choose how you’d like to match the traffic. The choices are:
- Source/Destination Address (matching via IP or subnet),
- Source/Destination Port (matching via port number),
- Protocol (TCP, UDP, ICMP etc – Layer 4),
- Application Type (Facebook, Bittorrent, Email, Web etc – Layer 7 Deep packet inspection),
- Domain (Match by Website domain, such as yahoo.com, news.com, netscope.com.au),
- DSCP value or,
- VLAN (Useful for matching based on VLAN tags over the WAN).
In this example we’re matching on Application Type ‘Spotify’.
- Select the drop-down list under ‘App’.
- Scroll down to the Application you would like to match.
NOTE: In most cases the Outbound direction will be the same match. So repeat this for the Outbound direction.
If network traffic is common to more than one traffic class on the same level in the class hierarchy then the traffic class which comes first in the list takes precedence. The position of a traffic class can be changed using the up and down arrows located above the list to the right side of the policy name.