ISNG QualCOTS v6x AG 733-1216

InfiniStreamNG Qualified COTS Software Appliance v6.
x
Administrator Guide
73 3- 12 16 R e v. C
Ap ri l 2 3, 2 02 0
NETSCOUT SYSTEMS, INC.

Westford, MA 01886
Telephone: 978.614.4000
Fax: 978.614.4004
Web: http://www.netscout.com
Use of this product is subject to the End User License Agreement available at http://www.NetScout.com/legal/terms-andconditions or
which accompanies the product at the time of shipment or, if applicable, the legal agreement executed by and between NETSCOUT
SYSTEMS, Inc. or one of its wholly-owned subsidiaries (“NETSCOUT”) and the purchaser of this product (“Agreement”).
Government Use and Notice of Restricted Rights: In U.S. government (“Government”) contracts or subcontracts, Customer will provide
that the Products and Documentation, including any technical data (collectively “Materials”), sold or delivered pursuant to this Agreement
for Government use are commercial as defined in Federal Acquisition Regulation (“FAR”) 2.101 and any supplement and further is
provided with RESTRICTED RIGHTS. All Materials were fully developed at private expense. Use, duplication, release, modification, transfer,
or disclosure (“Use”) of the Materials is restricted by the terms of this Agreement and further restricted in accordance with FAR 52.227-14
for civilian Government agency purposes and 252.227-7015 of the Defense Federal Acquisition Regulations Supplement (“DFARS”) for
military Government agency purposes, or the similar acquisition regulations of other applicable Government organizations, as applicable
and amended. The Use of Materials is restricted by the terms of this Agreement, and, in accordance with DFARS Section 227.7202 and FAR
Section 12.212, is further restricted in accordance with the terms of NETSCOUT's commercial End User License Agreement. All other Use
is prohibited, except as described herein.
This Product may contain third-party technology. NETSCOUT may license such third-party technology and documentation (“Third-Party
Materials”) for use with the Product only. In the event the Product contains Third-Party Materials, or in the event you have the option to
use the Product in conjunction with Third-Party Materials (as identified by NETSCOUT in the applicable Documentation), then such third-
party materials are provided or accessible subject to the applicable third-party terms and conditions contained in the “Read Me” or “About”
file located on the Application CD for this Product. To the extent the Product includes Third-Party Materials licensed to NETSCOUT by third
parties, those third parties are third-party beneficiaries of, and may enforce, the applicable provisions of such third-party terms and
conditions.
Open-Source Software Acknowledgment: This product may incorporate open-source components that are governed by the GNU General
Public License (“GPL”) or licenses that are compatible with the GPL license (“GPL Compatible License”). In accordance with the terms of the
GPL or the applicable GPL Compatible License, NETSCOUT will make available a complete, machine-readable copy of the source code
components of this product covered by the GPL or applicable GPL Compatible License, if any, upon receipt of a written request. Please
identify the product and send a request to:
NETSCOUT SYSTEMS, INC.
GNU GPL Source Code Request
310 Littleton Road
Westford, MA 01886
Attn: Legal Department
No portion of this document may be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine form
without prior consent in writing from NETSCOUT. The information in this document is subject to change without notice and does not
represent a commitment on the part of NETSCOUT. The products and specifications, configurations, and other technical information
regarding the products described or referenced in this document are subject to change without notice and NETSCOUT reserves the right,
at its sole discretion, to make changes at any time in its technical information, specifications, service, and support programs. All
statements, technical information, and recommendations contained in this document are believed to be accurate and reliable but are
presented "as is" without warranty of any kind, express or implied. You must take full responsibility for their application of any products
specified in this document. NETSCOUT makes no implied warranties of merchantability or fitness for a purpose as a result of this
document or the information described or referenced within, and all other warranties, express or implied, are excluded.
Except where otherwise indicated, the information contained in this document represents the planned capabilities and intended
functionality offered by the product and version number identified on the front of this document. Screen images depicted in this
document are representative and intended to serve as example images only.
Copyright © NETSCOUT 2009-2020. All rights reserved.
InfiniStreamNG Qualified COTS Software Appliance v6.x Administrator Guide

733-1216 Rev. C
ii
Contacting NETSCOUT SYSTEMS, INC.
Customer Support
The best way to contact Customer Support is to submit a Support Request:
https://my.netscout.com/pages/mcplanding.aspx
Telephone: In the US, call 888-357-7667; outside the US, call

+011 978-614-4000. Phone support hours are 8 a.m. to 8 p.m. Eastern Standard Time (EST).
E-mail: support@netscout.com
When you contact Customer Support, the following information can be helpful in diagnosing and
solving problems:
— Type of network platform
— Software versions
— Hardware model number
— License number and your organization’s name
— The text of any error messages
— Supporting screen images, logs, and error files, as appropriate
— A detailed description of the problem
Sales
Call 800-357-7666 for the sales office nearest your location.
Education and Training

Education and training resources including course listings, certification programs, webinars, and case
studies are available at:
https://www.netscout.com/netscout-university
Contents
iii
iv
Contents
Chapter 1 Product Overview
Scope of this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

About InfiniStreamNG Qualified COTS Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Approved Platforms for InfiniStreamNG Qualified COTS Appliances . . . . . . . . . . . . . . . . . . . . 1-2
Appliance Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Monitoring Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Manage Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Remote Management Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Network Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
InfiniStreamNG Qualified COTS Software Kit Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Chapter 2 Preparing the Hardware
Verifying Site Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

Installing the ASI NIC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
Connecting Management Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Cabling Network Capture Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
ASI NIC Port Cabling Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
Transceivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12
Installing a Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
Removing a Transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
SR Fiber Cable Lengths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
ASI NIC Interface LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
Connecting Extended Storage Units (ESUs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15
First Time Setup of InfiniStreamNG Qualified COTS Appliance and ESUs . . . . . . . . . . . . . . . . 2-15
Adding ESUs to an Already Running InfiniStreamNG Qualified COTS Appliance . . . . . . . . . . 2-16
Connecting Power and Powering Up Servers/Storage Enclosures . . . . . . . . . . . . . . . . . . . . . . . . . 2-17
Chapter 3 Installing InfiniStreamNG Appliance Software
Accessing the Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Connecting to the Appliance Locally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Connecting to the Appliance Remotely . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Using iLO for Remote Access to a HP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Using iDRAC for Remote Access to a Dell Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
Verifying BIOS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10
Preparing the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
Installing the Operating System and Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
Installing the InfiniStream Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
Running the Appliance Configuration Script (nGApplianceConfig.plx) . . . . . . . . . . . . . . . . . . . . . 3-23
v
Enabling PCIe Port Bifurcation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
Enabling Bifurcation on Dell PowerEdge Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
Enabling Bifurcation on HP ProLiant Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
Configuring the Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-27
Monitoring Data Capture on the InfiniStreamNG Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29
Confirming Data Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29
Analyzing Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30
Port to Interface Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30
Chapter 4 Customizing the InfiniStreamNG Appliance
Accessing the InfiniStreamNG Appliance using SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Creating Custom Login Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Configuring SSH Login Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Using the vi Text Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Configuring Authentication Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
Authentication Configuration Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
Configuring nGeniusONE Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Configuring RADIUS Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
Configuring TACACS+ Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Security Hardening Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Hardening Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Disabling Root Logins over SSH Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Disabling CTRL-ALT-DEL Keystroke for Rebooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Changing Log File Rotation Periods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Managing ICMP Timestamp Requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Secure Communication with nGeniusONE Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Using FIPS-Compliant Security Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Managing Appliance Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Time Synchronization Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Directing Log Messages to an External Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17
Configuring the InfiniStreamNG Appliance to Forward Log Messages . . . . . . . . . . . . . . . . . . 4-17
Configuring the External Syslog Server to Accept Log Messages . . . . . . . . . . . . . . . . . . . . . . . 4-18
Testing the Syslog Message Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20
Chapter 5 Upgrading or Restoring InfiniStreamNG Software Appliances
Upgrade Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

Upgrade Paths for InfiniStreamNG Qualified COTS Software Appliances . . . . . . . . . . . . . . . . . 5-2
Partitions and Data Preservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
File System Format Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Data Preservation for a Reinstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Partition Sizing and Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Custom Files to Back Up Before Reimaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Upgrading from nGeniusONE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Scheduling Automatic Software Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Configuring Remote Upgrade from nGeniusONE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
Upgrading Manually via Application Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
Application Update with .bin File Installer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
vi
Upgrading Manually via Reimage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13
Upgrading by Reimaging Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14
Verifying the Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verifying the Software Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verifying Running Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verifying Agent Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verify nGeniusONE Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verifying NTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Verifying RPM Packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
Verifying Disk Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
Verifying System/RAID Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
Post Upgrade Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17
Chapter 6 Performing System Maintenance
Restarting the InfiniStreamNG Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Safely Powering Down the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
Removing an ASI NIC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-4
Managing Store and Trace Files on the InfiniStreamNG Appliance . . . . . . . . . . . . . . . . . . . . . . . . . 6-5
InfiniStream Console / Performance Manager Trace Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5
nGeniusONE Decode View/Performance Manager Remote Decode Session Files . . . . . . . . . 6-6
About Data Aging Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6
Appendix ANetwork Listener Port Numbers
Communication Listener Ports Used with InfiniStreamNG Appliances . . . . . . . . . . . . . . . . . . . . . . A-1

Remote Management Listener Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3
Assigning an Alternate Communication Listener Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4
Reconfigure the nGeniusONE Server Listener Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4
Reconfigure the InfiniStreamNG Appliance Listener Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-5
vii
viii
Chapter 1
Product Overview
Scope of this Document

This document provides initial installation, configuration, and operation instructions for creating an
InfiniStreamNG software appliance with the features and functionality of any v6.x software release
using a Qualified Commercial-Off-the-Shelf (COTS) server hardware platform that you provide.
This chapter contains the following topics:
• "About InfiniStreamNG Qualified COTS Appliances" on page 1-2
• "Approved Platforms for InfiniStreamNG Qualified COTS Appliances" on page 1-2
• "InfiniStreamNG Qualified COTS Software Kit Contents" on page 1-4
1-1
About InfiniStreamNG Qualified COTS Appliances
NETSCOUT InfiniStreamNG appliances are intelligent deep packet capture and analysis appliances that
deliver dedicated, always on, monitoring and continuous capture capabilities for real-time and
back-in-time analysis. The appliances can be used with the nGeniusONE™ Unified Performance
Management platform to analyze all packets traversing the network for rapid problem isolation and
service delivery assurance.
InfiniStreamNG Software Appliances host Adaptive Service Intelligence™ (ASI) technology, a
high-performance deep packet inspection engine that analyzes network traffic in real-time and
generates highly scalable metadata that enables a comprehensive view of service, network,
application, and server performance across complex multi-tier, multi-domain service delivery
environments.
The appliances perform local real-time granular Layer 4-7 data mining as traffic crosses the wire,
eliminating the need for middleware and extensive backend processing while reducing management
traffic loads. In addition, the appliances capture, index and store packets crossing the wire for
comprehensive deep-dive forensic analysis activities.
InfiniStreamNG appliance software supports the following features:
• Multi-function platform operation: Real-time performance monitoring coupled with
continuous packet capture and recording increases the rate at which problems are
detected, diagnosed and resolved.
• Integration with nGeniusONE solutions: Provides the ability to work seamlessly with
nGeniusONE products to provide efficient top-down KPI-to-Flow-to-Packet analysis and
minimize mean time to resolution.
Note: InfiniStreamNG Qualified COTS appliances can run GeoProbe software and provide data to IrisView
servers; refer to InfiniStreamNG (Geo Mode) Deployment Guide for a list of supported models and instructions
for installing GeoProbe software.
• Real-time statistical monitoring and alerting: Enables users to know about potential
problems before they become business critical or affect end users.
• Industry leading decodes: Delivers detailed analysis down to the packet using unrivaled
decodes for well-known, complex, custom and web-based applications and services.
• Integration with high-performance hardware: Linux-based, security-hardened
appliances deliver reliable high-capacity data acquisition and storage capabilities.
Approved Platforms for InfiniStreamNG Qualified COTS Appliances

NETSCOUT has tested and verified the following hardware platforms to operate as InfiniStreamNG
Qualified COTS Appliance:
• HP Proliant DL Rack Servers such as DL360 Gen9 (1U), DL380 Gen9 (2U), DL380 Gen10
(2U), DL560 Gen9 (2U) and DL560 Gen10 (2U) platforms.
• Dell PowerEdge Rack Servers such as R430 (1U), R730xd (2U), R740xd (2U), R940xa (4U),
and R940 (3U) platforms.
For detailed configuration options and requirements for these servers, as well as information on other
servers that may have been qualified for use as InfiniStreamNG Qualified COTS Appliance in addition
to those listed above, contact NETSCOUT SYSTEMS Product Management.
1-2 About InfiniStreamNG Qualified COTS Appliances

Appliance Ports
InfiniStreamNG Qualified COTS Appliances include capture ports and assorted management ports as
noted below:
Monitoring Ports
• Four 1/10 Gigabit ports or two 40 Gigabit ports (depending on the ASI NIC installed)
• Operate in promiscuous mode to capture traffic.
• Each port can receive a single flow by connecting directly to a network segment or receive
a stream of consolidated flows when connected to a switch port.
Manage Port
• 1 or 10 Gigabit port (varies by platform) recognized by the operating system as eth0
• Used by nGeniusONE server to communicate with the InfiniStream appliance and also used
for external access by administrators via SSH
Remote Management Port

• Dedicated 1-Gigabit port for remote management via third-party tools such as integrated
Dell Remote Access Controller (iDRAC) or HP Integrated Lights-Out (iLO)
Network Connections
Using taps or switch span ports, you can connect the appliance directly in most Ethernet
environments. InfiniStream appliances support the following:
• Monitoring on all network capture interfaces
• Recognition of ISL and 802.1Q VLANs
Product Overview 1-3

InfiniStreamNG Qualified COTS Software Kit Contents
When you purchase a InfiniStreamNG Qualified COTS Software kit, you receive the following items:
• ASI Network Interface Card (NIC) for monitoring/packet capture. The ASI NIC contains a
special firmware signature that permits it to be used as part of an InfiniStreamNG Qualified
COTS Appliance. A ground strap has been provided in the kit for installing the NIC.
Note: NETSCOUT InfiniStreamNG Qualified COTS appliances consume the same Type 1 licenses
within nGeniusONE as InfiniStream hardware appliances. For example, an InfiniStreamNG Qualified
COTS appliance equipped with a four-port ASI NIC consumes four Type 1 licenses. If you already
have other InfiniStream appliances in your network and you have available Type 1 licenses, you do
not need purchase any additional licenses from NETSCOUT to install and operate an InfiniStreamNG
Qualified COTS appliance.
• System Preparation DVD that verifies that the server hardware you supplied meets the
minimum InfiniStreamNG appliance system requirements. The software on this DVD also
configures the RAID controller and storage arrays used to store packet data.
• Restore/Operating System & Drivers DVD that installs a customized, hardened Linux
operating system and loads the device driver for the ASI NIC. This OS replaces any existing
operating system already installed on the server.
• Application CD that installs the InfiniStream application software which performs packet
capture and storage. The current kit contains both InfiniStream and GeoProbe application
software to support nGeniusONE, nGenius Business Analytics, and IrisView OAM
applications.
Instructions for installing the ASI NIC in the server hardware you purchased are provided in Chapter 2
"Preparing the Hardware". To transform the server into an InfiniStream appliance using the three
discs, perform the steps in Chapter 3 "Installing Software on InfiniStreamNG Qualified COTS Servers"
. For information on known limitations and workarounds when installing/operating software on an
InfiniStreamNG Qualified COTS Appliance, refer to the InfiniStreamNG Qualified COTS Software Appliance
Release Notes.
1-4 InfiniStreamNG Qualified COTS Software Kit Contents

Chapter 2
Preparing the Hardware
This chapter describes the steps required to physically prepare a server chassis to become an
InfiniStreamNG Qualified COTS appliance and contains the sections listed in Table 2-1. Perform the
procedures in each section before moving on to the next section as shown in the flowchart in
Figure 2-1.
Table 2-1 Sections in this Chapter
Section Description
"Verifying Site Requirements" on Describes space and power considerations for preparing your site prior to
page 2-3 installing an InfiniStreamNG Qualified COTS appliance.
"Installing the ASI Accelerator NIC" Provides general instructions for installing the ASI NIC supplied in the
on page 2-4 InfiniStreamNG Qualified COTS Appliance kit. For more detailed instructions
on installing adapters in the server you purchased, refer to the
documentation for that server.
"Connecting Management Ports" Describes how to make network or local connections for managing the
on page 2-5 InfiniStreamNG appliance. To access the InfiniStreamNG operating system
for the initial configuration described in Chapter 3, "Installing Software on
InfiniStreamNG Qualified COTS Servers", you can use the remote
management port.
"Cabling Network Capture Describes how to connect the monitor interfaces on InfiniStreamNG
Interfaces" on page 2-9 appliance for packet capture.
"Connecting Extended Storage Provides requirements and cabling instructions/diagrams for connecting
Units (ESUs)" on page 2-15 optional extended storage units to expand the storage capacity of the
InfiniStreamNG appliance.
"Connecting Power and Powering Provides basic instructions for cabling power and powering up your server.
Up Servers/Storage Enclosures" Refer to the documentation supplied with your server for more detailed
on page 2-17 instructions.
Once the server hardware is prepared, continue with the software installation and configuration
procedures provided in Chapter 3, "Installing Software on InfiniStreamNG Qualified COTS Servers".
2-1
START
Determine that your environment

meets the server hardware’s
requirements by Verifying Site
Requirements for space, power, etc.
Provide packet capture interfaces by

Installing the ASI Accelerator NIC
into a full height PCIe slot
Attach network cables for system

management as described in
Connecting Management Ports
Attach cables for network

monitoring and packet capture by
Cabling Network Capture Interfaces
(OPTIONAL) Expand storage capacity

using additional storage enclosures
as described in Connecting Extended
Storage Units (ESUs)
Connect the server to either an AC or

DC power source as described in
Connecting Power and Powering Up
Servers/Storage Enclosures
Once the hardware is prepared,

continue with Installing Software on
InfiniStreamNG Qualified COTS
Figure 2-1 Hardware Preparation Workflow
2-2
Verifying Site Requirements
Before you begin setup of the InfiniStreamNG Qualified COTS appliance, verify the following:
• Space available in a rack or equipment enclosure to fit the server chassis
• Proximity to patch panels or network switches to connect network cables to the
InfiniStreamNG capture ports, Manage port, and Remote Management port
• Power available to run to the InfiniStreamNG appliance, either:
– A 110V or 240V AC power source, with two outlets available for the dual redundant
power supplies
– A -48V DC power source, with two sets of terminals available for dual redundant power
supplies
WARNING: Read all safety warnings and installation instructions in the documentation supplied with your
server before attempting to mount, install, or power up the server.
• Sufficient clearance space around all sides of the InfiniStreamNG appliance to allow the fan
to adequately exhaust air from the unit.
For site requirement information, refer to the documentation provided for your server, such as:
• HP DL360 Gen9: “Optimum Environment” section of the Setup chapter of the HP ProLiant
DL360 Gen9 Server User Guide
• HP DL380 Gen10: “Operational Environment” section of the Setup chapter of the HP
ProLiant DL380 Gen10 Server User Guide
• HP DL560 Gen10: “Operational Environment” section of the Setup chapter of the HP
ProLiant DL380 Gen10 Server User Guide
• Dell R430: Dell PowerEdge R430 Owner's Manual
• Dell R730xd: Dell PowerEdge R730 and R730xd Owner's Manual
• Dell R740xd: Dell EMC PowerEdge R740xd Installation and Service Manual
• Dell R830: Dell PowerEdge R830 Owner's Manual
• Dell R940: Dell EMC PowerEdge R940 Installation and Service Manual
• Dell R940xa: Dell EMC PowerEdge R940xa Installation and Service Manual
To mount your server in a rack, refer to the instructions provided in the rail kit provided with your
server, such as:
• HP DL360, DL380, or DL 560 (all generations): 2U Quick Deploy Rail System Installation
Instructions (rack-mounting videos are also available)
• Dell R430, R730xd, R740xd, R830, R940 or R940xa: Rack Installation sheet packaged with
the rail kit
Preparing the Hardware 2-3

Installing the ASI NIC
InfiniStreamNG Qualified COTS appliance software kits contain an ASI network interface card (NIC) that
must be installed in the server prior to installing the InfiniStream software. The ASI NIC requires an
available full height, half-length PCI expansion slot in the server.
To install this ASI NIC, perform the following steps:
Caution: Electrostatic discharge can damage electronic components.

Be sure you are properly grounded before beginning installing any
components in your server. A ground strap is provided in
InfiniStreamNG Qualified COTS appliance kits.
1 If necessary, power down the server.

2 Disconnect each power cord from the server.
3 If you have already installed the server in a rack, extend the server from the rack to gain
access.
4 Remove the chassis cover or access panel.
5 If the server is equipped with retainer bars or cages to hold expansion cards in place,
remove those devices.
6 Remove the expansion slot cover from the recommended PCI bus slot/riser listed in
Table 2-2.
Table 2-2 Recommended NETSCOUT ASI Slot Locations
4 x 10 Gigabit NIC 2 x 40 Gigabit NIC

Manufacturer Model PCI Slot PCI Slot
HP DL360 Gen9 Slot 1 N/A
DL380 Gen9 Slot 2 Slot 5 on riser1
DL560 Gen9 Slot 3 Slot 1 or 2
DL380 Gen10 Slot 2 on primary Slot 2 on primary

riser 2 riser 2
DL560 Gen10 Slot 2 Slot 2
Dell R430 Slot 1 N/A
R730xd Slot 5 Slot 4
R740xd Slot 1 on riser 3 Slot 1 on riser 3
R830 Slot 1 or 2 Slot 1 or 2
R940 Slot 2 Slot 2
R940xa Slot 2 on left riser Slot 2 on left riser
1. In order to provide slot 5, HP DL380 Gen9 servers need to be equipped with a HP

DL380 Gen9 Secondary 3 Slot GPU Ready Riser Kit (P/N 719073-B21).
2. To support bifurcation on 40 Gigabit ASI NICs, HP DL380 Gen10 servers should be

equipped with a x16/x16 GPU Riser Kit (P/N 826704-B21). To verify that bifurcation is
enabled on the server, refer to "Enabling PCIe Port Bifurcation" on page 3-25
3. To support bifurcation on 40 Gigabit ASI NICs, Dell R740xd servers should be equipped
with riser configuration 4. Note that 10 Gigabit ASI NICs do not support bifurcation but
can also be installed in a riser slot. To verify that bifurcation is enabled on the server,
refer to "Enabling PCIe Port Bifurcation" on page 3-25.
2-4 Installing the ASI NIC

7 If you need to install a riser in the server to provide the recommended slot, prepare that
kit now. Refer to the instructions provided with the riser kit.
8 Carefully insert the ASI NIC into the recommended slot/riser.
9 Secure the ASI NIC to the riser/slot using the screw provided. For NICs installed in risers,
insert the riser into the server chassis.
10 If necessary, replace the retainer bar or cage to hold the NIC in place.
11 Replace the cover or access panel.
12 If necessary, slide the server back into place on the rack.
13 Reconnect the power cords, but do not power up the server at this time.
For more detailed installation instructions for certain qualified platforms, refer to the following
documents:
• HP DL360 Gen9, HP DL380 Gen9 or HP DL560 Gen9: “Expansion Board Options” section of
the Hardware Options Installation chapter of the appropriate HP ProLiant Server User Guide.
• HP DL380 Gen10 or HP DL560 Gen10: “Expansion Slots” section of the Hardware Options
Installation chapter of the appropriate HP ProLiant Server User Guide.
• Dell R430, R730xd, R740xd, R830, R940 and R940xa: “Expansion Cards and
Expansion-Card Risers” section of the Installing and Removing System Components
chapter of the Dell PowerEdge Owner's Manual
Connecting Management Ports

1 Connect the Manage port to your network using a 1 or 10 Gigabit Ethernet link. The Manage
port is referenced as eth0 and its location on certain qualified servers is shown in
Figure 2-4.
Note: The Manage port is not required to be connected prior to installing InfiniStreamNG software.
During the software installation process, if the Manage port is connected to a network with an active
DHCP server, a dynamic IP address is automatically assigned to the Manage (eth0) port. If the
Manage port is not connected or no DHCP server is available on the network, then the server boots
with no IP address assigned to the Manage port. You can assign a static IP address after inserting the
Restore/Operating System & Drivers DVD, rebooting the server, and then navigating to
the opt/platform/nGIPSetup directory and running the command ./nGIPSetUp.plx.
2 Connect the Remote Management port to the network 1-Gigabit Ethernet link. The port’s
location on certain qualified servers is shown in the figures that follow.
Important: For Dell servers, there are two types of iDRAC licenses: Enterprise and Express. With an
Enterprise license, you can assign either the dedicated iDRAC port or a shared LAN port (the eth0 Manage
port) for iDRAC remote access. With an Express license, you are limited to sharing the Manage port for
remote access. Refer to "Changing iDRAC Network Settings" on page 3-7 for instructions on how to
determine which license is installed and whether you can use the dedicated iDRAC port.

Dell R430
Rear Panel
Manage Dedicated Remote

Port Management
(eth0) (iDRAC) Port
Dell R730xd
Rear Panel
Dedicated Remote Manage

Management Port
(iDRAC) Port (eth0)
Dell R830
Rear Panel
Manage
Port Dedicated Remote
(eth0) Management
(iDRAC) Port
Figure 2-2 Manage and Remote Management Ports on Qualified Intel Haswell/Broadwell Processor-based Dell Servers
2-6 Connecting Management Ports

Dell R740xd
Rear Panel
Dedicated Remote Manage Manage Use the nGApplianceConfig script to

Management Port Port select either LAN-0 (1 Gigabit) or LAN-2
(iDRAC) Port (10 Gigabit) (1 Gigabit) (10 Gigabit) as the eth0 Manage port
Dell R940
Rear Panel
Dedicated Remote Manage Manage

For both R940 and R940xa servers, Port
Management Port
Use the nGApplianceConfig script to (1 Gigabit)
(iDRAC) Port (10 Gigabit)
select either LAN-0 (1 Gigabit) or
LAN-2 (10 Gigabit) as the eth0
Manage port
Dell R940xa
Rear Panel
Manage Manage
Port Port Dedicated Remote
(10 Gigabit) (1 Gigabit) Management
(iDRAC) Port
Figure 2-3 Manage and Remote Management Ports on Qualified Intel Skylake Processor-based Dell Servers

HP DL360 Gen9
Rear Panel
Remote Manage
Management Port
(iLo) Port (eth0)
HP DL380 Gen9
Rear Panel
Remote Manage
Management Port
(iLo) Port (eth0)
HP DL380 Gen10
Rear Panel
Manage Remote Manage Use the nGApplianceConfig script to

Port Management Port select either LAN-0 (1 Gigabit) or LAN-4
(10 Gigabit) (iLo) Port (1 Gigabit) (10 Gigabit) as the eth0 Manage port
HP DL560 Gen9
Rear Panel
Manage Remote
Port Management
(eth0) (iLo) Port
HP DL560 Gen10
Rear Panel
10 Gigabit Remote
Manage Management
Port (iLo) Port
(eth0)
Figure 2-4 Manage and Remote Management Ports Certain Qualified HP Servers
2-8 Connecting Management Ports

Cabling Network Capture Interfaces
To cable the network capture (monitor) interfaces on InfiniStreamNG Qualified COTS software
appliances, perform the following steps:
1 Insert transceivers into the capture interfaces. Refer to the following sources for
assistance:
• "Transceivers" on page 2-12 includes procedures to help you install and remove
transceivers.
• "ASI Accelerator NIC Interface LEDs" on page 2-13 describes the LEDs located on ASI
NIC installed in the server.
2 Connect the InfiniStream platform to a network TAP or spanned switch port using available
monitoring ports as shown in "ASI Accelerator NIC Port Cabling Diagrams" on page 2-10.
Refer to the following sources for assistance:
• Refer to the documentation supplied with your TAP for information on how to use
that hardware to connect to your network.
• Each port on the InfiniStream appliance correlates to an interface number that
displays in nGeniusONE. "Port to Interface Mapping" on page 3-30 describes the
port-to-interface mapping scheme.
Note: When directing traffic to an InfiniStream appliance using TAPs, you are collecting bidirectional
traffic streams. The cables provided with NETSCOUT TAPs are labeled to indicate DTE (Out) and
DCE (In) sides of the traffic stream. When configuring the traffic flow on the InfiniStream appliance,
use the ports connected to DTE, DCE on the TAP to configure bidirectional flow.
3 If there is a firewall located between your InfiniStream appliance and a connecting

client/console (for example, the nGeniusONE Server), refer to "Communication Listener
Ports Used with InfiniStreamNG Appliances" on page A-1 and ensure required ports are
open for proper operation.

ASI NIC Port Cabling Diagrams
The figures in this section show the cabling for three types of duplex connections:
• Full duplex (FDX) for a 10 Gigabit NIC in Figure 2-5 or for a 40 Gigabit NIC in Figure 2-6
• Half duplex (HDX) for a 10 Gigabit NIC in Figure 2-7 or for a 40 Gigabit NIC in Figure 2-8
• Mixed duplex (MDX) for a 10 Gigabit NIC in Figure 2-9
Port 1 Port 2 Port 3 Port 4 Not

DTE DCE DTE DCE Used
(Out) (In) (Out) (In)
Interface (ifn) 3 Interface (ifn) 4
Figure 2-5 TAP Configuration: Four Port 10 Gigabit Full Duplex (FDX) Probe Mode
Port 2 Port 1 Not Port 1 Port 2 Not

DTE DCE Used DCE DTE Used
(Out) (In) (In) (Out)
Interface (ifn) 3 Interface (ifn) 3
Figure 2-6 TAP Configuration: Two Port 40 Gigabit Full Duplex (FDX) Probe Mode
2-10 Cabling Network Capture Interfaces

(ifn3) (ifn4) (ifn5) (ifn6) Used
Figure 2-7 Span Configuration: Four Port 10 Gigabit Half Duplex (HDX) Probe Mode
Port 1 Port 2 Not

Port 2 Port 1 Not
(ifn3) (ifn4) Used
(ifn4) (ifn3) Used
Figure 2-8 Span Configuration: Two Port 40 Gigabit Half Duplex (HDX) Probe Mode

(ifn3) (ifn4) DTE DCE Used
(Out) (In)
Interface (ifn) 5
Figure 2-9 Mixed Configuration: Four Port Mixed Duplex (MDX) Probe Mode

Transceivers
InfiniStreamNG Qualified COTS appliances contain an ASI NIC that let you configure capture interfaces
by inserting the appropriate transceivers.
Important: TAPs, cables, and transceivers are not included with the appliance. Contact NETSCOUT to
order these items. NETSCOUT does not support transceivers that are not supplied by NETSCOUT. Using
non-standard transceivers may cause operational problems with the appliance.
Table 2-3 lists the recommended minimum/maximum light levels and test wavelengths for NETSCOUT
fiber optic devices. Measure the light level input values at the device end of the TAP-to-Device cable
prior to connecting the cable to the device.
Table 2-3 NETSCOUT Fiber Optic Device Light Levels
Recommended Recommended
Device Input Device Input
Minimum Value Maximum Value
Device Type Mode Wavelength (nm) (dBm) (dBm)
1 Gigabit Ethernet SFP Multi-Mode 850 -17 0
Single-Mode 1310 -20 -3
10 Gigabit Ethernet SFP+ SR (Multi-Mode) 850 -15 -1
LR (Single-Mode) 1310 -10.3 +.5
Note: Light levels above 0dBm for SR and 1.5dBm for LR can damage the device transceivers.
40 Gigabit Ethernet Multi-Mode SR4 850 -7.6 2.4
Single-Mode LR4 1310 -5 2.3
Multi-Mode Bidi 850 -1.25 2.3

Installing a Transceiver
1 Pull the hinge on the transceiver connector so it is away from the transceiver interface.
2 Insert the transceiver connector into the port. A spring locking mechanism snaps the
connector into place.
3 Close the hinge to secure the transceiver connector in place.
4 Connect the appropriate TAP(s) and cable(s) to the NIC.
Removing a Transceiver
1 Grasp the hinge and gently pull it open to disengage the spring locking mechanism.
2 Slide the transceiver out of the port.
SR Fiber Cable Lengths

NETSCOUT multimode 10 Gigabit optical interfaces comply with IEEE 802.3-ae for an short-range (SR)
interface. Table 2-4 lists the cable lengths supported by the IEEE 802.3-ae SR interface.
Table 2-4 10 Gigabit Multimode (SR) Fiber Cable Lengths
Modal Bandwidth Best Case Distance

Data Rate Fiber Type @ 850nm (MHz-km) Range Specified (Meters)
9.95-10.3125 62.5/125μm MMF 160 2 – 26

Gbps
62.5/125μm MMF 200 2 – 33
50/125μm MMF 400 2 – 66
50/125μm MMF 500 2 – 82
50/125μm MMF (Laser-Optimized) 2000 2 – 300
ASI NIC Interface LEDs

Refer to Table 2-5 for a description of interface LEDs.
Table 2-5 Interface LED Color Coding
LED Type LED Color Status Interpretation
1/10 Gigabit SFP/SFP+ LEDs
Card Status LED None Off No power
Green On Normal operation
Yellow On Start-up condition, power supplies are working
Blinking Warning indication
Red On Start-up condition, card is checking power supplies
Blinking Fatal error occurred
Link Status LED Green Off Ethernet link is down or disconnected
On Link is up but no activity
Blinking Transmitting or receiving data

Table 2-5 Interface LED Color Coding (Continued)
LED Type LED Color Status Interpretation
40 Gigabit QSFP+ LEDs

(Dell R730xd, Dell R830, HP DL380 Gen9, or HP DL560 Gen9)
Channel Status None Off Channel link is down or disconnected

(one LED for each
10 Gigabit Green On Channel link is up but no activity
channel)
Orange On Transmitting or receiving data
Red On Error has occurred on the NIC
40 Gigabit QSFP+ LEDs

(Dell R740xd, Dell R940, HP DL380 Gen10 or HP DL560 Gen10)
Activity LED Green Off Ethernet link is down or the port is disconnected
On Ethernet link is up, but there is no traffic
Blinking Transmitting or receiving traffic on link
System LED None Off No power
Red On During start-up: Power is on. NIC is checking the

power supplies.
Blinking After start-up: Power is on. There is a fatal hardware

error. An entry is created in the NIC hardware log.
Yellow On During start-up: Power is on. Power supplies are

working.
Blinking There is a new entry in the NIC hardware log.
Green On The firmware is loaded and the NIC is running.
Figure 2-10 displays the position of the interface card LEDs.
1 Gigabit/10 Gigabit SFP/SFP+ 40 Gigabit QSFP+ 40 Gigabit QSFP+
Link Status #1 Port #2

Chanel Status 3, 2, 1, 0
Activity Port #1
Link Status #2
Activity Port #2
Link Status #3
Link Status #4 Port #1

Chanel Status 3, 2, 1, 0
Not used Card Status Not used System
Figure 2-10 ASI NIC Interface LEDs

Connecting Extended Storage Units (ESUs)
You can connect up to two Extended Storage Units (ESUs) to InfiniStreamNG Qualified COTS software
appliances in the following approved combinations:
• HP D3600 and D3700 Disk Enclosures connected to HP ProLiant DL Gen9 rack servers, and
HP D3610 and D3710 Disk Enclosures connected to HP ProLiant DL Gen10 rack servers.
Refer to the HPE D3000 Disk Enclosure User Guide supplied with the enclosure hardware for
detailed connection, configuration, and maintenance instructions.
• Dell MD1400 and MD1420 Storage Enclosures connected to Dell PowerEdge rack servers.
Refer to the Setting Up Your Dell Storage Enclosure and Dell Storage Enclosures Hardware
Owner's Manual supplied with the enclosure hardware for detailed connection,
configuration, and maintenance instructions.
When using ESUs with an InfiniStreamNG Qualified COTS appliance, keep in mind the following:
• Each ESU requires its own, dedicated RAID controller installed in the InfiniStreamNG
Qualified COTS appliance.
• All the disks in the ESU(s) should have the same storage capacity (for example, do not mix
4 TB and 6 TB disks in either the same ESU or within the pair of ESUs).
• When using a pair of ESUs, ensure that both ESUs contain the same number of disks.
• ESUs do not need to be fully populated with disks. However, a minimum of 3 disks
providing at least 12 TB of storage is required.
First Time Setup of InfiniStreamNG Qualified COTS Appliance and ESUs

Use the following procedure to connect ESUs to an InfiniStreamNG Qualified COTS appliance as part
of the initial installation:
Note: The instructions below assume you are installing the ESUs and the same time as the Qualified
InfiniStreamNG Software (COTS) Appliance. If you have already installed the appliance, use the
instructions provided in "Removing an ASI Accelerator NIC" on page 6-4.
1 If they are not already present in the InfiniStreamNG Qualified COTS appliance, install the
RAID controller(s). Follow the instructions in the server’s documentation for installing
expansion cards. Table 2-6 lists the recommended slot location(s) for the RAID controller
for certain approved platforms. If your server model does not appear in the table, contact
NETSCOUT Customer Support as described in "Contacting NETSCOUT SYSTEMS, INC." on
page iii.
Table 2-6 Recommended External RAID Controller Slot Locations
Manufacturer Model PCI Slots
HP ProLiant DL360 Gen9 Slot 3
DL380 Gen9 Slots 3 and 6
DL560 Gen9 Slots 3 through 7
DL580 Gen9 Slots 1 through 8

Table 2-6 Recommended External RAID Controller Slot Locations (Continued)
Manufacturer Model PCI Slots
Dell PowerEdge R430 N/A
R730xd Slots 2 and 3
R740xd Slots 2 and 3
R830 Slots 2 and 3
R940 Slots 6 and 7
R940xa Slots 4, 9, and 11
Note: Refer to the documentation and guidance provided by HPE and Dell for the location of internal
RAID controllers or any other PCI expansion boards. Ensure that the slot(s) used by these additional
PCI boards do not conflict with the slot required by the ASI NIC; refer to "Recommended NETSCOUT
ASI Accelerator Slot Locations" on page 2-4 for that slot.
2 Install the ESU(s) in a rack close to the InfiniStreamNG appliance.
WARNING: Read all safety warnings and installation instructions before you rackmount the ESUs or make
any power supply connections. Safety warnings are provided in the Compliance and Safety Warnings for
NETSCOUT Hardware Products available at:
https://my.netscout.com/mcp/AddlDocs/Pages/Technical-Documentation.aspx
3 Ensure that the InfiniStreamNG appliance and all ESUs are powered off.
4 Use SAS data cables to connect the ESU(s), following the instructions provided with the HP
or Dell storage enclosures.
Important: If you ever need to move the system, the ESUs must be reconnected to the same RAID
controller(s) on the InfiniStreamNG appliance as they were originally configured. NETSCOUT recommends
that you label the ESUs to indicate which RAID controller it is connected to for future reference.
5 Continue with the instructions in "Connecting Power and Powering Up Servers/Storage

Enclosures" on page 2-17 to wire the ESU power supplies and power on the hardware.
Adding ESUs to an Already Running InfiniStreamNG Qualified COTS Appliance

After completely installing a standalone (without ESUs) InfiniStreamNG Qualified COTS, including the
software installation described in "Installing Software on InfiniStreamNG Qualified COTS Servers" on
page 3-1, you can later add ESUs to the appliance as described in the steps below:
1 Install the RAID controller and ESU hardware as described in the previous section, "First
Time Setup of InfiniStreamNG Qualified COTS Appliance and ESUs" on page 2-15.
2 Power up the InfiniStreamNG appliance and connected ESU(s) as described in "Connecting
Power and Powering Up Servers/Storage Enclosures" on page 2-17.
3 Boot the InfiniStreamNG appliance from the System Preparation DVD provided in the
InfiniStreamNG kit as described in "Preparing the System" on page 3-18 to reinitialize the
RAID array to include the ESUs.
4 Install the application software from the Application DVD provided in the InfiniStreamNG
kit as described in "Installing the InfiniStream Application" on page 3-20 to recreate the
partitions on the storage drives.
Note: All stored data is lost when you repartition the appliance storage drives.
2-16 Connecting Extended Storage Units (ESUs)

Connecting Power and Powering Up Servers/Storage
Enclosures
The recommended configurations for InfiniStreamNG Qualified COTS software appliances call for the
server to be equipped with at least two power supplies for redundancy. To ensure power redundancy,
you must connect each supply to a power source. During normal operation, the power supplies share
the load between them. When one of the power supplies fails, the other supplies take on the full load
of the appliance.
WARNING: Read all safety warnings and installation instructions before you make any power supply
connections or perform any maintenance tasks on a power supply. Refer to the documentation supplied with
your hardware for detailed information.
To connect AC power to the InfiniStreamNG Qualified COTS appliance and power up the system,
perform the following steps:
1 Connect the power cords supplied with the server to sockets on the two power supplies at
the rear of the server.
2 Connect the other end of the power cords to an AC outlet.
3 Ensure that you connect power cords to both power supplies to avoid false system alarms
related to the power supplies.
4 If your server is connected to one or more ESUs, power on the ESU(s) first. Power on
the InfiniStreamNG appliance only after the ESUs are fully powered up. Wait a few minutes
for the units to power on completely before proceeding to the next step.
5 To power up the server, press the power button on the front of the server. If you have
connected a keyboard and monitor to the server, observe the messages that appear to
ensure the server is booting properly.
Important: If you purchased a platform equipped with DC power supplies, read and follow all safety and
cabling instructions provided by the power supply manufacturer. You must ensure the proper external input
power cables, connectors, and connection are used between the DC power supply and the power inputs.
Connection of DC-Mains should be accomplished only by a licensed electrician and in accordance with local
codes.
You are now ready to convert the server into an InfiniStreamNG Qualified COTS appliance by installing
the necessary software as described in "Installing Software on InfiniStreamNG Qualified COTS
Servers" on page 3-1.

2-18 Connecting Power and Powering Up Servers/Storage Enclosures
Chapter 3
Installing Software on InfiniStreamNG Qualified COTS
Servers
This chapter describes how to use the DVDs supplied in the InfiniStreamNG Qualified COTS kit to
install an operating system, drivers, and application software, and contains the sections listed in
Table 3-1. Use the procedures in this chapter to get a new InfiniStreamNG Qualified COTS appliance
configured and capturing data. Perform all the steps in each section before moving on to the next
section as shown in the flowchart in Figure 3-1.
Section Description
"Accessing the Appliance" on Describes both the local and remote management options available for
page 3-3 InfiniStreamNG Qualified COTS appliances.
"Verifying BIOS Settings" on Lists the BIOS settings to verify before attempting to install the
page 3-10 InfiniStreamNG appliance software.
"Preparing the System" on Discusses how to use the System Preparation DVD to verify that the server
page 3-18 meets the InfiniStreamNG appliance hardware requirements and also
initialize the RAID arrays on the system.
"Installing the Operating System Describes how to use the Restore/Operating System & Drivers DVD to install
and Drivers" on page 3-19 a customized, hardened Linux operating system on the server, as we ll as
installing the driver for the ASI NIC.
"Installing the InfiniStream Provides instructions for using the Application DVD to install
Application" on page 3-20 InfiniStreamNG application software, as well as information to help decide
which hard drive partitions you need for the consoles you plan to use with
the InfiniStreamNG appliance.
"Running the Appliance Describes how to run the nGApplianceConfig.plx script to configure IP
Configuration Script settings for the Manage Port, system time source settings, and the local
(nGApplianceConfig.plx)" on time zone for the InfiniStreamNG appliance.
page 3-23
"Enabling PCIe Port Bifurcation" Provides instructions for enabling bifurcation to enhanced performance on
on page 3-25 the latest generation of Dell (R740xd and R940) and HP (DL380 Gen10 and
DL560 Gen10) servers.
"Configuring the Agent" on Describes how to set basic options for the InfiniStreamNG agent using the
page 3-27 Agent Configuration utility. Refer to the detailed Agent Configuration Utility
for CDM/ASI Administrator Guide for complete reference on all agent options.
"Monitoring Data Capture on the Describes how to enable and confirm data collection on the InfiniStreamNG
InfiniStreamNG Appliance" on appliance using different consoles/applications, including nGeniusONE.
page 3-29
Once you have performed these installation steps, you can continue to Chapter 4, "Customizing the
InfiniStreamNG Appliance" for information on setting additional options.
3-1
START
Using Installing on a Installing on a

NO NO NO
monitor/keyboard attached HP Proliant DL Dell PowerEdge
to the server? server? server?
YES YES YES
Use the HP iLO interface Use the Dell iDRAC interface

and utility as described in and utility as described in
Using iLO for Remote Access Using iDRAC for Remote
to a HP Server Access to a Dell Server
Boot the server and check Refer to the instructions

the BIOS settings as supplied with your server
described in Verifying BIOS to remotely access the
Settings server
Boot the server from the ISO

file on the System
Preparation DVD for
Preparing the System
Boot from the

Restore/Operating System &
Drivers DVD for Installing the
Operating System and Drivers
Use the binary file on the

Application CD for Installing
the InfiniStream Application
Configure network settings by

Running the Appliance
Configuration Script
(nGApplianceConfig.plx)
If your server/NIC supports

bifurcation, you can take
advantage of it by Enabling
PCIe Port Bifurcation
Proceed with Configuring

the Agent for Monitoring
END
Data Capture on the
InfiniStreamNG Appliance
Figure 3-1 InfiniStreamNG Qualified COTS First-Time Software Installation Workflow
3-2
Accessing the Appliance
To access the InfiniStreamNG Qualified COTS appliance for initial configuration, you can access the
appliance in one of two ways:
• Connecting to the Appliance Locally attaching a keyboard and monitor to the hardware
• Connecting to the Appliance Remotely using a dedicated network interface and remote
access utility offered by the platform manufacturer
After the initial configuration of the appliance’s network settings, you can also connect to the appliance
remotely by establishing an SSH session with the Manage port and perform the following functions:
• Starting and stopping the appliance, services, and processes
• Running the nGApplianceConfig script to modify appliance configurations
• Installing service packs
• Collecting data for troubleshooting
Connecting to the Appliance Locally

1 Attach a keyboard and monitor to the appropriate ports on the hardware platform. Refer
to the HP or Dell documentation supplied with the hardware for more details.
2 Power up the hardware. Refer to the HP or Dell documentation supplied with the hardware
for instructions.
3 In the console window, press Enter until the login prompt appears.
Note: It can take a few minutes for the prompt to appear while the system powers up and BIOS
messages display. If the login prompt does not appear, the system has not completed power up. Wait
a few minutes and try again.
4 If prompted, log in to the server’s current operating system (instructions vary depending on
the OS pre-installed in the factory).
5 Once you are logged in, you are ready to start installing InfiniStreamNG appliance software
as described in "Preparing the System" on page 3-18.
Connecting to the Appliance Remotely

The hardware platforms described in "Approved Platforms for InfiniStreamNG Qualified COTS
Appliances" on page 1-2 offer built-in remote access utilities available using dedicated network
interfaces:
• HP ProLiant platforms provide the integrated Lights-Out (iLO) utility for remote access as
described in "Using iLO for Remote Access to a HP Server" on page 3-4
• Dell PowerEdge platforms provide the integrated Dell Remote Access Controller (iDRAC)
utility for remote access as described in "Using iDRAC for Remote Access to a Dell Server"
on page 3-7
Installing Software on InfiniStreamNG Qualified COTS Servers 3-3

Using iLO for Remote Access to a HP Server
If you are using a HP ProLiant server as the hardware platform for the InfiniStreamNG Qualified COTS
appliance, you can take advantage of HP iLO to:
• Monitor server health, including the server temperature and the status of fans, memory,
network connection, processors, power supplies, and internal storage.
• Remotely mount high-performance Virtual Media devices to the server (for example,
mounting your computer’s DVD drive so that you can install InfiniStreamNG appliance
software from DVDs inserted into your computer).
• Securely and remotely control the power state of the managed server.
• Monitor power consumption and server power settings.
For complete details on the capabilities and usage of HP iLO, refer to the appropriate HP iLO User Guide
for your server available online at the HPE Support Center at
https://support.hpe.com/hpesc/public/home/.
This section provides a basic set of instructions for using HP iLO to access the HP server in preparation
for installing InfiniStreamNG appliance software:
• "Determining/Changing HP iLO Network Settings" on page 3-4
• "Changing the Default iLO Username and Password" on page 3-5
• "Opening an iLO Remote Console Window and Booting the Server from a DVD" on page 3-6
Determining/Changing HP iLO Network Settings

To start using the HP iLO utility, you need to determine the pre-assigned ILO IP address, username, and
password assigned to your server. The pre-assigned username and password is located on a label
attached to the top front cover of the HP ProLiant chassis. To determine the pre-assigned ILO IP
address and change the address if desired, perform the following steps:
1 Attach a keyboard and monitor to the appropriate ports on the hardware platform.
2 If you have not already, connect a 10 Mbps or 100 Mbps Ethernet cable to the dedicated
iLO network port on the rear panel of the server. Refer to "Connecting Management Ports"
on page 2-5 for the location of this port.
3 Power up the hardware as described in "Connecting Power and Powering Up
Servers/Storage Enclosures" on page 2-17.
4 In the monitor window, the BIOS setup messages during system boot will display the iLO IP
address (assigned by a DHCP server by default) similar to that shown in Figure 3-2.
Figure 3-2 Determining the iLO IP Address During Boot
3-4 Accessing the Appliance

5 If you want to change the iLO IP address from DHCP-assigned to a static IP address, do the
following; otherwise, continue with "Changing the Default iLO Username and Password"
on page 3-5:
a When the HP ProLiant splash screen appears, press F9 to access the System Utilities.
b At the System Utilities screen, use the arrow keys to select System Configuration
and press Enter.
c At the System Configuration screen, use the arrow keys to select iLO Configuration
Utility and press Enter.
d From the iLO Configuration Utility menu, use the arrow keys to choose Network
Options and press Enter.
e From the Network Options menu, use the arrow keys to highlight DHCP Enable and
press Enter. Change the setting for this option to OFF and press Enter.
f Use the arrow keys to highlight IP Address and press Enter. When a window appears
that prompts you to “Enter your data”, enter a static IP address for the iLO network
interface and press Enter.
g Use the arrow keys to highlight Subnet Mask and press Enter. When a window appears
that prompts you to “Enter your data”, enter the appropriate subnet mask for the IP
address you typed previously and press Enter.
h Use the arrow keys to highlight Gateway IP Address and press Enter. When a window
appears that prompts you to “Enter your data”, enter the IP address for the default
gateway of the remote management network and press Enter.
i Press F10 to save the new static IP address values. When prompted to confirm the
changes, press Y to save the changes and exit, press N to discard your changes and
exit, or press ESC to cancel. If you save the changes, it take approximately 30 seconds
to reset the iLO interface.
j Once the iLO interface is reset, press ESC to exit the System Utilities and reboot the
server.
Changing the Default iLO Username and Password

1 From a computer that has network access to the iLO interface, open a web browser and
enter either the DHCP address you retrieved from the BIOS screen or the static IP address
you assigned to the iLO network interface in the URL field.
2 When a security warning appears, click Continue to this website (not recommended) to
access the iLO utilities.
3 At the iLO login screen, enter the pre-assigned username and password for your server.
The pre-assigned username and password is located on a label attached to the top front
cover of the HP ProLiant chassis. An example of this label is shown in Figure 3-3.
Figure 3-3 Label Showing Pre-Assigned HP iLO Username and Password

4 After you have logged in, you can modify/personalize the login information as follows:
a From the menu on left side of the screen, click on Administration to expand its
options and choose User Administration.
b From the list of Local Users, place a checkmark next to Administrator and click Edit.
c In the User Information fields, enter your new username in the Login Name field and
your desired password in the Password and Password Confirm fields.
d Click Update User to put the changes into effect the next time you or someone else
logs into the iLO interface.
Opening an iLO Remote Console Window and Booting the Server from a DVD
As an alternative to connecting a local monitor and keyboard, you can establish a remote console
connection with the HP server to directly access the server OS and to install InfiniStreamNG software
on the system. Using the remote console, you can virtually mount an InfiniStreamNG software DVD in
your local computer’s drive, boot the HP server from the DVD and install software over the network.
To open a remote console window to the server system prompt, perform the following steps:
1 If you have not already, open a web browser and enter the IP address assigned to the iLO
network interface in the URL field.
2 Log into iLO using the pre-assigned default credentials or if you have changed the
credentials, enter the customized username and password you assigned.
3 From the menu on left side of the screen, click on Remote Console to expand its options
and click Remote Console underneath it to view the Remote Console - Integrated iLO
Remote Console screen.
4 From the Launch tab page, click Launch under the Java Integrated Remote Console (Java
IRC).
5 When a Java security warning appears, click Continue.
6 When asked if you want to run the Java Integrated Remote Console application, click Run.
The iLO Integrated Remote Console window appears.
7 If you want to boot the HP server from a DVD inserted into your local computer, do the
following:
a From the Virtual Drives menu in the iLO Integrated Remote Console window, place a
checkmark next to Image File CD/DVD-ROM.
b In the Choose Disk Image File window, use the file explorer to select the appropriate
InfiniStreamNG appliance ISO software file on the DVD and click OK.
– COTS_revX_XX_XX-PREP.iso (System Preparation DVD)
– ngenius-datasource-6xx0G-restore-64bit.iso or
ngenius-datasource-6xx0J-restore-64Bit.iso depending on your server type
(Restore/Operating System & Drivers DVD)
c From the Power Switch menu, choose Reset to reboot the HP server. The server
maintains the iLO remote console session while it reboots.
d When the HP ProLiant splash screen appears, press F11 to access the Boot Menu.
e From the One-Time Boot Menu, use the arrow keys to select iLO Virtual USB 2 : HP iLO
Virtual USB CD/DVD ROM and press Enter.
8 Before installing the InfiniStreamNG appliance software, check the system BIOS settings as
described in "Verifying BIOS Settings" on page 3-10.

Using iDRAC for Remote Access to a Dell Server
If you are using a Dell PowerEdge server as the hardware platform for the InfiniStreamNG Qualified
COTS appliance, you can take advantage of Dell’s iDRAC interface to:
• View server health and monitor/control power usage.
• Inventory and monitor network adapters and storage subsystems.
• View sensor information such as temperature, voltage, and intrusion.
• Monitor CPU state, processor automatic throttling, and predictive failure, as well as view
memory information.
• Create and manage virtual disks (for example, mounting your computer’s DVD drive so that
you can install InfiniStreamNG appliance software from DVDs inserted into your computer
rather than using the server’s built-in DVD drive).
For complete details on the capabilities and usage of iDRAC, refer to the appropriate Integrated Dell
Remote Access Controller (iDRAC) User's Guide for your server available online on the Dell Support pages
at https://www.dell.com/support/home/us/en/04.
This section provides a basic set of instructions for using iDRAC to access the Dell PowerEdge server
in preparation for installing InfiniStreamNG appliance software:
• "Changing iDRAC Network Settings" on page 3-7
• "Changing the Default iDRAC Password" on page 3-8
• "Opening a iDRAC Remote Console Window and Booting the Server from a DVD" on
page 3-9
Changing iDRAC Network Settings

By default, Dell servers use DHCP to automatically assign an IP address to the iDRAC interface. To
assign a static IP address for iDRAC, perform the following steps:
Important: For Dell servers, there are two types of iDRAC licenses: Enterprise and Express. With an
Enterprise license, you can assign either the dedicated iDRAC port or a shared LAN port (the eth0 Manage
port) for iDRAC remote access. With an Express license, you are limited to sharing the Manage port for
remote access. The instructions below describe how to determine which license is installed and provide
instructions for selecting which port to use iDRAC remote access if you have an Enterprise license installed.
1 Attach a keyboard, monitor and mouse to the appropriate ports on the server.
2 Power up the hardware as described in "Connecting Power and Powering Up
Servers/Storage Enclosures" on page 2-17.
3 Watch the boot messages on the monitor and when prompted, press F2 to enter the
System Setup.
4 From the System Setup Main Menu, click iDRAC Settings.
5 From the iDRAC Settings menu, click Network.
6 The current network configuration is displayed. If you want to change the iDRAC IP address
from DHCP-assigned to a static IP address, do the following; otherwise, continue with
"Changing the Default iDRAC Password" on page 3-8:
a Change the setting for Enable DHCP to Disabled.
b In the Static IP Address field, enter an IP address for the server iDRAC network
interface.
c In the Static Gateway field, enter the IP address for the default gateway of the remote
management network.
d In the Subnet Mask field, enter the appropriate subnet mask for the IP address you
typed previously.

e Click Back to return to the iDRAC Settings menu.
7 To determine whether you have an Enterprise or Express iDRAC license installed on your
server, perform the following steps:
a From the iDRAC Settings menu, Click System Summary.
b Under Server Information, examine the value for iDRAC License.
– If Express is displayed, then the iDRAC network settings you assigned are
automatically mapped to the eth0 Manage port and you cannot configure/use
the dedicated iDRAC port. Click Back to return to the iDRAC Settings menu and
skip to Step 10.
– If Enterprise is displayed, then you can choose to either use the dedicated
iDRAC port or share the eth0 Manage port. Click Back to return to the iDRAC
Settings menu and continue with the next step.
8 To choose the port to use for iDRAC remote access, on the iDRAC Settings menu, click
Network.
9 Locate the NIC Selection menu under Network Settings and do one of the following:
• To use the dedicated iDRAC port for iDRAC remote management, choose Dedicated.
If you have not already, connect a 10 Mbps or 100 Mbps Ethernet cable to the iDRAC
network port on the rear panel of the server. Refer to "Connecting Management
Ports" on page 2-5 for the location of this port. Click Back to return to the iDRAC
Settings menu.
• To share the eth0 Manage port for iDRAC remote management, choose LOM1. Click
Back to return to the iDRAC Settings menu.
10 On the iDRAC Settings menu, click Finish to save your changes.
11 When a Warning dialog box appears, click Yes to confirm that you want to save the new
settings.
12 When a Success dialog box appears, click OK. To modify the iDRAC password, remain in the
System Setup menu and continue with the next section.
Changing the Default iDRAC Password

The factory default iDRAC username and password provided by DELL is username root and password
calvin. To customize your own password, perform the following steps:
1 From a keyboard, monitor and mouse connected the server, access the System Setup
configuration. If necessary, reboot the server and press F2 to enter the System Setup.
2 From the System Setup Main Menu, click iDRAC Settings.
3 Scroll down the menu and click User Configuration. The current User Name is displayed.
For support reasons, NETSCOUT recommends that you leave the username set to root.
4 In the Change Password field, enter a new password. Passwords can be 20 characters in
length, using both alphanumeric and many special characters. Refer to the appropriate
Integrated Dell Remote Access Controller (iDRAC) User's Guide for your server for complete
details on acceptable characters.
5 When a Message dialog box appears to verify the new password, retype the new password
and click OK.
6 Click Back to return to the iDRAC Settings menu.
7 On the iDRAC Settings menu, click Finish to save your changes.
8 When a Warning dialog box appears, click Yes to confirm that you want to save the new
settings.
9 When a Success dialog box appears, click OK.
10 On the System Setup Main Menu, click Finish to exit the setup.

11 When a Warning dialog box appears, click Yes to confirm that you want to exit the System
Setup and reboot the server.
When the server finishes rebooting, you can now access the iDRAC interface remotely from your
computer using the static IP address and customized password you configured from the local console.
Continue with the next section.
Opening a iDRAC Remote Console Window and Booting the Server from a DVD
1 Open a web browser and enter the IP address assigned to the iDRAC interface in the URL
field.
2 Log into iDRAC using the pre-assigned default credentials (username root, password
calvin) or if you have changed the credentials, enter the customized username and/or
password you assigned.
Note: Log in to the iDRAC interface with an account that possesses Administrator or Operator
privileges. The default root login account has Administrator privileges. For more information working
with iDRAC user accounts, refer to the appropriate Integrated Dell Remote Access Controller (iDRAC)
User's Guide for your server.
3 Click on the Server link in the left navigation pane of the web interface.
4 Click on the Console tab in the main body of the interface.
5 Click the link to Launch Virtual Console.
6 From the Virtual Console window, click the Virtual Media menu, select Connect Virtual
Media, and then select Map CD/DVD.
7 Do one of the following:
a If you are using a DVD and have not already inserted it to your local computer, do so
now. Select the letter associated with your local DVD drive and click Map Device.
b If you are using an ISO image that was copied to your hard drive, select the C: drive
and click Browse. Use the Open dialog to locate the ISO file on the drive and click
Open. In the Map CD/DVD dialog box, click Map Device. Possible names for the ISO
files are:
– COTS_revX_XX_XX-PREP.iso (System Preparation DVD)
– ngenius-datasource-6xx0G-restore-64bit.iso or
ngenius-datasource-6xx0J-restore-64Bit.iso depending on your server type
(Restore/Operating System & Drivers DVD)
After the selected drive/image is mapped to the server, you can boot from it as if though
the drive/ISO was located in the server itself.
8 From the Virtual Console Next Boot menu, select Virtual CD/DVD/ISO.
9 When prompted to confirm your Next Boot selection, click OK.
10 From the Virtual Console Power menu, select Reset System (warm boot).
11 When a Power Control dialog box appears, click OK to confirm that you want to reboot the
server and boot from the virtual drive. During the reboot, verify that Verify IPMI: Boot
to Virtual CD Requested is displayed and the messages Booting from Virtual Optical
Drive and Booting in insecure mode appear in the Virtual Console window.
12 Before installing the InfiniStreamNG appliance software, check the system BIOS settings as
described in "Verifying BIOS Settings" on page 3-10.

Verifying BIOS Settings
To ensure that InfiniStreamNG appliance software can be successfully installed on your hardware
platform, verify that the platform’s BIOS settings match the recommended values before attempting
the install. To verify the BIOS settings, perform the following steps:
1 Establish a remote console session with the server as described in "Accessing the
Appliance" on page 3-3.
2 Reboot the server.
3 Interrupt the boot process to access the System BIOS Settings.
4 Navigate through the various BIOS settings screens and compare the current settings to the
recommended settings.
• For HP ProLiant DL platforms, compare the settings against the values in Table 3-2.
• For Dell PowerEdge platforms, compare the settings against the values in Table 3-3.
5 If necessary, change the current BIOS settings to match the recommended value.
6 You are now ready to install InfiniStreamNG appliance software beginning with preparing
the server hardware as described in "Preparing the System" on page 3-18.
Table 3-2 Recommended BIOS/Platform Configuration (RBSU) Settings for HP ProLiant Servers
Recommended Value for InfiniStreamNG

Category Subcategory Setting Appliance
Service Options Processor Power and Utilization Monitoring Enabled
Memory Pre-Failure Notification Enabled
Shared Memory Communication Enabled
UEFI Serial Debug Message Level Disabled
UEFI Debug Shell Disabled
UEFI Assert Disabled
AHS PCI Logging Level Verbose Logging
PCI Express 64-Bit BAR Support Enabled
Memory Patrol Scrubbing Enabled
Memory Refresh Rate 1x Refresh
Advanced RAS Recovery Support Enabled
AHS Network Logging Enabled
High Precision Event Timer (HPET) ACPI Enabled

Support
BDAT ACPI Support Disabled
Processor Monitor/Mwait Support Enabled
Primary Riser PCIe x16 Bifurcation PCIe x16 Slot

NOTE: Additional BIOS configuration is
required to support bifurcation; refer to
"Enabling PCIe Port Bifurcation" on page 3-25
for more information.
3-10 Verifying BIOS Settings

Table 3-2 Recommended BIOS/Platform Configuration (RBSU) Settings for HP ProLiant Servers (Continued)

System Options Serial Port Embedded Serial Port COM1: IRQ4: I/O: 3F8h - 3FFh
Options
Virtual Serial Port COM2: IRQ3 I/O: 2F8h - 2FFh
USB Options USB Control USB Enabled
USB Boot Support Enabled
Removable Flash Media Boot Sequence External DriveKeys First
Virtual Install Disk Disabled
Embedded User Partition Disabled
Internal SD Card Slot Enabled
USB 3.0 Mode Auto
Processor Intel(R) Hyperthreading Options Enabled

Options
Processor Core Disable 0
Processor x2APIC Support Enabled
SATA Controller Embedded SATA Configuration Embedded SATA AHCI Support

Options
SATA Secure Erase Disabled
Virtualization Virtualization Technology Enabled

Options
Intel(R) VT-d Enabled
SR-10V Enabled
Boot Time Dynamic Power Capping Functionality Auto

Optimization
Extended Memory Test Disabled
Memory Fast Training Enabled
Memory Advanced Memory Protection Advanced ECC Support

Operations
Boot Options Boot Mode UEFI Mode
UEFI Optimized Boot Enabled
Boot Order Policy Retry Boot Order Indefinitely
Fibre Channel/FCoE Scan Policy Scan All Targets
UEFI Boot Order NetScout Hardened OS

Fedora
Generic USB Boot
Embedded SATA Port 2 HDD
Embedded LOM 1 Port 1 : HP Ethernet (IPv4)
Embedded LOM 1 Port 1 : HP Ethernet (IPv6)
Embedded SATA Port 1 HDD
Slot 3 : Smart Array P840 Controller
Slot 5 : Smart Array P841 Controller


Network Network Boot UEFI PXE Boot Policy Auto

Options Options
Network Boot Retry Support Enabled
Embedded LOM 1 Port 1 Network Boot
Embedded LOM 1 Port 2 Disabled
Pre-Boot Pre-Boot Network Interface Auto

Network
Settings DHCPv4 Enabled
IPv4 Address 0.0.0.0 Not set

IPv4 Subnet Mask
IPv4 Gateway
IPv4 Primary DNS
IPv4 Secondary DNS
Embedded UEFI Shell Embedded UEFI Shell Enabled
Add Embedded UEFI Shell to Boot Order Disabled
UEFI Shell Script Auto-Start Disabled
Shell Auto-Start Script Location Auto
Power Power Power Profile Choose one:

Management Management a) Balanced Power and Performance (when
running the appliance in ASI only mode)
b) Custom (when running the appliance in
Geo only mode or dual ASI+GEO mode)
Power Regulator Choose one:

a) Dynamic Power Savings Mode (when
b) OS Control Mode (when running the
appliance in Geo only mode or dual ASI+GEO
mode)
Minimum Processor Idle Power Core C-State C6 State
Minimum Processor Idle Power Package Choose one:

C-State a) Package C6 (retention) State (when running
the appliance in ASI only mode)
b) Package C6 (non-retention) State (when


Power Advanced Intel QPI Link Power Management Enabled

Management Power Options
Intel QPI Link Frequency Auto
(continued)
Intel QPI Link Enablement Auto
Energy/Performance Bias Balanced Performance
Maximum Memory Bus Frequency Auto
Channel Interleaving Enabled
Maximum PCI Express Speed Maximum Supported
Dynamic Power Savings Mode Response Fast
Collaborative Power Control Enabled
Redundant Power Supply Mode Balanced Mode
Intel DMI Link Frequency Auto
Performance Options Intel(R) Turbo Boost Technology Enabled
ACPI SLIT Preferences Enabled
Performance Advanced Node Interleaving Disabled

Options Performance
Tuning Options Intel NIC DMA Channels (IOAT) Enabled
HW Prefetcher Enabled
Adjacent Sector Prefetch Enabled
DCU Stream Prefetcher Enabled
DCU IP Prefetcher Enabled
QPI Snoop Configuration Home Snoop
QPI Bandwidth Optimization (RTID) Balanced
Memory Proximity Reporting for I/O Enabled
I/O Non-posted Prefetching Enabled
NUMA Group Size Optimization Clustered
Server Security Server Security One-Time Boot Menu (F11 Prompt) Enabled
Intelligent Provisioning (F10 Prompt) Enabled
Embedded Diagnostics Enabled
Embedded Diagnostics Mode Auto
No-Execute Protection Enabled
Intel(R) TXT Support Disabled
Secure Host Current Secure Boot Status Disabled

Configuration
Secure Boot Enforcement Disabled


PCI Device Enable/Disable Embedded LOM 1 : HP Ethernet 1Gb 4-port Enabled

331I Adapter - NIC
Embedded SATA Controller #1 : Intel SATA Enabled

Controller
Embedded SATA Controller #2 Enabled
Slot 1 : Network Controller Enabled
Slot 3: Smart Array P040 Controller Enabled
Slot 5: Smart Array P041 Controller Enabled
Server Availability ASR Status Enabled
ASR Timeout 10 Minutes
Wake-On LAN Enabled
POST F1 Prompt Delayed 20 seconds
Power Button Mode Enabled
Automatic Power-On Restore Last Power State
Power-On Delay No Delay
BIOS Serial Console and EMS BIOS Serial Console Port Physical Serial Port
BIOS Serial Console Emulation Mode VT100
BIOS Serial Console Baud Rate 57600
EMS Console Disabled
Advanced Advanced ROM Selection Use Current ROM

Options Options
Video Options Both Add-in and Enbedded Video Enabled
Embedded Video Connection Auto
Fan and Thermal Configuration Optimal Cooling

Thermal
Options Thermal Shutdown Enabled
Fan Installation Requirements Enable Messaging
Fan Failure Policy Shutdown/Halt on Critical Fan Failures
Extended Ambient Temperature Support Disabled
Advanced NMI Debug Button Enabled

System ROM
Options PCI Bus Padding Options Enabled
Consistent Device Naming CDN Support for LOMs Only
Mixed Power Supply Reporting Enabled

Table 3-3 Recommended System BIOS Settings for Dell PowerEdge Servers

BIOS Screen Setting Appliance
Memory Settings System Memory Testing Disabled
Memory Operating Mode Optimizer Mode
Node Interleaving Disabled
Snoop Mode Early Snoop
Processor Settings Logical Processor Enabled
QPI Speed Maximum data rate
Alternate RTID (Requestor Transaction ID) Setting Disabled
Virtualization Technology Enabled
Address Translation Services (ATS) Enabled
Adjacent Cache Line Prefetch Enabled
Hardware Prefetcher Enabled
DCU Streamer Prefetcher Enabled
DCU IP Prefetcher Enabled
Logical Processor Idling Disabled
Configurable TDP Nominal
X2Apic Mode Disabled
Dell Controlled Turbo Disabled
Number of Cores per Processor All
Processor 64-bit Support Yes
SATA Settings Embedded SATA AHCI Mode
Security Freeze Lock Enabled
Write Cache Disabled
Boot Settings Boot Mode BIOS
Boot Sequent Retry Enabled
Hard-Disk Failover Disabled
BIOS Boot Settings Boot Sequence Integrated NIC 1 Port 1 Partition 1: IBA XE Slot
Boot Option Enable/Disable 0100 v2334
Hard Drive C:
Hard-Disk Drive Sequence Integrated RAID Controller 1: PERC H730P

Mini(bus 02 dev 00)

Table 3-3 Recommended System BIOS Settings for Dell PowerEdge Servers (Continued)

Integrated Devices USB 3.0 Setting Disabled
User Accessible USB Ports All Ports On
Internal USB Port On
Integrated RAID Controller Enabled
Integrated Network Card 1 Enabled
I/OAT DMA Engine Disabled
Embedded Video Controller Enabled
Current State of Embedded Video Controller Enabled
SR-IOV Global Enable Disabled
OS Watchdog Timer Disabled
Memory Mapped I/O above 4GB Enabled
Slot Bifurcation Auto Discovery of Bifurcation

(refer to "Enabling PCIe Port Bifurcation" on
page 3-25 for more information)
Slot Disablement Slot 1 Enabled

Slot 2 Enabled
Slot 3 Enabled
Slot 4 Enabled
Slot 5 Enabled
Slot 6 Enabled
Serial Serial Communication Auto

Communication
Serial Port Address Serial Device1=COM2, Serial Device 2=COM1
External Serial Connector Serial Device1
Failsafe Baud Rate 115200
Remote Terminal Type VT100/VT220
Redirection After Boot Enabled

Table 3-3 Recommended System BIOS Settings for Dell PowerEdge Servers (Continued)

System Profile CPU Power Management Choose one:

Settings a) System DBPM (DAPC) (when running the
appliance in ASI only mode)
b) OS DBPM (when running the appliance in
Geo only mode or dual ASI+GEO mode)
Memory Frequency Maximum Performance
Turbo Boost Enabled
Energy Efficient Turbo Enabled
C1E Enabled
C States Enabled
Write Data CRC Disabled
Collaborative CPU Performance Control Disabled
Memory Patrol Scrub Standard
Memory Refresh Rate 1x
Uncore Frequency Dynamic
Energy Efficient Policy Balanced Performance
Number of Turbo Boost Enabled Cores for Processor 1 All

Number of Turbo Boost Enabled Cores for Processor 2 All
Monitor/Mwait Enabled
System Security Intel(R) AES-NI Enabled
TPM Security Off
Power Button Enabled
NMI Button Disabled
AC Power Recovery Last
AC Power Recovery Delay Immediate
UEFI Variable Access Standard
Miscellaneous Keyboard NumLock On

Settings
F1/F2 Prompt on Error Enabled
Load Legacy Video Option ROM Disabled
In-System Characterization Enabled - No Reboot

Preparing the System
As the first stage in installing software to create an InfiniStreamNG Qualified COTS appliance, you must
use the System Preparation DVD supplied in the InfiniStreamNG Qualified COTS kit or download the
PREP file from the My.NETSCOUT.com website. This preparation software does the following:
• Verifies that the server hardware meets the minimum requirements. For example, a
minimum of 12 TB of disk storage is required for an InfiniStreamNG appliance. If the
appliance is equipped with less than 12 TB of disk storage, the software installation halts.
• Configures the RAID controller and storage arrays
Note: If the server is equipped with two Solid State Drives (SSDs), only one SSD will be configured
as a RAID0 array and used as the operating system drive. The second SSD is not used in an
InfiniStreamNG Qualified COTS appliance.
• Checks for the presence of the correct, supported ASI NIC
Important: You must physically install the ASI NIC in the server BEFORE installing InfiniStream software.
If you attempt to prepare the system with no NIC present, the installation halts with an error message,
Error: NetScout NIC card not detected. If you try to use a NIC other than the one supplied in the
InfiniStreamNG Qualified COTS appliance kit, the installation halts with an error message, Error:
Unsupported NetScout NIC card.
To prepare the system hardware as the first stage of installing InfiniStreamNG appliance software,
1 If you have not already, establish a remote console session with the server as described in
"Accessing the Appliance" on page 3-3.
2 Insert the System Preparation DVD into your local computer’s drive or download the
COTS_revX_XX_XX-PREP.iso to the hASI NICard drive on your computer. Use the remote
management tool to create a virtual drive so that you can boot from the ISO file.
4 When the BIOS setup options appear, modify the boot options so that the server boots
from the DVD in the server or the ISO file that you mapped as a virtual drive.
5 Continue the boot process. The server extracts the ISO file, executes the preparation
scripts, and performs a series of hardware checks. This process requires approximately 10
minutes and does not require any input. When the process is complete, a summary is
displayed indicating the success or failure of the scripts. Figure 3-4 shows an example for
an HP DL380 server where the first two 2.5" SAS drives out of 24 are used as the operating
system drives (instead of a SSD drive).
Figure 3-4 Successful System Preparation on a HP DL380 without SSD Drives
6 Continue with "Installing the Operating System and Drivers" on page 3-19.
3-18 Preparing the System

Installing the Operating System and Drivers
As the second stage in installing software to create an InfiniStreamNG Qualified COTS Software
Appliance, you must use the Restore/Operating System & Drivers DVD supplied in the InfiniStreamNG
Qualified COTS Software kit or download the file from the My.NETSCOUT.com website.
This OS and driver software does the following:
• Installs a customized, hardened Linux operating system
• Loads the device driver for the ASI NIC supplied with the InfiniStreamNG Qualified COTS
appliance kit
Note: During the OS and driver installation, particularly on HP platforms, your screen may
go blank for approximately 20 seconds. This is normal and you should allow the
installation to continue uninterrupted.
As the second stage of installing InfiniStreamNG appliance software, perform the following steps:
1 If you have not already, establish a remote console session with the server as described in
"Accessing the Appliance" on page 3-3. Insert the appropriate Restore/Operating System &
Drivers DVD into your local computer’s drive or download the appropriate file listed in
Table 3-4 to the hard drive on your computer. Use the remote management tool to create
a virtual drive so that you can boot the server from the ISO file on your computer.
Table 3-4 Restore ISO File for Specific Qualified COTS Servers
For this Qualified COTS server... Use this Restore/Operating System & Drivers DVD disk/file
Dell PowerEdge R430, R730xd or R830 Disc labeled: For "G" and "H" Platforms
HP DL360 Gen9, DL380 Gen9 or DL560 Gen9 (or with no platform indication)
File on disc: ngenius-datasource-6xx0G-restore-64bit.iso
Dell PowerEdge R740xd, R940 or R940xa Disc labeled: For "J" Platforms
HP DL380 Gen10 or DL560 Gen10 File on disc: ngenius-datasource-6xx0J-restore-64Bit.iso
2 When the BIOS setup options appear, modify the boot options so that the server boots
from the DVD or ISO file that you mapped as a virtual drive.
3 Installation requires approximately 20 minutes. For the most part, the OS and driver
installation is entirely automated but it is still recommended that you monitor the status
messages that appear. For example, if you attempt to install the wrong operating system
on the server (such as the J platform disk/file on an earlier G or H platform), the error
message Unsupported platform, aborting installation appears.
Note: The installation attempts to assign a dynamic IP address to the Manage (eth0) port using
DHCP. If the Manage port is connected to a network with an active DHCP server, a dynamic IP
address is automatically assigned. If the Manage port is not connected or no DHCP server is available
on the network, then the server boots with no IP address assigned to the Manage port. You can assign
a static IP address after the server reboots by navigating to the opt/platform/nGIPSetup directory
and running the command ./nGIPSetUp.plx.
4 Press Enter to reboot the server when instructed by the on screen message. Allow the
server to reboot uninterrupted until a Linux OS login prompt appears.
5 Continue with "Installing the InfiniStream Application" on page 3-20.

Installing the InfiniStream Application
As the third and final stage in installing software to create an InfiniStreamNG Software Qualified COTS
Software Appliance, you must use the appropriate Application DVD supplied in the InfiniStreamNG
Qualified COTS Software kit or download the appropriate application file from the My.NETSCOUT.com
website.
This application installs the software that performs packet capture and storage. While installing this
software, you can:
• Define the file system format for packet storage
• Allocate space to data partitions that store records required for certain
consoles/applications such as nGeniusONE and nGenius Subscriber Intelligence
As the third and final stage of installing InfiniStreamNG appliance software, perform the following
steps:
1 If you are continuing the installation from "Installing the Operating System and Drivers" on
page 3-19, skip to Step 2; otherwise, establish a remote console session with the server as
described in "Accessing the Appliance" on page 3-3.
2 Log in as the root user to the appliance operating system using these default credentials:
Username: root
Password: netscout
Note: Use the default username and password the first time you log in to the operating system. After you have
completed installing the InfiniStreamNG appliance software, change the default netscout password.
If you want to change the root user password, enter passwd at the OS command line
interface. Enter the new password and confirm it. Choose a password that a dictionary does
not recognize.
3 Insert the Application DVD into your local computer’s drive or download the appropriate
file listed in Table 3-5 to the hard drive on your computer. Use the remote management
tool to create a virtual drive so that you can access this file in your computer.
Table 3-5 Application File for Specific Qualified COTS Servers
For this Qualified COTS server... Use this Application disc/file
File on disc: is-6xx0-xxx-eth.bin
Dell PowerEdge R740xd, R940 or R940xd Disc labeled: For "J" Platforms
HP DL380 Gen10 or DL560 Gen10 File on disc: is-6xx0-xxx-eth-j.bin
4 Navigate to the /opt/platform directory:

cd /opt/platform
5 Run the application mounting script to mount the DVD drive (either the local or a remote
virtual drive). The script automatically copies the InfiniStream application file to the /opt
directory:
./mount_app.sh
3-20 Installing the InfiniStream Application

6 When the script finishes running (may take several minutes), navigate to the /opt directory:
cd /opt/
Note: You must run the application installer file from the /opt directory. Do not copy this file to any
other directory such as /data, /metadata, /flow, /tmp, /home, or /opt/NetScout. If you try to run the
file from one of these directories, the installation fails and the file is deleted, forcing you to repeat the
process.
7 Launch the InfiniStreamNG application installer (refer to Table 3-5 for the appropriate file
name):
./is-6xx0-xxx-eth.bin
or
./is-6xx0-xxx-eth-j.bin
8 The installation script asks you to select your locale. Choose your language and press
Enter.
9 Press Enter on the Introduction screen.
10 Continue pressing Enter to read the End User License Agreement.
11 When prompted, press Y to accept the license agreement.
12 Choose the type of file system to use for the packet store partition. For new installations,
only the NetScout File System is supported. This file system that optimizes disk write and
retrieval performance for high-performance data recording and mining and stores packets
in a /raw partition.
13 The installation script asks you if you want to configure partitions on the InfiniStreamNG
appliance. For each partition, you can specify a size or accept the default size. For some
partitions, you can enter zero (0) to eliminate the partition entirely. These partitions are
located on the same drives used for packet storage. Because of this, the more space you
allocate for these partitions, the less space you will have available for packet storage. Use
Table 3-6 to help decide which partitions you need for the consoles/applications you plan
to use with the InfiniStreamNG appliance.
Note: On first time installations with v6.3 or later, you will be asked if the appliance is installed in an
Enterprise (default) or Service Provider network. The installer uses this network mode to optimize
packet storage on the appliance. If you choose Service Provider, an /archive partition is automatically
created with a fixed size (not configurable) to store certain mobile data. Once you choose the network
mode (Enterprise or Service Provider), the selection is preserved during future upgrades. To change
modes, you must reinstall the application software and choose to repartition the appliance.
14 The installation script displays a Pre-Installation Summary screen. Press Enter to continue.
15 Installation begins. The installer presents an Installation Complete message when finished.
Press Enter to exit the installation script and enter the following command to reboot the
InfiniStreamNG appliance:
shutdown -r now
Note: You can also install GeoProbe software on the InfiniStreamNG Qualified COTS appliance to provide
data to IrisView servers; refer to InfiniStreamNG (Geo Mode) Deployment Guide for instructions on enabling
this feature.
16 Continue with "Running the Appliance Configuration Script (nGApplianceConfig.plx)" on

page 3-23.

Table 3-6 InfiniStreamNG Partition Settings for this Release
Partition Description Default/Range
/xdr If the appliance will be configured to produce xDRs/ASRs (eXtended Data Default = 30% of
Records/Adaptive Session Records) and Conversation data for use by available storage.
nGeniusONE or nGenius Subscriber Intelligence, you MUST allocate an /xdr Range = 6 GB to 50% of
partition to store this session data. This partition can be eliminated if the available storage.
appliance will not be used to produce session data for use with those
applications. Enter 0 to eliminate.
An xDR stores metadata for mobile subscriber sessions. The nGenius Subscriber
Intelligence application uses mobile subscriber records to correlate mobile sessions
across multiple monitored legs. The more space you allocate to xDR storage, the
further back Subscriber Intelligence will be able to mine for mobile data session
correlation.
/metadata This partition is required for nGeniusONE, Performance Manager, and Default = 50 GB
InfiniStream Console features such as remote decode, data capture, and Range = 25 GB to 10% of
InfiniStreamNG trace file storage. available storage.
Set a size for this partition based on your anticipated usage listed below:
• nGeniusONE Decode View/Performance Manager Remote Decode stores
transient session data files in /data and <installdirectory>/rtm/pa/data. Although
these files are automatically removed when the decode session is closed, multiple
simultaneous decode sessions can also create temporary index files in the
/metadata partition consuming as much as 20 G of space.
• InfiniStream Console and Performance Manager users can save remote trace
files on the InfiniStreamNG appliance’s /metadata partition instead of
immediately moving mined packets to the InfiniStream Console system or
nGeniusONE Server, respectively.
Excluding the remote decode operations, files saved on this partition must be
managed manually. Users who anticipate heavy use of any of the above
features should increase the partition size to a greater percentage of the total
storage.
/asi This partition is dedicated to storing Adaptive Service Intelligence (ASI) Default = 50 GB
metadata. Range = 25 GB to 10% of
In releases prior to v5.5, ASI metadata was written to the /metadata partition. For available storage.
improved performance and to avoid contention for space in the /metadata partition
from saved trace and decode files, this partition is offered in new 6.x installations.
/flow This partition is required by the InfiniStream Console application. If you do not Default = 0 GB
use that application, you can eliminate this partition. Range = 1-35% of
InfiniStream Console users MUST allocate a /flow partition for the storage of RMON available storage.
data, 15-second flow records, and aggregated 5-minute statistics. All other users can Enter 0 to eliminate.
enter 0 to eliminate this partition or use the default value of 0 GB.
/data (XFS) or This partition is used for packet storage and is not configurable. Total remaining storage
/raw On XFS-formatted appliances, collected packets are stored in a /data partition. On space after space is
(NETSCOUT File NETSCOUT File System-formatted appliances, collected packets are stored in a /raw allocated to the other
System) partition. For new installations, only NETSCOUT File System formatted (/raw) partitions. Not
partitions can be created. configurable and cannot
be eliminated.
3-22 Installing the InfiniStream Application

Running the Appliance Configuration Script
(nGApplianceConfig.plx)
Important: InfiniStreamNG appliances automatically configure all Ethernet capture ports. Manual
configuration of capture ports is not required.
To configure your system, you will need to collect the following information:
• IP Configuration for the Manage Port, including IP address, subnet mask, and default
gateway
Note: You can assign either IPv4 or IPv6 (or both) addresses to the Manage (eth0) port, Gateway IP
address, and DNS server addresses. IPv6 addresses can be specified using one of five formats:
standard shortened, standard full, standard leading zero suppressed, short mixed notation, full mixed
notation. The last two formats (short mixed and full mixed notation) allow you to specify IPv4
addresses in IPv6 format.
• InfiniStreamNG appliance hostname

• Network domain name(s)
• DNS server(s) IP address
• Time synchronization options, such as NTP or PTPv2
1 If you have not already done so, establish a local or remote console connection to the
InfiniStreamNG Qualified COTS appliance. Log in as the root user to the operating system
using these credentials:
Username: root
Password: netscout
Note: Use the default username and password the first time you log in to the operating system. After
you log in the first time, change the default password.
2 Navigate to the /opt/NetScout/rtm/bin directory:

cd /opt/NetScout/rtm/bin
3 Stop any InfiniStream processes currently running:
./stopall
Run the ./PS command to list any NETSCOUT processes and manually kill any that remain
running. For example, if nsprobe is still running, run the command:
pkill nsprobe
4 Run the following script:
./nGApplianceConfig.plx
5 When asked if you want to continue, enter y and press Enter to continue. Then, follow the
prompts to enter the information you collected at the beginning of this procedure.
6 If you are prompted to select the LAN port to use as the eth0 Manage port (either a
1 Gigabit or 10 Gigabit port on the server), choose the port and press Enter. This option is
only displayed for the latest generation Dell and HP servers. For Dell PowerEdge R740xd
and R940 servers, the options are LAN-0 (1 Gigabit) or LAN-2 (10 Gigabit). For HP DL380
Gen10 servers, the options are LAN-0 (1 Gigabit) or LAN-4 (10 Gigabit). Refer to "Connecting
Management Ports" on page 2-5 to identify port locations on the server.

7 Indicate whether you want to assign an IPv4 address only, IPv6 address only, or both
address types to the Manage port and press Enter.
8 When prompted, enter a valid IPv4 or IPv6 address (depending upon your selection in the
previous step and press Enter.
Note: Supported formats for all IP addresses are:
• IPv4 dotted-decimal, such as 192.168.44.2
• IPv6 standard full format, such as 2001:0db8:1219:0000:0000:0087:aeb1:2be7
• IPv6 standard leading zero suppressed, such as 2001:db8:1219:0:0:87:aeb1:2be7
• IPv6 standard shortened, such as 2001:db8:1219::87:aeb1:2be7
• Full mixed notation for IPv4, such as ::ffff:192.168.44.2
• Short mixed notation for IPv4, such as ::192.168.44.2
9 Enter a valid subnet mask for the Manage port (required for IPv4 only) and press Enter.
10 Enter a valid gateway IP address for the Manage port and press Enter.
11 If you chose to assign both address types to the Manage port, repeat Step 8 and Step 10 for
the IPv6 address; otherwise, continue with the next step.
12 Supply a simple hostname for the appliance and press Enter.
13 Enter the domain name where the appliance’s Manage port is connected and press Enter.
14 Enter the IP address of a DNS server (nameserver). The script gives you the option of
entering multiple DNS server addresses to be used as backups in case the first DNS server
specified is unreachable.
15 Select the Time Source to be used for synchronization of the appliance’s system clock. You
can select from the options in Table 3-7.
.
Table 3-7 Time Source Options
Time Source Description
NTP You will be prompted to enter the IP address of one or more NTP servers. Servers are used as fallbacks in the
same order they are specified.
Note: Only IPv4 addresses are supported for specifying time sources; IPv6 addresses are not supported
PTPv2 Select the PTPv2 option. No further configuration required.

Note: In v6.2.2 and later releases, PTPv2 timing sources should not be used for Skylake processor-based Qualified
COTS appliances (such as Dell R740, Dell R940, Dell R940xa, HPE DL380 Gen10, and HPE DL560 Gen10 servers).
Use NTP for time synchronization on those servers.
16 Configure the appliance Time Zone.

17 When the script displays your settings, confirm that they are correct:
• If your settings are correct, enter y and press Enter to continue.
• If any errors are detected, enter n and press Enter. You can then re-enter your
settings.
18 When asked if you want to reboot, enter y and press Enter. The system automatically
propagates properties file changes and the appliance restarts.
Important: While the system is being reconfigured, you are unable to log in to the appliance. Do not
manually reboot the appliance during this period. Doing so can cause undesirable results.
19 Exit the console session, if desired.
3-24 Running the Appliance Configuration Script (nGApplianceConfig.plx)

Enabling PCIe Port Bifurcation
PCIe port bifurcation is a method to split an existing x16 bus slot/lane into two x8 lanes (x8x8) for
packet transmission across the bus. This type of bifurcation is supported by 2-port 40 Gigabit ASI NICS.
Note: Bifurcation is not needed nor supported on 4-port 1/10 Gigabit ASI NICs.
Use Figure 3-5 to determine if your 40 Gigabit ASI NIC supports bifurcation.
Supports Bifurcation Does Not Support Bifurcation
40 Gigabit 40 Gigabit 1/10 Gigabit

NIC NIC NIC
Figure 3-5 ASI NICs Supporting Bifurcation
Additionally, verify the FPGA version on the NIC as follows:

2 Log into the server operating system as the root user (default password is netscout).
3 Navigate to the /opt/NetScout/rtm/bin directory and run the ./localconsole command.
This opens the Agent Configuration Utility.
4 Enter option [11] to enter command line mode.
5 Enter the following command and examine the FPGA version value displayed:
get dump drvstats 0 adv
For 40 Gigabit NICs, the required version is 200-9512-09-10.
6 Exit command line mode and close the Agent Configuration Utility.
In order to achieve bifurcation, the NIC must be installed in the proper slots in the server and the
server BIOS must be configured. The steps required to enable bifurcation differ for Dell PowerEdge
and HP ProLiant servers.

Enabling Bifurcation on Dell PowerEdge Servers
With this InfiniStream software release, bifurcation is supported on the following Dell server models:
• Dell PowerEdge R740xd equipped with riser configuration 4. The ASI NIC should be
installed in slot 1 on the riser (x16, full height, full length slot) connected to Processor 1.
• Dell PowerEdge R940 or 940xa (no riser required) with the ASI NIC installed in slot 2 (x16,
full height, full length slot) connected to Processor 1.
To enable bifurcation for the NIC installed in these servers, perform the following steps:
3 Interrupt the boot process to access the System BIOS Settings.
4 Select Integrated Devices and then select Slot Bifurcation.
5 From the drop-down menu, choose Auto Discovery of Bifurcation. This allows the BIOS
to dynamically scan for the ASI NIC instead of relying on a specific slot configuration.
6 Save and exit the System BIOS Settings and allow the Dell server to continue booting.
7 To verify that bifurcation is enabled, log into the server operating system as the root user
and enter the following command:
lspci | grep apa
If two network controller entries are displayed, then bifurcation is enabled. If only one
entry appears, then bifurcation was not enabled properly; repeat this procedure.
Enabling Bifurcation on HP ProLiant Servers

With this InfiniStream software release, bifurcation is supported on the following HP ProLiant server
models:
• HP DL380 Gen10 equipped with x16/x16 GPU Riser Kit #826704-B21. The ASI NIC should
be installed in primary riser in Slot 2 (x16, full height, full length slot) connected to CPU 1
• HP DL560 Gen10 with the ASI NIC installed in Slot 2 (x16, full height, full length slot) of the
primary riser connected to CPU 1
To enable bifurcation for the NIC installed in an HP server, perform the following steps:
1 Establish a remote console session with the HP server as described in "Accessing the
3 When the HP ProLiant splash screen appears, press F9 to access the System Utilities.
4 At the System Utilities screen, use the arrow keys to select System Configuration and
press Enter.
5 At the System Configuration screen, use the arrow keys to select BIOS/Platform
Configuration (RBSU) and press Enter.
6 From the BIOS/Platform Configuration (RBSU) menu, use the arrow keys to choose PCI
Device Configuration and press Enter.
7 From the PCI Device Configuration menu, use the arrow keys to highlight PCIe Bifurcation
Options and press Enter.
8 Depending on the version of BIOS on the server, do one of the following"
• Change the setting for bifurcation to Enabled and press Enter.
or
• Select the slot containing the ASI NIC and change the setting from Auto to Bifurcate
and press Enter.
3-26 Enabling PCIe Port Bifurcation

9 Press F10 to save the new bifurcation setting. When prompted to confirm the changes,
press Y to save the changes and exit, press N to discard your changes and exit, or press ESC
to cancel.
10 Once the save is complete, press ESC to exit the System Utilities and reboot the server.
11 To verify that bifurcation is enabled once the system has booted, log into the server
operating system as the root user and enter the following command:
lspci | grep apa
If two network controller entries are displayed, then bifurcation is enabled. If only one
entry appears, then bifurcation was not enabled properly; repeat this procedure.
Configuring the Agent

InfiniStreamNG appliances use the nsprobe agent to monitor network traffic. This section describes
some basic agent options you should configure using the Agent Configuration Utility before using your
appliance; refer to the detailed Agent Configuration Utility for CDM/ASI Administrator Guide for complete
reference on all agent options.
You can also enable InfiniStream Console support in the Agent Configuration Utility (described below).
For information on how to use your appliance with the InfiniStream Console, see the InfiniStream
Console User Guide.
To configure the agent with settings for your environment:
1 Log in to the InfiniStreamNG appliance.
2 Navigate to the /opt/NetScout/rtm/bin directory and run the ./localconsole command.
This opens the Agent Configuration Utility.
3 In the Console window, enter the option number for Change Config Server Address and
press Enter.
4 Enter the IP address of the nGeniusONE server and press Enter. The Agent Configuration
Utility Main menu redisplays with the new address in the Change Config Server Address
option field.
5 (Optional) Enter the Change Read Community option number and press Enter.
Enter the new Read Community setting and press Enter.
6 (Optional) Enter the Change Write Community option number and press Enter.
Enter the new Write Community setting and press Enter.
Important: If you change the SNMP Read / Write community strings on your InfiniStreamNG appliance, you
must update the strings on the corresponding device listing in the nGeniusONE Device Configuration
window.

7 Configure additional options, including Software Options, Agent Options, and Security
Options.
Tip: InfiniStreamNG appliances can capture full packets up to 10,000 bytes.

However, you can use your available storage space more efficiently by configuring
an appropriate data capture slice size. The allowable range for slice size is 64 to
2048 bytes.
The ratio of small size (for example, 128 bytes) acknowledgment packets to larger
data packets is roughly 1:3 or 1:5. By configuring a slice size of 128 bytes, you can
significantly increase appliance storage capacity.
If using InfiniStream Console software, the InfiniStreamNG appliance records the
smaller of the agent slice size and nGeniusONE slice size settings. If nGeniusONE is
not present, the InfiniStreamNG appliance records packets based on the agent slice
size. If you modify the packet recording slice size, this affects InfiniStream Console
data drilldown and mining. InfiniStream Console always bases its statistics on full
packet data.
8 When the InfiniStreamNG appliance is first installed, it is configured for use with
nGeniusONE only (nGeniusONE Managed enabled).
You can use the [9] Agent Options menu to change which consoles are supported. Toggle
flow collection for the [11] InfiniStream Console Support and/or the [14] nGeniusONE
Managed by entering the corresponding option numbers.
Important:
• The decision you make here directly affects performance. Simultaneous InfiniStream Console and
nGeniusONE/Performance Manager console flow recording is supported. However, performance is
optimized when only one or the other is enabled.
• InfiniStream Console logins are not authenticated locally on the InfiniStreamNG appliance if the
appliance has both InfiniStream Console and Performance Manager Console enabled. If both consoles
are enabled, the appliance automatically redirects InfiniStream Console login attempts to the
nGeniusONE server for authentication. With both consoles enabled, you only need to create user
accounts in the nGeniusONE user database.
• The appliance must have a /flow partition to be used with the InfiniStream Console.
• For security reasons, if the InfiniStream Console is not enabled, the port used for communication with
the InfiniStream Console client (IP listener port 4242) is automatically disabled on the InfiniStreamNG
appliance.
9 Select option 12 to reset the agent when you complete configuration.
Change the root User Password

For information on changing the root password on your InfiniStreamNG appliance, refer to "Accessing
the Appliance" on page 3-3.
Important: InfiniStreamNG appliances are installed with a built-in root/netscout account. You should
change the root account credentials. This is especially true if the SNMP Community Strings in place on the
appliance are easy to guess or left at their default values. If you do not change this account’s credentials,
there is a potential for unintended access to the appliance and its data.
3-28 Configuring the Agent

Monitoring Data Capture on the InfiniStreamNG Appliance
You can access data captured by the InfiniStreamNG appliance using either the nGeniusONE
dashboard/monitors or InfiniStream Console.
To add an InfiniStreamNG to nGeniusONE, perform the following steps:
1 Log into nGeniusONE.
2 Click the icon for Device Configuration.
3 With the Devices tab selected, click the Add button.
4 In the Add Device window, enter the required information to identify the InfiniStreamNG
appliance you just installed.
– For the IP address, use the InfiniStreamNG appliance Manage port IP address.
– From the Select Device Type menu, choose nGenius InfiniStreamNG.
– Choose the Communication Protocol used between the InfiniStreamNG appliance and
nGeniusONE server. If you choose HTTPS, refer to "Secure Communication with
nGeniusONE Servers" on page 4-13 for additional considerations.
– Ensure that the Read and Write Community strings match the values you configured for
the InfiniStreamNG during setup.
5 Click OK.
6 nGeniusONE learns the InfiniStreamNG appliance as a new managed device. Verify that the
InfiniStreamNG appliance is displayed in the Device Configuration window with an Active
status.
Confirming Data Collection

The InfiniStreamNG appliance is collecting traffic if:
• You can access data in the nGeniusONE dashboard/monitors or InfiniStream Console.
• For XFS formatted data partitions, you can verify that data is being collected by running the
following command, substituting the interface number for ifx:
ls -l /opt/NetScout/rtm/pa/data/tfa/ <systemIPaddress_ifx>
Files in the tfa directory increment in size as data is collected.
• /opt/NetScout/rtm/bin/PS shows the nsprobe process. For example, consider the bolded
nsprobe entry in the following sample output:
[root@CI5000 bin]# PS
user, pid, rss, vsz, pm, pc, command
root 1412 1660 27024 0.0 0.0 procmana
root 1413 1624 6472 0.0 0.0 tfaengin
root 1425 1788 28952 0.0 0.0 cleanupe
lighttpd 1760 2176 58012 0.0 0.0 lighttpd
root 1419 32709612 33692404 24.7 2390 nsprobe
root 1426 1852 23192 0.0 0.0 paservic
The nGeniusONE online help contains more information related to adding appliances and configuring
InfiniStream interfaces. You can access the online help by connecting a web browser to your
nGeniusONE server or by downloading the online Help from the MyNetScout.com website
(https://my.netscout.com/mcp/Pages/default.aspx).

Analyzing Network Traffic
After you add an InfiniStreamNG appliance to nGeniusONE or the InfiniStream Console, you can start
to analyze your network traffic. For example, you can:
• Configure devices and interfaces
• Launch views containing ASI/CDM data
• Capture and decode packets
• Create and schedule reports (nGeniusONE only)
Refer to the appropriate version of the nGeniusONE documentation and Online Help available on the
My.NETSCOUT.com website for additional information.
Port to Interface Mapping

Each port in the InfiniStreamNG appliance correlates to an interface number that displays in
nGeniusONE. The Manage port (eth0) correlates to nGeniusONE Interface 1, the Manage interface.
Table 3-8 displays port numbers, interface numbers and duplex modes based on the number of
monitor ports. For more information on changing the InfiniStreamNG appliance monitor port duplex
mode, see the Agent Configuration Utility for CDM/ASI Administrator Guide.
Table 3-8 InfiniStreamNG Interface, Port, and Duplex Matrix
Interface Mode 4-Port 1/10 Gigabit 2-Port 40 Gigabit 2-Port 100 Gigabit
(Duplex) Port # Interface # (ifn) Interface # (ifn) Interface # (ifn)
Half Duplex HDX 1 3 In/Out 3 In/Out 3 In/Out
2 4 In/Out 4 In/Out 4 In/Out
3 5 In/Out
4 6 In/Out
Full Duplex 1 3 Out 3 Out 3 Out

FDX
2 3 In 3 In 3 In
3 4 Out
4 4 In
Mixed Duplex 1 3 (HDX) Not supported Not supported

MDX
2 4 (HDX)
3 5 Out
4 5 In
3-30 Monitoring Data Capture on the InfiniStreamNG Appliance

Chapter 4
Customizing the InfiniStreamNG Appliance
This chapter describes InfiniStreamNG appliance options that let you fine-tune or maintain the
appliance’s operations but are not strictly necessary for the initial deployment of the appliance.
Table 4-1 lists the sections in this chapter.
Section Description
"Accessing the InfiniStreamNG Provides instructions for establishing a secure shell (SSH) session to the
Appliance using SSH" on page 4-2 InfiniStreamNG appliance using the PuTTY remote client.
"Creating Custom Login Provides instructions for creating messages that are displayed to users
Messages" on page 4-3 when they log into the InfiniStreamNG appliance using SSH.
"Security Hardening Measures" on Describes how to modify configuration files or run custom scripts to enforce
page 4-10 more stringent security requirements on the InfiniStreamNG appliance.
"Configuring Authentication Describes how to configure the external authentication options for a
Options" on page 4-5 InfiniStreamNG appliance, including using nGeniusONE, RADIUS, or
TACACS+ to authenticate users trying to access the appliance.
"Secure Communication with Discusses how to enable HTTP and HTTPS communication between the
nGeniusONE Servers" on InfiniStreamNG appliance and nGeniusONE server for better performance
page 4-13 and more secure communication.
"Managing Appliance Time Discusses how to manage the system timing source option you assigned
Synchronization" on page 4-15 using the nGApplianceConfig.plx script with other scripts.
"Directing Log Messages to an Provides instructions on how to forward log messages from an
External Server" on page 4-17 InfiniStreamNG appliance to an external syslog server.
4-1
Accessing the InfiniStreamNG Appliance using SSH
Once you have performed the InfiniStreamNG appliance initial configuration, you can later access the
appliance remotely to customize the system using a secure client. Because the InfiniStreamNG
Qualified COTS appliance runs on a hardened Linux operating system, you must configure a client such
as PuTTY on a Windows remote system to access the appliance. PuTTY is a client connection program
for the Secure Shell (SSH), Telnet, and Rlogin network protocols.
Note: By default, Telnet is disabled on InfiniStreamNG appliances.
To configure a PuTTY connection from a Windows remote system to InfiniStreamNG appliance:

1 Download PuTTY to the Windows remote system.
2 Open putty.exe to display the PuTTY Configuration dialog box.
3 In the Category list box, select Session.
4 Enter the hostname or IP address of the InfiniStreamNG appliance.
5 Select SSH as the Protocol.
6 In the Category list box, select SSH.
7 Select 2 as the Preferred SSH protocol version.
8 Click Open to display the PuTTY connection window.
9 Click Yes if the following message displays and you confirm that the InfiniStreamNG hostname
or IP address is valid:
The server's host key is not cached in the registry
Note: This message generally displays upon connecting for the first time from a specific Windows
remote system to the InfiniStreamNG appliance.
10 Log in as root user to the InfiniStreamNG operating system. The default values are as follows:
Username: root
Password: netscout
4-2 Accessing the InfiniStreamNG Appliance using SSH

Creating Custom Login Messages
By editing files on the InfiniStreamNG appliance, it is possible to display customized text banners that
appear during a SSH login into the appliance. Two options are available:
• Display a banner after the user enters a user name, but before they enter a password.
• Display a "message of the day" that appears after the user’s password is accepted.
Configuring SSH Login Messages

To create and enable messages that appear during the SSH login into an InfiniStreamNG appliance,
1 Log into the InfiniStreamNG appliance as the root user.
2 To create a banner that appears after the user enters their user name but prior to entering
a password, start a text editor program and create a new file named sshd-banner in the
etc/ssh directory. For example, enter the command:
vi /etc/ssh/sshd-banner
If you only want a message to appear after the user successfully authenticates, skip this step
and go to Step 3.
a Enter the text you want to appear in the login banner. For common editing
commands used by the vi text editor, refer to "Using the vi Text Editor" on page 4-4.
b Save your changes when done and exit the file.
c Open the sshd configuration file /etc/ssh/sshd_config using a text editor:
vi /etc/ssh/sshd_config
d Add/edit the following line in this file:
Banner /etc/ssh/sshd-banner
e Save your changes when done and exit the file.
f Restart the SSH server process:
/etc/init.d/sshd restart
3 To create a message of the day that appears after the user authenticates, enter the
command:
vi /etc/motd
4 Enter the text you want displayed to all users immediately after they successfully log in. For
common editing commands used by the vi text editor, refer to "Using the vi Text Editor" on
page 4-4.
5 Save your changes when done and exit the file.
6 Log out and log back in to verify your changes.
Customizing the InfiniStreamNG Appliance 4-3

Using the vi Text Editor
The nGenius InfiniStream supports the vi text editor, which you can use to modify files. Table 4-2 lists
some commonly used vi commands.
Table 4-2 vi Text Editor Commands
Action Command
Invoke vi to modify an existing file Navigate to the appropriate location and

enter:
vi <filename>
Example: vi /etc/ssh/sshd_config
Insert text 1 Locate your cursor at the insertion

point and press i.
2 Type the text. Press Enter only
when you want to create a new
paragraph. The vi text editor
includes a text wrap feature.
3 Press Esc after inserting text.
Delete text Insert Mode – Backspace or delete key

Overwrite Mode – x
Move cursor to the left h
Move cursor to the right l
Move the cursor down one line j
Move the cursor up one line k
Move the cursor to the beginning b

of a previous word
Move the cursor to the end of the e

next word
Save changes :w
Save changes and quit vi :wq
Quit vi without saving changes :q!
4-4 Creating Custom Login Messages

Configuring Authentication Options
By default, SSH logins are authenticated locally on the InfiniStreamNG appliance. You can configure
the appliance to use external authentication for these logins by editing configuration files on the
appliance. The following authentication methods are available:
Table 4-3 Authentication Options
Method Notes
nGeniusONE Server nGeniusONE is the preferred external authentication method:

• Offers optional integration with third-party servers
(RADIUS, TACACS+, LDAP, or Active Directory).
• Does not have limitations associated with the standalone
RADIUS/TACACS+ implementations described below.
RADIUS Server RADIUS/TACACS+ authentication requires that you add user

accounts to the local Linux operating system matching those set
TACACS+ Server up in the authentication server. Details are provided in the
individual configuration sections.
Authentication Configuration Summary

Table 4-4 summarizes the major steps in configuring authentication for SSH logins to InfiniStreamNG
appliances, and provides references to the sections with details on configuring each authentication
type.
Table 4-4 Authentication Configuration Summary
Step Summary
1. Configure Each type of authentication server has its own configuration file on the InfiniStreamNG
Authentication appliance:
Server • nGeniusONE: /etc/pmauth.config
Parameters
• RADIUS: /etc/radius_auth.config
• TACACS: /etc/pam.d/pam_tacacs_auth
Edit the file corresponding to the type of authentication server you want to use. You’ll need to
provide the server’s IP address as well as some additional settings that vary by server type.
Refer to the following sections for details:
• "Configuring nGeniusONE Authentication" on page 4-6,
• "Configuring RADIUS Authentication" on page 4-7
• "Configuring TACACS+ Authentication" on page 4-8
2. Specify Once you've configured the authentication server settings, you specify which type of
Authentication authentication you want to use for each login type by editing the SSH login file located in
Server Type /etc/pam.d/sshd.
The first line of the file specifies the authentication to use for the corresponding login type. It
should appear as follows for each authentication type:
• nGeniusONE (required for SSH logins only)
auth include pam_pm_auth
• RADIUS
auth include pam_radius_auth
• TACACS+
auth include pam_tacacs_auth
For SSH logins, you must add the appropriate line of text manually to the sshd file.
3. Add RADIUS / If you are using RADIUS/TACACS+ (versus nGeniusONE authentication), any account you want
TACACS+ Users in to authenticate must be defined with the same name in both the RADIUS/TACACS+
InfiniStreamNG authentication server and in the local InfiniStreamNG operating system.
Operating System Note: This limitation only applies to the standalone RADIUS/TACACS+ implementation. It does not
apply to nGeniusONE authentication.

Configuring nGeniusONE Authentication
Use this procedure to configure nGeniusONE authentication on the InfiniStreamNG appliance using
the pmauth.config file. The nGeniusONE server must be updated to the desired version before you
upgrade and configure your InfiniStreamNG appliance.
Note: This procedure does not affect nGeniusONE logins. nGeniusONE client logins always use
nGeniusONE authentication, optionally integrated with third-party servers (RADIUS, TACACS+,
LDAP, or Active Directory – see the nGeniusONE online help for details on integrating with third-party
authentication products).
To configure nGeniusONE authentication settings on the InfiniStreamNG appliance:

1 Log in to the InfiniStreamNG appliance with root privileges, either locally or in an SSH
window.
2 Change directories to /etc and open the pmauth.config file in a text editor (for example,
vi). For common editing commands used by the vi text editor, refer to "Using the vi Text
Editor" on page 4-4.
3 Edit the options shown in Table 4-5 in the pmauth.config file:
Table 4-5 nGeniusONE Authentication Options
Option in pmauth.config Value
<USEPMAUTH> Change to TRUE to force Sniffer Analysis and/or SSH logins to be authenticated
against the nGeniusONE server specified by the <PMIP> argument. This value is
not required for Sniffer Analysis logins when the InfiniStream Console option is
enabled in the Agent Options menu of the Agent Configuration utility. In that
case, Sniffer Analysis logins are automatically authenticated by the nGeniusONE
server that manages this InfiniStreamNG appliance.
<PMIP> Enter the IP address of the nGeniusONE server to be used for authentication.
This value is not required for Sniffer Analysis logins when the InfiniStream
Console option is enabled in the Agent Options menu of the Agent
Configuration utility. In that case, Sniffer Analysis logins are automatically
authenticated by the nGeniusONE server that manages this InfiniStreamNG
appliance.
<PMPORT> By default, nGeniusONE uses listener port 8080. If <SECURECONNECTION> is

set to TRUE, use the secure port instead (usually 443). Refer to Appendix A,
"Network Listener Port Numbers" for more information on listener ports used
by NETSCOUT devices.
<SNMPPORT> By default, nGeniusONE uses listener port 162 for SNMP communication. If you
have modified the SNMP listener port on the nGeniusONE server, change this
value to match. Refer to Appendix A, "Network Listener Port Numbers" for
more information on listener ports used by NETSCOUT devices.
<SECURECONNECTION> Set this option to TRUE if nGeniusONE is configured to listen on a secure HTTP
port. Then, set <PMPORT> to the secure listener HTTP port (usually 443).
<ALLOWLOCALFALLBACK> Specifies whether local accounts should be accepted when the nGeniusONE
server is not available.
This option is enabled by default. When enabled (set to TRUE), users are
authenticated against the InfiniStreamNG local accounts when no managing
nGeniusONE server is available to authenticate users. When disabled (set to
FALSE), the InfiniStreamNG does not fall back to using local authentication
when the nGeniusONE server is unavailable to perform authentication.
<ALLOWLOCALFAILOVER> Specifies whether users can authenticate locally on the InfiniStreamNG

appliance if the user name provided is not found in the nGeniusONE database.
This option is disabled by default. When enabled (set to TRUE), users are
authenticated against the InfiniStreamNG local accounts after failing
authentication on the nGeniusONE server because the user name could not be
found. When disabled (set to FALSE), users that are not defined in the
nGeniusONE server cannot be authenticated locally.
4-6 Configuring Authentication Options

4 Save and exit the pmauth.config file.
5 For SSH logins, you need to map the client logins to the nGeniusONE server you configured
in pmauth.config as follows:
a Change directories to /etc/pam.d and open the sshd file in a text editor.
b Add the following line as the first line in the file:
auth include pam_pm_auth
This entry specifies that authentication will be performed by the nGeniusONE server that
was defined above.
c Save and exit the sshd file.
d Change directories to /etc/ssh and open the sshd_config file in a text editor.
e Locate the line UsePAM and ensure it is uncommented.
f Ensure the value for UsePAM is "yes." This entry configures SSH to use PAM.
g Save and exit the sshd_config file.
h Restart the SSHD service using the following command:
service sshd restart
Note: If you have upgraded your appliance from a version earlier than 4.9MR1 B818, you may need
to reboot the appliance to trigger an update of required jar files from the associated nGeniusONE
server.
Configuring RADIUS Authentication

This section describes how to configure standalone RADIUS authentication on the InfiniStreamNG
appliance. Before you begin, understand that any account you want to authenticate using standalone
RADIUS must be defined with the same name in both the InfiniStreamNG operating system and on the
RADIUS authentication server. After you have added users on the RADIUS server, follow this
procedure to add accounts with the same user names to the InfiniStreamNG operating system.
Table 4-6 Files Required to Configure RADIUS Authentication
Required Files Description
/etc/radius_auth.config Edit to specify the RADIUS server in your

environment.
/etc/pam.d/sshd Edit to enable SSH authentication using

RADIUS credentials.
/etc/ssh/sshd_config Edit the Pluggable Authentication Modules,

(or PAM) value.
pam_radius_auth.so No edits required.
Note: All parameters and terms added to these files are space delimited.
1 Log in to the InfiniStreamNG appliance with root privileges, either locally or in an SSH
window.
2 Add RADIUS users to the local operating system. Any account you want to authenticate
using RADIUS must be defined with the same name in both the local InfiniStreamNG
operating system and on the RADIUS authentication server. Verify the account(s) were
added:
cat /etc/passwd | grep "/home" | cut -d: -f1
The output will list the account usernames on this InfiniStreamNG appliance. If the
account(s) you added are present, continue to the next step.

3 Specify the RADIUS server information to be used by the InfiniStreamNG appliance.
a Change directories to /etc and open the radius_auth.config file in a text editor (for
example, vi).
b Add the RADIUS Server IP address, shared secret, and timeout value to the file. The
default radius_auth.config file already includes sample entries listed in blue below.
Comment these samples out, and then add the new entry below these. For example, to
add a RADIUS server at 192.168.1.25 with a shared secret of sniffer123, comment
out the samples, and edit the file to include the line in green below:
# server[:port] shared_secret timeout (s)
#127.0.0.1 secret 1
#1.1.1.1 password 5
192.168.1.25 sniffer123 5
4 Save and exit the radius_auth.config file.
5 Enable SSH to use RADIUS Authentication.
a Change directories to /etc/pam.d and open the sshd file in a text editor.
b Edit the first line to read:
auth include pam_radius_auth
c Save and exit the file.
6 Configure SSH to use PAM.
a Change directories to /etc/ssh and open the sshd_config file in a text editor.
b Locate the line UsePAM and ensure it is uncommented.
c Ensure the value for UsePAM is "yes."
d Save and exit the file.
7 Restart the SSHD service:
service sshd restart.
You can now log in to the InfiniStreamNG appliance from an SSH session Console using the RADIUS
accounts you configured above.
Configuring TACACS+ Authentication

Follow this procedure to configure external TACACS+ authentication to establish an SSH session to the
InfiniStreamNG appliance, or for logging in with the InfiniStream Console.
Any account you want to authenticate using standalone TACACS+ must be defined with the same name
in both the InfiniStreamNG operating system and on the TACACS+ authentication server. After you
have added users on the TACACS+ server, follow this procedure to add accounts with the same user
name to the InfiniStreamNG operating system.
4-8 Configuring Authentication Options

Table 4-7 Files Required to Configure TACACS+ Authentication
Required Files Description
/etc/pam.d/pam_tacacs_auth Edit to specify the TACACS+ server in your environment.
/etc/pam.d/sshd Edit to enable SSH authentication using TACACS+ credentials.
/etc/ssh/sshd_config Edit to enable use of the Pluggable Authentication Modules (PAM).
pam_tacplus.so No edits required.
Note: All parameters and terms added to these files are space delimited.
1 Log in to the InfiniStreamNG appliance with root privileges, either locally or in an SSH window.
2 Add TACACS+ users to the InfiniStreamNG operating system. Any account you want to
authenticate using TACACS+ must be defined with the same name in both the local
InfiniStreamNG operating system and on the TACACS+ authentication server.
aWhen you add a user to the local operating system, use the -G argument to assign it a
Group Name of admin, console, or monitor so that it receives the corresponding
privileges in the InfiniStream Console. For example, the following command adds
localuser to the Admin group:
useradd -G admin localuser
bVerify the account(s) were added:
cat /etc/passwd | grep "/home" | cut -d: -f1
The output will list the account usernames on this InfiniStreamNG appliance. If the account(s) you added
are present, continue to the next step.
3 Specify the TACACS+ server information to be used by the InfiniStreamNG appliance.
aChange directories to /etc/pam.d and open the pam_tacacs_auth file in a text editor
(for example, vi).
bAdd the following as the first line of the file:
auth sufficient pam_tacplus.so debug server=<TACACS server IP address> timeout=<timeout value in
seconds> secret=<shared secret> encrypt login=login
(For example: auth sufficient pam_tacplus.so debug server=10.20.30.10 timeout=5
secret=secretword encrypt login=login).
cSave and exit the pam_tacacs_auth file.
4 Enable SSH to use TACACS+ Authentication.
aChange directories to /etc/pam.d and open the sshd file in a text editor.
bEdit the first line to read:
auth include pam_tacacs_auth
cSave and exit the file.
5 Configure SSH to use PAM.
aChange directories to /etc/ssh and open the sshd_config file in a text editor.
bLocate the line UsePAM and ensure it is uncommented.
cEnsure the value for UsePAM is "yes."
6 Restart the SSHD service:
You can now log in to the InfiniStreamNG appliance from an SSH session or the InfiniStream Console
using the TACACS+ accounts you configured above.

Security Hardening Measures
InfiniStreamNG appliances use a customized, hardened Linux operating system and updated software
packages to reduce security vulnerabilities. To further harden the appliance against potential security
risks, you can also perform the following procedures:
• "Hardening Passwords" on page 4-10
• "Disabling Root Logins over SSH Connections" on page 4-11
• "Disabling CTRL-ALT-DEL Keystroke for Rebooting" on page 4-11
• "Changing Log File Rotation Periods" on page 4-12
Hardening Passwords
To provide a simple means of hardening the password security on InfiniStreamNG appliances, a script
is available in the /opt/platform/security/harden_password/ directory. To run this script, log into
the appliance as the root user, change to that directory, and enter the command
./harden_password.sh.
The script replaces the existing system-auth-ac and login.defs system files on the InfiniStreamNG
with modified versions that enforce the password changes described in Table 4-8. If you want to
customize the settings after running the script, you can edit the system files located at:
• /etc/pam.d/system-auth-ac
• /etc/login.defs
Table 4-8 Password Changes with Hardening Enabled
Changes to Existing Passwords or Requirements for New Passwords
Removes the "mininguser" account previously supported for SSH connections ("root" password
now required for SSH)
Password must be at least 15 characters long
Password must contain a mix of upper case, lower case, numbers, and special characters
Password must contain no more than three consecutive characters
Password should not contain personal information
Password lockout after failed login attempts (default = 3 failed attempts, user-configurable)1
Password expires after 60 days2
Password expiration warning 7 days prior to expiration2
Account locked after password expires, forcing change of password
Last 10 passwords cannot be reused
New password must differ by at least four characters from the previous password
Authentication attempts logged to /var/log/secure log file
InfiniStreamNG appliance uses FIPS-140-2 approved cryptographic hash algorithm for generating
account password hashes
1. To modify the default setting (lockout after 3 failed attempts), edit the deny parameter in
the line auth required pam_tally2.so onerr=fail deny=3 in the file
/etc/pam.d/system-auth-ac on the InfiniStreamNG appliance.
2. To modify this setting, change the appropriate parameter (PASS_MAX_DAYS or

PASS_WARN_AGE) in the file /etc/logindefs on the InfiniStreamNG appliance.
4-10 Security Hardening Measures

Disabling Root Logins over SSH Connections
To protect the root password from potential brute force attacks over a remote SSH connection, you
can disable root logins via SSH and therefore require users to log in with a specific username and use
the sudo command to execute root (superuser) privilege functions as follows:
1 Attach a keyboard and monitor to the InfiniStreamNG appliance.
2 Log into the appliance as the root user.
3 Navigate to the /etc/ssh directory:
cd /etc/ssh
4 Open the sshd_config file in a text editor (for example, vi). For common editing commands
used by the vi text editor, refer to "Using the vi Text Editor" on page 4-4.
5 Locate the line #PermitRootLogin yes in the Authentication section of the file.
6 Modify the line as follows (remember to uncomment out the line by deleting the #
character):
PermitRootLogin no
7 Save your changes and close the sshd_config file.
8 To put the changes into effect, do one of the following:
• Restart the SSH service using the following command:
• Reboot the InfiniStreamNG appliance using the following command:
shutdown -r now
Disabling CTRL-ALT-DEL Keystroke for Rebooting

A user logged in locally to the InfiniStreamNG appliance from a console who presses CTRL-ALT-DEL can
reboot the system. If accidentally pressed, this creates the risk of short-term loss of availability while
the appliance reboots. By default, this keystroke combination is disabled on InfiniStreamNG
appliances in this release.
To verify that this keystroke is disabled or to manually disable it, perform the following steps:
1 Log in to the InfiniStreamNG appliance as the root user, either locally using an attached keyboard
and monitor or remotely via an SSH connection.
2 Navigate to the /etc/event.d directory. Open the control-alt-delete file in a text editor and
delete or comment out (add a # to the beginning of) the following line:
exec /sbin/shutdown -r now "Control-Alt-Delete pressed"
Note: For common editing commands used by the vi text editor, refer to "Using the vi Text Editor" on
page 4-4.
3 Save your changes and close the file.

4 To put the changes into effect, reboot the InfiniStreamNG appliance using the following
command:
shutdown -r now

Changing Log File Rotation Periods
By default, the system logs on the InfiniStreamNG appliance rotate (are overwritten) every 12 days. To
reduce the system log file rotation period to 7 days, perform the following steps:
2 Navigate to the /etc directory:
cd /etc
3 Open the logrotate.conf file in a text editor (for example, vi). For common editing
commands used by the vi text editor, refer to "Using the vi Text Editor" on page 4-4.
4 Locate the line # keep 4 weeks worth of backlogs in the file.
5 Modify the rotate value underneath this line from 12 to 7:
rotate 7
6 Save your changes and close the logrotate.conf file.
command:
shutdown -r now
Managing ICMP Timestamp Requests

Remote hosts like InfiniStreamNG appliances typically answer Internet Control Message Protocol
(ICMP) timestamp requests from other devices. However, responding to these requests allows an
attacker to know the date and time set on the host and may help that person defeat time-based
authentication protocols.
To manually configure the InfiniStreamNG appliance to ignore ICMP timestamp requests, perform the
following steps:
2 Navigate to the /etc/sysconfig directory:
cd /etc/sysconfig
3 Open the iptables file in a text editor (for example, vi). For common editing commands
used by the vi text editor, refer to "Using the vi Text Editor" on page 4-4.
4 Add the following lines to the file:
-A INPUT -p icmp --icmp-type timestamp-request -j DROP
-A OUTPUT -p icmp --icmp-type timestamp-reply -j DROP
5 Save your changes and close the iptables file.
command:
shutdown -r now
4-12 Security Hardening Measures

Secure Communication with nGeniusONE Servers
In previous releases, InfiniStreamNG appliances and nGeniusONE servers communicated with each
through their management interfaces using unsecured protocols such as SNMP (port 161) and TFTP
(port 69, for remote upgrades). To provide more secure communication between these devices, the
following additional options are now available for communication protocols:
• HTTP
• SSL over UDP port 443
• HTTPS (SSL over HTTP)
• HTTPS using Federal Information Processing Standard (FIPS) compliant security algorithms
To support these secure communication options, two software packages/processes are installed on
the InfiniStreamNG appliance:
• lighttpd for ASI data transfers and interactions previously done using SNMP
• stunnel for SSL over UDP port 443 for data mining operations and data export utilities
Secure communication between the InfiniStreamNG appliance and nGeniusONE server is controlled
using the Communication Protocol setting for each InfiniStreamNG in nGeniusONE Device
Configuration.
During an upgrade, existing SNMP protocol settings are preserved. If you manually change the
communication protocol to HTTP or HTTPS, verify that network traffic using TCP port 8080 (for HTTP),
TCP port 8443 (for HTTPS), and UDP port 443 (for SSL over port 443) is permitted between the
InfiniStreamNG appliance and nGeniusONE server to ensure proper communication; refer to
"Communication Listener Ports Used with InfiniStreamNG Appliances" on page A-1 for more
information.
Using FIPS-Compliant Security Algorithms

To use only FIPS-compliant security algorithms to encrypt the data passed between the
InfiniStreamNG appliance and nGeniusONE server, perform the following steps:
Important: FIPS compliant mode is disabled by default.
1 If you have not already, configure the nGeniusONE server to use HTTPS:
a Log into nGeniusONE.
b Click the icon for Device Configuration.
c Select the Devices tab (if necessary).
d Select the InfiniStreamNG appliance from the list of devices and click the Details
button.
e From the Communication Protocols drop-down menu, choose HTTPS.
f Click OK.
3 Navigate to the /opt/platform/security/fips directory.
4 To enable FIPS compliant mode, run the following script:
./netscout_fips.sh
5 Reboot the InfiniStreamNG appliance.

Once the reboot is complete, applications/processes such as SSH and lighttpd use only
FIPS-compliant algorithms. You can verify the FIPS compliant mode by logging back into the appliance
and issuing the following command from the command line:
openssl ciphers -v
With FIPS compliant mode disabled, approximately 59 algorithms are displayed when this command
is run. With FIPS compliant mode enabled, only 22 compliant algorithms are displayed. You can also
confirm FIPS compliant mode by initiating an SSH session out of the InfiniStreamNG appliance to
another device. The message FIPS mode initialized is displayed when the connection is made.
To disable FIPS compliant mode, navigate to the /opt/platform/security/fips directory and run the
script again with a -d argument as shown below:
./netscout_fips.sh -d
4-14 Secure Communication with nGeniusONE Servers

Managing Appliance Time Synchronization
You must perform the configuration of the InfiniStreamNG appliance’s time synchronization source
using the nGApplianceConfig.plx script, as described in "Running the Appliance Configuration Script
(nGApplianceConfig.plx)" on page 3-23. Table 4-9 lists the time sources available.
Table 4-9 Time Synchronization Sources
Time
Source Description
NTP NTP runs as a service, synchronizing with its NTP server every 16 seconds.
InfiniStreamNG appliances use version 4.1.2 of the NTPD program; there is
no need to patch the NTPD program.
PTPv2 InfiniStreamNG appliances support PTPv2 as defined in IEEE 1588-2008.

Two modes of PTPv2 operation are supported: hardware mode and
software-only mode. The hardware mode leverages the PTPv2 hardware
timestamping capability of the management network adapters to
synchronize the host clock with the reference clock server to within 1
microsecond. This further improves the timestamping accuracy of the
captured packets. The software-only mode synchronizes the host clock
with the reference clock server to within 10 microseconds, further
improving the timestamping accuracy of the captured packets.
Time Synchronization Notes

• The InfiniStreamNG Manage port is used for NTP/PTPv2 synchronization.
• Use the following commands to stop and restart clock services:
Service Stop Command Start Command
NTP service ntpd stop service ntpd start
PTPv2 service ptpv2d stop service ptpv2d start
• PTPv2 logs are stored in /opt/platform/ptpv2d.

• In PTPv2 synchronization mode, the InfiniStreamNG appliance is capable of accuracy within
1 microsecond of the PTPv2 Grandmaster reference clock server. However, a non-PTPv2
compliant network switch that connects to both the PTPv2 Grandmaster clock server and
the InfiniStreamNG appliance can introduce variable jitter in the packet path. This jitter
affects the system time offset calculations on the InfiniStreamNG appliance and reduces
the accuracy. For best results, use PTPv2 compliant network switches to achieve the most
accurate timestamps.
Note: Even if a PTPv2 compliant switch is used, if timestamps are compared between two
InfiniStreamNG appliances, the timestamps for each appliance can be +1 or -1 microsecond from the
reference (PTPv2 Grandmaster) clock. Therefore, under the worst case scenario, the difference
between the two InfiniStreamNG appliances could be up to 2 microseconds.

• To support PTPv2, two files are provided in the InfiniStreamNG appliance
/opt/platform/ptpv2d directory:
– PTPv2 PTPQ tool: Fetches the current Linux system clock offset from the PTPv2
Grandmaster reference clock. This tool is located at /opt/platform/ptpv2d/ptpq. Refer
to the Readme_ptpq.txt file located in /opt/platform/ptpv2d/ for descriptions of PTPQ
tool commands.
– PTPv2 client configuration file: Configures the Ethernet port on which PTP packets are
received and the PTPv2 TC (transparent clock) mode of operation. This file is located at
/opt/platform/ptpv2d/ptpv2.conf.
Note: Except for the Ethernet port and PTPv2 transparent clock mode, all other configuration settings
in ptpv2.conf should be left at their default settings and must not be changed. Whenever you modify
the ptpv2.conf configuration file, restart the PTPv2 service by issuing the command service ptpv2d
start from the OS command line.
• The PTPv2 client (InfiniStreamNG appliance) and PTPv2 Grandmaster reference clock can
be configured to run in one of the two transparent clock modes:
– E2E (End-to-End) mode
– P2P (Peer-to-Peer) mode
NETSCOUT recommends using E2E mode because the number of P2P PTP nodes in one
physical network segment should not exceed two as determined by the IEEE 1588-2008
standard (Section 11.4.4). Additionally, the PTPv2 Grandmaster reference clock should
send a minimum of four PTPv2 SYNC messages per second for best accuracy.
4-16 Managing Appliance Time Synchronization

Directing Log Messages to an External Server
The InfiniStreamNG appliance can be configured to establish a secure TLS connection for transferring
system log (audit log) events to an external syslog server. This section includes steps for configuring a
Fedora-based syslog server that uses stunnel to provide TLS encryption services to syslog clients (such
as the InfiniStreamNG appliance). Note that your syslog server may require a different configuration
procedure.
Configuring the InfiniStreamNG Appliance to Forward Log Messages

To configure the InfiniStreamNG appliance to forward system log messages to an external syslog
server, perform the following steps:
2 Navigate to the /etc directory.
3 Edit the rsyslog.conf file as follows:
a Open the file in a text editor, such as vi (refer to "Using the vi Text Editor" on page 4-4
for a list of commonly used vi commands).
b Allow rsyslog to send messages to IP listener port 514 on a local loopback address
by adding the following line to the beginning of the file:
*.* @@127.0.0.1:514
c Add the following lines in the #### MODULES #### section of the file:
$ModLoad imfile
# auditd audit.log
$InputFileName /var/log/audit/audit.log
$InputFileTag tag_audit_log:
$InputFileStateFile audit_log
$InputFileSeverity info
$InputFileFacility local7
$InputRunFileMonitor
d Replace the line that current reads *.info;mail.none;authpriv.none;cron.none;
/var/log/messages with the following:
*.info;mail.none;cron.none;local7.none;authpriv.* /var/log/messages
e Save and exit the file.
f Restart the rsyslog service:
service rsyslog restart
4 Edit the stunnel.conf file to enable the InfiniStreamNG to receive messages on port 514,
encrypt them, and send them out on port 1111 as follows:
a Open the file in a text editor.
b Locate the following block of text:
; Service-level configuration
[test]
accept = :::443
connect = ::1:80
c Add the following lines immediately after the text block:
; Use it for client mode
ciphers = AES128-SHA:DHE-RSA-AES128-SHA

d Add the following lines to the end of the file, where x.x.x.x is the IP address of the
InfiniStreamNG appliance:
[SYSLOG]
accept = 127.0.0.1:514
connect = x.x.x.x:1111
client = yes
e Comment out the line as shown:
#output = /var/log/stunnel.log
f Add the following line:
syslog=yes
g Save and exit the file.
h Enable permissions for this file:
chmod 550 stunnel.conf
chkconfig stunnel on
5 Navigate to the /etc/sysconfig directory.
6 Open ports 514 and 1111 in the firewall settings as follows:
a Open the iptables file in a text editor.
b Add the following lines of text before the COMMIT line:
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1111 -j
ACCEPT
ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 514 -j
ACCEPT
7 Restart the modified services using the following commands:
service iptables restart
service stunnel restart
Configuring the External Syslog Server to Accept Log Messages

To configure an external syslog server to accept log messages from the InfiniStreamNG appliance,
1 Log into the external syslog server.
2 Navigate to the /etc directory.
3 Edit the rsyslog.conf file as follows:
a Open the file in a text editor, such as vi (refer to "Using the vi Text Editor" on page 4-4
for a list of commonly used vi commands).
4-18 Directing Log Messages to an External Server

b Allow rsyslog to listen on IP listener port 514 over TCP and UDP for incoming
messages by adding the following lines to the file if they are not already present:
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception

$ModLoad imtcp
$InputTCPServerRun 514
$template HostAudit, "/var/log/nGenius_audit.log"

Local7.* ?HostAudit
4 Edit the stunnel.conf file to enable the server to receive messages on port 1111, decrypt
them, and send them to port 514 (syslog) as follows:
a Open the file in a text editor.
b Add the following lines if they are not already present:
cert = /etc/stunnel/stunnel.pem
ciphers = AES128-SHA:
DHE-RSA-AES128-SHA
[syslog]
accept=1111
connect=514
5 Navigate to the /etc/sysconfig directory.
6 Open ports 514 and 1111 in the firewall settings as follows:
a Open the iptables file in a text editor.
b Add the following lines of text before the COMMIT line:
ACCEPT
ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 514 -j
ACCEPT
7 Restart the modified services using the following commands:
service iptables restart
service stunnel restart

Testing the Syslog Message Forwarding
To test log message forwarding to an external syslog server, perform the following steps:
2 Enter the following test command:
logger "Hello from xxx.xxx.xxx.xxx"
3 Log into the external syslog server.
4 Enter the following command:
tail -f /var/log/messages
5 Look for event record from the InfiniStreamNG appliance that is similar to the following:
May 30 17:29:04 localhost root: Hello from xxx.xxx.xxx.xxx
4-20 Directing Log Messages to an External Server

Chapter 5
Upgrading or Restoring InfiniStreamNG Software Appliances
This chapter describes how to upgrade or restore the software on InfiniStreamNG software appliances
and contains the sections listed in Table 5-1.
Section Description
"Upgrade Overview" on page 5-2 Describes the InfiniStreamNG appliance models and software versions that
can be upgraded to this release.
"Upgrading from nGeniusONE" on Describes how to remotely upgrade the InfiniStreamNG appliance from a
page 5-6 nGeniusONE Server.
"Upgrading Manually via Describes how to upgrade an InfiniStreamNG appliance by installing an

Application Update" on page 5-10 updated application with the .bin file.
"Upgrading Manually via Describes how to upgrade or restore an InfiniStreamNG appliance by

Reimage" on page 5-13 reimaging the system drive and installing the application.
"Verifying the Upgrade" on Provides a checklist for verifying appliance operation following a
page 5-15 restoration.
"Post Upgrade Tasks" on Describes additional steps to perform following an upgrade, such as
page 5-17 enabling InfiniStream Console access.
5-1
Upgrade Overview
This section provides the following topics for upgrading InfiniStreamNG appliances, and should be
carefully reviewed prior to starting an upgrade:
• "Upgrade Paths for InfiniStreamNG Qualified COTS Software Appliances" on page 5-2
• "Partitions and Data Preservation" on page 5-3
• "Custom Files to Back Up Before Reimaging" on page 5-5
Upgrade Paths for InfiniStreamNG Qualified COTS Software Appliances

To upgrade the InfiniStream application, you use either the is-6xx0-xxx-eth.bin or
is-6xx0-xxx-eth-j.bin application installer file depending on your appliance hardware.
For this Qualified COTS Server... Use this Application File
Dell PowerEdge R430, R730xd or is-6xx0-xxx-eth.bin

R830
HP ProLiant DL360 Gen9, DL380
Gen9, or DL560 Gen9
Dell PowerEdge R740xd or R940 is-6xx0-xxx-eth-j.bin

HP ProLiant DL380 Gen10 or DL560
Gen10
Refer to the InfiniStreamNG Qualified COTS Software Appliance Release Notes for each release to
determine the upgrade paths supported by the release. In general, two upgrade options are available:
• Upgrade by installing the application file directly on top of the existing version as described
in "Upgrading Manually via Application Update" on page 5-10. All existing packet stores are
preserved using this upgrade method.
• Reimage the operating system and install the application file as described in "Upgrading
Manually via Reimage" on page 5-13. Be aware that all stored data is lost when using this
upgrade method.
5-2 Upgrade Overview

Partitions and Data Preservation
Before upgrading, review the following topics concerning partitions and the data stored in them:
• "File System Format Changes" on page 5-3
• "Data Preservation for a Reinstall" on page 5-3
• "Partition Sizing and Usage" on page 5-4
Important:
•Stored data can be retained during an application update or Performance Manager
upgrade if you do not change partition settings or the type of file system used for the
packet store partition (/data).
•Any changes to optional partitions or the type of file system used for the packet store
partition results in the loss of all stored data and metadata. This includes:
–Changing the format of the packet store partition (for example, from XFS to the
NetScout File System (raw format)).
–Changing the size of any additional partition (/flow, /metadata, /asi or /xdr).
–Creating or deleting any additional partition (/flow, /metadata, /asi or /xdr).
•All stored data is lost when upgrading the appliance by reimaging.
File System Format Changes

During the upgrade, you will have the option to change your file system and partitioning strategy. In
some cases you will have the opportunity to change the data partition format. It is important to
understand that anytime you change format or partition size, stored data is not preserved on the
InfiniStreamNG appliance.
Refer to Table 5-3 to understand the options that will be presented to you for repartitioning, and the
impact of your choice on the data store.
Table 5-3 Data Preservation Options
Packet Store File System Available

Scenarios Options Impact of Selection
XFS to XFS Retain or If you select Retain, the data and

Recreate partition size are preserved.
If you select Recreate, you will be
NetScout File System to NetScout prompted to designate the size for a new
File System partition. Data is not preserved in this
case.
XFS to NetScout File System Recreate only The only option presented is to Recreate
the partition. When you change file
NetScout File System to XFS system type, the partition must be
recreated. Data is not preserved in this
case.
Data Preservation for a Reinstall

You may be directed by Customer Support to upgrade your appliance by uninstalling a previous
version, followed by a new installation of the same version. In this case, you will have the option to
retain data, but only if the file system had previously been XFS, and you designate XFS for the new
installation. All other options require you to recreate partitions.
Upgrading or Restoring InfiniStreamNG Software Appliances 5-3

Partition Sizing and Usage
Use Table 5-4 to review the partition formats, impact of changing partition formats and sizes, and the
sizing required for the way you will use the InfiniStreamNG appliance.
Table 5-4 InfiniStreamNG Partitions
Partition Description Range
/xdr If the appliance will be configured to produce xDRs/ASRs (eXtended Data Default = 30% of
Records/Adaptive Session Records) and Conversation data for use by available storage.
nGeniusONE or nGenius Subscriber Intelligence, you MUST allocate an /xdr Range = 6 GB to 50% of
partition to store this session data. This partition can be eliminated if the available storage.
appliance will not be used to produce session data for use with those
Enter 0 to eliminate.
applications.
An xDR stores metadata for mobile subscriber sessions. The nGenius Subscriber
Intelligence application uses mobile subscriber records to correlate mobile sessions
across multiple monitored legs. The more space you allocate to xDR storage, the
further back Subscriber Intelligence will be able to mine for mobile data session
correlation.
/metadata This partition is required for nGeniusONE, Performance Manager, and Default = 50 GB
InfiniStream Console features such as remote decode, data capture, and Range = 25 GB to 10% of
InfiniStreamNG trace file storage. available storage.
Set a size for this partition based on your anticipated usage of the features listed
below:
• nGeniusONE Decode View/Performance Manager Remote Decode
stores transient session data files in /data and
<installdirectory>/rtm/pa/data. Although these files are automatically
removed when the decode session is closed, multiple simultaneous decode
sessions can also create temporary index files in the /metadata partition
consuming as much as 20 G of space.
• InfiniStream Console and Performance Manager users can save
remote trace files on the InfiniStreamNG appliance’s /metadata partition
instead of immediately moving mined packets to the InfiniStream Console
system or nGeniusONE Server, respectively.
Excluding the remote decode operations, files saved on this partition must be
managed manually. Users who anticipate heavy use of any of the above
features should increase the default to a greater percentage of the total
storage. Note that if you choose to increase the size of an existing /metadata
partition, all stored metadata will be lost.
/asi This partition is dedicated to storing Adaptive Service Intelligence (ASI) Default = 50 GB
metadata. Range = 25 GB to 10% of
In releases prior to v5.4.1, ASI metadata was written to the /metadata partition. For available storage.
improved performance and to avoid contention for space in the /metadata partition
from saved trace and decode files, this new /asi partition can be created. Whether or
not this partition is created depends upon your choices when upgrading to v6.x:
• If you choose to retain your partitions during the upgrade, this partition is
not created and ASI data continues to be written to the /metadata
partition as it has in previous releases (refer to recommendations for the
/metadata partition below).
• If you choose to modify your partitions, the /asi partition is automatically
created and linked to the /metadata partition. All ASI metadata is written
to this partition instead of /metadata and this partition cannot be
eliminated.
/flow Required for use with the InfiniStream Console only. Default = 0 GB
InfiniStream Console users MUST allocate a /flow partition for the storage of RMON Range = 1-35% of
data, 15-second flow records, and aggregated 5-minute statistics. All other users can available storage.
enter 0 to eliminate this partition use the default value of 0 GB. Enter 0 to eliminate.
5-4 Upgrade Overview

Table 5-4 InfiniStreamNG Partitions (Continued)
Partition Description Range
/data (XFS) or This partition is used for packet storage and is not configurable. Total remaining storage
/raw On XFS-formatted appliances, collected packets are stored in a /data partition. On space after space is
(NETSCOUT File NETSCOUT File System-formatted appliances, collected packets are stored in a /raw allocated to the other
System) partition. partitions. Not
configurable and cannot
be eliminated.
Custom Files to Back Up Before Reimaging

Before reimaging the InfiniStreamNG appliance, back up any files listed in Table 5-5 that you may have
customized. Move them to a safe location off the system. Once the upgrade is complete, copy the files
back to the same path on the appliance, or follow the instructions below to modify the new file.
Table 5-5 Files to Back Up Before Reimaging
File Summary
Mixed Traffic Filter Files Filter files for mixed traffic monitoring are stored in /opt/NetScout/rtm/config. If you open the files,
they consist of separate lines of VLAN IDs or subnet addresses (for example, 192.168.1.0/24). Refer to
"Directing Log Messages to an External Server" on page 4-17 for details on these files.
Back up these filters to a safe location:
When upgrading remotely using nGeniusON3 or manually using an application (.bin file) update, copy
them either to /root or off the system entirely.
When upgrading by reimaging the InfiniStreamNG appliance, copy the files off the system to keep them
safe.
After the upgrade, copy the saved filters back to the same directory.
afmon.properties The afmon.properties file is stored in /opt/NetScout/rtm/bin and may have been customized for data
aging defaults.
Assorted authentication If you edited files to configure SSH or Sniffer Analysis logins to authenticate using nGeniusONE, RADIUS,
files or TACACS, consider backing up those files before a reimage to preserve your settings.
Authentication Server Configuration Files: Login Configuration Files:

nGeniusONE: /etc/pmauth.config • /etc/pam.d/inmc-auth
RADIUS: /etc/radius_auth.config • /etc/pam.d/sshd
TACACS: /etc/pam.d/pam_tacacs_auth • /etc/ssh/sshd_config
.afm_mode These files are stored in /opt/NetScout/rtm/bin. Back them up and restore them after the upgrade.
.configfile
*.cfg Back up all *.cfg files in /opt/NetScout/rtm/pa. Restore them after the upgrade.

Upgrading from nGeniusONE
From nGeniusONE, you can use the automatic update feature to download the application installation
(.bin) file, and then perform the upgrade using nGeniusONE Device Configuration.
Important: You can only perform remote upgrades from nGeniusONE on Dell R430, Dell R730xd,
Dell R830, HP DL360 Gen9, HP DL380 Gen9, or HP DL560 Gen9 servers. These servers use the
is-6xx0-xxx-eth.bin installation file. You cannot remotely upgrade Dell R740xd, Dell R940, HP DL380
Gen10 or DL560 Gen10 serves which use the is-6xx0-xxx-eth-j.bin installer file.
Before You Begin

You can remotely upgrade InfiniStreamNG appliances from the nGeniusONE console by opening
Device Configuration and clicking the Upgrade tab. However, you must first obtain the .bin file from
NETSCOUT (or copy it from the Application DVD) and upload it to the <nGenius install>/rtm/tftpboot
directory on the nGeniusONE server.
Keep in mind the following important points regarding the upgrade:
• During an application upgrade, store data, system settings, license information, and
application configuration settings are all preserved if you do not change partition settings
or the type of file system used for the packet store partition (/data).
• If you make any changes to optional partitions or the type of file system used for the packet
store partition, however, it results in the loss of all stored data and metadata. See
"Partitions and Data Preservation" on page 5-3 for details about changing partitioning
strategies during an upgrade.
• Decode Packs can also be upgraded using nGeniusONE.
• You can select any number of appliances for upgrade. However, the nGeniusONE server
downloads files to appliances in batches to minimize bandwidth consumption. Network
congestion may cause some upgrades to fail. Retry the upgrade for each appliance that
initially fails if you are certain the appliance is up and responding.
• Partitioning options are available differently depending on whether you are upgrading a
single appliance or multiple appliances simultaneously:
– Individual upgrade — When you upgrade a single InfiniStreamNG appliance, the
Upgrade Parameters dialog box displays existing partition sizes. You can preserve or
modify the existing partition, or reset to factory defaults.
– Multiple upgrade — When you select multiple InfiniStreamNG appliances for upgrade
you can preserve the existing partitions on all selected systems or create factory default
partitions on all selected systems.
• The application installer .bin file used for the upgrade may also patch the appliance’s
operating system with upgrades and security patches.
Scheduling Automatic Software Download

nGeniusONE provides an automatic download feature that can be used to schedule an automatic
download of new application files when they become available from the MyNetScout.com website.
You then perform a remote upgrade procedure as described in to install the application .bin file or
update the Decode Packs on one or more InfiniStreamNG appliances. Refer to the nGeniusONE online
help topics for instructions about scheduling automatic software download.
5-6 Upgrading from nGeniusONE

Configuring Remote Upgrade from nGeniusONE
To upgrade from nGeniusONE, copy the .bin files (application bin file and Decode Pack bin file) to the
nGeniusONE Server. You can do this step manually or using the automatic software download feature.
After the software is available on the nGeniusONE Server, use Device Configuration in nGeniusONE to
start the upgrade process. nGeniusONE takes care of stopping services, applying the upgrade, and
restarting the system. Refer to the nGeniusONE online help topics for instructions on upgrading
InfiniStreamNG appliances using Device Configuration.
1 Before you start the upgrade, perform these steps on each InfiniStreamNG appliance:
a Back up any custom properties files as described in "Custom Files to Back Up Before
Reimaging" on page 5-5.
b Confirm that the nsprobe process is running on each target InfiniStreamNG
appliance and that you have write access to the devices being upgraded. You can do
this from either nGeniusONE or by accessing each InfiniStreamNG itself:
– From the nGeniusONE console, launch Device Configuration. In the Devices tab,
select an InfiniStreamNG appliance and click the Information icon. Verify the
following and click Close when done:
Ping Test = OK
Write Community = OK
– From the InfiniStreamNG appliance, log in and navigate to the
/opt/NetScout/rtm/bin directory. Execute the ./PS command to verify the
nsprobe process is running.
2 Download the appropriate application installation file to the <nGenius
install>/rtm/tftpboot directory on the nGeniusONE server using either manual or
automatic methods.
For this Qualified COTS server... Use this Application disc/file
File: is-6xx0-xxx-eth.bin
Dell PowerEdge R740xd, R940 or R940xd Disc labeled: For "J" Platforms
HP DL380 Gen10 or DL560 Gen10 File: is-6xx0-xxx-eth-j.bin
3 Use the following steps to perform the upgrade. In a distributed server environment, you
can perform the upgrade from the Global Manager or from the Local Server that owns the
appliance.
a Launch Device Configuration.
b Click the Upgrade tab.
c Click the InfiniStreams tab. Installed InfiniStream appliances are listed with their
current status, name, IP address, model number, version number, and description
including the firmware release and build numbers.
d Select one or more appliances to upgrade.
– A red icon in the Status column indicates the existence of an upgrade file with
a higher version than the appliance is currently running.
– A green icon indicates that the appliance is already upgraded to the latest file
version in the nGeniusONE server upgrade file repository.
e Click Select file to upgrade.

f In the InfiniStream Software Packages dialog box, each software package displays
with a unique version number that includes the device type, release version, build
number, and topology. Select the appropriate upgrade file (the dialog box displays
only those software packages appropriate to the selected appliance).
g The Upgrade Parameters dialog box displays. Configure upgrade parameters
according to the type of upgrade you are performing:
Upgrading an Individual Appliance

When you upgrade an individual InfiniStreamNG appliance, you can choose to preserve or modify existing partitions.
Allowable ranges and defaults vary depending on the appliance total disk free space.
Note: Current partition sizes and the file system selected are not displayed in this dialog box. To view the current values,
you must log into the InfiniStreamNG appliance.
Preserve all existing partitions and data (Default) Preserves existing partition sizes.
Create factory default partitions Restores default partitions.
Modify one or more partitions and Select to modify a partition size or eliminate a partition entirely. When
rewrite the partition table you select this option the partition options become configurable, but
data is lost. See "Partitions and Data Preservation" on page 5-3 for more
information.
• Size — Select (enable) the partition checkbox and enter a value
that falls within the displayed range. Deselecting (disabling) a
checkbox eliminates that partition.
The Packet storage option reflects the values you enter for the remaining
partitions.
• File System (Packet storage partition) — From the drop-down
menu, select NetScout or XFS.
Upgrading Multiple Appliances

When you upgrade multiple InfiniStreamNG appliances, you can choose to preserve the partitions existing on each device
or use partition defaults in all cases.
Note: Current partition sizes and the file system selected are not displayed in this dialog box. To view the current values,
you must log into each InfiniStreamNG appliance.
Preserve the existing partitions on all (Default) When selected preserves current partition sizes for all selected
selected systems appliances.
Create factory default partitions on all When selected uses the default partition size for all selected appliances.
selected systems
h When you finish configuring upgrade parameters, click Upgrade.

i Click OK to confirm the upgrade. The software package is uploaded to the selected
InfiniStreamNG appliance(s). The process is automated – the file is uploaded,
configuration saved, and the upgrade applied. Upgrade can take 10-15 minutes to
complete including the automatic post-upgrade reboot of the appliance immediately
after a successful upgrade message appears. Click Details to review the progress.
Following the reboot, the upgraded appliance automatically requests a re-learn from
nGeniusONE. In the Device Configuration window, a red icon displays next to the
appliance name. Following re-learn (usually within 60 seconds), nGeniusONE updates
the Device Configuration window by removing the red icon and updating the appliance
description software version.
4 When the reboot is complete, log back into the InfiniStreamNG appliance and restore any
other custom properties files or filter files you backed up prior to the upgrade as described
in "Custom Files to Back Up Before Reimaging" on page 5-5.
5 The upgrade preserves all basic system configuration information, including IP settings for
the Manage port, NTP settings, and so on. If for some reason settings were NOT preserved,
you can reconfigure them by executing the nGApplianceConfig.plx script as described in
"Running the Appliance Configuration Script (nGApplianceConfig.plx)" on page 3-23. When
asked if you want to reboot after running the script, enter no and press Enter.
5-8 Upgrading from nGeniusONE

6 Navigate to /opt/NetScout/rtm/bin and enter the following command:
./localconsole
a Verify that your agent settings are all intact, including your nGeniusONE server
address (Config Server Address). If the address is correct, the appliance is
automatically relearned by nGeniusONE; otherwise, you must relearn the appliance
manually.
b If you want to modify the console(s) you use to manage your nGenius InfiniStream
appliance, use the Agent Options menu to enable/disable nGeniusONE and/or
InfiniStream Console modes. For more information on configuring these modes,
refer to "Post Upgrade Tasks" on page 5-17.
c Configure other agent settings such as interface mode, software and protocol
options, and any other necessary settings. For more information on agent
configuration, refer to the Agent Configuration Utility for CDM/ASI Administrator Guide.
7 Use the checklist in "Verifying the Upgrade" on page 5-15 to confirm the upgrade’s success.
You can also use nGeniusONE to upgrade Decode Packs. The procedure is the same as above,
although you select the Decode Pack tab. Always update the application first, then the Decode Pack, if
present. The Decode Pack installer will detect whether a more current version was installed by the
application installer (.bin) file.
Note: You can also install GeoProbe software on the NETSCOUT Qualified InfiniStreamNG Software (COTS)
Appliance to provide data to IrisView servers; refer to the InfiniStreamNG (Geo Mode) Deployment Guide for
instructions for installing GeoProbe software.

Upgrading Manually via Application Update
To upgrade the InfiniStreamNG application manually, you need to copy the either the application
installer file to the InfiniStreamNG appliance, stop all NETSCOUT processes, execute the .bin file, and
reboot the system. Application updates can be performed either locally or over an SSH connection.
Before You Begin

To upgrade a InfiniStreamNG Qualified COTS appliance, you only need to download either the
is-6xx0-xxx-eth.bin or is-6xx0-xxx-eth-j.bin installation file from the MyNetScout.com website or the
Application DVD, copy it to the appliance, and execute it. This can be done either locally or over an SSH
connection.
Keep in mind the following important points regarding the upgrade:
• During an application upgrade, store data, system settings, license information, and
application configuration settings are all preserved if you do not change partition settings
or the type of file system used for the packet store partition (/data).
• If you make any changes to optional partitions or the type of file system used for the packet
store partition, however, it results in the loss of all stored data and metadata. See
"Partitions and Data Preservation" on page 5-3 for details about changing partitioning
strategies during an upgrade.
• Before you start the upgrade, make sure you have either remote access to the system or a
keyboard and monitor physically connected to the system. The upgrade does not support
Telnet or a serial port terminal connection.
• The application installer .bin file used for the upgrade may also patch the appliance’s
operating system with upgrades and security patches.
Application Update with .bin File Installer

Follow this procedure to update with a .bin file. Application updates can be performed either locally
or over an SSH connection.
1 Copy the installation file to the appliance using one of two methods:
Download the software from the My.NETSCOUT.com website:
a Launch your Web browser and enter the following URL:
b https://my.netscout.com/mcp/Products/Pages/landing.aspx
c From the InfiniStream Software Appliance download page, follow the links to the
latest software.
d Download the appropriate application file to your local machine.
For this Qualified COTS Server... Use this Application File
Dell PowerEdge R430, R730xd or R830 is-6010-xxx-eth.bin

HP ProLiant DL360 Gen9, DL380 Gen9 or
DL560 Gen9
Dell PowerEdge R740xd or R940 is-6xx0-xxx-eth-j.bin

HP ProLiant DL380 Gen10 or DL560 Gen10
e Use either WinSCP (Windows machines) or SCP (Linux machines) to copy the
installation file to the /opt directory on the appliance.
5-10 Upgrading Manually via Application Update

Note: You must install/upgrade the application file from the /opt directory. Do not copy this file to any
other directory such as /data, /metadata, /flow, /tmp, /home, or /opt/NetScout. If you try to execute
the file from one of these directories, the installation/upgrade fails and the file is deleted, forcing you
to repeat the process.
Access the software from the Application CD:

a Insert the Application CD in a PC with network access to the InfiniStreamNG
appliance’s Manage port.
b Log in to the InfiniStreamNG appliance using any of the following methods:
– Locally, using an attached keyboard
– Remotely, via an SSH session (for example, PuTTY)
– Remotely, via the web-based IPMI/RMM interface
c Navigate to the /opt/platform directory:
cd /opt/platform
d Run the application mounting script to mount the DVD drive (either the local or a
remote virtual drive). The script automatically copies the InfiniStream application file
to the /opt directory:
./mount_app.sh
2 Log in to the InfiniStreamNG appliance as the root user.
3 Stop the InfiniStreamNG processes:
/opt/NetScout/rtm/bin/stopall
4 Make the installation file you copied to the /opt folder executable with the chmod +x
command. For example:
chmod +x is-6xx0-xxx-eth-j.bin
5 Install the application:
./is-6xx0-xxx-eth.bin
or
./is-6xx0-xxx-eth-j.bin
6 The installation script asks you to select your locale. Choose your language and press
Enter.
7 Press Enter on the Introduction screen.
8 Continue pressing Enter to read the End User License Agreement.
9 When prompted, press Y to accept the license agreement.
10 Choose the type of file system to use for the packet store partition (/data):
• NetScout File System – A file system that optimizes disk write and retrieval
performance for high-performance data recording and mining.
• Linux XFS – The standard file system used for the /data partition in previous
InfiniStreamNG releases.
Keep in mind that changing the type of file system used for the packet store partition
results in the loss of all stored data and metadata. See "Partitions and Data Preservation"
on page 5-3.

11 The installation script asks whether you want to modify the appliance’s optional partitions.
These partitions (if created) are all located on the same InfiniStreamNG storage drives used
for packet storage. Because of this, the more space you allocate for these optional
partitions, the less space you will have available for packet storage.
• Preserve existing data by pressing N to leave partitions as they currently are.
However, be sure that the appliance has the partitions you need to support the
applications you want to use (refer to "Partition Sizing and Usage" on page 5-4). You
can use the df -H command to check the size of your existing partitions.
• Customize partitions by pressing Y. You will be prompted with a series of questions
to customize the xDR, Metadata, and Flow partitions. For each partition, you can
specify a size, accept the default size, or enter zero (0) to remove the partition
entirely. Keep in mind that any change to the existing partitions removes all
stored packet data and optional partition contents. Keep in mind the following:
– The optional eXtended Data Record (/xdr) partition is only required for use with
nGenius Subscriber Intelligence.
– The optional InfiniStream Console (/flow) partition is only required if you will
use the appliance with the InfiniStream Console.
– Set a size for the /metadata partition based on your anticipated usage of the
features listed in Table 5-4,"InfiniStreamNG Partitions" on page 5-4.
12 The installation script displays a Pre-Installation Summary screen. Press Enter to continue.
13 Installation begins. The installer presents an Installation Complete message when finished.
Press Enter to exit the installation script.
14 The upgrade preserves all basic system configuration information, including IP settings for
the Manage port, NTP settings, and so on. If you were upgrading remotely via SSH and your
connection is still working, it is most likely that these settings were all preserved.
If for some reason settings were NOT preserved, you can reconfigure them by executing the
nGApplianceConfig.plx script as described in "Running the Appliance Configuration Script
(nGApplianceConfig.plx)" on page 3-23. When asked if you want to reboot after running the
script, enter no and press Enter.
15 Reboot your InfiniStreamNG appliance by entering shutdown -r now on the
command-line interface.
16 Following the reboot, log back into the InfiniStreamNG and restore any files you backed up
prior to the upgrade as described in "Custom Files to Back Up Before Reimaging" on
page 5-5.
17 Navigate to /opt/NetScout/rtm/bin and enter the following command:
./localconsole
a Verify that your agent settings are all intact, including your nGeniusONE server
address (Config Server Address). If the address is correct, the appliance is
automatically relearned by nGeniusONE; otherwise, you must relearn the appliance
manually.
b If you want to modify the console(s) you use to manage your nGenius InfiniStream
appliance, use the Agent Options menu to enable/disable the (nGeniusONE and/or
InfiniStream Console modes. For more information on configuring these modes,
refer to "Post Upgrade Tasks" on page 5-17.
c Configure other Agent Configuration Utility settings such as interface mode,
software and protocol options, and any other necessary settings. For more
information , refer to the Agent Configuration Utility for CDM/ASI Administrator Guide.
18 Use the checklist in "Verifying the Upgrade" on page 5-15 to confirm the upgrade’s success.
Note: InfiniStreamNG Qualified COTS appliances can also run GeoProbe software and provide data to
IrisView servers; refer to InfiniStreamNG (Geo Mode) Deployment Guide for a list of supported models and
instructions for installing GeoProbe software.
5-12 Upgrading Manually via Application Update

Upgrading Manually via Reimage
Manually upgrading an appliance via reimaging is a two-step process:
1 Reimage the system drive(s) with operating system software and drivers.
2 Reinstall the InfiniStreamNG application.
Reimaging upgrades can be performed at the appliance using the Restore/Operating System & Drivers
DVD or remotely using the HP iLO or Dell iDRAC interface. Reimaging an InfiniStreamNG appliance
does the following:
• Reimages the appliance’s system drive with new OS software and prepares it for
application installation.
• Preserves basic connectivity settings from previous installations (IP address, subnet mask,
and so on). This works reliably for most systems but may not always be successful with
older systems.
• During the operating system reimage, your data, configurations other than basic
connectivity settings (including properties files), and any applied patches are not preserved.
Before You Begin

Ensure that you have the appropriate Restore/Operating System & Drivers DVD or corresponding
restore image file.
Table 5-8 Restore ISO File for Specific Qualified COTS Servers
For this Qualified COTS server... Use this Restore/Operating System & Drivers DVD disk/file
HP ProLiant DL360 Gen9, DL380 Gen9, or (or with no platform indication)
DL560 Gen9 File on disc: ngenius-datasource-6xx0G-restore-64bit.iso
Dell PowerEdge R740xd or R940 Disc labeled: For "J" Platforms

HP ProLiant DL380 Gen10 or DL560 Gen10 File on disc: ngenius-datasource-6xx0J-restore-64Bit.iso
Before attempting to restore the appliance, record the following system information:
IP address:
Netmask:
Default Gateway:
Hostname:
Domain name:
Name Server(s):
Time Zone:
IP Address for iLO /iDRAC

Also, record the following agent settings:
• Config Server IP address
• Read/Write strings
• Duplex mode
• Software, interface, agent, security, and protocol menu options
• Any relevant Agent Configuration utility command line settings
Record the NTP configuration located in: /etc/ntp.conf and /etc/ntp/
For example:
[root@InfiniStreamNGSupp2 ~]# cat /etc/ntp.conf
server <IPaddress>
driftfile /var/lib/ntp/drift
[root@InfiniStreamNGSupp2 ~]# cat /etc/ntp/step-tickers
<IPaddress>
Upgrading by Reimaging Instructions

You can reimage the operating system on InfiniStreamNG appliances either locally or remotely by
mounting virtual media over the iLO/iDRAC interface. The preferred method is using a local console
connection, directly connecting a keyboard and monitor to the appliance. However, you can use the
remote restore procedures when physical access to the appliance is not feasible.
Important:
•Remote reimages are performed either over the web-based iLO/iDRAC interface. Remote
reimages using Telnet are not supported.
•Local reimages are performed by attaching a keyboard and monitor. Local reimages using a
terminal (such as HyperTerminal) attached to COM1 is not supported.
To upgrade an InfiniStreamNG appliance by reimaging, first perform the instructions in the

"Installing the Operating System and Drivers" on page 3-19 and then install the application using
the instructions in "Installing the InfiniStream Application" on page 3-20.
5-14 Upgrading Manually via Reimage

Verifying the Upgrade
After upgrading an appliance, the following techniques help you to verify that the system operates
properly:
 Connect to the IP address of your InfiniStreamNG appliance using an SSH client.
Verifying the Software Version

 Navigate to /opt/NetScout/rtm/bin, execute the ./localconsole command, and verify the
InfiniStreamNG software (CDM) version information shown at the top of the display.
 From the operating system command line, enter the following:
cat /opt/NetScout/rtm/pa/bin/decoderelease.properties
The screen outputs text similar to the following:
decodeengine.version = Version 6.0.1 Buildxxx
Make sure the build number matches the expected version.
Verifying Running Processes

 From the OS command line, navigate to the /opt/NetScout/rtm/bin directory and enter the
./PS command; verify the following processes are running:
user, pid, rss, vsz, pm, pc, command
root 1412 1660 27024 0.0 0.0 procmana
root 1413 1624 6472 0.0 0.0 tfaengin
root 1425 1788 28952 0.0 1.0 cleanupe
lighttp 1760 2176 58012 0.0 0.0 lighttpd
d
root 1419 3270961 3369240 24.7 2390 nsprobe
2 4
root 1426 1852 23192 0.0 0.0 paservic
When you enable InfiniStream Console support, you see the following
additional processes:
root 4568 1012 60509 0.0 0.0 ice_commd
root 4569 1827 22494 0.0 0.0 ice_admind
Verifying Agent Settings

 From the OS command line, navigate to the /opt/NetScout/rtm/bin directory and enter the
./localconsole command to verify you can open the Agent Configuration utility.
 From the Agent Configuration utility, choose the Interface Options menu option and verify that
all interfaces are displayed.
Verify nGeniusONE Connection

 Log into the nGeniusONE console, click on Configuration Manager and select Device
Configuration. Add the InfiniStreamNG appliance to the list of managed devices. Once the
InfiniStreamNG appliance is added, select it and click the Information or Remote Login buttons
to verify communication with the appliance.
Verifying NTP Configuration

 From the OS command line, enter the following command to verify correct NTP configuration:
ntpq -np

Verifying RPM Packages
 From the operating system command line, enter the following command:
rpm -qa | grep sox
Verify your InfiniStreamNG has the correct RPM package. Your system displays information
similar to the following:
sox-14.0.1-netscout.1.i386
Verifying Disk Information

df -h
Verify your InfiniStreamNG created the correct /asi, /xdr, /metadata and /flow partitions.
Your system displays information similar to the following:
Filesystem Size Used Avail Use% Mounted on
/dev/sda5 20G 8.2 11G 44% /
/dev/sda1 2.9G 124M 2.7G 5% /boot
/dev/sda3 2.9G 69M 2.7G 3% /home
/dev/sda2 2.9G 118M 2.7G 5% /var
tmpfs 12G 280K 12G 1% /dev/shm
/dev/sdb3 3.1T 2.4T 676G 79% /xdr
/dev/sdb5 25G 41M 99G 1% /metadata
/dev/sdb3 1.4T 33M 1.4TG 1% /flow
/dev/sdb4 47G 99M 47G 1% /asi
/dev/sdb1 22T 18T 4.3T 81% /data
Note: The packet store partition does not appear if you use NETSCOUT File System. Use the parted -s /dev/sdb
print command instead of df -h o view the /raw packet store partition.
ls -al /opt/NetScout/rtm/pa/
Verify /data is linked correctly. If your InfiniStreamNG appliance is configured with the default
NetScout File System (raw format), the output includes a line similar to the following:
lrwxrwxrwx 1 ngenius ngenius 9 2018-01-11 12:37 data -> /metadata
If your InfiniStreamNG appliance is configured as XFS, the output includes a line similar to the
following:
lrwxrwxrwx 1 ngenius ngenius 9 2018-01-11 12:37 data -> /data
Verifying System/RAID Health

 To verify the CPU, fans, and power supplies are healthy, access the system using the HP iLO or
Dell iDRAC remote management tools as described in "Connecting to the Appliance Remotely"
on page 3-3.
5-16 Verifying the Upgrade

Post Upgrade Tasks
When the InfiniStreamNG appliance is first installed, it is configured for use with nGeniusONE only. You
can use the Agent Configuration utility (localconsole) to change which consoles are supported.
Note: This step is only required if you plan to use the InfiniStream Console. Support for the
nGeniusONE is enabled by default.
1 Log into the appliance as the root user, and change directories as follows:
cd /opt/NetScout/rtm/bin/
2 Start the Agent Configuration utility with the following command:
./localconsole
3 Select the [9] Agent Options entry.
4 When the InfiniStreamNG appliance is first installed, it is configured for use with
nGeniusONE only (nGeniusONE Managed enabled). You can use the [9] Agent Options
menu to change which consoles are supported. Toggle flow collection for the [11]
InfiniStream Console Support and/or the [14] nGeniusONE Managed by entering the
corresponding option numbers. The appliance must have a /flow partition to be used with
the InfiniStream Console.
Important: The decision you make here directly affects performance. Simultaneous InfiniStream
Console and nGeniusONE/Performance Manager flow recording is supported. However, performance is
optimized when only one or the other is enabled.
Note: InfiniStream Console logins are not authenticated locally on the InfiniStreamNG appliance if the
appliance has both the InfiniStream Console and Performance Manager Console (nGeniusONE)
options enabled. If both consoles are enabled, the appliance automatically redirects InfiniStream
Console login attempts to the nGeniusONE server for authentication. If you have both consoles
enabled and want to use your existing InfiniStream Console user accounts, you must add these
accounts to the nGeniusONE user database.
5 Type exit to return to the command line.

6 Enter the following commands to stop and restart necessary services:
/opt/NetScout/rtm/bin/stopall
/opt/NetScout/rtm/bin/start
7 The agent will be reset and you can exit the command window.

5-18 Post Upgrade Tasks
Chapter 6
Performing System Maintenance
This chapter describes how to perform basic maintenance and troubleshooting tasks on a
InfiniStreamNG Qualified COTS appliance and contains the sections listed in Table 6-1.
Important: Do not apply any firmware, operating system patches, kernel upgrades, security patches, or
service packs to your InfiniStream appliance unless obtained directly from NetScout Systems.
Section Description
"Restarting the InfiniStreamNG Describes how to stop and then restart the InfiniStream software.
Application" on page 6-2
"Safely Powering Down the Describes how to properly power down the InfiniStreamNG appliance if you
System" on page 6-3 ever need to move the system or perform hardware maintenance on the
chassis.
"Managing Store and Trace Files Describes various strategies for monitoring and archiving the console store
on the InfiniStreamNG Appliance" and session trace files to avoid losing data stored on the InfiniStreamNG
on page 6-5 appliance.
"Removing an ASI Accelerator NIC" Describes how to remove the ASI NIC from your InfiniStreamNG appliance.
on page 6-4
6-1
Restarting the InfiniStreamNG Application
Some maintenance procedures require that you stop and then restart the InfiniStream appliance
(requires the root password).
1 Connect to the appliance as described in "Accessing the Appliance" on page 3-3.
2 Log in as root user to the operating system. The default login information is as follows:
Username: root
Password: netscout
3 Navigate to the /opt/NetScout/rtm/bin directory and enter the command:
./stopall
4 Wait until all processes stop before proceeding. The InfiniStream processes include the
following:
• procmana(ger)
• tfaengin(e)
• nsprobe
• paservic(e)
Depending on activity during runtime, the following additional processes can run:
dengine (up to 10) cleanupe(ngine)

httprepl(ay) replayen(gine)
idsengin(e) (up to 10) tfaexpor(t)
5 Use the ./PS command to verify that all processes have stopped. Manually kill any
remaining processes, if required. (The Xvfb process can continue to run.) For example:
pkill nsprobe
pkill cleanupe
6 When you are ready to restart the appliance, enter the command:
./start
7 Verify that all processes are running by entering ./PS at the command-line before
proceeding with any other actions related to InfiniStream software.
6-2 Restarting the InfiniStreamNG Application

Safely Powering Down the System
To power down the system (for example, to move the system or to perform routine maintenance),
follow the procedures described in this section.
Important: Powering down the system by simply pressing the power button on the front of the appliance
can compromise data integrity.
1 Verify that none of the disks displays a fast blinking red Disk Activity/Fault LED indicating
that the disk is being rebuilt in the RAID array. If the disk is rebuilding, wait for it to complete
before powering down the system.
2 When rebuilding is complete, verify that RAID array status is Normal.
3 After you determine that the RAID array is Normal, access the system using either a local
keyboard/monitor or using a physical terminal connection from a Windows client to COM1.
4 Log in to the appliance and enter the following command:
shutdown -h 0
The console displays:
The system is going down for system halt off NOW!
5 Power down your InfiniStream appliance. You can power cycle the appliance either locally
or remotely as described in "Connecting to the Appliance Remotely" on page 3-3. To power
down the appliance locally, do one of the following:
For a HP ProLiant server, perform the following steps:
a Press the Power On/Standby switch to Standby. This places the server in standby
mode, disabling the power supply output and providing auxiliary power to the
server. Standby does not completely disable or remove power from the system.
b Verify that the system LED indicator on the front panel, near the Power On/Standby
switch, is amber and that the fan noise has stopped.
c Disconnect the power cord(s) from the source, then from the server power supplies.
d (Optional) Disconnect any external peripheral devices from the server, including
external DVD drives.
For a Dell PowerEdge server, perform the following steps:
a Press the Power On Indicator/Button on the front panel of the sever.
b Verify that the system LED indicator on the front panel, near the Power On/Standby
switch, is amber and that the fan noise has stopped.
c Disconnect the power cord(s) from the source, then from the server power supplies.
Performing System Maintenance 6-3

Removing an ASI NIC
If you need to replace an ASI NIC in your InfiniStreamNG Qualified COTS appliance or return the NIC to
NETSCOUT, perform the following steps:
Important: Electrostatic discharge can damage electronic components. Be sure you are properly grounded
before touching any components in your server. A ground strap is provided in InfiniStreamNG 5000 Software
Appliance kits.
1 Power down the InfiniStreamNG appliance.

2 Disconnect each power cord from the server.
3 Remove all transceivers/cables connected to the ASI NIC.
4 If you have already installed the server in a rack, extend the server from the rack to gain
access.
5 Remove the chassis cover or access panel.
6 If the server is equipped with retainer bars or cages to hold expansion cards in place,
remove those devices.
7 Ensure that you are wearing a groundstrap or similar ESD protection and carefully remove
the ASI NIC from its slot. You may need to remove a screw that holds the card in place.
8 If necessary, replace the retainer bar or cage to hold the ASI NIC in place.
9 Replace the cover or access panel.
10 If necessary, slide the server back into place on the rack.
11 Reconnect the power cord and power up the server at this time.
For more detailed instructions for qualified platforms, refer to documents such as:
• HP DL360 Gen9, HP DL380 Gen9, or HP DL560 Gen9: “Expansion Board Options” section
of the Hardware Options Installation chapter of the HP ProLiant Server User Guide
• HP DL380 Gen10 or HP DL560 Gen10: “Installing Expansion Board Options” section of the
Installing Hardware Options chapter of the HP ProLiant Server User Guide
• Dell R430, R730xd or R830: “Expansion Cards and Expansion-Card Risers” section of the
Installing and Removing System Components chapter of the Dell PowerEdge Owner's
Manual
• Dell R740xd or Dell R940: Installing and Removing System Components chapter of the Dell
EMC PowerEdge Installation and Service Manual
6-4 Removing an ASI NIC

Managing Store and Trace Files on the InfiniStreamNG
Appliance
InfiniStream Console and nGeniusONE/Performance Manager Remote Packet Analysis use the
/metadata partition for data storage. For all but one case, you will need to manually manage the files
saved on the appliance. For the most part, these files are not archived off automatically. This section
briefly describes where the files are stored and the method you should use to monitor/manage the
space.
• InfiniStream Console and Performance Manager users can save mined remote trace
files on the InfiniStreamNG appliance’s /metadata partition instead of immediately
moving mined packets to the InfiniStream Console system or the nGeniusONE server,
respectively. The /metadata partition is required to use this feature, for both XFS and
NetScout File System formatted appliances.
• nGeniusONE Decode View/Performance Manager Remote Decode, available from
nGeniusONE, Performance Manager, and InfiniStream Console, stores transient session
data files in /data and /opt/NetScout/rtm/pa/data. With XFS formatted appliances, these
directories are automatically linked to a separate /data partition and creating a /metadata
partition is optional for using this feature. With NetScout File System (raw format)
appliances, however, these directories reside on the system partition, which could fill.
Upgrade or installation of NetScout File System configurations automatically creates links
to the /metadata partition to offset potential impact to system function and the
/metadata partition must exist to support this. Although decode files are automatically
removed when the decode session is closed, multiple simultaneous decode sessions can
create index files occupying up to 20 GB of space. For optimal protocol decode operations,
it is recommended to size /metadata to more than 25 GB.
InfiniStream Console / Performance Manager Trace Files

When the option is chosen to store trace files remotely, mined packets are stored on the appliance’s
/metadata partition under the /traces folder instead of retrieved to the console system or to the
nGeniusONE server.
Important: If you allocated the default/minimum /metadata partition size of 25 GB, it is strongly
recommended that you do not save remote trace files on the InfiniStreamNG appliance. These trace files
consume space on the partition and reduce the space available for the ASI metadata required for
nGeniusONE monitors and enablers.
The files are managed from within the InfiniStream Console or the Performance Manager Packet
Analysis interface, not from the operating system. For more details working with and managing these
trace files, refer to the InfiniStream Console User Guide or nGeniusONE’s online help topics on Packet
Analysis.
Performing System Maintenance 6-5

nGeniusONE Decode View/Performance Manager Remote Decode Session Files
nGeniusONE Decode View/Performance Manager Remote Decode stores transient session data files
in /data and in /opt/NetScout/rtm/pa/data. In cases where multiple users simultaneously perform
a decode for a single appliance (up to 8 allowed), the space consumed could reach 30-40G. With XFS
file system configurations, there is no affect to general system operation since the /data partition is
separate from the operating system. With NetScout File System (raw format) configurations, however,
/data is part of the partition that includes the operating system so the operating system function could
be affected by space constraints.
To offset this risk, upgrading or installing appliances configured for the NetScout File System
automatically creates links from /data to /metadata and from /opt/NetScout/rtm/pa/data. You are
not forced to create the /metadata partition, or to resize it during upgrade or installation. However,
if your environment may have multiple users simultaneously performing remote decodes from
nGeniusONE/Performance Manager to the same appliance, you should size the /metadata partition
to more than 25 GB. Note that changing file system type or resizing partitions results in the loss of all
existing packet data.
About Data Aging Defaults
The /opt/NetScout/rtm/bin/afmon.properties file defaults to 0, indicating that saved data will not
be aged until the partition begins to fill. These changes allow many systems to age their saved data
based on capacity rather than time, depending on traffic load.
6-6 Managing Store and Trace Files on the InfiniStreamNG Appliance

Appendix A
Network Listener Port Numbers
This appendix describes the network listener ports you will need to open in your firewall to support
communication between the InfiniStreamNG appliance and assorted applications, and to support use
of remote management tools. It also describes how to change the listener port used for nGeniusONE
server and InfiniStreamNG appliance communication and file transfers. This appendix contains the
following sections:
• "Communication Listener Ports Used with InfiniStreamNG Appliances" on page A-1
• "Remote Management Listener Ports" on page A-3
• "Assigning an Alternate Communication Listener Port" on page A-4
Communication Listener Ports Used with InfiniStreamNG Appliances

This section describes the listener ports required for basic use of the InfiniStreamNG appliance.
Table A-1 Communication Ports Used Between InfiniStreamNG Appliances and Other Devices
Port Source Destination Description
TCP/22 SSH Client InfiniStreamNG Appliance Remote access clients using Secure Shell (SSH) (for
UDP/22 example, PuTTY and WinSCP) typically use Port 22
TCP/53 InfiniStreamNG Appliance DNS Server DNS lookup port

UDP/53
UDP/69 nGeniusONE Server InfiniStreamNG Appliance TFTP port for InfiniStreamNG software and decode
pack upgrades
TCP/80 nGeniusONE Server InfiniStreamNG Appliance • nGeniusONE server and InfiniStreamNG appliance
• HTTP Tunneling (if used)
TCP/80 InfiniStream Console InfiniStreamNG Appliance InfiniStream Console decode service

Client
UDP/123 InfiniStreamNG Appliance NTP Server Network Time Protocol (NTP)
UDP/161 nGeniusONE Server InfiniStreamNG Appliance SNMP between nGeniusONE server and
InfiniStreamNG appliance - often replaced by HTTPS
(port 8443) for more secured communication
UDP/162 nGeniusONE Server InfiniStreamNG Appliance SNMP Traps between nGeniusONE server and
InfiniStreamNG appliance
UDP/395 nGeniusONE Server InfiniStreamNG Appliance NETSCOUT Trap (NETCP) between nGeniusONE server
and InfiniStreamNG appliances
TCP/443 nGeniusONE Server InfiniStreamNG Appliance Secure datamining and data export between
nGeniusONE server and InfiniStreamNG appliances
TCP/1099 nGeniusONE Server InfiniStreamNG Appliance Default RMI ports used by nGenius Performance
Manager
TCP/4242 InfiniStream Console InfiniStreamNG Appliance InfiniStream Console connections to InfiniStreamNG

appliance (this port is automatically disabled if the
InfiniStream Console is not enabled in the Agent
Configuration utility)
A-1
Table A-1 Communication Ports Used Between InfiniStreamNG Appliances and Other Devices (Continued)
Port Source Destination Description
TCP/3306 nGenius Voice | Video InfiniStreamNG Appliance Database port used for nGenius Voice | Video Manager
UDP/3306 Manager
TCP/8080 InfiniStreamNG Appliance nGeniusONE Server When the InfiniStreamNG appliance is configured to
use nGeniusONE authentication, this port is used to
transmit the username and password, and to retrieve
slice size and the user role.
TCP/8080 nGeniusONE Server InfiniStreamNG Appliance HTTP between nGeniusONE server and InfiniStreamNG
appliance
TCP/8443 nGeniusONE Server InfiniStreamNG Appliance HTTPS between nGeniusONE server and
InfiniStreamNG appliance
Note: Refer to the nGeniusONE Server Administrator Guide for detailed information on network
requirements for communication between nGeniusONE clients and nGeniusONE servers. “Accessing the
nGeniusONE Server From Outside a Firewall” in the nGeniusONE online help for details on configuring
HTTP tunneling when deploying the nGeniusONE server behind a firewall. HTTP tunneling greatly reduces
the number of ports required to be opened between the nGeniusONE client and nGeniusONE server.
A-2 Communication Listener Ports Used with InfiniStreamNG Appliances

Remote Management Listener Ports
Approved HP and Dell platforms for InfiniStreamNG Qualified COTS software appliances provide an
interface for remote management. The tables below lists the ports you need to open to support
communications between a console client computer and the InfiniStreamNG appliance to use the
following standard services:
• Access to the web-based iLO (HP) or iDRAC (Dell) interface.
• Access to the interface’s remote console interface (virtual KVM session).
• Mounting virtual media through the remote console interface.
Web-based remote access interfaces also provide other secondary services not used during standard
operation of the InfiniStreamNG appliance (SMTP, SNMP, RCMP+, and so on). If you do enable these
services, the corresponding ports must also be opened.
Table A-2 Client/Server Remote Management Ports
Destination
Source Destination Listener Port Description
iLO Client (HP InfiniStreamN TCP/22 SSH

Servers) G Appliance
TCP/80 HTTP Web server (non-SSL)
UDP/161 SNMP
TCP/161
TCP/443 HTTPS Web server (SSL)
TCP/17988 Virtual media
TCP/17990 Remote console
iDRAC Client InfiniStreamN TCP/22 SSH

(Dell Servers) G Appliance
TCP/23 Telnet
TCP/80 HTTP Web server (non-SSL)
UDP/161 SNMP
TCP/161
TCP/443 HTTPS Web server (SSL)
UDP/623 RMCP/RMCP+
TCP/5900 Virtual Console keyboard and mouse

redirection, Virtual Media, Virtual
Folders, and Remote File Share
TCP/5901 VNC
Network Listener Port Numbers A-3

Assigning an Alternate Communication Listener Port
Communication between the nGeniusONE server and InfiniStreamNG appliances typically takes place
over listener port 80. In some network environments, this may be blocked by security devices because
it is not seen as HTTP traffic. Use the following procedure to change the listener port used for these
communications and file transfers.
Note: Use a higher-numbered listener port that is not already in use by a standard, well-known
application. Also ensure the new listener port is open in your firewall.
Reconfigure the nGeniusONE Server Listener Port
Important: All InfiniStreamNG appliances connected to this nGeniusONE server will communicate via the
new listener port. You must reconfigure each InfiniStreamNG appliance that is managed by the nGeniusONE
server for successful communications using the new listener port.
In this step you will edit the serverprivate.properties file on the nGeniusONE server.
1 Log in to the nGeniusONE server as root.
2 Navigate to /opt/NetScout/rtm/bin.
3 Open the serverprivate.properties file in a text editor (for example, the vi text editor).
4 Add the following property to the serverprivate.properties file, where the <portnum> is the
number of the new listener port:
engineprocmanager.connect.portnum=<portnum>
5 Save and exit the serverprivate.properties file.
6 Navigate to /opt/NetScout/rtm/html.
7 Add the following property to the client.properties file, where the <portnum> is the number
of the new listener port:
engineprocmanager.connect.portnum=<portnum>
8 Save and exit the client.properties file.
9 Return to the /opt/NetScout/rtm/bin directory. Stop processes using the following
command:
./stop
10 Run the ./PS command to list any running processes and manually kill any that remain. For
example:
pkill nsprobe
11 Run the following command to flush the IP tables and recognize the new listener port:
/sbin/iptables -I INPUT -p tcp --dport <portnum> -m state --state NEW,ESTABLISHED
-j <ACCEPT/REJECT>
12 Restart processes using the following command:
./start
You are now ready to reconfigure the InfiniStreamNG appliance.
Note: This procedure only modifies the port used for communication between InfiniStreamNG
appliances and the nGeniusONE server. Changing the properties file values does not modify the IP
listener used for HTTP communication between console clients and the nGeniusONE server. To
modify the port used for client-to-nGeniusONE server communication, access the Server
Configuration utility in nGeniusONE and change the Web port number for this nGeniusONE server.
Refer to the nGeniusONE online Help for details.
A-4 Assigning an Alternate Communication Listener Port

Reconfigure the InfiniStreamNG Appliance Listener Port
In this step you will edit the /opt/NetScout/rtm/bin/start1 file on the InfiniStreamNG appliance.
1 Log in to the InfiniStreamNG appliance with root privileges, either locally or in an SSH window.
2 Navigate to /opt/NetScout/rtm/bin.
3 Open the start1 file in a text editor (for example, the vi text editor).
4 Locate the following line in the file:
NSPROCPORT=80
5 Change the "80" listener port number to the port number you assigned to the PM Server
portnum parameter in the serverprivate.properties file in step 4 of the above procedure.
6 Save and exit the start1 file.
7 While still in the /opt/NetScout/rtm/bin directory, stop processes using the following
command:
./stopall
8 Run the ./PS command to list any running processes and manually kill any that remain. For
example:
pkill nsprobe
9 Run the following command to flush the IP tables and recognize the new listener port:
/sbin/iptables -I INPUT -p tcp --dport <portnum> -m state --state NEW,ESTABLISHED
-j <ACCEPT/REJECT>
10 Restart processes using the following command:
./start
Network Listener Port Numbers A-5

A-6 Assigning an Alternate Communication Listener Port
NETSCOUT SYSTEMS, Inc.
310 Littleton Road
Westford, MA 01886-4105
Tel. 978 614-4000
888-999-5946 © 2020 NETSCOUT SYSTEMS, Inc. All rights reserved.
Fax 978-614-4004 733-1216 Rev. C
E-mail info@netscout.com
Web www.netscout.com

ISNG QualCOTS v6x AG 733-1216

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ISNG QualCOTS v6x AG 733-1216

Uploaded by

Copyright:

Available Formats

InfiniStreamNG Qualified COTS Software Appliance v6.

NETSCOUT SYSTEMS, INC.

Copyright © NETSCOUT 2009-2020. All rights reserved.

InfiniStreamNG Qualified COTS Software Appliance v6.x Administrator Guide

Telephone: In the US, call 888-357-7667; outside the US, call

Education and Training

Chapter 1 Product Overview

Scope of this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Chapter 2 Preparing the Hardware

Verifying Site Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

Chapter 3 Installing InfiniStreamNG Appliance Software

Accessing the Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Chapter 4 Customizing the InfiniStreamNG Appliance

Accessing the InfiniStreamNG Appliance using SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Chapter 5 Upgrading or Restoring InfiniStreamNG Software Appliances

Upgrade Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

Chapter 6 Performing System Maintenance

Restarting the InfiniStreamNG Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Appendix ANetwork Listener Port Numbers

Communication Listener Ports Used with InfiniStreamNG Appliances . . . . . . . . . . . . . . . . . . . . . . A-1

Scope of this Document

Approved Platforms for InfiniStreamNG Qualified COTS Appliances

1-2 About InfiniStreamNG Qualified COTS Appliances

Remote Management Port

Product Overview 1-3

1-4 InfiniStreamNG Qualified COTS Software Kit Contents

Table 2-1 Sections in this Chapter

Determine that your environment

Provide packet capture interfaces by

Attach network cables for system

Attach cables for network

(OPTIONAL) Expand storage capacity

Connect the server to either an AC or

Once the hardware is prepared,

Figure 2-1 Hardware Preparation Workflow

Preparing the Hardware 2-3

Caution: Electrostatic discharge can damage electronic components.

1 If necessary, power down the server.

Table 2-2 Recommended NETSCOUT ASI Slot Locations

4 x 10 Gigabit NIC 2 x 40 Gigabit NIC

HP DL360 Gen9 Slot 1 N/A

DL380 Gen9 Slot 2 Slot 5 on riser1

DL560 Gen9 Slot 3 Slot 1 or 2

DL380 Gen10 Slot 2 on primary Slot 2 on primary

DL560 Gen10 Slot 2 Slot 2

Dell R430 Slot 1 N/A

R730xd Slot 5 Slot 4

R740xd Slot 1 on riser 3 Slot 1 on riser 3

R830 Slot 1 or 2 Slot 1 or 2

R940 Slot 2 Slot 2

R940xa Slot 2 on left riser Slot 2 on left riser

1. In order to provide slot 5, HP DL380 Gen9 servers need to be equipped with a HP

2. To support bifurcation on 40 Gigabit ASI NICs, HP DL380 Gen10 servers should be

2-4 Installing the ASI NIC

Connecting Management Ports

Preparing the Hardware 2-5

Manage Dedicated Remote

Dedicated Remote Manage

2-6 Connecting Management Ports

Dedicated Remote Manage Manage Use the nGApplianceConfig script to

Dedicated Remote Manage Manage

Preparing the Hardware 2-7

Manage Remote Manage Use the nGApplianceConfig script to