Storage

From Allegro Network Multimeter Manual
Jump to navigation Jump to search

General

The Allegro Network Multimeter allows for internal or external storage device(s) to be connected.

Such HDD- or SSD-based storage devices, serve the following purposes:

  • Ring Buffer: Allows for network traffic recording (partial or 100%) onto a fixed size ring buffer/circular buffer (FiFo)
  • Storage: Allows for the creation of a dedicated storage partition, for saving and storing pcap files onto the local device
  • Network traffic replay and analysis of data recorded onto the ring buffer
  • Retroactive filtered packet capturing, from network traffic data residing in the ring buffer. see -> Capture module
Storage.png

Managing storage devices

The Allegro Network Multimeter supports disks formatted with an ext4 filesystem and will only use the first partition of each disk.

If a compatible disk is attached, a dialog will show up and offer to activate the disk as a storage device. As of version 3.6, multiple storage devices can be active at the same time. The active storage device for which the properties and contents are shown can be selected at the top of the 'Storage' page. Next to the drop-down menu there is a little pen icon which allows to set an alternative name for the storage device (which is displayed e.g. in the capture dialog).

The 'Storage' page will show stats about the selected device as well as the contents.

If an unformatted disk or a disk with an incompatible file system is attached, it will show up on the Storage page where it can be formatted using the Format button displayed next to the device's type and size. After formatting the disk, it will be automatically activated for use as storage device.

For securing your data, Allegro Network Multimeter supports the use of AES256 disk encryption.

To encrypt a storage device with AES256 disk encryption, (re)format the disk and enable the AES256 disk encryption option in the on-screen menu.


Disk formatting and encryption.png


If an active storage device is to be disconnected from the Allegro Network Multimeter, the deactivate button on the storage page can be used to deactivate the storage device.

The page will then show that the respective storage device has become unactive. Now, the device can be disconnected safely.

Secure erase

For security reasons, the "Securely erase content" button, allows for special formatting algorithms to wipe your disk(s).

Everything on the disk is overwritten with randomly generated patterns, making attempts to recover data (near to) impossible.

Allegro Packets utilizes the sata (extended) secure erase instruction set, for sata disks that support it.

For NVME type SSD's, Allegro Packets utilizes the "Cryptographic Erase" instruction set.

NOTE: The erasing may take several hours, depending on the size and the speed of the disk. After the secure erase process, a disk needs to be formatted before use.

File storage

The Allegro Network Multimeter will initially show the top level directory of the storage partition. By clicking on a directory name the view can be switched to the contents of that sub-directory. This will also show the path of the current directory above the table along with a button that allows to change back to the parent directory.

The following actions for files and directories are available through the following buttons in the same row:

  • Analyze PCAP or Analyze all PCAP files: will be shown for packet capture files or directories respectively. If Analyze PCAP is pressed, the Allegro Network Multimeter will either reset all statistics and start analyzing the packet capture file or enables to start a parallel PCAP analysis if this is configured (see Parallel packet processing). Progress, statistics and the option to resume normal operation will appear at the top of the Storage page. Analyze all PCAP files will do the same thing but for all packet capture files residing in the directory together (see the Analyze selected PCAP files together button description).
  • Webshark preview: will be shown for packet capture files and, if pressed, opens a Wireshark-like preview of the file.
  • Rename: will open a dialog that allows to rename the file or directory.
  • Delete: removes the file or directory with all its contents from the storage device.
  • Download: starts a browser download of this file.

The New directory button opens as dialog that can be used to create a new sub-directory in the currently shown directory. Sub-directories can be used as target for storing packet captures (see Capture settings dialog).

The Select or drop file area along with the Upload file button allows to upload a file to the current directory.

The Analyze selected PCAP files together button will start analyzing all packet capture files, that have been marked with the checkbox at the start of the row, together. This will happen in a mergecap-style fashion so that the packet capture files are merged based on packet timestamps. Progress will be shown at the top of the page for every file separately.

WebDAV

The Network Multimeter also provides access to the storage contents via WebDAV.

For this, use the Connect to server or Connect to a network drive function on your computer and use the link https://<host name>/webdav.

The credentials are the same as of the web interface. Use the admin account to access the files on the storage device.

WebDAV is supported natively by all current operating systems.

If you have connection problems due to SSL certificate issues under Windows you may try 3rd party tools with WebDAV support.

Operating system Usage Notes
Windows In third-party tools with webdav support:

enter URL

https://<hostname or ip>/webdav

Standard windows explorer does not accept self-signed certificates.

Use a third-party tool to use webdav!

Linux In file manger, enter URL

davs://<hostname or ip>/webdav

System usually asks to accept the certificate and that asks for username and password.
MacOS Open Finder, select menu "go to -> connect to server".

Enter "https://<hostname or ip>/webdev"

System usually asks to accept the certificate and that asks for username and password.


iSCSI

Configure iSCSI device.png

A remote iSCSI target can be used as a storage device.

The iSCSI target must be reachable over the management network connection.

To add an iSCSI target as storage device use the Configure iSCSI device button which is visible on the Storage page when no storage device is currently activated.

In the displayed dialog you must enter the host which can be an IP address or host name and may include a port number (e.g. 'storageServer:3260').

You must also enter the iSCSI Qualified Name (IQN) of the iSCSI target on the iSCSI host.

Using authentication like CHAP is optional and if no authentication is to be used the User and Password` fields can be left empty.

After confirming the dialog by pressing the Configure button the iSCSI storage device will show up in the storage device list after a few seconds.

The Allegro Network Multimeter will also try to activate a configured iSCSI target automatically after system startup.

Once an iSCSI device has been configured the device can be modified or removed using the Modify iSCSI device and Remove iSCSI device buttons on the Storage page.

Only one iSCSI device can be used at a time.