Cisco Tetration Policy Analysis

The Policy Analysis feature analyses the effectiveness of policies by analysing all the traffic flow into, out of, and within the application, to compare published policies to actual traffic.

This policy analysis relates to Policy 4 (p4):

Detailed info for Misdropped, Escaped, Rejected and Permitted flows. Click any line in the detailed flow to show the information that is available – specifically pointing out the Flow Details and Quick Policy Analysis.

Permitted displays the flows that should have been permitted by the policy and in fact were permitted by the policy, indicating that the policy is working correctly.

Misdropped flows refers to flows that were dropped by network, but should have been allowed by the policy. A lot of misdropped flow could indicate degrading network equipment, bursts occurring that are resulting in application timeouts, or a policy implemented that is not allowing the flow.

Escaped flows are flows that were allowed by the network, but should have been dropped by the network according to the policy. The Escaped flows will have to be investigated to determine whether they are desired or not. If it is desired, the network operator will have to whitelist those flows.

Rejected flows are flows that are rejected by the network and should have been rejected, meaning that the policy is working correctly. The environment is very dynamic, and many environments use Dynamic Port Utilization. Sometimes flow that should be allowed will be rejected by the network.

Share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *