Packeteer
Packeteer devices collect, aggregate, and store network performance data.
After you configure an external flow source for Packeteer, you can send flow information from a Packeteer device to IBM® QRadar®.
Packeteer uses a connection-less protocol (UDP). When data is sent from a switch or router, the Packeteer record is purged. Because UDP doesn't guarantee delivery of the data, inaccurate presentations of both traffic volumes and bidirectional flows, and reduced alerting capabilities might result when using a Packeteer flow source.
Packeteer flow source configuration
To configure Packeteer as an external
flow source, you must do the following tasks:
- Ensure that the appropriate firewall rules are configured.
- Ensure that you configure Packeteer devices to export flow detail records, and configure the Flow Collector as the destination for the data export.
- Ensure that the appropriate ports are configured for your Flow Collector.
- Ensure that the class IDs from the Packeteer devices can automatically be detected by the Flow Collector.