Idea Details

Preserve connection detail data in the IP History records

Last activity 06-13-2019 10:04 AM
Steve Beerman's profile image
01-03-2017 05:13 PM

Currently IP History records get most of its information from the SMF INIT and TERM records. While this can provide for lots of good information there is some information missing, such as whether the connection is secured when using SSL, since using SSL doesn't provide any indication of SSL status within the TERM SMF record.  If the connection is using AT-TLS then the SMF TERM record does have that information therefore all is good. 

This SSL secured information is known to the packet analyzer and if one looks at connection detail information within the connection lists, one can see not only detailed 'Security Information', but other more specific connection as captured by the packet analyzer such as retransmissions and fragmentations.   

This idea requests that additional packet analyzer information is combined with the SMF TERM record thus the detailed connection information is preserved and can be used to search IP connection historical information for this new information. In particular, the SSL information is of great desire.


Comments

01-02-2019 07:00 PM

Extra information was added to NetMaster TCPIP 12.2 via

Use zERT Data to Help Enhance Application Security

IP History

  • Connection Events: zERT-related details
    Also, for ease of use, Connection Events includes all INIT/TERM command types in one record.     

Originally supplied in  PTF SO00328SO00329, and SO00330