Analyze Lync Traffic

This procedure explains how to view Lync traffic in your network environment with an ExtraHop system.

Note:You must be able to access the ExtraHop Admin UI, which requires a user account with full system privileges.

Add SSL decryption key and protocols

  1. From the ExtraHop Admin UI, in the System Configuration section, click Capture.
  2. Click SSL Decryption.
  3. In the SSL Decryption Keys section, click Add Keys.
  4. In the Add PEM Certificate and RSA Private Key section, on the Add SSL Keys page, type the following information:

    Name: A user-friendly name for the key that you're adding.

    Certificate: The certificate information for your Lync server.

    Private Key: The private key information for your Lync server.

  5. Click Add.
  6. In the Encrypted Protocols section, click Add Protocol.
  7. In the Add Encrypted Protocol section, click the Protocol drop-down and select SIP.
  8. From the Key drop-down, select the private key you added previously in step 4.
  9. In the Port field, type 5061
  10. Click Add.
  11. Repeat steps 6-10 and add HTTP as an encrypted protocol. The port number for HTTP is 443.

Next steps

Return to the ExtraHop Web UI and view the RTP, RTCP, and SIP pages for applications and devices of interest. Metrics that include Lync traffic are included.

For more information about adding SSL decryption keys, refer to the Capture section of the ExtraHop Admin UI Guide.

Published 2017-12-11 19:17