Home
Installation, Deployment, and Upgrade
Installing Unica Discover involves planning and preparing your environment, installing and configuring prerequisite software, obtaining the Unica Discover installation files, and running the Unica Discover installer.
Discover Network Capture Application Manual
Discover Network Capture Application Overview
Network Capture Application from Discover captures and records the complete interaction between the visitor and the web application environment by using a network tap or network switch spanning port. The Network Capture Application software features the following benefits:
TCP Connections
The Unica DiscoverNetwork Capture Application requires to monitor the start of all TCP connections. If TCP persistent connections are enabled, then the DNCA is able to reassemble hits from in-progress connections.

Installation, Deployment, and Upgrade
Installing Unica Discover involves planning and preparing your environment, installing and configuring prerequisite software, obtaining the Unica Discover installation files, and running the Unica Discover installer.
- Installation and Deployment Manual
- Discover Network Capture Application Manual
  - Discover Network Capture Application Overview
    Network Capture Application from Discover captures and records the complete interaction between the visitor and the web application environment by using a network tap or network switch spanning port. The Network Capture Application software features the following benefits:
    - Security and Administration
      The Network Capture Application software is highly controlled and secured. It is bound to the capture host workstation and can operate without a public interface. All administration functions can be conducted by a Secure Shell (SSH) client program.
    - SSL Support
      The Network Capture Application software provides full support for SSL (HTTPS) transactions.
    - Deployment architecture overview
      DNCA consists of software that is running on a host, which directly connects to the collection device, a network tap, or switch spanning port. The data flow from the collection device to the host workstation is unidirectional; the host only receives data passively.
    - Software architecture
      The Network Capture Application uses the following services to perform the capture process.
    - Multiple Instances
      In both TLB mode and non-TLB mode, the DNCA can be configured to initiate multiple instances of listend and reassd processes to use multiple CPU cores to handle high capture traffic loads.
    - DNCA Transparent Load Balancing Overview
      The DNCA can be configured for Transparent Load Balancing (TLB) which provides the ability to transparently segment and distribute network capture traffic.
    - Maintenance program
      The DNCA software includes a maintenance program that runs as the root user through the workstation's cron service.
    - Third-party software
      The Network Capture Application software installation packages include the following third-party packages:
    - Formatted commands for readability
      Linux™ commands are formatted specially for display purposes. The following examples explain how some of the commands might be formatted to improve the readability of the content.
    - DNCA Traffic Requirements
      The following requirements are needed for mirroring network traffic and forwarding it to the DNCA for capture.
    - Basic traffic requirements
      For proper operation, the DNCA requires that the mirrored network traffic is of high integrity and quality.
    - TCP Connections
      The Unica DiscoverNetwork Capture Application requires to monitor the start of all TCP connections. If TCP persistent connections are enabled, then the DNCA is able to reassemble hits from in-progress connections.
      - Duplicate Data
        Each instance of the Unica DiscoverNetwork Capture Application must feed data that is unique within Unica Discover.
    - Sources of network traffic quality issues
      If you are having network traffic issues, review the following issues to help isolate the problem.
    - Measuring dropped packets
      The DNCA provides several metrics to help identify dropped network packet conditions. These metrics are only data points to help to assess likely causes for dropped packets.
  - Installing the Network Capture Application
    The following instructions can be used to assist the installation of your Network Capture Application software.
  - Configuring the DNCA
    The Unica Discover Network Capture Application can be configured through a web-based console or through the configuration files that are stored on the DNCA server. The following information guides you on how to configure the DNCA.
  - Upgrade for DNCA
    It is recommended that you always use the latest version of the Unica Discover Network Capture Application suitable for your version of Unica Discover.
  - Packet Forwarder Overview
    The Packet Forwarder is used to capture and forward hits to a cloud-based DNCA that is operating on a virtual machine.
  - SSL Keys
    For decrypting transmissions by using the SSL protocol, the Unica Discover Network Capture Application must be provided the SSL keys in use in the transaction stream.
  - Performance Measurement
    Performance measurement provides details on the Network Capture software performance and timestamp measurements.
  - Configuring DNCA on Red Hat Enterprise Linux™ (RHEL)
    The following sections contain important information for configuring DNCA in a Red Hat Enterprise Linux™ environment:
  - DNCA monitoring
    You can monitor the passive capturing to diagnose performance issues.
  - Overview of DNCA maintenance
    The maintenance utility performs routine maintenance and logging tasks for Discover DNCA. You can use the utility to help maintain the ability of the DNCA to perform DNCA.
  - DNCA frequently asked questions (FAQ)
    The following content contains frequently asked questions or scenarios that can be used to help isolate or fix an issue with your Network Capture Application.
  - Downloading Privacy Configuration
  - Enabling web console access through a single IP address
    You can specify a single IP address which can access the web console. Limiting access to a single IP address helps to prevent unauthorized access through an unknown system.
  - Applying authentication when accessing the web console
    You can improve security by enabling authentication to the web console.
- Unica Discover Session Archiving Installation Guide
  As you prepare for an installation, you need to gather some items, review hardware and software requirements, and then you can perform the installation.
- Discover Upgrade Manual

TCP Connections

The Unica DiscoverNetwork Capture Application requires to monitor the start of all TCP connections. If TCP persistent connections are enabled, then the DNCA is able to reassemble hits from in-progress connections.

Please check with your IT team to see whether TCP persistent connections is enabled in the IT infrastructure. Individual TCP persistent connections can be used by multiple visitors to your web application. It can also be deployed by a load balancer such as an F5 network device, a front-end proxy such as an Akamai server, or the web server itself.

For SSL sessions, pooling SSL transactions is considered an optimization. However, SSL pooling transactions to a set of TCP persistent connections can cause issues, which prevent these sessions from being decrypted. If a new SSL session is not seen to allow the DNCA to cache the SSL session ID information, then any subsequent SSL sessions that reuse the session ID cannot be decrypted.

In such an environment, connections can persist up to 24 hours, which introduces a latency in the capture of sessions when the DNCA is installed, upgraded, or rebooted. There can be possible workarounds or compromise configuration settings on the source network devices which can mitigate the latency period.

For more information, contact your IT team.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.