Is there a way to better manage discovered port classes?
Last Updated May 13, 2017
The sys limit command shows very few traffic classes and matching rules available. The discovered ports classes have little traffic at all and do not appear to offer much value.
Is there a way to manage discovered ports so they do not consume so many traffic classes and matching rules?
By setting a higher threshold for the Static Ports (or in the CLI, DiscoveryThresholdPort) system variable, it will take more flows on a particular port before a DiscoveredPort class is created.
This variable controls the number of new connections to a particular port within a one-minute timeframe before PacketWise creates a Port_#### class in the DiscoveredPorts folder.
It may be necessary to increase this value on Internet link deployments to prevent excessive number of DiscoveredPorts classes being created. If you don’t want any Port_#### classes discovered, set this variable to its maximum value.
The default value is 100 flows per minute. You can increase it up to 1000000. You should select the value based on how many flows you have in the network. Start with at least 500.