OverviewAfter creating a new application to classify traffic, it is possible that only some of the expected traffic is using the new application definition.
Example: setting an Application called "Mail Server" for all traffic going to/from 10.0.0.5, but when checking Real Time monitor for the host 10.0.0.5, not all of the traffic is classified as "Mail Server".
CauseAny new flows which are not being tracked should classify as the newly setup application.
However, to use a new classification for traffic, the Exinda will not re-classify any existing data flows. If an existing data flow is classified as the old application, it will have to stop completely for up to an hour so that the session is removed from the Exinda. Then if the flow starts again after an hour, it should be using the correct application.
An example of this would be a persistent VPN connection. That kind of data flow can last uninterrupted for weeks, so it will continue to use the application it was originally classified as when the flow started.
ResolutionThere are 2 ways to reclassify existing traffic:
1) Prevent the traffic flow for an entire hour
2) Reboot the Exinda to clear any current sessions which are saved