Oracle® Enterprise Manager System Monitoring Plug-in Metric Reference Manual for Network Management 10g Release 2 (10.2.0.2) Part Number B28750-01 |
|
|
View PDF |
This chapter provides descriptions for all Juniper Netscreen Firewall metric categories, and tables list and describe associated metrics for each category. The tables also provide user actions if any of the metrics for a particular category support user actions. Shaded rows represent key columns for a particular category.
The metrics in this category provide general information about the configuration of ARP protocol on the firewall instance.
Default Collection Interval — Every 24 hours
The metrics in this category provide information about all the ARP entries existing in a NetScreen device.
Default Collection Interval — Every hour
Table 2-2 ARP Mappings Metrics
Metric | Description |
---|---|
Index (key column) |
Unique value for the ARP table. Its value ranges between 0 and 65535 and cannot be continuous. |
Entry ARP Queue |
ARP entry package queue. |
Entry Age |
Age of an ARP entry. |
Entry Retry Time |
Time after which an entry in the cache should be updated. |
Entry State |
Possible values are: 1 — Pending 2 — Valid 3 — Delete 4 — Static |
IP Address |
Unique address used by devices to identify and communicate with each other on the network. |
Interface Location |
Interface location on the firewall. |
MAC Address |
MAC address of the interface. This address is permanently assigned to the interface. |
Virtual System Name |
Virtual system name to which this entry belongs. |
The metrics in this category provide information about the firewall protection configuration on each physical interface related to various possible attacks.
Default Collection Interval — Every 15 minutes
Table 2-3 Division of Attacks Metrics
Metric | Description |
---|---|
Zone Name (key column) |
Unique zone ID. |
Rate of Address Sweep Attack |
Rate of address sweep attack on the zone. |
Rate of Attacks on Interface |
Rate of total attacks on the selected zone. |
Rate of ICMP Flood Attack |
Rate of ICMP flood attack on the zone. |
Rate of IP Spoof Attack |
Rate of IP spoof attack on the zone. |
Rate of IP Src Route Attack |
Rate of IP source route attack on the zone. |
Rate of Land Attack |
Rate of land attack on the zone. |
Rate of Ping of Death Attack |
Rate of ping of death attack on the zone. |
Rate of Port Scan Attack |
Rate of port scan attack on the zone. |
Rate of SYN Attack |
Rate of SYN attack on the zone. |
Rate of Tear Drop Attack |
Rate of teardrop attack on the zone. |
Rate of UDP Flood Attack |
Rate of UDP flood attack on the zone. |
Rate of Win Nuke Attack |
Rate of Win nuke attack on the zone. |
Virtual System |
Virtual system name that the zone belongs to. |
The metrics in this category provide information about dropped packet counters of the interface.
Default Collection Interval — Every 30 minutes
Table 2-4 Dropped Packets Division on the Firewall Metrics
Metric | Description and User Action |
---|---|
Index (key column) |
Interface index. |
Name (key column) |
Interface name. |
IP Address (key column) |
Interface IP address. |
Rate of Packet Drops Due to Authentication Failure |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to Denial by Policy |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to Denial by SA Policy |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to IPSec Encryption Failure |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to Inactive SA |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to No Policy with SA |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to No SA Found for Incoming Policy |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to Traffic Management |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to Traffic Management Queue |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Packet Drops Due to URL Blocking |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Rate of Total Packet Drops on Interface |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Virtual System ID |
Virtual system name that the interface belongs to. |
The metrics in this category provide information about the average percentage of CPU utilized in the last 5 minutes.
Default Collection Interval — Every 5 minutes
Table 2-5 Firewall CPU Utilization Metrics
Metric | Description and User Action |
---|---|
Avg. Firewall CPU Utilization (%) |
Percentage of CPU utilization in the last five minutes. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the load on the firewall and your network conditions. |
The metrics in this category provide information about the percentage of memory being used by the firewall processes.
Default Collection Interval — Every 5 minutes
Table 2-6 Firewall Memory Utilization Metrics
Metric | Description and User Action |
---|---|
Allocated Memory |
Memory on the host dedicated to the firewall. |
Firewall Memory Utilization (%) |
A large memory consumption causes the entire system to slow down. To analyze what is causing the problem, use the Solaris "top" system command and observe any firewall processes that appear to be consuming an excessive percentage of memory. |
Memory Fragment |
Amount of fragmented firewall memory. |
Memory Left |
Amount of memory available for use on the firewall. |
Overall Memory (Physical + Swap) |
Total memory on the firewall. |
The metrics in the this category provide information about the rate at which traffic flows into and out of the firewall.
Default Collection Interval — Every 35 minutes
Table 2-7 Interface Traffic Metrics
Metric | Description and User Action |
---|---|
Index (key column) |
Interface index. |
Name (key column) |
Interface name. |
IP Address (key column) |
Interface IP address. |
Rate of Total KiloBytes In |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Rate of Total KiloBytes Out |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Rate of Total Packets In |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Rate of Total Packets Out |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Rate of Total VLAN Packets In |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Rate of Total VLAN Packets Out |
The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces. |
Virtual System ID |
Virtual system ID that the interface belongs to. |
The metrics in this category provide information about the traffic counters of a specific policy.
Default Collection Interval — Every hour
Table 2-8 Netscreen Firewall Traffic Information Per Policy Metrics
Metric | Description and User Action |
---|---|
Policy ID |
Each policy is identified by a unique policy ID. |
Total Bytes Per Sec |
Rate of bytes crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Total Packets Per Sec |
Rate of packets crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
Total Sessions Per Sec |
Rate of sessions crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions. |
The metrics in the Network Interfaces Configuration category provide information about the operational status of the interface.
Default Collection Interval — Every 30 minutes
Table 2-9 Network Interfaces Configuration Metrics
Metric | Description and User Action |
---|---|
Index (key column) |
Interface index. |
Name (key column) |
Interface name. |
IP Address (key column) |
Interface IP address. |
Interface Internal ID |
Internal ID assigned to this interface. It remains persistent across resets. |
Interface Status |
If the value of this metric is Down, no data is currently passing through this interface. |
The metrics in this category collect all the policy configuration information that exists in the Juniper Network device.
Default Collection Interval — Every 12 hours
Table 2-10 Policy Settings Metrics
Metric | Description |
---|---|
Differentiated Services |
System for tagging traffic at a position within a hierarchy of priority. |
Schedule |
By associating a schedule to an access policy, you can determine when the access policy is in effect. |
Status |
Shows the status of one policy entry. |
Traffic Priority |
Traffic priority for this policy. |
Traffic Shape |
You can set parameters for the control and shaping of traffic for each access policy. |
The metrics in the Response category provide information about that status of the firewall host.
Table 2-11 Response Metrics
Metric | Description |
---|---|
Firewall Status |
Has a value of 1 if the Management Agent is up and running. If the value is not 1, the managed target is down, and you may need to start the managed firewall. |
TCP Ping, Milliseconds |
Amount of time in milliseconds to ping the firewall. The threshold values for this metric are set for low network load conditions. You can provide a higher value for the warning and critical thresholds based on the load on your network. |
The metrics in this category provide information about the number of allocated and failed sessions on the firewall. The sessions are related to TELNET, FTP, HTTP, and so forth.
Default Collection Interval — Every 15 minutes
Table 2-12 Session Information Metrics
Metric | Description and User Action |
---|---|
Allocated Sessions |
Number of allocated sessions. |
Failed Sessions |
Number of failed sessions. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the load on the firewall and your network conditions. |
Max. Sessions |
Maximum number of sessions. |
The metrics in this category provide information about URL filtering parameters on the firewall, which block or permit access to different sites based on their URLs, domain names, and IP address.
Default Collection Interval — Every 24 hours
Table 2-13 URL Filter Configuration Metrics
Metric | Description |
---|---|
Communication Timeout |
Communication timeout threshold of URL filtering. |
Block Message Type |
URL filter block message type. |
Blocked Message |
NetScreen device blocked message. |
Current Server Status |
Status of the current server. |
URL Filtering |
When URL filtering is enabled on a policy, the NetScreen device buffers all HTTP GET requests (in traffic to which the policy applies) and sends the URL to the Websense server. |
Way of Handling Requests |
Method of handling HTTP requests if connectivity to the Websense server is lost. |
Websense Server Name |
Name of the Websense server. |
Websense Server Port |
Port for the Websense server. |