Skip Headers
Oracle® Enterprise Manager System Monitoring Plug-in Metric Reference Manual for Network Management
10g Release 2 (10.2.0.2)

Part Number B28750-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

2 Juniper Netscreen Firewall Metrics

This chapter provides descriptions for all Juniper Netscreen Firewall metric categories, and tables list and describe associated metrics for each category. The tables also provide user actions if any of the metrics for a particular category support user actions. Shaded rows represent key columns for a particular category.

Address Resolution Protocol (ARP) Configuration Metrics

The metrics in this category provide general information about the configuration of ARP protocol on the firewall instance.

Default Collection Interval — Every 24 hours

Table 2-1 ARP Configuration Metrics

Metric Description

ARP Always on Destination

Directs a Netscreen device to always perform a lookup to learn a destination MAC address.

ARP Cache Update

Defines whether ARP cache will be updated in a predefined time interval.


Address Resolution Protocol (ARP) Mappings Metrics

The metrics in this category provide information about all the ARP entries existing in a NetScreen device.

Default Collection Interval — Every hour

Table 2-2 ARP Mappings Metrics

Metric Description

Index (key column)

Unique value for the ARP table. Its value ranges between 0 and 65535 and cannot be continuous.

Entry ARP Queue

ARP entry package queue.

Entry Age

Age of an ARP entry.

Entry Retry Time

Time after which an entry in the cache should be updated.

Entry State

Possible values are:

1 — Pending 2 — Valid 3 — Delete 4 — Static

IP Address

Unique address used by devices to identify and communicate with each other on the network.

Interface Location

Interface location on the firewall.

MAC Address

MAC address of the interface. This address is permanently assigned to the interface.

Virtual System Name

Virtual system name to which this entry belongs.


Division of Attacks Metrics

The metrics in this category provide information about the firewall protection configuration on each physical interface related to various possible attacks.

Default Collection Interval — Every 15 minutes

Table 2-3 Division of Attacks Metrics

Metric Description

Zone Name (key column)

Unique zone ID.

Rate of Address Sweep Attack

Rate of address sweep attack on the zone.

Rate of Attacks on Interface

Rate of total attacks on the selected zone.

Rate of ICMP Flood Attack

Rate of ICMP flood attack on the zone.

Rate of IP Spoof Attack

Rate of IP spoof attack on the zone.

Rate of IP Src Route Attack

Rate of IP source route attack on the zone.

Rate of Land Attack

Rate of land attack on the zone.

Rate of Ping of Death Attack

Rate of ping of death attack on the zone.

Rate of Port Scan Attack

Rate of port scan attack on the zone.

Rate of SYN Attack

Rate of SYN attack on the zone.

Rate of Tear Drop Attack

Rate of teardrop attack on the zone.

Rate of UDP Flood Attack

Rate of UDP flood attack on the zone.

Rate of Win Nuke Attack

Rate of Win nuke attack on the zone.

Virtual System

Virtual system name that the zone belongs to.


Dropped Packets Division on the Firewall Metrics

The metrics in this category provide information about dropped packet counters of the interface.

Default Collection Interval — Every 30 minutes

Table 2-4 Dropped Packets Division on the Firewall Metrics

Metric Description and User Action

Index (key column)

Interface index.

Name (key column)

Interface name.

IP Address (key column)

Interface IP address.

Rate of Packet Drops Due to Authentication Failure

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to Denial by Policy

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to Denial by SA Policy

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to IPSec Encryption Failure

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to Inactive SA

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to No Policy with SA

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to No SA Found for Incoming Policy

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to Traffic Management

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to Traffic Management Queue

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Packet Drops Due to URL Blocking

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Rate of Total Packet Drops on Interface

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Virtual System ID

Virtual system name that the interface belongs to.


Firewall CPU Utilization Metrics

The metrics in this category provide information about the average percentage of CPU utilized in the last 5 minutes.

Default Collection Interval — Every 5 minutes

Table 2-5 Firewall CPU Utilization Metrics

Metric Description and User Action

Avg. Firewall CPU Utilization (%)

Percentage of CPU utilization in the last five minutes. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the load on the firewall and your network conditions.


Firewall Memory Utilization Metrics

The metrics in this category provide information about the percentage of memory being used by the firewall processes.

Default Collection Interval — Every 5 minutes

Table 2-6 Firewall Memory Utilization Metrics

Metric Description and User Action

Allocated Memory

Memory on the host dedicated to the firewall.

Firewall Memory Utilization (%)

A large memory consumption causes the entire system to slow down. To analyze what is causing the problem, use the Solaris "top" system command and observe any firewall processes that appear to be consuming an excessive percentage of memory.

Memory Fragment

Amount of fragmented firewall memory.

Memory Left

Amount of memory available for use on the firewall.

Overall Memory (Physical + Swap)

Total memory on the firewall.


Interface Traffic Metrics

The metrics in the this category provide information about the rate at which traffic flows into and out of the firewall.

Default Collection Interval — Every 35 minutes

Table 2-7 Interface Traffic Metrics

Metric Description and User Action

Index (key column)

Interface index.

Name (key column)

Interface name.

IP Address (key column)

Interface IP address.

Rate of Total KiloBytes In

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Rate of Total KiloBytes Out

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Rate of Total Packets In

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Rate of Total Packets Out

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Rate of Total VLAN Packets In

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Rate of Total VLAN Packets Out

The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the bandwidth of the interfaces.

Virtual System ID

Virtual system ID that the interface belongs to.


Netscreen Firewall Traffic Information Per Policy Metrics

The metrics in this category provide information about the traffic counters of a specific policy.

Default Collection Interval — Every hour

Table 2-8 Netscreen Firewall Traffic Information Per Policy Metrics

Metric Description and User Action

Policy ID

Each policy is identified by a unique policy ID.

Total Bytes Per Sec

Rate of bytes crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Total Packets Per Sec

Rate of packets crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.

Total Sessions Per Sec

Rate of sessions crossing the policy per second. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on your network conditions.


Network Interfaces Configuration Metrics

The metrics in the Network Interfaces Configuration category provide information about the operational status of the interface.

Default Collection Interval — Every 30 minutes

Table 2-9 Network Interfaces Configuration Metrics

Metric Description and User Action

Index (key column)

Interface index.

Name (key column)

Interface name.

IP Address (key column)

Interface IP address.

Interface Internal ID

Internal ID assigned to this interface. It remains persistent across resets.

Interface Status

If the value of this metric is Down, no data is currently passing through this interface.


Policy Settings Metrics

The metrics in this category collect all the policy configuration information that exists in the Juniper Network device.

Default Collection Interval — Every 12 hours

Table 2-10 Policy Settings Metrics

Metric Description

Differentiated Services

System for tagging traffic at a position within a hierarchy of priority.

Schedule

By associating a schedule to an access policy, you can determine when the access policy is in effect.

Status

Shows the status of one policy entry.

Traffic Priority

Traffic priority for this policy.

Traffic Shape

You can set parameters for the control and shaping of traffic for each access policy.


Response Metrics

The metrics in the Response category provide information about that status of the firewall host.

Table 2-11 Response Metrics

Metric Description

Firewall Status

Has a value of 1 if the Management Agent is up and running. If the value is not 1, the managed target is down, and you may need to start the managed firewall.

TCP Ping, Milliseconds

Amount of time in milliseconds to ping the firewall. The threshold values for this metric are set for low network load conditions. You can provide a higher value for the warning and critical thresholds based on the load on your network.


Session Information Metrics

The metrics in this category provide information about the number of allocated and failed sessions on the firewall. The sessions are related to TELNET, FTP, HTTP, and so forth.

Default Collection Interval — Every 15 minutes

Table 2-12 Session Information Metrics

Metric Description and User Action

Allocated Sessions

Number of allocated sessions.

Failed Sessions

Number of failed sessions. The default warning and critical threshold values for this metric are not set. You can set values for these thresholds based on the load on the firewall and your network conditions.

Max. Sessions

Maximum number of sessions.


URL Filter Configuration Metrics

The metrics in this category provide information about URL filtering parameters on the firewall, which block or permit access to different sites based on their URLs, domain names, and IP address.

Default Collection Interval — Every 24 hours

Table 2-13 URL Filter Configuration Metrics

Metric Description

Communication Timeout

Communication timeout threshold of URL filtering.

Block Message Type

URL filter block message type.

Blocked Message

NetScreen device blocked message.

Current Server Status

Status of the current server.

URL Filtering

When URL filtering is enabled on a policy, the NetScreen device buffers all HTTP GET requests (in traffic to which the policy applies) and sends the URL to the Websense server.

Way of Handling Requests

Method of handling HTTP requests if connectivity to the Websense server is lost.

Websense Server Name

Name of the Websense server.

Websense Server Port

Port for the Websense server.