Applicable for: Secure Access Service MAG Series Junos Pulse Gateway Access Control Service. Juniper Networks SNMP Monitoring Guide



Similar documents
Network Configuration Example

Simple Network Management Protocol

Junos Pulse for Google Android

Junos Pulse Secure Access Service

Monitoring QNAP NAS system

SNMP Critical Resource Monitoring

Network Monitoring with SNMP

Integrated Network Monitoring

Network Connect Performance Logs on MAC OS

Synology DiskStation

Configuring and Implementing A10

Network Connect & Junos Pulse Performance Logs on Windows

JUNOScope IP Service Manager

NMS300 Network Management System

Maintaining Non-Stop Services with Multi Layer Monitoring

Converting SSG 300M-series and SSG 500M-series Security Devices to J-series Services Routers with a USB Storage Device

SNMP Monitoring Guide

Juniper Networks Management Pack Documentation

HP LeftHand SAN Solutions

Pulse Policy Secure. Monitoring and Troubleshooting. Product Release 5.1. Document Revision 1.0. Published:

Junos Space. Service Now User Guide. Release Published: Copyright 2013, Juniper Networks, Inc.

Network Configuration Example

Junos Pulse Mobile Security Dashboard. User Guide. Release 4.2. February 2013 Revision , Juniper Networks, Inc.

Nimble OS SNMP Reference Guide

Deploying the BIG-IP LTM with the Cacti Open Source Network Monitoring System

MONITORING RED HAT GLUSTER SERVER DEPLOYMENTS With the Nagios IT infrastructure monitoring tool

SystemWatch SM. Remote Network Monitoring

TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER. Configuring your Update Server

TECHNICAL NOTE INSTALLING AND CONFIGURING ALE USING A CLI. Installing the Adaptive Log Exporter

OnCommand Unified Manager

Cisco WebEx Node Management System. Administrator s Guide

1 Data Center Infrastructure Remote Monitoring

Introduction to the Junos Operating System

Features Overview Guide About new features in WhatsUp Gold v14

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

SNMP Monitoring and SWG MIB

WhatsUp Gold vs. Orion

How To Use The Correlog With The Cpl Powerpoint Powerpoint Cpl.Org Powerpoint.Org (Powerpoint) Powerpoint (Powerplst) And Powerpoint 2 (Powerstation) (Powerpoints) (Operations

RPM Utility Software. User s Manual

Network Monitoring with SNMP

Monitoring Your Network

How To Gather Log Files On A Pulse Secure Server On A Pc Or Ipad (For A Free Download) On A Network Or Ipa (For Free) On An Ipa Or Ipv (For An Ubuntu) On Your Pc

User s Manual. Version January EVS SNMP Monitoring

Installing, Uninstalling, and Upgrading Service Monitor

Nimsoft Monitor. NetApp FlexPod Monitoring Best Practices Key Alarms and Threshold Settings

Feature Comparison: idrac 7 & 8 and idrac8 License Chart

orrelog SNMP Trap Monitor Software Users Manual

Quick Installation Guide For Sensors with Cacti

Command Center :56:41 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Remote Network Monitoring Software for Managed Services Providers

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Hitachi File Services Manager Release Notes

A Brief. Introduction. of MG-SOFT s SNMP Network Management Products. Document Version 1.3, published in June, 2008

OMNITURE MONITORING. Ensuring the Security and Availability of Customer Data. June 16, 2008 Version 2.0

.Trustwave.com Updated October 9, Secure Web Gateway SNMP Monitoring and SWG MIB

How to Use SNMP in Network Problem Resolution

Junos OS. DDoS Protection Configuration Guide. Release Published: Copyright 2012, Juniper Networks, Inc.

Junos OS. DDoS Protection Configuration Guide. Release Published: Copyright 2012, Juniper Networks, Inc.

MANAGING NETWORK COMPONENTS USING SNMP

Introduction to Junos Space Network Director

Pervasive PSQL Vx Server Licensing

WHITE PAPER. ClusterWorX 2.1 from Linux NetworX. Cluster Management Solution C ONTENTS INTRODUCTION

ServerView Inventory Manager

NetScaler Logging Facilities

Using esxtop to Troubleshoot Performance Problems

VMware vcenter Log Insight Administration Guide

my forecasted needs. The constraint of asymmetrical processing was offset two ways. The first was by configuring the SAN and all hosts to utilize

- 1 - SmartStor Cloud Web Admin Manual

Network Monitoring & Management Introduction to SNMP

MONITORING EMC GREENPLUM DCA WITH NAGIOS

Creating Cacti FortiGate SNMP Graphs

Vital Security Web Appliances NG-1100/NG-5100/NG How to Use Simple Network Management Protocol (SNMP) Monitoring

orrelog Ping Monitor Adapter Software Users Manual

System performance monitoring in RTMT

This section describes how to set up, find and delete community strings.

SmartView Monitor. R77 Versions. Administration Guide. 21 May Classification: [Protected]

11.1. Performance Monitoring

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Using SNMP with Content Gateway (not V-Series)

How to Set Up Your NSM4000 Appliance

Nagios introduction. Dhruba Raj Bhandari (CCNA) Additions by Phil Regnauld.

Installing and Configuring the Intel Server Manager 8 SNMP Subagents. Intel Server Manager 8.40

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with the Nagios Open Source Network Monitoring System

Setting up an icap Server for ISG- 1000/2000 AV Support

Monitoring Network Elements

How To Use Trustwave Secure Web Gateway On A Linux System (Amd64) With A Libbb) On A Windows (Amd32) Or Windows 7 (Amd86) (Amd66) (Or Windows 7

Online Help StruxureWare Data Center Expert

After you have created your text file, see Adding a Log Source.

Who is my SAP HANA DBA? What can I expect from her/him? HANA DBA Role & Responsibility. Rajesh Gupta, Deloitte. Consulting September 24, 2015

Heroix Longitude Quick Start Guide V7.1

Network and Security. Product Description. Product Overview. Architecture and Key Components DATASHEET

OnCommand Unified Manager 6.3

SolarWinds Technical Reference

Reboot the ExtraHop System and Test Hardware with the Rescue USB Flash Drive

Release Notes for RingMaster Version (MR1)

Identity-Based Application and Network Profiling

Best Practices for Monitoring Cisco Unity Devices with Cisco Unified Operations Manager

Transcription:

Applicable for: Secure Access Service MAG Series Junos Pulse Gateway Access Control Service Juniper Networks SNMP Monitoring Guide

Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 408-745-2000 www.juniper.net Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785. Juniper Networks SNMP Monitoring Guide Copyright 2012, Juniper Networks, Inc. All rights reserved. Printed in USA. Juniper Networks, Inc. 2

Table of Contents Juniper Networks SNMP Monitoring Guide... 1 OVERVIEW... 4 PROCEDURE... 4 COMMON OBJECTS FOR SNMP MONITORING OF MAG/SA DEVICES... 4 Juniper Networks, Inc. 3

OVERVIEW This document describes guidelines for SNMP monitoring of Secure Access devices health and stability. The MIB OIDs and functions in the tables provided are from the Juniper Networks MIB and UC Davis MIB. Most objects explained in this document are also included in the Juniper SA/MAG/IC Software Administration Guide. The Juniper Networks MIB has all the necessary objects that can be used for monitoring most of the components while the UCD MIBs has a few useful objects and is added for information. Standard SNMPv2 MIB is also supported but not included in this document. PROCEDURE 1. Download the Juniper Networks MIB from the device Admin UI SNMP page. This has most of the objects for MAG/SA SNMP monitoring (See NOTES below). 2. To monitor system statistics, such as memory utilization, load the UC-Davis MIB file into the SNMP manager application. ou can obtain the MIB file from: http://net-snmp.sourceforge.net/docs/mibs/ucd-snmp-mib.txt 3. Install the MIBS to monitor your device and use the OIDs described in the tables shown later in this document. NOTES SMMPv2 standard MIB and the UCDavis MIB are supported, but most of the needed objects for monitoring stabiity are already available through the Juniper Networks MIB downloadable from the Admin UI SNMP page. Safe and critical values are essentially guides to assist in establishing some monitoring. Adjustments may be necessary depending on configurations to be done on the devices but most of the values are known best practice values and recommendations. COMMON OBJECTS FOR SNMP MONITORING OF MAG/SA DEVICES Below are most of the objects that can be used for monitoring the health of an SA or MAG system. NOTE: A full list of objects can be found in the 7.3 admin guide (pages 903-907) located at http://www.juniper.net/techpubs/software/ive/admin/j-sa-sslvpn-7.3-adminguide.pdf Juniper Networks, Inc. 4

JUNIPER MIB: COMPONENT OID DESCRIPTION TRAP POLL MORE INFORMATION USERS.1.3.6.1.4.1.12532.2.0 Number of signed-in web users Monitors users connected and uses the web feature. health: informational only..1.3.6.1.4.1.12532.12.0 Total number of users logged in to the SA node Monitors the number of users in this node that are logged in. health: informational only. 1.3.6.1.4.1.12532.13.0 Total number of users logged in to the Cluster Monitors the number of users in the cluster that are logged in. This number counts towards the user licenses. health: informational only..1.3.6.1.4.1.12532.251.6 Maximum number of concurrent users signed in.1.3.6.1.4.1.12532.9.0 The number of concurrent meeting users Traps based on Admin UI settings (see Figure 1). Setting determined by the administrator. Critical trap to inform that the user license limit is reached. Monitors the number of secure meeting users connected. This number counts towards Secure Meeting license, cannot be queried and accessed for notification only via trap. health: informational. Juniper Networks, Inc. 5

.1.3.6.1.4.1.12532.251.17 Concurrent meeting count over license limit Traps based on Admin UI settings (see Figure 1). Setting determined by the administrator. Critical trap to inform that the user license limit is reached. MEMOR.1.3.6.1.4.1.12532.11.0 The Memory Utilization of the IVE system Depending on the load and features used: <90% is normal 90-95% is high but not necessarily an issue ACTION: Start monitoring swap 95-99% is very high but not necessarily will cause immediate issue ACTION: Start monitoring swap.1.3.6.1.4.1.12532.251.21 IVE memory utilization above threshold Traps based on Admin UI settings (see Figure 1) See also above for safe usage. ACTIONS: Set the Memory trap setting in UI to very high (95% to 99% as Linux systems can use most of physical memory and does not fully indicate issues. Start monitoring swap for usage when trap starts to be generated. **SEE NOTES.1.3.6.1.4.1.12532.24.0 The Swap Utilization of the IVE system 0% is normally what swap usage should be. From 5% of swap usage, it needs monitoring ACTION: If swap starts to be Juniper Networks, Inc. 6

.1.3.6.1.4.1.12532.251.23 IVE swap utilization above threshold utilized, get logs. **SEE NOTES Same as above ACTION: Recommended to set to 5%. When trapping starts, get logs. **SEE NOTES CPU.1.3.6.1.4.1.12532.10.0 The CPU Utilization of the IVE system Depending on the load and features used: <50% is usually normal Above or steady at 80%, especially during peak times, may indicate load issue. 100% is abnormal and needs investigation Sudden jump leading to 100% is not normal when it does not come down within few minutes. CPU of 100% steady is not normal. ACTION: Check usage, throughputs from graphs and re-evaluate capacity. Get logs. **SEE NOTES.1.3.6.1.4.1.12532.251.22 IVE CPU utilization above threshold Traps based on Admin UI settings (see screeshot*) See above for CPU values. It is recommended to not set CPU trap until the normal CPU usage is known. ACTION: If it is known, set CPU trap to default of 80% in admin SNMP page. If it traps at 80% consistently, get logs. See Figure 1 and NOTES Juniper Networks, Inc. 7

DISK.1.3.6.1.4.1.12532.25.0 Percentage of disk space ON LOGS later in this document. <80% is normal 80% and above needs close monitoring 90% and above is critical ACTION: If disk space percentage starts to go over 80%, gather logs See NOTES ON LOGS later in this document..1.3.6.1.4.1.12532.251.18 Disk space nearly full Traps based on Admin UI settings (see Figure 1) ACTION: Recommended to set to 90%. If it continously traps, start monitoring and gathering logs. See NOTES ON LOGS later in this document. Backup and delete logs immediately, delete all snapshots if seen. Clear out debuglogs if set to high value, call Juniper Support for assistance..1.3.6.1.4.1.12532.251.19 Disk space full Disk usage has gone 100%. This is a critical isue as this will eventually crash box. ACTION: Backup and delete logs immediately, delete all snapshots if seen. Clear out debuglogs if set to high value, call Juniper Support for assistance. Getting more logs may not work due to space exhausted. LOG.1.3.6.1.4.1.12532.1.0 Percentage of log file full This reading can help determine if archiving is Juniper Networks, Inc. 8

needed or modified. health: informational..1.3.6.1.4.1.12532.251.4 Log file nearly full This reading can help determine if archiving is needed or modified. health: informational.1.3.6.1.4.1.12532.251.5 Log file full Log file has reached 100% and full. Inidication that log settings may need to be reviewed or archiving settings needed to be modified. health: informational only. TEMPERATURE.1.3.6.1.4.1.12532.42.0 The Temperature of MAG application blade This is a critical information for stability of the chassis/blades < 75 deg C is normal From 70 deg C, monitor temperature closely as a precaution 75 deg C and above is not normal and will fire a trap ACTION: Check admin UI temperature to confirm, check other blades as well, check fans and status of LEDs, get outputs from CMC CLI (if used) commands to get status of each blades and alarms. Call Juniper support..1.3.6.1.4.1.12532.251.35 IVE Temperature is above threshold This is a critical trap Traps at 75 deg C ACTION: Check admin UI temperature to confirm, Juniper Networks, Inc. 9

check other blades as well, check fans and status of LEDs, get outputs from CMC CLI (if used) commands to get status of each blades and alarms. Call Juniper support. POWER SUPPLIES.1.3.6.1.4.1.12532.251.27 The status of the power supplies has changed This is a critical trap to know fan status, which is any of the following: "Both the power supplies are back up" "One of the power supplies has failed" ACTION: Investigate further and call Juniper support. FANS.1.3.6.1.4.1.12532.251.26 The status of the fans has changed HARD DRIVES.1.3.6.1.4.1.12532.251.28 The status of the RAID has changed This is a critical trap to know fan status, which is any of the following: Fan N is running above threshold (xyz RPM) Fan N is running below threshold (xyz RPM) "Both the fans are back up" "Both the fans have failed" "One of the fans has failed" ACTION: Investigate further and call Juniper support. This is a critical trap to know RAID status, which is any of the following: "The RAID status is OK" "The RAID status is recovering" "The RAID status is unknown" Juniper Networks, Inc. 10

"The RAID status is failed" ACTION: Investigate further and call Juniper support. NETWORK INTERFACES.1.3.6.1.4.1.12532.251.33 The Internal interface has gone down, reason is in nicevent This is a critical trap ACTION: Investigate further.1.3.6.1.4.1.12532.251.34 The Management interface has gone down, reason is in nicevent This is a critical trap ACTION: Investigate further.1.3.6.1.4.1.12532.251.31 The External interface has gone down, reason is in nicevent This is a critical trap ACTION: Investigate further UC DAVIS MIB: COMPONENT OID DESCRIPTION TRAP POLL MORE INFORMATION MEMOR.1.3.6.1.4.1.2021.4.11.0 Total Available Memory on the host.1.3.6.1.4.1.2021.4.4.0 Available Swap Space on the host. Compared to Juniper MIB, this reads size in Bytes or Mbytes so it needed to be converted to percentage. Depending on the load and features used (% of total memory of system): <90% is normal 90-95% is high but still fine ACTION: Start monitoring swap 95-99% is very high but not necessarily will cause immediate issue ACTION: Start monitoring swap Compared to Juniper MIB, this reads size in Bytes or Mbytes. Can be computed in Juniper Networks, Inc. 11

percentage, like Juniper MIB: From 5% of swap usage, it needs monitoring 0% is normally what swap usage should be. ACTION: If swap starts to be utilized, get logs. See NOTES ON LOGS later in this document. CRITICAL/MAJOR EVENTS Monitoring Critical and Major events augments the polling and trapping values obtained from the available OIDs supported in the system. There are log messages that are important to monitor as well, and both Critical (Level 10) and Major (Level 8-9) are available for use in SNMP monitoring. The list of logs can be obtained from Juniper Networks Technical Support. Some examples are: SS10047 SystemStatus ClusterMsg InternalInterfaceDown 10 internal NIC down. SS10049 SystemStatus ClusterMsg ExternalInterfaceDown 10 external NIC down. SS10051 SystemStatus ClusterMsg InternalGatewayDown 10 internal gateway '%1' unreachable. SS10053 SystemStatus ClusterMsg ExternalGatewayDown 10 external gateway '%1' unreachable. ERR20643 SystemError Misc RestartSvc 10 Watchdog restarting services (%1). Watchdog restarting %1 processes ERR30431 SystemError Misc RestartProcesses 10 (%2). The Critical Log events and Major Log events can be included in SNMP monitoring by checking the options in the SNMP page as shown in Figure 1. Figure 1: Screenshot of SNMP Options: Juniper Networks, Inc. 12

NOTES ON LOGS: Log needed at the minimum from the SA or IC devices or MAG blades: System snapshot (Troubleshooting > System Snapshot > (select to include debuglog and configs) > Take snapshot) SA/MAG logs (Log/Monitoring > Events logs > Save all logs) Screenshot of the cockpit graph detailing issue time and readings without cropping (showing date information) Juniper Networks, Inc. 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information