[an error occurred while processing this directive]

SolutionPack for Cisco Firewall Summary Sheet – Service Assurance Suite 9.4

Table of Contents

Overview

Learn how to install and configure the SolutionPack for Cisco Firewall. This SolutionPack provides unified monitoring of all the Cisco ASA/PIX devices distributed in the network.

The SolutionPack for Cisco Firewall enables you to do the following:
  • Verify the load session both for IKE Phase 1 and IPSec Phase 2 VPN tunnels.
  • Verify the firewall efficiency by monitoring the packet rate and connections, so you can demonstrate gains and fine-tune your device configuration.
  • Monitor the Cisco ASA/PIX devices in real-time to pro-actively optimize your services availability.
  • Understand your device activity, for example, listing which Cisco ASA opens the most firewall connections, as well as activity peak times and more.
  • Collect and interpret data across multiple Cisco ASA devices to perform resource grouping and mathematical calculations making performance information readily available.
Back to Top

Technical specifications

SolutionPack version

1.0

Compatible EMC M&R versions

6.5u1 and later

Data collection method

SNMP collector

Supported MIBs

CISCO-CRYPTO-ACCELERATOR-MIB.mib

CISCO-IPSEC-FLOW-MONITOR-MIB.mib

OLD-CISCO-INTERFACES-MIB.mib

CISCO-FIREWALL-MIB.mib

CISCO-REMOTE-ACCESS-MONITOR-MIB.mib

Supported devices

Cisco ASA 5500 Series

Cisco PIX 500 Series

Main reports

Session Failure %
Shows a Session Failure graph over a period of time for each polled firewall.
Firewall CPU Usage %
Shows a CPU Usage graph over a period of time for each polled firewall.
Firewall with Most Connections
Provides a TopN Firewall graph showing a firewall with the highest number of connections over a selected time period.
Firewall Summary
Provides summaries of the Availability %, CPU Usage %, Session Load %, and Number of Connections of firewall devices.
Inventory
Displays the inventory (count only) of the Cisco Firewall network.
Performance Scorecard
Reports on firewall hardware availability for memory, CPU, interface, units, disk, and power.
Situations to Watch
Displays critical and major interface errors, such as half open connections and session bottlenecks, for each polled firewall.

Back to Top

Where to find the latest SolutionPack software

Install the latest core software update for your product suite. SolutionPacks distributed with core software have a 30-day free evaluation period. If you plan to use the software longer than 30 days, you must install a SolutionPack license before the trial period ends.

This 30-day free evaluation only applies to new installations and is not available for upgraded installations. If you upgrade the core software and want to try a new SolutionPack, you must request a license for that SolutionPack by completing a Support Request (SR) form, which is available on the EMC Online Support website at http://support.emc.com.

Back to Top

Installing a SolutionPack

After you log in as an administrator, you can install a SolutionPack from Centralized Management.

Before you begin

Procedure

  1. Log in to the EMC M&R platform with your user name and password.
  2. Select Administration.
  3. Select Centralized Management.
  4. Select SOLUTIONPACK CENTER.
  5. Select the SolutionPack in the Browse and Install SolutionPacks screen.
  6. Read the summary information and click Install.
  7. Select the components to install.
    1. Type the instance name.
    2. Select the server in one or more list boxes. For example, select the server in the Data collection and Reports list boxes.
    3. Click Next.
  8. For each list box you select, a screen appears.
    1. Click Next after you complete each screen.
    2. Click Install after you complete the last screen.
    The installation process begins.
  9. Select the maximize arrow next to each component to view the installation process.
    When the installation successfully completes, green checkmarks appear.
  10. After the installation is complete, select Centralized Management > SolutionPack to verify the installed SolutionPack.
Back to Top

Configuring SNMP device discovery

An SNMP collector discovers the capabilities that you configure for a device. You can use a seed file to import a list of device definitions or manually add and configure devices.

Procedure

  1. Navigate to Administration in the EMC M&R platform.
  2. Click Modules > SNMP Device Discovery.
    A Dashboard appears where you add new SNMP collectors and devices as well as add devices to existing SNMP collectors.
  3. To add an SNMP collector, click Collectors > New Collector.
    1. Specify the required information for the SNMP collector.
    2. Under Import Options, select all options except Lock collector current capabilities.
    3. Click Save.
  4. To upload a seed file, click Device Sources > New Seed File Device Source.
    For information about defining a seed file, click Documentation on SNMP Device Discovery – EMC M&R.
    1. Type the main parameters and click Save.
    2. Under the Seed File tab, click Upload new definition seed file.
    3. Navigate to the seed file and click Ok.
    4. Click Save.
  5. To manually add devices, click Devices > New Device.
    1. On the New Device window, click each tab and type the required information for the device.
      On the Main parameters tab, make sure you specify Firewall for Device Type.
    2. Click Save on each tab.
  6. Select the device that you just added and click the Approve action, which is the checkmark.
  7. On the Dashboard, do the following:
    1. Click Import devices from all enabled device sources.
    2. Click Discover capabilities from all approved devices.
    3. Click Distribute all approved devices with capabilities on all enabled collectors.
    4. Click Send the generated configurations on all available collectors.
      Green indicators appear on the Dashboard after successful executions of the above functions.
Back to Top

Confirming report creation

After you install a SolutionPack, you can view its reports.

To view the reports:

Procedure

  1. Go to User Interface > Report Library.
  2. Click the SolutionPack to view its reports.

Results

It may take up to an hour to display all relevant information in these reports.

Back to Top

Troubleshooting

Report display problems

Back to Top

What to do if data does not appear in any reports

Procedure

  1. After the completion of at least three collection cycles, verify if data is populating into the reports. If there is still no data in the reports, continue to the next step.
  2. Run the scheduled task to import data into reports. If there is still no data in the reports, continue to the next step.
  3. To view the log files for errors, go to Centralized Management and click Collecting > Collector-Manager::<instance name> > Log Files.
Back to Top

Running a scheduled task to import data into reports

After you push a new configuration into a collector, a scheduled task runs and populates the reports with new data. You can manually run the scheduled task to import the data more quickly.

Before you begin

Allow at least three polling cycles to pass before manually running the scheduled task.

Procedure

  1. Click Administration.
  2. Click Centralized Management.
  3. Expand Scheduled Tasks.
  4. Click Database.
  5. Select the import-properties-Default task.
  6. Click Run Now.
  7. Confirm success in running the task in the Last Result and Last Result Time columns.
Back to Top

What to do if data does not appear in some reports

Procedure

  1. Run the scheduled task to import data into reports. If there is still no data in the reports, continue to step 2.
  2. Search for the metric in the database.
  3. To view the log files for errors, go to Centralized Management and click Collecting > Collector-Manager::<instance name> > Log Files.
Back to Top

Searching for metrics in the database

You can verify that a metric is being collected and used for reporting when you search and find the metric in the database.

Procedure

  1. Go to the Administration page.
  2. Under Modules, click Management of Database Modules.
  3. On the Metric Selection page, create the filter, type the number of results, and select the properties to display for the metric.
    For example, to list up to 100 results of the SignalWait Time metric with the properties of device and IP, type name=='SignalWaitTime' in the Filter field, 100 in the Maximum results field, and select device and IP for the Properties to show.
  4. Click Query.
    A list of the metric results appears. If nothing displays, the metric is not being collected.
Back to Top

Viewing collector errors in the Collector-Manager log files

Review the Collector-Manager log files to troubleshoot problems with data collection.

Procedure

  1. Click Administration.
  2. Click Centralized Management.
  3. Expand Collecting.
  4. Click the Collector-Manager for your collector instance.
    Collector-Manager::<Collector-Manager instance> - <physical_host_ID>
  5. Expand Log Files and click the View File icon to review the configuration error messages.
Back to Top
[an error occurred while processing this directive]