Technical Documentation

Viewing Device Status (NSM Procedure)

Purpose

You monitor NSM device status to see whether there are any issues with the communication between NSM and the IDP device. Within the NSM Device Monitor, you can also drill-down for status on IDP device CPU, memory, and session utilization.

Figure 1 shows the NSM Device Monitor.

Figure 1: NSM Device Monitor

Image s036716.gif

Action

To display the Device Monitor:

In the NSM navigation tree, select Investigate > Realtime Monitor > Device Monitor.

Table 1 describes NSM device monitor status data.

Table 1: NSM Device Monitor Status Data

Column

Description

Name

Displays the NSM name for the device. The NSM name is a value you specify when you add the device to the NSM Device Manager.

Domain

Displays the NSM domain to which the device is a member.

Platform

Displays the device model number.

OS version

Displays the operating system version.

Connection status

Displays the status of the connection between the device and NSM:

  • Up
  • Down
  • Never Connected

Alarm

Displays the most severe alarm for the device (if applicable). Double-click an alarm to view the Alarm Details dialog box, which lists all alarms and their polling time for that device.

Hardware inventory status

Displays the status of hardware inventory data:

  • In Sync–The NSM device configuration data matches the IDP device running configuration data.
  • Reconciliation needed–The NSM device configuration data does not match the IDP device running configuration data.
  • Unknown–Inventory information is unknown (the device might not be deployed yet).
  • N/A–Inventory information is not available.

Software inventory status

Displays the status of software inventory data:

  • In Sync–The NSM device configuration data matches the IDP device running configuration data.
  • Reconciliation needed–The NSM device configuration data does not match the IDP device running configuration data.
  • Unknown–Inventory information is unknown (the device might not be deployed yet).
  • N/A–Inventory information is not available.

Configuration state

Displays the status of the NSM device configuration compared to the IDP device running configuration:

  • Managed–Indicates that the device is managed by NSM.
  • Modeled–Indicates that the security device exists in NSM but has not been pushed to the IDP device.
  • RMA–Indicates a device that has been reverted to a modeled state.
  • Waiting for 1st connect–Indicates that NSM is waiting for the device to connect.
  • Import Needed–Indicates the running configuration has changed and you should import the configuration from the IDP device to synchronize the NSM device configuration.
  • Update Needed–Indicates a change to the NSM device configuration that needs to be pushed to the IDP device.
  • OS Version Adjustment Needed–Indicates that the firmware version detected on the device is different from what was previously detected by NSM.

License inventory status

Displays hardware inventory information:

  • In Sync–The NSM device configuration data matches the IDP device running configuration data.
  • Reconciliation needed–The NSM device configuration data does not match the IDP device running configuration data.
  • Unknown–Inventory information is unknown (the device might not be deployed yet).
  • N/A–Inventory information is not available.

First connect

Displays the date and time the device first connected to NSM.

Latest connect

Displays the date and time the device last connected to NSM.

Latest disconnect

Displays the date and time the device last disconnected from NSM.

To drill down to CPU and memory statistics:

Right-click the name of the device and select View Details.

Figure 2 shows the NSM Device Details page, which includes CPU and memory statistics.

Figure 2: NSM Device Detail

Image s036717.gif

Table 2 describes the NSM Device Details Page.

Table 2: NSM Device Monitor: Device Details Page

Column

Description

OS Version

The IDP operating system version.

Mode

Current operation mode of the device.

CPU Idle

Percentage of the time the CPU was idle.

CPU User

Percentage of CPU utilization for user processes.

CPU Kernel

Percentage of CPU utilization for kernel processes.

CPU Usage

Combined CPU utilization for user and kernel processes.

Note: This CPU statistic shown here is the value returned from the Linux top command for CPU0. On IDP8200, only control plane processes run on CPU0. On IDP1100, IDP800, and IDP250, control plane processes and JNET driver processes run on CPU0. On IDP600 and IDP75, all processes run on CPU0.

1 Min Load

One-minute load average.

5 Min Load

Five-minute load average.

15 Min Load

Fifteen-minute load average.

Total Mem

Total amount (in megabytes) of memory.

Used Mem

Amount (in megabytes) of used memory.

Mem Usage

Percentage of used memory.

Total Swap

Total amount (in megabytes) of swap space.

Used Swap

Amount (in megabytes) of used swap space.

Swap Usage

Percentage of used swap space.

To drill down to process status:

  1. Right–click a row in the Device Monitor report and select View Device Details.
  2. Click the Process Status tab.

Figure 3 shows Process Status page, which gives details on memory and CPU usage per IDP process.

Figure 3: NSM Device Monitor: Process Status Page

Image s036718.gif

Note: Due to a limitation, the CPU usage for the IDP engine is reported as 0%. To see the actual CPU usage for an IDP engine, log into the IDP appliance command-line interface (CLI) and use the scio idp-cpu-utilization command. The correct CPU usage is also reported via SNMP.

To drill down to packet and flow counters for current traffic:

  1. In the NSM navigation tree, select Investigate > Realtime Monitor > Device Monitor.
  2. Right-click the name of the device and select View Statistics.

Figure 4 shows the Device Statistics page.

Figure 4: NSM Device Monitor: Device Statistics

Image s036719.gif

Published: 2010-01-12