Generic Firewall monitoring plugin

Verax NMS Generic Firewall management plugin allows easy monitoring, alerting, health check, management and performance reporting of SNMP-enabled firewalls supporting the following MIBs:

  • BRIDGE
  • ENTITY-MIB (optional)

The Generic Firewall plugin can communicate using SNMP v1, v2 or v3.

Generic vs. dedicated plugins

The Generic Firewall plugin enables monitoring and management of firewall types/models that do not have dedicated Verax NMS plugins (such as, for instance Juniper firewall). Dedicated plugins come first in the discovery order: if a dedicated plugin exists it is preferred over a generic one. While the dedicated plugins typically provide additional functionality (display more information, allow for execution of management actions, configuration management, etc.), the Generic Firewall plugin provides full capability in terms of monitoring, performance measurements and alerting.

General view

The view presents general configuration information about a firewall such as:

  • Firewall vendor, model and firmware information
  • Name, uptime, location and administrative contact details
  • Interfaces' operational statistics (e.g. numbers of up/down events)

Internet protocol (IP) view

The view displays current IP configuration parameters (such as forwarding, default TTL, reassembly timeout and others) and statistics (input receives, forwarded datagrams, routing discards and others).

Interfaces view

The view provides an inventory of all network interfaces on a device including:

  • Index and name (e.g. FastEthernet0/0)
  • Type (e.g. ethernetCsmacd)
  • Physical address
  • Administrative and operational statuses
  • Current configuration parameters (e.g. MTU size) and statistics (e.g. packets out, excessive collisions) for each interface

IP addressing view

This view provides a list of all IP addresses configured on a device including: address, mask, interface and broadcast address.

Routing table view

The view displays current IP routing table on a device including:

  • Destination IP address
  • Next hop interface and IP address
  • Route type and type dependent metrics (1 through 5)
  • Protocol describing how the route was learned
  • Age describing how long ago (in seconds) the route was created/modified

This information is displayed only if a firewall has routing functionality.

Entities view

The view provides detailed information about hardware (entities) on a device including:

  • Name (e.g. motherboard, daughter card slot, chassis, FastEtnernet card, etc.) and description
  • Containment information (e.g. card A is inserted into slot B)
  • Entity class indicating hardware type (e.g. port, module, container, etc.)
  • Hardware, firmware and software revision numbers
  • Manufacturer, model name and serial number
  • Replaceable flag indicating if given piece of hardware is considered to be a FRU (Field Replaceable Unit) or not

This information is only displayed if the device supports the SNMP ENTITY-MIB.

Standard MIBs

The Generic Firewall supports the standard MIB-2, enabling NMS to define sensors, performance counters, alarms and traps based on standard MIB definitions.

Built-in vendor templates

The Generic Firewall plugin provides predefined templates for sensors and performance counters defined in proprietary MIBs of the most popular vendors including Cisco, Fortinet, Netscreen and others.

Loading vendor MIBs

Additional MIBs can be loaded via NMS MIB Browser. OIDs from these MIBs can be used to define additional sensors and performance counters as needed.

Predefined Generic Firewall monitoring templates

The plugin provides predefined templates for most commonly monitored firewall items (listed in the table below). Other, user-defined sensors and performance counters can be added.

Generic Firewall monitoring templates
Generic Firewall Interface Input Traffic
Generic Firewall Interface Output Traffic
Generic Firewall Interface Inbound Non-unicast Packets
Generic Firewall Interface Outbound Non-unicast Packets
Generic Firewall Interface Traffic Ratio
Generic Firewall Interface Unicast Ratio
Generic Firewall Interface Discarded Packets Ratio
Generic Firewall Interface Packets With Errors Ratio
Generic Firewall IP Input Receives
Generic Firewall IP Input Headers Errors
Generic Firewall IP Input Address Errors
Generic Firewall IP Forwarded Datagrams
Generic Firewall IP Input Unknown Protocols
Generic Firewall IP Input Discards
Generic Firewall IP Input Delivers
Generic Firewall IP Output Requests
Generic Firewall IP Output Discards
Generic Firewall IP Output No Routes
Generic Firewall IP Reassembly Received Fragments
Generic Firewall IP Reassembly OKs
Generic Firewall IP Reassembly Fails
Generic Firewall IP Fragmentation OKs
Generic Firewall IP Fragmentation Fails
Generic Firewall IP Fragmentation Creates
Generic Firewall IP Routing Discards
Generic Firewall ICMP Input Messages
Generic Firewall ICMP Input Errors
Generic Firewall ICMP Input Destination Unreachs
Generic Firewall ICMP Input Time Exceeds
Generic Firewall ICMP Input Parameter Problems
Generic Firewall ICMP Input Source Quenches
Generic Firewall ICMP Input Redirects
Generic Firewall ICMP Input Echos
Generic Firewall ICMP Input Echo Replies
Generic Firewall ICMP Input Timestamps
Generic Firewall ICMP Input Timestamp Replies
Generic Firewall ICMP Input Address Mask Request Replies
Generic Firewall ICMP Output Messages
Generic Firewall ICMP Output Errors
Generic Firewall ICMP Output Destination Unreachs
Generic Firewall ICMP Output Time Exceeds
Generic Firewall ICMP Output Parameter Problems
Generic Firewall ICMP Output Source Quenches
Generic Firewall ICMP Output Redirects
Generic Firewall ICMP Output Echos
Generic Firewall ICMP Output Echo Replies
Generic Firewall ICMP Output Timestamps
Generic Firewall ICMP Output Timestamp Replies
Generic Firewall ICMP Output Address Masks Requests
Generic Firewall ICMP Output Address Mask Request Replies
Generic Firewall TCP Active Opens
Generic Firewall TCP Passive Opens
Generic Firewall TCP Attempt Fails
Generic Firewall TCP Closes
Generic Firewall TCP Current Established
Generic Firewall TCP Input Segments
Generic Firewall TCP Output Segments
Generic Firewall TCP Retransmitted Segments
Generic Firewall TCP Input Errors
Generic Firewall TCP Output RSTs Flags
Generic Firewall UDP Input Datagrams
Generic Firewall UDP No Application At Port
Generic Firewall UDP Input Errors
Generic Firewall UDP Output Datagrams

Event processing

Verax NMS provides a set of standard, built-in event processing rules for MIB-2. Additional rules can be defined based on standard and vendor-specific MIB OIDs.

See also

Generic Router monitoring and management plugin »

Generic Switch monitoring and management plugin »

Generic Printer monitoring and management plugin »

Generic UPS monitoring and management plugin »