Products
Applications
NMS & APM - unified network, application and IT infrastructure management Service Desk - incident management and SLA compliance Customer Care & Billing - customer, product, service management and billing Project Management - complete control over network infrastructure projects Workflow - automate and track execution of business processes KPI Dashboard - measure, monitor and manage IT & telco business performance
Solutions
IT Management Suite - simplify, automate and reduce cost of IT management OSS/BSS Suite - quickly define, provision, monitor and bill telco & IT services
Free tools
Free SNMP Agent Simulator Free Database Load Simulator Free IPMI Library for Java Free ICMP Library for Java/Windows
All products
Downloads
Applications
All downloads
Services
Careers
- Careers at Verax Systems
- Current openings
Company
Contact
News & events

Home > Products > NMS & APM > Generic firewall plugin

	NMS & APM
	Service Desk
	Customer Care & Billing
	Project Management
	Workflow
	KPI Dashboard
	IT Management Suite
	OSS/BSS Suite
	Free SNMP Agent Simulator
	Free Database Load Simulator
	Free IPMI Library for Java
	Free ICMP Library for Java/Windows
	All products

Generic Firewall monitoring and management plugin

Verax NMS Generic Firewall management plugin allows easy monitoring, alerting, health check, management and performance reporting of SNMP-enabled firewalls supporting the following MIBs:

BRIDGE
ENTITY-MIB (optional)

The Generic Firewall plugin can communicate using SNMP v1, v2 or v3.

Generic vs. dedicated plugins

The Generic Firewall plugin enables monitoring and management of firewall types/models that do not have dedicated Verax NMS plugins (such as, for instance Juniper firewall). Dedicated plugins come first in the discovery order: if a dedicated plugin exists it is preferred over a generic one. While the dedicated plugins typically provide additional functionality (display more information, allow for execution of management actions, configuration management, etc.), the Generic Firewall plugin provides full capability in terms of monitoring, performance measurements and alerting.

General view

The view presents general configuration information about a firewall such as:

Firewall vendor, model and firmware information
Name, uptime, location and administrative contact details
Interfaces' operational statistics (e.g. numbers of up/down events)

Internet protocol (IP) view

The view displays current IP configuration parameters (such as forwarding, default TTL, reassembly timeout and others) and statistics (input receives, forwarded datagrams, routing discards and others).

Interfaces view

The view provides an inventory of all network interfaces on a device including:

Index and name (e.g. FastEthernet0/0)
Type (e.g. ethernetCsmacd)
Physical address
Administrative and operational statuses
Current configuration parameters (e.g. MTU size) and statistics (e.g. packets out, excessive collisions) for each interface

IP addressing view

This view provides a list of all IP addresses configured on a device including: address, mask, interface and broadcast address.

Routing table view

The view displays current IP routing table on a device including:

Destination IP address
Next hop interface and IP address
Route type and type dependent metrics (1 through 5)
Protocol describing how the route was learned
Age describing how long ago (in seconds) the route was created/modified

This information is displayed only if a firewall has routing functionality.

Entities view

The view provides detailed information about hardware (entities) on a device including:

Name (e.g. motherboard, daughter card slot, chassis, FastEtnernet card, etc.) and description
Containment information (e.g. card A is inserted into slot B)
Entity class indicating hardware type (e.g. port, module, container, etc.)
Hardware, firmware and software revision numbers
Manufacturer, model name and serial number
Replaceable flag indicating if given piece of hardware is considered to be a FRU (Field Replaceable Unit) or not

This information is only displayed if the device supports the SNMP ENTITY-MIB.

Standard MIBs

The Generic Firewall supports the standard MIB-2, enabling NMS to define sensors, performance counters, alarms and traps based on standard MIB definitions.

Built-in vendor templates

The Generic Firewall plugin contains predefined templates for sensors and performance counters defined in proprietary MIBs of the most popular vendors including Cisco, Fortinet, Netscreen and others.

Loading vendor MIBs

Additional MIBs can be loaded via NMS MIB Browser. OIDs from these MIBs can be used to define additional sensors and performance counters as needed.

Predefined Generic Firewall monitoring templates

The plugin contains predefined templates for most commonly monitored firewall items. Most important, selected templates are provided in the table below (other, additional sensors and performance counters can be added by the user):

Generic Firewall monitoring templates

Generic Firewall Interface Input Traffic

Generic Firewall Interface Output Traffic

Generic Firewall Interface Inbound Non-unicast Packets

Generic Firewall Interface Outbound Non-unicast Packets

Generic Firewall Interface Traffic Ratio

Generic Firewall Interface Unicast Ratio

Generic Firewall Interface Discarded Packets Ratio

Generic Firewall Interface Packets With Errors Ratio

Generic Firewall IP Input Receives

Generic Firewall IP Input Headers Errors

Generic Firewall IP Input Address Errors

Generic Firewall IP Forwarded Datagrams

Generic Firewall IP Input Unknown Protocols

Generic Firewall IP Input Discards

Generic Firewall IP Input Delivers

Generic Firewall IP Output Requests

Generic Firewall IP Output Discards

Generic Firewall IP Output No Routes

Generic Firewall IP Reassembly Received Fragments

Generic Firewall IP Reassembly OKs

Generic Firewall IP Reassembly Fails

Generic Firewall IP Fragmentation OKs

Generic Firewall IP Fragmentation Fails

Generic Firewall IP Fragmentation Creates

Generic Firewall IP Routing Discards

Generic Firewall ICMP Input Messages

Generic Firewall ICMP Input Errors

Generic Firewall ICMP Input Destination Unreachs

Generic Firewall ICMP Input Time Exceeds

Generic Firewall ICMP Input Parameter Problems

Generic Firewall ICMP Input Source Quenches

Generic Firewall ICMP Input Redirects

Generic Firewall ICMP Input Echos

Generic Firewall ICMP Input Echo Replies

Generic Firewall ICMP Input Timestamps

Generic Firewall ICMP Input Timestamp Replies

Generic Firewall ICMP Input Address Mask Request Replies

Generic Firewall ICMP Output Messages

Generic Firewall ICMP Output Errors

Generic Firewall ICMP Output Destination Unreachs

Generic Firewall ICMP Output Time Exceeds

Generic Firewall ICMP Output Parameter Problems

Generic Firewall ICMP Output Source Quenches

Generic Firewall ICMP Output Redirects

Generic Firewall ICMP Output Echos

Generic Firewall ICMP Output Echo Replies

Generic Firewall ICMP Output Timestamps

Generic Firewall ICMP Output Timestamp Replies

Generic Firewall ICMP Output Address Masks Requests

Generic Firewall ICMP Output Address Mask Request Replies

Generic Firewall TCP Active Opens

Generic Firewall TCP Passive Opens

Generic Firewall TCP Attempt Fails

Generic Firewall TCP Closes

Generic Firewall TCP Current Established

Generic Firewall TCP Input Segments

Generic Firewall TCP Output Segments

Generic Firewall TCP Retransmitted Segments

Generic Firewall TCP Input Errors

Generic Firewall TCP Output RSTs Flags

Generic Firewall UDP Input Datagrams

Generic Firewall UDP No Application At Port

Generic Firewall UDP Input Errors

Generic Firewall UDP Output Datagrams

Performance counters and alarming

All the above parameters can be added as sensors/performance counters within Verax NMS and configured for alarming.

Event processing

Verax NMS provides a set of standard, built-in event processing rules for MIB-2. Additional rules can be defined based on standard and vendor-specific MIB OIDs.