Cisco Secure PIX Firewall
SPECTRUM Enterprise ManagerDevice Management
Supports Management Module SM-CIS1011
TitlepaeTitlepaeTitlepaeTitlepae
S P E C T R U M E n t e r p r i s e M a n a g e r Page 2 C i s c o S e c u r e P I X F i r e w a l l
NoticeAprisma Management Technologies, Inc. (Aprisma), reserves the right to makechanges in specifications and other information contained in this document withoutprior notice. The reader should in all cases consult Aprisma to determine whetherany such changes have been made.
The hardware, firmware, or software described in this manual is subject to changewithout notice.
IN NO EVENT SHALL APRISMA, ITS EMPLOYEES, OFFICERS, DIRECTORS,AGENTS, OR AFFILIATES BE LIABLE FOR ANY INCIDENTAL, INDIRECT,SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUTNOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THISMANUAL OR THE INFORMATION CONTAINED IN IT, EVEN IF APRISMA HASBEEN ADVISED OF, KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITYOF SUCH DAMAGES.
Copyright © May 2001 by Aprisma Management Technologies. All rights reserved.
Printed in the United States of America.
Order Number: 9035022-01
Aprisma Management Technologies, Inc.121 Technology DriveDurham NH 03824
SPECTRUM, the SPECTRUM IMT/VNM logo, DCM, IMT, and VNM are registeredtrademarks, and SpectroGRAPH , SpectroSERVER , Inductive ModelingTechnology , Device Communications Manager , and Virtual Network Machineare trademarks of Aprisma or its affiliates.
Ethernet is a trademark of Xerox Corporation.
Virus DisclaimerAprisma makes no representations or warranties to the effect that the LicensedSoftware is virus-free.
Aprisma has tested its software with current virus checking technologies. However,because no anti-virus system is 100% reliable, we strongly caution you to writeprotect and then verify that the Licensed Software, prior to installing it, is virus-freewith an anti-virus system in which you have confidence.
Restricted Rights Notice(Applicable to licenses to the United States Government only.)
1. Use, duplication, or disclosure by the Government is subject to restrictions asset forth in subparagraph (c) (1) (ii) of the Rights in Technical Data andComputer Software clause at DFARS 252.227-7013.
Aprisma Management Technologies, Inc.121 Technology DriveDurham NH 03824
2. (a) This computer software is submitted with restricted rights. It may not beused, reproduced, or disclosed by the Government except as provided inparagraph (b) of this Notice or as otherwise expressly stated in the contract.
(b) This computer software may be:
(1) Used or copied for use in or with the computer or computers for whichit was acquired, including use at any Government installation to whichsuch computer or computers may be transferred;
(2) Used or copied for use in a backup computer if any computer for whichit was acquired is inoperative;
(3) Reproduced for archival or backup purposes;
(4) Modified, adapted, or combined with other computer software, providedthat the modified, combined, or adapted portions of the derivativesoftware incorporating restricted computer software are made subjectto the same restricted rights;
(5) Disclosed to and reproduced for use by support service contractors inaccordance with subparagraphs (b) (1) through (4) of this clause,provided the Government makes such disclosure or reproductionsubject to these restricted rights; and
(6) Used or copied for use in or transferred to a replacement computer.
(c) Notwithstanding the foregoing, if this computer software is publishedcopyrighted computer software, it is licensed to the Government, withoutdisclosure prohibitions, with the minimum rights set forth in paragraph (b) ofthis clause.
(d) Any other rights or limitations regarding the use, duplication, or disclosureof this computer software are to be expressly stated in, or incorporated in,the contract.
(e) This Notice shall be marked on any reproduction of this computer software, inwhole or in part.
S P E C T R U M E n t e r p r i s e M a n a g e r Page 3 C i s c o S e c u r e P I X F i r e w a l l
ContentsINTRODUCTION 4
Purpose and Scope ........................................................4Required Reading ...........................................................4Supported Devices..........................................................5The SPECTRUM Model ..................................................5
TASKS 7
DEVICE VIEW 8
Interface Icons ................................................................9Interface Icon Subviews Menu......................................10Interface Status View ....................................................11Secondary Address Panel ............................................11
DEVICE TOPOLOGY VIEW 12
Interface Icons ..............................................................13Interface Icon Subviews Menu......................................14Interface Status View ....................................................14Secondary Address Panel ............................................15
APPLICATION VIEWS 16
Main Application View ...................................................16Supported Applications .................................................17
Common Applications................................................17Device-Specific Applications .....................................18
PERFORMANCE VIEWS 19
Device Performance View.............................................20Port Performance View .................................................20
CONFIGURATION VIEWS 21
Device Configuration View............................................21Interface Configuration View.........................................22
SYSLOG TRAP SUPPORT 23
MODEL INFORMATION VIEW 26
INDEX 27
S P c o S e c u r e P I X F i r e w a l l
isco Secure PIX Firewall
Th
•
•
•
•
PUsCiPaSMmmdeSP
InprinSP
ation techniques, refer to Required Reading.
ingtion effectively, you must ormation covered by the e documents listed below.
ith SPECTRUM for
ith SPECTRUM for
our Network with
are Release Notice
E C T R U M E n t e r p r i s e M a n a g e r Page 4 C i s
Introduction
This section introduces the SPECTRUM Device Management documentation for the Cdevices.
is introduction contains the following topics:
Purpose and Scope
Required Reading
Supported Devices (Page 5)
The SPECTRUM Model (Page 5)
urpose and Scopee this document as a guide for managing the sco Secure PIX Firewall devices described on ge 5 with SPECTRUM management module -CIS1011. This document describes the icons,
enus, and views that enable you to remotely onitor, configure, and troubleshoot Cisco PIX vices through software models in your ECTRUM database.
formation specific to SM-CIS1011 is what is imarily included in this document. For general formation about device management using ECTRUM and explanations of SPECTRUM
functionality and navigthe topics listed under
Required ReadTo use this documentabe familiar with the infother SPECTRUM onlin
• Getting Started wOperators
• Getting Started wAdministrators
• How to Manage YSPECTRUM
• SPECTRUM Views
• SPECTRUM Menus
• SPECTRUM Icons
• SPECTRUM Softw
I n S u p p o r t e d D e v i c e s
S P c o S e c u r e P I X F i r e w a l l
SSPcuFi
CineTr
M Model Cisco Secure PIX Firewall
creation of Device icons ces and Application icons pported applications.
in double-click zones and Subviews menus that let nagement activities such s on Page 7.
appearance of the Device pending on the kind of view
Device Icons
Model Name
PIX Firewall
all Device icon appears inology and Application views
rs inn, and
t r o d u c t i o n
E C T R U M E n t e r p r i s e M a n a g e r Page 5 C i s
upported DevicesECTRUM management module SM-CIS1011 rrently lets you model the Cisco Secure Pix rewall which allows you to manage traps.
sco Secure PIX Firewall 5.2 provides secure tworking and NAT (Network Address anslation).
The SPECTRUThe model type for thedevices is CisPIXDev.
Modeling results in thethat represent the devithat represent their su
The Device icons contaprovide access to Icon you perform device maas those listed in Task
As Figure 1 shows, theicons varies slightly deit appears in.
Figure 1:
Model Name
PIX FireWall
SmTop
Large Device icon appeaDevice Topology, LocatioDevice Interface views.
I n T h e S P E C T R U M M o d e l
S P c o S e c u r e P I X F i r e w a l l
Thav
ent covering the Cisco nagement module is
)
w (Page 12)
Page 16)
(Page 19)
iew (Page 26)
De
De
Ap
Fa
Co
MIn
t r o d u c t i o n
E C T R U M E n t e r p r i s e M a n a g e r Page 6 C i s
e device-specific Icon Subviews menu options ailable from the Device icon are listed below.
The rest of this documSecure PIX Firewall maorganized as follows.
• Tasks (Page 7)
• Device View (Page 8
• Device Topology Vie
• Application Views (
• Performance Views
• Model Information V
Option Accesses the...
vice View Device View (Page 8)
vice Topology Device Topology View (Page 12)
plication Application Views (Page 16)
ult Isolation For further information refer to the Spectrum Views documentation.
nfiguration Performance Views (Page 19)
odel formation
Model Information View (Page 26)
S P c o S e c u r e P I X F i r e w a l l
providing one or more
Ad•
Al•
Co•
IP••
Pe••
To•
E C T R U M E n t e r p r i s e M a n a g e r Page 7 C i s
Tasks
This section contains an alphabetical list of device management tasks, with each tasklinks to views that let you perform the task.
ministrative Information (check)Model Information View (Page 26)
arm Thresholds (set)Interface Icon Subviews Menu (Page 14)
nfiguration Information (check)Performance Views (Page 19)
Address (find/change)Device View (Page 8)Secondary Address Panel (Page 15)
rformance (check)Device View (Page 8)Interface Icons (Page 13)
pology (check)Device View (Page 8)
S P c o S e c u r e P I X F i r e w a l l
cure PIx Firewall devices
Acico
ThremprinneInThicoan
Device View
Router Device: Model Name
Help
Sys Up TimeManufacturerDevice TypeSerial Number
s
cription
ical
Interface Options Panelon
ATM8B3
0.0.0.0
ON
ATM8B4
0.0.0.0
ON
4
8
Interface Icons
irewall of Landscape node: Primary
n Gen Bridge App
E C T R U M E n t e r p r i s e M a n a g e r Page 8 C i s
Device View
This section describes the Device view and subviews available for models of Cisco Sein SPECTRUM.
cess: From the Icon Subviews menu for the Devicen, select Device .
is view (Figure 2) uses icons and labels to present the device and its components, such as odules, ports, and applications. The view ovides dynamic configuration and performance formation for each of the device’s serial and twork I/O ports, which are represented by terface icons in the bottom panel of the view. e middle panel of the view displays a Device n, which lets you monitor the device operation d access other device-specific views.
Figure 2:
SpectroGRAPH:
File View Tools
Model NameContactDescriptionLocation
Network Addres
Interface Des
Filter Phys
Device Ic
PIX_Firewall
Model Name
1Ethernet
0:0:1D:F:FD:B6
ei0
0.0.0.0
ON
5SFTWARLPBK
0:0:1D:F:FD:B6
lo0
0.0.0.0
ON
9ATM8023
0:0:1D:F:FD:B6
zn1
0.0.0.0
ON
512AAL5
UAAL5
0.0.0.0
ON
2ATMCPU
0.0.0.0
ON
6ATM portCPU.1
0.0.0.0
ON
ATM7A1
0.0.0.0
ON
ATM7B1
0.0.0.0
ON
ATM7B2
0.0.0.0
ON
ATM7B3
0.0.0.0
ON
ATM8B1
0.0.0.0
ON
ATM8B2
0.0.0.0
ON
10
2783905 2783909
11
7
3
Bookmarks
Model Name of type CiscoPIXF
Primary Applicatio
D e I n t e r f a c e I c o n s
S P c o S e c u r e P I X F i r e w a l l
InFifrolabtode
interface (port) number.
current status of the ry application selected, IB-II App. Table 1 lists the resentations. Note that the epends on the interface’s Status, which you set in w (Page 11). This view can clicking the label.
interface type (Ethernet, k this label to access the View (Page 22).
e Status Label Colors
AdministrativeStatus
LabelText
up ON
down OFF
up OFF
testing TEST
v i c e V i e w
E C T R U M E n t e r p r i s e M a n a g e r Page 9 C i s
terface Iconsgure 3 shows a close-up of an Interface icon m the Device view. Most of the informational els on the icon also provide double-click access
other views, as explained in the following label scriptions.
Figure 3: Interface Icon
Interface Number LabelThis label displays the
IF Status LabelThis label displays theinterface for the primae.g., Gen Rtr App or Mpossible label color repcolor of the label also dcurrent Administrativethe Interface Status Viebe accessed by double-
Interface Type LabelThis label identifies theATM, etc.). Double-clicInterface Configuration
c
fg
b
1ethernet
0:0:1D:F:FD:B6
1
a
a Interface Number Label
b IF Status Label
c Interface Type Label
d Network Type Label
e Physical Address Label
f IP Address Label
g Gauge Label
fxp0
0.0.0.0
d
e
ON Table 1: Interfac
ColorOperational
Status
Green up
Blue down
Yellow down
Red testing
D e c e I c o n S u b v i e w s M e n u
S P c o S e c u r e P I X F i r e w a l l
NeThthtoin
PhThthIF
IPThinSeyoin
GaThstaPaSPinDoPe
ubviews Menu-specific interface Icon s and the views to which
e Icon Subviews Menu
Accesses the...
e Detail view, which displays error, and discard breakdown s for the interface.
e Status View (Page 11).
e Configuration View (Page 22).
e Address Translation Table, entifies the physical and address for the interface.
ry Address Panel (Page 11).
e Threshold view, which lets the on/off alarm thresholds for cket rate, error rate, and % ed for the interface.
formation View (Page 26).
v i c e V i e w I n t e r f a
E C T R U M E n t e r p r i s e M a n a g e r Page 10 C i s
twork Type Labelis label identifies the type of network to which e interface is connected. Double-click the label open the Model Information view for the terface.
ysical Address Labelis label displays the physical (MAC) address of e interface. Double-click this label to open the Address Translation Table.
Address Labelis label displays the IP address for the
terface. Double-click this label to open the condary Address Panel (Page 11), which lets u change the address and mask for the terface.
uge Labelis label displays whichever performance tistic has been selected in the Gauge Control nel for this device’s interfaces. (Refer to the ECTRUM Views documentation for
formation about the Gauge Control Panel.) uble-click this label to open the Port rformance View (Page 20).
Interface Icon STable 2 lists the deviceSubviews menu optionthey provide access.
Table 2: Interfac
Option
Detail Interfacpacket, statistic
IF Status Interfac
IF Configuration Interfac
IF Address Translation Table
Interfacwhich idnetwork
Secondary Address Panel
Seconda
Thresholds Interfacyou set load, padiscard
Model Information
Model In
D e I n t e r f a c e S t a t u s V i e w
S P c o S e c u r e P I X F i r e w a l l
InAcico
Thstadi
OpThUnDo
ThadTe
SAcico
ThmtachAdin
v i c e V i e w
E C T R U M E n t e r p r i s e M a n a g e r Page 11 C i s
terface Status Viewcess: From the Icon Subviews menu for the Interfacen in the Device view, select IF Status .
is view provides information on the operational tus of the interface and allows you to enable or
sable the port.
erational Statuse current state of the interface (Up, Down, known, Dormant , Not Present , Lower Layerwn, or Testing ).
is button allows you to select the desired ministrative state of the interface (On, Off , or sting ).
econdary Address Panelcess: From the Icon Subviews menu for the Interfacen in the Device view, select Secondary Address Panel .
is panel provides a table of IP addresses and asks obtained from the Address Translation ble within the device’s firmware. You can ange the current address displayed in the IP dress field by selecting an entry from the table
this panel and clicking the Update button.
Administrative Status
S P c o S e c u r e P I X F i r e w a l l
ure PIX Firewall devices.
Acico
ThconeInnesathtothwico
Rede
ice Topology View
Help
3ATM
0:0:1D:F:FD:B6CPU
0.0.0.0
ON
Pix Firewall
Model Name
H: Device Topology: Model Name
phic offacturer>
evice
Landscape node: Primary
E C T R U M E n t e r p r i s e M a n a g e r Page 12 C i s
Device Topology View
This section describes the Device Topology view available for models of the Cisco Sec
cess: From the Icon Subviews menu for the Devicen, select Device Topology .
e Device Topology view (Figure 4) shows the nnections between a modeled device and other twork entities. The lower panel of the view uses terface icons to represent the device’s serial, twork, and I/O ports. These icons provide the me information and menu options as those in e Device View (Page 8). If a device is connected a particular interface, a Device icon appears on e vertical bar above the Interface icon along th an icon representing the network group that ntains the device.
fer to the SPECTRUM Views documentation for tails on Device Topology view.
Figure 4: Dev
File View Tools
1Ethernet
0:0:1D:F:FD:B6ei0
0.0.0.0
ON 2ATM
0:0:1D:F:FD:B6
A2
0.0.0.0
ON
Bookmarks
SpectroGRAP
Gra<manu
D
Model Name of type Model Type of
S P c o S e c u r e P I X F i r e w a l l
InFifrolabtode
interface (port) number.
current status of the ry application selected, IB-II App. Table 3 lists the resentations. Note that the epends on the interface’s Status, which you set in w (Page 14). This view can clicking the label.
interface type (Ethernet, k this label to access the View (Page 22).
e Status Label Colors
AdministrativeStatus
LabelText
up ON
down OFF
up OFF
testing TEST
E C T R U M E n t e r p r i s e M a n a g e r Page 13 C i s
terface Iconsgure 5 shows a close-up of an Interface icon m the Device view. Most of the informational els on the icon also provide double-click access
other views, as explained in the following label scriptions.
Figure 5: Interface Icon
Interface Number LabelThis label displays the
IF Status LabelThis label displays theinterface for the primae.g., Gen Rtr App or Mpossible label color repcolor of the label also dcurrent Administrativethe Interface Status Viebe accessed by double-
Interface Type LabelThis label identifies theATM, etc.). Double-clicInterface Configuration
c
fg
b
1ethernet
0:0:1D:F:FD:B6
1
a
a Interface Number Label
b IF Status Label
c Interface Type Label
d Network Type Label
e Physical Address Label
f IP Address Label
g Gauge Label
fxp0
0.0.0.0
d
e
ON Table 3: Interfac
ColorOperational
Status
Green up
Blue down
Yellow down
Red testing
D e c e I c o n S u b v i e w s M e n u
S P c o S e c u r e P I X F i r e w a l l
NeThthtoin
PhThthIF
IPThinSeyoin
GaThstaPaSPinDo
InTaSuth
Viewbviews menu for the Interfaceview, select IF Status .
rmation on the operational nd allows you to enable or
e Icon Subviews Menu
Accesses the...
e Detail view, which displays error, and discard breakdown s for the interface.
e Status View (Page 14).
e Configuration View (Page 22).
e Address Translation Table, entifies the physical and address for the interface.
ry Address Panel (Page 15).
e Threshold view, which lets the on/off alarm thresholds for cket rate, error rate, and % ed for the interface.
formation View (Page 26).
v i c e T o p o l o g y V i e w I n t e r f a
E C T R U M E n t e r p r i s e M a n a g e r Page 14 C i s
twork Type Labelis label identifies the type of network to which e interface is connected. Double-click the label open the Model Information view for the terface.
ysical Address Labelis label displays the physical (MAC) address of e interface. Double-click this label to open the Address Translation Table.
Address Labelis label displays the IP address for the
terface. Double-click this label to open the condary Address Panel (Page 15), which lets u change the address and mask for the terface.
uge Labelis label displays whichever performance tistic has been selected in the Gauge Control nel for this device’s interfaces. (Refer to the ECTRUM Views documentation for
formation about the Gauge Control Panel.) uble-click this label to open the.
terface Icon Subviews Menuble 4 lists the device-specific interface Icon bviews menu options and the views to which ey provide access.
Interface StatusAccess: From the Icon Suicon in the Device Topology
This view provides infostatus of the interface adisable the port.
Table 4: Interfac
Option
Detail Interfacpacket, statistic
IF Status Interfac
IF Configuration Interfac
IF Address Translation Table
Interfacwhich idnetwork
Secondary Address Panel
Seconda
Thresholds Interfacyou set load, padiscard
Model Information
Model In
S P c o S e c u r e P I X F i r e w a l l
OpThUnDo
ThadTe
SAcicoAd
ThmtachAdin
E C T R U M E n t e r p r i s e M a n a g e r Page 15 C i s
erational Statuse current state of the interface (Up, Down, known, Dormant , Not Present , Lower Layerwn, or Testing ).
is button allows you to select the desired ministrative state of the interface (On, Off , or sting ).
econdary Address Panelcess: From the Icon Subviews menu for the Interfacen in the Device Topology view, select Secondarydress Panel .
is panel provides a table of IP addresses and asks obtained from the Address Translation ble within the device’s firmware. You can ange the current address displayed in the IP dress field by selecting an entry from the table
this panel and clicking the Update button.
Administrative Status
S P c o S e c u r e P I X F i r e w a l l
fic subviews available for
Acico
MWaumdethcoapviewhVi
FoMI
n Application View
pplication: Model Name
ress System Up Time
Manufacturer
Device Type
Serial Number
Model Name
6E132_25
Model Name
Model Type
ndscape node: Primary
Help
E C T R U M E n t e r p r i s e M a n a g e r Page 16 C i s
Application Views
This section describes the main Application view and the associated application-specimodels of Cisco Secure PIX Firewall devices in SPECTRUM.
cess: From the Icon Subviews menu for the Devicen, select Application .
ain Application Viewhen a device model is created, SPECTRUM tomatically creates models for each of the ajor and minor applications supported by the vice. The main Application view identifies all of ese application models, shows their current ndition status, and provides access to plication-specific subviews. Figure 6 shows this w in the Icon mode. If you prefer the List mode, ich displays applications as text labels, select
ew > Mode > List.
r more information on this view, refer to the Bs and the Application View documentation.
Figure 6: Mai
SpectroGRAPH: A
Model Name
Contact
Description
Location
Network Add
File View Tools Bookmarks
Model Name of type <model type> of La
S P c o S e c u r e P I X F i r e w a l l
SSPtw
••
CFothdedocoSP
•
ons
ath First
s
plications
NN
E C T R U M E n t e r p r i s e M a n a g e r Page 17 C i s
upported ApplicationsECTRUM’s applications can be grouped within o general categories as follows:
Common Applications, belowDevice-Specific Applications (Page 18)
ommon Applicationsr the most part, these applications represent e non proprietary MIBs supported by your vice. Listed below (beneath the title of the cument that describes them) are some of the mmon applications currently supported by ECTRUM.
Bridging Applications- Spanning Tree- Static- Transparent- PPP Bridging- Source Routing- Translation
• Routing Applicati- Generic Routing- Repeater- AppleTalk- DECnet- Open Shortest P
• MIB II Application- SNMP- IP- ICMP- TCP- System2- UDP
• Miscellaneous Ap- FDDI- Point to Point- DS 1- RS-232- WAN- Frame Relay- Token Ring- DLSW- APPN- Ethernet- Fast Ethernet- ATM Client- DHCP
ote:ote:
The documents listed are available for viewing at:
www.aprisma.com/manuals/
S P c o S e c u r e P I X F i r e w a l l
DSPpr
••••
ThSP(reapco
NN
E C T R U M E n t e r p r i s e M a n a g e r Page 18 C i s
evice-Specific ApplicationsECTRUM imports the following device-level oprietary MIBs into its database:
CISCO-FIREWALL-MIB-V1SMI.my CISCO-MEMORY-POOL-MIB.my CISCO-SYSLOG-MIB-V1SMI.my RFC1213-MIB.my
ese MIBs can be used in conjunction with ECTRUM’s optional customization products ferred to as the Level I Tool Kits) to create plication models and views that display the ndition of selected MIB objects.
ote:ote:
Aprisma Management Technologies can provide training, technical assistance, and custom engineering support services for creating application models and their associated views.
S P c o S e c u r e P I X F i r e w a l l
co Secure PIX Firewall
Peinceis coreforta
GedefrodethIn
Foto
Thatsu
erformance View
PH: IP Addreess
System Up Time
Manufacturer
Device Type
Serial Number
Value Average Peak Value
t
r
Detailperties Scroll to Date-Time
*Frames per second
ape node: Primary
cation
E C T R U M E n t e r p r i s e M a n a g e r Page 19 C i s
Performance Views
This section provides brief descriptions of the Performance views available for the Cisdevices in SPECTRUM.
rformance views display performance statistics terms of a set of transmission attributes, e.g., ll rates, frame rates, % error, etc. A typical view shown in Figure 7. The instantaneous ndition of each transmission attribute is corded in a graph. The statistical information each attribute is presented in the adjacent
ble.
nerally, you determine performance at the vice level through Performance views accessed m the Device and Application icons. You termine performance at the port/interface level rough Performance views accessed from terface icons.
r more information on Performance views, refer the SPECTRUM Views documentation.
e following paragraphs list the performance tributes displayed for each Performance view pported by this management module.
Figure 7: P
SpectroGRA
Model Name
Contact
Description
Location
Network Address
Log
100.0
10.00
1.00
0.10
0.01
000:40:0 0:30:0 0:20:0
* Frame Rate
% Delivered
% Forwarded
% Transmi
% Erro
Graph Pro
File View Tools Bookmarks
% Discarded
type routing of type IP Routing of Landsc
Primary Appli
P e v i c e P e r f o r m a n c e V i e w
S P c o S e c u r e P I X F i r e w a l l
DAcico
Cuinat
•••••
PAcInt
Cuinat
••••
r f o r m a n c e V i e w s D e
E C T R U M E n t e r p r i s e M a n a g e r Page 20 C i s
evice Performance Viewcess: From the Icon Subviews menu for the Devicen, select Performance .
rrent and historical frame transmission formation is provided via the following tributes.
Frame Rate% Received% Transmit% Error% Discarded
ort Performance Viewcess: From the Icon Subviews menu for the Deviceerface icon, select Performance .
rrent and historical packet transmission formation is provided via the following tributes.
LoadPacket Rate% Error% Discarded
S P c o S e c u r e P I X F i r e w a l l
o Secure PIX Firewall
CocuinCoCi
••
DAcico
ThcowhanCoindo
e Configuration View
H: Model Name
lication
System Up Time
Manufacturer
Device Type
Serial Number
figuration View
nfiguration Table
Max Frame Size Operational Status
ape node: Primary
Help
E C T R U M E n t e r p r i s e M a n a g e r Page 21 C i s
Configuration Views
This section describes the various Configuration views available for models of the Ciscdevices in SPECTRUM.
nfiguration views let you view and modify rrent settings for the modeled device and its terfaces, ports, and applications. The following nfiguration views are available for models of sco PIX devices:
Device Configuration View (Page 21)Interface Configuration View (Page 22)
evice Configuration Viewcess: From the Icon Subviews menu for the Devicen, select Configuration .
is view (Figure 8) provides status and nfiguration information about the device as a ole as well as on a port-by-port basis. Fields d column headings within the Device nfiguration view and its subviews are explained
detail in the SPECTRUM Views cumentation.
Figure 8: Devic
SpectroGRAP
Primary App
Network AddressModel NameContactDescriptionLocation
Device Con
Interface CoSort Find Update
File View Tools Bookmarks
Index Type Physical Address
Model Name of type PIX Firewall of Landsc
C o a c e C o n f i g u r a t i o n V i e w
S P c o S e c u r e P I X F i r e w a l l
InAcico
Thth
OpThDoLa
Thdo
LaThen
IPThna
PhTh
BaThm
th, or no accurate estimate l bandwidth is provided.
t can be transmitted or isplayed in octets.
und packet queue, in
Ad
n f i g u r a t i o n V i e w s I n t e r f
E C T R U M E n t e r p r i s e M a n a g e r Page 22 C i s
terface Configuration Viewcess: From the Icon Subviews menu for an Interfacen in the Device Topology view, select IF Configuration .
is view provides the following information for e selected interface:
eration Statuse current operational state of the interface (Up, wn, Unknown, Dormant , Not Present , or Lower yer Down ).
e desired operational state of the interface (up, wn, or testing ).
st Changee System UpTime value when the interface tered its current operational state.
Address/Network Maskis window provides a list of the user-defined mes and IP addresses for the interface.
ysical Addresse Ethernet (MAC) address of the interface.
ndwidthe estimated bandwidth of the interface,
easured in bits per second. For interfaces that
do not vary in bandwidcan be made, a nomina
Packet SizeThe largest packet thareceived by the port, d
Queue LengthThe length of the outbopackets.
min. Status
S P c o S e c u r e P I X F i r e w a l l
ewall.
ThtoFithSyidalaprthseinicoAlinM
ThwhseThthSe
depending on the severity eives.
erity Level Code
Description
ergency-System is usable.
ert- Immediate action quired.
itical -Critical condition.
ror- Error condition.
rning- Warning ndition.
tification- normal but gnificant condition
formational- formational message only.
bugging- message that pears during debugging ly.
E C T R U M E n t e r p r i s e M a n a g e r Page 23 C i s
Syslog Trap Support
This section describes the Syslog Trap Support available for the Cisco PIX Secure Fir
e System Message Log (syslog) protocol is used send text messages from a Cisco PIX Secure rewall to the NMS. These messages are sent to e SPECTRUM Event Manager as SNMP traps. slog trap support allows the router device to entify these messages and escalate them to rms as necessary. Syslog trap support also
ovides the Cisco PIX Secure Firewall model icon e capability to communicate model alarm verity information. When an alarm occurs, as dicated by the Cisco PIX Secure Firewall device n, you will be able to observe the SPECTRUM
arm Severity and a Syslog message will appear the Alarm log (which can be found in the Alarm anager View).
ese Syslog messages are classified by severities ich range from 0 to 7 (most severe to least
vere). These messages are described in Table 5 e alarms are displayed in the Alarm Log. As ese alarms are associated with the Cisco PIX cure Firewall device model, the model icon will
change color and flashof the alarm that it rec
Table 5: Sev
Severity Level
0 emun
1 alre
2 cr
3 er
4 waco
5 nosi
6 inin
7 deapon
S y a c e C o n f i g u r a t i o n V i e w
S P c o S e c u r e P I X F i r e w a l l
Thse
Mdoim
Mdethabrede
Wsemm
Eare
erational. The following is message:
:SYS-5-5 has been inserted”
essage is as follows:
1:15 is the date and time pears if set for system log
ype.el, indicating that it is a ant condition.e mnemonic code that
the message. inserted is the message s the condition and may
formation which varies essage.r documentation for more el alarms in SPECTRUM.
ement module supports error messages for the elease 12.1 T.
s l o g T r a p S u p p o r t I n t e r f
E C T R U M E n t e r p r i s e M a n a g e r Page 24 C i s
e Syslog message severity to SPECTRUM alarm verity will be mapped as listed in Table 6.
essages with an Alarm Severity of 5-7 typically not generate an alarm, as they are of minor portance.
essages are listed by the facility (hardware vice, protocol, or a module or system software) at produces the messages. A facility code is an breviation of the facility to which the message fers to. A facility could a specific hardware vice, a protocol, or a portion of software.
ithin each facility, messages are listed by the verity level, from highest (0) to lowest (7). A nemonic is a code which uniquely identifies the essage.
ch message is followed by an explanation and a commended action. Messages appear only when
the system remains opan example of a syslog
“01/01/2001,18:31:15MOD_INSERT:Module
The meaning of this m
• 01/01/2001,18:3of the error (this apmessaging).
• SYS is the facility t• 5 is the severity lev
normal but signific• MOD_INSERT is th
uniquely identifies• Module 5 has been
text which describecontain detailed infrom message to m
See the Alarm Manageinformation about mod
Table 6: Syslog Message Severity
Alarm Severity Color
0-1 Red
2-3 Orange
4 Yellow
Note:Note:
This managthe systemCisco IOS R
S y a c e C o n f i g u r a t i o n V i e w
S P c o S e c u r e P I X F i r e w a l l
Thsathto
•
•
•
•
•
re
NN
s l o g T r a p S u p p o r t I n t e r f
E C T R U M E n t e r p r i s e M a n a g e r Page 25 C i s
e System Message Log (syslog) software can ve the system messages ina log file or direct em to other devices. Syslog software allows you do the following:
Save logging information for monitoring and troubleshooting.Select the types of logging information captured.Select the destination of captured logging information.By default the switch logs normal but significant system messages to itsInternal buffer and sends these messages to the system console. You canspecify which system messages should be saved based on the type offacility and the severity level. Messages can be time-stamped to enhance
al-time debugging and management.
ote:ote:
The URL http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix is a link to more information about Cisco Pix syslog messages including a list of facility codes and of error messages with their corresponding recommended actions.
S P c o S e c u r e P I X F i r e w a l l
Thabse
FiThtyvathco
el Information View
n
System Up Time
Manufacturer
Device Type
Serial Number
s
Communication Information
Community Name
DCM TimeOut
DCM Retry
Poll/Log InformationPoll Interval
Polling Status
Last Successful Poll
Log Ratio
LOGGED POLLED
rmation View
PH: Model Name
Help
E C T R U M E n t e r p r i s e M a n a g e r Page 26 C i s
Model Information View
This section provides a brief overview of the Model Information view.
is view displays administrative information out the device and its applications and lets you t thresholds and alarm severity for the device.
gure 9 shows a sample Model Information view. e layout of this view is the same for all model
pes in SPECTRUM but some information will ry depending on the model it defines. Refer to e SPECTRUM Views documentation for a mplete description of this view.
Figure 9: Mod
Primary Applicatio
Network AddresModel NameContactDescriptionLocation
MM Version Number
MM Name
MM Part Number
General Information
Model Created By
Model Type
Model Creation Time
Model State
Security String
Condition
Condition Value
Contact Status
Lost Child Count
Value When Yellow
Value When Orange
Value When Red
Model Info
SpectroGRA
File View Tools Bookmarks
type Model Type of Landscape: Primary
S P C i s c o P I X F i r e w a l l
AAd
IPT
AdAp
BBa
CCo
DI
DDeDo
gement Tasks 711, 15
rmation 26es of 5
rk I/O ports 12rk Type 10, 14
tion Status 22
t Size 22mance Statistics 10, 14, 19al Address 22umber, Device 9, 13
E C T R U M E n t e r p r i s e M a n a g e r Page 27
Index
dressnterface IP 10, 14hysical (MAC) 10, 14ranslation 11, 15
min Status 9, 13, 22plications 16
ndwidth 22
nfigurationevice 21
nterface 22
vTop Views 8cumentation 4
GGauge Label 10, 14
HHardware 5
IIcons
Device 5Interface 9, 13
InterfaceStatus 11, 14Type, Device 9, 13
IP Address/Network Mask 22
LLast Change 22
MManaMaskModel
InfoTyp
NNetwoNetwo
OOpera
PPackePerforPhysicPort N
I n I n d e x
S P C i s c o P I X F i r e w a l l
QQu
RRe
SSeSt
R
TThTrTr
d e x
E C T R U M E n t e r p r i s e M a n a g e r Page 28
eue Length 22
stricted Rights Notice 2
rial ports 12atistics
outing Frame Transmission 20
reshold Information 10, 14ademarks 2oubleshooting 7