Juniper Security Threat Response Manager User manual

Category
Networking
Type
User manual
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA
408-745-2000
www.juniper.net
Part Number: 530-025621-01, Revision 1
Security Threat Response Manager
SNMP Agent Guide
Release 2008.2
2 î‚„
Copyright Notice
Copyright © 2008 Juniper Networks, Inc. All rights reserved. Juniper Networks and the Juniper Networks logo are registered trademarks of Juniper
Networks Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks in this
document are the property of Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks
assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves
the right to change, modify, transfer, or otherwise revise this publication without notice.
FCC Statement
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A
digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the
equipment is operated in a commercial environment. The equipment generates, uses, and can radiate radio-frequency energy and, if not installed and
used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential
area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense. The following
information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it
is not installed in accordance with NetScreen’s installation instructions, it may cause interference with radio and television reception. This equipment has
been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These
specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that
interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Consult the dealer or an experienced radio/TV
technician for help. Connect the equipment to an outlet on a circuit different from that to which the receiver is connected.
Caution: Changes or modifications to this product could void the user's warranty and authority to operate this device.
Disclaimer
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET
THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE
SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR JUNIPER NETWORKS REPRESENTATIVE FOR A COPY.
STRM SNMP Agent Guide
Release 2008.2
Copyright © 2008, Juniper Networks, Inc.
All rights reserved. Printed in USA.
Revision History
June 2008—Revision 1
The information in this document is current as of the date listed in the revision history.
CONTENTS
ABOUT THIS GUIDE
Conventions 3
Technical Documentation 3
Documentation Feedback 3
Requesting Support 4
1 ABOUT THE EMBEDDED SNMP AGENT
About the SNMP Agent 5
Accessing the SNMP Agent 6
2 USING THE SNMP-LINUX-MIB
Processor Details 7
Disk Space Details 8
Mount Details 8
System Performance Details 9
Processes Table Details 10
Processor Performance Details 10
Page Details 11
Service Details 11
Boot Log Details 12
Cron Log Details 13
Secure Log Details 13
IDE Details 14
Module Details 14
PCI Details 15
SCSI Details 16
Slab Details 16
3 USING THE RFC1213-MIB
System Details 19
Interfaces 21
Address Translation 23
IP Details 23
System Details 26
IP Address Table Details 27
IP Route Table Details 28
IP Net to Media Table Details 30
ICMP Table Details 31
TCP Details 33
TCP Connection Details 35
UDP Details 36
UDP Table Details 36
SNMP Details 37
4 USING THE HOST-RESOURCES-MIB
System Details 41
Storage Details 42
Device Details 43
Processor Table Details 45
Network Table Details 45
Printer Table Details 45
Disk Storage Details 46
Partition Details 47
File System Details 48
Software Run Details 49
Software Run Performance Details 50
HR Software Installed Table Details 51
A SNMP OVERVIEW
About SNMP 53
What Is an Agent? 53
Who Is a Manager? 54
Manager and Agent Relationship 54
What is a MIB (Management Information Base)? 55
What Are MIB Groups? 56
MIB Data types Available 57
MIB Constructs Available 60
Supported Textual Conventions 61
Nodes 62
Object Identifiers 62
Relative and Absolute Object Identifiers 62
Specifying Object Identifiers Symbolically 62
Object Identifier with Instance Indexes 63
Scalar and Tabular Objects 63
How an Agent Works 64
Traps 64
Specifying SNMP Variables in GET Requests 65
STRM SNMP Agent Guide
ABOUT THIS GUIDE
The STRM SNMP Agent Guide provides you with information on using the
embedded SNMP Agent and viewing MIB information.
Conventions Table 1 lists conventions that are used throughout this guide.
Technical
Documentation
You can access technical documentation, technical notes, and release notes
directly from the Juniper networks Support Web site at
http://
www.juniper.net/support/.
Documentation
Feedback
We encourage you to provide feedback, comments, and suggestions so that we
can improve the documentation. Send your comments to
techpubs-comments@juniper.net, or fill out the documentation feedback form at
http://www.juniper.net/techpubs/docbug/docbugreport.html. If you are using e-mail, be
sure to include the following information with your comments:
• Document name
• Document part number
• Page number
• Software release version
Table 1 Icons
Icon Type Description
Information note Information that describes important features or
instructions.
Caution Information that alerts you to potential loss of
data or potential damage to an application,
system, device, or network.
Warning Information that alerts you to potential personal
injury.
STRM SNMP Agent Guide
4 ABOUT THIS GUIDE
Requesting
Support
• Open a support case using the Case Management link at
http://www.juniper.net/support/ or call 1-888-314-JTAC (from the United States,
Canada, or Mexico) or 1-408-745-9500 (from elsewhere).
STRM SNMP Agent
1
ABOUT THE EMBEDDED SNMP
A
GENT
The STRM Embedded SNMP Agent is a service that runs on STRM appliances to
monitor system performance and usage metrics such as CPU utilization, memory
usage, disk space usage, and network interface statistics. The SNMP Agent
allows STRM to monitor system health and enables integration with other existing
network management products, such as, HP Openview or IBM Tivoli for system
health monitoring. This chapter provides information regarding the Embedded
SNMP Agent including:
• About the SNMP Agent
• Accessing the SNMP Agent
About the SNMP
Agent
The SNMP Agent provides real-time information on the following Management
Information Bases (MIBs):
• SNMP-LINUX-MIB. For more information, see Chapter 2 Using the
SNMP-Linux-MIB.
• RFC1213-MIB. For more information, see Chapter 3 Using the RFC1213-MIB.
• HOST-RESOURCES-MIB. For more information, see Chapter 4 Using the
Host-Resources-MIB.
These MIBs enable SNMP manageability for your Linux systems. The figure below
the architecture for the SNMP Agent.
STRM SNMP Agent
6 ABOUT THE EMBEDDED SNMP AGENT
The SNMP Agent gathers all the information from your Linux system pertaining to
SNMP-LINUX-MIB, HOST-RESOURCES-MIB, and RFC-1213-MIB and exposes
that information using the STRM interface and SNMP managers.
Note: For information on configuring SNMP Agent ports, see the Managing STRM
chapter in the STRM Administration Guide.
Accessing the
SNMP Agent
To access the embedded SNMP Agent:
Step 1 In the Administration Console, click the System Configuration tab.
The System Configuration panel appears.
Step 2 Click the System Management icon.
The System Management window appears.
Step 3 In the View Agent column, click View Agent for the SNMP agent you wish to
access.
Web
Console
SNMP
Manager
SNMP Agent for Linux
System Details
Process Details
Details relating to
HOST-RESOURCES-MIB,
RFC-1213-MIB,
and SNMP-LINUX-MIB
Linux
STRM SNMP Agent
2
USING THE SNMP-LINUX-MIB
The SNMP-Linux-MIB is a pre-defined MIB that retrieves information from your
system. This MIB retrieves the following information:
• Processor Details
• Disk Space Details
• Mount Details
• System Performance Details
• Service Details
• Boot Log Details
• Cron Log Details
• Secure Log Details
• IDE Details
• Module Details
• PCI Details
• SCSI Details
• Slab Details
Processor Details The process details includes:
For example, sample output may include:
Table 2-1 Processor Details
S.No Processor Details
1. Processor Vendor Name
2. Processor Model Name
3. Processor Speed in Mega Hertz
4. Processor Cache Size in KB
STRM SNMP Agent
8 USING THE SNMP-LINUX-MIB
Disk Space Details The disk space details includes:
For example, sample output may include:
Mount Details The mount details includes:
Table 2-2 Disk Space Details
S.No Disk Space Details
1. File System Type
2. Total Disk Space in MegaBytes
3. Used Space in MegeBytes
4. Percentage of Free Space
5. Percentage of Used Space
6. The Mount Point of the Device
Table 2-3 Mount Details
S.No Mount Details
1. Device Name
2. Mount Point of the Device
3. File System Type
STRM SNMP Agent
System Performance Details 9
For example, sample output may include:
System
Performance
Details
The system performance details includes:
For example, sample output may include:
Table 2-4 System Performance Details
S.No System Performance Details Description
1. One Minute Load CPU Utilization of the last one minute
2. Five Minute Load CPU Utilization of the last five minutes
3. Fifteen Minute Load CPU Utilization of the last fifteen minutes
4. Total RAM Total RAM size in bytes
5. Free RAM Free RAM in bytes
6. Shared RAM Shared RAM in bytes
7. Buffer RAM Buffer RAM in bytes
8. Total Swap Total Swap size in bytes
9. Free Swap Free Swap size in bytes
10. No. of Current Processes Specifies the number of current processes
running in the system
STRM SNMP Agent
10 USING THE SNMP-LINUX-MIB
Processes Table
Details
The process table details includes:
For example, sample output may include:
Processor
Performance Details
The processor performance details includes:
Table 2-5 Process Details
S.No Process Table Details Description
1. Process ID (PID) Specifies the Process Identification Number.
2. Process Command Specifies the name of the process.
3. Process User Specifies the user that started the process.
4. Memory Percentage Specifies the percentage of memory used by the
process.
5. CPU Percentage Specifies the percentage of CPU used by the
process.
6. Memory Size Specifies the memory taken by the process in
KiloBytes.
Table 2-6 Processor Details
S.No Processor Details
1. Processor Vendor Name
2. Processor Model Name
3. Processor Speed in Mega Hertz
4. Processor Cache Size in KB
STRM SNMP Agent
Service Details 11
For example, sample output may include:
Page Details The page details includes:
For example, sample output may include:
Service Details The service details includes:
Table 2-7 Processor Details
S.No Processor Details Description
1. Swap Pages In Specifies the number of swap pages the system has
brought in.
2. Swap Pages Out Specifies the number of swap pages the system has
brought out.
3. Memory Pages In Specifies the number of memory pages the system
has written in.
4. Memory Pages Out Specifies the number of memory pages the system
has written out to the disk.
Table 2-8 Service Details
S.No Service Details Description
1. Service Type Specifies the service name (such as, Telnet or FTP) or
the port number if no entry exists in the /etc/services file.
2. Protocol Name Specifies the protocol used for the service.
3. Client Name Specifies the name of the client using the service. If
there is no client using the service, this field indicates *.
4. Client Port Specifies the port number used by the client using the
service.
STRM SNMP Agent
12 USING THE SNMP-LINUX-MIB
For example, sample output may include:
Boot Log Details The boot log details includes:
For example, sample output may include:
Table 2-9 Boot Log Details
S.No Boot Log Details
1. Time Boot
2. Host Name
3. Process Name
4. Message
STRM SNMP Agent
Cron Log Details 13
Cron Log Details The boot log details includes:
For example, sample output may include:
Secure Log Details The secure log details includes:
Table 2-10 Cron Log Details
S.No Cron Log Details
1. Cron Date
2. Cron Time
3. Cron Host Name
4. Cron User
5. Cron Process
6. Cron Frequency
Table 2-11 Secure Log Details
S.No Secure Log Details
1. Secure Date
2. Secure Time
3. Secure Protocols
4. Secure From Address
STRM SNMP Agent
14 USING THE SNMP-LINUX-MIB
For example, sample output may include:
IDE Details The IDE details includes:
For example, sample output may include:
Module Details The module details includes:
Table 2-12 IDE Details
S.No IDE Details Description
1. IDE Cache Specifies the cache size of the IDE.
2. IDE Driver Specifies the driver details of IDE.
3. IDE Model Specifies the model of the IDE devices.
4. IDE Capacity Specifies the capacity of the IDE device.
5. Physical Geometry Specifies the physical geometry of the device.
6. Logical Geometry Specifies the logical geometry of the device.
Table 2-13 Module Details
S.No Module Details Description
1. Module Name Specifies the name of the module.
2. Module Size Specifies the page (typically 4K) memory
occupied by the module.
STRM SNMP Agent
PCI Details 15
For example, sample output may include:
PCI Details The PCI details includes:
For example, sample output may include:
3. Module Usage Count Specifies the module usage count.
Table 2-13 Module Details (continued)
S.No Module Details Description
Table 2-14 PCI Details
S.No PCI Details
1. PCI Name
2. PCI Bus
3. PCI Device
4. PCI Function
5. PCI Description
STRM SNMP Agent
16 USING THE SNMP-LINUX-MIB
SCSI Details The SCSI details includes:
For example, sample output may include:
Slab Details The Slab details includes:
Table 2-15 SCSI Details
S.No SCSI Details
1. SCSI Index
2. SCSI ID
3. SCSI Type
4. SCSI Model
5. SCSI Vendor
Table 2-16 Slab Details
S.No Slab Details
1. Cache Name
2. Active Objects
3. Total Object
4. Object Size
5. Active Slabs per Object
6. Slabs per Object
7. Pages per Slab
STRM SNMP Agent
Slab Details 17
For example, sample output may include:
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68

Juniper Security Threat Response Manager User manual

Category
Networking
Type
User manual

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI