Juniper Security Threat Response Manager User manual

Brand: Juniper

Model: Security Threat Response Manager

Category: Networking

Type: User manual

This manual is also suitable for

SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1

Juniper Networks, Inc.

1194 North Mathilda Avenue

Sunnyvale, CA 94089

USA

408-745-2000

www.juniper.net

Part Number: 530-025621-01, Revision 1

Security Threat Response Manager

SNMP Agent Guide

Release 2008.2

2 

Networks Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks in this

document are the property of Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks

assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves

the right to change, modify, transfer, or otherwise revise this publication without notice.

FCC Statement

The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A

digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the

equipment is operated in a commercial environment. The equipment generates, uses, and can radiate radio-frequency energy and, if not installed and

used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential

area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense. The following

information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it

is not installed in accordance with NetScreen’s installation instructions, it may cause interference with radio and television reception. This equipment has

been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These

specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that

interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be

determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Consult the dealer or an experienced radio/TV

technician for help. Connect the equipment to an outlet on a circuit different from that to which the receiver is connected.

Caution: Changes or modifications to this product could void the user's warranty and authority to operate this device.

Disclaimer

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET

THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE

SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR JUNIPER NETWORKS REPRESENTATIVE FOR A COPY.

STRM SNMP Agent Guide

Release 2008.2

Revision History

June 2008—Revision 1

The information in this document is current as of the date listed in the revision history.

CONTENTS

ABOUT THIS GUIDE

Conventions 3

Technical Documentation 3

Documentation Feedback 3

Requesting Support 4

1 ABOUT THE EMBEDDED SNMP AGENT

About the SNMP Agent 5

Accessing the SNMP Agent 6

2 USING THE SNMP-LINUX-MIB

Processor Details 7

Disk Space Details 8

Mount Details 8

System Performance Details 9

Processes Table Details 10

Processor Performance Details 10

Page Details 11

Service Details 11

Boot Log Details 12

Cron Log Details 13

Secure Log Details 13

IDE Details 14

Module Details 14

PCI Details 15

SCSI Details 16

Slab Details 16

3 USING THE RFC1213-MIB

System Details 19

Interfaces 21

Address Translation 23

IP Details 23

System Details 26

IP Address Table Details 27

IP Route Table Details 28

IP Net to Media Table Details 30

ICMP Table Details 31

TCP Details 33

TCP Connection Details 35

UDP Details 36

UDP Table Details 36

SNMP Details 37

4 USING THE HOST-RESOURCES-MIB

System Details 41

Storage Details 42

Device Details 43

Processor Table Details 45

Network Table Details 45

Printer Table Details 45

Disk Storage Details 46

Partition Details 47

File System Details 48

Software Run Details 49

Software Run Performance Details 50

HR Software Installed Table Details 51

A SNMP OVERVIEW

About SNMP 53

What Is an Agent? 53

Who Is a Manager? 54

Manager and Agent Relationship 54

What is a MIB (Management Information Base)? 55

What Are MIB Groups? 56

MIB Data types Available 57

MIB Constructs Available 60

Supported Textual Conventions 61

Nodes 62

Object Identifiers 62

Relative and Absolute Object Identifiers 62

Specifying Object Identifiers Symbolically 62

Object Identifier with Instance Indexes 63

Scalar and Tabular Objects 63

How an Agent Works 64

Traps 64

Specifying SNMP Variables in GET Requests 65

STRM SNMP Agent Guide

ABOUT THIS GUIDE

The STRM SNMP Agent Guide provides you with information on using the

embedded SNMP Agent and viewing MIB information.

Conventions Table 1 lists conventions that are used throughout this guide.

Technical

Documentation

You can access technical documentation, technical notes, and release notes

directly from the Juniper networks Support Web site at

http://

www.juniper.net/support/.

Documentation

Feedback

We encourage you to provide feedback, comments, and suggestions so that we

can improve the documentation. Send your comments to

techpubs-comments@juniper.net, or fill out the documentation feedback form at

http://www.juniper.net/techpubs/docbug/docbugreport.html. If you are using e-mail, be

sure to include the following information with your comments:

• Document name

• Document part number

• Page number

• Software release version

Table 1 Icons

Icon Type Description

Information note Information that describes important features or

instructions.

Caution Information that alerts you to potential loss of

data or potential damage to an application,

system, device, or network.

Warning Information that alerts you to potential personal

injury.

STRM SNMP Agent Guide

4 ABOUT THIS GUIDE

Requesting

Support

• Open a support case using the Case Management link at

http://www.juniper.net/support/ or call 1-888-314-JTAC (from the United States,

Canada, or Mexico) or 1-408-745-9500 (from elsewhere).

STRM SNMP Agent

ABOUT THE EMBEDDED SNMP

GENT

The STRM Embedded SNMP Agent is a service that runs on STRM appliances to

monitor system performance and usage metrics such as CPU utilization, memory

usage, disk space usage, and network interface statistics. The SNMP Agent

allows STRM to monitor system health and enables integration with other existing

network management products, such as, HP Openview or IBM Tivoli for system

health monitoring. This chapter provides information regarding the Embedded

SNMP Agent including:

• About the SNMP Agent

• Accessing the SNMP Agent

About the SNMP

Agent

The SNMP Agent provides real-time information on the following Management

Information Bases (MIBs):

• SNMP-LINUX-MIB. For more information, see Chapter 2 Using the

SNMP-Linux-MIB.

• RFC1213-MIB. For more information, see Chapter 3 Using the RFC1213-MIB.

• HOST-RESOURCES-MIB. For more information, see Chapter 4 Using the

Host-Resources-MIB.

These MIBs enable SNMP manageability for your Linux systems. The figure below

the architecture for the SNMP Agent.

STRM SNMP Agent

6 ABOUT THE EMBEDDED SNMP AGENT

The SNMP Agent gathers all the information from your Linux system pertaining to

SNMP-LINUX-MIB, HOST-RESOURCES-MIB, and RFC-1213-MIB and exposes

that information using the STRM interface and SNMP managers.

Note: For information on configuring SNMP Agent ports, see the Managing STRM

chapter in the STRM Administration Guide.

Accessing the

SNMP Agent

To access the embedded SNMP Agent:

Step 1 In the Administration Console, click the System Configuration tab.

The System Configuration panel appears.

Step 2 Click the System Management icon.

The System Management window appears.

Step 3 In the View Agent column, click View Agent for the SNMP agent you wish to

access.

Web

Console

SNMP

Manager

SNMP Agent for Linux

System Details

Process Details

Details relating to

HOST-RESOURCES-MIB,

RFC-1213-MIB,

and SNMP-LINUX-MIB

Linux

STRM SNMP Agent

USING THE SNMP-LINUX-MIB

The SNMP-Linux-MIB is a pre-defined MIB that retrieves information from your

system. This MIB retrieves the following information:

• Processor Details

• Disk Space Details

• Mount Details

• System Performance Details

• Service Details

• Boot Log Details

• Cron Log Details

• Secure Log Details

• IDE Details

• Module Details

• PCI Details

• SCSI Details

• Slab Details

Processor Details The process details includes:

For example, sample output may include:

Table 2-1 Processor Details

S.No Processor Details

1. Processor Vendor Name

2. Processor Model Name

3. Processor Speed in Mega Hertz

4. Processor Cache Size in KB

STRM SNMP Agent

8 USING THE SNMP-LINUX-MIB

Disk Space Details The disk space details includes:

For example, sample output may include:

Mount Details The mount details includes:

Table 2-2 Disk Space Details

S.No Disk Space Details

1. File System Type

2. Total Disk Space in MegaBytes

3. Used Space in MegeBytes

4. Percentage of Free Space

5. Percentage of Used Space

6. The Mount Point of the Device

Table 2-3 Mount Details

S.No Mount Details

1. Device Name

2. Mount Point of the Device

3. File System Type

STRM SNMP Agent

System Performance Details 9

For example, sample output may include:

System

Performance

Details

The system performance details includes:

For example, sample output may include:

Table 2-4 System Performance Details

S.No System Performance Details Description

1. One Minute Load CPU Utilization of the last one minute

2. Five Minute Load CPU Utilization of the last five minutes

3. Fifteen Minute Load CPU Utilization of the last fifteen minutes

4. Total RAM Total RAM size in bytes

5. Free RAM Free RAM in bytes

6. Shared RAM Shared RAM in bytes

7. Buffer RAM Buffer RAM in bytes

8. Total Swap Total Swap size in bytes

9. Free Swap Free Swap size in bytes

10. No. of Current Processes Specifies the number of current processes

running in the system

STRM SNMP Agent

10 USING THE SNMP-LINUX-MIB

Processes Table

Details

The process table details includes:

For example, sample output may include:

Processor

Performance Details

The processor performance details includes:

Table 2-5 Process Details

S.No Process Table Details Description

1. Process ID (PID) Specifies the Process Identification Number.

2. Process Command Specifies the name of the process.

3. Process User Specifies the user that started the process.

4. Memory Percentage Specifies the percentage of memory used by the

process.

5. CPU Percentage Specifies the percentage of CPU used by the

process.

6. Memory Size Specifies the memory taken by the process in

KiloBytes.

Table 2-6 Processor Details

S.No Processor Details

1. Processor Vendor Name

2. Processor Model Name

3. Processor Speed in Mega Hertz

4. Processor Cache Size in KB

STRM SNMP Agent

Service Details 11

For example, sample output may include:

Page Details The page details includes:

For example, sample output may include:

Service Details The service details includes:

Table 2-7 Processor Details

S.No Processor Details Description

1. Swap Pages In Specifies the number of swap pages the system has

brought in.

2. Swap Pages Out Specifies the number of swap pages the system has

brought out.

3. Memory Pages In Specifies the number of memory pages the system

has written in.

4. Memory Pages Out Specifies the number of memory pages the system

has written out to the disk.

Table 2-8 Service Details

S.No Service Details Description

1. Service Type Specifies the service name (such as, Telnet or FTP) or

the port number if no entry exists in the /etc/services file.

2. Protocol Name Specifies the protocol used for the service.

3. Client Name Specifies the name of the client using the service. If

there is no client using the service, this field indicates *.

4. Client Port Specifies the port number used by the client using the

service.

STRM SNMP Agent

12 USING THE SNMP-LINUX-MIB

For example, sample output may include:

Boot Log Details The boot log details includes:

For example, sample output may include:

Table 2-9 Boot Log Details

S.No Boot Log Details

1. Time Boot

2. Host Name

3. Process Name

4. Message

STRM SNMP Agent

Cron Log Details 13

Cron Log Details The boot log details includes:

For example, sample output may include:

Secure Log Details The secure log details includes:

Table 2-10 Cron Log Details

S.No Cron Log Details

1. Cron Date

2. Cron Time

3. Cron Host Name

4. Cron User

5. Cron Process

6. Cron Frequency

Table 2-11 Secure Log Details

S.No Secure Log Details

1. Secure Date

2. Secure Time

3. Secure Protocols

4. Secure From Address

STRM SNMP Agent

14 USING THE SNMP-LINUX-MIB

For example, sample output may include:

IDE Details The IDE details includes:

For example, sample output may include:

Module Details The module details includes:

Table 2-12 IDE Details

S.No IDE Details Description

1. IDE Cache Specifies the cache size of the IDE.

2. IDE Driver Specifies the driver details of IDE.

3. IDE Model Specifies the model of the IDE devices.

4. IDE Capacity Specifies the capacity of the IDE device.

5. Physical Geometry Specifies the physical geometry of the device.

6. Logical Geometry Specifies the logical geometry of the device.

Table 2-13 Module Details

S.No Module Details Description

1. Module Name Specifies the name of the module.

2. Module Size Specifies the page (typically 4K) memory

occupied by the module.

STRM SNMP Agent

PCI Details 15

For example, sample output may include:

PCI Details The PCI details includes:

For example, sample output may include:

3. Module Usage Count Specifies the module usage count.

Table 2-13 Module Details (continued)

S.No Module Details Description

Table 2-14 PCI Details

S.No PCI Details

1. PCI Name

2. PCI Bus

3. PCI Device

4. PCI Function

5. PCI Description

STRM SNMP Agent

16 USING THE SNMP-LINUX-MIB

SCSI Details The SCSI details includes:

For example, sample output may include:

Slab Details The Slab details includes:

Table 2-15 SCSI Details

S.No SCSI Details

1. SCSI Index

2. SCSI ID

3. SCSI Type

4. SCSI Model

5. SCSI Vendor

Table 2-16 Slab Details

S.No Slab Details

1. Cache Name

2. Active Objects

3. Total Object

4. Object Size

5. Active Slabs per Object

6. Slabs per Object

7. Pages per Slab

STRM SNMP Agent

Slab Details 17

For example, sample output may include:

Page is loading ...

Juniper Security Threat Response Manager User manual

Brand: Juniper

Model: Security Threat Response Manager

Category: Networking

Type: User manual

This manual is also suitable for

SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1

Download PDF

report

Juniper Security Threat Response Manager User manual

This manual is also suitable for

Juniper Security Threat Response Manager User manual

Related papers

Other documents