Cisco Secure PIX Firewall (9035022-01)

Cisco Secure PIX Firewall

SPECTRUM Enterprise ManagerDevice Management

Supports Management Module SM-CIS1011

TitlepaeTitlepaeTitlepaeTitlepae

S P E C T R U M E n t e r p r i s e M a n a g e r Page 2 C i s c o S e c u r e P I X F i r e w a l l

NoticeAprisma Management Technologies, Inc. (Aprisma), reserves the right to makechanges in specifications and other information contained in this document withoutprior notice. The reader should in all cases consult Aprisma to determine whetherany such changes have been made.

The hardware, firmware, or software described in this manual is subject to changewithout notice.

IN NO EVENT SHALL APRISMA, ITS EMPLOYEES, OFFICERS, DIRECTORS,AGENTS, OR AFFILIATES BE LIABLE FOR ANY INCIDENTAL, INDIRECT,SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUTNOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THISMANUAL OR THE INFORMATION CONTAINED IN IT, EVEN IF APRISMA HASBEEN ADVISED OF, KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITYOF SUCH DAMAGES.

Copyright © May 2001 by Aprisma Management Technologies. All rights reserved.

Printed in the United States of America.

Order Number: 9035022-01

Aprisma Management Technologies, Inc.121 Technology DriveDurham NH 03824

SPECTRUM, the SPECTRUM IMT/VNM logo, DCM, IMT, and VNM are registeredtrademarks, and SpectroGRAPH , SpectroSERVER , Inductive ModelingTechnology , Device Communications Manager , and Virtual Network Machineare trademarks of Aprisma or its affiliates.

Ethernet is a trademark of Xerox Corporation.

Virus DisclaimerAprisma makes no representations or warranties to the effect that the LicensedSoftware is virus-free.

Aprisma has tested its software with current virus checking technologies. However,because no anti-virus system is 100% reliable, we strongly caution you to writeprotect and then verify that the Licensed Software, prior to installing it, is virus-freewith an anti-virus system in which you have confidence.

Restricted Rights Notice(Applicable to licenses to the United States Government only.)

1. Use, duplication, or disclosure by the Government is subject to restrictions asset forth in subparagraph (c) (1) (ii) of the Rights in Technical Data andComputer Software clause at DFARS 252.227-7013.

Aprisma Management Technologies, Inc.121 Technology DriveDurham NH 03824

2. (a) This computer software is submitted with restricted rights. It may not beused, reproduced, or disclosed by the Government except as provided inparagraph (b) of this Notice or as otherwise expressly stated in the contract.

(b) This computer software may be:

(1) Used or copied for use in or with the computer or computers for whichit was acquired, including use at any Government installation to whichsuch computer or computers may be transferred;

(2) Used or copied for use in a backup computer if any computer for whichit was acquired is inoperative;

(3) Reproduced for archival or backup purposes;

(4) Modified, adapted, or combined with other computer software, providedthat the modified, combined, or adapted portions of the derivativesoftware incorporating restricted computer software are made subjectto the same restricted rights;

(5) Disclosed to and reproduced for use by support service contractors inaccordance with subparagraphs (b) (1) through (4) of this clause,provided the Government makes such disclosure or reproductionsubject to these restricted rights; and

(6) Used or copied for use in or transferred to a replacement computer.

(c) Notwithstanding the foregoing, if this computer software is publishedcopyrighted computer software, it is licensed to the Government, withoutdisclosure prohibitions, with the minimum rights set forth in paragraph (b) ofthis clause.

(d) Any other rights or limitations regarding the use, duplication, or disclosureof this computer software are to be expressly stated in, or incorporated in,the contract.

(e) This Notice shall be marked on any reproduction of this computer software, inwhole or in part.

S P E C T R U M E n t e r p r i s e M a n a g e r Page 3 C i s c o S e c u r e P I X F i r e w a l l

ContentsINTRODUCTION 4

Purpose and Scope ........................................................4Required Reading ...........................................................4Supported Devices..........................................................5The SPECTRUM Model ..................................................5

TASKS 7

DEVICE VIEW 8

Interface Icons ................................................................9Interface Icon Subviews Menu......................................10Interface Status View ....................................................11Secondary Address Panel ............................................11

DEVICE TOPOLOGY VIEW 12

Interface Icons ..............................................................13Interface Icon Subviews Menu......................................14Interface Status View ....................................................14Secondary Address Panel ............................................15

APPLICATION VIEWS 16

Main Application View ...................................................16Supported Applications .................................................17

Common Applications................................................17Device-Specific Applications .....................................18

PERFORMANCE VIEWS 19

Device Performance View.............................................20Port Performance View .................................................20

CONFIGURATION VIEWS 21

Device Configuration View............................................21Interface Configuration View.........................................22

SYSLOG TRAP SUPPORT 23

MODEL INFORMATION VIEW 26

INDEX 27

S P c o S e c u r e P I X F i r e w a l l

isco Secure PIX Firewall

Th

•

•

•

•

PUsCiPaSMmmdeSP

InprinSP

ation techniques, refer to Required Reading.

ingtion effectively, you must ormation covered by the e documents listed below.

ith SPECTRUM for

ith SPECTRUM for

our Network with

are Release Notice

E C T R U M E n t e r p r i s e M a n a g e r Page 4 C i s

Introduction

This section introduces the SPECTRUM Device Management documentation for the Cdevices.

is introduction contains the following topics:

Purpose and Scope

Required Reading

Supported Devices (Page 5)

The SPECTRUM Model (Page 5)

urpose and Scopee this document as a guide for managing the sco Secure PIX Firewall devices described on ge 5 with SPECTRUM management module -CIS1011. This document describes the icons,

enus, and views that enable you to remotely onitor, configure, and troubleshoot Cisco PIX vices through software models in your ECTRUM database.

formation specific to SM-CIS1011 is what is imarily included in this document. For general formation about device management using ECTRUM and explanations of SPECTRUM

functionality and navigthe topics listed under

Required ReadTo use this documentabe familiar with the infother SPECTRUM onlin

• Getting Started wOperators

• Getting Started wAdministrators

• How to Manage YSPECTRUM

• SPECTRUM Views

• SPECTRUM Menus

• SPECTRUM Icons

• SPECTRUM Softw

I n S u p p o r t e d D e v i c e s


SSPcuFi

CineTr

M Model Cisco Secure PIX Firewall

creation of Device icons ces and Application icons pported applications.

in double-click zones and Subviews menus that let nagement activities such s on Page 7.

appearance of the Device pending on the kind of view

Device Icons

Model Name

PIX Firewall

all Device icon appears inology and Application views

rs inn, and

t r o d u c t i o n


upported DevicesECTRUM management module SM-CIS1011 rrently lets you model the Cisco Secure Pix rewall which allows you to manage traps.

sco Secure PIX Firewall 5.2 provides secure tworking and NAT (Network Address anslation).

The SPECTRUThe model type for thedevices is CisPIXDev.

Modeling results in thethat represent the devithat represent their su

The Device icons contaprovide access to Icon you perform device maas those listed in Task

As Figure 1 shows, theicons varies slightly deit appears in.

Figure 1:

Model Name

PIX FireWall

SmTop

Large Device icon appeaDevice Topology, LocatioDevice Interface views.

I n T h e S P E C T R U M M o d e l


Thav

ent covering the Cisco nagement module is

)

w (Page 12)

Page 16)

(Page 19)

iew (Page 26)

De

De

Ap

Fa

Co

MIn

t r o d u c t i o n


e device-specific Icon Subviews menu options ailable from the Device icon are listed below.

The rest of this documSecure PIX Firewall maorganized as follows.

• Tasks (Page 7)

• Device View (Page 8

• Device Topology Vie

• Application Views (

• Performance Views

• Model Information V

Option Accesses the...

vice View Device View (Page 8)

vice Topology Device Topology View (Page 12)

plication Application Views (Page 16)

ult Isolation For further information refer to the Spectrum Views documentation.

nfiguration Performance Views (Page 19)

odel formation

Model Information View (Page 26)


providing one or more

Ad•

Al•

Co•

IP••

Pe••

To•


Tasks

This section contains an alphabetical list of device management tasks, with each tasklinks to views that let you perform the task.

ministrative Information (check)Model Information View (Page 26)

arm Thresholds (set)Interface Icon Subviews Menu (Page 14)

nfiguration Information (check)Performance Views (Page 19)

Address (find/change)Device View (Page 8)Secondary Address Panel (Page 15)

rformance (check)Device View (Page 8)Interface Icons (Page 13)

pology (check)Device View (Page 8)


cure PIx Firewall devices

Acico

ThremprinneInThicoan

Device View

Router Device: Model Name

Help

Sys Up TimeManufacturerDevice TypeSerial Number

s

cription

ical

Interface Options Panelon

ATM8B3

0.0.0.0

ON

ATM8B4

0.0.0.0

ON

4

8

Interface Icons

irewall of Landscape node: Primary

n Gen Bridge App


Device View

This section describes the Device view and subviews available for models of Cisco Sein SPECTRUM.

cess: From the Icon Subviews menu for the Devicen, select Device .

is view (Figure 2) uses icons and labels to present the device and its components, such as odules, ports, and applications. The view ovides dynamic configuration and performance formation for each of the device’s serial and twork I/O ports, which are represented by terface icons in the bottom panel of the view. e middle panel of the view displays a Device n, which lets you monitor the device operation d access other device-specific views.

Figure 2:

SpectroGRAPH:

File View Tools

Model NameContactDescriptionLocation

Network Addres

Interface Des

Filter Phys

Device Ic

PIX_Firewall

Model Name

1Ethernet

0:0:1D:F:FD:B6

ei0

0.0.0.0

ON

5SFTWARLPBK

0:0:1D:F:FD:B6

lo0

0.0.0.0

ON

9ATM8023

0:0:1D:F:FD:B6

zn1

0.0.0.0

ON

512AAL5

UAAL5

0.0.0.0

ON

2ATMCPU

0.0.0.0

ON

6ATM portCPU.1

0.0.0.0

ON

ATM7A1

0.0.0.0

ON

ATM7B1

0.0.0.0

ON

ATM7B2

0.0.0.0

ON

ATM7B3

0.0.0.0

ON

ATM8B1

0.0.0.0

ON

ATM8B2

0.0.0.0

ON

10

2783905 2783909

11

7

3

Bookmarks

Model Name of type CiscoPIXF

Primary Applicatio

D e I n t e r f a c e I c o n s


InFifrolabtode

interface (port) number.

current status of the ry application selected, IB-II App. Table 1 lists the resentations. Note that the epends on the interface’s Status, which you set in w (Page 11). This view can clicking the label.

interface type (Ethernet, k this label to access the View (Page 22).

e Status Label Colors

AdministrativeStatus

LabelText

up ON

down OFF

up OFF

testing TEST

v i c e V i e w


terface Iconsgure 3 shows a close-up of an Interface icon m the Device view. Most of the informational els on the icon also provide double-click access

other views, as explained in the following label scriptions.

Figure 3: Interface Icon

Interface Number LabelThis label displays the

IF Status LabelThis label displays theinterface for the primae.g., Gen Rtr App or Mpossible label color repcolor of the label also dcurrent Administrativethe Interface Status Viebe accessed by double-

Interface Type LabelThis label identifies theATM, etc.). Double-clicInterface Configuration

c

fg

b

1ethernet

0:0:1D:F:FD:B6

1

a

a Interface Number Label

b IF Status Label

c Interface Type Label

d Network Type Label

e Physical Address Label

f IP Address Label

g Gauge Label

fxp0

0.0.0.0

d

e

ON Table 1: Interfac

ColorOperational

Status

Green up

Blue down

Yellow down

Red testing

D e c e I c o n S u b v i e w s M e n u


NeThthtoin

PhThthIF

IPThinSeyoin

GaThstaPaSPinDoPe

ubviews Menu-specific interface Icon s and the views to which

e Icon Subviews Menu

Accesses the...

e Detail view, which displays error, and discard breakdown s for the interface.

e Status View (Page 11).

e Configuration View (Page 22).

e Address Translation Table, entifies the physical and address for the interface.

ry Address Panel (Page 11).

e Threshold view, which lets the on/off alarm thresholds for cket rate, error rate, and % ed for the interface.

formation View (Page 26).

v i c e V i e w I n t e r f a


twork Type Labelis label identifies the type of network to which e interface is connected. Double-click the label open the Model Information view for the terface.

ysical Address Labelis label displays the physical (MAC) address of e interface. Double-click this label to open the Address Translation Table.

Address Labelis label displays the IP address for the

terface. Double-click this label to open the condary Address Panel (Page 11), which lets u change the address and mask for the terface.

uge Labelis label displays whichever performance tistic has been selected in the Gauge Control nel for this device’s interfaces. (Refer to the ECTRUM Views documentation for

formation about the Gauge Control Panel.) uble-click this label to open the Port rformance View (Page 20).

Interface Icon STable 2 lists the deviceSubviews menu optionthey provide access.

Table 2: Interfac

Option

Detail Interfacpacket, statistic

IF Status Interfac

IF Configuration Interfac

IF Address Translation Table

Interfacwhich idnetwork

Secondary Address Panel

Seconda

Thresholds Interfacyou set load, padiscard

Model Information

Model In

D e I n t e r f a c e S t a t u s V i e w


InAcico

Thstadi

OpThUnDo

ThadTe

SAcico

ThmtachAdin

v i c e V i e w


terface Status Viewcess: From the Icon Subviews menu for the Interfacen in the Device view, select IF Status .

is view provides information on the operational tus of the interface and allows you to enable or

sable the port.

erational Statuse current state of the interface (Up, Down, known, Dormant , Not Present , Lower Layerwn, or Testing ).

is button allows you to select the desired ministrative state of the interface (On, Off , or sting ).

econdary Address Panelcess: From the Icon Subviews menu for the Interfacen in the Device view, select Secondary Address Panel .

is panel provides a table of IP addresses and asks obtained from the Address Translation ble within the device’s firmware. You can ange the current address displayed in the IP dress field by selecting an entry from the table

this panel and clicking the Update button.

Administrative Status


ure PIX Firewall devices.

Acico

ThconeInnesathtothwico

Rede

ice Topology View

Help

3ATM

0:0:1D:F:FD:B6CPU

0.0.0.0

ON

Pix Firewall

Model Name

H: Device Topology: Model Name

phic offacturer>

evice

Landscape node: Primary


Device Topology View

This section describes the Device Topology view available for models of the Cisco Sec

cess: From the Icon Subviews menu for the Devicen, select Device Topology .

e Device Topology view (Figure 4) shows the nnections between a modeled device and other twork entities. The lower panel of the view uses terface icons to represent the device’s serial, twork, and I/O ports. These icons provide the me information and menu options as those in e Device View (Page 8). If a device is connected a particular interface, a Device icon appears on e vertical bar above the Interface icon along th an icon representing the network group that ntains the device.

fer to the SPECTRUM Views documentation for tails on Device Topology view.

Figure 4: Dev

File View Tools

1Ethernet

0:0:1D:F:FD:B6ei0

0.0.0.0

ON 2ATM

0:0:1D:F:FD:B6

A2

0.0.0.0

ON

Bookmarks

SpectroGRAP

Gra<manu

D

Model Name of type Model Type of


InFifrolabtode

interface (port) number.

current status of the ry application selected, IB-II App. Table 3 lists the resentations. Note that the epends on the interface’s Status, which you set in w (Page 14). This view can clicking the label.

interface type (Ethernet, k this label to access the View (Page 22).

e Status Label Colors

AdministrativeStatus

LabelText

up ON

down OFF

up OFF

testing TEST


terface Iconsgure 5 shows a close-up of an Interface icon m the Device view. Most of the informational els on the icon also provide double-click access

other views, as explained in the following label scriptions.

Figure 5: Interface Icon

Interface Number LabelThis label displays the

IF Status LabelThis label displays theinterface for the primae.g., Gen Rtr App or Mpossible label color repcolor of the label also dcurrent Administrativethe Interface Status Viebe accessed by double-

Interface Type LabelThis label identifies theATM, etc.). Double-clicInterface Configuration

c

fg

b

1ethernet

0:0:1D:F:FD:B6

1

a

a Interface Number Label

b IF Status Label

c Interface Type Label

d Network Type Label

e Physical Address Label

f IP Address Label

g Gauge Label

fxp0

0.0.0.0

d

e

ON Table 3: Interfac

ColorOperational

Status

Green up

Blue down

Yellow down

Red testing

D e c e I c o n S u b v i e w s M e n u


NeThthtoin

PhThthIF

IPThinSeyoin

GaThstaPaSPinDo

InTaSuth

Viewbviews menu for the Interfaceview, select IF Status .

rmation on the operational nd allows you to enable or

e Icon Subviews Menu

Accesses the...

e Detail view, which displays error, and discard breakdown s for the interface.

e Status View (Page 14).

e Configuration View (Page 22).

e Address Translation Table, entifies the physical and address for the interface.

ry Address Panel (Page 15).

e Threshold view, which lets the on/off alarm thresholds for cket rate, error rate, and % ed for the interface.

formation View (Page 26).

v i c e T o p o l o g y V i e w I n t e r f a


twork Type Labelis label identifies the type of network to which e interface is connected. Double-click the label open the Model Information view for the terface.

ysical Address Labelis label displays the physical (MAC) address of e interface. Double-click this label to open the Address Translation Table.

Address Labelis label displays the IP address for the

terface. Double-click this label to open the condary Address Panel (Page 15), which lets u change the address and mask for the terface.

uge Labelis label displays whichever performance tistic has been selected in the Gauge Control nel for this device’s interfaces. (Refer to the ECTRUM Views documentation for

formation about the Gauge Control Panel.) uble-click this label to open the.

terface Icon Subviews Menuble 4 lists the device-specific interface Icon bviews menu options and the views to which ey provide access.

Interface StatusAccess: From the Icon Suicon in the Device Topology

This view provides infostatus of the interface adisable the port.

Table 4: Interfac

Option

Detail Interfacpacket, statistic

IF Status Interfac

IF Configuration Interfac

IF Address Translation Table

Interfacwhich idnetwork

Secondary Address Panel

Seconda

Thresholds Interfacyou set load, padiscard

Model Information

Model In


OpThUnDo

ThadTe

SAcicoAd

ThmtachAdin


erational Statuse current state of the interface (Up, Down, known, Dormant , Not Present , Lower Layerwn, or Testing ).

is button allows you to select the desired ministrative state of the interface (On, Off , or sting ).

econdary Address Panelcess: From the Icon Subviews menu for the Interfacen in the Device Topology view, select Secondarydress Panel .

is panel provides a table of IP addresses and asks obtained from the Address Translation ble within the device’s firmware. You can ange the current address displayed in the IP dress field by selecting an entry from the table

this panel and clicking the Update button.

Administrative Status


fic subviews available for

Acico

MWaumdethcoapviewhVi

FoMI

n Application View

pplication: Model Name

ress System Up Time

Manufacturer

Device Type

Serial Number

Model Name

6E132_25

Model Name

Model Type

ndscape node: Primary

Help


Application Views

This section describes the main Application view and the associated application-specimodels of Cisco Secure PIX Firewall devices in SPECTRUM.

cess: From the Icon Subviews menu for the Devicen, select Application .

ain Application Viewhen a device model is created, SPECTRUM tomatically creates models for each of the ajor and minor applications supported by the vice. The main Application view identifies all of ese application models, shows their current ndition status, and provides access to plication-specific subviews. Figure 6 shows this w in the Icon mode. If you prefer the List mode, ich displays applications as text labels, select

ew > Mode > List.

r more information on this view, refer to the Bs and the Application View documentation.

Figure 6: Mai

SpectroGRAPH: A

Model Name

Contact

Description

Location

Network Add

File View Tools Bookmarks

Model Name of type <model type> of La


SSPtw

••

CFothdedocoSP

•

ons

ath First

s

plications

NN


upported ApplicationsECTRUM’s applications can be grouped within o general categories as follows:

Common Applications, belowDevice-Specific Applications (Page 18)

ommon Applicationsr the most part, these applications represent e non proprietary MIBs supported by your vice. Listed below (beneath the title of the cument that describes them) are some of the mmon applications currently supported by ECTRUM.

Bridging Applications- Spanning Tree- Static- Transparent- PPP Bridging- Source Routing- Translation

• Routing Applicati- Generic Routing- Repeater- AppleTalk- DECnet- Open Shortest P

• MIB II Application- SNMP- IP- ICMP- TCP- System2- UDP

• Miscellaneous Ap- FDDI- Point to Point- DS 1- RS-232- WAN- Frame Relay- Token Ring- DLSW- APPN- Ethernet- Fast Ethernet- ATM Client- DHCP

ote:ote:

The documents listed are available for viewing at:

www.aprisma.com/manuals/


DSPpr

••••

ThSP(reapco

NN


evice-Specific ApplicationsECTRUM imports the following device-level oprietary MIBs into its database:

CISCO-FIREWALL-MIB-V1SMI.my CISCO-MEMORY-POOL-MIB.my CISCO-SYSLOG-MIB-V1SMI.my RFC1213-MIB.my

ese MIBs can be used in conjunction with ECTRUM’s optional customization products ferred to as the Level I Tool Kits) to create plication models and views that display the ndition of selected MIB objects.

ote:ote:

Aprisma Management Technologies can provide training, technical assistance, and custom engineering support services for creating application models and their associated views.


co Secure PIX Firewall

Peinceis coreforta

GedefrodethIn

Foto

Thatsu

erformance View

PH: IP Addreess

System Up Time

Manufacturer

Device Type

Serial Number

Value Average Peak Value

t

r

Detailperties Scroll to Date-Time

*Frames per second

ape node: Primary

cation


Performance Views

This section provides brief descriptions of the Performance views available for the Cisdevices in SPECTRUM.

rformance views display performance statistics terms of a set of transmission attributes, e.g., ll rates, frame rates, % error, etc. A typical view shown in Figure 7. The instantaneous ndition of each transmission attribute is corded in a graph. The statistical information each attribute is presented in the adjacent

ble.

nerally, you determine performance at the vice level through Performance views accessed m the Device and Application icons. You termine performance at the port/interface level rough Performance views accessed from terface icons.

r more information on Performance views, refer the SPECTRUM Views documentation.

e following paragraphs list the performance tributes displayed for each Performance view pported by this management module.

Figure 7: P

SpectroGRA

Model Name

Contact

Description

Location

Network Address

Log

100.0

10.00

1.00

0.10

0.01

000:40:0 0:30:0 0:20:0

* Frame Rate

% Delivered

% Forwarded

% Transmi

% Erro

Graph Pro


% Discarded

type routing of type IP Routing of Landsc

Primary Appli

P e v i c e P e r f o r m a n c e V i e w


DAcico

Cuinat

•••••

PAcInt

Cuinat

••••

r f o r m a n c e V i e w s D e


evice Performance Viewcess: From the Icon Subviews menu for the Devicen, select Performance .

rrent and historical frame transmission formation is provided via the following tributes.

Frame Rate% Received% Transmit% Error% Discarded

ort Performance Viewcess: From the Icon Subviews menu for the Deviceerface icon, select Performance .

rrent and historical packet transmission formation is provided via the following tributes.

LoadPacket Rate% Error% Discarded


o Secure PIX Firewall

CocuinCoCi

••

DAcico

ThcowhanCoindo

e Configuration View

H: Model Name

lication

System Up Time

Manufacturer

Device Type

Serial Number

figuration View

nfiguration Table

Max Frame Size Operational Status

Print

ape node: Primary

Help


Configuration Views

This section describes the various Configuration views available for models of the Ciscdevices in SPECTRUM.

nfiguration views let you view and modify rrent settings for the modeled device and its terfaces, ports, and applications. The following nfiguration views are available for models of sco PIX devices:

Device Configuration View (Page 21)Interface Configuration View (Page 22)

evice Configuration Viewcess: From the Icon Subviews menu for the Devicen, select Configuration .

is view (Figure 8) provides status and nfiguration information about the device as a ole as well as on a port-by-port basis. Fields d column headings within the Device nfiguration view and its subviews are explained

detail in the SPECTRUM Views cumentation.

Figure 8: Devic

SpectroGRAP

Primary App

Network AddressModel NameContactDescriptionLocation

Device Con

Interface CoSort Find Update


Index Type Physical Address

Model Name of type PIX Firewall of Landsc

C o a c e C o n f i g u r a t i o n V i e w


InAcico

Thth

OpThDoLa

Thdo

LaThen

IPThna

PhTh

BaThm

th, or no accurate estimate l bandwidth is provided.

t can be transmitted or isplayed in octets.

und packet queue, in

Ad

n f i g u r a t i o n V i e w s I n t e r f


terface Configuration Viewcess: From the Icon Subviews menu for an Interfacen in the Device Topology view, select IF Configuration .

is view provides the following information for e selected interface:

eration Statuse current operational state of the interface (Up, wn, Unknown, Dormant , Not Present , or Lower yer Down ).

e desired operational state of the interface (up, wn, or testing ).

st Changee System UpTime value when the interface tered its current operational state.

Address/Network Maskis window provides a list of the user-defined mes and IP addresses for the interface.

ysical Addresse Ethernet (MAC) address of the interface.

ndwidthe estimated bandwidth of the interface,

easured in bits per second. For interfaces that

do not vary in bandwidcan be made, a nomina

Packet SizeThe largest packet thareceived by the port, d

Queue LengthThe length of the outbopackets.

min. Status


ewall.

ThtoFithSyidalaprthseinicoAlinM

ThwhseThthSe

depending on the severity eives.

erity Level Code

Description

ergency-System is usable.

ert- Immediate action quired.

itical -Critical condition.

ror- Error condition.

rning- Warning ndition.

tification- normal but gnificant condition

formational- formational message only.

bugging- message that pears during debugging ly.


Syslog Trap Support

This section describes the Syslog Trap Support available for the Cisco PIX Secure Fir

e System Message Log (syslog) protocol is used send text messages from a Cisco PIX Secure rewall to the NMS. These messages are sent to e SPECTRUM Event Manager as SNMP traps. slog trap support allows the router device to entify these messages and escalate them to rms as necessary. Syslog trap support also

ovides the Cisco PIX Secure Firewall model icon e capability to communicate model alarm verity information. When an alarm occurs, as dicated by the Cisco PIX Secure Firewall device n, you will be able to observe the SPECTRUM

arm Severity and a Syslog message will appear the Alarm log (which can be found in the Alarm anager View).

ese Syslog messages are classified by severities ich range from 0 to 7 (most severe to least

vere). These messages are described in Table 5 e alarms are displayed in the Alarm Log. As ese alarms are associated with the Cisco PIX cure Firewall device model, the model icon will

change color and flashof the alarm that it rec

Table 5: Sev

Severity Level

0 emun

1 alre

2 cr

3 er

4 waco

5 nosi

6 inin

7 deapon

S y a c e C o n f i g u r a t i o n V i e w


Thse

Mdoim

Mdethabrede

Wsemm

Eare

erational. The following is message:

:SYS-5-5 has been inserted”

essage is as follows:

1:15 is the date and time pears if set for system log

ype.el, indicating that it is a ant condition.e mnemonic code that

the message. inserted is the message s the condition and may

formation which varies essage.r documentation for more el alarms in SPECTRUM.

ement module supports error messages for the elease 12.1 T.

s l o g T r a p S u p p o r t I n t e r f


e Syslog message severity to SPECTRUM alarm verity will be mapped as listed in Table 6.

essages with an Alarm Severity of 5-7 typically not generate an alarm, as they are of minor portance.

essages are listed by the facility (hardware vice, protocol, or a module or system software) at produces the messages. A facility code is an breviation of the facility to which the message fers to. A facility could a specific hardware vice, a protocol, or a portion of software.

ithin each facility, messages are listed by the verity level, from highest (0) to lowest (7). A nemonic is a code which uniquely identifies the essage.

ch message is followed by an explanation and a commended action. Messages appear only when

the system remains opan example of a syslog

“01/01/2001,18:31:15MOD_INSERT:Module

The meaning of this m

• 01/01/2001,18:3of the error (this apmessaging).

• SYS is the facility t• 5 is the severity lev

normal but signific• MOD_INSERT is th

uniquely identifies• Module 5 has been

text which describecontain detailed infrom message to m

See the Alarm Manageinformation about mod

Table 6: Syslog Message Severity

Alarm Severity Color

0-1 Red

2-3 Orange

4 Yellow

Note:Note:

This managthe systemCisco IOS R

S y a c e C o n f i g u r a t i o n V i e w


Thsathto

•

•

•

•

•

re

NN

s l o g T r a p S u p p o r t I n t e r f


e System Message Log (syslog) software can ve the system messages ina log file or direct em to other devices. Syslog software allows you do the following:

Save logging information for monitoring and troubleshooting.Select the types of logging information captured.Select the destination of captured logging information.By default the switch logs normal but significant system messages to itsInternal buffer and sends these messages to the system console. You canspecify which system messages should be saved based on the type offacility and the severity level. Messages can be time-stamped to enhance

al-time debugging and management.

ote:ote:

The URL http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix is a link to more information about Cisco Pix syslog messages including a list of facility codes and of error messages with their corresponding recommended actions.


Thabse

FiThtyvathco

el Information View

n

System Up Time

Manufacturer

Device Type

Serial Number

s

Communication Information

Community Name

DCM TimeOut

DCM Retry

Poll/Log InformationPoll Interval

Polling Status

Last Successful Poll

Log Ratio

LOGGED POLLED

rmation View

PH: Model Name

Help


Model Information View

This section provides a brief overview of the Model Information view.

is view displays administrative information out the device and its applications and lets you t thresholds and alarm severity for the device.

gure 9 shows a sample Model Information view. e layout of this view is the same for all model

pes in SPECTRUM but some information will ry depending on the model it defines. Refer to e SPECTRUM Views documentation for a mplete description of this view.

Figure 9: Mod

Primary Applicatio

Network AddresModel NameContactDescriptionLocation

MM Version Number

MM Name

MM Part Number

General Information

Model Created By

Model Type

Model Creation Time

Model State

Security String

Condition

Condition Value

Contact Status

Lost Child Count

Value When Yellow

Value When Orange

Value When Red

Model Info

SpectroGRA


type Model Type of Landscape: Primary

S P C i s c o P I X F i r e w a l l

AAd

IPT

AdAp

BBa

CCo

DI

DDeDo

gement Tasks 711, 15

rmation 26es of 5

rk I/O ports 12rk Type 10, 14

tion Status 22

t Size 22mance Statistics 10, 14, 19al Address 22umber, Device 9, 13

E C T R U M E n t e r p r i s e M a n a g e r Page 27

Index

dressnterface IP 10, 14hysical (MAC) 10, 14ranslation 11, 15

min Status 9, 13, 22plications 16

ndwidth 22

nfigurationevice 21

nterface 22

vTop Views 8cumentation 4

GGauge Label 10, 14

HHardware 5

IIcons

Device 5Interface 9, 13

InterfaceStatus 11, 14Type, Device 9, 13

IP Address/Network Mask 22

LLast Change 22

MManaMaskModel

InfoTyp

NNetwoNetwo

OOpera

PPackePerforPhysicPort N

I n I n d e x

S P C i s c o P I X F i r e w a l l

QQu

RRe

SSeSt

R

TThTrTr

d e x

E C T R U M E n t e r p r i s e M a n a g e r Page 28

eue Length 22

stricted Rights Notice 2

rial ports 12atistics

outing Frame Transmission 20

reshold Information 10, 14ademarks 2oubleshooting 7

Documents

Cisco Secure PIX Firewall (9035022-01)