Filter
Top Products
1102 Brocade Network Advisor IP User Manual
53-1003056-01
Policy monitor overview
36
• Check for HTTPS (secure HTTP) configuration — This switch and router policy monitor enables
you to check each target to see if HTTPS is active for device data transmission.
NOTE
Not supported on Network OS products and the following IronWare products: Ethernet Core
routers, Ethernet Carrier Routers, Ethernet Edge router, and Data Center switch, as well as the
6650 Ethernet switch, router, and L3 router.
The preferred Management application product communication must be HTTPS for this check
to pass.
Rule Violation Fix — If the policy monitor report shows a violation, enable HTTPS on the device.
Disable HTTP settings on the device, if enabled.
• Check if the product is configured to send events to this server — This switch and router policy
monitor enables you to determine if the Management application server is registered as an
SNMP recipient and Syslog recipient.
If the server has multiple NICs, the server uses an IP address reachable from the switch for
event registration. This policy cannot determine if the server is using a reachable IP address for
the event registration.
If the Management application server fails to register as a listener for SNMP, Syslog, and other
events, the Management application server cannot notify you of changes to the fabric or
device. If a fabric or switch fails, the Management application cannot provide notification, log,
or support data. Therefore, you may not realize that there is an inconsistency between the
physical device status and the device status in the Management application for some time.
This policy cannot determine if the SNMP trap or syslog listener ports are available or working.
Rule Violation Fix — If the policy monitor report shows an “SNMP not registered as recipient”
violation, the Administrator can register the Management server as an SNMP recipient through
the SNMP Trap Recipients dialog box (Monitor > SNMP Setup > Product Trap Recipients). Refer
to “Fault Management” on page 1141.
If the policy monitor report shows an “Syslog not registered as recipient” violation, the
Administrator can register the Management server as an Syslog recipient through the Syslog
Recipients dialog box (Monitor > Syslog Configuration > Product Syslog Recipients). Refer to
“Fault Management” on page 1141.
• Check for SSH (secure Telnet) configuration — This switch and router policy monitor enables
you to check each target to see if SSH is enabled for device data transmission.
NOTE
Not supported on the following IronWare products: Application products running 12.3.X or
earlier and the 6910 Ethernet switch.
The preferred Management application product communication must be SSH for this check to
pass.
For Network OS verifies SSH access is enabled and telnet access is disabled through the IP
ACL active or applied policy rules. You should verify that the IP ACL active rules deny telnet
access to all.
For IronWare products, verifies SSH access is enabled and telnet access is disabled through
CLI commands.