Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual
Page 1939
Brocade Network Advisor SAN + IP User Manual
1867
53-1003155-01
Policy monitor overview
47
Rule Violation Fix — If the configuration policy manager report shows an “SNMP not registered
as recipient” violation, the Administrator can register the Management server as an SNMP
recipient through the SNMP Trap Recipients dialog box (Monitor > SNMP Setup > Product Trap
Recipients). Refer to
If the configuration policy manager report shows an “Syslog not registered as recipient”
violation, the Administrator can register the Management server as an Syslog recipient through
the Syslog Recipients dialog box (Monitor > Syslog Configuration > Product Syslog Recipients).
Refer to
•
Check if the product is configured to send Upload Failure Data Capture to an FTP server (SAN
only) — This switch and router configuration policy manager enables you to determine if Upload
Failure Data Capture is enabled on the selected switches, that the configured FTP Server is
accessible, and that you have write permission to the directory.
Upload Failure Data Capture enables you to collect switch data periodically. This assists you to
troubleshoot switch failure.
Rule Violation Fix — If the report shows a violation, the SAN Administrator can change the
Upload Failure Data Capture configuration through the Upload Failure Data Capture dialog box
(Monitor > Technical Support > Upload Failure Data Capture). Refer to
•
Check for SSH (secure Telnet) configuration — This switch and router configuration policy
manager enables you to check each target to see if SSH is enabled for device data
transmission.
NOTE
Not supported on the following IronWare products: Application products running 12.3.X or
earlier and the 6910 Ethernet switch.
The preferred Management application product communication must be SSH for this check to
pass.
For Fabric OS and Network OS products, verifies SSH access is enabled and telnet access is
disabled through the IP ACL active or applied policy rules. You should verify that the IP ACL
active rules deny telnet access to all.
For Fabric OS products, if the IPv6 interface is enabled, verifies both IPv4 and IPv6 through the
active IP ACL policy.
For IronWare products, verifies SSH access is enabled and telnet access is disabled through
CLI commands.
Rule Violation Fix — If the configuration policy manager report shows a violation, enable SSH
on the device. Disable Telnet settings on the device, if enabled.
•
Check for SNMPv3 (secure SNMP) configuration — This switch and router configuration policy
manager enables you to check each target to see if SNMPv3 is active for device data
transmission and SNMPv1 and SNMPv2 are not configured.
NOTE
For this check to pass, you must discover the products using SNMPv3 credentials.
Rule Violation Fix — If the configuration policy manager report shows a violation, configure
SNMPv3 on the device. Remove SNMPv1 and SNMPv2 settings on the device, if configured.