Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 1286
1234
Brocade Network Advisor SAN User Manual
53-1003154-01
Policy monitor overview
31
Rule Violation Fix — If the configuration policy manager report shows a violation, the SAN
Administrator can add redundant ISLs between the source and the target switch.
•
Check for HTTPS (secure HTTP) configuration — This switch and router configuration policy
manager enables you to check each target to see if HTTPS is active for device data
transmission.
The preferred Management application product communication must be HTTPS for this check
to pass.
For Fabric OS products, verifies the IP ACL active policy rules. You should verify that the IP ACL
active rules deny HTTP access to all.
For Fabric OS products, if the IPv6 interface is enabled, verifies both IPv4 and IPv6 IP ACL
active policies.
Rule Violation Fix — If the configuration policy manager report shows a violation, enable HTTPS
on the device. Disable HTTP settings on the device, if enabled.
•
Check if the product is configured to send events to this server — This switch and router
configuration policy manager enables you to determine if the Management application server
is registered as an SNMP recipient and Syslog recipient.
If the server has multiple NICs, the server uses an IP address reachable from the switch for
event registration. This policy cannot determine if the server is using a reachable IP address for
the event registration.
If the Management application server fails to register as a listener for SNMP, Syslog, and other
events, the Management application server cannot notify you of changes to the fabric or
device. If a fabric or switch fails, the Management application cannot provide notification, log,
or support data. Therefore, you may not realize that there is an inconsistency between the
physical device status and the device status in the Management application for some time.
This policy cannot determine if the SNMP trap or syslog listener ports are available or working.
Rule Violation Fix — If the configuration policy manager report shows an “SNMP not registered
as recipient” violation, the Administrator can register the Management server as an SNMP
recipient through the SNMP Trap Recipients dialog box (Monitor > SNMP Setup > Product Trap
Recipients). Refer to
If the configuration policy manager report shows an “Syslog not registered as recipient”
violation, the Administrator can register the Management server as an Syslog recipient through
the Syslog Recipients dialog box (Monitor > Syslog Configuration > Product Syslog Recipients).
Refer to
•
Check if the product is configured to send Upload Failure Data Capture to an FTP server (SAN
only) — This switch and router configuration policy manager enables you to determine if Upload
Failure Data Capture is enabled on the selected switches, that the configured FTP Server is
accessible, and that you have write permission to the directory.
Upload Failure Data Capture enables you to collect switch data periodically. This assists you to
troubleshoot switch failure.
Rule Violation Fix — If the report shows a violation, the SAN Administrator can change the
Upload Failure Data Capture configuration through the Upload Failure Data Capture dialog box
(Monitor > Technical Support > Upload Failure Data Capture). Refer to