When setting up Address Manager (BAM) and DNS/DHCP Server (BDDS), BlueCat strongly recommends enabling the monitoring features of your BlueCat Integrity systems. Monitoring your systems allows you to detect anomalies and be notified you when something isn't operating correctly before it critically impacts your environment.
BAM and BDDS come with monitoring features such as monitoring service, SNMP MIBs and Traps, and syslog redirection. To monitor your BlueCat Integrity systems, BlueCat strongly recommends configuring the following features.
Monitoring Service Management
BAM functions | BDDS functions |
---|---|
|
|
Once you have enabled the monitoring services, refer to the following table for analysis of different monitoring metrics:
Monitoring Service | Recommended Polling Interval Time (minutes) | Indication | Major Alert | Critical Alert |
---|---|---|---|---|
CPU Utilization Percentage (Average) | 5 | CPU Utilization | > 75% | > 85% |
Memory Utilization Percentage | 5 | Used memory | > 80% | > 90% |
Disk Space Usage Percentage | 5 | Disk Utilization | > 75% | > = 15% |
Network Utilization | 5 | Interface Utilization In (64 bit) | > 60% | > 66% |
Interface Utilization Out (64 bit) | > 60% | > 66% | ||
In Errors | > 1% | > 3% | ||
Out Errors | > 1% | > 3% | ||
In Discards | > 1% | > 3% | ||
Out Discards | > 1% | > 3% |
SNMP
The Simple Network Management Protocol (SNMP) allows a polling workstation or trap server to obtain data about devices on the network. This includes the near real-time status of services, server functionality, and the security and service settings on the device. BAM and BDDS can behave as managed devices on an SNMP-enabled network. BAM and BDDS include SNMP for both the system itself and for the application server.
BAM and BDDS support SNMP versions 1, 2c, and 3. Versions 1 and 2c do not include any authentication or remote administration capabilities. This means that you only need to enable SNMP and set the appropriate SNMP username (or community string) for it to function correctly. You can also set the polling period to control how often SNMP values are refreshed on the appliance. SNMPv3 includes authentication and access control. To set up SNMPv3, you must also set the SNMP password and the Trap Server username, password, and address. Version 3 has the ability to send information as SNMP traps.
Syslog redirection
BAM and BDDS allow you to set syslog (system log) redirection by adding an IPv4 or IPv6 address for one or more syslog redirection servers. Syslog redirection to a SIEM allows you to perform analysis and gain insight into the health of a system. BDDS provides support for IBM QRadar and HP ArcSight SIEM integrations.