1 of 1 people found this helpful
I believe since there is only one way of communication and no return PATHS, you can monitor the environment behind the data diodes by monitoring the snmp traps.
A KM such as Monitoring Studio KM can intercept traps emitted by devices located in a secure env and you can configure those traps to create Performance/Availability Monitors for TrueSight.
Thanks for the reply.
Do you know If there are any limitations to the number of traps that can be received p/s using the sentry Monitoring Studio KM? As I understand it the TS trap adapter can handle up to 14 traps per second on SNMP v2 and 7 traps per second on SNMP v3. This would also be using a fire and forget method so any dropped traps could potentially be a serious issue.
I don't think MS can do better, as its main function is the standard request and not trap listening. But will check.
Monitoring Studio can also trigger traps, you may also install MS within your secure network behind the diodes and monitor all your application, Hardware, storage etc using the standard monitoring requests and let MS trigger snmp traps whenever there is a threshold breach for a specific monitor. By this way you can better control the monitoring inside your secured env.
Hi Stuart ,
According to dev team, with Monitoring Studio, only SNMP v1 is supported for SNMP Traps as for the trap capture , the MS KM relies on the PATROL PSL functions.
SNMP v2c and v3 are supported using SNMP Requests as the MS relies on the KM own java process (Matsya).
But using snmp V1, if Patrol Agent is up and running there is no limitation in number of traps /s
I did a simple test and there was no trap loss by launching 500 traps in 1 go and then 1000 traps ... etc