Click on Join Now to Sign Up
Greetings and thanks in advance for the advice, tips, info.
I just upgraded our 8062 to version 7 yesterday and am trying to incorporate some of what I learned at a 2-day ECNA training. We're a large school district in deep south Texas and standardized testing is critically important, so I was excited to learn about Application Performance Monitoring. I first created a network object that consists of a layer 7 hostname (pearson.com) and then set up one APS object per campus. Each campus had already been assigned a network object (10.x.0.0/16 where x is the campus subnet). So I wound up with some 50+ APS objects, each aimed at Pearson.
Is this the way to do it? I wanted a performance metric for each campus as a means to determine the overall health of the campus network, as far as access to Pearson is concerned. I'm getting results, and the results differ from campus to campus. I'm just wondering if this is "best practice" or not.
exinda-2695b4 > en
exinda-2695b4 # configure terminal
exinda-2695b4 (config) # configuration
copy fetch merge new switch-to upload
delete jump-start move revert text write
exinda-2695b4 (config) # configuration switch-to
Honestly, at this time I'm not too sure at what threshold I'd want an alert...
I have previously asked to get the flow count included in the MIBs so I could graph it and establish a base line without running reports and/or checking the box everyday. If it was available via SNMP I could then tie it into our centralized management system and alert that way.
Here we tend not to touch each device with alert capabilities because every vendor has a different UI and config, so it gets a little crazy at times, so I rather poll, graph, check the delta from last poll, and decide from there to alert or not.
Currently yes the exinda is outside our firewall but that was done on purpose so we could physically "break" two ISP links with separate bandwidth limits and shape based on bridge rather than the aggregate of both. I understand the exinda is not build to thwart of DoS attacks and we were bitten twice, but that's our fault. That being said, ISP topology has changed and we will be moving the box behind our firewall as recommended, but the flows based on outside source would help with troubleshooting, which I use the exinda for all the time.