|
Measures reported by CtxNsAAATest
Data security is one of the important features that you must consider while making it accessible to public over the Internet. Authenticating the user requesting for an access to the network resources is one of the methods to secure data for unauthorized access.
On a NetScaler appliance, you can use various authentication techniques to secure the data. One of the techniques is the Authentication, Authorization, and Accounting (AAA) authentication technique which can be used when the Secure Socket Layer (SSL) Virtual Private Network (VPN) is deployed on your network. the AAA authentication technique includes three steps to secure the network. The first process, Authentication, ensures that the access is granted only to an authorized user of the network. The second process, Authorization, ensures that depending on the profile of the user, the user is authorized to perform only a set of specific tasks on the network. And finally the third process, Accounting, measures the resources the user has used during a session.
The CtxNsAAATest test enables administrators to measure the effectiveness of the AAA authentication technique. This test monitors the AAA sessions on the NetScaler and reports the count and percentage of authentications that were successful and those that failed on the NetScaler. This way, the test turns the spotlight on unauthorized access attempts that were detected and prevented by the AAA technique.
The measures made by this test are as follows:
| Measurement |
Description |
Measurement Unit |
Interpretation |
| Auth_success |
Indicates the number of user authentications that were successful during the last measurement period. |
Number |
|
| Auth_fails |
Indicates the user authentications that failed during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
| Pct_auth_success |
Indicates the percentage of user authentication that is currently successful. |
Percent |
A high value is desired for this measure. |
| Http_auth_sucess |
Indicates the number of HTTP connections from the user that were authorized successfully during the last measurement period. |
Number |
|
| Http_auth_fails |
Indicates the number of HTTP connections from the user that failed authorization during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
| Pct_http_success |
Indicates the percentage of current HTTP connections from the user that is authorized successfully. |
Percent |
A high value is desired for this measure. |
| Non_http_auth_success |
Indicates the number of connections other than the HTTP connections that were authorized successfully during the last measurement period. |
Number |
|
| Non_http_auth_fails |
Indicates the number of connections other than the HTTP connections that failed authorization during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
| Pct_non_http_auth_sucs |
Indicates the percentage of current non HTTP connections from the user that is authorized successfully. |
Percent |
A high value is desired for this measure. |
| Aaa_sessions |
Indicates the number of AAA sessions during the last measurement period. |
Number |
|
| Aaa_timout |
Indicates the number of AAA sessions that timed out during the last measurement period. |
Number |
NetScaler maintains a session timeout after which users must authenticate again to regain access to the intranet. This timeout is configurable.
If the value of this measure is very high - i.e., timeouts appear to be occurring too often - you may want to consider changing this timeout value. |
|