eG Monitoring
 

Measures reported by WgPolicyTest

The security policy of your organization is a set of definitions to protect your computer network and the information that goes through it. The XTM device denies all packets that are not specifically allowed. When you add a policy to your XTM device configuration file, you add a set of rules that tell the XTM device to allow or deny traffic based upon factors such as source and destination of the packet or the TCP/IP port or protocol used for the packet.

A policy can also give the XTM device more instructions on how to handle the packet. For example, you can define logging and notification settings that apply to the traffic, or use NAT (Network Address Translation) to change the source IP address and port of network traffic.

For each firewall policy that is configured, this test monitors the number of active connections and the amount of data/packet traffic through the firewall. In addition, this test helps the administrators in identifying the firewall policy through which the maximum number of packets were discarded due to various errors such as replay, authentication etc.

The measures made by this test are as follows:

Measurement Description Measurement Unit Interpretation
Bytes_traffic Indicates the amount of data that was transmitted and received for this firewall policy. KB Comparing the values of these measures across the policies helps you in identifying the policy through which the data traffic was the maximum at any point of time.
Packets_traffic Indicates the number of packets that are transmitted and received for this firewall policy. Number  
Pkts_disc_dec_error Indicates the number of packets that were discarded due to decrypt errors for this firewall policy. Number Ideally, the value of this measure should be zero.
Pkts_disc_ah_error Indicates the number of packets that were discarded due to authentication errors for this firewall policy. Number Ideally, the value of this measure should be zero.
Pkts_disc_reply_error Indicates the number of packets that were discarded due to replay errors for this firewall policy. Number Ideally, the value of this measure should be zero.
Active_Connections Indicates the total number of connections that are active for this firewall policy. Number  
Current_Active_conns Indicates the total number of connections that are currently active for this firewall policy. Number