Hardware monitoring / High availability
This module presents various indicators on the operating status of the firewall or members of the cluster in the form of graphs or tables:
- CPU temperature curve,
- S.M.A.R.T. information and tests on disks,
- RAID status, if any,
- Power supply status,
- Fan status,
- 3G/4G modems connected to the firewall.
For the curve:
- Left-clicking on an indicator listed in the legend allows hiding/showing the corresponding data on the graph,
- Scrolling over a curve with a mouse will display the value of the indicator and corresponding time in a tooltip.
For the table of S.M.A.R.T. information :
- By scrolling over the reference of a disk with a mouse, details of S.M.A.R.T. tests conducted and their results will appear in a tooltip.
"Cluster details" tab
This tab is accessible only when high availability has been configured and enabled. It groups data on the status of high availability for each member of the cluster.
The Local firewall column sets out the value of an indicator for the firewall on which the administrator is connected. The Remote firewall column sets out the value of this indicator for the remote member of the cluster.
|Status||This field indicates whether the firewall concerned is active or passive.|
|Firmware version||Indicates the firmware version on each member of the cluster.|
The Active status is imposed on one of the members of the cluster when you select "This firewall (serial number)" or "The other firewall (serial number)" for the Quality indicator field (System > High availability > Advanced properties menu).
Specifies the quality indicator calculated for high availability. In particular, this indicator takes into account the weight assigned to network interfaces when any of them accidentally become unavailable.
A red or green LED will be seen next to the indicator.
Indicates the priority assigned to the firewall on which the administrator is connected.
This priority may be defined in the menu:
High availability > Quality indicator > Active firewall if equal.
If one of the firewalls is selected, it will have a priority of 50 while the other member of the cluster will be assigned a priority of 0.
Indicates whether the configurations of both members of the cluster are the same.
Possible values: Synchronized or Desynchronized.
A green or red LED accompanies this value.
|HA link state||
Displays the status of the main physical link between members of the cluster:
|Backup HA link state||
Displays the status of the backup physical link (secondary) between members of the cluster:
|Retrieving HA data||
Indicates, either with a green or red LED, whether the firewall has responded to the request enabling the retrieval of data regarding high availability.
|Firewall model||Specifies the firewall model (SN200, SN6000, etc).|
In a cluster, one of the firewalls assumes the role of supervisor in order to decide when to synchronize files, for example.
This field indicates which of the two firewalls assumes this role.
|Version number (data)||
This version number is associated with data generated from the intrusion prevention engine and synchronized between both firewalls.
It allows detecting incompatibilities when the cluster consists of firewalls in different versions.
|Version number (connections)||
This version number is associated with the protocol (and not data) used for the synchronization of data generated by the intrusion prevention engine.
|Version number (status)||Version number of the algorithm used for determining the status (active/passive) of members of the cluster.|
|License||Specifies the type of license associated with HA (Master / Slave / None).|
|Currently connected on||Indicates the cluster member on which the administrator is connected.|
|Boot partition||Indicates which partition is used when the firewall starts up (main/backup).|
|Backup partition version||Specifies the firmware version installed on the backup partition.|
|Backup partition date||Indicates the last time the backup partition was updated.|
|Firewall last started on||Indicates the last time the firewall was started (format: YYYY-MM-DD HH:MM:SS).|
|Last synchronization||Indicates the last time the cluster was synchronized (format: YYYY-MM-DD HH:MM:SS).|
|Last status change||Indicates the last time the firewall's status (active/passive) was changed (format: YYYY-MM-DD HH:MM:SS).|
This refers to the internal status of the HA management service on members of the cluster. The value of this field may be one of the following:
|HA link IP address||Firewall IP address presented by the interface dedicated to the main HA link.|
|HA link status changed||Indicates the last time the main HA link's status was changed (format: YYYY-MM-DD HH:MM:SS).|
|Backup HA link IP address||Firewall IP address presented by the interface dedicated to the backup HA link (N/A if no backup links have been defined in the cluster).|
|Backup HA link status changed||Indicates the last time the backup HA link's status was changed (format: YYYY-MM-DD HH:MM:SS).|
|No. of last SMC deployment||Indicates the revision number of the last configuration deployed via Stormshield Management Center (N/A if the firewalls are not managed by an SMC server).|