Topic | Detail | State |
---|---|---|
Checking CPU usage (peak - CPU 0): Interface eth1, Interface eth2, Interface eth3, Interface Mgmt, Interface eth4, | 1% | PASS |
Checking CPU usage (peak - CPU 1): fw_2 | 30% | PASS |
Checking CPU usage (peak - CPU 2): fw_1 | 9% | PASS |
Checking CPU usage (peak - CPU 3): fw_0 | 25% | PASS |
Checking CPU usage (avg - CPU 0): Interface eth1, Interface eth2, Interface eth3, Interface Mgmt, Interface eth4, | 0% | PASS |
Checking CPU usage (avg - CPU 1): fw_2 | 1% | PASS |
Checking CPU usage (avg - CPU 2): fw_1 | 0% | PASS |
Checking CPU usage (avg - CPU 3): fw_0 | 1% | PASS |
Topic | Detail | State |
---|---|---|
Checking ClusterXL state (DE-FRA-01-FW01-01) | STANDBY | PASS |
Checking ClusterXL state (DE-FRA-01-FW01-02) | ACTIVE | PASS |
Checking ClusterXL Sync [Sync status] | PASS | |
Checking ClusterXL Sync [Statistics] | PASS | |
Checking ClusterXL PNotes [Fullsync] | PASS | |
Checking ClusterXL PNotes [Policy] | PASS | |
Checking ClusterXL PNotes [routed] | PASS | |
Checking ClusterXL PNotes [fwd] | PASS | |
Checking ClusterXL PNotes [cphad] | PASS | |
Checking ClusterXL PNotes [Init] | PASS | |
Checking ClusterXL CCP Encryption | ON | INFO |
Checking ClusterXL Multiversion [ID: 1 (local)] | R80.40 T294 | INFO |
Checking ClusterXL Multiversion [ID: 2 R80.40] | T294 (Mismatch) | INFO |
Topic | Detail | State |
---|---|---|
Checking Dispatcher statistics | PASS | |
Checking CoreXL connections | PASS |
Topic | Detail | State |
---|---|---|
Check Deployment Agent Version | build 1959, megatron | PASS |
Check Deployment Agent Pending Reboot | PASS | |
Check Packages available for install | up-to-date | PASS |
Topic | Detail | State |
---|---|---|
File (/opt/CPsuite-R80.40/fw1/boot/modules/fwkern.conf) | PASS | |
File (/opt/CPsuite-R80.40/fw1/conf/fwaffinity.conf) | PASS | |
File (/opt/CPppak-R80.40/boot/modules/simkern.conf) | PASS | |
File (/opt/CPppak-R80.40/conf/simkern.conf) | PASS | |
File (/opt/CPsuite-R80.40/fw1/conf/trac_client_1.ttm) | PASS | |
File (/opt/CPsuite-R80.40/fw1/conf/ipassignment.conf) | PASS | |
File (/opt/CPsuite-R80.40/fw1/conf/discntd.if) | PASS |
Specific things about FireWall-1 Product
Topic | Detail | State |
---|---|---|
Checking Firewall Fragments (fragments - fragments) | 4092 | FAIL |
Checking Firewall Fragments (fragments - expired) | 0 | PASS |
Checking Firewall Fragments (fragments - packets) | 2046 | FAIL |
Checking Aggressive Aging | PASS | |
Check kernel table overflow [connections] | unlimited | PASS |
Check kernel table overflow [fwx_cache] | 8/10000 | PASS |
Multi Queue (Available Interfaces) | No IGBx interfaces | WARN |
Multi Queue (Enabled Interfaces) | not possible | INFO |
Operating System related stuff
Topic | Detail | State |
---|---|---|
Check GAiA Proxy Config | direct | PASS |
GAiA Connectivity [Social Media Widget Detection...] | PASS | |
GAiA Connectivity [URL Filtering Cloud Categorization...] | PASS | |
GAiA Connectivity [Virus Detection...] | PASS | |
GAiA Connectivity [Bot Detection...] | PASS | |
GAiA Connectivity [IPS Updates...] | PASS | |
GAiA Connectivity [Download Service Updates ...] | PASS | |
GAiA Connectivity [Contract Entitlement ...] | PASS | |
GAiA Connectivity [Software Blades Manager Service...] | PASS | |
GAiA Connectivity [Suspicious Mail Outbreaks...] | PASS | |
GAiA Connectivity [Anti-Spam...] | PASS | |
GAiA Connectivity [Threat Emulatin...] | PASS | |
GAiA Connectivity [Threat Emulation Advanced...] | PASS | |
GAiA Connectivity [Deep inspection...] | PASS | |
GAiA Connectivity [Traditional Anti-Virus...] | PASS | |
GAiA Connectivity [Traditional Anti-Virus, Legacy URL...] | PASS | |
GAiA Connectivity [Download of signature updates...] | PASS | |
GAiA Connectivity [Manage Security Gateways...] | PASS | |
GAiA Connectivity [Makes sure the machines contracts ...] | PASS | |
GAiA Connectivity [Download of icons and screenshots ...] | PASS | |
GAiA Connectivity [Push Notifications ...] | HTTP/1.1 403 Forbidden | FAIL |
GAiA Connectivity [Download of Endpoint Compliance Up...] | PASS | |
Dynamic Routing Instances [OSPF2] | enabled | INFO |
DHCP-Relay [eth2.1000] | VIP: 10.24.0.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth2.1000] | VIP: 10.24.0.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth2.1101] | VIP: 10.24.101.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth2.1101] | VIP: 10.24.101.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth2.1102] | VIP: 10.24.102.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth2.1102] | VIP: 10.24.102.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth2.1103] | VIP: 10.24.103.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth2.1103] | VIP: 10.24.103.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth2.1104] | VIP: 10.24.104.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth2.1104] | VIP: 10.24.104.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth3.2001] | VIP: 172.24.1.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth3.2001] | VIP: 172.24.1.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth3.2101] | VIP: 172.24.101.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth3.2101] | VIP: 172.24.101.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth3.2102] | VIP: 172.24.102.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth3.2102] | VIP: 172.24.102.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth3.2103] | VIP: 172.24.103.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth3.2103] | VIP: 172.24.103.1, Server: 10.24.1.12 | INFO |
DHCP-Relay [eth3.2104] | VIP: 172.24.104.1, Server: 10.24.1.11 | INFO |
DHCP-Relay [eth3.2104] | VIP: 172.24.104.1, Server: 10.24.1.12 | INFO |
Check Scheduled Backup Config | not-configured | WARN |
Check GAiA Snapshots | vg_splat / hwdiag (1.00g) | INFO |
Check GAiA Snapshots | vg_splat / lv_fcd_GAIA (8.00g) | INFO |
Checking NTP and Time | PASS |
Topic | Detail | State |
---|---|---|
Kernel/fw (fwmultik_dynamic_dispatcher_enabled) | 1 | INFO |
Kernel/fw (fwmultik_prio_queues_enabled) | 1 | INFO |
Topic | Detail | State |
---|---|---|
Checking licensing (Blade: Firewall) | Entitled | PASS |
Checking licensing (Blade: IPSec VPN) | Entitled | PASS |
Checking licensing (Blade: IPS) | Not Entitled | INFO |
Checking licensing (Blade: Anti-Spam & Email Security) | Not Entitled | INFO |
Checking licensing (Blade: Application Control) | Not Entitled | INFO |
Checking licensing (Blade: URL Filtering) | Not Entitled | INFO |
Checking licensing (Blade: Anti-Virus) | Not Entitled | INFO |
Checking licensing (Blade: Anti-Bot) | Not Entitled | INFO |
Checking licensing (Blade: Threat Emulation Local) | Not Entitled | INFO |
Checking licensing (Blade: Threat Emulation Cloud) | Not Entitled | INFO |
Checking licensing (Blade: Threat Extraction) | Not Entitled | INFO |
Checking licensing (Blade: Data Loss Prevention) | Not Entitled | INFO |
Checking licensing (Blade: Content Awareness) | Entitled | PASS |
Checking licensing (Blade: Mobile Access) | Entitled | PASS |
Topic | Detail | State |
---|---|---|
Checking logs (/var/log/messages*) | 1090 messages | FAIL |
Checking logs (/opt/CPshrd-R80.40/log/cpd.elg) | 22 messages | FAIL |
Checking logs (/var/log/routed.log) | 1 messages | FAIL |
Checking logs (/opt/CPsuite-R80.40/fw1/log/fwd.elg) | 192 messages | FAIL |
Topic | Detail | State |
---|---|---|
Checking SIC State | Trust State: Trust established | PASS |
Topic | Detail | State |
---|---|---|
Checking memory usage (average) | 34% | PASS |
Checking memory usage (peak) | 36% | PASS |
Checking memory usage (swap) | 0% | PASS |
Checking failed memory allocations | PASS |
Topic | Detail | State |
---|---|---|
Checking interface statistics (Mgmt - rx/all) | PASS | |
Checking interface statistics (Mgmt - tx/all) | PASS | |
Checking interface statistics (eth1 - rx/all) | PASS | |
Checking interface statistics (eth1 - tx/all) | PASS | |
Checking interface statistics (eth2 - rx_dropped) | 8567 | FAIL |
Checking interface statistics (eth2 - rx_crc_errors) | PASS | |
Checking interface statistics (eth2 - rx_errors) | PASS | |
Checking interface statistics (eth2 - rx_fifo_errors) | PASS | |
Checking interface statistics (eth2 - rx_frame_errors) | PASS | |
Checking interface statistics (eth2 - rx_length_errors) | PASS | |
Checking interface statistics (eth2 - rx_missed_errors) | PASS | |
Checking interface statistics (eth2 - rx_over_errors) | PASS | |
Checking interface statistics (eth2 - tx/all) | PASS | |
Checking interface statistics (eth3 - rx_dropped) | 64486 | FAIL |
Checking interface statistics (eth3 - rx_crc_errors) | PASS | |
Checking interface statistics (eth3 - rx_errors) | PASS | |
Checking interface statistics (eth3 - rx_fifo_errors) | PASS | |
Checking interface statistics (eth3 - rx_frame_errors) | PASS | |
Checking interface statistics (eth3 - rx_length_errors) | PASS | |
Checking interface statistics (eth3 - rx_missed_errors) | PASS | |
Checking interface statistics (eth3 - rx_over_errors) | PASS | |
Checking interface statistics (eth3 - tx/all) | PASS | |
Checking interface statistics (eth4 - rx/all) | PASS | |
Checking interface statistics (eth4 - tx/all) | PASS | |
Checking interface statistics (eth5 - rx/all) | PASS | |
Checking interface statistics (eth5 - tx/all) | PASS | |
Checking interface statistics (eth6 - rx/all) | PASS | |
Checking interface statistics (eth6 - tx/all) | PASS | |
Checking interface statistics (eth7 - rx/all) | PASS | |
Checking interface statistics (eth7 - tx/all) | PASS |
Topic | Detail | State |
---|---|---|
Checking crashes [/var/log/crash] | PASS | |
Checking crashes [/var/log/dump/usermode] | PASS | |
Checking process (CPVIEWD) | PASS | |
Checking process (CPVIEWS) | PASS | |
Checking process (SXL_STATD) | PASS | |
Checking process (CPD) | PASS | |
Checking process (MPDAEMON) | PASS | |
Checking process (TP_CONF_SERVICE) | PASS | |
Checking process (CI_CLEANUP) | PASS | |
Checking process (CIHS) | PASS | |
Checking process (FWD) | PASS | |
Checking process (SPIKE_DETECTIVE) | PASS | |
Checking process (LPD) | PASS | |
Checking process (DASERVICE) | PASS | |
Checking process (AUTOUPDATER) | PASS | |
Checking process (CPHAMCSET) | PASS | |
Checking process (TOPOD) | PASS | |
Checking zombie processes | PASS |
Topic | Detail | State |
---|---|---|
SecureXL (Instance: 0, Name: SND, Status: enabled) | PASS | |
SecureXL (Accept Templates) | disabledbyFirewall | WARN |
SecureXL (Drop Templates) | enabled | PASS |
SecureXL (NAT Templates) | disabledbyFirewall | WARN |
SecureXL (Accelerated conns/Total conns) | 0/0(0%) | WARN |
SecureXL (Accelerated pkts/Total pkts) | 1/378785(0%) | WARN |
SecureXL (F2Fed pkts/Total pkts) | 378784/378785(99%) | FAIL |
SecureXL (F2V pkts/Total pkts) | 1/378785(0%) | PASS |
SecureXL (CPASXL pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (PSLXL pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (CPAS pipeline pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (PSL pipeline pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (CPAS inline pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (PSL inline pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (QOS inbound pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (QOS outbound pkts/Total pkts) | 0/378785(0%) | PASS |
SecureXL (Corrected pkts/Total pkts) | 0/378785(0%) | PASS |
Topic | Detail | State |
---|---|---|
Checking available disk space (/) | 26G | PASS |
Checking available disk space (/boot) | 217M | PASS |
Checking available disk space (/dev/shm) | 1.8G | PASS |
Checking available disk space (/var/log) | 99G | PASS |
Topic | Detail | State |
---|---|---|
Check blade update status (URL Filtering) | not active | INFO |
Check blade update status (AntiBot) | not active | INFO |
Check blade update status (AntiVirus) | not active | INFO |
Check blade update status (Application Control) | not active | INFO |
Topic | Detail | State |
---|---|---|
Checking overlapping encryption domain | FAIL |