Media Saturn Management AG Uses NetMRI
"Thanks to the automated analysis and the fast detection of network problems, we were able to save a lot of money since we did not need to hire a full-time outside consultant anymore. My daily work became more effective and convenient through the use of NetMRI. Since the deployment of NetMRI, I can answer questions about the network more promptly."
—Franco Carlo Blank, IT ManagerRead Case Study
Take the Next Step:
Network Analysis Tip: Firewall Connection Count Exceeded
Why is this important?
Like many network issues, this problem can be easily diagnosed, but because the symptoms can lead to an incorrect diagnosis and the problem is intermittent, it can be time consuming to discover.
It is typical for IT Staff to size firewall connection licenses at purchase and sometimes neglect to monitor usage growth. Growing dependence on e-business applications and remote workers using VPNs will increase the dependency on firewall infrastructure leading to an increase in license usage.
The problem manifests as intermittent connection issues. It can easily be mistaken for a general network error particular to a specific group of users, a specific application, or a specific area of the network.
The impact of intermittent users on firewall device connection counts
Typically, the network team will be looking for problems within the infrastructure that may be common among the group reporting the issue while the application team checks applications common to group. This leads to not only an ineffective use of technical resources, but delays in identifying the actual source of the problem. This can be exacerbated by organizational structure that often separates the network team from the staff responsible for maintaining the firewalls.
If your organization utilizes the Cisco PIX firewall, troubleshooting involves logging into each firewall and running the command "show conn"
pixfirewall> show conn
32 in use, 32 remain, 48 most used
In the case above, the license count has never been exceeded (in use plus remain is less than most used). In this case, you would be able to rule out the firewall license count as a source of your problem. If the most used field above equaled 64, you would be able to ascertain that at some point in time, you have maxed out your license count. However, you would still be uncertain about when that happened and if it is actually the source of the problem because you do not know when the license count was exceeded.
In the Netcordia environment, we monitor the "most used" connections in relationship to the total license count and automatically fire an issue on three thresholds:
- If "most used" is at least 50% but less than 60%, it is recorded at the "info" level
- If "most used" is at least 60% but less than 80%, it is recorded at the "warning" level
- If "most used" is greater than 80%, it is recorded at the "error" level
Netcordia provides you with not only the knowledge of when you have exceeded your license count, but a series of warning messages that allow your group to proactively plan for additional license count prior to encountering connectivity issues for your user community.