Monitoring using UnifiedFirewall-MIB ASA/Pix v7.2x

Unanswered Question
Jul 22nd, 2008
User Badges:

We want to monitor ASA and Pix'es. Studiing supported MIB's we found out, that usefull resource metrics worth to be monitored are only be specified at the Cisco-Unified-Firewall-MIB, that should be supported beginning from v7.2.

Probing v7.2x productive devices using snmpwalk we also found out, that just less than 5% of the OID's from the Cisco-Unified-Firewall-MIB are supported from the devices and most of this fiew OID's shows just 0.


1. Are their activation commands necesssary at ASA or Pix, so that the v7.2x devices drives that OID's?

2. Is Cisco-UnifiedFirewall-MIB just at experimental state?

3. can we expect more with supporting of Cisco-UnifiedFirewall-MIB?

thx for answers, Steffen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
STEFFEN NEUSER Mon, 07/28/2008 - 00:15
User Badges:

thx for answer. OK, now I understand: we must read it in this manner "Limited support for objects under cuFwConnectionGrp and cuFwUrlFilterGrp." and "all other groups not".

cuFwUrlFilterGrp is supported very well in real, but we don't need it.

cuFwConnectionGrp (almost nothing is supported there) and some other groups specified in this MIB would be very helpful, to can monitor firewalling issue's.

The aim was to reach an ADSM like monitoring, but real historical and centralized.



This Discussion