Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1703
Views
0
Helpful
3
Replies

monitoring tool for ASA

mohammedrashid459
Level 1
Level 1

‎12-20-2016 12:46 PM - edited ‎03-12-2019 01:41 AM

Dear Experts,

Can anyone please let me know what's the best monitoring tool for Cisco ASA firewall.

I know we can monitor it through ASDM, but are there any other alternatives for ASDM.

Also I want to know the recommended monitoring tool for Cisco routers and switches.

Any help would be really appreciable.

Thanks

Mohammed 

Labels:
0 Helpful
3 Replies 3

Oliver Kaiser
Level 7
Level 7

‎12-20-2016 02:33 PM

In my opinion there is no "best" tool to monitore Cisco ASA. When it comes to monitoring there are many different things we are able to monitor and the reasons for doing so vary depending on what we want to achive (system status, performance, logs, traffic analysis, etc.).

If you are heavy into Cisco, Cisco Prime might be a good fit to monitor system metrics like hardware, cpu, memory, interface load etc. of ASA and IOS devices.

In case you are interested into traffic analysis a netflow tool like Scrutinizer might be the right fit.

If you want to correlate events and do log analysis something like Splunk or Elastic Stack might be the tool you are looking for

In case you are looking for monitoring tools from the open source space Nagios / Icinga2 would make sense to monitor metrics via polling snmp data or alerting on snmp traps.

If you want to know anything specific let me know. 

0 Helpful

mohammedrashid459
Level 1
Level 1
In response to Oliver Kaiser

‎12-21-2016 02:23 AM

Hi Kaisero,

Thank you very much for letting me know all these things.

Can you also please let me know, what causes the high bandwidth utilisation and memory in real time, also can you please let me know how to overcome these things if encountered.

How about the latency and jitter, how do people overcome these things without having the impact on the production network.

Thanks very much.

Mohammed

0 Helpful

Oliver Kaiser
Level 7
Level 7
In response to mohammedrashid459

‎01-01-2017 12:55 PM

Hi Mohammed,

As for what causes high bandwidth utilisation it really depends on your traffic pattern. Might be related to user traffic, backup traffic, etc. etc. High memory usage is experienced if the firewall has to handle high traffic loads and traffic must be located for various features (e.g. nat table, connection table, etc.) or it might be a memory leak that is caused by a buggy feature implementation resulting in your memory usage constantly growing.

To overcome issues like that you either have to implement QoS in your environment to shape traffic or buy a larger box to handle the amount of traffic. Blocking undesired traffic might also be a solution depending on the issue - different issues call for different solutions based on the cause.

Let me know if that answers your questions

regards

Oliver

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card