Blue Coat Systems Blue Coat Systems SG Appliance manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Blue Coat Systems Blue Coat Systems SG Appliance, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Blue Coat Systems Blue Coat Systems SG Appliance one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Blue Coat Systems Blue Coat Systems SG Appliance. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Blue Coat Systems Blue Coat Systems SG Appliance should contain:
- informations concerning technical data of Blue Coat Systems Blue Coat Systems SG Appliance
- name of the manufacturer and a year of construction of the Blue Coat Systems Blue Coat Systems SG Appliance item
- rules of operation, control and maintenance of the Blue Coat Systems Blue Coat Systems SG Appliance item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Blue Coat Systems Blue Coat Systems SG Appliance alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Blue Coat Systems Blue Coat Systems SG Appliance, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Blue Coat Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Blue Coat Systems Blue Coat Systems SG Appliance.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Blue Coat Systems Blue Coat Systems SG Appliance item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Blue Coat ® Systems SG ™ Appliance V olume 9: Managing the Blue Coat SG Appliance SGOS V ersion 5.2.2[...]

  • Page 2

    Contact Inf ormation Blue Coat Systems Inc. 420 North Mary A ve Sunnyvale, CA 94 085-4121 http://www.bluecoat.com/support/contact.html bcs.info@bluecoat.com http://www .bluecoat.com For concerns or feedback about the documentation: documentation@bluecoat.com Copyright© 1999-2 007 Blue Coat System s, Inc. All rights reserved wo rldwide. No part of [...]

  • Page 3

    iii Contents Contact Information Chapter 1: About Managing the SG Applia nce Document Conventions ............ ................. ................. ................. ................. ................. .......... ....... ................. ... 7 Chapter 2: Monitoring the SG Appliance Using Director to Manage SG Systems ... ................. .........[...]

  • Page 4

    V olume 9: Managing t he Blue Coat SG Appliance iv Restore-Defaults ................. ................. ................. ................. ................. ................. ......... ..... ................. .... 34 Factory-Defaults .............. ................. ................. ................. ................. ................. ..........[...]

  • Page 5

    Contents v Viewing Traffic History .................... ................. ................. ................. ................ ................. .............. ............. 65 Understanding Chart Data ...................... ................. .................... ................ ................. ........... ...... .......... 67 Refreshing the Dat[...]

  • Page 6

    V olume 9: Managing t he Blue Coat SG Appliance vi[...]

  • Page 7

    7 Chapter 1: About Managing the SG Appliance V olume 9: Managing t he Blue Coat SG Appliance describes how to monitor the SG appliance with SNMP ( a brief intr oduction to Director is provided) , event logging, or health monitoring. It also describes co mmon maintenance and troubleshooting tasks. Discussed in this volume: ❐ Chapter 2: "Monit[...]

  • Page 8

    V olume 9: Managing t he Blue Coat SG Appliance 8[...]

  • Page 9

    9 Chapter 2: Monitoring the SG Appliance This chapter describes the methods you ca n use to monitor your SG applianc es, including event logging, SNMP , and health moni toring. A brief introduction to Director is also provided. This chapter contains the following sections: ❐ “Using Director to Manage SG Systems” on page 9 ❐ “Monitoring th[...]

  • Page 10

    V olume 9: Managing t he Blue Coat SG Appliance 10 Director Registration Requirement s T o register the appliance with Director , the SS H-Console service must be enabled. Dir ector regis tration will fail if the s sh-console has been disabled or de leted, or if the SSHv2 host key has been r emoved. Registering the SG Appliance with Director Though[...]

  • Page 11

    Chapter 2: Monitoring the SG Appliance 11 Setting up Director and SG Appliance Communication Director and the SG appliance use SSHv2 as the default communication mode. SSHv1 is not supported. For Director to successfully manage multiple appliances, it must be able to communicate with an appliance using SSH/RSA and the Dire ctor ’s public key must[...]

  • Page 12

    V olume 9: Managing t he Blue Coat SG Appliance 12 T o delete a key: SGOS#(config sshd) delete director-c lient-key clientID Monitoring the System and Disks The System and disks page in the Management Console has the following tabs: ❐ Summary Provide s configuration informati on and a ge neral status information about the device. ❐ T asks Enabl[...]

  • Page 13

    Chapter 2: Monitoring the SG Appliance 13 V iewing System Environment Sensors The icons on the Envir onment tab are gr een when the r elated hardwar e environment is within acceptable parameters, and red when an out-of-tolerance condition exists. If an icon is red, click Vie w Sensors to view detailed sensor stat istics to learn more about the out-[...]

  • Page 14

    V olume 9: Managing t he Blue Coat SG Appliance 14 V iewing Disk S tatus Y ou can view the status of each of the disks in the sy stem and take a disk of fline if needed. T o view disk st atus or t ake a disk offlin e: 1. Select Maintenance > System and disks > Envir onment . The default view pr ovides inform ation about the disk in slot 1. 2.[...]

  • Page 15

    Chapter 2: Monitoring the SG Appliance 15 V iewing SSL Accelerator Card Information Selecting the Maintenance > System and disks > SSL Cards tab allows you to view information about any SSL accelerator cards in the system. If no accelerator car ds are installed, that inform ation is stated on the pane. T o view SSL accelerator cards: Note: Y [...]

  • Page 16

    V olume 9: Managing t he Blue Coat SG Appliance 16 Related CLI Commands f or Setting the Ev ent Logging Le vel SGOS#(config event-log) level { sever e | configuration | policy | informational | verbose } Setting Event Log Size Y ou can limit the size of the appliances’s ev ent log and specify what the appliance should do if the log si ze limit is[...]

  • Page 17

    Chapter 2: Monitoring the SG Appliance 17 T o enable event notifications: 1. Select Maintenance > Event Logging > Mail . 2. Click New to add a new e-mail ad dress; clic k OK in the Add list item dialog that appears. 3. In the SMTP gate way name field, enter the host name of your mail server ; or in the SMTP gate way IP field , enter the IP ad[...]

  • Page 18

    V olume 9: Managing t he Blue Coat SG Appliance 18 T o enable syslog monitor ing: 1. Select Maintenance > Event Logging > Syslog . 2. In the Loghost f ield, enter the domain name or IP addr ess of your loghost server . 3. Select Enable Syslog . 4. Click Apply . Related CLI Commands to Enab le Syslog Monitoring SGOS#(config event-log) syslog {[...]

  • Page 19

    Chapter 2: Monitoring the SG Appliance 19 Syslog notification: disabled Syslog facility: daemon Event recipients: SMTP gateway: mail.heartbeat.bluecoat.com Viewing the Event Log Content s Again, you can view the event log contents from the show command or from the event-log configuration mode. The syntax for viewing the event log contents is SGOS# [...]

  • Page 20

    V olume 9: Managing t he Blue Coat SG Appliance 20 Example SGOS# show event-log start "2004-10- 22 9:00:00" end "2004-10-22 9:15:00" 2004-10-22 09:00:02+00:00UTC "Snaps hot sysinfo_stats has fetched / sysinfo-stats " 0 2D0006:96 ../Sn apshot_worker.cpp:183 2004-10-22 09:05:49+00:00UTC "NTP: Periodic query of serve[...]

  • Page 21

    Chapter 2: Monitoring the SG Appliance 21 Configuring SNMP Community S trings Use community strings to r estrict access to SNMP data. T o read SNMP data on the SG appliance, specify a read c ommunity string. T o write SNMP data to the appliance, specify a write community string. T o receive traps, specify a t rap community string. By default, all c[...]

  • Page 22

    V olume 9: Managing t he Blue Coat SG Appliance 22 SGOS#(config snmp) trap-community pa ssword T o set them as encrypted: SGOS#(config) snmp SGOS#(config snmp) enable SGOS#(config snmp) encrypted-read-co mmunity encrypted-password SGOS#(config snmp) encrypted-write-c ommunity encrypted - password SGOS#(config snmp) encrypted-trap-co mmunity encrypt[...]

  • Page 23

    Chapter 2: Monitoring the SG Appliance 23 Configuring Health Monitoring The health monitoring featur e tracks key hard ware and softwar e metrics so that you can can quickly discover and diagnose potentia l problems. Dir ector (and other thir d-party network management tools) also use these metr ics to remotely display the current state of the SG a[...]

  • Page 24

    V olume 9: Managing t he Blue Coat SG Appliance 24 About the Health Monitoring Metric T ypes The SG appliance monitors the fo llowing types of health metrics: ❐ Hardwar e ❐ Environmental ❐ ADN ❐ System resour ce ❐ Licensing metrics The system resour ce and licensing thresholds ar e user-configurable, me aning that you can specify the thr [...]

  • Page 25

    Chapter 2: Monitoring the SG Appliance 25 Health Monito ring Example The following picture shows an example. The lower horizontal line re presents the W arning threshold; the upper horizontal line is the Critical thr eshold. Note how they divide the graph into bands associated with ea ch of the thr ee possible states. Assume both thresholds have in[...]

  • Page 26

    V olume 9: Managing t he Blue Coat SG Appliance 26 For the license expiration metric s, the threshold interval is irr elevant and is set by default to 0. Y ou should set the W arning Threshold to a value that will give you ample time to renew your license. By defa ult, all license ex piration metrics have a W arning Threshold of 30 days. By default[...]

  • Page 27

    Chapter 2: Monitoring the SG Appliance 27 See “About License Expiration Metrics ” on page 25 for information licensing thresholds. About the S tatus Metrics The following table lists the metrics displaye d in the Maintenance > Health Monitoring > Status page. The thres holds for these metrics are not user -configurable. Metric Units Defau[...]

  • Page 28

    V olume 9: Managing t he Blue Coat SG Appliance 28 Changing Threshold and Notification Properties The health monitoring thr eshold and notificati on properties ar e set by defau lt. Use the following procedur e to modify the current settings. T o change the threshold and notification proper ties: 1. Select Maintena nce > Health Monitoring . 2. D[...]

  • Page 29

    Chapter 2: Monitoring the SG Appliance 29 4. Click Edit to modify the thr eshold and notification setti ngs. The Edit Health Monitor Setting dialog dis plays. (hardwar e, environmental, and ADN thr esholds cannot be modified.) 5. Modify the thresho ld values: a. T o change the critical threshold, ente r a new value in the Critical Thr eshold field.[...]

  • Page 30

    V olume 9: Managing t he Blue Coat SG Appliance 30 System health is determined by calculating the “aggregate” health status of the following metrics: ❐ CPU Utilizati on ❐ Memory Pressur e ❐ Network interface util ization ❐ Disk status (for all disks) ❐ License expiration ❐ License “user count” utilization (when applicable) ❐ A[...]

  • Page 31

    Chapter 2: Monitoring the SG Appliance 31 4. Click Close to close the View Metrics Detail dialog. 5. Optional—If you want to modify a metric, highlight the metric and click Set Thresholds . The Maintenance > He alth Monitoring page displays . T o modify the metric, follow the pr ocedure describe in “Changing Thr eshold and No tification Prop[...]

  • Page 32

    V olume 9: Managing t he Blue Coat SG Appliance 32[...]

  • Page 33

    33 Chapter 3: Maintaining the SG Appliance This chapter describes how to maintain the SG appliance; for example, r estarting the appliance, r estoring system defaults, upgrading the appl iance, and reinitia lizing disks. This chapter contains the following sections: ❐ “Restarting the SG Appliance” on page 33 ❐ “Restoring Syst em Defaults?[...]

  • Page 34

    V olume 9: Managing t he Blue Coat SG Appliance 34 2. In the Restart field, select either Software only or Hardware and software . 3. If you select the Har dware and software option, select a system from the System to run drop-down list. The default system is pre-selected. 4. Click Apply . 5. Click Restar t now . 6. Click OK to confirm and restart [...]

  • Page 35

    Chapter 3: Maintaining the SG Applia nce 35 ❐ Third- party vendor licenses, such as SmartFilter or W ebsense. If you use the restore-defaults command after you have installed licenses, and the serial number of your system is conf igurable (older boxes only), the licenses fails to install and the SG appliance r eturns to the trial period (if any t[...]

  • Page 36

    V olume 9: Managing t he Blue Coat SG Appliance 36 T o restore system default s: 1. Select Maintenance > System and disks > T asks . 2. From the Ta s k s field, click Restore the configuration to defaults . If you restore the configuration fr om the Management Consol e, most settings are lo st because you cannot use the keep-console option. T[...]

  • Page 37

    Chapter 3: Maintaining the SG Applia nce 37 T o clear the object cache: 1. Select Maintenance > System and disks > T asks . 2. In the T asks fi eld, click Clear next to “the object cache.” 3. Click OK to confirm in the Clear cache dialog that appear s. Related CLI Syn tax to Clea r the Objec t Cache SGOS# clear-cache object-cache Clearing[...]

  • Page 38

    V olume 9: Managing t he Blue Coat SG Appliance 38 The SG Appliance 5.x V ersion Upgrade The appliance must be running version SGOS 4.2.1.6 or later in or der to upgrade to SGOS 5.x. Y ou cannot directly upgrade fr om any pre vious version. T o upgrade the SG appliance : 1. Select Maintenance > U pgrade > Upgrade . 2. Click Show me to connect[...]

  • Page 39

    Chapter 3: Maintaining the SG Applia nce 39 3. (Optional) Select the system to replace in the Replace dr op-down list. If you uploaded an image from your PC, refr esh the Systems pane to see the new sys tem image. 4. Click Restar t . The Restar t system dialog displays. 5. Click OK to reboot the SG appliance to the default system. Related CLI Synta[...]

  • Page 40

    V olume 9: Managing t he Blue Coat SG Appliance 40 T roubleshooting Tip If the SG appliance does not come up after rebootin g and the serial port is connected to a terminal server (terminal concentrator), tr y the following: ❐ Have an active session open on the termin al server , noting any traf fic (character s) being output. ❐ Unplug the term[...]

  • Page 41

    Chapter 3: Maintaining the SG Applia nce 41 T o view details for an SGOS syst em version: At the command prompt: SGOS> show installed-systems Example Session SGOS> show installed-systems SG Appliance Systems 1. Version: SGOS 4.2.1.1, Release ID : 25460 Thursday April 6 2006 08:49:55 UTC, Lock Status: Locked Boot Status: Last boot succeeded, L[...]

  • Page 42

    V olume 9: Managing t he Blue Coat SG Appliance 42 Related CLI Syntax to Set the Default Boot System SGOS#(config) installed-systems SGOS#(config installed-systems) defa ult system_number Locking and Unlocking SG Appliance Systems Any system can be locked, except a system that has been selected for replacement. If all systems, or all sy stems excep[...]

  • Page 43

    Chapter 3: Maintaining the SG Applia nce 43 Deleting an SG Appliance System Y ou can delete any of the sys tem versions except the curr ent running system. A locked system must be unlocked before it can be dele ted. If the system you want to delete is the default boot system, you need to se lect a ne w default boot system befor e the system can be [...]

  • Page 44

    V olume 9: Managing t he Blue Coat SG Appliance 44 Single-Disk SG Appliance The disk on a single- disk SG appliance cannot be r einitialized by the customer . If you suspect a disk fault i n a single-disk SG applia nce, con tact Blue Coat T echnical Support for assistance. Deleting Objects from the SG Appliance The ability to delete either individu[...]

  • Page 45

    45 Chapter 4: Diagnostics Blue Coat Systems has a number of re sources to pr ovide diagnostic information: ❐ Heartbeats: Enabled by default, Heartbeats ( s tatistics) are a diagno stic tool used by Blue Coat, allowing them to proactiv ely monitor the health of appl iances. ❐ Core images : Created when ther e is an unexpected system restarted. T[...]

  • Page 46

    V olume 9: Managing t he Blue Coat SG Appliance 46 This chapter discusses the following topics: ❐ “Diagnostic Reporting (Service Information)” on page 46 (This incl udes taking snapshots of the sys tem.) ❐ “Packet Capturing (the Job Utility)” on page 52 ❐ “Core Image Restart Options” on page 57 ❐ “Diagnostic Reporting (Heartbe[...]

  • Page 47

    Chapter 4: Diagnostics 47 3. Enter the service-request number that you r eceived from a T echnical Support repr esentative into the Auto Send Service Request Number field (the service-request number is in the form xx-xxxxxxx or x-xxxxxxx). 4. Click Apply to commit the changes to the SG appliance. 5. (Optional) T o clear the serv ice-request number [...]

  • Page 48

    V olume 9: Managing t he Blue Coat SG Appliance 48 Configure Service In formation Settings The service information options al low you to se nd service informa tion to Blue Coat using either the Management Console or the CLI. Y o u can select the information to send, send the information, view the status of curr ent transac tions, and cancel current[...]

  • Page 49

    Chapter 4: Diagnostics 49 4. (Optional) If you select Access Logs , Snapshots , or Contexts , you must als o click Select access logs to send , Select snapshots to send , or Select contexts to send and complete the following steps in the corresponding dialog that appears: a. T o select information to send, highlight the appropriate selection in the[...]

  • Page 50

    V olume 9: Managing t he Blue Coat SG Appliance 50 Creating and Editing Snapshot Jobs The snapshot subsystem periodically pulls a specified console URL and stores it in a repository , offering valuable r esources for Blue Coat customer support in diagnosing problems. By default, two snapshots are defined. The first takes a snapshot of the system in[...]

  • Page 51

    Chapter 4: Diagnostics 51 4. Enter the following information into the Edit Snapshot fields: a. Ta r g e t : Enter the object to snapshot. b. Interval (min utes) : Enter the interval between snapshot reports. c. T otal Number T o T ake : Enter the total number of snapshots to take or select Infinite to take an infinite n umber of snapshots. d. Maxim[...]

  • Page 52

    V olume 9: Managing t he Blue Coat SG Appliance 52 Packet Capturing (the Job Utility) Y ou can capture packets of Ethernet frames going into or leaving an SG appliance. Packet capturing allows f iltering on various attr ibutes of the frame to limit the amount of data collected. The maximum PCAP size allowed is 100MB. Any packet filters must be defi[...]

  • Page 53

    Chapter 4: Diagnostics 53 Using Filter Expre ssions in the CLI T o add a filter to the CLI, use the command: SGOS# pcap filter expr parameters T o remove a filter , use the command: SGOS# pcap filter <enter> Configuring Packet Capturing Use the following pr ocedures to configur e packet capturing. If a download of the captured packets is requ[...]

  • Page 54

    V olume 9: Managing t he Blue Coat SG Appliance 54 T o e nable, stop, and downlo ad packet captur es: 1. Select Maintenance > Serv ice Information > Packet Captures . 2. In the Direction drop-down list, sele ct the capture direction: in , out , or both . 3. In the Interface drop-down list, select the interface on which to captur e. 4. T o def[...]

  • Page 55

    Chapter 4: Diagnostics 55 6. Set the buffer size and method by ch oosing one of the following radio buttons: a. Capture all matching packets. b. Capture first n matching packets. Enter the numb er of matching pac kets (n) to capture. If the number of packets reac hes this limit, packet capturing stops automatically . The value must be between 1 and[...]

  • Page 56

    V olume 9: Managing t he Blue Coat SG Appliance 56 Related CLI Syntax to De fine P ack et Capturing Settings SGOS# pcap filter parameters SGOS# pcap start [ subcommands ] T o start, st op, and download packe t captures through a browser: 1. Start your W eb browser . 2. Enter the URL: https:// appliance_IP_address :8082/PCAP/Stati stics and log on t[...]

  • Page 57

    Chapter 4: Diagnostics 57 T o view current pac ket capture st atistics: 1. Select Maintenance > Serv ice Information > Packet Captures . 2. T o view the packet capture statistics, click the Show statistics button. A window opens displaying the statistics on the current pa cket capture settings. Close the window when you ar e finished viewing [...]

  • Page 58

    V olume 9: Managing t he Blue Coat SG Appliance 58 Related CLI Syntax for Configur ing Core Image Restart Options SGOS#(config) restart core-image {co ntext | full | keep number | none} Diagnostic Reporting (Heartbeats) The SG appliance diagnostic reporting configurations are located in the Management Console (under the Maintenance > Hea rbeats [...]

  • Page 59

    Chapter 4: Diagnostics 59 Diagnostic Reporting (CPU Monitoring) Y ou can enable CPU monitoring whenever you want to see the perc entage of CPU being used by specific functional gr oups. For example, if you look at the CPU consumption and notice that compression/decompr ession is co nsuming most of the CPU, you can change your policy to compr ess/de[...]

  • Page 60

    V olume 9: Managing t he Blue Coat SG Appliance 60 Note: The commands SGOS#( config) s how cpu and SGOS#(config diagn ostics) view cpu-monitor can sometimes display CPU statisti cs that dif fer by about 2-3%. This occurs because dif ferent measur ement techniques are used for the two displays .[...]

  • Page 61

    61 Chapter 5: S tatistics The Statistics tabs of the Management Cons ole allow you to view the status of many system operations. Many statistics are avai lable thr ough the CLI, but only in text output. Y ou can also view detailed system information thr ough the CLI using the show command. Access this command through either the enable command pr om[...]

  • Page 62

    V olume 9: Managing t he Blue Coat SG Appliance 62 V iewing T raffic Distribution S tatistics Use the Statistics > T raffic Mix page to display traffic distribution and band width statistics for traf fic running through the SG appliance. Y o u can display statistics for pr oxy types, or for services, and for various time pe riods. Figure 5-2. T [...]

  • Page 63

    Chapter 5: St atistics 63 Understanding Chart Dat a The chart data updates au tomatically every 60 seconds. The units for the X and Y axis change accordi ng to the selected duration. For e xample, if you select "Last W eek,” the X-axis displays the days of the week (the most current day is to the far right). The word "Hit" can disp[...]

  • Page 64

    V olume 9: Managing t he Blue Coat SG Appliance 64 About the Default Service S tatistics The default service statistics r epresent bytes fo r traffic that has been bypassed because it did not match: ❐ An existing service listener ❐ Other rules, such as static or dynamic bypass T o view the default service bytes, click Default P or ts... in the [...]

  • Page 65

    Chapter 5: St atistics 65 5. Select the Prox y radio button to display the ba ndwidth usage statistics for all supported proxies. V iewing Client Byte and Serv er Byte T raffic Distribution Select the Client Bytes or Server By tes tabs in the T raffic Mix page to view a pie chart of client byte or server byte statistics for th e SG applianc e over [...]

  • Page 66

    V olume 9: Managing t he Blue Coat SG Appliance 66 Supported Proxy T y pes and Services The T raffic Histor y (and T raffic Mix ) page displays da ta for the following proxy types (and services of these pr oxy types): a d b c e Key: a. V iew traf fic history statistics by service or by pr oxy . b. Modify the historical reporting period. c. Include [...]

  • Page 67

    Chapter 5: St atistics 67 Unsupported Proxy T ypes The T raffic Histor y does not display data for the following proxy types: Understanding Chart Dat a The T raffic Histor y chart data updates automatically ev ery 60 seconds. The colors in the chart repr esent the following info rmation: ❐ Bandwidth Usage chart: • Green—Client byte s • Blue[...]

  • Page 68

    V olume 9: Managing t he Blue Coat SG Appliance 68 About Bypassed Bytes Bypassed bytes are bytes that ar e not int erc epted by a service or proxy . By default, bypassed bytes are included in the traffic mix view s. When eval uating traffic statistics for potential optimization, it can be useful to in clude or ex clude the bypassed byte statistics.[...]

  • Page 69

    Chapter 5: St atistics 69 ❐ CIFS History The Statistics > Protocol Details > CIFS History pa ges enable you vi ew statistics for CIFS objects, CIFS bytes read, CIFS bytes wr itten, and CIFS clients. Refer to the CIF S chapter in V olume 2: Proxies and Proxy Services for mor e information about these statistics. ❐ HTTP/FTP History The Stat[...]

  • Page 70

    V olume 9: Managing t he Blue Coat SG Appliance 70 ❐ Streaming History The Statistics > Protocol Details > Streaming History pag es enable you view statistics for W indows Media, Real Media, QuickT ime, current str eaming data, total streaming data, and bandwidth gain. Refer to the streaming chapter in Vo l u m e 3 : W e b Communication Pr [...]

  • Page 71

    Chapter 5: St atistics 71 Viewing Concurrent Users The Concurrent Users tab shows users (IP addr esses) going thr ough the SG appliance for the last 60 minutes, day , week, month, and ye ar . Only uniqu e IP addresses of connections intercepted by pr oxy services are counted towar d the user limit. T o view concurrent users: Click Statistics > S[...]

  • Page 72

    V olume 9: Managing t he Blue Coat SG Appliance 72 Viewing Disk Use S tatistics The Disk Us e tab shows the SG appliance disk usage. The fields on the tab are : ❐ System Objects— the percentage of storage r esources curr ently used for non-access-log system objects ❐ Access log— the percentage of storage resour ces currently used for the ac[...]

  • Page 73

    Chapter 5: St atistics 73 Viewing Dat a Allocation St atistics in RAM and on Disk The Data tab shows the total and available disk space and RAM, and how they ar e currently allocated. The fields on the Data ta b ar e described below . Y ou can also view this information in the CLI. ❐ Maximum objects su pported —The maximum number of obje cts th[...]

  • Page 74

    V olume 9: Managing t he Blue Coat SG Appliance 74 Contents S tatistics The Conten ts tabs ( Distribution and Data ) allow you to see information about objects currently stor ed or served organized by s i ze. The cache contents include all objects currently stor ed by the SG appliance. Th e cache contents ar e not cleared when the appliance is powe[...]

  • Page 75

    Chapter 5: St atistics 75 Event Logging S tatistics The event log contains all events that have occurred on the SG appliance. Configur e the level of detail available by selecting Maintenance > Event Logg ing > Level (For details, see “Configuring Which Events to Log” on page 15). T o view the event log: 1. Select Statistics > System &[...]

  • Page 76

    V olume 9: Managing t he Blue Coat SG Appliance 76 Failover S tatistics At any time, you c an view statistics for any failover group you have configur ed on your system. T o view failover st atistics: 1. Select Statistics > System > F ailover . 2. From the F ailover Gro up drop-down list, select the group to view . The information displayed i[...]

  • Page 77

    Chapter 5: St atistics 77 Analyzing Proxied Sessions Use the Statistics > Active Sessions > Pro xied Sessions page to get an immediate picture of the sessions, protocol types, services, byte s, and bandwidth gains (d erived from W AN optimization and object caching) associated with client traf fic. The first time you navigate to the Pro xied [...]

  • Page 78

    V olume 9: Managing t he Blue Coat SG Appliance 78 T able 5-1. T able Column Hea ding Description s on the Proxied Sessions P age Column Heading Description Client IP address and port of the client PC (or other downstream host). When the client connection is inactive , the contents of this column are unavailable (gray). A client connect ion can bec[...]

  • Page 79

    Chapter 5: St atistics 79 Ser ver Bytes Represents the number of bytes (to and fr om the server) at the socket level on the s erver connection. All application-level bytes are counted, including applic ation overhead such as HTTP headers, CIFS headers, and so on. If the traffic is flowing through an ADN tunnel, the bytes are counted after ADN optim[...]

  • Page 80

    V olume 9: Managing t he Blue Coat SG Appliance 80 OC Object Caching. When displ ayed in co lor , this icon indicates that an HTTP , HTTPS, CIFS, Stream ing, or FTP proxy is in use and the content is cach eable. This icon has thre e states: • Activ e (colo r icon) • Inactive (gray icon) • Not possible (not di splayed) The icon: ❐ Is unavail[...]

  • Page 81

    Chapter 5: St atistics 81 Using the T ool Tip s Hover the cursor over the following components to get more information: ❐ T able column headers—Disp lays the full name of the column header . ❐ Row values. ❐ Acceleration icons ( C , BC , OC , P , BM )—Displays the icon identity . ❐ ADN, SOCKS, and FW icons—Display s the next hop. ❐ C[...]

  • Page 82

    V olume 9: Managing t he Blue Coat SG Appliance 82 MMS The active sessi ons feature display s MMS stream s that have a client associated with them. MMS streams that do not have a client as sociated with them (multicast, content management requests, and so on) are not displayed. MMS streams ar e displayed as follows: ❐ MMS UDP streams have two con[...]

  • Page 83

    Chapter 5: St atistics 83 About the Byte T otals The client and server byte total is the sum of all bytes going to and from the client or server . All applica tion-level bytes are counte d, includ ing application over head such as HTTP headers, CIFS headers, and so on. TCP and IP headers, packet retransmissions, and duplicate packets are not counte[...]

  • Page 84

    V olume 9: Managing t he Blue Coat SG Appliance 84 Figure 5-12. Filter ing Proxied Sessions When you select a filter , a text field or popup displays so that you can ent er filtering criteria. If you select a filter , you must enter a filtering cr iteria (or select None ) befor e clicking Show . The following filters are available: ❐ Client Addre[...]

  • Page 85

    Chapter 5: St atistics 85 The Bypassed Connections page displays data for connections that were not inter cepted because: ❐ A service has not been configured to inter cept the traffic. ❐ A static or dynamic bypass r ule ca used the traf fic to be bypassed. ❐ The interface transparent inter c eption setting is disabled. Viewing Byp assed Conne[...]

  • Page 86

    V olume 9: Managing t he Blue Coat SG Appliance 86 Filtering the Display Use the Filter dr op-down list to filter the bypassed connection statistics. Figure 5-14. Filter Drop-Down List When you select a filter , a text field or drop-down displays so that you can enter filteri ng criteria. Figure 5-15. Filter Drop-Down If you select a filter , you m[...]

  • Page 87

    Chapter 5: St atistics 87 V iewing HTML and XML Views of Bypassed Connections Dat a Access the following U RLs to get HTML and XML views of acti ve session statistics HTML: https:// SG IP :8082/AS/BypassedConnections/ XML: https:// SG IP :8082/AS/BypassedConnections/xml V iewing Health Monitoring S tati stics The Statistics > Health page enables[...]

  • Page 88

    V olume 9: Managing t he Blue Coat SG Appliance 88 2. Click the appropriate link for the ser vice you want to view . A list of categories fo r that service displays. 3. T o view the statistics for a particular category , click that category’s link. A window opens, detailing the relevant statistics. 4. Close the window when you have fin ished view[...]

  • Page 89

    Chapter 5: St atistics 89 resources Alloca tion of system resources snmp SNMP s tatistics streaming Stream ing information system-resource-metrics System Resource Metrics[...]

  • Page 90

    V olume 9: Managing t he Blue Coat SG Appliance 90[...]

  • Page 91

    91 Appendix A: Glossary A access control list Allows or denies sp ecific IP addresses access to a server . access log A list of all the requests sent to an a ppliance. Y ou can read an access log using any of the popular log-reporting pr ograms. When a client us es HTTP streaming, the streaming entry goes to the same access log. account A named ent[...]

  • Page 92

    V olume 9: Managing t he Blue Coat SG Appliance 92 authenticate-401 attribute All transpar ent and explicit r equests rece ived on the port always use transpar ent authentication (cookie or IP , depending on the configuration). This is especially useful to force transpar ent proxy authentica tion in some pr oxy- chaining scenarios authenticated con[...]

  • Page 93

    Appendix A: Glossary 93 cache efficiency A tab found on the Statistics pages of the Management Console that shows the percent of objects serv ed from cache, the per cent loaded from the network, and the percent that w ere non-cacheable. cache hit Occurs when the SG appliance receives a request for an object and can serve the request fr om the cache[...]

  • Page 94

    V olume 9: Managing t he Blue Coat SG Appliance 94 destination objects Used in V isual Policy Manager . Thes e are the ob jects that define the tar get location of an entry type. detect protocol attribute Detects the protocol being used . Protocols that can be detected include: HTTP , P2P (eDonkey , BitT orrent, FastT rack, Gnutella), SSL, and Endp[...]

  • Page 95

    Appendix A: Glossary 95 explicit proxy A configuration in which the browse r is explicitly co nfigured to comm unicate with the proxy server for access to content. This is the default for the SG appliance, and requir es configuration for both browser and the interface card. extended log file format (ELFF) A variant of the common log file format , w[...]

  • Page 96

    V olume 9: Managing t he Blue Coat SG Appliance 96 health check type The ki nd of device or service the speci fic he alth check tests. The following types are supported: • Forwarding host and for warding group • SOCKS gateway and SOCKS gateway group • CAP service and ICAP service group • W ebsense off-box service and W ebsense off-box servi[...]

  • Page 97

    Appendix A: Glossary 97 issuer keyr ing The keyring used by the SG appliance to sign emulated certif icates . The keyring is configured on the applianc e and managed thr ough policy . L licensable component (LC) (Software) A subcomponent of a license; it is an option that enables or disables a specific feature. license Provides both the right an d [...]

  • Page 98

    V olume 9: Managing t he Blue Coat SG Appliance 98 Management Console A graphical W eb interface that lets you to manage, configure, monitor , and upgrade the SG appliance fr om any location. The Ma nagement Console consists of a set of W eb pages and Java applets stor ed on the SG appliance. The appliance acts as a W eb server on the management po[...]

  • Page 99

    Appendix A: Glossary 99 non-cacheable objects A number of objects are not ca ched by the Blue Coat appliance because they ar e considered n on-cach eable. Y ou can add or delete the kinds of objects that the appliance considers non-cacheable. Some of the non-cacheable r equest types are: • Pragma no-cache, reque sts that specify non-cached object[...]

  • Page 100

    V olume 9: Managing t he Blue Coat SG Appliance 100 parent class (bandwidth gain) A class with at least one ch ild. The par ent class must shar e its bandwidth with its child classes in proportion to t he minimum/maximum b andwidth values or priority levels. passive mode data connections (P ASV) Data connections initiated by an FTP client to an FTP[...]

  • Page 101

    Appendix A: Glossary 101 R real-time str eaming protocol (R TSP) A standard method of transferring audio and video and other time-based media over Internet-technology based networks. The pr otocol is used to str e am clips to any RTP- based client. reflect client IP attribute Enables the sending of the client's IP addr ess instead of the SG&ap[...]

  • Page 102

    V olume 9: Managing t he Blue Coat SG Appliance 102 SG appliance A Blue Coat security and cache box that can help manage security and content on a network. sibling class (bandwidth gain) A bandwidth class with the same par ent class as another class. simple network management protocol (SNMP) The standard ope rations and maintenance pr otocol for th[...]

  • Page 103

    Appendix A: Glossary 103 statistics Every Blue Coat appliance keeps statis tics of the appliance har dware and the objects it store s. Y ou can review the general summ ary , the volume, r esources alloc ated, cache efficienc y , cached contents, and cust om UR Ls generated by the appliance for various kinds of logs. Y ou can also check the event vi[...]

  • Page 104

    V olume 9: Managing t he Blue Coat SG Appliance 104 trial period Starting with the first boot, the tria l period pr ovides 60 days of fr ee operation. All features ar e enabled during this time. U unicast alias Defines an name on the appliance fo r a streaming URL. When a client requests the alias content on the appliance, the applia nce uses the U[...]

  • Page 105

    105 Inde x A access logging 87 active sessions 76 bypassed connections 84 proxied sessions 77 ADN history 68 appliance certificat e 9 automatic service information, enabling 46 B bandwidth gain 64 bandwidth management 68 bandwidth usage 64 Blue Coat monitoring, enabling 58 Blue Coat SG deleting image 43 deleting objects from 44 locking and unlockin[...]

  • Page 106

    V olume 9: Managing t he Blue Coat SG Appliance 106 event logging statisti cs 75 F failover st atistics 76 filter expressions for packet capturing 52 G graph scale 61 H health monitoring configuring 23 Director 23 general metrics 26 license expiration 25 licensing metrics 26 notification 26 properties, modifying 28 requirements 23 status metrics 27[...]

  • Page 107

    Index 107 Simple Network Management Protocol, see SNMP snapshot jobs creating and editing 50 SNMP community strings 21 enabling 20 MIB variables 20 MIBs 20 traps 22 SSH-Console service 10 SSHv2 host key 10 SSL accelerator cards, statistics, viewing 15 statistics cached objects by size 74 CPU utiliz ation 70 data allocation 73 graph scale 61 objects[...]

  • Page 108

    V olume 9: Managing t he Blue Coat SG Appliance 108[...]