Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

How to use SNMP Net Monitoring with Email Security

12/20/2019 13 People found this article helpful 199,288 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    How to use SNMP Net Monitoring with Email Security

    Resolution

    Introduction

    Email Security Appliances have the ability to be monitored using the Simple Network Management Protocol (SNMP), this document describes what SNMP is and how it can be used to monitor Email Security components including disk space and total bandwidth.

    What is SNMP

    SNMP is the Simple Network Management Protocol. The SNMP protocol is used by network management systems to communicate with network elements. For this to work, the network element must be equipped with an SNMP agent. SonicWall has put an SNMP Agent into the SonicWall Global Management System (SGMS) product, which can be found in the Monitor tab option “Net Monitor”. SNMP messages may be initiated by either the network management system (like GMS Net Monitor) or by the network element. AnSNMP TRAP is a message which is initiated by a network element and sent to the network management system. The SNMP GET is amessage which is initiated by the network management system when it wants to retrieve some data from a network element. An SNMP SET is a message which is initiated by the network management system when it wants to change data on a network element. The SNMP MIB, or Management Information Base, is a collection of variables which is shared between the network management system and the network element. The MIB is extensible, which means that hardware and software manufacturers can add new variables to the MIB. These new MIB definitions must be added both to the network element and to the network management system.

    The Email Security Appliance listens to the variables listed within the following MIB’s

    The most basic form of SNMP security is the Community String, SNMP Community Strings are like passwords for network elements. There is one community string which is used for read-only access to the Email Security Appliance. The default value for this communitystring in the Email Security Appliance is "snwl". Using this community string like a password, the network management system can retrieve data from the Email Security Appliance.

    Activating SNMP on the Email Security Appliance

    Enabling SNMP can only be done from within the CommandLine Interface of the Email Security Appliance. The following steps describe how to log into the Command LineInterface of the Email Security Appliance.

    1. Launch a remote shell client such as PuTTY.
    2. Use host snwlcli@<IP Address>
      where snwlcli is the username for shell access and IP Address represents the address of your Email Security Appliance.
    3. Click Yes to accept the Certificate. (This step is only needed the first time accessing the appliance via secure shell.)
    4. Enter the GUI Username at Login.
    5. Use the GUI Password at the Password prompt.

    After being logged into the CLI, use the option SNMP on to enable the SNMP service and, in the same way, it is possible to disable SNMP by using the option SNMP off to disable the SNMP service.

    Configuring SGMS Net Monitor

    It is necessary to setup the SNMP Agent so that it can access the Email Security Appliance and read the information sent using theSNMP protocol. The agent we use is the SonicWall Global Management System Net Monitor. Follow these steps to add theEmail Security Appliance to the SNMP Net Monitor of SGMS. The SonicWall Global Management System Net Monitor will be used as the SNMP agent within this document.

    Follow these steps to set up Net Monitor:

    1. Go to the Monitor tab and select Net Monitor.
    2. Add a Non GMS Device.
    3. Enter the name and IP address of the Email Security Appliance and press the Add button.
    4. Press Next.
    5. Select Monitor Type: SNMP.
    6. Press the Advanced button.
    7. Set the Community name to “snwl”.
    8. Select the MIB’s RFC1213-MIB and UCD-SNMP-MIB.
    9. The Pending Interval is optional.
    10. Press the Finish button. The GMS system will acquire the Email Security Appliance within the Net Monitor after this is done.

    Read the System Information

    To retrieve the system information from the Email Security Appliance, it will be necessary to set the correct SNMP Get requests in theSNMP Agent. These SNMP Get requests will use Object ID’s (OID) to filter the data from the unit.

    Follow these steps to enable SGMS Net Monitor to read the system information from the Email Security Appliance:

    1. Right click the Email Security Icon on the GMS Net Monitor.
    2. Go to SNMP Options and click SNMP Manage Realtime Monitor.
    3. Use the following Object ID to retrieve the system information from the Email Security Appliance:
      • For the Operating System, use .iso.org.dod.internet.mgmt.mib-2.system.sysDescr[. 1.3.6.1.2.1.1.1 ]
      • For total Uptime, use .iso.org.dod.internet.mgmt.mib-2.system.sysUptime[.1.3.6.1.2.1.1.3]
      • For the Hostname, use .iso.org.dod.internet.mgmt.mib-2.system.sysName[.1.3.6.1.2.1.1.5]
    4. Set a Name for this Net Monitor topic and press the Apply button. This will read out the System information and enable easy identification of the Email Security Appliance when multiple Email Security Appliances are monitored and scheduled for sending out reports with information retrieved via the SNMP Agent.

    Setup Disk Space Monitoring via SNMP

    1. Right click the Email Security Icon on the GMS Net Monitor.
    2. Go to SNMP Options and click SNMP Manage Realtime Monitor.
    3. Use the following Object ID to retrieve the disk space information:
      • For the Total Available Disk Space, use .iso.org.dod.internet.private.enterprises.ucdavis.dskTable.dskEntry.dskTotal & .iso.org.dod.internet.private.enterprises.ucdavis.dskTable.dskEntry.dskAvail [.1.3.6.1.4.1.2021.9.1.6 & .1.3.6.1.4.1.2021.9.1.7]
      • For Total Used Disk Space, use .iso.org.dod.internet.private.enterprises.ucdavis.dskTable.dskEntry.dskTotal &.iso.org.dod.internet.private.enterprises.ucdavis.dskTable.dskEntry.dskUsed [.1.3.6.1.4.1.2021.9.1.6 &.1.3.6.1.4.1.2021.9.1.8]
    4. Set a Name for this Net Monitor topic and press the Apply button.

    Get a Bandwidth Reading for the Interface and the Loopback

    Similar to Disk Space Monitoring, Bandwidth Monitoring requires combining several Object ID’s to get a clear reading from the Email Security Appliance. We will use the plot chart to illustrate the Bandwidth at the moment of the SNMP Get request as the bandwidth is changing constantly. The Email Security Appliance is equipped with 2 network ports where only one (ETH0) is used for the traffic to and from the Email Security Appliance. The other port is the Local Host port for connectivity to the MTA, Firebird and the Hourly batch processes. These steps explain how to retrieve the bidirectional bandwidth data for ETH0 and the Local Host port.

    1. Right click the Email Security Icon on the GMS Net Monitor.
    2. Go to SNMP Options and click SNMP Manage Realtime Monitor.
    3. Use the following Object ID to retrieve the bandwidth information:
      • For the ETH0 Bandwidth, use .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr.1 &.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInOctets.1 &.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOutOctets.1[.1.3.6.1.2.1.2.2.1.2.1 & .1.3.6.1.2.1.2.2.1.10.1 &.1.3.6.1.2.1.2.2.1.16.1]
      • For the Local Host Bandwidth, use .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr.3 &.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInOctets.3 &.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOutOctets.3[.1.3.6.1.2.1.2.2.1.2.3 & .1.3.6.1.2.1.2.2.1.10.3 &.1.3.6.1.2.1.2.2.1.16.3]
    4. Set a Name for this Net Monitor topic and press the Apply button.

     

    Created by P. van Herten
    Edited by J.Spoor

    Related Articles

    • Network Security Essentials eLearning Training Course
    • How do I check if syslogs are getting forwarded by an Email Security Appliance?
    • How to add inbound path in Hosted Email Security

    Categories

    • Email Security > Email Security Appliance
    • Email Security > Email Security Software
    • Email Security > Hosted Email Security

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2023 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top