AAA Stats Test
Data security is one of the important features that you must consider while making the data accessible to public over the Internet. Authenticating the user requesting for an access to the network resources is one of the methods to secure data for unauthorized access.
On a NetScaler appliance, you can use various authentication techniques to secure the data. One of the techniques is the Authentication, Authorization, and Accounting (AAA) technique which can be used when the Secure Socket Layer (SSL) Virtual Private Network (VPN) is deployed on your network. The AAA authentication technique includes three steps to secure the network. The first process, Authentication, ensures that the access is granted only to an authorized user of the network. The second process, Authorization, ensures that depending on the profile of the user, the user is authorized to perform only a set of specific tasks on the network. And finally the third process, Accounting, measures the resources the user has used during a session.
This test enables administrators to measure the effectiveness of the AAA authentication technique. This test monitors the AAA sessions on the NetScaler and reports the count and percentage of authentications that were successful and those that failed on the NetScaler. This way, the test turns the spotlight on unauthorized access attempts that were detected and prevented by the AAA technique.
Target of the test : A NetScaler VPX/MPX
Agent deploying the test : A remote agent
Outputs of the test : One set of results for the NetScaler appliance being monitored.
| Parameter | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The IP address of the host for which the test is being configured. |
|
NetScaler Username and NetScaler Password |
To monitor a NetScaler device, the eG agent should be configured with the credentials of a user with read-only privileges to the target NetScaler device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes. |
|
Confirm Password |
Confirm the NetScaler Password by retyping it here. |
|
SSL |
The eG agent collects performance metrics by invoking NITRO (NetScaler Interface Through Restful interfaces and Objects) APIs on the target NetScaler device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target NetScaler device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No. |
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Authentication successes |
Indicates the number of user authentications that were successful during the last measurement period. |
Number |
|
|
Authentication failures |
Indicates the user authentications that failed during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
|
Percent of authentication successes |
Indicates the percentage of user authentications that is currently successful. |
Percent |
A high value is desired for this measure. |
|
HTTP authorization successes |
Indicates the number of HTTP connections from the user that were authorized successfully during the last measurement period. |
Number |
|
|
HTTP authorization failures |
Indicates the number of HTTP connections from the user that failed authorization during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
|
Percent of HTTP authorization successes |
Indicates the percentage of current HTTP connections from the user that is authorized successfully. |
Number |
A high value is desired for this measure. |
|
Non HTTP authorization successes |
Indicates the number of connections other than the HTTP connections that were authorized successfully during the last measurement period. |
Number |
|
|
Non HTTP authorization failures |
Indicates the number of connections other than the HTTP connections that failed authorization during the last measurement period. |
Number |
A high value is indicative of too many authentication failures. You may want to investigate the reason for this phenomenon. |
|
AAA sessions |
Indicates the number of AAA sessions during the last measurement period. |
Number |
|
|
Timed out AAA sessions |
Indicates the number of AAA sessions that timed out during the last measurement period. |
Number |
ADC maintains a session timeout after which users must authenticate again to regain access to the intranet. This timeout is configurable. If the value of this measure is very high - i.e., timeouts appear to be occurring too often - you may want to consider changing this timeout value. |
|
Current ICA sessions only |
Indicates the number of ICA sessions during the last measurement period. |
Number |
|
|
Current ICA connections_smart access |
Indicates the number of ICA sessions with smart access during the last measurement period. |
Number |
|
|
Current ICA connections only |
Indicates the number of ICA connections during the last measurement period. |
Number |
|
|
Current TM sessions |
Indicates the number of TM sessions during the last measurement period. |
Number |
|
