Virtual Server Authentications Test

The AAA feature supports authentication, authorization, and auditing for all application traffic. To use AAA, you must configure authentication virtual servers to handle the authentication process. This process ensures that the access is granted only to an authorized user of the network.

If an authentication virtual server is rendered unavailable for a while or is unable to process authentication requests owing to an overload condition, unauthorized users may end up gaining access to critical data on the NetScaler. Sometimes, valid users may also be denied access. To avoid this, you can use this test to continuously monitor the state of your authentication virtual servers, track the flow of requests to and responses from each of these servers, and capture abnormalities before users notice anything amiss.

Target of the test : A NetScaler VPX/MPX

Agent deploying the test : A remote agent

Outputs of the test : One set of results for each authentication virtual server configured on the NetScaler appliance being monitored.

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed

Host

The IP address of the host for which the test is being configured.

NetScaler Username and NetScaler Password

To monitor a NetScaler device, the eG agent should be configured with the credentials of a user with read-only privileges to the target NetScaler device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes.

Confirm Password

Confirm the NetScaler Password by retyping it here.

SSL

The eG agent collects performance metrics by invoking NITRO (NetScaler Interface Through Restful interfaces and Objects) APIs on the target NetScaler device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target NetScaler device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No.

Show Up Server Oly

The default setting of this flag is No; this indicates that this test, by default, monitors all the VPN virtual servers configured on the NetScaler appliance. If you want the test to monitor only those VPN virtual servers that are up and running currently, then set this value to Yes.

Exclude Servers

Provide a comma-separated list of VPN virtual server names or name patterns that need to be excluded from monitoring. By default, this is set to none, indicating that all VPN virtual servers are by default monitored.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Server state

Indicates the current state of this authentication virtual server.

 

The values that this measure reports and their corresponding numeric equivalents have been listed in the table below:

Numeric Value Measure Value
0 Up
1 Down
2 Out of service
3 Transition out of service
4 Down when going out of service
-1 Unknown

Note:

By default, this measure reports the above-mentioned Measure Values to indicate the current state of a virtual server. However, in the graph of this measure, virtual server states will be represented using the corresponding numeric equivalents only.

The Detailed Diagnosis of this measure shows the Service Type, Primary Port and the Primary IP address of the virtual server.

Data received

Indicates the amount of data received by this virtual server during the last measurement period.

MB

 

Data transmitted

Indicates the amount of data transmitted by this virtual server during the last measurement period.

MB

 

Requests

Indicates the number of authentication requests received by this virtual server during the last measurement period.

Number

A high value of this measure could indicate a potential overload.

Responses

Indicates the number of authentication responses sent out by this virtual server during the last measurement period.

Number

If the number of Responses is way too less than the number of Requests, it could indicate a processing bottleneck on the authentication virtual server. This could result in genuine users being denied access or gaining delayed access to resources.