Monitoring the WatchGuard Firewall

eG Enterprise provides a specialized WatchGuard Firewall monitoring model (see Figure 1), which periodically polls the SNMP MIBs of the firewall to measure the connections, responsiveness, resource usage, and VPN tunnel traffic of the firewall, and notifies administrators of potential resource crunches or configuration issues with the firewall.

Figure 1 : The layer model of the WatchGuard Firewall

Using the metrics reported, administrators can find quick and accurate answers for the following performance questions: 

• What is the current CPU utilization of the firewall?
• How many connections are active on the firewall? Are the connection dropped frequently? If so, how many connections are dropped?
• How well the data and packets are transmitted through the firewall?
• How well the data and packets are transmitted for each firewall policy? How many different error prone packets are discarded for each firewall policy?
• How well the data is transmitted through each VPN pair and VPN tunnel? How many different error prone packets were discarded?
• How well data is transmitted through each protocol for a security association and how many different error prone packets were discarded?

The Network layer of the WatchGuard Firewall model is similar to that of a Windows Generic server model. You can refer to the Monitoring Unix and Windows Servers chapter for details on configuring the tests mapped to the Network layer.