HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 85

4 Displaying and Resetting Secure Fabric OS Statistics Secure Fabric OS provides several statistics regarding attempted policy violations. This includes events such as the following: • A DCC policy exists that defines which devices are authorized to access which switch (port) combinations, and a device that is not listed in the policy tries to access one of the defined switch (port) combinations. • An attempt is made to log in to an account with an incorrect password. The statistics for all DCC policies are added together. Note Rebooting the switch resets all the statistics. Secure Fabric OS statistics also can be monitored through Fabric Watch. Each statistic indicates the number of times the monitored event has occurred since the statistics were last reset (secStatsReset command). For the Telnet policy, this includes all the automated login attempts made by the sectelnet or SSH client software, in addition to the actual attempts made by the user. On dual-CP directors, statistics are maintained separately on each CP and are counted only on the active CP. If a director fails over from the active to the standby CP, statistics are not replicated to the standby CP. The names of the Secure Fabric OS statistics and their definitions are provided in Table 4-2. Table 4-2 Secure Fabric OS Statistics Statistic Definition API_POLICY The number of attempted violations to the API policy (includes automated attempts made by client software). AUTH_FAIL (SLAP failures) The switch received a SLAP that it could not verify, possibly due to bad certificates, bad signature, the other side not performing SLAP, or SLAP packets that were received out of sequence. This counter is not advanced if SLAP protocol does not complete, which can happen when a switch that does not have secure mode enabled is attached to a switch that does. DCC_POLICY The number of attempted violations to the DCC policy. Note: Fabric OS v4.4.0, v5.0.1, v5.1.0, and v5.2.0 increases the counter by 1 for each drive in a JBOD; Fabric OS v3.2.0 increases the counter by 1 for the entire JBOD. FRONTPANEL_POLICY The number of attempted violations to the Front Panel policy. HTTP_POLICY The number of attempted violations to the HTTP policy. ILLEGAL_CMD (illegal command) The number of times a command is issued on a switch where it is not allowed (such as entering secModeDisable on a non-FCS switch). INCOMP_DB Secure Fabric OS databases are incompatible; might be due to different (incompatible Secure Fabric version numbers, time stamps, FCS policies, or secure mode status. OS database) Secure Fabric OS Administrator's Guide 4-5 Publication Number: 53-1000244-01