Alerts

Alerts

1.      Introduction

Alert subsystem is an integral part of any system. NetCyte NAC supports SMTP (e-mail) and SMS (Text to Mobile Phone) based notifications. Different types of alerts can be routed, related person or team.

2.      Alert

Before proceeding to alert configurations, you should define SMS Provider for sending SMS messages and SMTP server for sending e-mails.

a.      Defining SMTP Server and SMS Provider

                                     I.            SMTP Server

To define your SMTP server navigate to  SettingsàAlert SettingsàAlert Setting. You can edit default parameters which are created by the system automatically by selecting the edit button.


Figure 1 SMTP Server Settings

You should update fields according to your environment

Parameter

Explanation

E-Mail Server

IP Address of the SMTP Server.

E-Mail From

Mail address used by NAC Server. It is shown in the From field of generated emails.

SMTP Port

TCP port of your SMTP Server.

E-Mail Message

Subject Field of Mail messages generated from NAC Server.

Suppress Interval

How often same messages sent to the recipient. It is a global timer.

Secure Connection Option

How connection is secured between the NAC Server and SMTP server. Supported secure connection methods are TLS and SSL.

Send Authenticated E-mail

If you require authentication before sending any mail, enable this option. If it is not enabled, NAC server IP address should be added to Relay hosts in your mail server.

E-Mail User

Mail address used for authentication. It is valid only you select Send Authenticaticated E-mail option.

E-Mail User Password

Password of the e-mail user.

Table 1 SMTP Server Parameters

                                   II.            SMS Provider and SMS Settings

SMS  related settings can be done under Global Settings. First, you select the SMS provider. Currently, 18 different SMS provider service is available out-off box. You can use one of them, or you can integrate your SMS service provider easily.


Figure 2 Integrated SMS Providers

After deciding or defining the SMS providers, you need to set up parameter using Global Settings.  To Edit settings, Navigate to SettingsàGlobal SettingàGlobal SettingàAll Settings and use     icon to search SMS related settings, as shown below figure.


Figure 3 SMS Settings Parameters

SMS Setting Parameters:

Parameter Name

Explanations

SEND SMS FOR ALERTS

Enable/Disable Sending Alerts via SMS.

SMS OPERATOR NAME

Name of operator defined in the SMS Provider list will be used sending SMS.

SMS USER NAME

User name information for SMS Service.

SMS PASSWORD

User Password information for SMS Service.

SMS CHANNEL CODE

Channel Code information for SMS Service.

Table 2 SMS Settings Parameter Definitions

After finishing set up SMTP or SMS service information, you can define alert relay settings.

b.      Alert Notification Rules

Alert notification rules define which type of alerts will be sent to which mail addresses. To set the Notification rules, navigate to SettingsàAlert Settingà Notification Rules.


Figure 4 Alert Notification Rules

Alerts are grouped into categories, and each category has the following attributes:

Suppression Interval: How often the same alert will be sent.

E-mail Adress: Email address where alerts will be sent.

SMS Number: SMS number where alerts will be sent.

Alert Categories:

Category Name

Explanations

All Notifications

All Notification regardless of Categories.

Critical Notifications

Critical System Notifications, Like CPU or Memory usage.

Captive Portal Events

Captive Portal Events like authentication or new user registration.

Captive Portal Problems

Captive Portal Problems like Authentication failures or user approval.

IP Address Compliance

Client IP Address uncompliant to Inventory Policies.

SMS Errors

SMS sending errors.

Network Device Problems

Network Device Communication Problems (SNMP or SSH connection).

System Health

Alerts Related with NAC Service status.

Device Blocking Problems

Alerts Related with Device Blocking (excessive blocking attempts or failed blocking attempts)

LDAP Account Validity

LDAP user validation alert. Checks Enumeration user account valid or not. If Account has problems, locked or invalid password, then an alert is generated.

Database Access Problems

Alerts related to Database Connection.

Device Blocking Events

Successful device blocking or unblocking events.

Table 3 Alert Category Definitions

According to the above alert category definitions, you can assign different alerts to different users or groups by editing e-mail address or SMS number.

After defining alert rules, the system starts to send related alerts to target recipients.

c.       Viewing Generated Alerts

You can track system-generated alerts by navigating  Block&Audit Management à Engine Logs à Notification History Logs menu. Under this menu, you can see all alerts are generated and sent by the system.



    • Related Articles

    • Inventory Rules

      1.      Introduction  Although granting network access only to authenticated and legitimate devices is of utmost importance, keeping the security posture at a high level is also necessary. Inventory Rules is used for continuously checking your ...