McAfee® Network Security Platform 6.0
Troubleshooting Network Security Platform
31
Manager database is full
We recommend that the customer monitor the disk space on a continuous basis to prevent
this from happening.
If the Manager database or disk space is full, the Manager will unable to process any new
alerts or packet logs. In addition, the Manager may not be able to process any
configuration changes, including policy changes and alert acknowledgement. In fact, the
Manager may stop functioning completely.
To rectify this situation, please perform maintenance operations on the database, including
deleting unnecessary alerts and packet logs. Furthermore, please reevaluate database
capacity planning and sizing, and monitor free space proactively. The Manager is
designed with various file and disk maintenance functions. You can archive alert and
packetlog data and then delete the data to free up disk space. It also provides a
standalone tool for creating database backups that can be archived for emergency
restoration.
The Manager also provides disk maintenance alerts, which send proactive system fault
messages when certain database dependent processes exceed a user-defined threshold
(say 70%). Manager generates faults for various thresholds for database space utilization.
Error on accessing the Configuration page
On some occasions, accessing the Manager Configuration page can result in an error
message. This typically happens if you access various versions of the Manager from the
same client or use the Manager client to access other Web-based applications as well.
This is a Java-cache related issue.
To resolve the issue:
1
On the Manager client, go to
Windows Control Panel > Java > General > Settings
.
2
Click
Delete Files
and then click
OK
in the Delete Temporary Files dialog.
This deletes all Java-related temporary files on the client.
3
Log out of the Manager and close Internet Explorer.
4
Log in to the Manager in a new instance of Internet Explorer.
Sensor response if its throughput is exceeded
Each Sensor model has a limited throughput. For example, the Network Security Platform
2700 Sensor is rated at 600Mbps performance. With the Gigabit interfaces it is
theoretically possible to oversubscribe the limit. What happens in this situation? Will it
throttle the throughput to 600Mbps or will you just lose the IPS functionality for everything
more than 600Mbps?
The answer is that the Sensor will drop packets depending on the TCP flow violation
settings.We also have the over-subscription feature where the sensor can inline-forward
traffic without IPS inspection if it is over-subscribed.There could also be false negatives
and the traffic may experience high latency.
It is very important that you stay within the operating parameters of the device you deploy.
If you are actually running at gigabit speeds, you should probably be running an I-3000/I-