ZoneRanger Allows Single eHealth® Server to Monitor DMZ Devices

THE CHALLENGE

CA (Concord ) eHealth provides availability, latency and capacity planning for network devices and server. These reports are used for capacity planning and fault management. Trend reports that show where network traffic is increasing can be used to identify where network upgrades will provide the best ROI. Baseline reporting allows for easy detection of abnormal network conditions and lead to quicker fault isolation and repair. eHealth Live Health can process traps from the DMZ devices for real-time problem solving.

eHealth collects it’s data by using ICMP to verify device availability and to record network latency. SNMP is used to collect data for reporting. Many sites do not allow ICMP or SNMP access through the firewall into the DMZ. The eHealth solution is to put a remote collector into the DMZ (Distributed eHealth) and to ftp this data up to the main eHealth console. This allows eHealth to monitor DMZ devices but not in real time.  This configuration requires an additional server deployed in the DMZ and Distributed eHealth software.

THE ZONERANGER SOLUTION

Tavve’s ZoneRanger appliance allows eHealth to transparently reach into the DMZ over a single encrypted TCP Port. ICMP and SNMP into the DMZ are sent over one port and SNMP traps to Live eHealth are sent over this same encrypted connection. This allows for one eHealth server to monitor internal and external (DMZ) devices. There are no additional servers in the DMZ to administer (operating system maintenance) or ftp data transfers to rollup. All data is collected in real-time to one central eHealth database. Device discovery is done from the main eHealth console and the discovery results easily modified for the appropriate MIB variables.  Information from multiple ZoneRangers can be forwarded to a single eHealth server or multiple servers.