Monitoring SD-WAN for Versa

casp1031
CA Spectrum 10.3.1 supports monitoring of Versa devices through CA VNA integration. When CA Spectrum is integrated with CA VNA (configured with Versa plug-in), CA Spectrum receives the inventory information of the Versa devices through CA VNA. 
CA VNA configured with Versa plug-in. acts as an SDN Gateway to collect Versa inventory information and forwards information to CA Spectrum. Ensure that the CA VNA must be configured with Versa plug-in.
The CA Spectrum and CA VNA integration fetches the following Versa entities inventory information and displays under the SDN Manager hierarchy in OneClick.
  • Sites
  • Branch Router
  • Director
  • Controller
  • Policy Group
image (4).png
This integration supports Versa entities synchronization. When the CA Spectrum and CA VNA integration is enabled, synchronization happens automatically at the scheduled time interval. Additions, deletions, and modifications of Versa entities in a Versa environment are reflected in CA Spectrum.
Versa Topology
CA Spectrum displays topology for Versa devices.
Topology for Controller 
The overlay topology is seen by clicking the controller, it displays the devices and how they are connected through the various transports
Versa Topology.JPG
Versa Inventory
You can view the Versa entities such as Branch Router, vBond, Controller, Director in the OneClick console. Logical entities such as Sites and Policy Groups can also be viewed in the OneClick Navigation page. A new container '
VNA Inventory
' is created under Universe view, this container has the Versa entities. In the Explorer View, 
SDN Manager
  provides a more detailed hierarchy i.e.
 Domain > Sites > Policy Groups > Policy > branch routers
, compared to the 
VNA Inventory
 view, which only displays the hierarchy of branch routers and associated Tunnels. 
Reconciling Versa Entity Data in CA Spectrum
During CA VNA data synchronization, when a new Versa entity is created in versa, it is reported to CA Spectrum. Spectrum performs a search to identify if this entity was modeled during CA Spectrum discovery and modeling. If such an existing model is found, CA Spectrum reconciles the CA Versa entity information with the existing model, instead of creating a model.
Interfaces Information
As a user you can see the tunnels that are associated with the interfaces under the 
Interfaces
tab. 
  • Tunnels
  • Physical Interfaces 
  • Transport
SDN Tunnels associated to Branch Router Interfaces
The Interfaces tab in the Component Details panel shows all the tunnels information which is associated to the selected branch router.
Interfaces.JPG
Policy Group
As a user you can see the edge router to which the policy group is applied: 
Versa 4.JPG
Policies Information
On clicking the policy, as a user you can see the metrics that are associated with the policy and the SLA paths applied. For branch routers, associated policy and policy group information is displayed in the
Information
tab of the contents panel.
Branch router router Policy Information
Policy versa.JPG
SLA Path
As a user you can see the edge devices and their transport associated with the SLA path:
Versa 3.JPG
Events Generated in Versa Analytics
The following table provides information about the supported alarm types, threshold values, and the default destination to which the alarms are exported. Following are the events that are generated under Versa analytics and pulled into Spectrum:
Alarm Type
Description
Default Destination
cpu-utilization
Generated when datapath CPU utilization exceeds configured threshold value.
snmp, syslog, analytics
mem-utilization
Generated when datapath memory utilization exceeds configured threshold value.
snmp, syslog, analytics
disk-utilization
Generated when disk utilization exceeds configured threshold value.
snmp, syslog, analytics
org-session-utilization
Generated when number of sessions of an org exceed configured number of sessions.
snmp, syslog, analytics
device-session-utilization
Generated when number of sessions exceeds configured number of sessions for a device/appliance.
snmp, syslog, analytics
Interface-down
Generated when an interface (or sub-interface) goes down.
snmp, syslog, analytics
uplink-bw-threshold
Generated when current uplink bandwidth exceeds configured uplink bandwidth of an interface.
snmp, syslog, analytics
dnlink-bw-threshold
Generated when current downlink bandwidth exceeds configured uplink bandwidth of an interface.
snmp, syslog, analytics
adc-server-down
Generated when backend server does not respond to ADC monitors for a specified amount of time. Once server is marked down, it is not considered for load balancing.
snmp, syslog, analytics
adc-vservice-down
Generated when all backend servers attached to virtual service are declared down because of monitor health failure. No traffic is served by this virtual service (VIP).
snmp, syslog, analytics
cgnat-pool-utilization
Generated when CGNAT pool exceeds configured threshold value or when pool is exhausted.
snmp, syslog, analytics
snat-pool-utilization
Generated when SNAT pool exceeds configured threshold value or when pool is exhausted.
snmp, syslog, analytics
ipsec-tunneldown
Generated when IPSEC tunnel with a peer goes down.
snmp, syslog, analytics
ipsec-ike-down
Generated when IKE connection that is established with a peer goes down.
snmp, syslog, analytics
bgp-nbr-state-change
Generated when BGP between peers goes down or comes back up.
snmp, syslog, analytics
vrrp-v3-new-master
Generated when VRRP router transitions to the MASTER state.
snmp, syslog, analytics
vrrp-v3-new-backup
Generated when VRRP router transitions to the backup state.
snmp, syslog, analytics
vrrp-v3-proto-error
This notification indicates that the VRRP router has encountered protocol error like version mismatch, checksum error, or VRRP group id mismatch.
snmp, syslog, analytics
ddos-threshold
Generated when DDOS traffic exceeds configured aggregate/classified DDOS threshold.
snmp, syslog, analytics
zone-protection-flood
Generated when flood traffic exceeds configured zone protection threshold value.
snmp, syslog, analytics
port-scan-flood
Generated when PORT-SCAN from a source to destination exceeds configured zone protection profile value.
snmp, syslog, analytics
sdwan-branch-disconnect
Generated a branch gets disconnected from Controller.
snmp, syslog, analytics
sdwan-datapath-down
Generated when all paths between two branches go down.
analytics (From Controller)
dhcp-pool-utilization
Generated when DHCP addresses are exhausted and no more addresses can be allocated from DHCP address pools.
snmp, syslog, analytics
software-trial-expired
Versa appliance trial period expired.
snmp, syslog, analytics
software-trial-error
Versa appliance trial key tampered.
snmp, syslog, analytics
interface-half-duplex
Generated when an interface is detected to be in Half Duplex mode.
snmp, syslog, analytics
nexthop-down
Generated when nexthop gateway does not respond to monitors for a specified amount of time. Once nexthop is marked down, routes are withdrawn.
snmp, syslog, analytics
monitor-down
Generated when IP destinations that are part of the monitor does not respond to the given type of probe packets for a specified amount of time. Once monitor is marked down, dependent routes are withdrawn and redistribution policies are recomputed.
snmp, syslog, analytics
software-key-about-to-expire
Versa FlexVNF key expires soon. Contact Versa Support to replace with a new key. For unrestricted usage, ensure Versa FlexVNF is subjugated to Versa Director and there is connectivity between Versa FlexVNF and Versa Director.
snmp, syslog, analytics
ha-state-change
Generated when HA state changes from master to slave or vice versa.
snmp, syslog, analytics
ha-sync-status
Generated after configuration sync happens between active and standby. Either sync error (or) sync ok are reported.
snmp, syslog, analytics