SDM Security Audit
Using SDM monitor mode

In monitor mode, Cisco SDM provides a quick, graphical status of key router resources and performance measurements such as the interface status, CPU, and memory usage. Cisco SDM takes advantage of integrated routing and security features on routers to provide in-depth diagnostics and troubleshooting of WAN and VPN connections. For example, while troubleshooting a failed VPN connection, the Cisco SDM verifies the router configurations and connectivity from the WAN interface layer to the IPSec Crypto Map layer. While testing configuration and remote peer connectivity at each layer, Cisco SDM provides pass or fail status, possible reasons of failure, and Cisco TAC-recommended actions for recovery.

Cisco SDM Monitor mode also allows administrators to view the number of network access attempts that were denied by the Cisco IOS Firewall, and it provides easy access to the firewall log. Administrators can also monitor detailed VPN status, such as the number of packets encrypted or decrypted by IPSec tunnels, and Easy VPN client session details.

The monitor function includes the following elements :

  • Overview – Displays the router status including a list of the error log entries.
  • Interface Status – Used to select the interface to monitor and the conditions (for example, packets and errors, in or out) to view.
  • Firewall Status – Displays a log showing the number of entry attempts that were denied by the firewall.
  • VPN Status – Displays statistics about active VPN connections on the router.
  • QoS Status – Display statistics on Quality of Service (QoS) configured on router.
  • Logging – Displays an event log categorized by severity level.