29.1 SNMP Architecture in Access Manager

Access Manager introduces the following components to work with any third-party monitoring software using SNMP:

Master Agent: Runs as a service in Administration Console and listens to Sub Agents registered with it.
Sub Agent: A managed device that is registered with Master Agent and exchanges information with it using TCP port 705.
Management Information base (MIB) file: Contains a hierarchical list of variables and defines the information provided by devices. Each variable in this list is read-only and uniquely identified by an OID (Object Identifier).

This MIB file contains all attributes of Identity Server and Access Gateway available to monitor the state of the system. Figure 29-1 illustrates how Administration Console uses SNMP to monitor Identity Server and Access Gateway.

Master Agent runs as a separate service and Sub Agents are registered with Master Agent. Administration Console gathers statistics from all devices and acts as a centralized repository for any monitoring tool to access the data by using SNMP. External NMS contacts Administration Console to get the data from Identity Server or Access Gateway by using SNMP. For this communication, NMS uses UDP port 161 by default.

In a clustered Administration Console setup, devices send statistics to the secondary Administration Console in case the primary Administration Console is down.

Master Agent is automatically installed when you install or upgrade Access Manager.

Figure 29-1 Architecture of SNMP Components in Access Manager