Monitoring Resources
Viewing Information on Resource Usage
E-2
Viewing Information on Resource Usage
The switch allows you to view information about the current usage and
availability of resources in the Policy Enforcement engine, including the
following software features:
■
Access control lists (ACLs)
■
Quality-of-service (QoS) policies
Dynamic assignment of port-based ACLs through RADIUS authentication,
■
with or without the optional identity-driven management (IDM) applica-
tion
■
Virus throttling (using connection-rate filtering)
■
ICMP rate-limiting
Management VLAN
■
■
DHCP snooping
■
Dynamic ARP protection
Switch configuration as an endpoint for remote mirroring
■
Policy Enforcement Engine
The Policy Enforcement engine is the hardware element in the switch that
manages quality-of-service and ACL policies, as well as other software fea-
tures, using the rules that you configure. Resource usage in the Policy Enforce-
ment engine is based on how these features are configured on the switch.
Figure E1 on page E-4 shows an example of how resource usage is displayed
for port groups on a series 3500yl switch.
Resource usage by dynamic port ACLs and virus-throttling is determined as
follows:
■
Dynamic port ACLs configured by a RADIUS server (with or without the
optional IDM application) for an authenticated client determine the cur-
rent resource consumption for this feature on a specified slot (5400zl
switches) or port group (3500yl or 6200yl switches). When a client session
ends, the resources in use for that client become available for other uses.
A virus-throttling configuration (connection-rate filtering) on the switch
■
does not affect switch resources unless traffic behavior has triggered
either a throttling or blocking action on the traffic from one or more
clients. When the throttling action ceases or a blocked client is unblocked,
the resources used for that action are released.