Why does Stonesoft support ask for sginfo files?
(5 votes, average: 5.00 out of 5)
Loading ...Have you ever been in the situation where you needed Stonesoft Support to help you troubleshoot a problem you are having only to be told to send them an sginfo and they will investigate? Ever wonder why?
The reason the support team at Stonesoft ask for an sginfo(s) is due to the amount of information it provides them. When the script is run against their firewalls, ips, and sslvpn, it provides a snapshot of what is going on with that appliance right at that moment. It provides them with such information as.
- Dmesg
- Boot / Shutdown information
- Connections currently in the log buffer
- Connections currently in the Connection Table
- Interface information
- Memory usage
- Processes running
- VPN information (FW only)
- Routing
- Communication status between SG elements
- Cluster status
- Policy installation
- Versions
- load
- Heartbeat health
This is just a quick subset of information that can be seen from an sginfo. Sometimes when you are having issues with rules or routing, support might request unencrypted sginfos. When these are requested it provides the support staff with the ability to read your rulebase right from the sginfo and see exactly what the engine sees. Please also realize that for support to analyze all the data that is included in the sginfo alone could take some time, so please allow them this time to find the correct solution to your situation.
That said, the information provided in these sginfos is invaluable to our support staff and therefore can be asked for quite often through the course of troubleshooting your issue since it is their eyes and ears into your network. They also recommend to double-click the Support Request Checklist prior to opening a ticket. It could save you time by providing the information before the support staff request it. It is always better to have too much information versus not enough to troubleshoot your issue.
I hope this provides you with a better understanding of why sginfos are needed with troubleshooting your issue.
Recent Comments