IDPS Tab in Gateway Dashboard

The IDPS tab under Manage > Overview in the gateway dashboard displays the following sections, in addition to the Actions and Go Live functions that can be performed:

Traffic Inspection Engine Status
Traffic Inspection Engine CPU Usage
Traffic Inspection Engine Memory Usage
Dropped Packets
Actions
Go Live

After you on-board the gateways and configure IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it., you can view the IDPS traffic engine health and the number of packets dropped.

To navigate to the IDPS tab in the gateway dashboard, complete the following steps:

In the WebUI, set the filter to one of the options under groups, labels, or sites that has IDPS supported gateways. For all devices, set the filter to Global. The dashboard context for the selected filter is displayed.
The dashboard context for the selected filter is displayed.
Under Manage > Devices, click the Gateways tab.
A list of gateways is displayed in List view.
Click a gateway under Device Name.
The dashboard context for the specific gateway is displayed.
Under Manage, click Overview > IDPS .

To exit the gateway dashboard, click the back arrow on the filter.

You can change the time range for the IDPS tab by clicking the time range filter and selecting one of the available options: 3 hours, 1 day, 1 week, 1 month, and 3 months.

To set the charts to show data for specific duration, use the options in the time range filter. By default, the data is displayed for a duration of 3 hours. To view the graphs for different durations, click the time filter icon and select a time range of your choice. You can view data for 3 hours, 1 day, 1 week, 1 month, or 3 months.
The IDPS tab is displayed for 9004 gateways with a valid IDPS subscription.

Traffic Inspection Engine Status

The Traffic Inspection Engine Status chart displays the status of the traffic inspection engine for the selected period in a timeline chart. Hover over the graph to view the status of the traffic inspection engine at a particular time. The legends represent different status of the traffic inspection engine.

The Traffic Inspection Engine Status chart is available for a period of 3 hours, 1 day, 1 week, or 1 month.

Figure 1 Traffic Inspection Engine Status

Traffic Inspection Engine CPU Usage

The Traffic Inspection Engine CPU Usage chart displays the CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. usage percentage of the traffic inspection engine for the selected period in a line chart. Hover over the graph to view the CPU usage percentage at a particular time.

Figure 2 Traffic Inspection Engine CPU Usage

Traffic Inspection Engine Memory Usage

The Traffic Inspection Engine Memory Usage chart displays the percentage of memory used by the traffic inspection engine for the selected period in a line chart. Hover over the graph to view the memory usage percentage at a particular time.

The memory consumption by traffic inspection engine is capped to a certain value on each gateway model based on the available memory. Once that limit is reached, engine restarts.

The following table lists the memory limit for each gateway model.

Table 1: Memory Capacity on HPE Aruba Networking Gateways
Gateway Model	Capacity
HPE Aruba Networking 9004	1.8 GB
HPE Aruba Networking 9004-LTE Long Term Evolution. LTE is a 4G wireless communication standard that provides high-speed wireless communication for mobile phones and data terminals. See 4G.	1.8 GB
HPE Aruba Networking 9012	1.8 GB
HPE Aruba Networking 9114	14 GB
HPE Aruba Networking 9240	30 GB

Figure 3 Traffic Inspection Engine Memory Usage

Dropped Packets

The Dropped Packets chart displays the number of packets dropped for the selected period in a vertical bar chart. Hover over the graph to view the packets dropped at a particular time.

Figure 4 Dropped Packets

Actions

The Actions drop-down list contains the following options (the Clear IPSec SA Security Association. SA is the establishment of shared security attributes between two network entities to support secure communication., and Clear ISAKMP Internet Security Association and Key Management Protocol. ISAKMP is used for establishing Security Associations and cryptographic keys in an Internet environment. SA options are available for tunnels only):

Reboot Gateway—Reboots the gateway. For more information, see Rebooting a Gateway.
Open Remote Console—Opens the remote console for a CLI session through SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. . The default user ID is admin, but you can edit and customize the user ID. This custom user ID must be mapped to the device. For more information, see Opening a Remote Console
Clear IPSec SA—Clears the IPSec Security Associations (SA). For more information, see Clearing IPSec SA.
Clear ISAKMP SA—Clears the ISAKMP SA. For more information, see Clearing ISAKMP SA.

Go Live

The Go Live link redirects to the Manage > WAN > Summary tab in the gateway dashboard. For more information, see Navigating to the WAN Summary Tab.