Working with Link Health Rules

This article discusses how to configure health rules to generate email notifications for connectivity or link quality issues.

Overview of Health Rules

Use the Health Rules screen to configure the Cato Management Application to send email notifications when there are issues related to link connectivity or quality during the configured amount of time. For connectivity rules, you can define the scope for objects that will match the rule for connectivity issues. For quality rules, define the objects that are monitored for link quality threshold on one or more interfaces.

Managing Health Rules

The following sections explain how to create, enable, and manage health rules.

Configuring a Connectivity Health Rule

You can set conditions for the rules (such as only send an alert if the issue persists for a specific duration or if the issue occurs repeatedly), as well as set different rules for one or more connectivity items (such as failover, passive disconnect, disconnect). When you define multiple Conditions, there is an OR relationship between them.

For connectivity health rules that include sites, we recommend that you do not use the Any option. Sites can generate many notifications, because users and groups are regularly disconnecting and connecting.

To configure a Connectivity Health Rule:

From the navigation menu, click Network > Link Health Rules.
From the Connectivity Health Rules tab or section, click New.

The New Connectivity Health Rule panel opens.
Configure the General settings for the rule:
1. Enter a Name for the rule.
2. Click the slider to make sure that the rule is enabled.
Configure the Source settings for the rule:
1. Select the type (for example: site or user).
2. When needed, select a specific item from the drop-down list for that type.
Configure the Condition settings (the On column) for this rule:
1. In On, select one or more items that trigger the rule:
  - Any - Any type of connectivity item
  - Failover - Failover between primary and secondary links, or vice-versa.
  - Primary Disconnect - Link(s) in active state disconnected.
  - Secondary Disconnect - Link(s) in passive state disconnected.
  - Socket Failover - Failover between sockets in HA configuration.
  - Internet as a Transport - Disconnection for links transporting data over the Internet (and not the Cato Cloud)
2. In Limits, you can define time duration or number of connectivity issues that trigger the rule:
  - For disconnect conditions, you can define the time Duration that the link or connection is disconnected before triggering the rule.
  - In Occurrences, you can define how often the connectivity issue occurs before triggering the rule.
  Note
  
  Note: The Limits settings are evaluated as an OR relation.
In Tracking, configure the Email Notifications for this rule. (see below Configuring Tracking Options)
Click Apply. The new rule is added to the rulebase.
Click Save. The Connectivity Health rules are saved to your account.

Monitoring Link Quality with Health Rules

Quality Health Rules let you monitor the link quality between the site and the Cato Cloud. When the quality does not meet a threshold during the configured time frame, the Cato Management Application sends an email notification. A second email is sent after the link quality returns to comply with the threshold for a specific time period.

You can define the scope of a rule for specific sites or groups. In addition, define which links are monitored for interfaces on sites with sockets and IPsec connections. You must configure at least one quality threshold to trigger an email alert according to these categories:

Direction	Traffic that is upstream, downstream, or both
Packet Loss	Percentage of transmitted packets
Distance (msec)	Milliseconds that it takes a packet to travel between the source and the PoP
Jitter (msec)	Delay in milliseconds between packets
Congestion	The volume of packets exceeds the available link capacity, leading to network congestion Congestion is measured across all bandwidth priorities and is triggered if there are any discarded packets for the configured Duration for the rule.

When you select more than one quality threshold, they are evaluated with an OR relationship.

Configuring a Link Quality Health Rule

Configure a quality health rule to monitor the quality of the links between sites and objects in your account and the Cato Cloud. When you define multiple Thresholds, there is an OR relationship between them.

To configure a Health Rule to monitor the link quality:

From the navigation menu, click Network > Link Health Rules.
From the Quality Health Rules tab or section, click New.

The New Quality Alert panel opens.
Configure the General settings for the rule:
1. Enter a Name for the rule.
2. Select the traffic Direction that triggers the rule: Any, Upstream, or Downstream.
3. Click the slider to make sure that the rule is enabled.
Configure the Source settings for the rule:
1. Select the type (for example: site or user).
2. When needed, select a specific item from the drop-down list for that type.
In the Network Interface section, select one or more interfaces for the rule.

To apply the rule to all the interfaces, select Any.

Note

Important! For connections that use IPsec, you must select Any. Otherwise, the quality rule does not monitor the link quality.
In the Condition section, define the link quality conditions that trigger the rule:
1. Select one or more Thresholds, and configure the quality value for each threshold.
2. Define the Duration settings for how long the quality issue for the link continues.
3. In Clear Event, set how long to wait before sending the All Clear email notification.
In Tracking, configure the Email Notifications for this rule. (see below Configuring Tracking Options)
Click Apply. The new rule is added to the rulebase.
Click Save. The Quality Health rules are saved to your account.

Configuring Tracking Options

The Track option lets you create email notifications that are triggered by different rules, such as firewall rules, remote port forwarding rules, health alerts and more.

The Frequency defines how often notifications can be generated by the system. Each occurrence only generates a single alert.

To configure tracking for a rule:

In the Tracking section, click Email Notification, which lets you configure the frequency and select the mailing that is notified when the rule is matched.
In the Frequency section, configure how often an email is sent to the recipients as follows:
- Immediate - an email is sent to the recipients for every occurrence.
- Hourly - an email is sent to the recipients with the first occurrence, and if there are any additional occurrences, then the next email for any additional occurrences follows after 1 hour.
- Daily - an email is sent to the recipients with the first occurrence, and if there are any additional occurrences, then the next email for any additional occurrences follows after 24 hour.
- Weekly - an email is sent to the recipients with the first occurrence, and if there are any additional occurrences, then the next email for any additional occurrences follows after 1 week.
Select a Mailing List whose members receive the alerts, or create a new mailing list by clicking New and defining the name and recipients of the new group.
Click Apply.
Click Save.

Enabling and Disabling Health Rules

To enable or disable a rule:

From the navigation menu, click Network > Link Health Rules.
On the right of the rule, click the icon and from the pop-up menu select Enable or Disable.
Click Save. The rule is enabled or disabled.

Deleting Health Rules

You can delete one or more health rules. After you delete the rules, you cannot undo or restore them.

To delete one or more health rules:

From the navigation menu, click Network > Link Health Rules.
Click the icon and from the pop-up window select Delete Rule.
In the confirmation window, click Delete Rule. The rule is removed.
Click Save. The rule is deleted.