Skip to main content

Managing Services

You can easily manage your Zenarmor services on the Zenconsole (Centralized Cloud Management Portal) by performing the tasks explained in this guide.

Services Status

You can view the status of the Zenarmor (Sensei)-related services on the Home page of a node. It provides all critical system-level information you need to manage your node. The following services are listed here:

  • Engine
  • Reporting Database
  • Cloud Agent
  • Cloud Nodes Status

Services Status(Engine, Reporting DB, Cloud Agent)

Figure 1. Services Status(Engine, Reporting DB, Cloud Agent)

You can check whether one of the services is running or not by viewing the related pane on the Home page.

Engine Pane

In this pane, you can view and manage the core packet engine which does all the heavy lifting and packet processing. It provides Start/Stop and Restart buttons for the engine as well as Start on Boot control to set the engine daemon status on a system restart.

Engine Pane

Figure 2. Engine Status Pane

This pane provides details about:

  • Status of the engine (Running/Stopped)
  • Installed engine version and installation time
  • Last update time and signature of the engine

Reporting Database

The Reporting Database pane shows the database status, provides Start/Stop/Restart buttons for the database, and a Start on boot option to allow the database to run after a system restart. This pane provides details about:

  • Status of the reporting database (Running/Stopped)
  • Installed database type(Elasticsearch/MongoDB/SQLite)

Reporting DB Status Pane

Figure 3. Reporting Database Status Pane

info

We highly recommend keeping the ElasticSearch database running at all times since it is the primary database used by Zenarmor.

Cloud Agent Pane

This pane provides details about:

  • Status of the cloud agent (Running/Stopped)
  • Installed agent version and installation time

Cloud Agent Pane

Figure 4. Cloud Agent Pane

Cloud Nodes Status Pane

Cloud threat intelligence servers are used for querying real-time information on threat intelligence and web categorization. Web Categorization and The Cloud Threat Intelligence data are queried in real-time when a connection attempt is made through your network. It allows us to respond to malware and malicious connections quickly in real-time. Two Cloud Reputation servers with the best response times are automatically selected and configured by the engine according to their network response times during the installation and/or initial configuration.

Cloud Nodes Status panel provides detailed information about the followings:

  • Node Name: Name of the cloud reputation server such as US-West, US-Central, US-East, Europe, Australia, Asia, etc.
  • Node Status: Availability of the server (UP/Down)
  • Success Rate: The connection success rate for the server (uptime percentage)

Cloud Nodes Status

Figure 5. Cloud Nodes Status

Enabling Bypass Mode for Packet Engine

For troubleshooting purposes, the packet engine may be run in Bypass Mode. In this mode, the engine does not apply any security controls for traffic and simply passes it through on the protected interfaces. In bypass mode, Zenarmor operates like a dummy L2 bridge.

This feature is useful when investigating incompatible network driver(s), troubleshooting a problem with the packet engine, or resolving issues with other system components such as netmap. If the problem still exists in bypass mode, that means the problem is not related to the packet engine. Rather, it may be a netmap or OS problem.

To enable Bypass mode, hover your mouse over the Engine Pane. This will display engine management buttons on the pane. Click the Enter Bypass button. (Figure 3.)

Engine is in Bypass Mode

Figure 6. Engine is in Bypass Mode

To exit Bypass mode, click the Exit Bypass button after hovering your mouse over the Engine pane.

You may also enable Bypass mode for packet engine on the All Firewalls Dashboard.

To enable Bypass mode on the All Firewalls Dashboard, click on the ... button at the top right corner of the firewall pane. This will open a drop down menu. Click on the Enter Bypass link under the menu.

Enabling Bypass Mode on All Firewalls Dashboard

Figure 7. Enabling Bypass Mode on All Firewalls Dashboard

Start/Stop/Restart of a Service

You can start/stop/restart the Zenarmor-related services on the dashboard.

  • Hover your mouse over the service pane where you want to change the status.
  • To stop/start one of the services, click the Stop or Start button in the service pane.
  • To restart one of the services, click the Restart button in the service pane.

You may also Start/Stop/Restart the packet engine on the All Firewalls Dashboard.

  • To enable stop/start/restart the packet engine on the All Firewalls Dashboard, click on the ... button at the top right corner of the firewall pane. This will open a drop down menu (see Figure 7.).

  • Click on the related link under the menu as you wish.

Enabling/Disabling Start on Boot

Start on boot allows the packet engine or the database to start running after the firewall has been rebooted.

You can enable/disable the Start on boot option:

  • Hover your mouse over the service pane where you want to change the status.
  • Click the Start on boot button in the service pane.