Enable Fault Isolation capablity for SDM/SDC managed devices to allow CA Spectrum to get devices into suppressed status when SDM/SDC tunnel is off.
Fault Isolation capablity allows CA Spectrum logic (RCA) to suppress alarm conditions for the SDM/SDC managed devices which will avoid to see alarms for all these devices when the "SDM/SDC tunnel goes down"
CA Spectrum Secure Domain Manager with attached Secure Domain Connector Host installation
Devices are not turning into "suppressed" condition even the SDM/SDC tunnel is down and therefore the devices are not contactable via this SDM/SDC tunnel. This may cause all devices managed via this SDM/SDC tunnel to turn into "contact lost" / critical condition. Target is to enable CA Spectrum Fault Isolation and have a "representing" model for the SDC-host device and one model for the SDM/SDC tunnel status. Combined with this then, in case the SDM/SDC tunnel goes down to suppress the SDM/SDC managed devices alarm-status but to have an alarm on the SDM/SDC tunnel.
Find Secure Domain Manager User Guide covering explanation in section "SDConnector Modeling and CA Spectrum Fault Isolation". This is only possible in case the SDDM configuration with "valid SDC" configuration had not created a SDConnector application model. By default - and in case the SecureDomainConnector "Host" is not managed/modeled by CA Spectrum BEFORE importing the SDM configuration - the CA Spectrum default logic will create the SDConnector process application model at time of SDM import. Using the SDConnector process will not enable the full CA Spectrum fault isolation logic.
Therefore it is required to:
- first discover the SDC Host device and to create a device model. Using a pingable model type is sufficient to enable the full CA Spectrum fault isolation.
- once the SDC Host is part of the CA Spectrum modeled devices, then "import" the SDM configuration and find the SDC Host listed in the SDM context.
Once the SDC Host is active and the SDM/SDC tunnel logic works, then discover the devices via this SDC. When the device are discovered and modeled then create an additional "FanOut" model and enable the connection info to allow CA Spectrum fault isolation logic to work for the SDM/SDC tunnel. Find screenshot here:
By default CA Spectrum SecureDomainManager configuration file import will create a SDConnector Process application model which does not support Spectrum full fault isolation capablity.