1 / 58

ICmyNet.IS - Networking Information and Monitoring System

ICmyNet.IS - Networking Information and Monitoring System. Content. Concepts Features Monitoring elements Tools Use cases Further development. Architecture and User Interface. Java platform Linux web application server MySQL/PostgreSQL database backend Client access

minty
Télécharger la présentation

ICmyNet.IS - Networking Information and Monitoring System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ICmyNet.IS - Networking Information and Monitoring System

  2. Akademska mreža Srbije www.amres.ac.yu Content • Concepts • Features • Monitoring elements • Tools • Use cases • Further development

  3. Architecture and User Interface Java platform Linux web application server MySQL/PostgreSQL database backend Client access Web Interface - typical user access Standalone client application

  4. Web Interface Independent to OS Web browser – IE, Mozilla Typical usage View and Edit modes

  5. Standalone client application Independent to OS Efficient GUI advanced system configuration Java web-start technology – RMI Automatic download up-to-date software from server, local execution Clients communicate with web server only, no direct access to DB Simplifies technical maintenance and support

  6. Note Keeps arbitrary text data Saving certain information connected to the parent element Example: for Devices - history of comments about hardware changes, distributor of the device, period of guarantee, reaction procedure in the case of network problem etc. for Locations – description of the presented organization for Users – CVs for Ports - troubleshooting procedures in case of failure

  7. User People in charge (helpdesk, administrator, operator, contact, email) Relevant information (name, address, telephone) NetIIS user usernames and passwords Permissions for access to the system – read and write Predefined users: guest – access public data with read permission, no password required administrator – full read/write access to data and all tools

  8. User User Group User and User group

  9. Networking information system Presents all objects from the external world in the most efficient and easily understood way Hierarchically organised and presented by a tree Basic elemets: Folder Location Device Port

  10. Monitoring System Passive and active monitoring the network status – status of devices, ports, links, services Performs: Performance measurement Failure notification Configured on Devices or Ports and in that context are executed

  11. Monitor Permanently and periodically observes the status of the computer network Defined within devices or ports as their children Typical presentation - putting monitors in groups Monitor types: Traffic monitor Port monitor SNMP monitor ping monitor service monior (nagios plug-ins) external monitor

  12. RRD Chart MRTG like chart Arbitrary time frame Defined under the Monitors Purpose: Measures the values of the monitor during a period of time Shows the chart for a chosen period of time

  13. Alarm Defined under the Monitors Compares values of the monitor within given thresholds Alarm activation in the case of criteria fulfilment Can execute the given notification action Two general types Bad Alarm (connection failure) Good Alarm (link recovery) Critical levels in the range from -10 to +10.

  14. Action Action is adjoined to certain Alarms Define in which way the NetIIS system is going to react in the case of alarm activation. There are 2 types of action: E-Mail Action - sends e-mail messages to a certain user or user groups SMS Action - sending SMS messages to a certain user or user groups. Defining messages of arbitrary content that are sent with other parameters connected to adhered alarms and monitor Default Action is notification in the Event log

  15. Traffic Monitor Predefined SNMP monitor under Port object Measures data traffic through the network interface Variables: var(1) and var(2) - Bytes per sec var(3) and var(4) - bits per sec RRD Chart for var(3) and var(4) Input traffic - green colour Output traffic - blue colour Alarms can be set up to react to certain traffic intensity.

  16. Ping Monitor Defined under Device object Executes native ICMP ping service towards this device Measures the results of ping command 6 variables for packet delay and percentage of lost packets • Includes two RRD Chart objects • Ping Delay - measures the minimum and maximum delay of ping packets (var(1) and var(2)) • Ping Loss - measures the percentage of lost packets (var(6)) • Alarms for the Ping Loss percentage

  17. Port Monitor Predefined SNMP monitor under Port object Observes administrative and operational status of the network interfaces var(1) – administrative status (1.3.6.1.2.1.2.2.7) var(2) – operational status (1.3.6.1.2.1.2.2.8) Children: RRD Chart related to administrative and operational statuses Alarms related to the operational status Good Alarm – "var(2) == 1". Message: "Link is UP" BadAlarm –"var(2) != 1". Message is: "Link is DOWN“ Mail action is configured on Alarms with the same message.

  18. Port Monitor Net Trap support Router A Router X DOWN

  19. Ping and Port Monitors usage Router B Packet Loss = 0 % DOWN UP Router A Router X

  20. Pre-defined SNMP Monitors Pre-defined and often used SNMP Monitors are: Packets Monitor BGP Monitor CPU Load Monitor System Memory Monitor

  21. Packet Monitor Measures packets flow on the interface in a similar way to Traffic Monitor Useful in the case of detecting anomalies in the network traffic In the case of DoS attack or an attempt of virus expansion on the network, the network traffic (in bps) does not have to rise, but it will increase the number of packets Two variables: Var(1) - Interface In Packets (unicast) OID= .1.3.6.1.2.1.2.2.1.17 Var(2) - Interface Out Packets (unicast) OID= .1.3.6.1.2.1.2.2.1.18 Unit: Packets per second RRD can be attached to the Monitor

  22. BGP Monitor Measures the status of BGP sessions Monitor in variable var(1) returns the current status of the session with certain peer. OID suffix is required - IP address of the BGP peer .1.3.6.1.2.1.15.3.1.16.147.91.0.112 RRD Chart assigned

  23. CPU Usage Monitor Three variables, the processor utilization in time intervals of 5s, 1min and 5min Correspondent OID’s are not standardised, they are specified exclusively for Cisco devices and belong to the MIB hierarchy of the Cisco Systems RRD Chart refers to the variable var(2), for processor utilization in the time interval of 1min

  24. System Memory Monitor Measures more variables, specified exclusively for Cisco devices Requests input of suffixes to the defined OIDs Processor memory - suffix .1 interface memory - suffix .2, .3 or even higher value RRD Chart refers to variables var(4) and var(8), for the memory usage in percentage.

  25. Service monitor – nagios plug-in

  26. Service monitor – nagios plug-in

  27. Report Selected SNMP variables shown predefined table Executed on the user’s request (on-demand) Recognizes existing monitors and charts

  28. Group Serves for grouping other objects for joint presentation in certain form Objects are grouped by creating shortcuts Objects can be assigned to a number of groups. One group can contain other groups Group types: Simple Group (default) - showing elements in a table format Graph - graphical presentation of the topology Looking Glass - joins devices that enable remote command execution - Looking Glass functionality

  29. Group

  30. Data hierarchy Setup process

  31. Link hierarchy Network topology

  32. Link hierarchy Network topology

  33. AutoDiscovery AutoDiscovery function aims: Easing the initial database population Updating - topology, new devices and relevant data AutoDiscovery types: Device Attributes Discovery – system data Ports Discovery - interfaces data CDP Neighbours Discovery – likn topology Layer 3 Hosts Discovery – ARP table Discovery on hop-by-hop basis Better overview and control over the process No retrieval of the entire network Possibility of clear database organisation in the system

  34. AutoDiscovery Lokacija 1 Ruter 1 Lokacija A Serial 0 Serial 0 Serial 1 Router A Serial 1 M M PC1 PC5 Ruter A PC2 PC4 Ruter B PC3 Ruter C Ruter A1 Ruter D Ruter A2 Ruter A3 Ruter A3 Lokacija A3 • Model • Warranty • Contract number • …

  35. Other Concepts Repository inactive predifined objects Recycle Bin deleted objects Tools Event Log Alerts Chart viewer SLA reports Search panel

  36. Event Log

  37. Alerts Current alerts (active alarms)

  38. Chart viewer

  39. SLA report Service Availability Statistics

  40. Use case corporate network example

More Related