Slide 1 - www.wmcug.org

righteousgaggleΔιαχείριση Δεδομένων

31 Ιαν 2013 (πριν από 4 χρόνια και 5 μήνες)

117 εμφανίσεις

Introduction to Network
Monitoring and Management
using Open Source Tools

Network Management

Jorge Paramo

Network / Security Administrator

LeanLogistics, Inc.


jorge@madspaniard.com

Who am I?


detect
F
aults, and send notifications


maintain
C
onfiguration revisions


A
ccounting information (logins / logouts)


maintain
P
erformance information


manage the
S
ecurity on the network


FCAPS

Why Monitor the Network


The goal of fault management is to recognize,
isolate, correct and log faults that occur in the
network.


Fault management is concerned with detecting
network faults, logging this information,
contacting the appropriate person, and
ultimately fixing a problem.


Fcaps

FAULT


The goals of configuration management are to
gather/set/track configurations of the devices.
Configuration management is concerned with
monitoring system configuration information, and
any changes that take place. This area is
especially important, since many network issues
arise as a direct result of changes made to
configuration files, updated software versions, or
changes to system hardware.


fCaps

CONFIGURATION

The goal is to gather usage statistics for users.
Accounting management is concerned with
tracking network utilization information, such that
individual users, departments, or business units
can be appropriately billed or charged for
accounting purposes.

fcAps

ACCOUNTING

The goal is to both prepare the network for the
future, as well as to determine the efficiency of
the current network. Performance management
is focused on ensuring that network
performance remains at acceptable levels. This
area is concerned with gathering regular
network performance data such as network
response times, packet loss rates, link utilization,
and so forth

fcaPs

PERFORMANCE

The goal of security management is to control
access to assets in the network. It uses firewalls
to monitor and control external access points to
one's network.Security management is not only
concerned with ensuring that a network
environment is secure, but also that gathered
security
-
related information is analyzed
regularly.

fcapS

SECURITY


Static information


Documentation



Dynamic information


SNMP


RMON


NetFlow/sflow


EMM (Cisco Embedded Event Manager)

Ways to Manage


Commercial Software


OpenView, Tivoli, CiscoWorks, SiteScope...



Feature
-
limited packages


PRTG, Spiceworks, Solarwinds...



Free Vendor tools


Cisco Network Assistant...



Open Source

What Options do I have?


License free computer software that
makes its source code available to the
community.


Users can study, change and improve the
software.

What is Open Source?


It is not malware!


Source code is available for modification


Not tied to a specific company


Community Support


Usually it is license free



Some packages only run on Linux


Should I use Open Source?


Linux


Apache


MySQL


php



Windows


IIS / Apache


PostgreSQL


JDK (Java)

Common Software
Reqs
.


Centralized


Easier to deploy


Scalability pains



Distributed


Reliability of components


More complex deployment

Deployments

Fault


OpenNMS


zenoss


Nagios


Munin


Zabbix


spiceworks

Change Management


Mercurial


Rancid


RCS


SVN


Netdisco

Accounting



TACACS

Some
OpenSource

Tools

Performance


Cricket


IFPFM


MRTG


arts (netflow/sflow)


ntop


smokeping


Security


SNORT


Samhain


splunk


OSSEC


Nessus


Untangle


Backtrack


SiLK

How do I use OpenSource tools..


Zenoss

Smokeping

RANCID

Cacti

phpIP

Netflows

splunk

Demonstration

Where to find software:


http://www.slac.stanford.edu/xorg/nmtf/nmtf
-
tools.html


http://www.networkbones.com/



Bootable CDs:


CactiEZ
-

http://cactiez.cactiusers.org/


SiLK
-

http://tools.netsa.cert.org/silk/livecd.html


Backtrack4
-

http://www.backtrack
-
linux.org/downloads

Links of interest

Anything goes...

Questions…..