Open Source Based NMS solution - wiki.bdnog.org
Transcript of Open Source Based NMS solution - wiki.bdnog.org
![Page 1: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/1.jpg)
Network Management Automated Intelligence
GZ KabirBDCOM ONLINE LTD.
Open Source Based NMS solution
![Page 2: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/2.jpg)
p Network Managementn Parametersn Componentsn Open Source Toolsn Demonstrationn Q & A
![Page 3: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/3.jpg)
![Page 4: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/4.jpg)
Parametersp Operation:
keeping the network (and the services that the network provides) up and running smoothly. It includes monitoring the network to spot problems as soon as possible, ideally before users are affected.
p Administration:
deals with keeping track of resources in the network and how they are assigned.
p Maintenance: concerned with performing repairs and upgrades. Maintenance also involves corrective and preventive measures to make the managed network run "better”.
p Provisioning:is concerned with configuring resources in the network to support a given service.
![Page 5: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/5.jpg)
So … Network Management is the use of a system thatconstantly monitors a computer network forslow or failing systems and that notifies thenetwork administrator in case of outages viaemail, SMS or other alarms.
subset of the functions involved in networkmanagement.
![Page 6: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/6.jpg)
Network Managementp System & Service monitoring
n Reachability, availabilityp Resource measurement/monitoring
n Capacity planning, availabilityp Performance monitoring (RTT, throughput)p Stats & Accounting/Meteringp Fault Management
n Fault detection, troubleshooting, and trackingn HIDS/HIPS
p Configuration/Change Managementp Coordination
![Page 7: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/7.jpg)
A network in operation needs to be monitored in order to:-Deliver projected SLAs (Service Level
Agreements)-SLAs depend on policy
p What does your management expect?p What do your users expect?p What do your customers expect?p What does the rest of the Internet expect?
- What’s good enough? 99.999% Uptime?è There's no such thing as 100% uptime (as we’ll see) à
Expectations
![Page 8: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/8.jpg)
What does it take to deliver 99.9 % uptime?30.5 days x 24 hours = 732 hours a month(732– (732 x .999)) x 60 = 44 minutes
only 44 minutes of downtime a month!
Need to shutdown 1 hour / week?(732 – 4) / 732x 100 = 99.4 %Remember to take planned maintenance into account in your
calculations, and inform your users/customers if they are included/excluded in the SLA
How is availability measured?In the core? End-to-end? From the Internet?
�Uptime�Expectations
![Page 9: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/9.jpg)
BaseliningWhat is normal for your network?If you�ve never measured or monitored your network
you will need to know things like:n Typical load on links (è Cacti)n Level of jitter between endpoints (è Smokeping)n Typical percent usage of resources (è LibreNMS)
p Typical amounts of �noise�:p Network scansp Dropped datap Reported errors or failures
![Page 10: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/10.jpg)
Know when to upgrade- Is your bandwidth usage too high?
- Where is your traffic going?
- Do you need to get a faster line, or more providers?
- Is the equipment too old?
Keep an audit trace of changes- Record all changes
- Makes it easier to find cause of problems due to
upgrades and configuration changes
Maintain history of network operationsn Using a ticket system lets you keep a history of events.
n Allows you to defend yourself and verify what happened
Why do all this?
![Page 11: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/11.jpg)
ComponentspAvailabilitypReliabilitypPerformancepConfiguration Mgmt & MonitoringpNetwork Forensicp Intrusion Detection …p …. p …..pCoordination
![Page 12: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/12.jpg)
Toolsn Diagnostic tools – used to test connectivity, ascertainthat a location is reachable, or a device is up – usuallyactive tools
n Monitoring tools – tools running in the background(”daemons” or services), which collect events, but canalso initiate their own probes (using diagnostic tools),and recording the output, in a scheduled fashion.
![Page 13: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/13.jpg)
Toolsp Active tools
n Ping – test connectivity to a hostn Traceroute – show path to a hostn MTR – combination of ping + tracerouten SNMP collectors (polling)
p Passive toolsn log monitoring, SNMP trap receivers
p Automated toolsn SmokePing – record and graph latency to a
set of hosts, using ICMP (Ping) or other protocols
n MRTG – record and graph bandwidth usage on a switch port or network link, at regular intervals
n So MANY More .....
![Page 14: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/14.jpg)
Tools … Reliabilityp SmokePing
n Keeps track of your network latency:n Best of breed latency visualisation.
n Interactive graph explorer.n Wide range of latency measurment plugins.
n Master/Slave System for distributed measurement.n Highly configurable alerting system.n Live Latency Charts with the most 'interesting' graphs.
n Free and OpenSource Software written in Perl
![Page 15: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/15.jpg)
Tools … SmokePing
![Page 16: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/16.jpg)
Tools … SmokePing
![Page 17: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/17.jpg)
Tools … Performancep Cacti/MRTG
n A tool to monitor, store and present network and system/server statistics
n Designed around RRDTool with a specialemphasis on the graphical interface
n Almost all of Cacti's functionality can be configured via the Web.
n Uses RRDtool, PHP and stores data in MySQLn Supports the use of SNMP and graphics with
MRTGn Authentication Schemen Large Network Deployment
![Page 18: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/18.jpg)
Tools … Cacti
![Page 19: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/19.jpg)
Tools … Weathermap
![Page 20: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/20.jpg)
Tools … Availabilityp Nagios
n server and service availability monitoringp Can monitor pretty much anythingp HTTP, SMTP, DNS, Disk space, CPU usage, ...p BGP, OSPF, Switch Port, room temperature, ..p Easy to write new plugins (extensions)
p Zabbix, ZenOSS, Hyperic, ... Many more Open Source...
Ø Log, Log, Log ....Ø Notification mechanism
![Page 21: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/21.jpg)
Tools …. Nagios
![Page 22: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/22.jpg)
Tools …. Nagios
![Page 23: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/23.jpg)
Tools …. Nagios XI
![Page 24: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/24.jpg)
Tools …. Nagios
![Page 25: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/25.jpg)
Tools – Availability+ ReliabilityLibreNMSl SNMP-based auto-discover network monitoringl Derived from another project (Observium)l Written in PHP as a web applicationl Includes support for a wide range of hardware:
- Cisco, Linux, FreeBSD, Juniper, Brocade, Foundry, HP and many more- See http://docs.librenms.org/Support/Features/
- Over 100 supported!- Routers, Switches, Access Points, Security gateways, Hosts,
Printers, …
![Page 26: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/26.jpg)
LibreNMS – Available metricsl CPU, memory and storage statisticsl Interface traffic, packet and detailed error
statistics (L2 and L3)l Temperature, fan speed, voltage, amperage,
power humidity and frequency sensorsl Users, processes, load average and uptime
statistics
![Page 27: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/27.jpg)
LibreNMS – Available metrics cont.l Linux distribution detectionl Real-time interface traffic graphingl Device inventory collection (useful!)l Detailed IPv4, IPv6, TCP and UDP stack
statisticsl BGP and OSPF informationl MAC <-> IP address lookup
l Find which port an IP/MAC was last seen on
![Page 28: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/28.jpg)
LibreNMS
![Page 29: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/29.jpg)
LibreNMS
![Page 30: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/30.jpg)
Tools … Configuration Mgmt & Monitoring
The ”Really Awesome New Cisco config Differ”pRancid
n Rancid is a configuration management tool that keepstrack of changes in the configurations of any sizenetwork equipment (Cisco, HP, Juniper, Foundry, etc.).Works on routers and switches. Automates retrieval ofthe configurations and archives them as backup tool,audit tool, blame allocation.
![Page 31: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/31.jpg)
Tools … RANCID
The ”Really Awesome New Cisco configDiffer”
The data is stored in a VCS (Version Control System) which keepsn Track changes in the equipment configurationn Track changes in the hardware (S/N, modules)n Track version changes in the OS (IOS, CatOS
versions)n Find out what your colleagues have done
without telling you!n Recover from accidental configuration errors .
![Page 32: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/32.jpg)
Tools … RANCID
![Page 33: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/33.jpg)
RANCID
![Page 34: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/34.jpg)
Tools … Net Forensicp Network Flow Analysis Tool
n NetFlow (C),n cflowd (F), n FlowScan (F), n Sniffer Pro (C), n argus (F),n i-Flow (C)n NFSen (F)n AS-STATS
![Page 35: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/35.jpg)
Tools … NFSenp Network Flow Analysis Tool
n NFSenp Display netflow data: Flows, Packets and Bytes
using RRD (Round Robin Database).p Easily navigate through the netflow data.p Process the netflow data within the specified
time span.p Create history as well as continuous profiles.p Set alerts, based on various conditions.
![Page 36: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/36.jpg)
Tools … NFSen
![Page 37: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/37.jpg)
Tools … NFSen
![Page 38: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/38.jpg)
Tools … NFSenTCP UDP
Flow s Packets Bytes Flow s Packets Bytes
Rank Port Count Port Count Port Count Port Count Port Count Port Count
1 80 39029 80 570630 80 111021671 53 116671 53 150335 12610 142186426
2 445 27833 25 83140 40936 88004359 6881 2388 12610 99433 28712 101344390
3 135 24572 40936 66203 25 52612168 39792 2276 28712 70901 40493 93146942
4 25 7881 445 53175 55893 43525223 15507 1904 40493 65155 46886 27824516
5 23 6761 135 49066 46395 39079355 43040 1611 15699 46682 57563 26436088
6 3128 4786 55893 37615 2889 30261886 60928 1588 1416 40540 62390 25767022
7 443 2999 46395 35068 1317 24692504 51012 1573 57563 37794 54505 25550351
8 22 2517 22 27489 49674 23472247 61295 1447 34018 37747 55893 23548341
9 9415 1275 443 26468 54311 23342821 5060 1309 21694 24942 40633 22940400
10 8080 1081 21651 25614 44879 23306526 49665 1225 46886 19468 40403 19544859
![Page 39: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/39.jpg)
AS-STATSp A netflow/sflow collector
n Storing data in RRD filesp A cron program
n order the ASNs by level of traffic exchangedp A web interface to :
n See your traffic per ASN n See your traffic per LINK
![Page 40: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/40.jpg)
How as-stats looks ? (Peers)
![Page 41: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/41.jpg)
How as-stats looks ? (Link)
![Page 42: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/42.jpg)
What it is good for ?
p BGP Traffic Engineering p Finding out who you should (try to) peer with p Knowing what's going on in your network p Planning for future expansion
![Page 43: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/43.jpg)
Tools … IDS & IPSComputer Security is not something that you
can just add on when you need it.Proper planning, installation, monitoring and
maintenance all become part of a successful IDS/IPS implementation.
p OSSEC/WAZUHp Tri-Sentry (Host Sentry, NetSentry, Service
Sentry)p Nessus, Snortp Checkpoint, Cisco IPS, UTM (Cyberoam,
Barracuda) $$$ARE YOU AWARE OF YOUR NETWORK POLLUTION ….
![Page 44: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/44.jpg)
Malicious Traffic Detection Tool
![Page 45: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/45.jpg)
Host Event Detection
AIDE(Advanced Intrusion Detection Environment)
45
![Page 46: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/46.jpg)
Network Detection Systems
46
![Page 47: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/47.jpg)
47
Event Management
Logstash Kibana
![Page 48: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/48.jpg)
p Open Source SECurityp Open Source Host-based Intrusion
Detection Systemp Provides protection for Windows, Linux,
Mac OS, Solaris and many *nix systemsp http://www.ossec.netp Founded by Daniel Cidp Current project managers – JB Cheng and
Vic Hargrave48
![Page 49: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/49.jpg)
OSSEC Capabilitiesp Log analysisp File Integrity checking (Unix and
Windows)p Registry Integrity checking (Windows)p Host-based anomaly detection (for Unix –
rootkit detection)p Active Responsep PCI DSS Compliance
49
![Page 50: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/50.jpg)
HIDS Advantagesp Monitors system behaviors that are not
evident from the network trafficp Can find persistent threats that penetrate
firewalls and network intrusion detection/prevention systems
50
![Page 51: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/51.jpg)
OSSEC Architecture
![Page 52: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/52.jpg)
OSSEC UI Screen
![Page 53: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/53.jpg)
File Integrity Alert Sample
** Alert 1365550297.8499: mail - ossec,syscheck,2013 Apr 09 16:31:37 ubuntu->syscheckRule: 551 (level 7) -> 'Integrity checksum changed again
(2nd time).'Integrity checksum changed for:
'/etc/apt/apt.conf.d/01autoremove-kernels'
53
![Page 54: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/54.jpg)
Log Analysis Alert Sample
** Alert 1365514728.3680: mail -syslog,dpkg,config_changed,
2013 Apr 09 06:38:48 ubuntu->/var/log/dpkg.logRule: 2902 (level 7) -> 'New dpkg (Debian Package)
installed.'2013-04-09 06:38:47 status installed linux-image-3.2.0-40-generic-
pae 3.2.0-40.64
54
![Page 55: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/55.jpg)
PCI DSS Requirementp 10.5.5 - Use file-integrity monitoring or
change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert)
p 11.5 - Deploy file-integrity monitoring software to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly
55
![Page 56: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/56.jpg)
Enhancing OSSEC
![Page 57: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/57.jpg)
![Page 58: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/58.jpg)
Tools – Log ManagementElasticsearch
“flexible and powerful open source, distributed real-time search and analytics engine for your log”(http://www.elasticsearch.org)
n Easy to scale (Distributed)n Everything is one JSON call away (RESTful API)n Unleashed power of Lucene under the hood n Excellent Query DSLn Multi-tenancyn Support for advanced search features (Full Text)n Configurable and Extensible n Document Oriented n Schema free n Conflict managementn Active community
![Page 59: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/59.jpg)
Tools – Log Management
Logstash Kibana
commercial
SIEM
![Page 60: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/60.jpg)
Elastic Elasticity
![Page 61: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/61.jpg)
Tools – Log ManagementElasticsearch, Logstash & Kibana (ELK)
![Page 62: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/62.jpg)
New Kid on the Block -NLS
![Page 63: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/63.jpg)
Tools … CollaborationSo, we have many Open Source/Commercial deployments
already to monitor our network.All the programs can generate alert/alarm on fault
detection.Need to centralize all the information.We need to collaborate these programsNeed NOCIts not a big Room/House – it’s a softwareIts –RT (the ticketing system)
![Page 64: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/64.jpg)
Tools … RTRequest Trackerp RT is a battle-tested issue tracking system
which thousands of organizations use for n bug tracking, n help desk ticketing, n customer service, n workflow processes, n change management, n network operations, n And so on ..
![Page 65: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/65.jpg)
Tools … RTRequest TrackerWhenever, wherever and however there is aproblem in the network the relevantmonitoring software will send a ticketdirectly to RT system and system adminswill know immediately via email or SMS.This automation will keep track of theSLA. RT has its own Help Desk system andescalation procedure.
![Page 66: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/66.jpg)
Tools ... RTn Why are they important?
pTrack all events, failures and issuesn Focal point for help desk communicationn Use it to track all communications
pBoth internal and externaln Events originating from the outside:
pcustomer complaintsn Events originating from the inside:
pSystem outages (direct or indirect)pPlanned maintenance, upgrades, etc.
![Page 67: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/67.jpg)
Tools ... RTl Why are they important?
- Track all events, failures and issuesl Focal point for help desk
communicationl Use it to track all communications
- Both internal and externall Events originating from the outside:
- customer complaintsl Events originating from the inside:
- System outages (direct or indirect)- Planned maintenance, upgrades, etc.
![Page 68: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/68.jpg)
Tools … RT
![Page 69: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/69.jpg)
Tools … The Big Cycle
![Page 70: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/70.jpg)
Conclusion RT
Weather Map
NFSenNagiosSmokePingCacti
ALL IN ONE NETWORK MANAGEMENT SYSTEM
Rancid
![Page 71: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/71.jpg)
Query Response - Conclusionp Link/Port wise Network bandwidth utilization. – Cacti, LibreNMS,
Weathermapp UPlink/Downlink graph with multi color option – Cacti, LibreNMSp Historical graph option (real time, 5 mins, day, week, month, year option) –
Cacti, LibreNMSp User group for access the MRTG sites. – Cactip Continuous rtt/jitter/packet loss monitoring of specific destinations –
Smokepingp A powerful tools which is simple and intuitive interface to the health and status
of your network. – Nagios, Cacti, LibreNMSp BGP down, Physical down, CPU, Memory all available with notification via mail &
SMS. – Nagios p Provide visibility for your TOP as destinations. – Netflow, NFSen, AS-STATSp Collects (Netflow collector) all the flows from all of our routers – nfDump,
NFSenp Tools/Application for link utilization monitoring for the whole network at a
glance -- Weathermapp Tools/Application for router configuration auto backup – RANCID p Syslog server. – Logstash + ElasticSearch + Kibanap Collaboration – RT p IDS --- OSSEC ++p Security ---- ??? Malware traffic detection
![Page 72: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/72.jpg)
Tools USEDp Cactip Smokepingp Weathermapp Nagiosp LibreNMSp RANCIDp NFSENp AS-STATSp ELKp RTp Maltrailp OSSEC/WAZUH
![Page 73: Open Source Based NMS solution - wiki.bdnog.org](https://reader033.fdocuments.in/reader033/viewer/2022042710/626694654b7c3707c44cea83/html5/thumbnails/73.jpg)
???