1. Manuals
  2. Brands
  3. Raritan Manuals
  4. Modem
  5. COMMANDCENTER NOC
  6. Administrator's manual

Raritan COMMANDCENTER NOC Administrator's Manual

Raritan computer modem user manual
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
CommandCenter
®
NOC
Administrator Guide
Release 5.4
Copyright © 2006 Raritan Computer, Inc.
CCNOC-0D-E
June 2006
255-80-5301-00

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the COMMANDCENTER NOC and is the answer not in the manual?

Questions and answers

Related Manuals for Raritan COMMANDCENTER NOC

Summary of Contents for Raritan COMMANDCENTER NOC

  • Page 1 CommandCenter ® Administrator Guide Release 5.4 Copyright © 2006 Raritan Computer, Inc. CCNOC-0D-E June 2006 255-80-5301-00...
  • Page 2 This page intentionally left blank.

  • Page 3: Fcc Information

    Raritan Computer, Inc. © Copyright 2006 Raritan, CommandCenter, RaritanConsole, Dominion, and the Raritan company logo are trademarks or registered trademarks of Raritan Computer, Inc. All rights reserved. Java is a registered trademark of Sun Microsystems, Inc. Internet Explorer is a registered trademark of Microsoft Corporation.

  • Page 4: Rack Mount Safety Guidelines

    Safety Guidelines To avoid potentially fatal shock hazard and possible damage to Raritan equipment: • Do not use a 2-wire power cord in any product configuration. • Test AC outlets at your computer and monitor for proper polarity and grounding. •...

  • Page 5: Table Of Contents

    IGURES Chapter 1: Introduction ... 1 Stand-alone Appliances...1 Distributed 2500 Series Appliances...1 CommandCenter Secure Gateway (CC-SG) ...1 User PC Preparation...2 Remote Authentication...2 Local Authentication ...2 Intended Audience...2 Features Described in this Document ...2 Terminology/Acronyms...3 Licensing Explained...6 Infrastructure...6 Server ...6 Workstation...7 Promoted Workstation ...7 Chapter 2: General and Advanced Administration ...
  • Page 6 Add/Modify a Notification Group ...79 Configure Notification Paths ...81 Add/Edit a Notification Path ...81 Configure TAP Paging...86 Add a new TAP Service ...87 Edit Modem Parameters ...88 Revert to Original Configuration ...88 Chapter 7: Managing Assets ... 89 Manage Assets ...89 Import Assets...89 Export Assets...91...
  • Page 7 IGURES Map Users ...101 Appendix A: Specifications ... 103 V1 Platform ...103 General Specifications ...103 Hardware Specifications ...103 Remote Connection ...103 Environmental Requirements...103 Electrical Specifications ...104 Appendix B: Troubleshooting ... 105 The Raritan Support Structure...105 The CC-NOC’s Ability to SSH to Raritan ...105 Checking Appliance Database Settings ...106 RAID Array Failure ...106 The CC-NOC Services ...106...
  • Page 8 viii Configuring a Windows 98/ME box for Remote WMI Management...129 Configuring a Windows Proxy Details ...130 Registry Changes [configuration]: ...131 Appendix E: Managing and Responding to Intrusion Detection Events ... 133 How the Intrusion Detection works ...133 Reducing False Positives with the Signature Profiler...133 Signature Profiler and the Rules Engine ...133 Responding to Events and Notifications ...134 Event Categories ...134...
  • Page 9 IGURES Figures Figure 1 Appliance Shutdown/Restart... 9 Figure 2 Configure Date and Time... 10 Figure 3 Configure Network Connection ... 11 Figure 4 Configure Network Connection ... 12 Figure 5 Configure Outgoing Email Communication ... 12 Figure 6 Configure Nameserver Addresses ... 13 Figure 7 Edit Discovery Ranges...
  • Page 10 Figure 80 Configuring Windows Performance Thresholds ... 65 Figure 81 Edit WINS Settings ... 66 Figure 82 WINS Server IP Address ... 66 Figure 83 CommandCenter NOC 2500M Options ... 67 Figure 84 Edit LMHOSTS File... 67 Figure 85 Vulnerability Scanning Warning ... 69 Figure 86 Type IP Addresses for Vulnerability Scanning ...
  • Page 11 Figure 109 Configuring an Email Target in Notification Path... 85 Figure 110 Configuring TAP Paging ... 86 Figure 111 Editing TAP Service ... 87 Figure 112 Editing Modem Parameters ... 88 Figure 113 Editing Modem Parameters ... 88 Figure 114 Importing assets... 90 Figure 115 Exporting assets ...
  • Page 12 IGURES...

  • Page 13: Chapter 1: Introduction

    INTRODUCTION Chapter 1: Introduction The primary function of a CommandCenter NOC (CC-NOC) is to manage nodes in your network. Nodes are discovered automatically if their IP address is within the managed range of addresses. In addition to network discovery, a CC-NOC also provides service management, a database of network information, a rules engine, a notification engine, and a web server.

  • Page 14: User Pc Preparation

    Tasks that are available to users with a User or Executive User role are described in Raritan’s CommandCenter NOC User Guide, which describes tasks such as viewing intrusion detection events, window management events, etc.

  • Page 15: Terminology/Acronyms

    HAPTER INTRODUCTION • Vulnerability Scanning • Event Viewing and Searching • Performance Monitoring per category or device • Integration with CC-SG where CC-SG is notified of events within the subscribed discovery range. • Scheduled Outages • User, Views, and Category Configuration •...
  • Page 16 Signature – a fingerprint of network traffic that signals an attack. • SMB – (Server Message Block) The communications protocol used by Windows-based operating systems to support sharing of resources across a network to discover systems. COMMANDCENTER NOC ADMINISTRATOR GUIDE 792.
  • Page 17 HAPTER INTRODUCTION • SSO – Single Sign-On. With Single Sign-on (SSO) access to CC-SG targets, CC-NOC users can connect to targets seamlessly, without having to sign onto CC-SG as long as remote authentication has been configured. • System Vulnerabilities – unpatched systems, older known vulnerable server daemons on your system that can be exploited by harmful network traffic.

  • Page 18: Licensing Explained

    You can transition a device with a Server license to any of the following licensed states: • Workstation • Infrastructure (if the device is a node) • Promoted Workstation • Unmanaged COMMANDCENTER NOC ADMINISTRATOR GUIDE SMTP Oracle LDAP Sybase MSExchange Informix Citrix SQLServer...

  • Page 19: Workstation

    HAPTER INTRODUCTION Workstation A Workstation license can be assigned to any type of device, be it a Windows or non-Windows system. For example, a Linux box which is discovered as a node and which does not support any of the infrastructure services will be assigned a Workstation license. Similarly, a desktop Windows system will be assigned a Workstation license.
  • Page 20 COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 21: Chapter 2: General And Advanced Administration

    You can also shutdown and restart a CC-NOC while using a serial connection – see Raritan’s CommandCenter NOC Deployment Guide. While the CC-NOC is designed to be an appliance, it must store information about your environment in a local database. Thus, it should be treated with the same sensitivity as a database server.

  • Page 22: Configure Date And Time

    Note: If you select Use NTP servers, you should install a NTP server in your environment. 8. Click save changes. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 2 Configure Date and Time...

  • Page 23: Configure Network Connection

    This page allows you to change the fixed IP address associated with this appliance. This IP address was configured when setting up the initial configuration using a serial connection – see Raritan’s CommandCenter NOC Deployment Guide. The CC-NOC mimics the traffic generated by a user trying to access various services throughout the network.

  • Page 24: Outgoing Email Communication

    If you do not provide a value here, a default will be used (root@localhost.com). 6. The admin email address specified in Admin Email Address should be the email address of the person in your organization who will be responsible for CC-NOC administration. This COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 25: Change Nameserver Addresses

    HAPTER GENERAL AND ADVANCED ADMINISTRATION email address is a required field and will be used to send status information on the CC-NOC itself. 7. Clicking test SMTP settings sends a test email to the email address specified in the Admin Email Address field using the specified SMTP server.

  • Page 26: Figure 7 Edit Discovery Ranges

    To exclude a specific IP address, type the address in "Begin" and leave "End" blank. Click add to excludes to add it to the list. It is recommended to exclude DHCP ranges since they can change IP addresses, which can appear as false outages. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 7 Edit Discovery Ranges...

  • Page 27: Edit Snmp Ranges

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Important! Ensure your discovery range is not too wide, for example, entering multiple Class B address ranges. This consumes large amounts of resources and may reduce the performance of CC-NOC. Also, it is recommended to keep the default “Automatically license and manage new devices discovered via the ranges and addresses listed below”...

  • Page 28: Configure Scheduled Outages

    1. Click on the Admin tab in the top navigation bar. 2. Click Network Management Configuration. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 8 Edit SNMP Ranges Figure 9 Defining SNMP Ranges...

  • Page 29: Figure 10 Configuring Scheduled Outages

    HAPTER GENERAL AND ADVANCED ADMINISTRATION 3. Click Configure Schedule Outages. Figure 10 Configuring Scheduled Outages 4. Type a name for the scheduled outage and click add new scheduled outage. 5. Type a name for the scheduled outage. 6. Select a node label, that is, a DNS hostname or IP address, from the Included Node Label drop-down list and click add.

  • Page 30: Configure Pollers

    The Port column shows the ports at which the service will be polled. • This panel also allows the admin user to configure polling intervals, the timeout period between retries, and number of retries before an outage is declared. Adjusting polling COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 12 Configure Pollers...

  • Page 31: Manage, Unmanage, Rescan, Or Delete Devices

    HAPTER GENERAL AND ADVANCED ADMINISTRATION intervals (they were initially set at 5 minutes for a reason), timeouts and/or retries without proper planning or forethought runs the risk of: • Having the pollers get behind • Adding unreasonable amounts of network traffic in the environment •...

  • Page 32: Figure 13 Manage, Unmanage, Rescan, Or Delete Devices

    This can be corrected by either clicking the ‘Change Device Label’ link on the device page or the administrator of the “Unknown” device can assign a meaningful name to the sysName value. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 14 Device Totals...

  • Page 33: Configure Performance Thresholds

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Configure Performance Thresholds This page displays the current values at which SNMP performance metrics are considered problematic and events are generated. You have complete control over these thresholds, including their value, their re-arm values, and the number of consecutive data samples, for example, "triggers"...

  • Page 34: Configure Outage Report

    5. Using the check boxes, select the working days you wish to include in the report. 6. Click apply changes. 7. Click Outage Report in the right-hand side of the page to generate a report. Figure 17 Navigating to Outage Report COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 35: Snmp Reparenting Exclusion List

    HAPTER GENERAL AND ADVANCED ADMINISTRATION SNMP Reparenting Exclusion List This page allows you to specify addresses that should be excluded from SNMP reparenting. This feature is useful if you have multi-interface SNMP devices that have identical IP addresses to other multi-interface devices. The most common example of this is if you are managing several routers that each act as gateways to separate private networks.

  • Page 36: Figure 20 Configure A Commandcenter Secure Gateway

    CC-SG appliance's user interface or to the CC-SG target itself if remote authentication has been configured. This link will also be present in the Notification Browser and while viewing individual notices. Figure 22 CommandCenter Secure Gateway in Notification Browser 8. Click save. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 37: Create A Cc-Sg Peer Via A Secure Channel

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Create a CC-SG Peer via a Secure Channel After configuring the CC-SG with CC-NOC information, for example, specifying its IP address, and configuring CC-NOC with CC-SG information, you can create a secure channel between CC- SG and CC-NOC.

  • Page 38: Disconnect A Cc-Sg

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Important! To successfully connect, you must enter the passcodes in CC-NOC within five minutes after they are generated on CC-SG. This will minimize the window of opportunity for intruders to breach the system with a brute-force attack.

  • Page 39: Multi-Site Management

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Important! Configuring these mappings is required in order for remote authentication to work. Although you may have several CC-SG’s connected to this CC-NOC via a secure connection, only one can be the remote authentication and authorization source. If a user is mapped to a CC-NOC user role but they do not have appropriate permissions to view a channel on CC-SG as defined in the CC-SG’s user group’s policy, they will not be able to access the CC-SG target.

  • Page 40: Configure Event Forwarding

    Raritan appliance you are sending the trap to. On this platform or appliance resides an SNMP agent that listens for the traps. This Host can be either an IP COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 29 Adding Event Recipients...

  • Page 41: Configure Trap Relaying

    HAPTER GENERAL AND ADVANCED ADMINISTRATION address or a hostname that this appliance can resolve. Example: Protocol=Trap, Host= 192.168.51.150, Port=162. 8. Type protocol, host, and port for the Path Back URL which is the IP address or hostname of this CC-NOC. The Host entered is the web address that a user of the external event recipient can use to connect back to this appliance via a web browser.

  • Page 42: Discover A Single Device

    Figure 33 Discover a Single Device 3. Enter either a NetBIOS name, a hostname, or an IP address. 4. Click discover. Note: If two devices have the same NetBIOS name, only one will be discovered. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 31 Configure Trap Relaying...

  • Page 43: Edit Performance Thresholds (Per Device)

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Edit Performance Thresholds (Per Device) In addition to configuring performance values per category–see section Configure Performance Thresholds earlier in this chapter, you can also configure performance thresholds on a per-device basis. Per-device thresholds will override those set per category. Note: Performance thresholds can be configured on a per-device basis only for devices with Infrastructure, Server, or Promoted Workstation licenses.

  • Page 44: Administrator Tools

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Administrator Tools Administrator tools help you diagnose and fix problems with the CC-NOC. These tools allow you to backup configuration files, download logs, check the disk usage of your CC-NOC, and establish connections to Technical Support. Access administrator tools either from the Tools tab or from the Admin tab.

  • Page 45: Send Incident Report

    HAPTER GENERAL AND ADVANCED ADMINISTRATION 3. Click Check Disk Utilization on Appliance. Figure 37 Check Disk Utilization on Appliance The Disk Usage section lists the current free space percentages for different areas of the storage within the CC-NOC appliance. The disk storage inside this CC-NOC appliance is used to store logs of system activity, performance information for the devices that you are monitoring, and a database of collected management information that includes event and notification records.

  • Page 46: Generate Diagnostics File

    COMMANDCENTER NOC ADMINISTRATOR GUIDE 4. Type a description of the problem you are experiencing in the text box. 5. Type an email address in Confirmation Email: so that when the incident report email is received, you will get a confirmation message.

  • Page 47: Download Data Archives

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Download Data Archives Every 24 hours, the previous day’s events are placed into an event archival file and made accessible. Download this archival file or unzip it to access a comma-separated value (CSV) file, which can be opened with any spreadsheet application to view the events for that day. 1.

  • Page 48: Install Updates

    This option allows you to select which updates you want to install. The updates should have already been downloaded. 1. Click on the Admin tab in the top navigation bar. 2. Click Advanced Administration. 3. Click System Software & Signature Updates. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 42 System Updates Figure 43 Download Updates...

  • Page 49: Figure 44 Install Updates

    HAPTER GENERAL AND ADVANCED ADMINISTRATION 4. Click Install Updates. 5. Click install to install any of the updates that are listed. If an update is listed as downloading, it will be available for installation once it is fully downloaded. Check for new updates by accessing the Download Updates page –...

  • Page 50: Figure 47 View All Updates

    1. Click on the Admin tab in the top navigation bar. 2. Click Advanced Administration. 3. Click Browse: 4. Select the file to upload and click Open. 5. Click upload. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 47 View All Updates...

  • Page 51: Appliance Database Administration

    HAPTER GENERAL AND ADVANCED ADMINISTRATION Appliance Database Administration This page allows you to clean out unnecessary or unused information stored in the database, including node information, events, outages, etc. These operations are necessary if you would like to purge some of the data and start over with a clean database. You will not lose any management information if you recreate your database but the CC-NOC will need to stop its management services and web user interface while the database is unavailable.

  • Page 52: Manage Routes

    The local network and loopback routes are not deletable. 1. Click on the Admin tab in the top navigation bar. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 49 Download Backup Files Figure 50 Install Backup Files...

  • Page 53: Prune Unused Performance Data

    HAPTER GENERAL AND ADVANCED ADMINISTRATION 2. Click Advanced Administration. 3. Click Manage Routes. 4. To delete a user-defined static route, click remove in the row of the unwanted route. 5. To change the default gateway route, revisit the Configure Network Connection page – see Configure Network Connection earlier in this chapter for additional information.

  • Page 54: Delete Management Settings And Data

    However, unlike resetting the appliance to a factory default that you can do while connected to a serial connection – see Raritan’s CommandCenter NOC Deployment Guide, this option keeps the current version of software, the license file, and the network settings of this appliance, for example, IP address.

  • Page 55: Install Cc-Noc License

    This page allows you to upload a new license file to the CC-NOC. You were asked to do this during installation of the CC-NOC or when configuring the network – see Raritan’s CommandCenter NOC Deployment Guide). If you have not yet received the appliance license, please contact Technical Support.

  • Page 56: Installed Appliances List

    3. To change the name or note associated with any given appliance, click the current name of the appliance to be redirected to a page where this change is possible. Note that this functionality is only available to the admin user. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 57 Installed Appliances List...

  • Page 57: Chapter 3: Configuring Intrusion Detection

    For 3Com switches, see the appropriate manuals for configuration of the "Roving Analysis Port". To ensure that the CC-NOC is passing packets correctly, you can view your network traffic – please see Raritan’s CommandCenter NOC User Guide for additional information on viewing network traffic. Ethernet TAP Instead of using a spanned or mirrored port, an Ethernet tap could be used that may be considered a more secure method in which to listen to network traffic than a spanned port.

  • Page 58: Deployment

    All of the Intrusion Detection appliances that can communicate with this system are listed in the box. The Last Change field indicates the last time that the home network for the appliance was changed. Figure 59 Selecting an Intrusion Detection Appliance for Home Network Configuration COMMANDCENTER NOC ADMINISTRATOR GUIDE Router Ethernet TAP Managed...

  • Page 59: Configure Port Scan Detection

    HAPTER CONFIGURING INTRUSION DETECTION 4. Choose the appliance that you wish to configure by clicking Configure next to it. Figure 60 Configuring Home Network for Intrusion Detection Appliance 5. To include an entire subnet in your home network, use the Add Addresses box. Type in the network address and select the subnet mask from the list that is provided.

  • Page 60: Figure 61 Selecting An Intrusion Detection Appliance For Portscan Detection

    COMMANDCENTER NOC ADMINISTRATOR GUIDE All of the Intrusion Detection appliances that can communicate with this system are listed in the box. The Last Change field indicates the last time that the home network for the appliance was changed. Figure 61 Selecting an Intrusion Detection Appliance for Portscan Detection 4.

  • Page 61: Enable/Disable Signature Types Via Signature Profiler

    HAPTER CONFIGURING INTRUSION DETECTION Determining which ports are open on a target machine is often the first step towards a successful attack on a network system. Attackers generally use port scanning utilities to probe a target system and make a list of all open ports on the device. After they have this list, they will send specific attacks to the open ports with the hope of exploiting a vulnerability on the target.

  • Page 62: Select Intrusion Detection Appliance(S)

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Select Intrusion Detection Appliance(s) All of the Intrusion Detection appliances that can communicate with the system hosting this Web Console are listed in the Intrusion Detection Appliance box. The Last Configuration field indicates the last time that the detection scheme for the Intrusion Detection was changed or the last time that a security patch was used to update the signatures on the Intrusion Detection.

  • Page 63: Select Types Of Signatures To Monitor

    HAPTER CONFIGURING INTRUSION DETECTION Select Types of Signatures to Monitor When in doubt, enable detection. There is no disadvantage to enabling extra detection, except that you may receive extraneous events from your Intrusion Detection appliances. You should usually never disable detection of General Security on the Network. This category includes a variety of attacks that can affect any network, regardless of the devices and services on it.

  • Page 64: Load Default Signatures Or Settings From Another Appliance

    3. Click Delete Performance Information. Figure 66 Deleting Intrusion Detection Performance Data 4. From the list or appliances, highlight the CC-NOC from the selection box and click delete. The intrusion detection performance data will be deleted and reset. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 65: Advanced Intrusion Detection Administration

    HAPTER CONFIGURING INTRUSION DETECTION Advanced Intrusion Detection Administration Advanced administration assists in fine tuning the set of signatures that an intrusion detection application will use to detect intrusion traffic on the network. Manage Signatures The Manage Signatures page allows you to disable specific signatures on a per-appliance basis. This allows you to disable signatures that may produce false-positive alerts because of conditions on your network.

  • Page 66: Upload Custom Signatures Tool

    After you have uploaded new custom rules, it will take several minutes for the rules to be activated by the Intrusion Detection service. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 67: Chapter 4: Configuring Windows Management

    CHAPTER CONFIGURING WINDOWS MANAGEMENT Chapter 4: Configuring Windows Management This chapter describes procedures to configure a CC-NOC so it can use Microsoft’s WMI (Windows Management Instrumentation) to monitor and manage Windows servers and workstations in your network. WMI information is collected from the Windows systems and is used to extract and report on inventory and event information.

  • Page 68: External Proxy Host Requirements

    250, or CC-NOC 2500N from the following URL: http://<Your_CommandCenter_NOC_IP>/public/cfgproxy.exe b) Remove legacy proxy settings, run the cfgproxy.exe program with the “uninstall” option: c:\> cfgproxy.exe -u 3. Download the newest proxy configuration program, http://<address_of_noc>/public/ProxyInstaller.zip COMMANDCENTER NOC ADMINISTRATOR GUIDE , from this location: ProxyInstaller...

  • Page 69: Open Ports On External Proxy Host

    CHAPTER CONFIGURING WINDOWS MANAGEMENT 4. Unzip the archive on your Windows machine and move the directory to a ProxyInstaller location where you would like to keep the program. For example, a good location could be: C:\Program Files\Raritan\ProxyInstaller 5. Double-click on ProxyInstaller.exe 6.

  • Page 70: Figure 71 Configure An External Proxy For Windows Management

    CommandCenter 2500N, in the navigation tab bar at the top click on the Admin tab, then CC-NOC 2500M Configuration. Click CommandCenter NOC 2500M Configuration Wizard or click configure next to the appliance you are currently configuring.

  • Page 71: Figure 73 Specifying Proxy Host Information

    CHAPTER CONFIGURING WINDOWS MANAGEMENT 6. Type the IP address for the proxy host. This should be the same host that the configuration tool was run – see section Download and Run information. Note: Hostname values in this field must be resolvable via DNS or must be a numeric IP address. 7.

  • Page 72: Figure 74 Specifying Proxy Authentication Credentials

    As a part of its systems discovery, the CC-NOC identifies target machines as members of a Workgroup, if applicable. For those machines, you may specify a local user on those machines to use for authentication purposes. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 73: Figure 75 List Of Windows Management Proxies

    CHAPTER CONFIGURING WINDOWS MANAGEMENT Note: Any local user defined must be a member of the Local Administrators group to authenticate and allow data collection to occur. Trusted Domain-based authentication is used when the target machines are part of a domain other than the domain to be used for authentication, yet there exists a trust relationship between the two domains.

  • Page 74: Configuring A Wins Server Or Lmhosts File

    3. Click on the network interface that is connected to the external proxy, for example, Local Area Connection. 4. Click the Properties button. 5. Scroll down and select Internet Protocol (TCP/IP). Figure 76Selecting Internet Protocol (TCP/IP) for WINS Settings 6. Click the Properties button. 7. Click the Advanced button. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 75: Figure 77Selecting Wins Tab

    CHAPTER CONFIGURING WINDOWS MANAGEMENT 8. Click on the WINS tab. 9. Click the Add… button and specify the address of the WINS server for the remote appliance to use for Windows computer name resolution and click add. Command Line Interface Alternatively, you can issue this command on the command line interface: netsh interface...

  • Page 76: Authenticate Windows Computers

    1. Click on the Admin tab in the top navigation bar. 2. Click Windows Management Configuration. 3. Click Manage, Unmanage, or Rescan Devices. 4. Using the check boxes, select the devices in the list that you want to perform management operations on. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 79 Manage Devices...

  • Page 77: Configure Windows Performance Thresholds

    CHAPTER CONFIGURING WINDOWS MANAGEMENT 5. Choose the desired operation, for example, change license type to Promoted Workstation. 6. Click submit. To generate an inventory report of the current list of devices, select an output format, for example, HTML or XML, and click generate report. XML can be used in Crystal Reports. Note: If an Infrastructure device, for example, Cisco router, is listed as Unknown, it means that the default sysName value of “Unknown”...

  • Page 78: Figure 81 Edit Wins Settings

    To edit WINS settings: 1. Click on the Admin tab in the top navigation bar. 2. Click CommandCenter NOC 2500M Configuration. 3. Select the CC-NOC 2500M appliance from the pull-down menu next to edit WINS settings. 4. Click edit WINS settings.

  • Page 79: Edit Lmhosts File

    CC-NOC 2500M appliance and a WINS server is not available. 1. Click on the Admin tab in the top navigation bar. 2. Click CommandCenter NOC 2500M Configuration. Figure 83 CommandCenter NOC 2500M Options 3. Select the CC-NOC 2500M appliance from the pull-down menu next to edit LMHOSTS settings.
  • Page 80 5. Specify the IP address of each remote Windows server from which you wish to collect WMI data. 6. You can also delete all of the lmhosts settings for the appliance by clicking delete LMHOSTS file. 7. Click submit changes. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 81: Chapter 5: Configuring Vulnerability Scanning

    CHAPTER CONFIGURING VULNERABILITY SCANNING Chapter 5: Configuring Vulnerability Scanning This chapter describes procedures to configure a CC-NOC so it can scan for vulnerabilities, for example, exploits and thresholds against devices within your network. Scanning for vulnerabilities assists administrators in resolving security concerns. Vulnerability scanning finds system vulnerabilities, for example, unpatched systems, older known vulnerable server daemons, etc., that can be exploited by harmful network traffic.

  • Page 82: Vulnerability Scan Levels

    This process can harm the target machine if the vulnerabilities are successfully exploited by the scanning process. It is not advisable to use this scan against mission-critical targets, regardless of OS or services that are running. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 83: Specify Ip Addresses And Schedule The Scan

    CHAPTER CONFIGURING VULNERABILITY SCANNING Scan Level 4 Scan Level 4 performs all checks of previous levels and also attempts exploits that are known to be directly harmful to target systems. These include vulnerabilities that can alter data on the target or bring down services or the operating system by using denial-of-service techniques.

  • Page 84: Figure 87 Create A Vulnerability Scanning Schedule

    6. Select one of the options to perform a one-time scan of the devices that were specified or set up a scan that repeats according to the frequency you specify. 7. Click schedule this vulnerability scan. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 85: Chapter 6: Configuring Notifications

    CHAPTER CONFIGURING NOTIFICATIONS Chapter 6: Configuring Notifications This chapter describes procedures to configure a CC-NOC so it can send and escalate notices through email, pagers, etc. if and when specific CC-NOC events occur. When important events are detected, users may receive a notice that is a descriptive message sent automatically to a pager, an email address, or both.

  • Page 86: Configure Event Notifications

    Clicking edit next to a notice follows the same steps, allowing you to edit information already defined for the notice. Clicking add new notice for this event also follows the same steps, but bypasses selecting an event type. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 87: Figure 91 Adding A New Event Notification

    CHAPTER CONFIGURING NOTIFICATIONS Select Event Type The first step when adding or editing a notification is to select one event type to associate with the notification. Notice that if you are adding a new notice for an existing event, you will bypass this step.
  • Page 88 If it does not work in your browser, please consult the documentation provided by your browser vendor. Note: Choosing no services will include all services in this filter. To reset any TCP/IP address or services selected, click reset values. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 89: Figure 93 Validating An Interface/Service Rule

    CHAPTER CONFIGURING NOTIFICATIONS 8. If you do not wish to validate the rule or did not define an interface/service rule, click skip results validation to continue. Otherwise, click validate rule results to provide a visual representation of the rule just built and check that the TCP/IP address(es) and/or service(s) specified returned expected results.

  • Page 90: Configure Notification Groups

    Notice name. Configure Notification Groups In this section, you will create groups and assign users to them to identify a group of people that should receive certain types of notifications. Notification groups are used when defining a COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 91: Add/Modify A Notification Group

    CHAPTER CONFIGURING NOTIFICATIONS notification path – please see section Configure Notification Paths later in this chapter for additional information. Note: To assign users to a group, the users must be pre-defined – please see section Add a New User in Chapter 8: Creating Users, Categories, Views for additional information. 1.

  • Page 92: Figure 99 Assigning Users To A Notification Group

    The ordering of the users in the group will affect the order that the users are notified if this group is used in a notification. 8. Click finish. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 93: Configure Notification Paths

    CHAPTER CONFIGURING NOTIFICATIONS Configure Notification Paths In this section, you will create notification paths that defines the users or groups who will receive notifications, how the notifications will be sent, for example, numeric or text pagers, email, and who to notify if escalation is needed. Notification paths are selected when configuring an event notification and should be created before configuring an event notification –...

  • Page 94: Figure 101 Configuring A Notification Path

    5. Choose one of the target types for this notification path: • For User Target, select only one user and select one or more delivery methods for that user. Figure 102 Configuring a User Target in Notification Path COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 95: Figure 103 Configuring A Group Target In Notification Path

    CHAPTER CONFIGURING NOTIFICATIONS • For Group Target, select only one group as previously defined, please see section Configure Notification Groups earlier in this chapter for details, and specify an interval, that is, minutes, hour, or days, to indicate how long to wait before sending the notification to users in this group.

  • Page 96: Figure 106 Define Escalation In Notification Path

    6. Choose one of the target types for this escalation notification: • For User Target, select only one user and select one or more delivery methods for that user. Figure 107 Configuring a User Target for Escalation in Notification Path COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 97: Figure 108 Configuring A Group Target For Escalation In Notification Path

    CHAPTER CONFIGURING NOTIFICATIONS • For Group Target, select only one group as previously defined, see section Configure Notification Groups earlier in this chapter for additional information, specify an interval, that is, minutes, hour, or days, to indicate how long to wait before sending the notification to users in this group.

  • Page 98: Configure Tap Paging

    NOC can use TAP services to send notifications as text messages to pagers. There are several steps to get this working properly. First, you need to attach a modem to the CC-NOC and to a phone line so that pager messages can be sent. Please contact Technical Support for a list of supported modem devices.

  • Page 99: Add A New Tap Service

    TAP services. Refer to your phone carrier for more information about TAP service availability and settings. These settings are necessary for the modem to dial out and connect to a TAP service. Fields that are required are marked with an asterisk.

  • Page 100: Edit Modem Parameters

    Edit Modem Parameters In this step, you will set up the modem parameters. If your modem requires special parameters for initialization or dialing prefixes, such as dialing "9" to get an outside line, you’ll need to enter these parameters. These settings are necessary for the modem to initialize properly. All of the fields on this page are optional.

  • Page 101: Chapter 7: Managing Assets

    • Map Unassociated Assets to Nodes Note: Creating and listing assets is described in the CommandCenter NOC User Guide. Import Assets The second way in which to add or update asset data stored in the CC-NOC is to import a comma-separated value file (CSV) into the assets database.

  • Page 102: Figure 114 Importing Assets

    Target Node field from being included in this listing. You will still be able to manually associate a node to any assets marked in this way via the asset's detail page. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 114 Importing assets...

  • Page 103: Export Assets

    7: M CHAPTER ANAGING SSETS Export Assets All the nodes with asset information can be exported to a comma-separated value file (CSV), which is suitable for use in a spreadsheet application. If you do an import into the CC-NOC with this CSV file, you will be asked to re-map all assets that were previously mapped to a node.

  • Page 104: Clear All Asset Records

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Clear All Asset Records This allows you to remove all asset records from the CC-NOC. Be sure to export the assets if you ever need to recover this data in the future. If you are rebuilding the asset records from an export via the CC-NOC, you will need to clear the asset table prior to re-importing.

  • Page 105: Chapter 8: Creating Users, Categories, Views

    8: C HAPTER REATING SERS ATEGORIES IEWS Chapter 8: Creating Users, Categories, Views This chapter describes procedures to add users, delete and modify users, build views, and create categories. Build your own custom way of looking at your network, called views, and then assign them to your users.

  • Page 106: Edit A User

    3. If you are changing the administrator password, click password next to the administrator account. 4. Click edit next to the user whose profile you wish to change. Figure 121 Creating/Editing a new user COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 120 Editing a User...

  • Page 107: Adding/Editing A Duty Schedule

    8: C HAPTER REATING SERS ATEGORIES 5. Supply a full name and enter comments. This is optional. 6. If desired, provide Executive User Constraints to provide an executive-level user access only to the specified category and appliance that is specified. This user will not be able to see information on nodes outside of the specified category or data collected by appliances other than the specified appliance.

  • Page 108: Configure Categories

    Email Servers Internet Connectivity Network Interfaces Overall Service Availability Routers COMMANDCENTER NOC ADMINISTRATOR GUIDE Description Includes all managed interfaces which are running either DNS (name resolution) or DHCP servers. Includes all managed interfaces which are currently running PostgreSQL, Oracle, SQLserver, MySQL, Informix, or Sybase database servers.

  • Page 109: Figure 125 Configure Categories

    8: C HAPTER REATING SERS ATEGORIES Web Servers Categories can then be combined into views, providing you the ability to focus users on the nodes that are pertinent to their role. You have the ability to create, modify, and delete categories and the filters that populate them.
  • Page 110 Note: Choosing no services will include all services in this filter. To reset any TCP/IP address or services selected, click reset values. 8. Click save. 9. After saving the category, restart the CC-NOC. COMMANDCENTER NOC ADMINISTRATOR GUIDE Explanation Matches two specific addresses. Matches 192.168.0.1, 192.168.1.1, 192.168.2.1, etc.

  • Page 111: Configure Views

    8: C HAPTER REATING SERS ATEGORIES Configure Views Configuring views allows you to create a mapping between users and views, or sets of categories, they will see when logging into the CC-NOC. Views are simply the combination of categories that your users will see when logging in. When configuring views, you have the ability to create new views, assign views to specific users, using map users, or set the default views used by the web interface, as well as the default view used by the reporting subsystem.

  • Page 112: Add/Modify An Existing View

    4. You can add a section by clicking add section to create a new grouping of categories. A view can comprise of one or more sections. This is optional. 5. Click finish to save your changes. COMMANDCENTER NOC ADMINISTRATOR GUIDE Figure 127 Add/Modify Views...

  • Page 113: Map Users

    8: C HAPTER REATING SERS ATEGORIES IEWS Map Users After creating views, you can now map users to a view that will be displayed after they log into the CC-NOC. If users are not mapped to a specific view, then the Default view that was selected in section Configure Views will be displayed.
  • Page 114 COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 115: Appendix A: Specifications

    KVM Admin Port Serial Admin Port Console Port Hardware Specifications Processor Memory Network Interfaces Hard Disk & Controller CD/ROM Drive Remote Connection Modem Protocols Warranty Environmental Requirements Humidity Altitude Vibration Shock 24.21”x 19.09” x 1.75” 615mm x 485mm x 44mm 23.80lb (10.80kg) Single Supply (1 x 300 watt) 10℃- 35℃...

  • Page 116: Electrical Specifications

    Maximum DC Power Output Maximum AC Power Consumption Maximum Heat Dissipation Volt-Ampere Rating COMMANDCENTER NOC ADMINISTRATOR GUIDE PERATING -40 - +60 (-40 -140 ) 5% - 95% RH Operate properly at any altitude between 0 to 10,000 feet, storage 40,000 feet (Estimated) 5-55-5 HZ, 0.38mm,1 minutes per cycle;...

  • Page 117: Appendix B: Troubleshooting

    APPENDIX B TROUBLESHOOTING Appendix B: Troubleshooting Raritan wants to be involved from the beginning of your deployment and throughout the entire lifetime of your use of Raritan products. We have identified the following as the three pillars on which the success of your deployment rests: •...

  • Page 118: Checking Appliance Database Settings

    ECHO (Code 8) and ECHO REPLY (Code 0) capabilities. You must allow both of these to pass between your CC-NOC and managed devices in order for discovery to recognize the node and generate the suspect node event. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 119: Capability Scanning

    APPENDIX B TROUBLESHOOTING Capability Scanning The capability scanning service scans individual nodes to discover which services are supported on that node. It uses an intelligent service discovery mechanism and relies heavily upon communication over the TCP protocol (and sometimes UDP). In its initial state, the capability scanning service waits and listens for suspect node events.

  • Page 120: Snmp Data Collection

    COMMANDCENTER NOC ADMINISTRATOR GUIDE The notifications service does not generate any events; it only reacts to them. It does, however, save its history in the database so that you can review past notifications. SNMP Data Collection The SNMP data collection service collects additional data from nodes that support SNMP. Just like the pollers, the SNMP data collection service runs every five minutes by default.

  • Page 121: Your Network

    APPENDIX B TROUBLESHOOTING Your Network Understanding and maintaining your network is the key to success. The Raritan services will help you understand and troubleshoot your network, as it relates to the CC-NOC. This chapter, however, is about troubleshooting the CC-NOC. Raritan Support Structure Before troubleshooting anything else, you should always make sure that your basic connectivity to the Raritan support structure is available should you need to utilize it.

  • Page 122: Why Don't I See The Machine Name For My Windows 2000 Systems

    TCP and provide more accurate capabilities profiling. During an intelligent services scan, it will test the device for each of the services supported by your CC-NOC. A list of the supported services can found by clicking on COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 123: Re-Parenting

    APPENDIX B TROUBLESHOOTING the Admin tab, Network Management, and Configure Pollers. For each service that responds during the intelligent service scan, the system will generate a “Node Gained Service” event. The text of this event will look like the following: The X service has been discovered on interface WWW.XXX.YYY.ZZZ Typically, this will also be the signal to the Pollers that they should begin polling this new service for availability.

  • Page 124: Why Can't My Cc-Noc Manage X Service

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Why Can’t My CC-NOC Manage X Service? ICMP - If a device responds to a "ping", which uses ICMP for its transport, the device will be flagged as supporting ICMP and will be tested for ICMP availability on the standard polling interval.

  • Page 125: Notifications

    APPENDIX B TROUBLESHOOTING If a service successfully connects, but otherwise "fails", a "service unresponsive" event is generated. An example of this would be a poller sends a TCP connect request… and gets a connecting, but within the “timeout” period there is no response. Thus, the Service is “up”, but it is not performing up to an adequate level.

  • Page 126: What Conditions Cause A Notification To Be Sent

    SNMP version 1, which is the most commonly seen version deployed today, supports five basic transactions: • • • GET RESPONSE • GET NEXT, and • TRAP COMMANDCENTER NOC ADMINISTRATOR GUIDE for any default notifications sent to the...

  • Page 127: Troubleshooting Snmp Data Collection

    APPENDIX B TROUBLESHOOTING Of these five, Raritan only uses three: • GET - A message sent from the Manager to the Agent requesting information • GET RESPONSE – The message the Agent sends to the Manager in reply to a GET transaction, and •...

  • Page 128: Getif

    UDP services on your nodes. As a basic test, you should make certain that you could connect to the open services on the device before initiating a scan. This will at least verify that you can route COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 129: Historic Data And Graphs

    APPENDIX B TROUBLESHOOTING from the CC-NOC to the device and that TCP and UDP are working. If you have already performed the troubleshooting steps for Pollers and Capability Scanning on the node in question, you have adequately tested this. If you are having trouble with vulnerability scanning, try the troubleshooting steps below: 1.

  • Page 130: How Do I Interpret The Snmp Graphs/Reports

    Our documentation is available from the CC-NOC, under the Help tab, and is also available on http://www.raritan.com/support. How do I get Help? • See the Raritan web site for more information • If you are an end-user, please contact your reseller. COMMANDCENTER NOC ADMINISTRATOR GUIDE...
  • Page 131 APPENDIX B TROUBLESHOOTING • If you are a reseller seeking technical resources, please send an email to tech@raritan.com. • For technical support, call the number as stated in the front of this document. Note that Technical Support is intended to provide resellers and customers with technical assistance if necessary.
  • Page 132 COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 133: Appendix C: Performance Monitoring

    APPENDIX C PERFORMANCE MONITORING Appendix C: Performance Monitoring Overview The CC-NOC is designed to provide you with the information necessary to support critical decisions in your environment. Depending on your role, the nature of those decisions may be different, from a help desk technician analyzing memory usage on a CC-NOC to determine if upgrades are appropriate, to a network designer using router buffer failures in support of better sizing decisions in equipment acquisition.
  • Page 134 Any device supporting MIB2 (RF 1213) Linux or Unix variants running Net-SNMP Microsoft Windows Novell NetWare COMMANDCENTER NOC ADMINISTRATOR GUIDE Metric(s) Relevance In/Out Octets Provides basic information on the network traffic that In/Out Discards an interface has In/Out Errors transmitted/received.
  • Page 135 APPENDIX C PERFORMANCE MONITORING Checkpoint Firewall products Lotus (IBM) Domino/Notes Servers Compaq Insight Agent State information This information is critical for the firewall stored Process Contexts administrator making Allocated storage sizing or upgrade CPU Utilization decisions on firewalls. A Packets accepted device that must maintain Packets rejected both high network speed...

  • Page 136: Snmp Data Collection Enhancements

    Memory Available bytes Percent Free Physical Memory Percent Free Logical Memory Total Physical Memory Physical Memory In Percent Physical COMMANDCENTER NOC ADMINISTRATOR GUIDE CPU Utilization Provides insight as to router Free Memory performance, Buffer failures especially as Buffer memory augmented by MIB2 data.

  • Page 137: Leveraging Performance Data In Network Management

    APPENDIX C PERFORMANCE MONITORING Memory In Use Free Physical Memory Total Logical Memory Logical Memory In Use Percent Logical Memory In Use Free Logical Memory Memory Pages per Second Processor (CPU) Total Processor Time Processor Queue Length Interrupts per Second Network Network Utilization Bytes Sent per Second...

  • Page 138: Thresholding

    COMMANDCENTER NOC ADMINISTRATOR GUIDE on demand. The remaining item is determining when performance metrics have reached a point at which they should be acted upon. And with the CC-NOC’s capability of managing performance thresholds, that’s easy too! Thresholding An exciting new feature significantly improved with the CC-NOC is threshold alerts. This allows the CC-NOC to notify you of potential problems pro-actively, before they occur, based on performance metrics gathered by the CC-NOC through SNMP and WMI.

  • Page 139: Snmp Performance Metric Thresholds

    APPENDIX C PERFORMANCE MONITORING Example Here’s an example. There is a high threshold set with a value of 70, a trigger of 3, and a rearm of 55. A new value is generated every minute. The first reported value is 65, which is less than our high threshold of 70, so no action is taken.

  • Page 140: Windows Performance Metric Thresholds

    COMMANDCENTER NOC ADMINISTRATOR GUIDE Windows Performance Metric Thresholds The following values apply to data reported by Windows boxes. Note that there are separate events for Workstations and Servers – this is due to what data points Microsoft reveals. The event associated with a reported value violating a threshold is “High Threshold Exceeded”...

  • Page 141: Appendix D: Setting Up Wmi On Target Machines

    APPENDIX D SETTING UP WMI ON TARGET MACHINES Appendix D: Setting up WMI on Target Machines Configuring a Windows 98/ME box for Remote WMI Management The ability of the CC-NOC to manage Windows 98 and Windows ME systems is limited by the design of the Windows platform.

  • Page 142: Configuring A Windows Proxy Details

    COM server and making it available to the network. To do this, a system must be prepared. The preparations are relatively simple and only involve modifications to the system registry for either a Windows 2k Pro or XP Pro system. COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 143: Registry Changes [Configuration]

    APPENDIX D SETTING UP WMI ON TARGET MACHINES Note: Using Windows 98/ME, XP Home, or any NT 4.0 system is not recommended or supported as a proxy system. Additionally, although Servers are supported, it is not advisable to utilize them as your proxy due to error logging issues.
  • Page 144 COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 145: Appendix E: Managing And Responding To Intrusion Detection Events

    APPENDIX E MANAGING AND RESPONDING TO INTRUSION DETECTION EVENTS Appendix Managing Responding Intrusion Detection Events This appendix is intended to provide a little insight as to how Raritan goes about assessing the traffic that the CC-NOC sees, determining what constitutes an event, and in turn, what that event should mean to you.

  • Page 146: Responding To Events And Notifications

    CC-NOC: • Does this event mean that traffic is coming through my firewall that shouldn’t be? Can I further refine my firewall configuration to disallow this type of traffic? What about traffic to/from this source/destination address? COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 147: What If I Have Been Hacked

    APPENDIX E MANAGING AND RESPONDING TO INTRUSION DETECTION EVENTS • Are all of your systems at the most recent revision of operating system and patch • level? Patches and hot-fixes are extremely important for Microsoft platforms. • Have my network platforms been upgraded to avoid unnecessary risks? SNMP, if •...
  • Page 148 COMMANDCENTER NOC ADMINISTRATOR GUIDE...

  • Page 149: Appendix F: Notification Parameters

    APPENDIX F NOTIFICATION PARAMETERS Appendix F: Notification Parameters Notification Parameter Substitution The notification subsystem is very robust and flexible, allowing the appropriate notification of the appropriate personnel at the appropriate time. One feature you have control over is the content of the notification message. You can include any text, and use parameter substitution to fill in values the CC-NOC knows.

  • Page 150: Assets

    %asset[building]% %asset[circuitId]% %asset[city]% %asset[comment]% %asset[dateInstalled]% %asset[department]% %asset[description]% %asset[division]% %asset[floor]% %asset[lease]% %asset[leaseExpires]% %asset[maintContract]% %asset[maintContractExpires]% %asset[supportPhone]% %asset[manufacturer]% %as set [modelNumber] % COMMANDCENTER NOC ADMINISTRATOR GUIDE %asset[operatingSystem]% %asset[port]% %asset[rack]% %asset[region]% %asset[room]% %asset[serialNumber]% %asset[slot]% %asset[state]% %asset[userLastModified]% %asset[vendor]% %asset[vendorAssetNumber]% %asset[vendorFax]% %asset[vendorPhone]% %asset[zip]% %asset[user_defined_1 ]% %asset[user_defined_2]%...

  • Page 151: Appendix G: Network Traffic Overhead: Network Management's Necessary Evil

    APPENDIX G NETWORK TRAFFIC OVERHEAD NETWORK MANAGEMENT Appendix G: Network Traffic Overhead: Network Management’s Necessary Evil On five-minute intervals, the CC-NOC polls services on managed nodes using Raritan's 'synthetic transactions'. These transactions serve to better test the service's availability, as they actually exercise the service, as opposed to simply “pinging”...

  • Page 152: Http Synthetic Transaction

    Because the type of data and number of data points collected varies by host type, the following describes a "typical" host, specifically, a Linux host from which we collect ten metrics for the COMMANDCENTER NOC ADMINISTRATOR GUIDE 74 bytes (592 bits)
  • Page 153 APPENDIX G NETWORK TRAFFIC OVERHEAD NETWORK MANAGEMENT host, and an additional five metrics per managed interface. The host used in this example has two interfaces, so the results reflect metrics for a second interface as well as the de facto first interface. The traffic generated by the data collection process, in this case: SNMPv2c GETBULK Requests:...

  • Page 154: Additional Notes

    COMMANDCENTER NOC ADMINISTRATOR GUIDE In addition to polling overhead, our services scan will run less than once a day and generate traffic roughly equivalent to a single polling interval. If vulnerability scanning is enabled, the CC-NOC will also generate the traffic associated with completing those tests. Benchmarks as to those tests are not currently available.
  • Page 155 ’ APPENDIX G NETWORK TRAFFIC OVERHEAD NETWORK MANAGEMENT S NECESSARY EVIL 255-80-5301-00...
  • Page 156 1-26-2 Shinkawa, Chuo-ku Tokyo, Japan 104-0033 Tel. (81) 03-3523-5991 Fax (81) 03-3523-5992 Email: sales@raritan.co.jp http://www.raritan.co.jp Raritan Computer Japan Osaka Office Honmachi Phoenix Bldg 8F 1-15-8 Nishihonmachi Nishi-ku Osaka, Japan 550-0005 Tel. (81) (6) 4391-7752 Fax (81) (6) 4391-7761 Email: sales@raritan.co.jp http://www.raritan.co.jp...

This manual is also suitable for:

Commandcenter noc 100Commandcenter noc 250Commandcenter noc 2500nCommandcenter noc 2500s

Table of Contents