Operations Management and Open Source Tools

(1)

Jeremiah Jackson -

[email protected]

Gonzalo Guzman –

[email protected]

Operations Management

and Open Source Tools

(2)

FCAPS

WHAT IS FCAPS?

n  Framework for managing telecommunication and network resources. n  Developed by the ISO when similar management needs were noticed

between the OSI and SMO models.

FCAPS is:

Fault Detection Configuration Accounting Performance Security 2

(3)

FCAPS – Fault Management

Goal of Fault Management:

Recognize, isolate, correct and log faults that occur.

Components:

n  Fault Detection: Ability to recognize a error when it occurs

n  Notification: Ability to notify when fault occurs.

n  Trending: Setting up a series of baselines of normal operation.

n  Logging: Keep track of faults for future review

n  Response: Either human or automated

(4)

FCAPS – Fault Management

Solutions:

n  Nagios - http://www.nagios.org/ n  OpenNMS - http://www.opennms.org/ n  NMIS - http://www.sins.com.au/nmis/ n  WhatsUpGold - http://www.whatsupgold.com/

n  Vendor Specific Switch Programs: HP Procurve Manager

CiscoWorks, etc.

n  NetCrunch - http://www.adremsoft.com/netcrunch/

n  HP OpenView / EMC Smarts / IBM Tivoli 4

(5)

FCAPS – Fault Management

Nagios

-

www.nagios.org

Pros:

•  Open Source

•  Polls actual services for response. (HTTP, SMTP, etc)

•  Flexible Addons for specialized testing

•  Good Trending data and Uptime Statistics Cons:

•  Configuration is done via text files.

•  Linux only

(6)

FCAPS – Configuration Management

Goal of Configuration Management:

Establish and maintain consistency of performance by controlling changes, and documenting configurations throughout the life

cycle of an information system.

Components:

n  Gather: Collect configurations on a scheduled basis.

n  Store: Store those configurations for backup purposes

n  Track: Monitor and report changes to configurations.

n  Automate: Ability to make mass changes with limited user input.

(7)

FCAPS – Configuration Management

Solutions:

n  Rancid - http://www.shrubbery.net/rancid/

“_R_eally_A_wesome_N_ew_C_{isco conf}

I

_g_D_iffer”

Utilizes CVS to maintain a database of configuration changes. Configurations can be generated for any date in time since the device was first added to Rancid. Linux based command-line only product.

n  NetCanner - http://bangj.com

n  Vendor Specific Switch Programs: HP Procurve Manager

CiscoWorks, etc.

(8)

FCAPS – Configuration Management

NetCannery

Pros:

•  Graphical Front End

•  Troubleshooting tools such as: IP address analyzer

Finds devices with unsaved changes

•  Ability to create custom reports

Cons:

•  Graphical Front End requires MacOS

•  Sometimes has difficulty logging into older devices.

•  Retail Product, fee based 8

(9)

FCAPS – Accounting

What is the goal of Accounting management?

To gather usage statistics for users and use those statistics, to bill users and enforce usage quotas.

For non-billed networks, "administration" replaces "accounting". To administer a set of resources in such a way as to provide

availability and accessibility to authorized users.

(10)

FCAPS – Accounting

Components:

n  Managing Accounts, passwords and permissions.

n  Auditing system logs.

n  Performing backups of critical data.

(11)

FCAPS – Accounting

Managing Accounts, passwords and permissions.

n  LDAP

•  Microsoft Active Directory

•  Novell eDirectory •  OpenLDAP n  TACACS •  CiscoACS n  RADIUS •  Steelbelted Radius •  FreeRadius n  Diameter 11 8/27/12

(12)

FCAPS – Accounting

Password Guidelines n  length should be a minimum of 7 characters

n  should contain a mix of lower-case, upper-case, numeric and punctuation

n  names, birthdays, holidays should be prohibited

n  words from any language should be prohibited

n  expire every 30-90 days

n  Remembered the last 6 passwords

n  lock out accounts after 3-5 failed attempts

(13)

FCAPS – Accounting

Password Guidelines

n  Educate your users on using Mnemonic to remember complex passwords

n  3vi1hax0r

n  2$3cur34u

n  ow&uP@k12

(14)

FCAPS – Accounting

Auditing system logs

Basic Auditing in Windows

n  Enable auditing in Local Security Settings >Audit Policy or use a Group policy

n  Failed logon attempts can be found in the “_{Security log}”

Basic Auditing in *nix

n  Is enabled by default

n  Look for failed logon attempts

(15)

FCAPS – Accounting

Performing backups of critical data n  Microsoft System Center Data Protection Manager n  Symantec Backup Exec and Veritas Netbackup n  Windows backup and restore

n  Amanda (www.Zamanda.com)

(16)

FCAPS – Accounting

Windows backup and restore

Pros:

•  Free

•  Easy to use

•  Bare metal restore capable (ASR)

Cons:

•  Windows only

•  Reliance on legacy technology

(17)

FCAPS – Accounting

Amanda

Pros:

•  Freeware

•  Clients for most OS

•  Easy to setup

Cons:

•  Server is Linux only

•  CLI intensive

(18)

FCAPS – Performance Management

Goal of Performance Management:

Prepare the network for the future by monitoring current network trends, utilization, error rates, and response times.

Components:

n  Data Collection – Store performance information for retrieval.

n  Visualization – Turn data into images for quick comprehension.

n  Trend Analysis – Monitor data over time to recognize patterns.

n  Summarization – Consolidate data in larger time blocks.

(19)

FCAPS – Performance Management

Types of Performance Measurement:

n  Performance Measurement – Cacti, PRTG, MRTG, Smokeping,

n  Forensics Analysis – Wireshark, NTOP, Netstumbler, TCPDump n  Load Generation – Iperf, D-ITG, Internet 2 NDT

(20)

FCAPS – Performance Management

Cacti - http://www.cacti.net/ n  Open Source Visualization Tool

n  Monitors all types of statistics from SNMP or custom scripts.

n  Web Based administration / viewing

n  Module support for scripts to handle additional types of monitoring.

n  Based on RRDTool.

n  Automatically summarizes data as time goes on.

(21)

FCAPS – Performance Management

WireShark - http://www.wireshark.org/

n  Forensic Analysis of data on a network.

n  Determine network issues like retransmissions.

n  Statistics feature can playback IM sessions, and VoIP calls.

n  Open Source

(22)

FCAPS – Security

What is the goal of Security management?

n  The process of controlling access to assets in the network

(23)

FCAPS – Security

Components:

n  Policies and Procedures

n  Physical security

n  Firewalls

n  Anti-virus, Trojan and Malware protection

(24)

FCAPS – Security

Policies and Procedures:

n  "Acceptable Use Policy" and "Network Connection Policy.“ n  Procedure for requesting security changes.

n  These documents should be very straightforward, easy to understand.

(25)

FCAPS – Security

Physical Security:

n  Servers should be kept in temperature and humidity controlled, locked rooms with keyboards and monitors hidden from plain sight if possible.

n  Access to these rooms should be limited to key personnel.

n  Don't forget a good chemical fire extinguisher.

(26)

FCAPS – Security

Firewalls: n  Host firewalls •  Windows firewall •  Iptables n  Network firewall •  Cisco ASA/Pix •  Fortigate •  Sonicwall •  Juniper Netscreen •  Iptables 26 8/27/12

(27)

FCAPS – Security

Anti-virus, Trojan and Malware Protection/Removal:

n  Trendmicro AV (www.antivirus.com) n  Symantec AV (www.symantec.com) n  ClamAV (www.clamav.net)

n  Malwarebytes (http://www.malwarebytes.org)

n  Spybot- S&D (http://www.safer-networking.org/en)

n  HijackThis (http://www.download.com/Trend-Micro-HijackThis/ 3000-8022_4-10227353.html)