Beruflich Dokumente
Kultur Dokumente
User Manual
7.0.2
Headquarters, France
Ipanema Technologies, 28 rue de la Redoute, 92260 Fontenay-aux-Roses
email: info@ipanematech.com
tel: +33 1 55 52 15 00
Technical support
email: support@ipanematech.com
tel: +33 1 55 52 15 22
Belgium
Ipanema Technologies, Av. du Bourg. Etienne Demunter, 3 1090 Bruxelles
tel: +32 498 17 95 09
Germany
Ipanema Technologies GmbH, Gustav-Stresemann-Ring 1, 65189 Wiesbaden
tel: +49 611 97774 285
Italy
Ipanema Technologies, Via Senigallia 18/2, 20161 Milano
tel: +39 02 64672319
Singapore
Ipanema Technologies, Suntec, Centennial Tower, 3 Temasek Avenue, Singapore 039190
tel: +65 65497181
Spain
Ipanema Technologies, Plaza Pablo Ruiz Picasso 1, Torre Picasso, 28020 Madrid
tel: +34 670 450 205
Switzerland
Ipanema Technologies, Zollikerstrasse 153, CH-8008 Zurich
tel: +41 (0)43 488 45 06
The Netherlands
Ipanema Technologies, Vaartserijnstraat 16, 3523 Utrecht
tel: +31 30 890 6570
UK
Ipanema Technologies Ltd, Abbey House, Wellington Way, Weybridge, Surrey, KT13 0TT
tel: +44 1932 268 380
USA
Ipanema Technologies Corp., 200 Fifth Avenue, Waltham, MA 02451
tel: +1 781 890 8008
Technical support
email: support@ipanematech.com
tel: +1 617 862 0033
toll free number: 888 485 4884
Contents
CONTENTS
INTRODUCTION ......................................................................... ..........
1. REVISIONS ......................................................................... ..........
2. LIST OF ASSOCIATED DOCUMENTS ............................... ..........
3. DOCUMENT ORGANIZATION ........................................... ..........
4. TERMS USED ..................................................................... ..........
1
1
3
3
4
1-1
1-1
1-1
1-4
1-6
1-6
1-8
1-9
1-11
1-12
1-12
1-13
1-13
1-14
1-14
1-15
1-23
2-1
2-1
2-5
2-6
2-6
2-6
2-6
2-7
2-7
2-7
2-7
3-1
3-1
3-2
3-2
3-3
3-7
3-8
3-8
3-10
3-11
3-11
3-13
3-19
3-21
3-22
3-24
3-26
3-27
March 2012
Ipanema Technologies
Contents
3-29
3-29
3-33
3-34
3-34
3-37
3-38
4-1
4-1
4-2
4-2
4-4
4-5
4-10
4-11
4-11
4-12
4-13
4-14
4-15
4-15
4-15
4-16
4-17
4-18
4-23
4-27
4-28
4-38
4-38
4-38
4-38
4-39
4-40
4-40
4-41
4-44
4-44
4-48
4-53
4-61
4-63
4-65
4-66
4-68
4-68
4-69
4-70
4-82
4-84
4-92
4-94
4-96
4-96
4-105
4-105
4-111
4-111
4-116
4-116
March 2012
Ipanema Technologies
ii
Ipanema System
iii
4-117
4-118
5-1
5-1
5-3
5-4
5-4
5-9
5-11
5-12
5-12
5-13
5-15
5-19
6-1
6-1
6-1
6-2
6-3
6-4
6-6
6-6
6-7
6-7
6-10
6-13
6-15
6-17
6-19
6-20
6-21
6-21
6-24
6-31
6-37
6-40
7-1
7-1
7-3
7-3
7-5
7-7
7-8
7-8
7-11
7-12
8-1
8-1
8-1
8-1
8-2
8-2
8-4
8-6
8-8
8-18
Ipanema Technologies
March 2012
Contents
March 2012
Ipanema Technologies
8-26
8-26
8-27
8-29
8-34
8-35
8-37
8-44
8-44
8-46
8-48
8-50
8-52
8-56
8-59
8-59
8-61
8-63
8-65
8-67
8-69
8-71
8-73
8-73
8-75
8-77
8-79
8-81
8-83
8-85
8-85
8-87
8-89
8-91
8-93
8-95
8-98
8-100
8-102
8-104
8-104
8-106
8-109
8-112
8-112
8-114
8-114
8-116
8-117
8-119
8-121
8-121
8-123
8-125
8-127
8-127
8-130
8-132
8-132
8-134
8-136
iv
Ipanema System
8-136
8-137
8-137
8-138
9-1
9-1
9-1
9-1
9-2
9-2
9-2
9-3
10-1
10-1
Ipanema Technologies
March 2012
INTRODUCTION
1. REVISIONS
Date of issue
Index
Chapter/
section
concerned
Subject
January 2001
All
Original
April 2001
All
September 2001
All
January 2002
All
March 2002
All
August 2002
All
October 2002
All
January 2003
Chapters 2,
3, 4 and 8
February 2003
Chapter 2
ip|reporter settings
April 2003
Chapter 2
About window
October 2003
All
July 2004
All
April 2005
All
November 2005
All
November 2005
Chapter 2
April 2006
All
August 2006
All
October 2006
Chapter 2
November 2006
Chapter 3
Alarming function
February 2007
All
November 2007
All
January 2008
Chapters 2
and 7
April 2008
All
July 2008
Chapters 2
and 3
March 2012
Ipanema Technologies
Ipanema System
October 2008
All
December 2008
All
January 2009
AA
Chapter 2
March 2009
AB
All
May 2009
AC
All
June 2009
AD
Chapters 2, 9
November 2009
AE
Chapters 2,
4, 7
November 2009
AF
Chapters 2,
4, 6, 7
March 2010
AG
All
May 2010
AH
Chapter 1
August 2010
AI
Chapters 1,
2, 4, 5 and 8
December 2010
AJ
Chapter 8
August 2011
AK
All
Chapter 2
November 2011
AL
All
Ipanema Technologies
March 2012
December 2011
AM
All
March 2012
AN
All
For each range of ip|engine (10, 100 and 1000), there are two user manuals:
3. DOCUMENT ORGANIZATION
This document contains 10 chapters:
March 2012
Ipanema Technologies
Ipanema System
4. TERMS USED
AG:
Aggregated flow:
Applications Dictionary:
AQS:
ASL:
BDP:
Byte counting:
Congestion:
CoS:
Class of Service.
CPE:
Delay variation:
DSCP:
DstPort:
Destination Port.
Datagram:
D/J/L:
Delay/Jitter/Loss.
Domain:
Elementary observation:
Fragmentation:
GPS:
Goodput:
GUI:
HSRP:
Ipanema Technologies
March 2012
ICMP:
IMA:
IP:
Internet Protocol.
IP micro-flow:
IPDR:
IP Data Records.
ITP:
Jitter:
LAN:
LAN to LAN:
used for the measurement from the LAN port of the source
ip|engine to the LAN port of the destination ip|engine.
LTL:
Measure interface:
Measure ticket:
MOS:
MRE:
NAP:
OWD:
Packets:
Packet counting:
Packet loss:
PBR:
Physical site:
Point of measure:
QoS:
Quality of Service.
Quality Index:
Router:
Routing:
RTT:
SALSA:
March 2012
Ipanema Technologies
Ipanema System
SLA:
SNMP:
SrcPort:
Source port.
SRE:
SRT:
TCP:
Ticket Record:
TOS:
Type Of Service.
TOS Dictionary:
Traffic profile:
Transfer delay:
Throughput:
UDP:
UC:
Virtual ip|engine:
Virtual site:
VoIP:
VPN:
VRF:
WAN:
WAN to WAN:
used for the measurement from the WAN port of the source
ip|engine to the WAN port of the destination ip|engine.
WFQ:
ZRE:
Ipanema Technologies
March 2012
1. 1. OVERVIEW
1. 1. 1. General
The Ipanema System enables IP networks Quality of Service (QoS) to be measured and
guaranteed. It measures data transfer characteristics between access points and, in particular,
real-time performance (throughput, transfer delay, delay variation (jitter), loss rate, round trip
time, server response time and TCP retransmission ratio) of this transfer. Improving the QoS
is a question of finding the best match between user needs and network performance and
optimizing allocation of available bandwidth at network level. To be suitable for configuring and
monitoring SLAs, measures are made at IP level (level 3) allowing a clear breakdown between
the network and the information system. Redundancy elimination allows to compress the data,
and acceleration allows to accelerate the traffic, in some cases.
QoS measurement and Qos & control features:
Users specify high-level business objectives through Application Groups. Customer traffic is
classified using a mix of the users applications and organization data. Application Groups
attributes include:
business criticality,
QoS performance objectives (nominal bandwidth per application session, delay, jitter, packets
loss, RTT, SRT and TCP retransmission ratio),
redundancy elimination capability,
acceleration capability.
The users objectives are the only input to the system. There is no need to set low-level, network
and device specific policy rules.
The individual measures are grouped and analyzed according to multiple criteria (IP address,
subnet address, application, Application Group, etc.).
The results are presented in the form of real-time graphs and archived with periodic aggregation
(hourly, daily, weekly, monthly). They are made available for subsequent processing or reference.
Specific QoS measure service features (ip|true):
multiple QoS measures: measures include number of packets and bytes transmitted and
received, number of sessions, transfer delay, jitter, loss, RTT, SRT and TCP retransmission
ratio,
highly-accurate: from 100 s to 1 ms according to the type of ip|engine used. This relies on
synchronization from the network (NTP) or GPS system,
precise: measures are made on the actual data packets and not on test packets,
exhaustive: all packets are measured,
independent: measures are made at the IP level, independently of operator network access
and core technology,
confidential: the contents of user packets are not, at any time, stored, saved or even transmitted
between the different system components,
complete: packets are measured LAN to LAN and WAN to WAN.
March 2012
Ipanema Technologies
1-1
Ipanema System
dynamic control, based on real-time measure of application demand and network capacity,
global bandwidth control, based on real-time detection of WAN access and End to End (ingress
and egress) congestion,
adaptive Policies management according to the QoS objectives and criticality of each
application,
IP packet marking (coloring) according to operator CoS, taking into account the QoS and
criticality objective of each application.
the ip|engine also handles the dynamic traffic conditioning according to adaptive policies. The
CPE only performs IP routing functions for network access.
dynamic selection of traffic path, according to Application Group and WAN access configuration,
the ip|engine handles the dynamic traffic conditioning according to the destination of the flows.
ip|reporter:
This service provided by an optional module of ip|boss produces full technical metric reports and
Application Group high level reports.
An InfoVista run time licence is embedded in the ip|reporter module; this run time provides all user
functions in local, remote or client/server mode or with an HTML interface with VistaPortalSE.
All tasks about creation, deletion of reports are automatically made by ip|boss. The configuration
and use are very easy.
ip|export:
This service, provided by an optional module of ip|reporter, allows the user to automatically and
dynamically export any data from the reports in text, CSV or Excel formats.
ip|export is designed for seamless inter operability between network measurement systems and
Business Support Services systems.
smart|plan:
This service, provided by an optional module of ip|reporter, provides easy-to-use data for Capacity
Planning optimization. Using information gathered from Ipanemas ip|engines performance
measurement and QoS & control functions, then aggregated by the ip|boss central management
software, smart|plan generates very high added value data enabling a complete analysis for
each network access of the relationship between bandwidth (resource) and delivered service
level (results). Using this automatically generated data, it is immediately possible to identify if
the access link is under-provisioned or over-provisioned in regard of the expected service level
1-2
Ipanema Technologies
March 2012
Ipanema System
per applications business criticality. The data generated by the smart|plan module are available
throughout all the Ipanema System components. ip|boss makes them available through the
SNMP interface, ip|reporter uses them to generate the appropriate easy to use reports and
ip|export exports them in text or Excel format for post-processing.
Security:
Ipanema System provides robust security features to protect the system against break-in and
hostility threats. Authentication mechanisms to access to system elements and between system
elements are used to protect the system against unauthorized access. Communication encryption
between system elements protects the system against sniffing of configuration information or
measure results exchanged between system elements.
March 2012
Ipanema Technologies
1-3
Ipanema System
1. 1. 2. System description
The system consists of the following elements:
ip|engines: these units measure users traffic in real time and dynamically adapt the QoS
management rules. ip|engines are non-intrusive and are generally located at the interface
between the enterprise network (LAN) and the access router to the operator network (WAN).
They have high-quality synchronization thanks to a time server (e.g. NTP) or thanks to an
external GPS receiver. The ip|engine runs ip|agent software, the modules of which are:
SALSA (Scalable Application Level Service Architecture): this is the Central Management
Software; it is composed of:
ip|uniboss software: it ensures the creation and management of the Domains, Unified
User Management and Licenses management.
ip|boss software: it ensures different functions: system administration, system
configuration (system provisioning, application provisioning and reports), service
activation, real time helpdesk, supervision, collect of the Correlation Records on the
ip|engines every minute (according to the parameters) to analyse and display the
measured traffic in real time, interface with ip|reporter.
ip|reporter software: it ensures the reporting function coming from ip|boss system.
ip|reporter is powered by InfoVista and can be provided with two different
InfoVista VistaFoundation platforms: VF0 (provided to most Ipanema
customers) and VF4 (provided for MSPs/NSPs or customers with very large
networks only). Only VF0 platform is described in this document. For VF4
information, please refer to the relevant Technical notes.
1-4
Ipanema Technologies
March 2012
Ipanema System
System architecture
March 2012
Ipanema Technologies
1-5
Ipanema System
1. 2. GENERAL PRINCIPLES
1. 2. 1. System deployment
ip|engines are positioned at the measurement or control points. They are connected to the same
LAN as the access CPE.
A Domain is made up of a set of ip|engines that measure (ip|true), control (ip|fast, plus possibly
ip|coop), compress (ip|xcomp) and accelerate (ip|xtcp and ip|xapp) the network traffic and the
ip|boss software (the central software program), for configuration and exploitation of the Ipanema
System.
One Domain will be created by logical entity, using ip|uniboss software. ip|engines belonging
to the same Domain work together (measurement, QoS & control , redundancy elimination and
acceleration), without interacting with other ip|engines belonging to other Domains. Each Domain
is managed by a dedicated ip|boss instance.
To measure, control or accelerate flows on a site with no ip|engine, the user can configure (IP
address and alias) a tele|engine in the configuration file, in the same way as for a real ip|engine.
To make it possible, physically existing ip|engines must be installed at the other ends of all flows
to be measured, controlled and accelerated. Unlike a physically existing ip|engine, a tele|engine
does not measure one-way-delays, jitter and loss rates, and does not compress or decompress
traffic. Other measurements on a site with a tele|engine are carried out by the remote ip|engines.
1-6
Ipanema Technologies
March 2012
Ipanema System
Each ip|engine recognizes the local network (LAN) traffic transmitted to and received from the
long-distance network (WAN).
The local networks have an IP address range expressed in the form a.b.c.d and a prefix, the length
of which is expressed by /p.
For correct system operation:
March 2012
Ipanema Technologies
1-7
Ipanema System
1. 2. 2. Time synchronization
ip|engines synchronization on the Domain is used for Delay/Jitter/Loss measurement (and
measurement only: control, redundancy elimination, etc., do not require synchronization).
There are two synchronization levels:
Time servers
can be either ip|engines (with or without GPS), ip|boss or External NTP servers,
must be delivering a consistent time between each other,
if an ip|engine is a Time Server, it will use its local ITP configuration (GPS, local or an
external source).
Synchronization servers
must be Domain ip|engines,
will not use their local reference (even if a GPS receiver is connected),
share their clocks with their peers (all other synchronization servers).
This feature allows GPS-less Domains, out of Domain synchronization and short term no time
function (a Domain can be disconnected from its time servers, thus making higher resiliency).
1-8
Ipanema Technologies
March 2012
Ipanema System
March 2012
Ipanema Technologies
1-9
Ipanema System
1-10
Ipanema Technologies
March 2012
Ipanema System
configuration and supervision channel: ip|boss supervises and configures the reporting
system via the InfoVista interfaces. The used TCP ports are dynamic by default, but they can
be fixed by configuration. These channels allow the reports creation and deletion according to
the configuration and the status supervision of ip|reporter.
collect channel (SNMP): ip|boss software contains an SNMP agent used by ip|reporter
(InfoVista) in order to collect the measurement data (pull mode). This SNMP agent is reachable
via the UDP port configured for each Domain in ip|uniboss.
March 2012
Ipanema Technologies
1-11
Ipanema System
As the period of stability is short, policy settings need to change dynamically according to network
performance and users traffic variations.
1-12
automatically creates tunnels, when needed, from the compressing sites to the decompressing
sites (described in ip|boss),
compresses the packets according to the owning Application Group (as defined in ip|boss),
the tunnels still depend on the QoS & control feature.
Ipanema Technologies
March 2012
Ipanema System
The key idea is, for each connection, to proactively enslave the TCP source rate to the ip|fast
computed rate for this connection.
After the TCP connection to the Server (ports 445 and 139 are used), the NetBIOS Session
service is established (negotiation of a CIFS dialect, Username/Password, connection to the
resource - shared directory for instance).
File accesses are done within this NetBIOS session (open, read, write...; only ONE connection
from a Client to a Server for ALL file accesses).
All of this is using SMB messages within NetBIOS datagrams.
There is one SMB Response for each SMB Request (the next request is sent when the previous
response is received).
Deployment cases
CIFS Acceleration is a Client-side technology. So the typical deployment case uses ip|engines
installed near the CIFS clients, therefore mainly in branch offices.
CIFS acceleration and Redundancy elimination
ip|xapp and ip|xcomp are compatible. It is possible to compress accelerated CIFS traffic, both
with ZRE and SRE, in one, the other or both directions:
This depends on the Application Group CIFS is matching, and on the local and remote ip|engine
compression/decompression capacities.
March 2012
Ipanema Technologies
1-13
Ipanema System
network capacity,
network availability,
network performance.
The smart planning leverages QoS & control features. To enable it:
Thanks to the smart planning feature, the Ipanema system allows the best usage of the network
capacity according to the performance objectives, by enabling the user to select a cost /
performance compromise based on application service levels.
1-14
Ipanema Technologies
March 2012
Ipanema System
Functional architecture
1. 2. 11. 1. Monitoring
For the monitoring, the operations are performed by the:
ip|engine:
elementary observations,
correlation,
flow management.
ip|boss:
ip|engines configuration,
ip|engines alarm management,
monitoring,
analysis,
SNMP MIB update.
ip|uniboss:
Domains creation.
ip|reporter:
collection of SNMP data from ip|boss,
March 2012
Ipanema Technologies
1-15
Ipanema System
1-16
Ipanema Technologies
March 2012
Ipanema System
ip|engine:
elementary observations,
correlation,
classification.
ip|boss:
ip|engines configuration,
ip|engines alarm management,
monitoring,
SNMP traps.
Measurement
Each IP packet observed by the ip|engines on their measure interface undergoes a series of
processing operations:
filtering of IP v4 packets,
classification and filtering of packets according to their type:
identification of the ip|engine associated with each packet. This ip|engine will subsequently
be responsible for correlating the different observations made on this packet - in practice this is
the "upstream" ip|engine (upstream with reference to the observed flow),
output of a measure ticket.
Tickets are grouped according to the corresponding ip|engine in compact Ticket Records. These
records are periodically sent to the ip|engine or stored locally if the ip|engine is itself associated
with the flow.
March 2012
Ipanema Technologies
1-17
Ipanema System
Measure traffic
The ip|engines send measure tickets to the correlator via the network.
The measure load generated by each ip|engine is approximately 2% of measured traffic for
datagrams with an average length of 300 bytes.
Datagram fragmentation
Transmitting large packets on the network can degrade the quality of service for applications,
particularly if access speed is low. IP protocol allows datagrams to be fragmented into several
packets (fragments). Fragmentation can be performed at different points, but is generally
performed:
Fragments are not reassembled on the network or in the router, but by the end station.
To keep measures consistent without making assumptions on whether and where fragmentation
occurred (before or after the first ip|engine), the system performs measures on the datagrams.
This choice enables the classification mechanisms to operate correctly, even though port numbers
of the TCP/UDP protocol are present only in the first fragment of a datagram.
This choice is also consistent with applications behavior. In all cases, the datagram user application
must wait for the datagram to be reassembled before being able to use the data it contains. It is
therefore reception of the last fragment that is important.
A datagram is considered to be lost as soon as one or more of its fragments is lost. In this case,
the datagram is not delivered to the transport layer by the destination terminal.
1. 2. 11. 2. 2. Correlation
The correlation function, shared by all ip|engines, produces Correlation Records that contain
measures grouped by aggregated flows (classification level is determined by configuration).
Correlation Records are generated at regular intervals and collected by ip|boss Collector.
1. 2. 11. 2. 3. Classification
The software enables flow measures to be classified according to the following criteria:
address: subnet address ranges at flow source and destination according to the User subnets
directory,
application: according to the Level 7 Application dictionary, allowing in most cases the user
application to be identified,
TOS: the "TOS" field of the IP header identifying the Type of Service according to the TOS
dictionary.
1. 2. 11. 2. 4. Monitoring
The monitoring function enables the operator to get a real-time view of the performance and activity
of the observed traffic in the form of graphs.
1. 2. 11. 2. 6. Analysis
Measures can undergo deferred analysis. Measures can be viewed in graph form.
1-18
Ipanema Technologies
March 2012
Ipanema System
to manage offer: for a given current network performance, an ip|engine will adapt
characteristics to achieve the best trade-off between QoS and goodput,
to manage demand: for a given current LAN to WAN traffic, LAN-to-LAN QoS and bandwidth
availability, an ip|engine will adapt the user traffic policy to share network capabilities among
the flows.
each ingress ip|engine periodically advises each egress ip|engine of data it estimates it will
have to send them - quantity (min, max), time and loss constraints and criticality,
each egress ip|engine computes a fair-sharing scheme of its egress bandwidth, taking into
account the above parameters. It sends information to all active ingress ip|engines on the
amount of data they are allowed to send.
One can see that this mechanism is quite similar to a reservation scheme with the following main
differences:
bandwidth allocation is performed starting from a statistic view of the end-to-end traffic. This
facilitates statistic multiplexing among flows and limits the computing load (it is no longer related
to the number of flows),
network elements between ip|engines are not involved in the allocation mechanisms.
Bs egress capabilities,
A, C and Ds currently estimated traffic demand (quantity, time and loss sensitivity, criticality).
March 2012
Ipanema Technologies
1-19
Ipanema System
As ingress capabilities,
As traffic demand to destinations B, C and D (quantity, time and loss sensitivity, criticality),
B, C and Ds currently estimated egress traffic authorization (see N-to-one control).
1-20
Ipanema Technologies
March 2012
Ipanema System
The features enhance the relevance of the goodput through provisioning of arbitration rules.
The total amount of information effectively transferred is equivalent, but the relative amount per
Application Group is managed.
Criticality management
Criticality management enables selection of traffic that is authorized to be sent, taking into account
the following inputs:
criticality of applications,
instantaneous bandwidth requirements,
current end-to-end quality of service and traffic capabilities.
March 2012
Ipanema Technologies
1-21
Ipanema System
With ip|coop option, for each tele|engine, a group of remote ip|engines cooperate (Remote
Coordination Group) to do what a local ip|engine would have done, namely:
This Remote Coordination Group is made of up to 8 physical ip|engines (on the 8 most active sites
with this unequipped site) and is automatically and dynamically configured by ip|boss.
Thus, the contribution of each tele|engine can be precisely estimated so that congestion to and
from the remote site can be managed (as through a proxy).
Limitation for use of tele|engines:
no Delay/Jitter/Loss measurement,
neither measurement nor control take shadow traffic (traffic between sites equipped with
tele|engines) into account,
End to End (E2E) bandwidth tracking is less efficient and reactive,
no limitation of egress UDP traffic.
When ip|coop option is enabled, the number of tele|engines is controlled by ip|boss and defined
in the license file delivered to the customer. Without this option, the number is unlimited.
1-22
Ipanema Technologies
March 2012
Ipanema System
1. 2. 12. Security
Ipanema System security features are based on SSL and SSH protocol usage, plus tools for key
generation and distribution.
Second level
The customer defines his own certificate. This is done centrally from ip|boss or from a
customers certificate generator. Certificate installation on ip|engines is handled from ip|boss
and does not require local access to the ip|engines.
Communications are secured. Unauthorized people will not be able to enter the system nor to
read and interpret configuration or measurement data.
Third level
The customer defines his own certificate AND a passphrase. This requires not only an ip|boss
certificate installation, but also to have local access to all ip|engines in order to setup the
passphrase configuration.
Communications are secured. Combination of certificate and local passphrase provides the
highest level of security.
March 2012
Ipanema Technologies
1-23
links to the Domains the User can connect to, with ip|boss (select a the Domain from the
drop-down list and click on the ip|boss button),
links to the Domains the User can connect to, with ip|reporter (select a the Domain from the
drop-down list and click on the ip|reporter button),
a link to ip|uniboss (click on the ip|uniboss button no Domain needs to be selected first,
asip|uniboss manages all Domains).
March 2012
Ipanema Technologies
2-1
Ipanema System
2-2
The Java client downloads and installs automatically (it will be downloaded and installed the
first time only; any subsequent click on this link will launch the client, once installed):
Ipanema Technologies
March 2012
The login window opens (default login and password are the same as describes above):
The SALSA Portal Java client opens; it gives access to the various Domains through ip|boss
Java client, and to ip|uniboss:
March 2012
Ipanema Technologies
2-3
Ipanema System
2-4
Ipanema Technologies
March 2012
2. 2. SALSA ARCHITECTURE
Unified Users are stored in an LDAP server embedded in ip|uniboss.
When a User tries to connect to the SALSA Web Portal:
March 2012
Ipanema Technologies
2-5
Ipanema System
2. 3. SALSA URLS
2. 3. 1. LDAP Users URLs
Although all components of the Ipanema system (ip|uniboss, ip|boss, ip|dashboard and
ip|reporter) can be accessed via SALSA unified client at this URL:
https://<ipanema_server>/salsa
(which
automatically
you to the welcome page that contains the Domain selector
https://<ipanema_server>/salsa/salsa_portal/),
redirects
capability:
they can also be accessed individually and directly at the following URLs (these URLs are secured
through LDAP-based authentication, therefore only unified users have access to them; they are
entry points for all SALSA components using SSO):
2-6
Ipanema Technologies
March 2012
2. 4. LDAP AUTHENTICATION
LDAP authentication is performed in the Apache httpd server using mod_authnz_ldap. The
configuration for the module is located in production/ip_boss/izpack/httpd_ldap.conf.
Upon successful authentication, HTTP headers are added to the request that is forwarded to the
Tomcat server through an AJP connection (the configuration of the mod_proxy_ajp module is
located here ). These headers (x-6307-is-*) contain the profile of the authenticated user: name,
accessible domains, and access rights to ip|boss, ip|uniboss, and ip|reporter.
When forwarding to external users URLs, the front end portal is expected to fill the x-6307-is
headers to provide information about the user it has authenticated.
2. 5. 2. VistaPortal SE considerations
VistaPortalSE cannot deal with HTTP headers for authorizations. It uses internal files to manage
users (portalsesetup.xml, security.properties).
We have added a Tomcat valve that parses Ipanema HTTP headers coming from ip|uniboss
Apache server and maintains internal files model consistent with the Ipanema user permissions
and authorizations.
VistaPortalSE user internal representation is made by associating Users and InfoVista instances;
by this way it lets a user access to reports the Domains of which are located in different InfoVista
instances.
There is nothing particular to do for the valve installation; ip|reporter web installer is taking care
of installing and configuring the Ipanema valve in the VistaPortalSE tomcat, the only parameters
to provide are ip|uniboss LDAP connection parameters during ip|reporter web installation.
March 2012
Ipanema Technologies
2-7
3. 1. DOMAINS OVERVIEW
After ip|uniboss and ip|boss servers installation, you have to create a Domain to use the system.
A Domain is a coherent set of elements:
ip|boss,
ip|engines.
The Domains are hermetic, an ip|engine of a Domain cannot dialog with an ip|engine
of another Domain. An ip|boss server can manage several Domains; one instance per
Domain should be created.
The creation of a Domain is done only on the server.
To create a Domain launch ip|uniboss web client or Java client (a CLI client is also available).
March 2012
Ipanema Technologies
3-1
Ipanema System
All configuration operations described in this section are performed with Mozilla Firefox 8.0 as
a web GUI on the workstation.
All procedures in the following sections are based on ip|uniboss web client.
The selected Domain has no impact, as ip|uniboss gives access to all Domains
(according to the User rights).
For security reasons, the use of HTTPS is mandatory.
You can also access ip|uniboss web client directly by entering the following
URL: https://<ipuniboss_server>:10443/ipuniboss_portal/ (where
<ipuniboss_server> can be ip|unibosss IP address or DNS name).
In this case, the User needs to log in through the connection window; this window has
two fields:
3-2
Ipanema Technologies
March 2012
ip|uniboss web client main window (in this view, two Domains already exist)
March 2012
Ipanema Technologies
3-3
Ipanema System
Supervision menu:
3-4
About: shows information about ip|uniboss version and license information, and
allows to import a license.
Quit: quits ip|uniboss client.
Ipanema Technologies
March 2012
Consult,
Clone,
Modify,
Delete.
?
About: shows the software version and license information (the same as the
About button).
In some tables (Domains, ip|boss servers, etc.), an LED on the left gives the objects operational
states; for the Domains, it can be:
March 2012
green (Started),
Ipanema Technologies
3-5
Ipanema System
amber (Starting),
small and dark (when the Domain has just been created, before an Update has been
applied).
3-6
Ipanema Technologies
March 2012
ip|uniboss start
March 2012
Ipanema Technologies
3-7
Ipanema System
Connection window
3-8
Ipanema Technologies
March 2012
The menu bar in the main window has the 6 menus File, "Windows, Edit, Display, Actions
and ?:
File, Edit, Display and ? are the same as described above (web client),
Windows allows to close all windows,
Action allows to make all the actions achieved through the corresponding buttons
(Consult, Clone, Modify, Delete), as in the web client, plus it gives an access to the tools
(Update, ip|boss servers, Password modification, Log, Issues, Inventory).
Toolbar and table view: refer to the description above (web client).
March 2012
Ipanema Technologies
3-9
Ipanema System
3. 4. IMPORT A LICENSE
To create Domains, the license file license.ipmsys must be installed.
To get your license file, please contact the Ipanema Support service at the e-mail address
support@ipanematech.com or license@ipanematech.com.
In the Toolbar, select
About:
It shows the software version and license information (maximum number of Domains, total ISU
credits (Ipanema Software Units), maximum number of ip|engines and tele|engines, authorized
features, etc.):
About menu
The total number of ISUs (Ipanema Software Units) can be allocated in a flexible way accross
different Domains; refer to the Create a Domain section below.
To import a license, click on the Import button, browse your folders and select the proper license
file (license.ipmsys).
(The license file is copied:
3-10
In each Domains directory (if Domains were already existing, for example when upgrading
from a version to a new one): ~\salsa\ipboss\server\domains\<Domain>\conf (on
ip|boss server).)
Ipanema Technologies
March 2012
3. 5. SYSTEM PROVISIONING
The procedures in this section and in the following ones are all based on ip|uniboss web client.
March 2012
Ipanema Technologies
3-11
Ipanema System
In the servers table, the LED on the left shows the compatibility status of the server; it can be:
green (Compatible) if the server is reachable and compatible with ip|boss; ip|boss
version, OS version and JRE version are polled and displayed:
small and dark (when the server has just been created, before an Update has
been applied: an Update
into account).
3-12
Ipanema Technologies
March 2012
3. 5. 2. Domains
The Domains window is opened when you start ip|uniboss client.
If other windows have been opened and if the Domains window is not the active one, click on
the Domains tab.
Domains.
3. 5. 2. 1. Create a Domain
Operating procedure table: service ip|reporter
March 2012
Ipanema Technologies
3-13
Ipanema System
A creation window opens where you can indicate your Domains characteristics:
The Domains parameters can be read in the Domains window and in the Inventory window.
3-14
Ipanema Technologies
March 2012
Access port: port used by the client for that Domain (set 0 for a dynamic port).
ip|boss server: to choose the server that will manage the Domain (from a drop-down list).
In display mode, ip|boss version, OS version, JRE version and the Compatibility
status are polled from the server and displayed:
Allocated ISU: to specify the number of Ipanema Software Units that are needed on that
Domain. Each function requires a certain number of ISUs, that can be purchased from Ipanema
(a new license file is then provided; refer to the Import a license section above). The number
of consumed ISUs and available ISUs for each Domain is displayed in the Domains windows.
In display mode, the Credit ISUs (as a percentage of the total number of ISUs
accross all Domains), the Consumed ISUs (according to the activated services
and WAN accesses bandwidths) and the number of Available ISUs (= Allocated
Consumed) are computed and displayed:
The fourth frame, SNMP Parameters, allows to configure the SNMP agent of ip|boss:
SNMP IP Address: to specify the SNMP agent (ip|boss) to be polled by the SNMP Manager
(ip|reporter), only in case of multiple interfaces on ip|boss server, or a servers cluster: the IP
address of the interface to be used or the clusters virtual IP address must be typed in here,
Community name: to specify the community name (Public by default).
March 2012
Ipanema Technologies
3-15
Ipanema System
The fifth frame, ip|reporter parameters, allows to configure ip|reporter in order to create/delete
reports in InfoVista Server:
Mode: the version of InfoVistas VistaFoundation platform must be specified here: it can be VF0
or VF4, according to the version that was installed. If you dont have any ip|reporter server,
select Disabled.
The next field depends on the selected VistaFoundation platform:
If you are using VF0: IV Server allows to select an InfoVista from the drop-down list.
If the InfoVista server you want to use has not been created yet, you can create it from
this window, by clicking on the New button next to the selection box. Alternatively, you
can use the IV Server function in the Reporting provisioning menu (described below).
If you are using VF4: Group allows to select a servers Group from the drop-down list.
If the servers Group you want to use has not been created yet, you can create it from this
window, by clicking on the New button next to the selection box. Alternatively, you can
use the Server Group function in the Reporting provisioning menu (described below).
Logo URL: to customize the logo in the reports (one logo per Domain). The size of the logo
should not exceed 150 x 80 pixels; most common formats are supported (gif, jpg and png). This
logo will be visible only through a web access.
The sixth frame, Tuning, allows to configure the maximum number of Application Groups and User
subnets, the HTTP timeout and the data collection periods between ip|boss and ip|engines and
between ip|reporter and ip|boss, and used as the reporting polling period:
Maximum number of Application Groups: the administrator can limit the number of
Application Groups; -1 (default value) allows an infinite number,
Maximum number of User subnets: the administrator can limit the number of User subnets;
-1 (default value) allows an infinite number,
HTTP timeout: the timeout (in seconds) used on HTTP (or HTTPS) request; the time entered
must be consistent with the network (more than the max. RTT for the most distant ip|engine),
Supervision: the polling period of ip|engine updated status (default values should be used):
1 mn: every minute, ip|boss collects the supervision status (default value),
5 mn: every 5 minutes, ip|boss collects the supervision status,
15 mn: every quarter, ip|boss collects the supervision status.
Collect: the elementary period of the Correlation Records generation (packets collected during
the specified time) and collect period for ip|boss (default values should be used):
1 mn: a CR is made by the ip|engine every minute of traffic (default value),
5 mn: a CR is made by the ip|engine every 5 minutes of traffic,
15 mn: a CR is made by the ip|engine every quarter of traffic.
This parameter is used for the maps and real time flows window updates.
Short reporting: update period for clients of collector service (SNMP agent) for short period
reports (default values should be used):
1 mn: the SNMP data are updated by ip|boss every minute (default value),
5 mn: the SNMP data are updated by ip|boss every 5 minutes,
15 mn: the SNMP data are updated by ip|boss every quarter .
This parameter is used for some reports in Ipanema Libraries like Time Evolution,
Detailed per Application, Detailed per Application Group, ....
Long reporting: update period for clients of collector service (SNMP agent) for long period
reports (default values should be used):
5 mn: the SNMP data are updated by ip|boss every 5 minutes,
15 mn: the SNMP data are updated by ip|boss every quarter (default value).
3-16
Ipanema Technologies
March 2012
This parameter is used for some reports in Ipanema Libraries like dashboard, Site
Talker/Listener, Subnet Talker/Listener....
The seventh and last frame, User management, allows to enable Remote Authentication Dial-In
User Service accounting for the Domain:
Radius Accounting: to enable (when the check box is enabled) or disable (when the check
box is disabled) RADIUS accounting.
To see the RADIUS parameters, please refer to the Create Radius servers section below.
March 2012
Ipanema Technologies
3-17
Ipanema System
After a Domain creation (HMS in the example below) the following directory tree is created on
ip|boss server (by default in ~\salsa\ipboss\server\domains\):
3. 5. 2. 2. Move a Domain
Refer to the document DomainMove.pdf provided on the DVD-ROM, in the \doc directory.
3-18
Ipanema Technologies
March 2012
3. 5. 3. Radius
The Radius feature allows the user to:
The Radius configuration is common to all Domains. For each Domain, the Radius management
can be activated or not (refer to the Create a Domain section above).
If the Radius management is not activated, or if all declared Radius servers are unreachable, we
automatically fall back to the embedded ip|boss users management mode.
The Radius window can be displayed by clicking on
Radius window
This window contains two tabs: Configuration and Accounting servers.
Configuration
Retry: number of times the server will attempt to contact the Radius servers before falling down
to the embedded ip|boss users management mode; default value is 3;
Timeout: time interval in seconds to wait for the Radius server to respond before a timeout;
default value is 10 seconds;
Dead time: duration between two accesses to an unreachable Radius server (a server is
considered unreachable when the configured number of retries has been reached without
receiving a response within the specified timeout); value 0 means that a server is never
removed from the list of available servers; default value is 10 minutes;
Selection algorithm: allows to choose between a serial and a round-robin algorithm to select
the server, when there are several ones:
serial: the available servers are used one after the other, using the configured timeout
and retry. The order is based on the priority attribute: the lower priority value is taken
first.
round robin: the available servers are used randomly, using the configured timeout
and a retry set to 1. When all servers have been tried, a second loop is done, and so
on depending on the retry value. The order is based on the priority attribute: the lower
priority value is taken first.
March 2012
Ipanema Technologies
3-19
Ipanema System
Accounting servers
3-20
Priority: value between 0 and 32767 used to define different priority levels between the different
servers, when there are several ones; the higher the value, the lower the priority; default value
is 10,
Name: name you want to give the server (50 characters max); names must be unique across
the servers dictionary,
Host name: IP address or host name of the server (50 characters max),
Port: port on which the server is listening to accounting requests (generally UDP/1646),
Shared secret: shared secret for Radius authentication; it must consist of 15 or fewer printable,
non space, ASCII characters; it should have the same qualifications as a well-chosen password.
Ipanema Technologies
March 2012
3. 6. REPORTING PROVISIONING
The Reporting provisioning menu contains four functions: ip|reporter web portals, VistaMart,
Server Group and IV Server.
It allows to configure the ip|reporter components, which differ according to InfoVista platform being
used (VistaFoundation 0 or VistaFoundation 4):
March 2012
Ipanema Technologies
3-21
Ipanema System
3-22
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
3-23
Ipanema System
VistaMart window
This window shows all created VistaMart servers in a table with 7 columns:
grey (when a new VistaMart server has been created but before the configuration
has been updated),
Host name,
Version: VistaMart version (this piece of information is polled from the server),
Description: description for the VistaMart server,
Port: port being used to access the VistaMart server,
Login: login to the VistaMart server,
ip|reporter web portal: ip|reporter web portal that runs the VistaPortal attached to the
VistaMart server.
3-24
Ipanema Technologies
March 2012
Host name,
Description: a short description can be written for each VistaMart server,
Port: port being used to access the VistaMart server; default value is 11080,
Login: login to the VistaMart server; default login is vmar_operator,
Password and Confirm password: the password, if any, must be typed in twice,
ip|reporter web portal: the ip|reporter web portal that runs the VistaPortal attached to the
VistaMart server can be selected from a drop-down list. A new ip|reporter web portal can be
created using the New button next to the selection box. It opens the same creation window as
described in the previous section.
March 2012
Ipanema Technologies
3-25
Ipanema System
3-26
Ipanema Technologies
March 2012
3. 6. 4. IV Server
The IV Server window can be displayed by clicking on
IV Server window
This window shows all created IV Servers in a table with 12 columns:
Basic contains the following parameters: Host name (mandatory), Server Group (VF4
only, mandatory), Description (not mandatory), Username (default value: administrator;
mandatory), Password (there is no password by default for the administrator login; not
mandatory) and ip|reporter web portal (VF0 only, not mandatory)
Advanced contains the following parameters: Viewer username (VF4 only, default value:
viewer; mandatory), Viewer password (VF4 only, not mandatory), Port mapper (default
value: 1275; mandatory), Manager (not mandatory), Collector (not mandatory), Browser (not
mandatory)
All these parameters are described above. There is one more field, at the top of the creation window,
to select the VistaFoundation version:
Mode: select either VF0 or VF4 with the radio buttons, according to InfoVistas platform version
being installed.
March 2012
Ipanema Technologies
3-27
Ipanema System
3-28
Ipanema Technologies
March 2012
3. 7. SYSTEM ADMINISTRATION
The System administration menu contains one or two functions, according to the User logged
in: Users (displayed for all Users) and Local administrator password (displayed only if the User
logged in ip|uniboss is a local administrator).
3. 7. 1. Users
In the Toolbar, select
Users:
Users window
This window show a table with 12 columns:
Name: Username,
ip|boss access: shows whether the User has an access to ip|boss (access) or not (no
access),
ip|dashboard access: shows whether the User has an access to ip|dashboard (access) or
not (no access),
Discovery: shows whether the User has an access to the Discovery (access) or not (no
access),
Real-time Flows: shows whether the User has an access to the Real-time Flows (access) or
not (no access),
Real-time Graph: shows whether the User has an access to the Real-time Graphs (access)
or not (no access),
ip|uniboss rights: shows the Users rights on ip|uniboss (three levels: no access, read only
or read/write),
iPhone access: shows whether the User has an access to the Ipanema system via the ad hoc
iPhone software application (access) or not (no access),
ip|reporter access: shows whether the User has an access to ip|reporter (access) or not (no
access),
Domains: shows the Domains the User can access (*: the User can access all Domains),
Locale: shows the Users preferred languages.
Tag: free field.
March 2012
Ipanema Technologies
3-29
Ipanema System
Further parameters:
Domains selection
By selecting access in ip|boss access, ip|dashboard access, iPhone access or
ip|reporter access, one must specify on which Domains the User is granted an access:
3-30
Ipanema Technologies
March 2012
All domains: if the click box is checked, the User will be granted an access to
all Domains; if not, the User will be granted an access to the Domains selected
below only,
Domains: allows to specify which Domains the User can access (not displayed
if the previous click box has been checked, as the User can access all Domains
in this case).
The left frame shows the Domains the User can not access (all existing
Domains before any selection has been made),
the right frame shows the Domains the User can access;
Domains can be moved from one frame to the other using the different arrows:
to move the Domains selected in the left frame to the right frame
(i.e. to give the User an access to the selected Domains),
to move all Domains to the right frame (i.e. to give the User an
access to all Domains),
to move the Domains selected in the right frame to the left frame
(i.e. to prevent the User from accessing the selected Domains),
to move all Domains to the left frame (i.e. to prevent the User from
accessing any Domain).
ip|boss frame
By selecting access in ip|boss access, in addition to the Domains selection
(see above), one must specify the three access levels (no access, read only or
read/write) for each of the 7 ip|boss menus (System administration, Service
activation, Supervision, Helpdesk, Reporting, Application provisioning and
System provisioning):
ip|dashboard frame
By selecting access in ip|dashboard access, in addition to the Domains selection
(see above), one must specify the User access rights (either no access or access) to
four features: ip|dashboard, Discovery, Real-time Flow and Real-time Graph:
March 2012
Ipanema Technologies
3-31
Ipanema System
ip|reporter frame
By selecting access in ip|reporter access, in addition to the Domains selection (see
above), one can specify the access to the reports with various filters:
Metaview: one can give the User an access to the reports on certain Metaviews
only, by typing them in this field. Use * to replace any string of characters (e.g.
Application Group* to give an access to the reports on all Application Groups;
use * alone to grant an access to all Metaviews).
Period: one can give the User an access to the reports on certain periods only
(hour or day or week or month), by typing it in this field (use * to grant an access
to all four periods).
Report: one can give the User an access to certain reports only, by typing them in
this field. Use * to replace any string of characters (e.g. *slm* to give an access
to the Service Level Monitoring reports only; use * alone to grant an access to
all reports).
Navigation mode: one can choose between three values:
All: the User can navigate in the Sites reports using either the Sites
metaviews folders or the two Navigation hierarchical levels (called
Folder name for level 1 and Folder name for level 2 in ip|engines
windows Advanced tab),
No navigation: the User can navigate in the Sites reports using the Sites
metaviews folders only (they cannot select Navigation and navigate
using the two Navigation hierarchical levels),
No Folder: the User can navigate in the Sites reports using the two
Navigation hierarchical levels only (they cannot select Folder and
navigate using the metaviews folders, so they cannot access reports
other than Sites reports the only ones that are accessible through the
Navigation menu).
Folder 1: for Users who navigate using the Navigation menu, one can specify
which folders they can access at level 1 (use * to replace any string of
characters).
Folder 2: for Users who navigate using the Navigation menu, one can specify
which folders they can access at level 2 (use * to replace any string of
characters).
Scope: one can give the User an access to the public reports only (by selecting
public), or to the private reports only (by selecting private), or to both public
and private reports (by selecting All).
3-32
Ipanema Technologies
March 2012
This button appears only if you connect to ip|uniboss locally, without using LDAP (e.g.
https://<ip|uniboss_server>:10443/ipuniboss_portal/).
March 2012
Ipanema Technologies
3-33
Ipanema System
3. 8. SUPERVISION
The Supervision menu contains three functions: Inventory, Log and Issues.
3. 8. 1. Inventory
In the Toolbar, select
Inventory:
Inventory window
This window is made of two frames:
Domain inventory,
Topology inventory. This frame is contextual: if no Domain is selected in the previous frame,
it displays all Domains topologies; if one (or several) Domain(s) is (are) selected, it displays its
(their) topology(ies) only.
The
Print button prints all the columns of the selected Domain(s),
whereas the Action / Print menu prints the selected columns of all the Domains.
3. 8. 1. 1. Domain inventory
This frame contains the following information:
3-34
Ipanema Technologies
March 2012
Server
Manager port
Collector port
Browser port
Portmapper port
Supervision
Collect
Reporting short
Reporting long
Domain services: shows if the following services are started (Yes) or not (No):
ip|true
ip|fast
ip|coop
ip|xcomp
ip|xtcp
ip|xapp
smart|plan
ip|reporter
ip|export
smart|path
Number of: shows the number of the following objects, with their totals on the last line:
March 2012
ip|engines
tele|engines
Automatic metaview
On demand metaview
Automatic reports
On demand reports
Application Group
Topology subnet
User subnet
Applications
Ipanema Technologies
3-35
Ipanema System
3. 8. 1. 2. Topology inventory
This frame contains:
Domain name
ip|boss server
ip|engine (software version, model and IP addresses are polled from the ip|engine; if it has
not been reachable, the field is blank):
WAN Access:
Server
Manager port
Collector port
Browser port
Portmapper port
Domain: shows if the following services are started (Yes) or not (No):
3-36
Total
Total
Total
Total
ip|reporter:
Name
Main public IP address
Main private IP address
Auxiliary public IP address
Auxiliary private IP address
LAN MAC address
Physical: ip|engine (Yes) or tele|engine (No)
Enabled: Enabled (Yes) or disabled (No)
Software version
Hardware
ip|true: Yes / No
ip|fast: Yes / No
ip|xcomp compress: Yes / No
ip|xcomp uncompress: Yes / No
ip|xtcp: Yes / No
ip|xapp: Yes / No
smart|plan: Yes / No
ip|true
ip|fast
ip|coop
ip|xcomp
ip|xtcp
ip|xapp
smart|plan
ip|reporter
ip|export
Ipanema Technologies
March 2012
3. 8. 2. Logs
In the Toolbar, select
Log:
the list of system events (on ip|uniboss server) with a time stamping,
the list of connections/disconnections to/from ip|uniboss with a time stamping.
The events are sorted by antichronological order, by default (the latest event is the first in the list,
at the top of the first page), but you can sort them by chronological order by clicking on the column
header (Messages).
If the list is displayed on several pages, you can select which page you want to see by clicking on
the page number at the bottom of the window.
You can also use the following arrows to navigate:
You can also click on a page number to jump to that page (the current page number is displayed
on the left, and underlined in the list of pages).
A field allows you to specify how many objects (events) per page you want to display (40 by default);
click on the Refresh button next to this field to apply a change:
March 2012
Ipanema Technologies
3-37
Ipanema System
3. 8. 3. Issues
In the Toolbar, select
display):
non
non
non
non
non
created Domains,
deleted Domains,
started Domains,
configured Domains,
reachable Domains.
3-38
Ipanema Technologies
March 2012
4. 1. CONFIGURATION OVERVIEW
Once your Domain has been created (refer to the previous Chapter) and before starting a
measurement, QoS & control or optimization session, you have to parameter your configuration
(one configuration per Domain).
This configuration uses:
general settings for all functions (measurement, QoS & control, redundancy elimination,
acceleration and smart plan) ensuring:
configuration of the Domains ip|engines,
configuration of the topology subnets associated with the ip|engines,
selection of applications, TOS and User subnets assigned to the session, according
to the specific features of the traffic to be measured, controlled, compressed or
accelerated,
specific settings that depend on customers requests, for measurement, QoS & control,
redundancy elimination and acceleration features:
March 2012
Ipanema Technologies
4-1
Ipanema System
All configuration operations described in this section are performed with Mozilla Firefox 8.0 as
a web GUI on a Windows XP workstation.
Connection screen
4-2
Ipanema Technologies
March 2012
Alternatively, you can access ip|boss directly, by entering the following URL:
https://<ip|uniboss_server>:10443/ipboss_portal (ip|uniboss is the web portal for
ip|boss).
For security reasons, the use of HTTPS is mandatory.
Connection screen
In this case, you have to log in locally. The connection window has two fields:
User name: the name of the user,
Password: the password of the user.
The user administrator with password admin is defined by default.
March 2012
Ipanema Technologies
4-3
Ipanema System
4-4
Ipanema Technologies
March 2012
A table view shows a list of objects. All the table views give:
A menu bar,
A tool bar,
A list of objects.
Selection: you can select an object in the list by clicking on its line. To select other objects, you
have to click on their lines while pressing the Alt key. To select an interval of objects, you select
the first then the last by clicking while pressing the Shift key. The Edit menu (see below) allows to
select/unselect all the objects on the list. In the status bar, the number of selected objects and the
total number of objects is shown.
Sort: you can sort the list according to one column by clicking on this columns header (by clicking
on the header a second time, you change the order ascending-descending). By clicking on several
columns while pressing the Ctrl key, you make a sort on multi-columns. These functions are also
available through the Display/Sort menu (see below).
March 2012
Ipanema Technologies
4-5
Ipanema System
4-6
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-7
Ipanema System
Simple filter
An extended filter (New Extended Filter) is a combination of simple filters
(using AND, OR, NOT logical operators). When a filter is active, the
number of displayed objects and the total number of objects is written
on the status bar. You can activate/deactivate a filter by double-clicking
on the icon of the status bar.
Extended filter
Choose columns: choose the columns to display.
Preferences: save or delete the display mode (filters and selected columns).
The Actions menu, which allows to consult, clone, modify, delete and change the
administrative state of the objects. The list of actions is the same as you get through
the context menu of the list.
The ? menu, which gives an access to the About menu.
4-8
Ipanema Technologies
March 2012
March 2012
(Freeze, in dynamic tables such as the Real time flows list): to freeze the view;
when clicked, the button turns into Unfreeze.
(Unfreeze, in dynamic tables such as the Real time flows list): to unfreeze the view,
after it has been frozen; when clicked, the button turns back to Freeze.
Ipanema Technologies
4-9
Ipanema System
4-10
Ipanema Technologies
March 2012
Select ip|boss and the Domain you want to connect to in the SALSA Java client.
Launch your web browser, select the following URL: https://x.x.x.x:10443/ipboss_manager
(where x.x.x.x is the IP address of ip|uniboss server ip|uniboss is an authentication and
redirection server for ip|boss), and click on Start ip|boss rich client; this method is the only
one available on the first use of ip|boss Java client.
Use the shortcut
on your desktop (if you accepted its creation when asked on the first use
of ip|boss Java client).
Use the Start menu (Windows), then select Programs and ipboss_manager.
March 2012
Ipanema Technologies
4-11
Ipanema System
Connection screen
4-12
Ipanema Technologies
March 2012
A table view shows a list of objects. All the table views give:
A menu bar,
A tool bar,
A list of objects.
They are the same as in the web client. Refer to the web client description above for more
details.
The Display menu contains one additional function to the web client:
Fix columns: to fix the columns: this keeps the left columns unaffected by an horizontal
scrolling.
March 2012
Ipanema Technologies
4-13
Ipanema System
4-14
Ipanema Technologies
March 2012
4. 4. 1. CLI architecture
ip|boss and ip|uniboss have a specific GUI client each, that uses CORBA over SSL to
communicate with a dedicated client request handler (called the Leonardi connector because
of the underlying technology).
Quite similarly, there is a CLI client for ip|boss and a CLI client for ip|uniboss. They communicate
exclusively with their respective CLI connector using CORBA over SSL. The best image to illustrate
what the CLI clients and CLI connectors are is to compare the CLI clients to Telnet clients and the
CLI connectors to remote shell services.
The CLI client/server protocol relies on three verbs:
Login
Logout
Execute
The client and the server exchange version information prior to the login request. This allows either
side to adapt to an older peer.
In its current version, the ip|boss CLI connector forwards login and logout requests to the targeted
Domains Leonardi connector, besides establishing its own session information and setting up
a session specific command parser that will process execute requests. If no specific Domain is
targeted, the ip|boss CLI connector will use the naming service to get a list of all running Domains
and will connect to the first available Domain (in alphabetical order) the provided credentials are
valid for.
The ip|uniboss CLI connector will forward the login and logout requests to the ip|uniboss Leonardi
connector.
Once the session is established, the CLI client acts a transparent upstream pipe between the client
systems keyboard or input file and the CLI connector and a transparent downstream pipe between
the CLI connector and the client systems display or output file.
4. 4. 2. CLI language
The ip|boss Leonardi connector essentially maps a Domains configuration to a set of object
classes and objects within each class. The ip|uniboss Leonardi connector does the same at a
higher level, where Domains are objects in a class. (This is very much akin to tables and rows we
are used to in DBMSes such as Oracle for example.)
The CLI language builds on this paradigm. The language basics are the same for ip|boss CLI and
ip|uniboss CLI. The difference currently only lies in the underlying schema - names of tables and
columns.
A CLI script is a (possibly empty) list of statements. A statement is always terminated by a ";"
(semicolon) character. The semicolon is not a statement separator but a statement terminator. The
difference is important, particularly for parser robustness sake. Having the semicolon act as a
statement terminator and not anything else makes error recovery much easier: eat and discard
input until you see the next semicolon and try to parse more statements from there.
CLI statements currently fall into 2 categories:
March 2012
Ipanema Technologies
4-15
Ipanema System
Create ( or insert),
Modify ( or update),
Delete,
List ( or select).
But there are not only similarities, there are differences too. CLI DML statements act on one table
or object class at a time, there is no such thing as a join. Future releases of CLI will make it easy
to clone objects, just overriding a few columns with specific values. That is not easy in SQL.
CLI offers fine grained control over error handling and logging because it is mainly targeted at
procedure automation versus ad hoc queries.
For the same reason, CLI not only produces tabular output but can also use tabular input in
statements
4-16
Ipanema Technologies
March 2012
Working space
The main window gives access to all features of the system.
March 2012
Ipanema Technologies
4-17
Ipanema System
Toolbar
The buttons give a direct access to the functions. The tool bar is separated into 7 areas:
Global tools
User settings: allows the User to change their password (local access only),
Domains: gives access to another Domain and allows to check the status of all Domains
at a glance (this icon is only visible if you connected to ip|boss directly - i.e. not through SALSA
- and if you have an access to several Domains),
4-18
Ipanema Technologies
March 2012
ip|reporter: opens ip|reporter web portal to give access to the reports (this icon is only
visible if you connected to ip|boss through SALSA),
System administration
Click on System administration to access
the System administration functions:
Users: gives access to the user management (creation, deletion of local users); you can
select this function only if you connected to ip|boss directly - i.e. not through SALSA,
System provisioning
Click on System provisioning to access the
System provisioning functions:
March 2012
Ipanema Technologies
4-19
Ipanema System
4-20
software upgrade
reboot
scripts
security status
advanced configuration
Ipanema Technologies
March 2012
Application provisioning
Click on Application provisioning to access
the Application provisioning functions:
Supervision
Click on Supervision to access the
Supervision functions:
Status map: shows the status map of the ip|engines within a map,
Options: gives access to the different options (mail, SNMP trap) of the system,
March 2012
Ipanema Technologies
4-21
Ipanema System
Helpdesk
Click on Helpdesk to access the Helpdesk
functions:
Reporting
Click on Reporting to access the Reporting
functions:
4-22
Ipanema Technologies
March 2012
Status zone
The status zone is made of four frames, showing the Domain name, LEDs and bargraphs.
Domain: <Domain_name>:
Total throughput
(Mbps)
Active flows
gauge displaying the current active flows (max number for each
collection) measured by all enabled ip|true agents of the Domain
(left figure) over the peak flows measured since the session start-up
(right figure).
ip|boss: shows the state of the system with three colored LEDs:
Connection LED: shows the status of the connection between the client and the ip|boss
server:
green
red
green
red
grey
amber
March 2012
Ipanema Technologies
4-23
Ipanema System
green
yellow
red
grey
green
yellow
grey
red
green LED
red LED
grey LED
Reachable
Overload LED and bargraph: display the overload status of all ip|engines:
green LED
red LED
Overload
4-24
no ip|engine is overloaded
some ip|engines are overloaded (the WAN throughput exceeds the
capacity of the hardware)
displays the number of ip|engines currently overloaded (left) upon
the total number of ip|engines reachable (right).
Ipanema Technologies
March 2012
Synchronized LED and bargraph: display the synchronization status of all ip|engines:
green LED
yellow LED
red LED
grey LED
Synchronized
Measuring LED and bargraph: display the ip|true status of all ip|engines:
green LED
yellow LED
one or several ip|true agents are not operational (not configured yet,
configuration refused or failure)
red LED
grey LED
Measuring
Optimizing LED and bargraph: display the ip|fast status of all ip|engines:
green LED
yellow LED
red LED
grey LED
Optimizing
March 2012
Ipanema Technologies
4-25
Ipanema System
Limiting LED and bargraph: indicates when a Local Traffic Limiting rule is active on an
ip|engine:
yellow LED
grey LED
Limiting
ip|xcomp LED and bargraph: display the ip|xcomp status of all ip|engines:
green LED
yellow LED
red LED
grey LED
ip|xcomp
ip|xtcp LED and bargraph: display the ip|xtcp status of all ip|engines:
green LED
yellow LED
red LED
grey LED
ip|xtcp
ip|xapp LED and bargraph: display the ip|xapp status of all ip|engines:
green LED
yellow LED
red LED
grey LED
ip|xapp
4-26
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-27
Ipanema System
4. 6. OPERATING PROCEDURE
The operating procedure consists of the following phases:
choosing a Domain,
creating a configuration or using an archived configuration, that is, specifying all ip|engines
and Domain settings (topology subnets, applications, Application Groups, Qos Profiles,
MetaViews....),
running a measurement, control, redundancy elimination or virtual cooperative session, applied
to the Domain,
analyzing the results in real-time,
reporting configuration of measurement and QoS & control (optional).
4-28
Ipanema Technologies
March 2012
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
Manual procedure
Manual procedure
Coloring
WAN access
ip|engines
Topology Subnets
TOS
Applications
March 2012
Ipanema Technologies
4-29
Ipanema System
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
Analyze links
X
Link supervision
X
X
Topology Subnets
X
X
QoS profiles
Application Group
Modify reports
ip|reporter
Update
Stop a session
Service activation, ip|engines: off
4-30
Ipanema Technologies
March 2012
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
X
X
Start a session
X
Link supervision
X
Real-time
Real-time Maps
X
ip|engines
X
QoS profiles
Application Group
User Subnets
X
Coloring
WAN access
X
X
X
Update
X
March 2012
Ipanema Technologies
4-31
Ipanema System
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
X
X
Start a session
X
Link supervision
X
Real-time
Real-time Maps
X
Update
X
Commands
ip|
true
ip|
fast
(1)
X
X
Start a session
X
Link supervision
Analyze real-time
compressed flows
X
Real-time
Real-time Maps
Management by adjusting
redundancy elimination
settings: Application Group
Application Group
Management by adjusting
redundancy elimination
direction settings:
ip|engines
ip|engines
X
Update
X
4-32
Ipanema Technologies
March 2012
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
X
X
Start a session
X
Link supervision
Analyze real-time
accelerated flows
X
Real-time
Real-time Maps
Management by adjusting
acceleration settings:
Application Group
Application Group
Management by adjusting
acceleration settings:
ip|engines
ip|engines
X
Update
X
March 2012
Ipanema Technologies
4-33
Ipanema System
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
X
X
Start a session
X
Link supervision
Analyze real-time
accelerated flows
X
Real-time
Real-time Maps
Management by adjusting
acceleration settings:
ip|engines
Modify the session
dynamically
ip|engines
X
Update
X
4-34
Ipanema Technologies
March 2012
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
smart|path service
Start a session
Service activation, ip|engines: on
Management by adjusting
Dynamic WAN Selection
settings: Application Group
Application Group
Management by adjusting
Dynamic WAN Selection
settings: WAN access
WAN access
Management by adjusting
Dynamic WAN Selection
settings: ip|engines
ip|engines
Management by adjusting
Dynamic WAN Selection
advanced parameters:
Tools
Tools
X
Update
X
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
smart|plan service
Enable smart|plan for all
ip|engines
X
X
Start a session
X
Update
X
March 2012
Ipanema Technologies
4-35
Ipanema System
Operations to be
performed
Commands
ip|
true
ip|
fast
(1)
Commands
ip|
true
ip| fast
(1)
Domain creation
Operations to be
performed
Update
ip|reporter: reporting
Define InfoVista server
settings
Define automatic reporting
Automatic reporting
Define Metaview settings
Metaview
Define reports
ip|reporter
4-36
Ipanema Technologies
March 2012
Operations to be
performed
Commands
ip|
true
ip| fast
(1)
ip|boss: management
Supervision management
settings (mail, SNMP trap)
Options
Log window
Log
Create/Delete local users
Users
User password modification
Login
Security configuration
Security
Certificate generation tab enerate the
keys and the certificates
Configuration tab hoose the encryption
algorithm
ip|engine status
ip|engine status
ip|engine status map
Security status
Tools, Status tab: displays the
security status of ip|engines
Discovering of applications,
subnets.....
Discovery
Upgrade ip|engines
software
Reboot ip|engines
Tools, Reboot tab
Quit the application
File/Exit
March 2012
Ipanema Technologies
4-37
Ipanema System
4. 7. 2. Open a configuration
Operating procedure table
To work with an existing configuration file, you must:
4. 7. 3. Save a configuration
Operating procedure table
The configuration file of the Domain (__active__.ipmconf) is automatically applied and saved
on the following actions:
Update/Save
In case of necessity (for backup), you should make the backup of this file from your
server to the media of your choice (do not backup the file while an update is pending
on the ip|engines).
Important reminder it is advisable to backup your configuration file in a different directory than
that used for installation in order to avoid deleting files during subsequent install.
4-38
Ipanema Technologies
March 2012
Undo table
If a modification has been carried out by another user in the interval, undo will not
operate.
March 2012
Ipanema Technologies
4-39
Ipanema System
The Export selection check box only appears if ip|engines were selected before
using the Export function: it allows to export the selected objects only. If no ip|engine
was selected before using the Export function, or if the Export selection box is not
checked, all objects are exported.
Step 1. Select the fields you want to export by pushing them to the right with the double arrow
to the right (all fields will be moved at a time) or the single arrow to the right (only the selected
fields will be moved) and click Ok.
A new window opens, where the first line is the description of the fields, and all the subsequent
lines are the exported objects:
Export window
Step 2. Copy and paste all the windows contents in a .res file.
All objects can also be exported using the CLI client.
4-40
Ipanema Technologies
March 2012
4. 8. 2. Importing objects
The following objects can be created by importing them from a configuration file: Coloring rules,
WAN accesses, ip|engines and Topology subnets.
All objects can be imported using the CLI client.
As the procedure is the same for all objects, we will consider one case only: importing
ip|engines.
An existing configuration file in raw format (.res) can be imported. The first line must be the
description of the fields (it is present if the file was made with an export), and all the subsequent
lines are the objects to be imported (some may be already existing).
In the example below, we will import the previously exported file, where we added a new site called
MyNewSite:
Import window
In the Import window that opens, you can choose which objects to display:
created (objects of the imported file not found in the actual configuration),
modified (objects different in the imported file and in the actual configuration),
deleted (objects of the actual configuration not found in the imported file),
March 2012
Ipanema Technologies
4-41
Ipanema System
and unchanged (objects identical in the imported file and in the actual configuration).
(Only the created and modified objects are displayed by default.)
Click on Import all, or select the objects to import then click on Import selection.
Import window
A message tells you how many objects could be successfully imported; click on Ok.
If the Import file contains an object that already exists (same name), it will update it; an
update icon warns you:
4-42
Ipanema Technologies
March 2012
If objects could not be created (already existing IP address for an ip|engine, for
example), an error message warns you:
March 2012
Ipanema Technologies
4-43
Ipanema System
4. 9. SYSTEM PROVISIONING
4. 9. 1. Configuring Coloring
Operating procedure table: settings, ip|fast service
The Coloring Policy is used with QoS & control. It is the capability to modify the TOS or DiffServ
field in the IP header with a new value according to the type and criticality of the packet.
The mode used is Color-Blind (in this mode, all packets are treated as if they were uncolored:
they are marked according to the selected coloring rule, regardless of their initial color).
ip|fast must be enabled.
Coloring:
4-44
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-45
Ipanema System
This window defines the coloring policies to apply at the access to WAN (you can create as many
Colorings as you want). The coloring parameters specify the type of service, the TOS or DSCP
values function of the traffic type and criticality level. It comprises:
input fields:
Name: to identify the coloring policy (string of characters). By default , the name none is
defined associated with an unspecified service type. The name is used to identify the
Coloring policy,
Service type: to select the type of coloring policy to set-up. The service is selected from
a drop-down list. The values offered are:
TOS: the TOS field of the frame is set to the value specified by the Code point
setting. It then contains the value of the IP PRECEDENCE and the TOS specified
for the Class of Service,
DiffServ: "Differentiated Service" type service. The TOS field of the frame is
set at the value specified by the PHB Group (DSCP) setting, in accordance
with RFC 2474 (definition of the Differentiated Services Fields (DS Field) in the
IPv4 and IPv6 headers), RFC 2597 (Assured Forwarding PHB group), RFC 2598
(Express Forwarding PHB group)
unspecified: not specified,
a Coloring zone: to define or modify the coloring for type of Traffic and Criticality level:
PHB Group (DSCP): when DiffServ is the Service Type selected, the value for each
peer (type of Traffic and criticality level) is selected with drop-down list,
Precedence/TOS (b0b7): when ToS is the Service Type selected,
a display zone in the form of a table corresponding to the data previously entered.
Service type
PHB
group
DSCP
value
TOS value
Top
Express
Forwarding
EF
101110
EF
101110
Medium
EF
101110
Low
EF
101110
AF11
001010
AF12
001100
Medium
AF21
010010
Low
AF22
010100
BE
000000
High
BE
000000
Medium
BE
000000
Low
BE
000000
Top
High
Background
ToS default
setting
Criticality
level
High
Transactional
Top
Assured
Forwarding
Best Effort
4-46
Ipanema Technologies
March 2012
Coloring rules can also be created by importing them from a configuration file. Refer to
section Importing objects.
March 2012
Ipanema Technologies
4-47
Ipanema System
WAN access:
4-48
Ingress (LAN to WAN) max Bandwidth: maximum ingress throughput allocated at the WAN
interface of the CPE (in kbps),
Ingress (LAN to WAN) min Bandwidth: minimum ingress throughput that the tracking function
(see below) can track down (in kbps); if no value is entered, it is automatically set to half of the
max value,
Egress (WAN to LAN) max Bandwidth: maximum egress throughput allocated at the WAN
interface of the CPE (in kbps),
Egress (WAN to LAN) min Bandwidth: minimum egress throughput that the tracking function
(see below) can track down (in kbps); if no value is entered, it is automatically set to half of the
max value,
Ipanema Technologies
March 2012
Coloring: selection, from a drop-down list, of the Coloring policy created in the Coloring
directory, to be applied. If there is no specific coloring (LS, Best effort), select "none". The
default display is none.
Trust level: Routine or Business: in case of smart|path, defines which type of traffic is allowed
to go through the Network Access Point (Routine and Business sensitivity levels are also defined
for each Application Group, where they are used in the path decision to route traffic to a NAP
with at least the same Trust Level).
Report key: this field is optional. A report key field is used for SNMP and ip|reporter and
allows to define regrouping of WAN accesses. A WAN access belongs to only one regrouping.
For example, this field can be used to gather WAN accesses according to:
the type of network (all WAN accesses to an MPLS backbone, all WAN accesses to
the Internet, etc.)
the type of access line (all WAN accesses with an access line at 64 kbps, 128 kbps, ....)
March 2012
Ipanema Technologies
4-49
Ipanema System
Bandwidth tracking
Congestion detection is key to know when and where to manage flows. Network available capacity
may also vary in time (DSL link, Frame Relay access, secondary link with a bandwidth different
from that of the primary link, etc.). The purpose of Bandwidth Tracking is to automatically and
dynamically estimate the available network capacity:
Bandwidth Tracking
Bandwidth tracking principles:
Output:
Available bandwidth for each potential congestion point.
4-50
Ipanema Technologies
March 2012
ip|engines manage three potential congestion points between any pair of sites:
By setting a minimum bandwidth lower than the maximum bandwidth, the tracking function will
automatically and dynamically estimate the actual value of the bandwidth between those two
values:
By setting a minimum bandwidth equal to the maximum bw, the tracking function will not execute:
March 2012
Ipanema Technologies
4-51
Ipanema System
WAN accesses can also be created by importing them from a configuration file. Refer
to section Importing objects.
4-52
Ipanema Technologies
March 2012
4. 9. 3. Configuring ip|engines
Operating procedure table, ip|fast service, ip|xcomp service, ip|xtcp service, ip|xapp service,
smart|path service.
In the System provisioning Toolbar, select
displayed:
March 2012
Ipanema Technologies
4-53
Ipanema System
The number of ip|engines and tele|engines which can be created are limited by the
license. This number is displayed in the About window.
ip|engines can also be created by importing them from a configuration file. Refer to
section Importing objects.
4-54
Ipanema Technologies
March 2012
the General tab is made of three frames: General, WAN Access and Services.
the Advanced tab is made of two frames: Redundancy elimination method and Navigation.
General tab
1. The General frame contains the following input fields and click boxes:
Name: character string used to identify the ip|engine (50 alphanumeric characters max),
Main public IP address (mandatory): IP address of the ip|engine visible by ip|boss server for
management purposes (configuration, collection of the correlation records, supervision),
Main private IP address (option if only the Main public address is declared, then the Main
private address is automatically allocated the same value): IP address of the ip|engine as it
has been locally configured (with the ipconfig command).
- In most cases (VPN, flat addressing, ...) only the Main public address is needed.
- In case of NAT, the two addresses must be different.
According to the MGT port being used or not, the Main addresses can be allocated to either the
LAN-to-WAN bridge (if the MGT port is not used in band management), or to the MGT port, if
used (out of band management):
March 2012
Ipanema Technologies
4-55
Ipanema System
Auxiliary public IP address (mandatory when the MGT port is used; must not be declared
otherwise): IP address of the ip|engine visible by other ip|engines for measurement
(ip|true), QoS & control (ip|fast), redundancy elimination (ip|xcomp, signalling + tunnel), TCP
acceleration (ip|xtcp), CIFS acceleration (ip|xapp) and synchronization (ip|sync) purposes;
it allows for out of band management (using the Main address) but in band inter-ip|engines
messages (using the Auxiliary address),
Auxiliary private IP address (option if only the Aux. public address is declared, then the
Aux. private address is automatically allocated the same value): IP address of the ip|engine as
it has been locally configured (with the ipconfig command) for the LAN-to-WAN bridge.
The Auxiliary addresses are allocated to the LAN-to-WAN bridge, when the MGT port is used (in
this case, the Main addresses are allocated to the MGT port). Refer to the second diagram above.
If no Auxiliary address is declared, the inter-ip|engines messages use the Main
address.
- In most cases (VPN, flat addressing, ...) only the Auxiliary public address is needed.
- In case of NAT, the two addresses must be different.
Report key: this field is optional. A report key field is used for SNMP and ip|reporter and
allows to define regrouping of ip|engines. An ip|engine belongs to only one regrouping.
For example, this field can be used to gather ip|engines according to:
a geographical criteria (all ip|engines in Europe, North America, Asia, Africa...).
the type of access line (all ip|engines with an access line at 64 kbps, 128 kbps, ....)
4-56
Auto-reporting: to allow (yes) or not (no) the reports created with the Automatic reporting
function to be added for this ip|engine. Refer to the Automatic reporting section.
Type: physical or virtual, to create an ip|engine or a tele|engine, respectively. A tele|engine
is characterized by an alias and an IP address; if no IP address is defined ip|boss randomizes
a virtual IP address with a 240.x.x.x prefix.
Ipanema Technologies
March 2012
2. The WAN Access frame allows to configure the WAN access(es) on the Network Access
Point(s); it contains the following input fields:
Path Selection: allows to enable the smart|path feature by selecting TOS or CPE, when
there are several NAPs on the site; the smart|path feature must be allowed in the license, and
optimize must be checked in the Services frame to enable it.
Disabled (default value): to disable the smart|path feature when there is one WAN
access on one NAP only, or when one do not want to use this feature.
TOS: allows to configure up to three WAN accesses with their corresponding marking
values (see below).
CPE: allows to configure up to three WAN accesses with their corresponding CPEs (see
below).
When the TOS radio button is selected (optimize must be clicked in the Services frame first),
the WAN Access frame contains the following input fields after Path Selection:
When the CPE radio button is selected (optimize must be clicked in the Services frame first),
the WAN Access frame contains the following input fields after Path Selection:
March 2012
Ipanema Technologies
4-57
Ipanema System
WAN access 2 and CPE IP address 2: the same for the second WAN access (mandatory
parameters, as the smart|path feature can be used when there is a minimum of two WAN
Accesses).
WAN access 3 and CPE IP address 3: the same for a third WAN access, if used (not mandatory).
The bandwidth is an important factor for QoS & control: make sure the WAN access(es)
is (are) correctly defined.
3. The Services frame allows to define the ip|engines capabilities. It contains the following click
boxes:
4-58
Ipanema Technologies
March 2012
Advanced tab
By default, both methods of redundancy elimination are enabled (when ip|xcomp is checked in
the Services frame in the General tab).
We do not recommand to change the default settings without advice from the Ipanema
Support.
These two fields allow to navigate in the reports (in ip|reporter) in different ways:
The first browsing method does not use these two fields: by selecting Folders in the drop-down
list in ip|reporters main window, you can access the reports with the following file system tree
(4 hierarchical levels):
<Domain> / <type of MetaView> / <MetaView> / <time level, public/private>
March 2012
Ipanema Technologies
4-59
Ipanema System
The second browsing method allows to navigate in the sites reports with two additional
hierarchical levels, defined by these two fields: by selecting Navigation in the drop-down list
in ip|reporters main window, you can access the sites reports with the following file system
tree (6 hierarchical levels):
<Domain> / Navigation / <Folder name for level 1> / <Folder name for level 2> /
<MetaView> / <time level, public/private>
(the <type of MetaView> level disappears, as this method is valid to access the sites reports
only).
This method is very helpful on larges networks, with hundreds or thousands of sites.
In the example below, Folder name for level 1 was used to group sites per continents, and
Folder name for level 2 was used to group sites per countries. The ip|engines created without
filling those fields are grouped under the Unknown folder name:
4-60
Ipanema Technologies
March 2012
Topology Subnets:
The Topology subnets are used by the ip|engines to classify, measure and control
the traffic peer to peer. These subnets match the IP subnets of the sites where the
ip|engines are installed. All of them must be declared (in the example above, two
Topology subnets are declared on the Datacenter, 10.2.1.0/24 and 10.2.4.0/24). Use
the Discovery agent and the SA Site throughput report to check if no one is missing.
The traffic from/to a Topology subnet is described as coming from/to the User subnet
Other. To report it with a specific name, see the User subnet paragraph.
March 2012
Ipanema Technologies
4-61
Ipanema System
) or remove (
removed with
and
buttons).
Several ip|engines can be associated to a same subnet in case of clustering. The clustering
function defines the subnet partition for several ip|engines (for example Central site with backup
routers). At a time, a session belongs to only one ip|engine of the cluster.
Cluster solution works with a Hot Standby Router, load sharing per session but not
load sharing per packet.
Clustering
Clustering configuration:
Subnets
Associated ip|engines
This diagram
ip|e A, ip|e B
LAN_HQ
HQ1, HQ2
Administrative state:
Enable: Topology subnet taken into account,
Disable: Topology subnet not taken into account.
The ip|engines associated with a Topology subnet must be upstream from the data
flows of this subnet.
Topology subnets can also be created by importing them from a configuration file. Refer
to section Importing objects.
4-62
Ipanema Technologies
March 2012
A Time server, which can be an external clock reference (NTP) or an ip|engine of the Domain,
is used as the main synchronization source,
Synchronization servers, which are ip|engines of the Domain (use several for redundancy
reasons), get their synchronization from the Time server and propagate it to all the other
ip|engines of the Domain,
All other ip|engines of the Domain get their synchronization from the Synchronization servers
(without any out of Domain connection).
This architecture allows GPS-less Domains, out of Domain synchronization and short term no
time function (a Domain can be disconnected from its Time server, the Synchronization servers
will remain synchronized to each other, thus making higher resiliency).
Time servers
can be either ip|engines (with or without GPS), ip|boss or External NTP servers,
must be delivering a consistent time between each other,
if an ip|engine is a Time Server, it will use its local ITP configuration (GPS, local or an external
source).
if a Time server is an external NTP server, the ITP port must be tuned to 123 (Sentry
Tuning section in the __active__.ipmconf ip|boss configuration file).
Synchronization servers
March 2012
Ipanema Technologies
4-63
Ipanema System
Configuration
In the System provisioning Toolbar, select
ip|sync:
The Time server directory gives the list of all ITP servers. It includes:
a Server field: allows to enter the IP address of a time server (several ones can be
declared).
an ip|engine field: allows to select an ip|engine as a time server (select only one).
Declare a Server or an ip|engine.
the zone on the right displays the selected time servers for the Domain.
The Synchronization server directory gives the list of all ip|engines that can be used as ITP
servers. It includes:
an ip|engine field: allows to select ip|engines as ITP servers (choose two or three, for
redundancy reasons). They do not need GPS antennas.
the zone on the right displays the selected ITP servers for the Domain.
4-64
Ipanema Technologies
March 2012
4. 9. 6. Tools
The System provisioning Toolbar provides a
Tools
They are described in the following sections:
Software upgrade:
2.8.2. (INSTALLATION / ip|engines / Upgrading ip|engines software).
Reboot:
6.4.1. (SUPERVISION / SYSTEM PROVISIONING: TOOLS / Rebooting).
Scripts:
6.4.2. (SUPERVISION / SYSTEM PROVISIONING: TOOLS / Scripts).
Security status:
6.3.3. (SUPERVISION / SUPERVISION / Security).
Advanced configuration:
5.9.7. (CONFIGURING SERVICES / SYSTEM PROVISIONING / Configuring smart|path).
March 2012
Ipanema Technologies
4-65
Ipanema System
Sensitivity policiy: matching Application Groups sensitivities with WAN accesses Trust Levels
depends on a policy which can be changed here.
Sensitivity policies allows to choose between three policies:
4-66
Ipanema Technologies
March 2012
- Preferred
(default
value):
- Strict:
- Backup:
Return path:
- no:
- yes
(default
value):
- Per Packet:
- Per Session
(default
value):
March 2012
Ipanema Technologies
4-67
Ipanema System
The User Subnets are used by the system for services configuration (ip|true, ip|fast and
ip|reporter). These user subnets identify hosts, servers or subnets on which measurement,
control or reporting is requested by the system. These user subnets are used in the application,
Application Group and metaview definitions.
In the Application provisioning Toolbar, select
User subnets:
4-68
Ipanema Technologies
March 2012
TOS:
Configuring TOS
TOS that are not explicitly named in the dictionary are implicitly grouped into the Other category.
The TOS window contains the following input fields and click boxes:
March 2012
Ipanema Technologies
4-69
Ipanema System
Applications:
Applications window
This window is made of two frames:
4-70
Ipanema Technologies
March 2012
It is also possible to declare applications on the ports being used (you have defined an application
as traffic on a specific port/server); in this case, it is the port number that prevails to regnosize the
application.
When an ip|engine has not observed this start of the conversation, or if the application cannot
be recognized thanks to its syntax or declared port number, it falls back to RFC1700 ("well known
ports" definition).
So the order of recognition of applications is as follows:
Applications that are not recognized or enabled in the dictionary are implicitly grouped on their
lower layer protocol (e.g. TCP or UDP).
F
G
Audiogalaxy
BGP
Bittorrent
Citrix
COTP
CUPS
DCERPC
DHCP
DICT
DirectConnect
DNS
Edonkey
EIGRP
Exchange
= MAPI
FTP
FTPS
Secure FTP
G711a
G711u
G723
G729
GIOP
GIOPS
Secure GIOP
Gizmo
Gnutella
March 2012
Ipanema Technologies
4-71
Ipanema System
J
K
L
4-72
GoBoogy
GRE
GTP
H225
HSRP
HTTP
HTTPS
Secure HTTP
ICMP
ICQ
I seek you
Identification protocol
IGMP
IMAP
IMAPS
Secure IMAP
IPCOMP
IPP
IPSec
IP Secure
IRC
IRCS
Secure IRC
ISAKMP
Jabber
JetDirect
Kazaa
Kerberos
L2TP
LDAP
LDAPS
Secure LDAP
LoadBalancing
Lotus Notes
LPR
Mainframe CFT
MAPI
McAfee
MCS
MGCP
MMS
Mount
MS_SQL
= TDS
MS Exchange
= MAPI
Ipanema Technologies
March 2012
Q
R
MSN
MSN Messenger
Mute
MySQL
Napster
NARP
Netbios
NetFlow
NFS
NNTP
NNTPS
Secure NNTP
NSPI
NTP
Open FT
OSPF
PCAnywhere
PIM
POP3
POP3S
Secure POP3
PortMapper
Postgres
PPP
Point-to-Point Protocol
PPTP
Printer_ipp
= IPP
Q931
Quake
(game)
RADIUS
RDP
RDT
Remote Shell
RFB
RLogin
Remote Login
RLP
RPC
RQuota
RSH
= Remote Shell
March 2012
Ipanema Technologies
4-73
Ipanema System
4-74
RStat
RSVP
ReSerVation Protocol
RSync
RTP/RTCP
RTSP
RUsers
SAP
SHOUTcast
SIP
Skype
SLP
SMB
SMTP
SMTPS
Secure SMTP
SNMP
SOAP
Socks
Sockets
Soulseek
SrvLoc
SSDP
SSH
Secure Shell
SSL
Sync
Syslog
TCP
TDS
Telnet
TelnetS
Secure Telnet
TFTP
TNVIP
UCP
UDP
URL
VMWare
VNC
= RFB
VRRP
Ipanema Technologies
March 2012
WINMX
X11
XOT
Yahoo Messenger
YPPasswd
YPServ
YPUpdate
Client/Server
Internet
ActiveX, FTP, HTTP, HTTPS, IP, IPCOMP, IRC, NNTP, Remote Shell,
Socks, SSH, SSL, TCP, TFTP, UDP, URL
Security
ERP
Oracle, SAP
Database
Directory Service
Messenger,
Groupware
Network Service
Chat
File server
Terminal
Time
NTP
Game
Quake
Remote Client
Peer to peer
Tunneling
Audio/Video, VoIP
Routing
BGP, EIGRP, HSRP, IGMP, Load Balancing, OSPF, PIM, RIP ng1,
RIP v1, RIP v2
Network Management
Printing
March 2012
Ipanema Technologies
4-75
Ipanema System
The system recognizes about 180 protocols (HTTP, ICMP, FTP, RTP/RTCP, H.225, SAP, Citrix,
Skype, VMWare....; refer to the comprehensive list in the tables above).
Attributes depend on protocols:
for HTTP: it is possible to distinguish the URL names (www.ipanematech.com for
example)
Syntax:
?
a unique character
separator in a list
Examples:
www.google.fr
www.google.*
www.google.*/*.gif
*/*.gif
*/*
www.ipanematech.*/web_germany/*
Specific cases:
host/*
"any" URI
host/
empty URI
*/full/uri
"any" HOST
/full/uri
empty HOST
4-76
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-77
Ipanema System
The Common Name is displayed in the Certificate (the way to display the
Certificate depends on the web navigator being used):
4-78
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-79
Ipanema System
Port(s) (for TCP or UDP Protocol): port number as it will appear in the Server port
(source or destination) fields of TCP/UDP headers. This field can contain several values
and be filled in with a combination of values (; separator) and ranges (- separator) (for
TCP/UDP),
User Subnets filter: this optional parameter can be used to identify an application by the IP
address of a server or client, or list of servers or clients (ex: SAP). It is possible to choose the
server or client from a drop-down list of the User subnets, or directly:
User Subnets List: choose the subnet or host in the list of User subnets to be associated
with the application by selecting them and pushing them to the right frame with the single
right arrow (selected User subnets only) or double right arrow (all User subnets),
Prefix/Length: set the subnet with the following notation X.X.X.X/Y where X.X.X.X is
the IP address and Y the length integer between 0 and 32; a list of IP addresses can be
configured (; separator).
C/S Side: specify if the application must be recognized on the server side or on the client
side.
4-80
Ipanema Technologies
March 2012
Moving applications to place the more specific ones above the more generic ones
March 2012
Ipanema Technologies
4-81
Ipanema System
QoS profiles:
4-82
Ipanema Technologies
March 2012
Session B/W (kbps): to specify the bandwidth per session; the value is used by ip|fast,
Obj. (objective): nominal bandwidth per session (mandatory parameter).
The objective bandwidth per session is operational during the congestion
step.
Max. (maximum): maximum bandwidth allowed per session (not mandatory).
When defined, the maximum bandwidth per session is always operational
(even without congestion).
The maximum ratio between the objective and the maximum bandwidth has
been suppressed (it was 20 until ip|boss v5.0).
Delay (ms), Jitter (ms), Packet loss (%), SRT (server response time, ms), RTT (round trip
time, ms), TCP retrans. (%): to specify, for each flow, the Objective and Maximum values for
that QoS profile. These parameters are enabled or not by checking the click box or not,
These information can be used by the Application Group reporting to control the QoS associated
with each Application Group.
all values <
Obj.
Max.
acceptable
Correct
unacceptable
Interpretation of Obj. and Max. criteria for Delay, Jitter, Loss, SRT, RTT and TCP retrans.
Name
Type
Session
BW
(kbps)
Delay
(ms)
Default
Bg
30-600
File transfer
Bg
Business
Jitter
(ms)
Packet
Loss
(%)
SRT
(ms)
RTT (ms)
TCP
retrans.
(%)
200-1000
1-10
0-0
400-2000
1-10
50-1000
500-1000
1-10
0-0
1000-2000
1-10
Tr
50-500
200-500
1-5
0-0
400-1000
1-5
Thin client
Tr
40-400
100-500
1-5
0-0
200-1000
1-5
Bg
50-1000
500-2000
1-10
0-0
1000-4000
1-10
Net services
Bg
20-200
100-500
1-10
0-0
200-1000
1-10
Web
Tr
40-400
200-1000
1-10
0-0
400-2000
1-10
G711
RT
90-120
100-200
50-100
0-2
0-0
200-400
0-2
G723
RT
20-30
50-150
50-100
0-1
0-0
100-300
0-1
G729
RT
30-45
50-150
50-100
0-1
0-0
100-300
0-1
Video streaming
RT
150-200
200-1000
50-100
1-5
400-2000
1-5
Ex. of QoS Profiles (Bg: background, Tr: transactional, RT: real-time; in each column: obj.-max.)
March 2012
Ipanema Technologies
4-83
Ipanema System
business criticality,
QoS performance objectives (nominal bandwidth per application session, delay, jitter, packet
loss, SRT, RTT and TCP retransmission),
the enabling of compression.
The users objectives are the only input to the system. There is no need to set low-level, network
and device specific policy rules.
The Ipanema System performs:
Application Groups are independent of ip|true, ip|fast, ip|xcomp, ip|xtcp, smart|path and
smart|plan services.
Application Groups are given in a tree structure, each Application Group is characterized by:
a name,
filters to define the rules of traffic classification corresponding to the Application Group,
a criticality level to define the level of criticality associated to the application(s) in this Application
Group,
a QoS profile that enables QoS objectives for the application(s) in this Application Group,
the capability to be compressed.
tjhe capability to be accelerated.
The position of the Application Groups in the tree structure is important, it determines
the classification of the packets. The classification is performed by running the structure
tree downwards. The packet is classified with the first applicable classification met.
Other, included the whole classifications, is at the end of the tree.
The configuration of the Application Groups is necessary for the good behavior of the QoS & control
agent, ip|fast.
4-84
Ipanema Technologies
March 2012
Application Groups:
March 2012
Ipanema Technologies
4-85
Ipanema System
Dictionary filters,
Subnet filters,
ip|engine filters,
Advanced
The selection areas at the bottom of the window depend on the selected tab (see below).
A zone displaying the characteristics of the selected Application Group:
A zone with multiple selection areas, that depend on the selected tab at the top of the window:
the first area (on the left) shows a list of elements of the Dictionaries (Applications,
ToS values), Subnets (source and destination) or ip|engines (ingress and egress) as
described in the system and managed by ip|boss
the second area (on the right) shows the selected elements for the Application Group.
4-86
Ipanema Technologies
March 2012
- A logical Or is applied for the different elements inside a filter (for example filter
Applications: HTTP or HTTPS).
- A logical And is applied for the different types of filters (for example Applications:
HTTP or HTTPS and subnet-src=LAN-192).
Arrows are used to move the selected data from one area to the other (one by one or all at a
time).
March 2012
Ipanema Technologies
4-87
Ipanema System
By selecting Subnets with this tab, you create local rules that will apply only to
those Subnets! Do this only if really needed. Otherwise, use global parameters only
(Dictionary filters).
4-88
Ipanema Technologies
March 2012
an Ingress zone: displays the ip|engines and tele|engines list as described in the directory,
an Egress zone: displays the ip|engines and tele|engines list as described in the directory,
Description of the two areas of the tab: see description above.
By selecting ip|engines with this tab, you create local rules that will apply only to
those ip|engines! Do this only if really needed. Otherwise, use global parameters only
(Dictionary filters).
March 2012
Ipanema Technologies
4-89
Ipanema System
Advanced tab
This tab contains two additional frames:
Real time
Transactional
only the Zero Delay method is enabled (the Standard method can
create a small latency usually less than 5 ms),
Background
4-90
Smart|path:
This frame contains three parameters, that can be used to overwrite the global values set in the
System provisioning > Tools > Advanced configuration menu.
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-91
Ipanema System
Using the Dictionary filters tab when configuring Application Groups, as described above.
Using the Application mapping functionality.
To access the Application mapping functionality, in the Application provisioning Toolbar, select
Application mapping.
The Mapping of applications within Application Groups window is displayed.
This window contains the map itself plus the following buttons:
: no access,
4-92
: to get the list of flows corresponding to the square area in the window (refer to the real
time flows list below),
Ipanema Technologies
March 2012
At the first zoom level, the map displays the full traffic with a main square per Application Group
and a sub-square per application.
The zoom in, zoom out and reset zoom functions can be accessed using the right
button on the mouse on the ip|boss Java Client.
By moving the mouse on a square, a contextual text shows the description of the square:
Contextual text
March 2012
Ipanema Technologies
4-93
Ipanema System
limit the bandwidth used by the different networks of the departments, services (user subnets)
or applications according to specific criteria taking the following constraints into account:
source subnet,
remote subnet,
applications,
TOS/CP values.
a name,
filters to define the rules to classify the traffic corresponding to the LTL,
a limit on the bandwidth that can be used by the class.
The LTL rules are enabled only if ip|fast is activated on the ip|engine.
LTL.
4-94
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-95
Ipanema System
4. 11. REPORTING
The Reporting menu gives access to three functions: MetaView, reports and Alarming.
and any complex definition with the previous parameters, using several fields and, possibly,
several tabs.
For example, a Metaview can aggregate the data on the Domain (no filter), but another metaview
could detail the behavior between 2 subnets and a particular application.
ip|reporter uses the Metaviews for the reports creation and data collection.
Two modes of Metaview creation are available:
unitary mode: allows to create Metaviews one by one with your own naming rules. This mode
can be used in order to create a troubleshooting Metaview with complex filters (for example a
destination site, a source site and a specific application),
wizard mode: allows to create a big number of Metaviews with automatic naming rules and
simple filter (for example: one Metaview for each user subnet of the Domain).
Metaviews for the Domain, the Physical sites (= sites with an ip|engine), the Virtual
sites (= sites with a tele|engine) and the Application Groups are automatically created
by the system (as soon a new Domain, a new Physical site, a new Virtual site or a new
Application Group is created, respectively).
As a consequence, only one Metaview needs to be created manually in the window
below (the one that will be used to troubleshoot Telnet between Factory and
Headquarters, on the sixth line).
The Metaview name is used by ip|reporter to name the instances of the reports.
4-96
Ipanema Technologies
March 2012
Metaview.
March 2012
Ipanema Technologies
4-97
Ipanema System
The Name of the Metaview, used by ip|reporter to name the instances of the reports,
The Type: as this function is used to create a Metaview on demand, the field always displays
on demand.
A zone with three tabs:
Configuration,
User Subnets,
Traffic classification.
the first area (on the left) shows a list of elements (ip|engines, Keys, User subnets, Applications,
Application Groups, etc.), as described in the system and managed by ip|boss
the second area (on the right) shows the selected elements for the Metaview.
A logical Or is applied for the different elements inside a filter.
A logical And is applied for the different types of filters.
Some arrows are used to move the selected data from one area to the other, one by one (using
the single arrows) or all at a time (using the double arrows).
4-98
Ipanema Technologies
March 2012
Configuration tab
This tab comprises the filters which define the rules of traffic topologies corresponding to the
Metaview (from Site A to Site B, etc.). It contains the following areas:
Site A: displays the ip|engines and tele|engines list as described in the configuration,
Reminder: Metaviews for the Sites are automatically created by the system.
Site B: displays the ip|engines and tele|engines list as described in the directory,
This list is available only if at least one site in Site A is selected.
Engine Report Key A: displays the ip|engine report key list as described in the configuration,
Engine Report Key B: displays the ip|engine report key list as described in the configuration,
This list is available only if at least one ip|engine report key in Engine Report Key
A is selected.
WAN Access Id A: displays the Network Access Points list as described in the configuration,
WAN Access Id B: displays the Network Access Points list as described in the configuration,
This list is available only if at least one Network Access Point in WAN Access Id A
is selected.
March 2012
Ipanema Technologies
4-99
Ipanema System
WAN Access Report Key A: displays the WAN Access report key list as described in the
configuration,
WAN Access Report Key B: displays the WAN Access report key list as described in the
configuration,
This list is available only if at least one WAN Access report key in WAN Access
Report Key A is selected.
User Subnet A: displays the User subnets list as described in the configuration,
User Subnet B: displays the User subnets list as described in the configuration.
This list is available only if at least one subnet in User Subnet A is selected.
4-100
Ipanema Technologies
March 2012
Criticality: displays the criticality list as described in the configuration (from Top to Low).
March 2012
Ipanema Technologies
4-101
Ipanema System
the first area (on the left) shows a list of elements (ip|engines, Keys, User Subnets, Application
Groups, etc.) as described in the system and managed by ip|boss,
the second area (on the right) shows the selected elements for the Metaviews.
Some arrows are used to move the selected data from one area to the other (one by one or all at
a time).
By selecting several elements in each list, the system will create the Metaviews
according to combinative selected criteria.
The wizard mode automatically manages the naming rules (the name varies according to the
selected elements).
4-102
Ipanema Technologies
March 2012
Configuration Tab
Configuration Tab window: see above.
This tab comprises the filters which define the rules of traffic topologies corresponding to the
Metaviews (From/to Site A, from/to Key ). It contains the following areas:
Site: displays the ip|engines and tele|engines list as described in the configuration,
Reminder: Metaviews for the Sites are automatically created by the system.
Key: displays the ip|engines report keys list as described in the configuration,
NAP id: displays the Network Access Points as described in the configuration,
Network report key: displays the WAN access report keys as described in the configuration.
March 2012
Ipanema Technologies
4-103
Ipanema System
User Subnets: displays the User subnets list as described in the configuration.
4-104
Criticality: displays the criticality list as described in the configuration (from Top to Low).
Ipanema Technologies
March 2012
Alarming.
Alarming window
This window contains three frames:
An alarm is the instantiation of a rule (when does the alarm trigger/rearm?) on a Metaview (on what
objects - sites, Application Groups, etc. - does the rule apply?).
Creating an alarm is achieved in three steps:
creating a rule,
associating a rule to a Metaview,
activating logs and/or mails and/or traps on alarming events.
March 2012
Ipanema Technologies
4-105
Ipanema System
When a rule is created, an Identifier is automatically attributed to it by the system, that can be seen
in the Alarming window (Ident).
4-106
Ipanema Technologies
March 2012
Rules syntax
The description of a threshold must respect the following grammar:
exp ::= prefixexp
exp ::= number
exp ::= exp binop exp
exp ::= unop exp
prefixexp ::= var | ( exp )
Examples:
lan_ingress_packet_loss > 5
wan_egress_throughput > 1000
wan_ingress_throughput > 0.2 * ingress_wan_access_ingress
Name
Unit
Name
Unit
ingress_tcp_rtt_min
ms
lan_egress_min_delay
ms
ingress_tcp_rtt_avg
ms
lan_egress_avg_delay
ms
ingress_tcp_rtt_max
ms
lan_egress_max_delay
ms
egress_tcp_rtt_min
ms
lan_egress_jitter
ms
egress_tcp_rtt_avg
ms
lan_egress_sessions
number
egress_tcp_rtt_max
ms
wan_ingress_throughput
kbps
ingress_tcp_srt_min
ms
wan_ingress_packet_loss
ingress_tcp_srt_avg
ms
wan_ingress_min_delay
ms
ingress_tcp_srt_max
ms
wan_ingress_avg_delay
ms
egress_tcp_srt_min
ms
wan_ingress_max_delay
ms
egress_tcp_srt_avg
ms
wan_ingress_jitter
ms
egress_tcp_srt_max
ms
wan_egress_throughput
kbps
ingress_tcp_retransmit
wan_egress_packet_loss
egress_tcp_retransmit
wan_egress_min_delay
ms
lan_ingress_throughput
kbps
wan_egress_avg_delay
ms
lan_ingress_goodput
kbps
wan_egress_max_delay
ms
lan_ingress_packet_loss
wan_egress_jitter
ms
lan_ingress_min_delay
ms
quality_ingress
010
lan_ingress_avg_delay
ms
quality_egress
010
lan_ingress_max_delay
ms
mos_ingress
05
lan_ingress_jitter
ms
mos_egress
05
lan_ingress_sessions
number per s
ingress_wan_access_ingress
kbps
lan_egress_throughput
kbps
ingress_wan_access_egress
kbps
lan_egress_goodput
kbps
egress_wan_access_ingress
kbps
lan_egress_packet_loss
egress_wan_access_egress
kbps
Metrics used
March 2012
Ipanema Technologies
4-107
Ipanema System
Binary and unary operators (binop and unop) consist of arithmetical, relational and logical
operators.
arithmetical operators are:
addition
multiplication
modulo
subtraction
division
negation (unary)
equal to
<
less than
<=
~=
different from
>
greater than
>=
and
not (unary)
1.
2.
3.
4.
5.
6.
or
and
< > <= >= ~= ==
+*/%
not - (unary)
A rule is validated when committed; a mistake will trigger an Error message window.
4-108
Ipanema Technologies
March 2012
The first area (on the left) shows the list of elements (Alarm rules and Metaviews), the second
area (on the right) shows the selected elements.
Some arrows are used to move the selected data from one area to the other.
By selecting several elements in each list, the system will create the Alarms according to
combinative selected criteria.
March 2012
Ipanema Technologies
4-109
Ipanema System
4. 11. 3. 5. Operation
Using the alarms triggered by ip|boss is achieved with external tools, according to the selected
Actions:
When an alarm is triggered or rearmed, the following information is available (in a log, an e-mail or
a trap):
Alarms are sent by pair: trigger when the first threshold is reached, rearm when the second is.
4-110
Ipanema Technologies
March 2012
Options.
Activation: specify how to manage the Supervision events and the Traffic alarming events.
Mail (e-mail): Supervision and/or Traffic alarming events can be mailed to a list of recipients
configured in ip|boss; it uses its own mailing command.
Trap (SNMP Trap): Fault management traps generated by ip|boss on Supervision and/or Traffic
alarming events are sent to configured SNMP managers.
March 2012
Ipanema Technologies
4-111
Ipanema System
You can manage the Supervision events. They consist of an alarm (log, mail or trap) in case of
system events like:
LicenseExpiration
Start
Stop
Update
Upgrade
Reboot
BeginOfDownStatus
an ip|engine is down
EndOfDownStatus
BeginOfSynchronizationLoss
EndOfSynchronizationLoss
CertificateExpiration
RestartByRecover
IpReporterManagerIsDown
IpReporterCollectorIsDown
IpReporterBrowserIsDown
IpReporterManagerIsUp
IpReporterCollectorIsUp
IpReporterBrowserIsDown
IpReporterBrowserIsUp
BeginOfNotReachableStatus
EndOfNotReachableStatus
MetaViewColors
BeginOfCompressDownStatus
EndOfCompressDownStatus
BeginOfUncompressDownStatus
EndOfUncompressDownStatus
BeginOfLanLinkDownStatus
EndOfLanLinkDownStatus
BeginOfWanLinkDownStatus
EndOfWanLinkDownStatus
Events (ip|engines are identified with Alias, IP Address and Domain name)
You can manage the Traffic alarming events. They consist of an alarm (log, mail or trap) in case
of an alarm triggered or rearmed (see CONFIGURING ALARMING above).
4-112
Ipanema Technologies
March 2012
Mail:
Supervision events:
Enable: to send e-mails on Supervision events,
Disable: not to send e-mails on Supervision events.
Traffic alarming events:
Enable: to send e-mails on Alarming events,
Disable: not to send e-mails on Alarming events.
Trap:
Supervision events:
Enable: to trap the Supervision events,
Disable: not to trap the Supervision events.
Traffic alarming events:
Enable: to trap the Alarming events,
Disable: not to trap the Alarming events.
March 2012
Ipanema Technologies
4-113
Ipanema System
Subject: ip|boss, the Origin (see table above) and the alarm type,
Alarm timestamp (time when alarm was detected),
description: optional comments on the alarm.
The Origin and Type fields are included in the subject of the mail. The Description field is included
into the body of the mail. The Field format is <Domain><Type><Origin><Events>.
Mail examples:
Object : HMS : ip|boss - OSS - Cold Start
Date : 26/03/02 13:42:42 Paris, Madrid
From: ipboss@ipanematech.com
To: support@ipanematech.com
ip|boss System has been started by DOC on 26/03/2002 at 13:43:47.
Configuration file is: C:\program files\server\domains\HMS\config\__active__.ipmconf.
Object : HMS : ip|boss - OSS - Stop
Date : 26/03/02 13:43:52 Paris, Madrid
From: ipboss@ipanematech.com
To: support@ipanematech.com
ip|boss System and ip|engine have been stopped by DOC on 26/03/2002 at 13:45:11.
Object : HMS : ip|boss - ip|engine - End of ip|fast down status
Date : 26/03/02 14:06:25 Paris, Madrid
From: ipboss@ipanematech.com
To: support@Ipanematech.com
ip|fast is up on following ip|engine on 26/03/2002 at 14:07:43 : - HQ (192.169.0.100)
4-114
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
4-115
Ipanema System
Users:
This function is only available if you connected to ip|boss directly - and not through
SALSA client.
The users created with this function will remain local to ip|boss; to create users and
manage their rights on ip|boss, on ip|uniboss and on ip|reporter, you must use
ip|unibosss Users function.
This window contains the following input fields:
4-116
Functions
Rights
System Administration
Users
Automatic reporting
Security
Ipanema Technologies
March 2012
Service activation
Supervision
ip|engines status
Supervision map
Log file
Options (Mail, SNMP trap)
Helpdesk
Maps
Discovery
Real time flows
Reporting
Metaviews
ip|reporter (reports)
Alarming
Application provisioning
Users Subnets
Applications
ToS (type of service)
Application Group
QoS profile
LTL (local traffic limiting)
System provisioning
ip|engines
Topology Subnets
WAN access
Coloring
ip|sync
Tools (upgrade, script, reboot, security status)
User Profile
March 2012
Ipanema Technologies
4-117
Ipanema System
4-118
1. The procedure (steps 1 to 5) is similar to the procedure of the second level, except that the
customer selects and defines a passphrase in Security/Certificate Generation window.
Ipanema Technologies
March 2012
2. Configure the associated ip|engines. THE SAME PASSPHRASE MUST BE USED for the
ip|boss and the ip|engine to allow the SSL connections between ip|boss and ip|engine. This
passphrase should be configured on all ip|engines of the Domain.
3. Before using this command, check the system Administrator to obtain the same
passphrase as ip|boss.
Command usage:
sslpassphrase
usage: sslpassphrase set
sslpassphrase reset
Copyright (c) Ipanema Technologies 2000-2005
Set the passphrase:
sslpassphrase set
Enter old SSL passphrase:
Enter new SSL passphrase: *******************
Confirm new SSL passphrase: ******************
Passphrase has been changed
Do you want to restart HTTP Server with new passphrase now [y/n]?
y
Security.
step 1) defines the certificate name. Under this name, 4 files are generated:
the private key: <alias>.isk (Ipanema Server Key) in the Security directory
(~/ipboss/server/domains/<Domain Name>/Security). If a passphrase was provided,
the key has been encoded with the passphrase in the file,
The same passphrase should be also entered on all ip|engines of the
Domain.
step 2) defines the algorithm (encoding mode or not) used for communication encryption
between ip|boss and ip|engines,
March 2012
Ipanema Technologies
4-119
Ipanema System
Certificate group box with the Name: name (without extension) of the key/certificate,
Key group box with:
the field Size: choice of the key size: 512, 1024 (by default), 2048,
the field Passphrase: to enter the passphrase. The selection displays the Security
Generation dialog box.
If used, the same passphrase must be used for ip|boss and all the
ip|engines of the Domain.
4-120
Ipanema Technologies
March 2012
Configuration window
The configuration specifies to ip|boss which certificate of the Security directory to use and which
algorithm to associate in SSLv3 with RSA authentication. This window defines the encryption
applied to the communications.
The window contains:
Certificate group box with the Name: name (without extension) of the key/certificate to choose
in the drop-down list. With this name, ip|boss finds the .isk, .isc, .isk and .icc files.
Algorithm group box: click in the corresponding case (Selection) to select the encryption
algorithms to be applied between ip|boss and the ip|engines.
The algorithms are listed in security level order, NULL SHA is selected by default.
March 2012
Ipanema Technologies
4-121
Domain.
This icon is not displayed when you connect to ip|boss through the SALSA client or if
you have an access to one Domain only.
Domain window
The colors of the lines show the global statuses of the Domains:
A blank line is either a fully operational Domain (all activated functions run normally) or
a deactivated Domain (the ip|engines have not been enabled globally).
An orange line is a Domain with some down status (but not all).
A red line shows a Domain with all status down.
When selected, a line turns blue, whatever the Domains status (and the lines previous
color).
For each Domain, a synthesis of the status of the ip|engines, measurement (ip|true), QoS
& control (ip|fast), compression and decompression (ip|xcomp), TCP acceleration (ip|xtcp),
CIFS acceleration (ip|xapp) and synchronization (ip|sync) is displayed, as well as the total
throughput on the Domain and the total number of active flows.
You can also use this window to change Domain, by clicking on the corresponding Domains
.
line and clicking on the Connect Domain button
The name of the selected Domain appears in the status zone:
March 2012
Ipanema Technologies
5-1
Ipanema System
Status zone
5-2
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
5-3
Ipanema System
5. 3. SUPERVISION
5. 3. 1. ip|engine status (monitoring ip|engines activity)
Operating procedure table: Management
In the Supervision Toolbar, select
ip|engine Status.
5-4
Ipanema Technologies
March 2012
CPU (%): ip|engine load average during the last collect period,
Satellites: number of satellites seen and used for synchronization,
Source: synchronization source (GPS or ITP (Ipanema Time Protocol)),
Server: name of the synchronization server or n/a (not available),
LAN status: LAN interface status of ip|engine:
up: Ethernet interface is link Up,
down: Ethernet interface is link Down.
March 2012
Ipanema Technologies
5-5
Ipanema System
5-6
Ipanema Technologies
March 2012
CPU (%): ip|engine load average during the last collect period,
Satellites: number of GPS satellites seen and used for the time synchronization,
Version : ip|agent software version and type release of the ip|engine,
Source: synchronization source (GPS or ITP (Ipanema Time Protocol)),
Server: name of the synchronization server on n/a (not available),
Offset (ms): estimated synchronization offset from GPS and ITP server (time difference
between synchronizing and synchronized units),
Delay (ms): average round trip delay between the ip|engine and ITP server,
Frequency (ppm): local oscillator free running frequency difference with the synchronization
source,
LAN status: LAN interface status of ip|engine:
up: Ethernet interface is link Up,
down: Ethernet interface is link Down,
LAN (detected type): Ethernet current state of the LAN interface of ip|engine (it should be
compatible with the previous field):
auto, 10HD, 10FD, 100HD, 100FD, 1000FD,
LAN (received bytes): number of bytes received on the LAN interface of the ip|engine,
LAN (sent bytes): number of bytes sent on the LAN interface of the ip|engine,
LAN (received packets): number of packets received on the LAN interface of the ip|engine,
LAN (sent packets): number of packets received on the LAN interface of the ip|engine,
LAN (collisions): number of collisions on the LAN interface of the ip|engine,
LAN (error frames) : number of frames error on the LAN interface of the ip|engine,
WAN status: WAN interface status of the ip|engine:
up: Ethernet interface is link Up,
down: Ethernet interface is link Down,
WAN (configured type): Ethernet configuration of the WAN interface of the ip|engine:
auto, 10HD, 10FD, 100HD, 100FD, 1000FD,
March 2012
Ipanema Technologies
5-7
Ipanema System
WAN (detected type): Ethernet current state of the WAN interface of the ip|engine (it should
be compatible with the previous field and with the LAN detected type):
auto, 10HD, 10FD, 100HD, 100FD, 1000FD,
WAN (received bytes): number of bytes received on the WAN interface of the ip|engine,
WAN (sent bytes): number of bytes sent on the WAN interface of the ip|engine,
WAN (received packets): number of packets received on the WAN interface of the ip|engine,
WAN (sent packets): number of packets received on the WAN interface of the ip|engine,
WAN (collisions): number of collisions on the WAN interface of the ip|engine,
WAN (error frames): number of frame errors on the WAN interface of the ip|engine,
Measure (diagnostics): last diagnostic message of ip|true of the ip|engine (Alarm in the
real-time flows list is at yes):
OutOfTicket: there are no more up tickets,
OutOfBuffer: the driver is overloaded,
WanOverload: the packets received by the ip|engine on its WAN interface are more
than it is capable of handling,
TooManyFlow: the maximum number of sessions has been reached (depends on the
ip|engine range),
PktOverload: Ethernet RX overrun,
CPUOverload: CPU overrun,
LanIntfDown: the LAN interface of the ip|engine is down,
WanIntfDown: the WAN interface of the ip|engine is down
OutOfAppCnx: the maximum number of sessions of the application recognition syntax
engine has been reached.
Optimization (diagnostics) : last diagnostic message of ip|fast of the ip|engine (Alarm in the
real-time flows list is at yes):
ip|fast unreachable from ip|true: ip|fast is not working (transitory state),
ip|engine set in parallel mode: ip|fast was started on an ip|engine set in parallel mode,
current state is xxxx (where xxxx can be Initial, Configuring, Configured, Stopping,
Resetting or Unknown): ip|fast has not been started while it should have been; ip|true
tries to start it until it succeeds (transitory state).
5-8
Ipanema Technologies
March 2012
Supervision maps.
the map itself, with a square for each ip|engine, the size depends on the ip|engine hardware
model, and a color in order to give a quick synthetic view of the supervision status:
Red: when Status is down (ip|engine not reachable), or when one of the following
functions: Measurement, QoS & control, Compression, Decompression, Acceleration
is down, not started, not configured or not updated (after three trials of update),
Yellow: when not Synchronized, and/or Overloaded and/or Updating (update of
configuration running),
Green: all status are OK (Status, Measurement (always); QoS & control, Compression,
Decompression and Acceleration, if enabled; Synchronization (always)).
: to consult the detailed supervision status (refer to the supervision details above),
March 2012
Ipanema Technologies
5-9
Ipanema System
By moving the mouse on a square, a contextual text shows the supervision status (see screenshot
above):
5-10
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
5-11
Ipanema System
Reboot window
This window contains:
5-12
Ipanema Technologies
March 2012
5. 4. 2. Scripts
Operating procedure table: Management
This tool is to be used with the Ipanema Technologies Support.
In the System provisioning Toolbar, select
Scripts window
The window comprises the input fields:
The result files are given in a tree structure where the root is
~/salsa/ipboss/server/domains/<domain_name>/temp/Ipanema-dump/<date-time>
format: yymmdd-hhmm).
Three sub-directories are created for each Launch:
(date-time
ipboss: contains the current configuration and the log file of ip|boss,
ipengine: contains the result file (format: <alias or @ip address of the ipengine>.ipmres),
script: contains the used script file. This file is encoded (.ipmscp). An ipengine.txt is
associated to the script file and contains the list of dumped ip|engines (alias+@ip).
March 2012
Ipanema Technologies
5-13
Ipanema System
The user can send these directories in a zipped file (by E-mail or FTP to Ipanema Technologies
support (support@ipanematech.com)).
Different script files are available. The main ones are :
5-14
default.ipmscp: dumps all information in the ip|engine, reserved for the support,
flows.ipmscp: dumps all flows in the ip|engine,
gpsinfo.ipmscp: dumps the synchronization information about the GPS receiver,
ipconfig.ipmscp: dumps information about the IP and Ethernet settings of the ip|engine,
check iptrue.ipmscp: dumps information about ip|true, reserved for the support,
check ipfast.ipmscp: dumps information about ip|fast, reserved for the support,
check ipxcomp.ipmscp: dumps information about ip|xcomp, reserved for the support,
check itp.ipmscp: dumps information about ip|sync synchronization, reserved for the support,
restart iptrue.ipmscp: restarts ip|true agent, reserved for the support,
restart ipfast.ipmscp: restarts ip|fast agent, reserved for the support,
restart ipxcomp.ipmscp: restarts ip|xcomp agent, reserved for the support,
restart itp.ipmscp: restarts ip|sync agent, reserved for the support,
process.ipmscp: dumps information about the process running, reserved for the support.
Ipanema Technologies
March 2012
1. At opening, the list of ip|engines in the configuration is displayed in the left frame. The
Version column is not filled in. Select some ip|engines (or all with the Select all button
and click on the Status button
selected ip|engines.
March 2012
Ipanema Technologies
5-15
Ipanema System
5-16
Ipanema Technologies
March 2012
3. Select the ip|engines to be upgraded in the left frame and the ip|agent software version in
the right frame, and click on the Upgrade button
A message confirms that the selected ip|engines have received the upgrade order.
A Cancel button
allows to cancel the upgrade request. Cancelling an upgrade is possible
before or during the FTP download of the new version of ip|agent, but before the ip|engine
has started swapping.
4. A scheduling window opens, that allows to schedule the upgrade (during the night for
example), or launch it immediately by clicking on Ok without specifying any date or time:
March 2012
Ipanema Technologies
5-17
Ipanema System
5. Check that the upgrade has been completed correctly by selecting the concerned ip|engines
and by clicking on the Status button
5-18
Ipanema Technologies
March 2012
5. 5. IP|BOSS LOGS
Operating procedure table: Management
In the Supervision Toolbar, select
Log.
Log window
This window contains:
the list of Supervision events (on ip|engines, ip|reporter server....) with a time stamping,
the list of Traffic alarming events (on Metaviews) with a time stamping (only if it has been
activated in Options / Activation).
March 2012
Ipanema Technologies
5-19
Service activation.
March 2012
Ipanema Technologies
6-1
Ipanema System
6. 1. 2. Stopping a session
Operating procedure table: ip|true service, ip|fast service, ip|coop service, ip|xcomp service,
ip|xtcp service, ip|xapp service, smart|path service, smart|plan service.
A session can be stopped on the ip|engines by the Toolbar,
Service activation.
Stopping a session will stop all functions of the system (ip|true (measurement), ip|fast,
ip|xcomp, ip|coop, ip|xtcp, ip|xapp, smart|path, smart|plan).
Check that the indicator lights on the status zone turn to black.
6-2
Ipanema Technologies
March 2012
User settings.
March 2012
Ipanema Technologies
6-3
Ipanema System
A: means that the modifications made by a user of the service are automatically applied,
U: means that the user has to use Update to apply the modifications made.
Table Dynamically modifying a session: ip|true service, ip|fast service, ip|xcomp service,
ip|coop service, ip|xtcp service, ip|xapp service.
Components
Services
Dynamic
Login
Login/User Settings
Update
Help
User
Automatic reporting
Security/Generation
Security/Configuration
ip|engines
Topology Subnets
WAN access
Coloring
ip|sync
Other
Manager
System
System
Administration
System
provisioning
Tools/Software
grade
6-4
up-
Tools/Reboot
Tools/Script
Tools/Security status
Ipanema Technologies
March 2012
Components
Services
Dynamic
Other
Service activation
Enable ip|engines
Disable ip|engines
Enable ip|fast
Disable ip|fast
Enable ip|xcomp
Disable ip|xcomp
Enable ip|coop
Disable ip|coop
Enable ip|xtcp
Disable ip|xtcp
Enable ip|xapp
Disable ip|xapp
ip|engines status
Supervision map
Log
Options/Activation
Options/Mail
Options/Trap
User subnets
Applications
TOS
Application Group
QoS profile
Maps
Realtime
Discovery
Metaview
ip|reporter
Alarming
Supervision
Application
provisioning
Helpdesk
Reporting
Whether for a Start or an Update, the configuration is checked to inform the user that resources
(Domains and services) are referenced even though they are not configured in the directories or
dictionaries. As long as the check is not OK, no Start or Update operation can be performed on
ip|engines. The check operation accepts configurations with empty dictionaries or directories.
March 2012
Ipanema Technologies
6-5
Ipanema System
6. 3. 1. Update procedure
Operating procedure table: ip|true service, ip|fast service, ip|coop service, ip|xcomp service,
ip|xtcp service, ip|xapp service, smart|path service, smart|plan service, ip|sync service.
In the Toolbar, select
Update.
If some ip|engines do not apply the new configuration, ip|boss automatically reconfigures these
ip|engines. The status indicator is yellow and shows either:
ip|boss systematically sends a complete configuration file to the ip|engines of the Domain.
6. 3. 2. Transition
In the ip|engines reconfiguration phase, some ip|engines must measure, control and compress
on the basis of different configurations. In addition, as an SNMP agent must take the new
configuration into account (after Update), it may receive measurement results for the previous
configuration. Different problems can arise:
For suppressed dictionary entries, reports on the previous configuration (i.e. with old aggregate
application or TOS values) are automatically classified in other by ip|boss. There is no retroactive
effect on measurement data that may have been saved in ip|reporter.
For suppressed subnet directory entries, reports on the previous configuration (i.e. with old subnet
values) are automatically rejected by ip|boss.
For suppressed ip|engine directory entries, reports on the previous configuration (i.e. with old
ip|engine values) are automatically rejected by ip|boss.
For suppressed ip|engine directory entries, the ip|engines that have disappeared are stopped.
However, the stop signal may not reach the ip|engines concerned after 10 attempts spaced out
over the recovery interval configured in the system, the stop operation is abandoned by the
manager and the user is informed.
6-6
Ipanema Technologies
March 2012
6. 4. SERVICE ACTIVATION
6. 4. 1. ip|true (measurement)
Operating procedure table: ip|engines Enabled, ip|engines Disabled
Stopping ip|true will stop all other functions of the system (ip|fast, ip|xcomp, ip|coop,
ip|xtcp, ip|xapp, smart|path, smart|plan). Refer to the section Stopping a session.
The measurement mechanisms are designed to measure precisely all flows crossing the
ip|engines and to provide comprehensive metrics (volume and quality).
ip|true is enabled, if:
Administrative stare: enable is checked in the ip|engines creation window (Services frame):
March 2012
Ipanema Technologies
6-7
Ipanema System
6-8
Ipanema Technologies
March 2012
Applications
User Subnets
QoS profiles
Metaviews
Application Groups
Reports
TOS
March 2012
Ipanema Technologies
6-9
Ipanema System
QoS objectives are expressed in terms of "physical" constraints (delay, jitter, loss rate, etc.),
customer policies are expressed in terms of classes, defining relative traffic criticality.
6-10
Ipanema Technologies
ip|fast: on:
March 2012
March 2012
Ipanema Technologies
6-11
Ipanema System
6-12
Applications
User Subnets
QoS profiles
LTL
Application Groups
Coloring
TOS
WAN access
Ipanema Technologies
March 2012
If ip|fast is not checked for a tele|engine, the traffic on that site will be controlled
anyway (as long as ip|fast is enabled globally), as it is the remote ip|engines which
actually do it, but without ip|coop (that is, without the remote ip|engines cooperating
to control the site with the tele|engines).
March 2012
Ipanema Technologies
ip|coop: on.
6-13
Ipanema System
If ip|coop is not enabled, tele|engines will still measure and control the traffic, with the
following restrictions:
measurement: the traffic will be measured and reported exactly the same,
control: the traffic will be controlled with no Remote Coordination Group, each
ip|engine managing the flows to and from the unequipped sites (tele|engines) on
its own, without coordination with the other ip|engines communicating with this site.
6-14
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
6-15
Ipanema System
ip|engines
6-16
Application Groups
Ipanema Technologies
March 2012
ip|xtcp: on:
March 2012
Ipanema Technologies
6-17
Ipanema System
ip|engines
6-18
Application Groups
Ipanema Technologies
March 2012
ip|xapp: on:
ip|engines
March 2012
Ipanema Technologies
6-19
Ipanema System
6. 4. 7. smart|plan
Operating procedure table: Smart Planning Enabled, Smart Planning Disabled
Ipanema Technologies Smart planning reports provide easy-to-use data for Capacity Planning
optimization. Smartplanning generates very high added value data enabling a complete analysis
for each network access of the relationship between Traffic (resource) and delivered service
level (results). Using this automatically generated data, it is immediately possible to identify if the
access link is under-provisioned or over-provisioned in regard of the expected service level per
applications business criticality.
smart|plan is enabled, if:
smart|plan: on:
6-20
Ipanema Technologies
March 2012
6. 5. HELPDESK
6. 5. 1. Link supervision
Operating procedure table: ip|true service, ip|fast service, ip|xcomp service, ip|coop service,
ip|xtcp service, ip|xapp service.
In the Helpdesk Toolbar, select
Link supervision.
: to open the real time monitored flows list for the selected sites link (highlighted),
in both directions, in a new tab,
: to open the real time monitored flows list for the selected sites ingress link
(highlighted), in a new tab,
: to open the real time monitored flows list for the selected sites egress link
(highlighted), in a new tab,
: to switch between average and worst AQS (color) in the Usage bars,
March 2012
and
Ipanema Technologies
6-21
Ipanema System
Table columns description (the order is the default one; it can be changed using the Display menu):
Link
if only one WAN access is declared on the ip|engine monitoring the link,
the name of the Link is the name of the ip|engine
if several WAN accesses are declared, the name of the Link is the
association of the name of the ip|engine with the identifier of the link
(NAP Id)
Ingress Usage
percentage of used ingress bandwidth during the last minute; the color of
the bar indicates the quality (AQS, see below): green = good, yellow =
average, red = bad, grey = not computed
Ingress AQS
Green: 10 points
Yellow: 5 points
Red: 0 point
The AQS can take any value in between 0 and 10 (e.g. 9.87), and can be
interpreted like this:
6-22
Egress Usage
percentage of used egress bandwidth during the last minute; the color of
the bar indicates the quality (AQS, see below): green = good, yellow =
average, red = bad, grey = not computed
Egress AQS
Application Quality Score of the egress link (AQS definition: see Ingress
AQS above)
Ipanema Technologies
March 2012
Columns that can be added through the Display / Choose column menu:
ip|engine
napId
Network Access Point identifier: when only one WAN access is declared on
a Site, it will always be 1; when several WAN accesses are declared (up to
three), the napId identifies them (the value, 1, 2 or 3, corresponds to WAN
access 1, WAN access 2 and WAN access 3 respectively, as declared
in the ip|engine creation window)
March 2012
Ipanema Technologies
6-23
Ipanema System
6. 5. 2. Real-Time flows
During a session, the operator can analyze real-time flows (controlled or not), via the Helpdesk
Toolbar,
Real-time.
This feature is very similar to ip|dashboard Real Time Flows frame in the <Site>
window (described in 8.3.3).
Real-time.
a table, with each active flow shown on a separate line. A flow becomes active and is shown in
the window as soon as a packet belonging to it is detected during the session,
the following buttons:
(Freeze) /
(Unfreeze): to freeze / unfreeze the view (it is dynamically refreshed
every minute by default),
6-24
Ipanema Technologies
March 2012
The color of the first column indicates the quality (AQS, see below): yellow = average, red = bad.
The parameter (delay, jitter, loss, etc.) that triggered an average or a bad quality is also highlighted
with the same color, so that one can easyly find which parameters objective was not met (yellow)
or which parameters maximum was exceeded (red).
Table columns description (the order is the default one; it can be changed using the Display menu):
The same metrics are used in the reports, with the same definitions. Yet, in the
reports, other metrics and symbols are also used: you can find their definitions in 8.3.5
Definitions.
Last updated
Ingress
Egress
Source
Destination
Application
application name
TOS/CP
TOS name
Application Group
Criticality
Compression
March 2012
Ipanema Technologies
6-25
Ipanema System
AQS
Green: 10 points
Yellow: 5 points
Red: 0 point
The AQS can take any value in between 0 and 10 (e.g. 9.87), and can be
interpreted like this:
LAN Throughput
level 3 flow, all IP packets (in kbps) sent on upstream side (measured on
the LAN port of the source ip|engine)
LAN Goodput
rate of instantaneous loss (in %) (measured between the LAN port of the
source ip|engine and the LAN port of the destination ip|engine)
LAN Jitter
6-26
delay variation (in ms) (measured between the LAN port of the source
ip|engine and the LAN port of the destination ip|engine)
Ipanema Technologies
March 2012
LAN Sessions
WAN Throughput
level 3 flow, all IP packets (in kbps) sent on upstream side (measured on
the WAN port of the source ip|engine)
rate of instantaneous loss (in %) (measured between the WAN port of the
source ip|engine and the WAN port of the destination ip|engine)
WAN Jitter
delay variation (in ms) (measured between the WAN port of the source
ip|engine and the WAN port of the destination ip|engine)
Accuracy
Alarm
this field indicates, when at yes, the presence of an alarm on the upstream
ip|engine. Check its status for further information. In case of alarm, the
correlation records are ignored.
This table is refreshed about every minute (according to the
ip|engine collect period option) if it is not frozen.
SRT Min
SRT Avg
SRT Max
RTT Min
RTT Avg
RTT Max
March 2012
Ipanema Technologies
6-27
Ipanema System
TCP Retransmission
6-28
Ipanema Technologies
March 2012
The graph window contains four tabs, and each tab is made of 4 graphs, displayed simultaneously:
Tab
Graphs
Additional information
LAN
Delay (ms)
Jitter (ms)
Throughput (kbps)
Delay (ms)
Jitter (ms)
Throughput (kbps)
Avg. sessions
Throughput (kbps)
SRT (ms)
RTT (ms)
Retransmission
Throughput (kbps)
WAN
LAN/WAN
TCP
March 2012
Ipanema Technologies
6-29
Ipanema System
Example of tab
In case of control and/or compression, the differences between LAN and WAN values
might be very different.
Not all graphs are displayed for a tele|engine.
If the upstream or downstream ip|engine is not synchronized, the delay, jitter and packet
loss are not displayed.
6-30
Ipanema Technologies
March 2012
6. 5. 3. Discovery
Operating procedure table
This feature is very similar to ip|dashboard Discovery frame in the <Site> window,
described in 8.3.3).
Discovery.
The indicator light Discovery becomes yellow in the Main window when the Discovery is started.
The discovery function consists in creating one discovery agent for one ip|engine (one agent
maximum per ip|engine). According to the configuration rules this discovery agent will send to
ip|boss:
detailed by:
Discovery window
In addition to the other windows, some extra buttons allow to:
: start the selected discovery agent on the ip|engine,
March 2012
Ipanema Technologies
6-31
Ipanema System
6-32
Ipanema Technologies
March 2012
ip|engine : selects the ip|engine (site) on which the Discovery agent will be running,
Name : name of the Discovery agent (not mandatory),
Network filter: a set of parameters in order to filter the information sent by the Discovery agent:
Local : radio button (according to the choice, the following fields will be enabled),
user subnet: to select a user subnet declared in the configuration,
prefix/length: to specify a subnet address not in the configuration file (for
example a host),
Name: selects in the drop-down list the user subnet in the configuration,
prefix: enter the subnet X.X.X.X,
length: subnet mask associated to the prefix (integer between 0 and 32),
out of local config.: check box; if checked, allows to display the traffic which does not
belong to the local configuration only (e.g. in transit, locally rerouted, etc.), that is, which
is not measured by the ip|engine (nor reported, except in volume in the report SA Site throughput); if the box is unchecked, all the traffic that crosses the ip|engine is
displayed,
Remote: radio button (according to the choice, the following field will be enabled),
ip|engine: to select a destination ip|engine,
user subnet: to select a destination user subnet declared in the configuration,
prefix/length: to specify a user subnet address not in the configuration file (for
example a host),
Name: selects in the drop-down list the ip|engine or user subnet in the configuration,
prefix: enter the subnet X.X.X.X,
length: subnet mask associated to the prefix (integer between 0 and 32),
March 2012
Ipanema Technologies
6-33
Ipanema System
Application filter: a set of parameters in order to filter the information sent by the Discovery
agent in terms of applications:
Type: radio button (function of the choice, the following field will be enable):
Name: to select an application declared in the configuration,
Protocol/ports: to specify a port number or a range over the protocol TCP or
UDP.
Name: selects in the drop-down list the application in the configuration,
Protocol/ports: enter the protocol and port number or range with the following format
UDP/456, UDP/456789, TCP/456 or TCP/456789 (the port can be Out of config),
Out of config: check box, allows to discover the port number classified in other for the
application.
6-34
Ipanema Technologies
March 2012
Discovery.
Discovery window
In the Discovery agents zone, to start an agent, select the line(s) in the list and click on the Start
button
. The status indicator (on the left of the selected line(s)) becomes green.
In the Results zone, the results of the selected and started agent(s) are displayed.
The following command buttons allow to:
(Freeze/Unfreeze): freeze the Results zone (the new result coming from the ip|engine are
not updated),
(Refresh): refresh the Results zone (send a request to the ip|engine),
According to the display parameters selected in the bottom of the Results zone:
Application: applications
hide: the detailed applications are not displayed (all applications will be merged) ,
show: the detailed applications are displayed,
March 2012
Ipanema Technologies
6-35
Ipanema System
Direction: sort the traffic by direction (ingress or egress) on the ip|engine where the discovery
agent is running:
Ingress: ingress traffic (LAN -> WAN),
Egress: egress traffic (WAN -> LAN),
Sorted by: this parameter defines the sort criteria for the Top N results:
Throughput: Top N by maximum throughput usage,
packets: Top N by maximum packets number,
sessions : Top N by maximum sessions number,
Top : this parameter defines the maximum number of entries to display in the results zone:
20,
50,
100,
The Discovery function displays the following results (the counter are cleared at each start of the
agent):
Example
Meaning
Recognized by
When
HTTP (http)
syntax engine
on the
session start
(handshake)
HTTP (tcp)
declared or
well-known port
on the
session start
(handshake)
IMAP
(established)
declared or
well-known port
TCP/0-19999
TCP/19999-0
not recognized
6-36
Ipanema Technologies
March 2012
6. 5. 4. Helpdesk maps
Operating procedure table: ip|true service, ip|fast service, ip|coop service, ip|xcomp service,
ip|xtcp service, ip|xapp service.
In the Helpdesk Toolbar, select
Topology map,
Applicative map or
VoIP map.
Map example
The maps show in a glance the behavior of the whole network. These graphical views use squares
with:
They are divided in main blocks and sub-blocks inside. Those blocks depend on the type of map
(see below) and level of zoom.
By moving the mouse on the square, a contextual text shows the description of the blocks:
This window contains the map itself plus the following buttons and check boxes:
: no access,
March 2012
Ipanema Technologies
6-37
Ipanema System
: to get the list of flows corresponding to the square area in the real time window,
: to zoom in the map,
Topology map: to show the behavior with a topology point of view (sites, sites to sites),
Applicative map: to show the behavior with a criticality, Application Group point of view,
6. 5. 4. 1. Topology Map
By clicking on
Zoom levels:
Top level: at the first level, the map displays the full traffic with a main block per source (ingress)
ip|engine and a sub-block per destination (egress) ip|engine.
Zoom in level 1: by zooming in a Site block, you can see a sub-block per Application Group
from site to site.
Zoom in level 2: by zooming in an Application Group block, you can see a sub-block from
site to site by Application Group.
6. 5. 4. 2. Applicative Map
By clicking on
Zoom levels:
6-38
Top level: at the first level, the map displays the full traffic with a main block per criticality and
a sub-block per Application Group.
Zoom in level 1: by zooming in a criticality block, you can see a sub-block for all Application
Groups in the selected criticality level and the ingress site for each Application Group.
Ipanema Technologies
March 2012
Zoom in level 2: by zooming in an Application Group block, you can see a sub-block for all
ingress sites in the selected Application Group, and the egress sites for each ingress site.
Zoom in level 3: by zooming in a Site block, you can see a sub-block for the selected
Application Group between ingress site and egress site.
6. 5. 4. 3. VoIP Map
By clicking on
Unlike the other maps, the VoIP map does not show the AQS, but the MOS (mean opinion score)
of the voice calls.
MOS Definition
Zoom levels:
Top level: at the first level, the map displays the full traffic with a main block per source (ingress)
ip|engine and a sub-block per destination (egress).
Zoom in level 1: by zooming in a Site block, you can see a sub-block from site to site, and
per Codec for each site.
Zoom in level 2: by zooming in a Codec block, you can see a sub-block from site to site by
Codec.
March 2012
Ipanema Technologies
6-39
Ipanema System
6. 6. HELP
In the Toolbar, select
Help:
Help window
This window contains the documentation of Ipanema System.
6-40
Ipanema Technologies
March 2012
All configuration operations described in this section are performed with Mozilla Firefox 8.0 as
a web GUI on a Windows XP workstation.
7. 1. CONNECTION TO IP|DASHBOARD
To connect to ip|dashboard from the SALSA web client, first select the Domain you want to
connect to, then click on the ip|dashboard button:
March 2012
Ipanema Technologies
7-1
Ipanema System
7-2
Ipanema Technologies
March 2012
Example of menu and windows titles bar with two Sites windows open
March 2012
Ipanema Technologies
7-3
Ipanema System
3. The main space shows different network views, according to the selected window. You can
open a window by clicking on its title in the menu and windows titles bar (for a <Site> window,
it must have been opened first by clicking on a Site in the <Domain> or in the Sites window).
The <Domain> window contains three frames:
<Domain> - Overview
Sites
<Site> - Overview
<Site> - Discovery
7-4
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
7-5
Ipanema System
Historical graphs
You can read the exact values on historical graphs by hovering your mouse over them. A vertical
bar then appears on the graph, with a small pop-up indicating the exact time and the exact values
of each curve at this time; the same vertical bar and pop-up also appear in the other historical
graphs of the window, thus allowing a synchronized navigation and reading of all graphs:
7-6
Ipanema Technologies
March 2012
To see what kind of reports can be accessed, hover your mouse on the icon; for example in a
<Site> window:
To access the reports, click on the icon to display the reports list; for example in the <Domain>
window:
March 2012
Ipanema Technologies
7-7
Ipanema System
7. 3. USING IP|DASHBOARD
7. 3. 1. Domains view
The <Domain> window gives access to the following information:
<Domain> - Overview
7-8
Ipanema Technologies
March 2012
Sites by AQS
This bar graph shows the Top 10 Sites (i.e. the 10 Sites with the best quality)
sorted by decreasing quality (the best Site of the Domain is displayed in the first
bar on the left), with their AQS values displayed both as a number (between 0
and 10 with two decimals) and as a colored bar (the height of the bar indicates
the value on the vertical axis and the color can take any hue between green
(AQS = 10) and red (AQS = 0)).
By clicking on Worst 10 at the top of the bar graph, the 10 worst Sites are
displayed, sorted by increasing quality (the worst Site of the Domain is displayed
in the first bar on the left), with their AQS values.
By clicking on a bar, a new window opens and shows detailed information for the selected
Site.
Site Overview
This pie chart shows the number of Sites (and the percentage of the total that they
represent):
March 2012
Ipanema Technologies
7-9
Ipanema System
By clicking on Worst 10 at the top of the bar graph, the 10 worst Application
Groups are displayed, sorted by increasing quality (the worst Application Group
of the Domain is displayed in the first bar on the left), with their AQS values.
Last 3h AQS
This historical graph shows the evolution of the AQS for all flows (the label at
the top of the graph reads All Criticalities) on the Domain during the last three
hours, with one value every minute (or every 5 or 15 minutes, according to the
collect period see the Domains parameters in ip|uniboss).
By clicking on Top/High Criticalities at the top of the graph, it shows the
evolution of the AQS for the critical flows only, during the last three hours.
Top by volume
This pie chart shows:
the top 10 Application Groups in volume (by clicking Top 10 Application Groups
at the top of the graph; this is the default view),
the top 10 Sites in volume of outgoing traffic (by clicking Top 10 Sites (LAN =>
WAN) at the top of the graph),
the top 10 Sites in volume of incoming traffic (by clicking Top 10 Sites (WAN =>
LAN) at the top of the graph),
with their names and volumes.
7-10
Ipanema Technologies
March 2012
7. 3. 2. Sites view
The Sites window gives access to the following information:
Sites
Sites window
This unique frame in the window shows, for all Sites of the Domain, the following information:
Site: name of the Site; by clicking on that name, a new window opens with more details
on the selected Site.
The Sites links usage and quality with, for each direction (LAN => WAN and WAN =>
LAN), the following fields:
link size: WAN access throughput, as declared in ip|boss (max B/W),
link usage: usage of the link, displayed both as a percentage of the link size and
as a bar, the size of which is proportional to the usage,
AQS: quality of the link, displayed both as an AQS value (between 0 and 10) and
as a color (between green (AQS = 10) and red (AQS = 0)).
The Sites Application Groups volume and quality, sorted by Criticality levels (Top, High,
Medium, Low), with each square color representing the quality of the corresponding
Application Group (in the same column) for the corresponding link (on the same line); it
can take any hue between green (AQS = 10) and red (AQS = 0).
you can read the exact values by hovering your mouse on the squares;
clicking on a square opens a new window for the corresponding Site, where it
filters the flows in the Sites Real Time Flows list (see below) according to the
selected Application Group: thanks to this features, you can immediately access
the details of any Application Group for any Site.
This window is automatically refreshed every minute (or every 5 or 15 minutes, according to the
collect period see the Domains parameters in ip|uniboss).
March 2012
Ipanema Technologies
7-11
Ipanema System
<Site> - Overview
7-12
Ipanema Technologies
March 2012
Last 3h AQS
This historical graph shows the evolution of the AQS for all flows (the label at the
top of the graph reads All Criticalities) of the Site during the last three hours,
with one value every minute (or every 5 or 15 minutes, according to the collect
period see the Domains parameters in ip|uniboss).
By clicking on Top/High Criticalities at the top of the graph, it shows the
evolution of the AQS for the critical flows only, during the last three hours.
March 2012
Ipanema Technologies
7-13
Ipanema System
7-14
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
7-15
Ipanema System
This frame is very similar to ip|boss Real time flows list (ip|boss > Helpdesk >
Real-Time, described in 7.5.2).
This frame shows three filters (Application Groups, Applications and Remote sites) and the list
of flows for the Site:
The three filters show the list of Application Groups, the list of Applications and the list
of Remote Sites with, for each of them, their names (first column), their LAN-to-LAN
throughput (LAN column) and their WAN-to-WAN throughput (WAN column).
Applying a filter
The flows in the Real Time Flows list can be filtered out by clicking on any line
in the three filter tables.
Several filters can be applied simultaneously.
To remove the filters, click the first line (ALL; this is the default view).
Interactions between the filters
When a filter is applied, the two others are automatically updated accordingly.
For instance, if FTP is selected in the Application Groups filter, the Applications
filter table will only show the applications belonging to that Application Group
(and ALL shows the total throughput for that Application Group too), and the
throughputs displayed in the Remote Sites filter correspond to the throughput for
that Application Group only.
Sorting the data in the filters:
7-16
Ipanema Technologies
March 2012
It is possible to sort the data in these filters by clicking on the column headers:
click once to sort the data by increasing order (an up arrow
then appears
next to the header), click twice to sort the data by decreasing order (
).
(The line named ALL shows all flows with the total values, and it always appears
at the top of the filter tables, whatever the sorting criteria.)
Example where only FTP flows between .Mumbai and .Paris are shown
The Real Time Flows list itself shows a table with each active flow shown on a separate
line. A flow becomes active and is shown in the window as soon as a packet belonging
to it is detected during the session. The table contains the following columns
Topology
Local Site
name of the User subnet on the local Site (this field is empty if the local IP
address does not belong to any User subnet defined on the Site)
name of the User subnet on the local Site (this field is empty if the local IP
address does not belong to any User subnet defined on the Site)
direction of the flow:
outgoing (the local Site is the source)
incoming (the local Site is the destination)
Remote Site
name of the remote ip|engine (where the flow is going to or coming from)
March 2012
Ipanema Technologies
7-17
Ipanema System
AQS
Application Quality Score of the flow: score between 0 (extremely bad quality) and 10 (excellent
quality), displayed with two decimals.
The color of the field also represents the quality, with the following meaning:
Excellent, Very good, etc., are only a typical interpretation of the AQS with typical
parameters it may vary according to the users sensibility and according to the QoS
profile parameters.
When the AQS is not good, the parameters (delay, jitter, loss, etc.) that triggered an average or a
bad quality are also highlighted with the same color, so that one can easily find which parameters
objectives were not met (yellow) or which parameters maximum values were exceeded (red).
100 is a reserved value used when the AQS cannot be computed.
The quality of a flow cannot be computed when ALL three following conditions are met:
it is a real time flow (the bandwidth is not a criteria) or the bandwidth objective of the flow is not
met (the quality is measured thanks to the other parameters),
the flow is not qualified (D/J/L cannot be measured),
the flow runs over UDP (RTT, TCP retransmission and SRT cannot be measured either) or
those parameters are not activated in the QoS profile.
Classification
Application Group
Application
Criticality
Sens.
Thr. (kbps)
7-18
Ipanema Technologies
March 2012
Sess.
Loss (%)
LAN-to-LAN loss rate (measured between the LAN port of the source
ip|engine and the LAN port of the destination ip|engine)
Delay (ms)
LAN-to-LAN one-way-delay (in ms) measured between the LAN port of the
source ip|engine and the LAN port of the destination ip|engine
Min: minimum LAN-to-LAN one-way-delay
Avg: average LAN-to-LAN one-way-delay
Max: maximum LAN-to-LAN one-way-delay
Jitter (ms)
LAN-to-LAN jitter (delay variation measured between the LAN port of the
source ip|engine and the LAN port of the destination ip|engine)
WAN
Thr. (kbps)
Loss (%)
WAN-to-WAN loss rate (measured between the WAN port of the source
ip|engine and the WAN port of the destination ip|engine)
Delay (ms)
Jitter (ms)
WAN-to-WAN jitter (delay variation measured between the WAN port of the
source ip|engine and the WAN port of the destination ip|engine)
Comp
Ratio
March 2012
Ipanema Technologies
7-19
Ipanema System
TCP
SRT (ms)
The Server Response Time measures the delay (in ms) between the last
packet sent by the client during a request (PSH) and the emission of the
acknowledgement to the first packet received from the server (ACK).
When an ip|engine is installed on the client side, it measures this response
time and reports it to ip|boss; otherwise, it is the ip|engine installed on
the server side which does it (and the measurement is made between the
reception of the PSH and the reception of the ACK).
If the same ip|engine does not see the two ways of the TCP connection
(in case of a cluster with asymmetric routing), the SRT will not be measured
unless the two ip|engines of the cluster are connected together and the
ASR feature is configured.
7-20
Comp.
Accu.
Al.
Ipanema Technologies
March 2012
TOS / DSCP
name of the TOS / DSCP value used to recognize the application, when applicable
This table is refreshed about every minute (according to the ip|engine collect period
option) if it is not frozen.
The same metrics are used in the reports, with the same definitions. Yet,
in the reports, other metrics and symbols are also used: you can find their
definitions in 8.3.5 Definitions.
From any flow in this list, one can open a Real Time Graph, which is a 12minute window
showing the evolution of the above metrics with additional polling every 10 seconds. Up to four
graphs can be open on a Domain, simultaneously.
To access the Real Time Graph, right click on a flow and select Start Real Time Graph:
March 2012
Ipanema Technologies
7-21
Ipanema System
<Site> - Discovery
This frame is very similar to ip|boss Discovery function (ip|boss > Helpdesk >
Discovery, described in 7.5.3).
The Discovery function consists in creating a Discovery agent for the selected ip|engine (one
agent maximum per ip|engine) to collect additional data (as compared to the data already
collected and displayed in the Real Time Flows list see above).
Filters
The flows can be filtered according to 5 criteria, using the 5 drop-down lists surrounding the
network diagram:
Template: three templates can be used to filter:
Out of local subnets: (= out of local config) packets crossing the ip|engine, but
where neither the source IP address nor the destination IP address belong to
one of its Topology subnets (this traffic is called in Transit); these flows are
not measured individually by the ip|engine; instead, only their global volume is
measured and reported (i.e., these flows are not present in the Real Time Flows
list nor in any report, except in the Site Analysis reports, which show the volume
of Transit traffic).
Unrecognized Application: packets belonging to applications which are not
recognized by the ip|engines syntax engine, which were not declared in
ip|boss and which do not use well-know ports,
Out of Domain: sent packets with a destination IP address which does not belong
to a declared Topology subnet, or received packets with a source IP address
which does not belong to a declared Topology subnet (in either case, these
packets will match Out of Domain Topology subnet which is in the system
by default, so it does not have to be declared , 0.0.0.0/0).
Local User Subnet: to filter the data using a User subnet declared in ip|boss for the
local Site,
An Out of Local Config. check box allows, if checked, to display the traffic which
does not belong to the local configuration only (see Out of local subnets above)
Remote User Subnet: to filter the data using a User subnet declared in ip|boss for a
remote Site,
7-22
Ipanema Technologies
March 2012
Remote Site: to filter the data using a User subnet declared in ip|boss for a remote Site,
Application: to filter the data according to one application,
An Out of config check box, allows, if checked, to discover the port number
used by the unrecognized applications (see above).
Start/stop a Discovery agent
A Discovery agent can be started or stopped with the
of the <Site> - Discovery frame header:
and
Result table
According to the configuration rules this Discovery agent will collect the following data and
send them to ip|boss:
Local IP
local IP address
Remote IP
remote IP address
Application
March 2012
Ipanema Technologies
7-23
Ipanema System
button at the
Display settings
The results can be displayed in different ways, thanks to 6 drop-down lists below the network
diagram:
Local IP:
Detail: the local IP addresses are displayed (so different local IP addresses will
always be displayed on different lines),
Group: the local IP addresses are not displayed (and all flows with the same
remote IP address and same application will be merged on one line, even if they
have different local IP addresses).
Remote IP:
Detail: the remote IP addresses are displayed (so different remote IP addresses
will always be displayed on different lines),
Group: the remote IP addresses are not displayed (and all flows with the same
local IP address and same application will be merged on one line, even if they
have different remote IP addresses).
Application:
Detail: the application names are displayed (so different applications will always
be displayed on different lines),
Group: the application names are not displayed (and all flows with the same
local IP address and same remote IP address will be merged on one line, even
if different applications are running between these two addresses).
Top:
20: shows the 20 most significant results (in Packets, Bytes or Sessions,
according to the field used to sort the data),
50: shows the 50 most significant results,
100: shows the 100 most significant results.
Sort by: it is possible to sort the data according to the number of:
Bytes,
Packets,
Sessions,
Bytes,
Packets,
Sessions.
7-24
Ipanema Technologies
March 2012
8. 1. MIB ACCESS
8. 1. 1. MIB
The description file is available in the directory of ip|boss:
~/salsa/ipboss/server/interface/ipanema-technologies.mib
~/salsa/ipboss/server/interface/ipanema-technologies-notifications.mib
8. 1. 2. SNMP
Measures can be used via a MIB access thanks to an SNMP agent included in the ip|boss software.
The UDP port used by this agent must be configured, Domain per Domain (a different port must
be declared for each Domain), in ip|uniboss.
Access to the agent is read-only with SNMPv2c protocol. The Community name is public (default
value, can be configured by user).
The SNMP agent instantiates the system and SNMP groups as well as a private MIB.
The SNMP agent is updated every Short reporting period (as defined in the Domain configuration
see chapter 3).
March 2012
Ipanema Technologies
8-1
Ipanema System
8. 2. IP|REPORTER
This section describes the reporting system, ip|reporter, made by Ipanema Technologies.
8. 2. 1. Ipanema Architecture
The Ipanema solution architecture is composed of the following system elements:
ip|boss is the centralized management software for the Ipanema performance management
system which runs on a standard Solaris or Windows platform. Through the ip|boss, business
objectives are communicated to ip|engines and measurement data are collected.
ip|reporter is a full-service report generating utility. It provides a global view of service levels
for each application, as well as detailed, metrics based reports for problem diagnostics.
The ip|reporter is a reporting tool powered by InfoVista and based on OEM agreement.
InfoVista can operate with real-time data or deferred-time data. Real time, such as SNMP data,
is retrieved from the ip|boss at regular intervals by polling the resource and requesting it for
specific information about the behavior of the resource. These data give up to date information
about IS behavior.
Deferred-time data is external to the SNMP world. It has its source in existing log files (a web
site log file, for example) or databases. It is batch-loaded onto the InfoVista server as some time
after it was generated. InfoVista uses these data to calculate Indicators in the same way as it
handles real time data. And, in fact, when the data is displayed on a report, the origin of the
resource data is totally transparent to the user.
8-2
SNMP (System MIB) Collect of measurement. Interfaced with SNMP agent of ip|boss.
Ipanema Technologies
March 2012
Ipanema architecture
March 2012
Ipanema Technologies
8-3
Ipanema System
8-4
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-5
Ipanema System
8. 2. 3. Terms
8. 2. 3. 1. The Instance
Each monitored resource in the network is represented by an Instance object (equivalent to a
Metaview in ip|boss) . An Instance can represent any logical or physical element in the network
such as an ip|engine source, an ip|engine destination, a subnet source, a subnet destination, an
application, a Key A, a Key B, an Application Group, a criticality.
The Instance consists of values and identify and characterize the resource (for example, the alias
for an application). These characteristics are called Property and the values assigned to them are
called Property Values.
The data is displayed on a Graph. The Instance is mapped to the Graph via a report.
8. 2. 3. 2. The Vista
You create each Instance object from a template object called the Vista. The Vista indicates which
Properties each Instance should have. You can create any number of Instances from the same
Vista. In this way, you define each type of equipment only once and when you create Instances of
this equipment, you simply supply the values of the Properties.
InfoVista is installed with a number of standard, pre-configured Vistas which allow you to get up
and running immediately.
For example:
the Vista SNMP node has the Properties snmprd (SNMP community read) and snmpwr (SNMP
community write).
Rules can be defined to create relationships between Vistas. They are not immediately
visible in the object model but they are exploited by several Vistas you use. For example,
one of the standard Rules states that All Routers are SNMP nodes. The result is that
the Vista Router automatically inherits all the Properties of the Vista SNMP node as
well as its own intrinsic Properties.
8. 2. 3. 3. The Indicator
An Indicator is a measurement. It tells us something about the operation of a resource. Examples
are data traffic or quality of service. InfoVista calculates the values of Indicators from the source
data, which it collects from the monitored resource.
Standard, pre-configured Indicators exist for the most common situations that you encounter (and
for some of the more difficult ones, too).
8. 2. 3. 4. The Report
An InfoVista report shows one or more Graphs and possibly some decorative text or bitmaps. Each
Graph shows the values of a set of Indicators for a set of Instances (the monitored resources).
8-6
Ipanema Technologies
March 2012
You can also create sub-folders, if necessary, to organize your working environment.
8. 2. 3. 7. Libraries
A Library (supplied by InfoVista or third parties, or created by you) is used to group together objects
such as Vistas, Indicators, etc. in order to obtain logical units.
March 2012
Ipanema Technologies
8-7
Ipanema System
Manager service
Collector service
or
Client-Server communication failure
Browser service
Which may be displayed after trying to connect to a server, means that the InfoVista
server has not started correctly. If you have a problem, refer to chapter 1 section
Troubleshooting.
8-8
Ipanema Technologies
March 2012
Starting IVreport
Unix
March 2012
Ipanema Technologies
8-9
Ipanema System
After startup, the Connection dialog box is displayed. Enter the parameters requested and click on
OK.
Startup window
Server name: Name of the system running the InfoVista server or IP address. If the server is on
the same machine as the client application, leave this field blank or put the loop back address
(127.0.0.1).
Several instances of InfoVista can be installed on the same server. In this case the
syntax is the following: <instance_name>@x.x.x.x (where x.x.x.x is the IP address
of InfoVista server).
In a firewall environment, the endpoints for Manager, Collector and
Browser services can be fix. In this case the syntax is the following:
x.x.x.x:ManagerPort:CollectorPort:BrowserPort (where x.x.x.x is the IP address of
InfoVista server). The endpoints ports can be setup using ip|reporter rich client
(IVreport):
8-10
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-11
Ipanema System
8-12
or a
.A
Click a
Click a
Double-click the name of an object to open the Property sheet or List view window of the object
(shortcut for Edit/Open).
Ipanema Technologies
March 2012
The right-hand pane of the window displays the list of sub-objects of the object that is currently
selected in the object tree.
Double-click an object name to open the Property sheet of the object (shortcut for Edit/Open).
The tool bar contains buttons which provide shortcuts for the more frequently used menu
commands.
Open the Property sheet of the selected object (shortcut for Edit/Open).
Create a new report with the Instant Report wizard (shortcut for
Reports/Instant Report).
March 2012
Ipanema Technologies
8-13
Ipanema System
Report viewer
Report/Periodical Refresh/Stop
Report/Periodical Refresh/Start
The report template is configured to update the data display in function of the display rate value.
File/Print While a Report is open, you can print it with this command. The report is printed
on your systems default printer.
Edit/Copy
Toggle Information Mode (not in a menu) When depressed, displays a tool tip over graphic
objects, indicating the Metric name, Vista name and acquisition rates, time span and the objects
Description attribute.
8-14
Ipanema Technologies
March 2012
Use the reference Time slider to adjust the reference time of the report:
or click on the time or date, edit with the keyboard and press Enter to validate
March 2012
Ipanema Technologies
8-15
Ipanema System
The Domain selected in theSALSA web client has no impact, as once in ip|reporter,
you will be able to select the reports on any Domain you have an access to (according
to you User rights).
If you are connected on a Domain with ip|boss (and if you accesses it via SALSA), you can open
ip|reporter web by selecting the
Different accesses can be defined with different user rights (unlike for the users of IVreport (VF0),
who always have access to all the reports managed by the server). Refer to the Technical note
TN-0200011-04__how_to_configure_report_access_with_VPSE2.pdf.
Two different windows can be displayed, according to the VistaFoundation being installed, VF0 otr
VF4:
8-16
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-17
Ipanema System
8. 2. 5. Reports Management
Operating procedure table: settings (automatic reporting), settings (define reports), service ip|true
(automatic reporting), service ip|true (modify reports), service ip|reporter (automatic reporting),
service ip|reporter (define reports)
The reports are managed in the ip|boss interface, thanks to ip|reporter or to the Automatic
reporting tool.
ip|boss manages the Instances creation and deletion in InfoVista according to the configuration
parameters.
ip|boss is the reference for the reports and Instances for infovista. If some reports described in
ip|boss configuration file are not present in Infovista database, then ip|boss takes in charge to
create the missing reports. At the opposite, if some reports exist (for the Domain) in Infovista
database and not in ip|boss configuration, then ip|boss takes in charge to delete these reports.
ip|reporter uses the Metaviews for the reports creation and filling.
Three kinds of reports creation are available:
8-18
ip|reporter, unitary mode: one report is created on one Metaview. This mode is to use to add a
specific report on a specific Metaview, or to create some reports that cannot be created in the
Wizard mode.
ip|reporter, automatic mode (Wizard): several reports can be created on several Metaviews in
one operation. For example: 8 given reports on all physical sites.
automatic reporting: reports are automatically created for the Domain, for all Physical sites,
for all Virtual sites or for all Application Groups, and will automatically be added when new
Physical sites, new Virtual sites or new Application Groups are created.
Ipanema Technologies
March 2012
8. 2. 5. 1. Automatic reporting
This tool allows to create reports for the Domain, for all Physical sites, for all Virtual sites or for all
Application Groups.
The selected reports are automatically added for existing Physical sites*, Virtual sites* and
Application Groups, and will be automatically added when new Physical sites*, new Virtual sites*
or new Application Groups are created.
* For the sites (physical or virtual), the selected reports are created only if
Auto-reporting is at yes in the ip|engine parameters.
Automatic reporting.
Domain,
Physical sites (= sites with an ip|engine),
Virtual sites (= sites with a tele|engine),
Application Groups.
Report template: drop-down list of available report templates, to choose the reports attached
to the selected tab.
March 2012
Ipanema Technologies
8-19
Ipanema System
four click boxes allow to define which time aggregation can be created for the report:
Hour,
Day,
Week,
Month.
a click box that allows to define the level of confidentiality for the report:
Public (unclicked by default):
when clicked, the reports are stored in the hour / day / week / month folders
in IVreport, and an access to the reports can be given to all users using the web
client;
otherwise, the reports are stored in the hour private / day private
/ week private / month private folders in IVreport, and the
access to the reports can be restricted, for the users using the
web client, to authorized users only (refer to the Technical note
TN-0200011-04__how_to_configure_report_access_with_VPSE2.pdf).
8-20
Ipanema Technologies
March 2012
ip|reporter.
ip|reporter window
This window contains the list of reports created on each instance with the specific parameters.
By clicking on the New button
Metaview: drop-down list of Metaviews, to choose the Metaview on which the reports will be
created.
Report template: drop-down list of available report templates, to choose the reports attached
to the selected Metaview.
4 click boxes allow to define which time aggregation can be created for the report:
Hour,
Day,
Week,
Month.
a click box that allows to define the level of confidentiality for the report:
Public (unclicked by default):
when clicked, the reports are stored in the hour / day / week / month folders
in IVreport, and an access to the reports can be given to all users using the web
client;
otherwise, the reports are stored in the hour private / day private
/ week private / month private folders in IVreport, and the
access to the reports can be restricted, for the users using the
web client, to authorized users only (refer to the Technical note
TN-0200011-04__how_to_configure_report_access_with_VPSE2.pdf).
March 2012
Ipanema Technologies
8-21
Ipanema System
ip|reporter.
ip|reporter window
8-22
Hour,
Day,
Week,
Month.
Ipanema Technologies
March 2012
a click box that allows to define the level of confidentiality for the report:
Public (unclicked by default):
when clicked, the reports are stored in the hour / day / week / month folders
in IVreport, and an access to the reports can be given to all users using the web
client;
otherwise, the reports are stored in the hour private / day private
/ week private / month private folders in IVreport, and the
access to the reports can be restricted, for the users using the
web client, to authorized users only (refer to the Technical note
TN-0200011-04__how_to_configure_report_access_with_VPSE2.pdf).
The first zone (on the left) shows the list of elements (Metaviews and Report templates) as
described in the system and managed by ip|boss, the second area (on the right) shows the
selected elements.
Some arrows are used to move the selected data from one area to another.
By selecting several elements in each list, the system will create the reports according to
combinative selected criteria.
8. 2. 5. 4. Reports Deletion
To delete some reports in the Infovista database, just suppress the reports in the list accessible by
ip|reporter. After the validation of the deletion and update of the configuration, the reports
are definitively deleted, the reports and their data cannot be accessed anymore.
It is possible to suppress several reports by selection with the keyboard.
Another way to remove the reports is by clicking on the icon
reports is displayed.
March 2012
Ipanema Technologies
8-23
Ipanema System
8. 2. 5. 5. Update in InfoVista
After creation or deletion of reports, click on the flashing Update button
in order to update the
Infovista Database with ip|boss configuration. After you have confirmed you want to update the
configuration in ip|reporter, this step is identified by the ip|reporter Database LED (in the ip|boss
status zone) in amber during the synchronization (this can last several minutes, or several hours if
you created a large number of reports at a time).
8. 2. 5. 6. Force synchronize
If InfoVista suffers a Database synchronization problem, it is possible to force the synchronization
using ip|reporters menu Actions / Force synchronize.
This function should not be used under normal circumstances. Use it only in case
of synchronization problem. A synchronization problem can be checked in the
logs, and thanks to the Database LED above (grey: an error happened during last
synchronization; red: error in the reports description; amber is a normal color during
synchronization, but it should be a temporary state: if the LED remains amber for an
abnormaly long time, this can also be due to a synchronization problem).
8-24
Ipanema Technologies
March 2012
8. 2. 5. 7. Recommended reports
Ipanema recommends that the following reports are created:
Report
Dom
Phy
Vir
PM - Site Summary
PM - Detailed per AG
(x)
X
X
X
SA - Site Throughput
X
X
X
X
PM - Compression Evolution
PM - Compression Synthesis - AG
FI - Availability Overview
FI - Availability Evolution
other
PM - Time Evolution
UC
X
Discovery result table
where Dom stands for Domain, Phy for Physical sites, Vir for Virtual sites, UC for Application
Groups, and other should be created for a specific occasion only (troubleshooting...), then
removed.
March 2012
Ipanema Technologies
8-25
Ipanema System
8. 3. 1. IVreport (VF0)
To open a report using IVreport, launch IVreport (default login / password are administrator /
(no password)), open the Reports tab, open the following folders: Report folders / <Domain>
/ <MetaView> / <Level of aggregation, level of confidentiality>, then double-click on the reports
name.
If the Public click box was clicked on the reports creation, it can be found in the hour / day
/ week / month folders;
otherwise, it can be found in the hour private / day private / week private / month private
folders.
8-26
Ipanema Technologies
March 2012
by selecting Folders in the drop-down list in ip|reporters main window, you can access the
reports with the following file system tree (4 hierarchical levels):
<Domain> / <type of MetaView> / <MetaView> / <time level, public/private>
March 2012
Ipanema Technologies
8-27
Ipanema System
The second browsing method allows to navigate in the sites reports with two additional
hierarchical levels, defined by the ip|engines Navigation fields Folder name for level 1 and
Folder name for level 2: by selecting Navigation in the drop-down list in ip|reporters main
window, you can access the sites reports with the following file system tree (6 hierarchical
levels):
<Domain> / Navigation / <Folder name for level 1> / <Folder name for level 2> /
<MetaView> / <time level, public/private>
(the <type of MetaView> level disappears, as this method is valid to access the sites reports
only).
This method is very helpful on larges networks, with hundreds or thousands of sites.
In the example below, Folder name for level 1 was used to group sites per continents, and
Folder name for level 2 was used to group sites per countries. The ip|engines created without
filling those fields are grouped under the Unknown folder name:
8-28
Ipanema Technologies
March 2012
all the reports available with VF0 are also available (they are called real time reports hereafter),
and there are new high level reports displayed in the main web page (they are called Service
Level Overview reports).
Time Navigator,
Navigation,
Service Level Overview,
and two frames in Reports.
The Time Navigator frame shows the date and time, and allows to browse the selected reports in
the past.
March 2012
Ipanema Technologies
8-29
Ipanema System
To access a report, first select the MetaView or group of MetaViews in the Navigation frame (click
on the
to collapse a branch):
8-30
Ipanema Technologies
March 2012
The Service Level Overview report corresponding to the selected MetaView(s) is displayed in the
Service Level Overview frame:
For a Site or a list of Sites, this report shows, for each site:
the name of the MetaView (<Domain name> x Site:<name of the Site>),
the AQS per criticality level (Top, High, Medium and Low) with color bars; the colors
indicate the AQS (from red = 0 to green = 10), and one can read the exact value of the
AQS by moving the mouse over the bars,
the ingress (LAN => WAN) and egress (WAN => LAN) WAN accesses utilization (in
percentage of the WAN accesses throughputs) and the WAN accesses throughputs (as
defined in ip|boss); the utilization bars are blue between 0 and 70% of utilization, yellow
between 70 and 90% of utilization, and red above 90% of utilization; the percentage of
utilization can be read by moving the mouse over the bars,
For an Application Group or a list of Application Groups, this report shows, for each Application
Group:
the name of the MetaView (<Domain name> x Application Group:<name of the
Application Group>),
the AQS of the Application Groups with color bars; the colors indicate the AQS (from red
= 0 to green = 10), and one can read the exact value of the AQS by moving the mouse
over the bars,
the ingress (LAN => WAN) and egress (WAN => LAN) throughputs, both on the LAN
interfaces of the ip|engines and on their WAN interfaces,
the number of sessions.
March 2012
Ipanema Technologies
8-31
Ipanema System
A second type of Service Level Overview reports is available by selecting the Evolution tab, at
the top of the window:
Evolution tab
It shows four frames:
the
the
the
the
8-32
Ipanema Technologies
March 2012
To access the real time reports, once the Metaviews have been selected in the Navigation frame,
select the periodicity in the Reports frame:
March 2012
Ipanema Technologies
8-33
Ipanema System
Report example
On the client you can use the time slider (IVreport) or specify the date and time (both clients) to see
the previous values of each indicator. This presents you with a historical view of each resource
for any moment during the lifetime of the report.
8-34
Ipanema Technologies
March 2012
8. 3. 5. Definitions
Here is a definition of the symbols and specific metrics that are used in the reports (for the definition
of the standard metrics, such as AQS, Delay, Jitter, Loss rate, RTT, SRT, TCP retrans., etc.), please
refer to 7.5.2.1 Analyzing Real time monitored flows):
=>
<=
Session
A session is identified:
Qualified
(sessions,
throughput,
goodput)
Non qualified
or Unqualified
(throughput,
goodput, sessions)
MOS
(1 to 5)
March 2012
Ipanema Technologies
8-35
Ipanema System
Overactivity
(%)
Evolution
(Volume, Quality,
Activity)
(++/+/0/-/- -)
++: the metric has increased a lot (by more than +20%),
+: the metric has slightly increased (between +5 and +20%),
o: the metric is stable (between 5% and +5%),
- : the metric has slightly decreased (between 5 and 20%),
- -: the metric has decreased a lot (by more than 20%).
Discovery result table
Color Management
8-36
Ipanema Technologies
March 2012
Ipanema VistaViews
Some of these VistaViews are available only if you have purchased the corresponding
options and if they are enabled in the license file.
March 2012
Ipanema Technologies
8-37
Ipanema System
core
Acceleration
Acceleration - en
Application Monitoring
Application Monitoring - en
CIFS
CIFS - en
Compression (option)
Compression - en
Fault Isolation
Fault Isolation - en
ip_export (option)
Performance Monitoring
Performance Monitoring - en
Site Analysis
Site Analysis-en
SLA
SLA - en
Smartplanning (option)
Smartplanning - en
VoIP
VoIP-en
8-38
Ipanema Technologies
March 2012
The statistics generated by the different functions are available throughout the whole Ipanema
System:
ip|boss aggregates the data gathered from ip|engines measurement, QoS & control,
redundancy elimination and acceleration functions, and makes them available through the
SNMP interface.
ip|reporter uses them to generate the appropriate easy-to-use reports, that provide a complete
analysis for each network access.
All reports can be created with ip|reporter using the single or the wizard mode (unless otherwise
specified).
The reports on the Domain, on Physical or Virtual sites, and on Application Groups can also be
created with the Automatic reporting tool.
The available periodicity levels for the reports are the following (unless otherwise specified):
Hourly,
Daily,
Weekly,
Monthly.
The Ipanema System library contains the following report templates, with the following
abbreviations being used:
in What is measured: App: Application; Crit: Criticality; D/J/L: Delay/Jitter/Loss; Ses: number
of sessions; Thput: Throughput; Gput: Goodput; (un)qual: (un)qualified; AG: Application Group;
Vol: volume; evol: evolution
Filters: D: Domain; P: Physical Sites; V: Virtual sites; K: Keys; S: User Subnets; U: Application
Groups; A: Applications; C: Criticality
Legend in the Filters:
X: the report is available for Metaviews that contain this object.
Example: is - slm - site summary is available on the Domain.
L: the report is available for Metaviews that contain a list of this object.
Ex.: is - slm - site synthesis is not available on a single Physical site, but it is if the
Metaview contains a list of Physical sites.
o: the report is available for Metaviews that contain this object, but only if the Metaview
also contains objects with an X.
Ex.: is - slm - application group summary per direction is not available on an Application
Group, but it is if the Metaview is a combination of a Physical site AND an Application
Group.
What is measured
service level
evolution
site summary
uc summary
uc summary per
direction
March 2012
Filters
D P
Ipanema Technologies
8-39
Ipanema System
app. synthesis
site synthesis
D P
V
X
What is measured
Filters
domain - aqs
summary
domain - mos
summary
site summary
site exploitation
site customer
D P
AM (Application Monitoring)
8-40
Report template
(is - am -)
What is measured
application group
summary - tcp
application group
summary - per
direction - tcp
application
summary - tcp
Ipanema Technologies
Filters
X
March 2012
PM (Performance Monitoring)
Report template
(is - pm -)
What is measured
site summary
uc summary
uc sum. per dir
Filters
D P
app. summary
traffic topology
time evolution
detailed per ag
Throughput
What is measured
compression
evolution
compression
synthesis - ag
compression
synthesis application
Filters
D P
March 2012
Ipanema Technologies
8-41
Ipanema System
What is measured
acceleration
evolution
Filters
D P
D P
What is measured
Filters
time evolution
Report template
(is - VoIP -)
What is measured
Filters
synthesis
MOS distribution
time evolution
Report template
(is - sa -)
What is measured
Filters
K
site summary
ingress
site summary
egress
site throughput
VoIP
D P
SA (Site Analysis)
8-42
D P
Ipanema Technologies
March 2012
FI (Fault Isolation)
Report template
(is - fi -)
What is measured
availability evolution
Filters
D P
availability overview
With ip|reporter, FI reports can only be created using the unitary mode.
Smart planning
Report template
(smartplanning -)
What is measured
profile
synthesis
Filters
D P
X
X
March 2012
Ipanema Technologies
8-43
Ipanema System
8-44
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Throughput graph
This graph represents the evolution of the Throughput over the period of time:
Throughput: the surface indicates the non qualified throughput only, whereas the top of the curve
(that sits above the Qualified throughput) indicates the total throughput (qualified + unqualified)
Qualified throughput
Goodput: the surface indicates the non qualified goodput only, whereas the top of the curve
(that sits above the Qualified goodput) indicates the total goodput (qualified + unqualified)
Qualified goodput
March 2012
Ipanema Technologies
8-45
Ipanema System
What is measured
How it is measured
8-46
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Ipanema Technologies
Executive officers
March 2012
The table
The table presents the following information (note: for color and symbol explanation see the Color
Management picture in Definitions):
Site
Average AQS
Weighted average of the ingress AQS and egress AQS of the site.
In the following columns,
AQS
D/J/L
Symbolic representation for Delay, Jitter and packet Loss to show the
metrics causing color during a display period of time.
RTT/SRT/Retrans
Symbolic representation for RTT, SRT and TCP Retrans. to show the
metrics causing color during a display period of time.
Average sessions
Average
throughput
(kbps)
March 2012
Ipanema Technologies
8-47
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The table
The table present the following information (note: for color and symbol explanation see the Color
Management picture in Definitions):
8-48
Application
Group
Criticality
AQS
D/J/L
Symbolic representation for Delay, Jitter and packet Loss to show the
metrics causing color during a display period for ingress and egress
directions.
RTT/SRT/Retrans
Symbolic representation for RTT, SRT and TCP Retrans. to show the
metrics causing color during a display period for ingress and egress
directions.
Ipanema Technologies
March 2012
Average sessions
Average number of sessions per second for ingress and egress directions.
Average
throughput
(kbps)
Average number of kbits per second at IP level for ingress and egress
directions.
March 2012
Ipanema Technologies
8-49
Ipanema System
A Domain.
Per Application or a list of applications.
Per Application Group or a list of Application Groups.
Per Criticality or a list of criticality levels.
What is measured
How it is measured
8-50
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Ipanema Technologies
Executive officers
March 2012
The table
The table presents the following information (note: for color and symbol explanation see the Color
Management picture in Definitions):
Application
Group
Criticality
Average AQS
AQS
D/J/L
Symbolic representation for Delay, Jitter and packet Loss to show the
metrics causing color during a display period for ingress and egress
directions.
RTT/SRT/Retrans
Symbolic representation for RTT, SRT and TCP Retrans. to show the
metrics causing color during a display period for ingress and egress
directions.
Average sessions
Average number of sessions per second for ingress and egress directions.
Average
throughput
(kbps)
Average number of kbits per second at IP level for ingress and egress
directions.
March 2012
Ipanema Technologies
8-51
Ipanema System
8-52
Ipanema Technologies
March 2012
What is measured
How it is measured
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
24 hours
1 week
5 weeks
12 months
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Hourly
Daily
Weekly
Monthly
Display rate
15 minutes
15 minutes
1 hour
4 hours
Time Span
2 hours
2 days
2 weeks
2 months
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Application Group Volume, application volume Top 10, site activity and global evolution
Tables
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
1 hours
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following informations:
Volume Evolution (GB) graph
This graph shows the volume evolution on the last 24 hours, 7 days, 5 weeks or 12 months
according to the periodicity level by criticality.
March 2012
Ipanema Technologies
8-53
Ipanema System
%
%
%
%
green volume
yellow volume
red volume
grey volume when quality cannot be computed
Average (Throughput)
Number of Kbits per second at layer 3 level during a display rate.
Max (Peak throughput)
The peak throughput curve displays the maximum encountered value during a display rate.
Average (Throughput)
Number of kbits per second at layer 3 level during a display rate.
Max (Peak throughput)
The peak throughput curve displays the maximum encountered value during a display rate.
For LAN => WAN throughput (kbps) and WAN => LAN throughput (kbps), the
average and maximum throughputs are calculated on the following periods:
Average (throughput)
Periodicity
Hour
15 minutes
15 minutes
Day
15 minutes
15 minutes
Week
1 hour
15 minutes
Month
4 hours
15 minutes
The tables
The tables present the following information:
Application Group table
8-54
Application
Group
Criticality
Volume (%)
Volume (MB)
Volume Evolution
(++/+/0/-/- -)
AQS (0 to 10)
Quality Evolution
(++/+/0/-/- -)
Ipanema Technologies
March 2012
Application
Group
Volume (%)
This indicator displays the percentage of time when traffic was measured.
Evolution
(++/+/0/-/- -)
March 2012
Ipanema Technologies
8-55
Ipanema System
What is measured
How it is measured
8-56
Ipanema Technologies
March 2012
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
24 hours
1 week
5 weeks
12 months
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Throughput graph
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
15 minutes
15 minutes
1 hour
4 hours
Time Span
2 hours
2 days
2 weeks
2 months
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Site table
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
1 hours
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following informations:
Volume Evolution (GB) graph
This graph shows the volume evolution on the last 24 hours, 7 days, 5 weeks or 12 months
according to the periodicity level by criticality.
Quality Evolution (%) graph
This graph represents quality evolution on the last 24 hours, 7 days, 5 weeks or 12 months
according to the periodicity level in percentage of volume with different colors:
%
%
%
%
green volume
yellow volume
red volume
grey volume when quality cannot be computed
Average (Throughput)
Number of kbits per second at layer 3 level during a display period.
Max (Peak throughput)
The peak throughput curve displays the maximum encountered value during a display period.
March 2012
Ipanema Technologies
8-57
Ipanema System
For the Throughput (kbps), average and maximum throughput are calculated on the
following periods:
Periodicity
Average (throughput)
Hour
15 minutes
15 minutes
Day
15 minutes
15 minutes
Week
1 hour
15 minutes
Month
4 hours
15 minutes
The table
The Site table presents the following information:
8-58
Site
Volume (%)
Volume (MB)
Volume Evolution
(++/+/0/-/- -)
AQS (0 to 10)
Quality Evolution
(++/+/0/-/- -)
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-59
Ipanema System
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
Used to display in a graph an overall view of the service level agreement supplied by the network.
Presents the following information:
Application Group graph
This graph represents the AQS during no over activity, per critical Application Group (Top and
High).
Site graph
This graph represents the AQS during no over activity of the 10 worst Sites, for the critical
Application Groups (Top and High).
Over activity per site (%) graph
This graph represents the percentage of time when the Right Size (computed by Smart planning)
is higher than the WAN access for Top and High traffic.
8-60
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The tables
The tables present the following information:
Application
Group
Criticality
Volume (%)
AQS
MOS
Overactivity (%)
March 2012
Ipanema Technologies
8-61
Ipanema System
8-62
Site
Volume (%)
AQS
MOS
Overactivity (%)
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The tables
The tables present the following information:
Application
Group
Criticality
Overactivity (%)
March 2012
Ipanema Technologies
8-63
Ipanema System
8-64
AQS = 10 (%)
Site
Overactivity (%)
AQS = 10 (%)
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The tables
The tables present the following information:
Application
Group
Criticality
Overactivity (%)
Percentage of time when the Mean Opinion Score is strictly higher than
2.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
3.1 during no over-activity.
March 2012
Ipanema Technologies
8-65
Ipanema System
8-66
Percentage of time when the Mean Opinion Score is strictly higher than
3.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.0 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.3 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.4 during no over-activity.
Site
Overactivity (%)
Percentage of time when the Mean Opinion Score is strictly higher than
2.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
3.1 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
3.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.0 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.3 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.4 during no over-activity.
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The tables
The tables present the following information:
Application
Group
Criticality
Overactivity (%)
March 2012
Ipanema Technologies
8-67
Ipanema System
8-68
AQS = 10 (%)
Application
Group
Criticality
Overactivity (%)
Percentage of time when the Mean Opinion Score is strictly higher than
2.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
3.1 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
3.6 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.0 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.3 during no over-activity.
Percentage of time when the Mean Opinion Score is strictly higher than
4.4 during no over-activity.
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-69
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
AQS graph
This graph represents the Application Quality Score during no over activity, per critical Application
Group (Top and High).
MOS graph
This graph represents the Mean Opinion Score during no over-activity, per Application Group.
Volume (MBytes) graph
This graph represents the volume of data (MBytes) exchanged by each critical Application Group
(Top and High) and for all non critical ones (Medium and Low).
Session density graph
This graph represents the number of sessions for each critical Application Group (Top and High)
and for all non critical ones (Medium and Low).
Overactivity (%) graph
This graph represents the percentage of time when the Right Size (computed by Smart planning)
is higher than the WAN access for Top and High traffic.
8-70
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-71
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
AQS graph
This graph represents the Application Quality Score during no over activity, per critical Application
Group (Top and High).
MOS graph
This graph represents the Mean Opinion Score during no over-activity, per Application Group.
Volume (MBytes) graph
This graph represents the volume of data (MBytes) exchanged by each critical Application Group
(Top and High) and for all non critical ones (Low and Medium).
Session density graph
This graph represents the number of sessions for each critical Application Group (Top and High)
and for all non critical ones (Low and Medium).
Overactivity (%) graph
This graph represents the percentage of time when the Right Size (computed by Smart planning)
is higher than the WAN access for Top and High traffic.
The table
The table presents the following information:
8-72
Application
Group
Criticality
AQS
MOS
Overactivity (%)
Volume (%)
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
March 2012
Executive officers
Ipanema Technologies
8-73
Ipanema System
The table
The table is used to display the following indicators concerning the Site traffic:
Site
8-74
Packet
retransmission
SRT
RTT
Non TCP
sessions
TCP sessions
Goodput
Non TCP
Throughput
TCP Throughput
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Packet
retransmission
SRT
RTT
March 2012
Ipanema Technologies
8-75
Ipanema System
8-76
Non TCP
sessions
TCP sessions
Goodput
Non TCP
Throughput
TCP Throughput
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Packet
retransmission
SRT
RTT
Non TCP
sessions
TCP sessions
March 2012
Ipanema Technologies
8-77
Ipanema System
8-78
Goodput
Non TCP
Throughput
TCP Throughput
Ipanema Technologies
March 2012
What is measured
How it is measured
March 2012
Ipanema Technologies
8-79
Ipanema System
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Application table
Used to display in a table the following indicators concerning the Application traffic.
Application
8-80
Packet
retransmission
SRT
RTT
Non TCP
sessions
TCP sessions
Goodput
Non TCP
Throughput
TCP Throughput
Ipanema Technologies
March 2012
What is measured
How it is measured
March 2012
Ipanema Technologies
8-81
Ipanema System
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Application table
Used to display in a table the following indicators concerning the Application traffic.
Application
8-82
Packet
retransmission
SRT
RTT
Non TCP
sessions
TCP sessions
Goodput
Non TCP
Throughput
TCP Throughput
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-83
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
SRT (ms) graph
This graph represents the average Server response time (in ms).
RTT (ms) graph
This graph represents the average Round trip time (in ms).
Packet retransmission graph
This graph represents the percentage of retransmitted TCP segments between ip|engines.
Throughput graph
This graph represents:
TCP: the number of TCP segments per second (in kbps, measured at IP level), between
ip|engines (dark blue).
non TCP: the number of non TCP segments per second (in kbps) measured at IP level),
between ip|engines (light blue).
Goodput: the number of kbits per second at layer 4 level (tele|engines) (green).
Peak: the maximum encountered value during a display period (red).
Sessions graph
This graph represents:
8-84
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Site table
Used to display in a table the following indicators concerning the Site traffic.
March 2012
Ipanema Technologies
8-85
Ipanema System
Site
8-86
LAN average
delay (ms)
WAN average
delay (ms)
LAN total
throughput
(kbps)
Number of kbits per second at the IP level measured on the LAN interface
of the ip|engine.
WAN total
throughput
(kbps)
Total sessions
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Total sessions
Total throughput
(kbps)
Packet size
(bytes)
Delay (ms)
Average delay of packets (in ms) for ingress and egress directions.
March 2012
Ipanema Technologies
8-87
Ipanema System
8-88
Jitter (ms)
Packet retrans.
(%)
SRT (ms)
RTT (ms)
Ipanema Technologies
March 2012
A Domain.
Per Application or a list of applications.
Per Application Group or a list of Application Groups.
Per Criticality or a list of criticality levels.
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
March 2012
Executive officers
Ipanema Technologies
8-89
Ipanema System
8-90
Delay (ms)
Jitter (ms)
Packet retrans.
(%)
SRT (ms)
RTT (ms)
Packet size
(bytes)
Total sess.
Total Thput
(kbps)
Ipanema Technologies
March 2012
8. 8. 4. is - pm - application summary
Performance Monitoring Table
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
March 2012
Executive officers
Ipanema Technologies
8-91
Ipanema System
8-92
Application
Total sessions
Total throughput
(kbps)
Packet size
(bytes)
Delay (ms)
Average delay of packets (in ms) for ingress and egress directions.
Jitter (ms)
Packet retrans.
(%)
SRT (ms)
RTT (ms)
Ipanema Technologies
March 2012
A Domain.
Per Application or a list of applications.
Per Application Group or a list of Application Groups.
Per Criticality or a list of criticality levels.
What is measured
How it is measured
March 2012
Ipanema Technologies
8-93
Ipanema System
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
Criticality
8-94
Delay (ms)
Jitter (ms)
Packet retrans.
(%)
SRT (ms)
RTT (ms)
Packet size
(bytes)
Total sessions
Total throughput
(kbps)
Ipanema Technologies
March 2012
8. 8. 6. is - pm - traffic topology
Performance Monitoring Table
March 2012
Ipanema Technologies
8-95
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The Tables
The tables present the following information:
Total traffic table
Used to display in a table the following indicators concerning the ip|engine traffic or the Domain
traffic:
Packet size
Sessions
Throughput
Volume
Jitter
Packet loss
Packets size
Sessions
Throughput
Volume
The graphs
The graphs present the following information:
Traffic profile (kbps / % time) graph
8-96
Ipanema Technologies
March 2012
30
50
67
80
90
95
98
99
100
<20
<50
<100
Percentage of packets that had a latency (delay) between 50 and 100 ms.
<200
Percentage of packets that had a latency (delay) between 100 and 200 ms.
<500
Percentage of packets that had a latency (delay) between 200 and 500 ms.
<1000
Percentage of packets that had a latency (delay) between 500 and 1000 ms.
<2000
Percentage of packets that had a latency (delay) between 1000 and 2000 ms.
Sites table
Site
March 2012
Ipanema Technologies
8-97
Ipanema System
8. 8. 7. is - pm - time evolution
Performance Monitoring Table
8-98
Ipanema Technologies
March 2012
What is measured
A Domain.
A Site or a list of sites.
A Key or a list of keys.
A Subnet or a list of subnets.
An Application or a list of applications.
An Application Group or a list of Application Groups.
A Criticality or a list of criticality levels.
Delay, jitter, packet loss, throughput, number of sessions.
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Delay (ms), Jitter (ms) graph
This graph represents:
LAN average delay: the average LAN-to-LAN delay of total packets (in ms) (Blue).
WAN average delay: the average WAN-to-WAN delay of total packets (in ms) (Orange).
LAN jitter: the average LAN-to-LAN delay variation (in ms) (Light blue).
WAN Jitter: the average WAN-to-WAN delay variation (in ms) (Purple).
LAN packet loss : the percentage of lost IP packets between the LAN interfaces of the
ip|engines (Red).
WAN packet loss : the percentage of lost IP packets between the WAN interfaces of the
ip|engines (Pink).
LAN peak throughput: the maximum encountered LAN-to-LAN throughput during a display
period (Blue).
WAN peak throughput: the maximum encountered WAN-to-WAN throughput during a display
period (Orange).
Throughput: the number of kbits per second at layer 3 level (light blue).
Goodput: the number of kbits per second above layer 4 level (light green).
Qualified throughput: the number of qualified kbits per second at layer 3 level (dark Blue).
Qualified goodput: the number of qualified kbits per second above layer 4 level (dark green).
Sessions graph: this graph represents the number of sessions per second.
March 2012
Ipanema Technologies
8-99
Ipanema System
8-100
Ipanema Technologies
March 2012
What is measured
A Domain.
A Site or a list of sites.
A Key or a list of keys.
A Subnet or a list of subnets.
An Application or a list of applications.
An Application Group or a list of Application Groups.
A Criticality or a list of criticality levels.
Throughput.
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graph
The Throughput graph represents the layer 3 throughput distribution for the flows per application
or Application Group in kbps.
March 2012
Ipanema Technologies
8-101
Ipanema System
A Site.
What is measured
How it is measured
This report does not appear in the hour, day, week and month folders, but in the default
folder. Hour, Day, Week, Month must NOT be selected when creating it with ip|reporter.
Type of report
Default
Display Rate
1 minute
Time Span
1 minute
Life Time
1 week
Audience
Network analysts
Reports creation
The user specifies the filters to create a Metaview then instantiates a report template on the
Metaview. There are the following filters:
A Site.
This report consumes a lot of CPU on the server, and should not be instantiated on
more than 10 sites. As a consequence, it should not be Instantiated by default, but only
when really needed.
Create it with ip|reporter only (do not use the Automatic reporting tool).
The table
Talkers: List of hosts on the site sending data to the other sites (upstream from the
flow).
Listeners: List of hosts on the site receiving data from the other sites (downstream from
the flow).
8-102
Ipanema Technologies
March 2012
a session is identified:
For TCP or UDP by the following parameters: source address, destination address,
protocol TCP or UDP, source port and destination port.
For other protocols over IP (for example: ICMP) by the following parameters: source
address, destination address, protocol.
The number of sessions represents the average session activity for the duration of
Correlation Record (by default: T = 1 minute). For example, 2 sessions running during
T plus 3 sessions running during half this period of time will give 3.5 sessions (2 x 1 +
3 x 0.5).
These values are measured over the last display rate. Click successively on any column header to
sort the table by increasing or decreasing values. On the report you can use the time slider to see
the previous values of each indicator. Using the slider presents you with a historical view of each
resource for any moment during the lifetime of the report.
Top host application on volume table
Used to display in a table the following indicators concerning the Top Host application sorted by
maximum volume used.
The Top Host application is limited to 10 hosts for each way.
Host Talkers
Application
Talkers
Volume (KB)
Talkers
Sessions Talkers
Host Listeners
Application
Listeners
Volume (KB)
Listeners
Sessions
Listeners
March 2012
Ipanema Technologies
8-103
Ipanema System
8. 9. PM COMPRESSION REPORTS
8. 9. 1. is - pm - compression evolution
Compression Table
Compression Evolution
What can it do?
Monitored resource
What is measured
How it is measured
8-104
Ipanema Technologies
March 2012
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Ingress Throughput (compress) graph:
LAN Throughput : the Total throughput (in kbps) before compression (Blue curve), on the LAN
interface of the ip|engine.
WAN Throughput: the Total throughput (in kbps) after compression (Orange curve), on the
WAN interface of the ip|engine for all flows (compressed and non-compressed flows).
Compressed: the Throughput of the compressed flows (flows classified in Application Group
enabled for compression and going to ip|engines) (Orange area).
Saved: the Throughput saved on the compressed flows (flows classified in Application Group
enabled for compression and going to ip|engines) (Blue area).
LAN Throughput : the Total throughput (in kbps) before compression (Blue curve), on the LAN
interface of theip|engine.
WAN Throughput: the Total throughput (in kbps) after compression (Orange curve), on the
WAN interface of the ip|engine for all flows (compressed and non-compressed flows).
Compressed: the Throughput of the compressed flows (flows classified in Application Group
enabled for compression and going to ip|engines) (Orange area).
Saved: the Throughput saved on the compressed flows (flows classified in Application Group
enabled for compression and going to ip|engines) (Blue area).
March 2012
Ipanema Technologies
8-105
Ipanema System
Compression Synthesis AG
8-106
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Ingress Volume (compress) graph:
Compressed volume (MB): for each Application Group, the total compressed volume (flows
classified in Application Group enabled for compression and going to ip|engines) in MB for the
ingress way (Orange area).
Saved Volume (MB): for each Application Group, the total saved volume (flows classified in
Application Group enabled for compression and going to ip|engines) in MB for ingress way
(Blue area).
Compressed volume (MB): for each Application Group, the total compressed volume (flows
classified in Application Group enabled for compression and going to ip|engines) in MB for the
egress way (Orange area).
Saved Volume (MB): for each Application Group, the total saved volume (flows classified in
Application Group enabled for compression and going to ip|engines) in MB for egress way
(Blue area).
March 2012
Ipanema Technologies
8-107
Ipanema System
The tables
The tables present the following information:
Ingress Volume (compress) and Egress Volume (decompress) by Application Group table
Used to display for each Application Group, for all traffic in ingress and egress directions, the
volume (in MB) before and after compression, and the compression ratio.
In each column of the table,
Comp. output
(MB)
For each Application Group, the total compressed volume (flows classified
in Application Group enabled for compression and going to ip|engines)
in MB after compression; this volume is measured on the WAN interface
of the ip|engine.
Comp. factor
8-108
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-109
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Ingress Volume (compress) graph:
Compressed volume (MB): for each Application, the total compressed volume (flows classified
in Application Group enabled for compression and going to ip|engines) in MB for the ingress
way (Orange area).
Saved Volume (MB): for each Application, the total saved volume (flows classified in Application
Group enabled for compression and going to ip|engines) in MB for ingress way (Blue area).
8-110
Compressed volume (MB): for each Application, the total compressed volume (flows classified
in Application Group enabled for compression and going to ip|engines) in MB for the egress
way (Orange area).
Saved Volume (MB): for each Application, the total saved volume (flows classified in Application
Group enabled for compression and going to ip|engines) in MB for egress way (Blue area).
Ipanema Technologies
March 2012
The tables
The tables present the following information:
Ingress Volume (compress) and Egress Volume (decompress) by Application table
Used to display for each Application, for all traffic in ingress and egress directions, the volume (in
MB) before and after compression, and the compression ratio.
In each column of the table,
Comp. output
(MB)
Comp. factor
March 2012
Ipanema Technologies
8-111
Ipanema System
Acceleration Evolution
What can it do?
Monitored resource
What is measured
How it is measured
8-112
Ipanema Technologies
March 2012
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Acceleration Factors graphs:
Accelerated session:
March 2012
Ipanema Technologies
8-113
Ipanema System
8-114
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
Throughput graph: CIFS throughput, in kbps.
Requests graphs:
Acceleration factor graph: number of SMB messages sent by clients divided by the number of
SMB messages sent to servers.
Active Sessions graph: number of active CIFS sessions.
March 2012
Ipanema Technologies
8-115
Ipanema System
MOS definition
The data generated by the VoIP module is available throughout the whole Ipanema System.
ip|boss makes them available through the SNMP interface, ip|reporter uses them to generate
the appropriate easy to use reports.
8-116
Ipanema Technologies
March 2012
VoIP Synthesis
What can it do?
Monitored resource
What is measured
A Domain .
A Site or a list of sites.
A Key or a list of keys.
A Subnet or a list of subnets,
MOS distribution ingress and egress direction per Codec
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
MOS distribution graph
MOS range reached in percentage of Time.
March 2012
Ipanema Technologies
8-117
Ipanema System
[1,3]
[3,3.5]
MOS between 3 and 3.5 in percentage of time during the display period.
[3.5,4]
MOS between 3.5 and 4 in percentage of time during the display period.
[4,4.5]
MOS between 4 and 4.5 in percentage of time during the display period.
[4.5,5]
MOS between 4.5 and 5 in percentage of time during the display period.
This representation is very useful to get a view of Voice over IP quality.
MOS example
8-118
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-119
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
The graphs present the following information:
MOS graph:
Delay (ms): the average delay (in ms) (Blue) per Codec.
Jitter: the average delay variation (in ms) (Yellow) per Codec.
8-120
Sessions: the number of sessions per second in direction of tele|engines (light blue).
Qualified sessions: the number of qualified sessions per second (between ip|engines) (dark
Blue).
Peak sessions: the peak sessions curve displays maximum encountered value during a display
rate.
Ipanema Technologies
March 2012
What is measured
A Domain.
A list of Sites.
A Key or a list of Keys.
Throughput to (physical) ip|engines, no correlation, to (virtual)
tele|engines, to Out of Domain, transit, other, locally rerouted, Non
IPv4 WAN, ignored LAN
From data collected every Long reporting period.
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The table
Used to display for ip|engines (in the Domain, list of sites, list of keys) the information concerning
the following indicators:
Site
To physical ipe
(kbps)
No correlation
(kbps)
To Virtual ipe
(kbps)
To out of Domain
(kbps)
March 2012
Ipanema Technologies
8-121
Ipanema System
8-122
Transit (kbps)
Other (kbps)
Ingress throughput in kbps for Other traffic; in fact Other traffic contains
Multicast traffic, Broadcast traffic, local traffic.
Locally rerouted
(kbps)
Ingress throughput in kbps for non IPv4 traffic (Apple Talk, IPX, SNA,
IPv6).
Ignored LAN
(kbps)
Ipanema Technologies
March 2012
What is measured
A Domain.
A list of Sites.
A Key or a list of keys.
Throughput from (physical) ip|engines, no correlation, from (virtual)
tele|engines, from Out of Domain, transit, other, locally rerouted,
Non IPv4 WAN, ignored LAN
From data collected every Long reporting period.
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The table
Used to display for ip|engines (in the Domain, list of sites, list of keys) the information concerning
the following indicators:
Site
To physical ipe
(kbps)
No correlation
(kbps)
To Virtual ipe
(kbps)
To out of Domain
(kbps)
Transit (kbps)
Other (kbps)
Egress throughput in kbps for Other traffic; in fact Other traffic contains
Multicast traffic, Broadcast traffic, local traffic.
Locally rerouted
(kbps)
March 2012
Ipanema Technologies
8-123
Ipanema System
8-124
Egress throughput in kbps for non IPv4 traffic (Apple Talk, IPX, SNA,
IPv6).
Ignored LAN
(kbps)
Ipanema Technologies
March 2012
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
March 2012
Ipanema Technologies
Executive officers
8-125
Ipanema System
The graphs
Used to display for each ip|engine the information concerning the following indicators:
Ethernet-Throughput (kbps) graphs:
8-126
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-127
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
Short reporting
5 minutes
1 hour
4 hours
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The graphs
Used to display for ip|engines the information concerning the following indicators:
Status Down graph
This graph represents the Unavailability status of the ip|engine seen by the management system:
Status Up graph
This graph represents the Availability status of the ip|engine seen by the management system:
8-128
Ipanema Technologies
March 2012
March 2012
Ipanema Technologies
8-129
Ipanema System
What is measured
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display Rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Executive officers
The table
Used to display for each ip|engine the information concerning the following indicators:
Site
Up Status (%)
8-130
Ipanema Technologies
March 2012
Synchronization
loss (%)
WAN Overload
(%)
March 2012
Ipanema Technologies
8-131
Ipanema System
Smartplanning Profile
What can it do?
8-132
Monitored resource
What is measured
A Site,
Throughput (kbps), Right Size (kbps)
How it is measured
Type of report
Hourly
Daily
Weekly
Monthly
Display rate
1 hour
1 day
1 week
1 month
Time Span
1 hour
1 day
1 week
1 month
Life Time
24 hours
7 days
5 weeks
12 months
Audience
Network analysts
Ipanema Technologies
Executive officers
March 2012
The graphs
Used to display, for each site (ip|engine) in the Domain, for all traffic in the ingress and egress
direction, the throughput (in kbps) and right size (in kbps), by criticality level (top, high, medium
and low) per percentage of time.
The bargraph top shows the bandwidth for top critical flows.
The bargraph high shows the bandwidth for top and high critical flows.
The bargraph medium shows the bandwidth for top, high and medium critical flows.
The bargraph low shows the bandwidth for top, high, medium and low critical flows.
On a flow per flow basis, smartplanning takes into account the traffic demand (the per-session
objective bandwidth, as set in corresponding Application Group), the actual network usage (from
measurement function) and the existence, or not, of local or distant congestions (from the QoS &
control function). Flows elasticity is also estimated and taken into account.
Then smartplanning aggregates this data according to access and criticality, and produces the
following information:
the actual traffic usage (what has been exchanged on the network) per percentage of time;
the right size value (estimated access size to match objectives, including correction for
end-to-end congestions and flows elasticity) per percentage of time.
The actual usage Throughput (in kbps) is carried out by the measurement module of the
Ipanema System. The original data produced is processed to be aggregated by criticality level
and by access.
The access right size Right Size (in kbps) presents for the site per criticality refined estimate
of the necessary access bandwidth to match the service level according to the percentage of
time, taking into account the flow matrix, end-to-end congestions as well as characteristics of
the flows. Depending on actual traffic nature and congestion status, it can be equal to or smaller
than the traffic demand.
March 2012
Ipanema Technologies
8-133
Ipanema System
8. 15. 2. is - sp - synthesis
Smartplanning Table
Smartplanning Synthesis
8-134
Ipanema Technologies
March 2012
What is measured
How it is measured
Type of report
Daily
Display rate
1 day
Time Span
1 day
Life Time
1 day
Audience
Executive officers
The tables
A table is provided per each level of criticality you want to take into account (top top and high
top, high and medium top to low).
Used to display for each site (ip|engine) in the Domain, per selected level of criticality for all traffic
in the ingress and egress directions, the throughput (in kbps), and the trends for the next 3 months
and for the next year per percentile of time.
For each level of criticality, 2 tables are provided:
The bandwidth and its trends for the next 3 months and next year,
The right size and its trends for the next 3 months and next year,
On a flow per flow basis, smartplanning takes into account the traffic demand (the per-session
objective bandwidth, as set in corresponding Application Group), the actual network usage (from
measurement function) and the existence, or not, of local or distant congestions (from the QoS &
control function). Flows elasticity is also estimated and taken into account.
Then smartplanning aggregates these data according to access and criticality, and produces the
following information:
the actual traffic usage (what has been exchanged on the network) per percentage of time;
the estimated traffic value (estimated access size to match objectives, including correction for
end-to-end congestions and flows elasticity) for the next 3 months and for the next year per
percentage of time.
The actual usage Throughput (in kbps) is carried out by the measurement module of the
Ipanema System. The original data produced is processed to be aggregated by criticality level
and by access.
The estimated Throughput (in kbps) for the next 3 months according to the network activity
of the past 3 months.
The estimated Throughput (in kbps) for the next year according to the network activity of the
past year.
March 2012
Ipanema Technologies
8-135
Ipanema System
create the given output directory (ip|export process will not create it automatically),
make sure that the disk space is always enough to store the new output files,
clean or move old output files (ip|export process will not clean them automatically).
<taskname>_<epochtime>.<ext>" if "splitbyparams=false", or
<taskname>_<params>_<epochtime>.<ext>" if "splitbyparams=true".
where:
8-136
taskname:
params:
epochtime:
GMT(UTC) date and time of the beginning of the analyzed period in number
of seconds since January 1st 1970.
ext:
file extension depending on the output file format as described in the XML
configuration file (txt, csv, xls or xml).
Ipanema Technologies
March 2012
Type:
Description:
-verbose:
-version:
-help|?:
March 2012
Ipanema Technologies
8-137
Ipanema System
date and time with the specified given format; if no format is provided then it
uses the raw Epoch time (number of seconds since January 1st 1970)
domain:
name of the domain (if "splitbydomain=true" then this column does not appear)
(optional)
metaview:
indicator
name of the Indicator; if a rename entry is found for the indicator then the
new indicator name is used
params:
value:
Examples
8-138
Ipanema Technologies
March 2012
<?xml version="1.0"?>
<data>
<slot>
<datetime>2010/05/04 15:00:00</datetime>
<domain>default</domain>
<metaview>Site: Paris</metaview>
<indicator> ingress throughput L3 - L4 <params></params>
value>1340</value>
</slot>
<slot>
<datetime>2010/05/04 15:00:00</datetime>
<domain>default</domain>
<metaview>Site: Paris</metaview>
<indicator> ingress throughput L3 - L4 <params></params>
value>0</value>
</slot>
<slot>
<datetime>2010/05/04 14:59:00</datetime>
<domain>default</domain>
<metaview>Site: Paris</metaview>
<indicator> ingress throughput L3 - L4 <params></params>
value>26660</value>
</slot>
<slot>
<datetime>2010/05/04 14:59:00</datetime>
<domain>default</domain>
<metaview>Site: Paris</metaview>
<indicator> ingress throughput L3 - L4 <params></params>
value>0</value>
</slot>
...
</data>
qualified </indicator>
unqualified</indicator>
unqualified</indicator>
unqualified</indicator>
E F
2010/05/04 default
15:00:00
Site: Paris
1340
2010/05/04 default
15:00:00
Site: Paris
2010/05/04 default
15:00:00
Site: Paris
26660
2010/05/04 default
15:00:00
Site: Paris
2010/05/04 default
14:59:00
Site: Paris
1340
2010/05/04 default
14:59:00
Site: Paris
2010/05/04 default
14:59:00
Site: Paris
26660
...
...
...
... ...
March 2012
...
Ipanema Technologies
8-139
Apache License The Apache Software Licence, Version 1.1 and 2.0 http://www.apache.org
BSD 1.0 License http://opensource.org
GNU General Public License (GPL) Version 2, June 1991 http://www.fsf.org
GNU Lesser General Public License (LGPL) Version 2.1, February 1999 http://www.fsf.org
March 2012
Ipanema Technologies
9-1
Ipanema System
(15) days after formal demand requiring correction of the breach shall have been sent by registered
post with return receipt requested without the breach having been so corrected.
In the event of termination of this license, the End User shall:
9. 5. SOFTWARE WARRANTY
Ipanema warrants that the software performs substantially according to its documentation for a
period of ninety (90) days from date of shipment of the software license key.
Ipanemas sole and exclusive liability and the End Users sole and exclusive remedy under this
limited warranty shall be, at Ipanemas election, to provide corrective maintenance services to
correct the Ipanema software if it doesnt perform as warranted within the warranty period or to
replace it free of charge with a corrected version.
The limited warranty set forth in this article shall not apply to any non conformity that is caused
by: (a) the End Users misuse or improper use of the software, including, without limitation, the
use or operation of the software with an application or in an environment other than that specified
by Ipanema, or introduction of data into any data structures or tables used by the software by any
means other than use of the software; (b) any third party software or hardware; (c) any modifications
or alterations of or additions to the software performed by parties other than Ipanema; or (d) the
End Users failure to implement all problem corrections and new releases.
9. 6. DISCLAIMER
THE EXPRESS REPRESENTATIONS, WARRANTIES AND CONDITIONS OF IPANEMA
SET FORTH IN THIS DOCUMENT ARE IN LIEU OF ALL OTHER REPRESENTATIONS,
WARRANTIES AND CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED
TO, IMPLIED REPRESENTATIONS, WARRANTIES AND CONDITIONS OF MERCHANTABLE
QUALITY, MERCHANTABILITY, TITLE, DURABILITY OR FITNESS FOR A PARTICULAR
PURPOSE AND THOSE ARISING BY STATUTE OR OTHERWISE IN LAW OR FROM A COURSE
OF DEALING OR USAGE OF TRADE. IPANEMA DOES NOT REPRESENT OR WARRANT
THAT: (A) THE SOFTWARE WILL MEET END USERSS BUSINESS REQUIREMENTS; (B)
THE OPERATION OF THE SOFTWARE WILL BE ERROR-FREE OR UNINTERRUPTED; OR
(C) THAT ALL PROGRAMMING ERRORS CAN BE FOUND AND CORRECTED. THE END
USER IS RESPONSIBLE FOR TAKING PRECAUTIONARY MEASURES TO PREVENT THE
LOSS OR DESTRUCTION OF THE END USERS DATA, INCLUDING WITHOUT LIMITATION,
MAKING REGULAR BACKUPS AND VERIFYING THE RESULTS OBTAINED FROM USING THE
SOFTWARE, AND IPANEMA SHALL HAVE NO OBLIGATIONS OR LIABILITY WHATSOEVER
WITH RESPECT TO SUCH LOSS, DESTRUCTION OR USE UNLESS CAUSED BY THE
WILFUL MISCONDUCT OF IPANEMA.
WITHOUT LIMITING THE GENERALITY OF THE FOREGOING DISCLAIMERS, IPANEMA
EXPRESSLY DISCLAIMS ANY REPRESENTATIONS, WARRANTIES AND CONDITIONS
REGARDING THE PERFORMANCE CHARACTERISTICS OF THE SOFTWARE, INCLUDING
RESPONSE TIMES, MACHINE USAGE AND OTHER OPERATING CHARACTERISTICS, ON
ANY PARTICULAR COMPUTER EQUIPMENT. IPANEMA SHALL HAVE NO RESPONSIBILITY
FOR THE SELECTION, INSTALLATION AND MAINTENANCE OF THE COMPUTER
EQUIPMENT ON WHICH THE PROGRAMS AND THIRD PARTY SOFTWARE ARE TO
OPERATE.
9-2
Ipanema Technologies
March 2012
FOR ANY BREACH OF THIS AGREEMENT OR ANY OTHER CLAIM ARISING FROM OR
RELATED TO THIS AGREEMENT GIVING RISE TO LIABILITY, IPANEMAS ENTIRE LIABILITY
SHALL BE LIMITED TO THE END USERS ACTUAL DIRECT, PROVABLE DAMAGES IN AN
AMOUNT NOT TO EXCEED IN THE AGGREGATE, THE TOTAL LICENSE FEES PAID BY THE
END USER FOR THE SOFTWARE THAT IS THE SUBJECT MATTER OF THE CLAIM.
IN NO EVENT SHALL IPANEMA OR ITS RESELLER BE LIABLE FOR LOSS OF PROFITS, LOSS
OF BUSINESS REVENUE, LOSS OF DATA, FAILURE TO REALIZE EXPECTED PROFITS OR
SAVINGS OR ECONOMIC LOSS OF ANY KIND, OR FOR ANY INDIRECT, CONSEQUENTIAL,
SPECIAL, INCIDENTAL OR PUNITIVE LOSSES OR DAMAGES, OR FOR ANY CLAIM AGAINST
END USER BY ANY OTHER PERSON, EVEN IF IPANEMA OR ITS RESELLER HAS BEEN
ADVISED OF OR COULD REASONABLY FORESEE THE POSSIBILITY OF ANY SUCH
DAMAGE OCCURRING.
THE LIMITATIONS SHALL APPLY REGARDLESS OF THE FORM OF ACTION, WHETHER
BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR
OTHER LEGAL OR EQUITABLE THEORY, INCLUDING A BREACH OF A CONDITION OR
FUNDAMENTAL TERM OR FUNDAMENTAL BREACH OR BREACHES. THE LIMITATIONS
SHALL NOT APPLY TO CLAIMS FOR PERSONAL INJURY OR BODILY HARM CAUSED BY
EITHER PARTY, OR PAYMENT OF AMOUNTS OWING BY THE END USER TO IPANEMA OR
ITS RESELLER.
9. 7. GOVERNING LAW
This License is governed by French law and any proceedings arising out of or in connection with
this License shall be submitted to the Commercial Court of Paris, France.
If any provision hereof is held invalid, the remainder shall continue in full force and effect.
March 2012
Ipanema Technologies
9-3
Please refer to the support and maintenance contract for specific information about these services.
Should you have any problem with your system, please contact your supplier for technical
assistance.
In any case, you can get support and information by logging on Ipanemas Support web site:
https://support.ipanematech.com,
where you can access the Public Knowledge Database, find Technical notes and FAQs, be informed
of the latest developments and updates, download all the Ipanema software, create and track
tickets, and find other relevant information relating to the Ipanema System.
An account will be created on demand.
Other contact information:
E-mail: support@ipanematech.com
Phone: +(33)1 55 52 15 22
Fax: +(33)1 55 52 15 01
In the event of a technical problem, please supply as much information as possible, in particular:
your name, address, telephone number and the name of your company,
your Ipanema Technologies license number, see window about in ip|boss field reference,
the names, versions and serial numbers of the products you are using,
the version: Windows (2000 / 2003) or Solaris of operating system for ip|boss,
a description of the installed configuration and the configuration files,
a detailed description of the problem you have encountered.
March 2012
Ipanema Technologies
10-1