Beruflich Dokumente
Kultur Dokumente
1- Discovery Overview 7
2 - Prepare the node for the SAM 9
3- Discovery Workflow User Creation 18
4 - Discovery Workflow Mediation Policy 21
5 - Discovery Workflow Router Discovery 25
6 - Verification 29
1. Prepare the node for the SAM providing the configuration required for discovery.
2. If SNMPv3 is the management protocol, a user has to be created at the SAM level.
3. Configure a mediation policy - define the interval at which the 5620 SAM polls NEs for SNMP MIB configuration
changes. At this step, the administrator specify the security model.
4. Discover the Network Elements
The first step to enable the 5620 SAM to discover and manage network elements is to provide for the initial
configuration of the devices. Use the following steps to provide the basic configuration
3. Set persistence on
Persistence is required for management of network devices through the 5620 SAM and is enabled by default. Set
the parameter, as required.
8. The utility file which generates the key is located in the ~/bin directory on the 5620 SAM server and (from Rel.4.0)
the SAM client:
Solaris Server: /opt/5620sam/server/nms/bin/password2key.bash
Solaris/Linux Client: /opt/5620sam/client/nms/bin/password2key.bash
9. Generate the key (UNIX example) using the syntax shown below:
./password2key.bash method password EngineID
Where:
Method MD5 (or SHA). Two of the most common cryptographic hash functions are the
Secure Hash Algorithm (SHA) and Message Digest Algorithm-5 (MD5).
Password Password string
EngineID SNMP Engine ID of the ESS/SR in hexadecimal form
Example
./password2key.bash md5 admin 0000197f00009abfff000000
MD5 key: 1496d686f1616f27af1600768d3fcd38
DES key: 1496d686f1616f27af1600768d3fcd38
AES key: 1496d686f1616f27af1600768d3fcd38
Create an SNMPv3 user using the 5620 SAM NE user configuration manager.
You must specify the following for each user:
Give the user SNMP access.
Enter the same User Name as the user name created configured in the previous step.
On the SNMPv3 tab, select MD5 as the authentication protocol and DES as the privacy protocol.
Type the appropriate ASCII password used to generate the MD5 or SHA authentication key, and DES
privacy key
1. Configure a mediation policy. From the 5620 SAM main menu, select Administration > Mediation
2. Select the Mediation Security tab. Create a new SNMP mediation security policy, or select an existing policy
Configure the General Mediation Parameters
Displayed Name: The Displayed Name parameter specifies a name for the policy
The Security Model parameter specifies which version of SNMP should be used, depending on your
network security requirements
SNMP v1: Version v1 of SNMP is used for authentication. The Community String parameter must
match that of the managed NE.
SNMP v2c (default): Version 2c of SNMP is used for authentication. The Community String
parameter must match that of the managed NE.
SNMP v3 (USM): Version 3 of SNMP is used for authentication. Choose a user by clicking on the
Select button.
3. Configure SNMP
The Community String parameter specifies the name of the community shared between the network
manager and a managed element. This parameter is configurable when the Security Model parameter is
set to SNMP v2c. The default is private.
The User Name parameter specifies a unique name for the site user. This parameter is configurable when
the Security Model parameter is set to SNMP v3 (USM).
The following workflow outlines the high-level steps necessary to configure a discovery rule.
1. Administration > Discover Manager
2. Create a Discovery Rule.
3. Configure the general attributes
The OLC State parameter specifies the initial state of an NE after the 5620 SAM successfully discovers the
NE.
the Revert OLC State when discovery completes parameter specifies whether the NE changes to either the
In Service mode or the Maintenance mode after the NE has been discovered and fully resynchronized,
depending on the OLC State in the discovery rule.
The Management Protocol parameter specifies the format of the IP addresses that are specified for
discovery purpose.
The Default External EMS parameter specifies the default path for the external application to be launched.
Group Name : a topology group can be chosen
1. Open the Discovery Manager form and click on the Managed State tab button. A list of managed devices opens.
Verify the labs newly discovered network device is on the managed devices list.
Verify the management state of the labs network device displayed in the Site State column.
Managed is the default state. If the device is unmanaged, select the device from the list and click on the
Manage button.
2. Verify the network device configuration has been reconciled with the 5620 SAM database by clicking on the Resync
Status tab button. The status is displayed in the Resync Status column.
5. The network devices that have been successfully reconciled appear in the 5620 SAM navigation tree and the
Equipment Manager form.