Beruflich Dokumente
Kultur Dokumente
What is the External Data Collector? The External Data Collector is one of
several different data collectors that can exist in the Allot system. To
understand the role of the data collector lets first have a look at the data
resolution possibilities available when defining a report on the NetXplorer
GUI. Real time Monitoring can be displayed at a resolution of 30 seconds,
5 minutes or 1 hour. The designated database collating the information
used for real time monitoring is called Short Term Collector (STC). This
database is located by default on the NetXplorer server. Alternatively, you
may need to add an external Data Collector, STC-NX-GENX (see next
slide for when to use).
Long term monitoring can be displayed at a resolution of 1 hour, 1 day or
1 month. All long term data is stored in a database called LTC (Long Term
Collector). The LTC is located on the NetXplorer server.
We will now describe the Allot External Data Collector.
The data collectors gather short term network usage statistics from the in-line
platform. Why might you need to deploy an external data collector? The
clearest reason is to increase the scalability of your deployment. Each collector
can support several NetEnforcers. By deploying data collectors you can
increase the total number of NetEnforcers supported by a single NetXplorer
server. This is possible because the NetXplorer can split the storage of the real-
time monitoring data between several short term databases. For information
concerning the number Allot In-line Platform models that an external data
collector can support, consult the Release Notes for your version of NetXplorer.
When installing one or more Service Gateways in the network, a data collector
appliance is required for each SG. The amount of short term statistics gathered
for each service gateway is very large and can affect the overall performance of
the NetXplorer server if not used together with a separate collector.
Another reason for using external data collectors is to overcome connectivity
issues in distributed networks. This can happen for example when the network
is spread out over remote geographical locations. In such cases, the use of
data collectors is necessary. Keep in mind that in order to support data
collection, the line speed between the in-line platform and the data collector
must be at least 10Mbps.
The final reason for deploying data collectors is redundancy. If a data collector
is unavailable, data from the in-line platform can automatically be collected by a
defined backup data collector.
For each NetXplorer type you should follow different installation steps. Full and
details procedures can be found in the Allot NetXplorer Installation and Admin
guide, published for every major software version.
For virtual server for your NetXplorer, install Vmware ESXi (V5.5 and above)
and then download the relevant NetXplorer OVA template from Allot FTP site.
The template holds the operating system together with the NetXplorer software
on it.
When purchased software only (SNX-LIN/SNX-WIN) you should first make
sure you choose suitable hardware as per your needs. Then install the chosen
operating system. For linux make sure to include all relevant packages. For
Windows install Java JDK. Then you can move on to install the NetXplorer
software.
In case you use Allot appliance SNX-SRV, the operating system and
NetXplorer software will be pre-installed. All is left for you is to configure the IP
of the server, and point the NetXplorer server to this IP. With SNX-SRV-HAP
you also have the operating system and NetXplorer software will be pre-
installed. You should connect the HAP cluster and configure the high availability
parameters so all components will be lines up.
NX-HAP comes pre-installed with CentOS operating system and the NetXplorer
software, but the 3 units need to be correctly connected together. For M3
servers, the connections are as follows:
1. A crossed copper cable is used to connect between Port 3 on one NX
server and Port 3 on the second NX server. (illustrated in green above)
2. A null modem serial cable (RS 232) is used to connect between the Serial
COM port on one NX server and the Serial COM port on the second NX
server. (illustrated in red above)
3. Two Serial SCSI (SAS) cables connect between the first controller on the
RAID storage device and the SAS HBA connection in the first PCIe low
profile slot of each NX server (illustrated in orange above)
4. Two further Serial SCSI (SAS) cables connect between the second
controller on the RAID storage device and the SAS HBA connection in the
second PCIe low profile slot of each NX server.
5. Each NX server is connected to the management network via Port 1
(illustrated in blue above) with an additional link via Port 2, as required.
6. Each controller on the storage device is connected to the management
network by a copper Ethernet link for storage management and traps
7. The IMM interface on each NetXplorer server is connected to an external
switch by an additional ethernet management cable.
For a full explanation on how to configure the initial IP settings of the NX-HAP
see the NetXplorer Installation and Administration Guide.
Now that the NetXplorer server has been successfully installed and
connected, lets see how to install the NetXplorer Client.
Click the appropriate link and follow the installation wizard instructions to
install JRE 8.0 on your computer. You can either run the installation files
or download them and then run the installation locally.
In the event that the NetXplorer GUI fails to load, consider the following
actions:
1. Disable pop-up blocking for NetXplorer.
2. For Internet Explorer users, disable 'Empty Temporary Internet Files
folder when browser closed'
a) From the Tools menu, select Internet Options.
b) Select the Advanced Tab and Scroll down to Security
c) Clear the Empty Temporary Internet Files folder when browser
closed checkbox.
d) Click OK, and attempt to access the NX through the browser.
3. Make sure the browser cache file is not saturated:
a) From the Internet Explorer tools menu, select Internet Options.
b) On the General tab, click Delete Files.
c) Select the Delete all offline content checkbox and click OK.
4. If there is a firewall between the GUI Client and the NetXplorer Server,
check that all required ports are opened. A detailed list is available in
the Allot NetXplorer Installation & Admin Guide.
5. If the problem persists, try to access the NetXplorer via the Java Web
Start Application Manager. Note that a full treatment of how to
troubleshoot problems loading the NX GUI is included in the ACPP
Advanced Course Module on Troubleshooting the NX.
When performing any task in the NetXplorer, you will normally work in the
following order of steps:
1. From the lower part of the navigation pane, select the area of the
product you wish to work with – e.g: Network, Catalogs,
Events/Alarms etc. The upper part of the navigation pane will change
accordingly.
2. Click the entity you wish to work with from the upper part of the
navigation pane. You can now select an action to perform on the
selected entity.
3. The details area changes to reflect the selected entity and the action
performed on it.
A tab is displayed at the bottom of the pane for each open application.
You can easily navigate between the open applications by clicking the
tabs.
In order to use the NetXplorer you must enable the NetXplorer Server by
entering the appropriate key.
To enable the NetXplorer Server, select Tools > NetXplorer Application
Server Registration from the NetXplorer Menu bar. The NetXplorer
Application Server Registration dialog box appears. Enter the Server
Registration Key and Serial Number provided by Allot to enable the
NetXplorer Server functionality.
An Expiration Date will be generated automatically after clicking Save.
Note that an expiry date will appear even when you have purchased a
permanent key. This reflects the expiry of the service contract and is
relevant for the APU feature only, which will cease to work once the
service contract has expired.
Click Save to enter the key and close the dialog box.
You will see that there are two root trees in the network pane – the
network tree and the servers tree. Under the network tree we add the
Service Gateway and/or NetEnforcers that are to be managed by the
NetXplorer. Under the Servers tree we can add Data Collectors, SMP,
Data Mediator, VideoClass Expansion Chassis and ClearSee servers. We
will see the Data Collector later in this module. All other servers are
covered in separate training courses.
To add a NetEnforcer or Service Gateway to the Network tree, we will first
of all need its IP address.
1. In the Navigation pane, right-click the Network in the Navigation tree
and select New NetEnforcer from the popup menu. The NetEnforcer
Properties dialog is displayed.
2. Enter a name for the in-line platform. This is the name that will appear
in the Network tree. Now enter the admin user password of the in-line
platform (The default password for the admin user is allot. It is possible
to change this default password using a script on the NE/SG) and the
IP address of the in-line platform in the designated fields and click OK.
The NE/SG is added to the Navigation tree. The New NetEnforcer
operation can take up to a couple of minutes to fully complete.
Once you have added an in-line platform, you can view and modify its
configuration parameters remotely via the NX. To view configuration and
configure a NetEnforcer or Service Gateway:
1. In the Navigation pane, select and right-click the NetEnforcer in the
network tree and select Configuration from the popup menu. The
Configuration window for the selected entity is displayed.
2. After modifying configuration parameters, you must select Save in
order for the changes to take effect. The save process prompts a
reset of the device. Resetting is required to ensure that the saved
parameter values are committed and activated on the NE/SG.
3. When the NetEnforcer Configuration dialog is selected, Restart and
Shutdown buttons become active, on the top right of the screen. Use
these buttons to Restart or Shutdown the selected NE/SG.
The General tab includes parameters that provide system status
information. Status indicates whether or not the NE/SG is operating in
Active or in Bypass mode. Bypass Setting indicates whether the bypass is
set to standalone or active (where relevant), or if it is not connected at all.
Remote Bypass was relevant for a type of redundancy (parallel
redundancy) which is not longer supported on AOS platforms. Power
Supply indicates the status of the power supply on the in-line platform (OK,
Unknown or Problem). Finally, Fans shows the status of the fans on the in-
line platform (OK, Unknown, or Problem).
The Identification & Key tab includes parameters that provide system
information and activate optional NE/SG modules. Scroll down here to
show all of the configured license fields. Note that there is no need to
reboot the NE/SG when you add a new key.
For some licensed attributes, you can see here the current used value
and the highest value during the last seven days.
The Interface tab consists of two sub-tabs, NIC and Link Aggregation
Groups (for Service Gateway only).
The NIC sub-tab includes parameters that enable you to configure the
system interfaces to either automatically sense the direction and speed of
traffic, or use a predetermined duplex type and speed.
This sub-tab also allows you to decide what action to take immediately if
any of the NICs should fail, using “action on failure” setting. The default
action is “Fail Paired Port”. This ensures that traffic will not be blocked if a
single port goes down, and helps for a trouble-free installation.
Other option for action on failure are:
• “No Action” - If one port is down, nothing tells the network device that
the port is down on the NE/SG
• “Fail all ports” - If one port is down, all ports go down
• “Bypass device” – switch the system to bypass mode.
In “Usage” you can configure the type of traffic handled by the port. The
“Connected to LAG” field indicates if this interface is included in a Link
Aggregation Group. See next slides for more details.
If you are configuring a Service Gateway a representation of the currently
installed blades appears at the top of the sub-tab. Select a blade in the
image to see the NICs for that blade.
The networking tab includes parameters that help you configure the
network topology.
When using AC-1400, AC-3000 or AC-6000 in active redundancy
configuration, you need to disable the Bypass unit. This tab is also the
place to set the redundancy mode in which you are working. These issues
were explained fully in Module 02 –Introducing In-Line Platforms.
The networking tab is also the place to enable “HTTP User Defined
Signatures” and “Tethering” condition catalogs which are covered in more
detail in Module 5.
The IP Properties tab enables you to modify the IP and host name
configuration of your network interfaces, as well as the DNS and
connection control parameters.
The Date/Time tab includes the date, time and NTP (Network Time
Protocol) server settings for the NetEnforcer or Service Gateway. When
adding a device the primary NTP is set as the NetXplorer Server IP. The
user may change the NTP server only using CLI commands on the
NE/SG.
The slots and boards tab will only appear in the configuration of certain in-
line platforms (e.g: SG-Tera or SG-Sigma E). On these multi-blade
devices, you can choose a blade from the graphical representation on the
left side of the screen. Below the graphic you will see each sensor and its
current reading. On the right side of the screen are common chassis
sensors and telco alarms.
In order to log in to the NetXplorer GUI, User name and password must
be authenticated. User accounts may be configured to be authenticated
either by the internal NetXplorer user database or by an external RADIUS
AAA system.
NetXplorer implements a role-based security model. The role defined for
each authorized user indicates the scope of operations that can be
performed by the user. Roles can only be defined by an administrator. The
administrator should access the Users Configuration Editor dialog from
the tools menu. There are three types of NetXplorer roles:
Monitor: A user assigned this role has read-only access. The Monitor
user can view monitoring reports, graphs and alarms. However, the
monitor cannot add, change or delete anything within the NetXplorer
application.
Regular: The Regular user has complete read and write privileges in the
NetXplorer application, except reading and writing User Configuration
definitions.
Administrator: Same as Regular user, except that an Administrator user
has reading and writing privileges for User Configuration. A user that has
been assigned the Administrator role can configure new users, edit user
details, or delete users. Note: there must be at least one Administrator
user in the system.
In the network tree we can see the list of NE or SG devices that are managed
by the NetXplorer. Below the list of NE/SGs we see the list of collectors
managed by the NX.
By default the NetXplorer GUI will display only the Internal Short-Term and the
Long-Term collectors. Additional (Short Term) Data Collectors are added
directly above the internal short-term collector.
To add an additional Data Collector to the list, right-click “Servers“ and choose
“New Collector“.
The Collector Properties dialog appears. Here we can give the collector a
unique name, and we enter its IP address. We can define a backup collector. If
the new collector you have defined is unavailable, the monitoring data from the
NetEnforcer or Service Gateway will be collected by the backup collector. The
Collector Type should also be chosen. It can either be Regular or Extended (for
advanced monitoring features).
Select a collector from the list of collectors that are managed by this
NetXplorer. In this case, we have not yet defined other collectors, so the only
option here is to transfer to the internal short term collector on failure.
Notice that there are no NEs or SGs associated with this collector yet. this is
why the "Associated NetEnforcers" tab is greyed out. In general, the
"Associated NetEnforcers" tab is for display only, and you cannot associate
NetEnforcers using this dialog. To associate a NetEnforcer or Service Gateway
to a collector you must use the NetEnforcer properties dialog.
Finally, we click "Save" to add the collector.
Collector group is used for 1:1 redundancy. When using it both collectors
are always collecting the same data so that if one fails the other still
maintains the short term statistics. Note: This configuration should be
distinguished from 1+1 redundancy, where a single collector is assigned
to a selected NetEnforcer or Service Gateway and is configured with a
backup. In this case, only one collector will be active at any time.
Therefore when the active collector is down and the backup collector
takes over, you will lose the short term data.
To add a new collector group to the short term collector list, right-click
"Collectors“ and choose “New Collector Group“.
The “Collector Group Properties – New” dialog appears.
You will need to give the group a name (e.g. Collector-Group1), and
assign two Collectors to the group.
Let’s review the data collector properties menu. This is where you can
configure the information the NetXplorer server needs to know about the
collector: how to find it, and which backup collector is associated to it.
To open the properties menu, select the collector's name in the network
tree and right-click. Choose the bottom option “properties”.
The “Collector Properties” dialog has 2 tabs – “General” and “Associated
NetEnforcers”. Under the “General” tab, you can set the name, IP and
backup settings of the collector.
Under the “Associated NetEnforcers“ tab, you can see the NetEnforcers
or Service Gateways that are currently associated with this collector.
The "collector role" column shows whether our selected collector is the
"configured" collector for the NE/SG or if it is the backup collector of the
NE/SG. The collector role will be listed as "backup" only if the configured
collector is unavailable and the backup collector is operating instead. In
this case, all of the NetEnforcers or Service Gateways are working with
their configured collector.
Now let's look at the collector’s configuration dialog. This is where you
can configure various settings. To open the configuration menu, select the
collector's name in the network tree and right-click. Choose the option
“configuration”.
In the Identification tab we can view the collector's serial number,
software version and model type.
The SNMP (Simple Network Management Protocol) is a commonly used
network management protocol. As with the NE/SG, the collector has
support for SNMP that includes standard MIB II traps. Here, you can
configure a contact person, location and system name for SNMP
purposes.
In the Date / Time tab you can configure the time zone in which the
collector resides. In this dialog you can view the active NTP server as
well.
The IP properties tab allows you to view the network settings of the
collector.
The NetXplorer comes with a built-in short term collector. Its default name
is “Short-Term Collector”, however you can change its name.
Let's have a look at the actions available for this collector.
When we right-click it we can see that the configuration option is disabled.
The internal short term collector inherits its configuration settings from the
NetXplorer server configuration. You can also see that this collector
cannot be deleted.
Let's look at its properties.
We see that the IP address is disabled. You can set a backup for the
internal collector, or use the internal collector itself as a backup to another
collector. And you can see the list of NetEnforcers or Service Gateways
currently associated with it.
Which of the tasks listed on the right can be performed by which user
types?