Operations Management

and Open Source Tools

Jeremiah Jackson - jjackson@mcnc.org

Gonzalo Guzman – gonz@mcnc.org

 FCAPS

WHAT IS FCAPS?

n  Framework for managing telecommunication and network resources.

n  Developed by the ISO when similar management needs were noticed
between the OSI and SMO models.

FCAPS is:
Fault Detection
Configuration
Accounting
Performance
Security

2
 FCAPS – Fault Management

Goal of Fault Management:

Recognize, isolate, correct and log faults that occur.

Components:
n  Fault Detection: Ability to recognize a error when it occurs
n  Notification: Ability to notify when fault occurs.
n  Trending: Setting up a series of baselines of normal operation.
n  Logging: Keep track of faults for future review
n  Response: Either human or automated

3
 FCAPS – Fault Management

Solutions:

n  Nagios - http://www.nagios.org/

n  OpenNMS - http://www.opennms.org/
n  NMIS - http://www.sins.com.au/nmis/
n  WhatsUpGold - http://www.whatsupgold.com/
n  Vendor Specific Switch Programs:
HP Procurve Manager
CiscoWorks, etc.
n  NetCrunch - http://www.adremsoft.com/netcrunch/
n  HP OpenView / EMC Smarts / IBM Tivoli

4
 FCAPS – Fault Management

Nagios - www.nagios.org

Pros:
•  Open Source
•  Polls actual services for response.
(HTTP, SMTP, etc)
•  Flexible Addons for specialized testing
•  Good Trending data and Uptime Statistics
Cons:
•  Configuration is done via text files.
•  Linux only

5
 FCAPS – Configuration Management

Goal of Configuration Management:

Establish and maintain consistency of performance by controlling
changes, and documenting configurations throughout the life
cycle of an information system.

Components:
n  Gather: Collect configurations on a scheduled basis.
n  Store: Store those configurations for backup purposes
n  Track: Monitor and report changes to configurations.
n  Automate: Ability to make mass changes with limited user input.

6
 FCAPS – Configuration Management

Solutions:

n  Rancid - http://www.shrubbery.net/rancid/

“Really Awesome New Cisco confIg Differ”
Utilizes CVS to maintain a database of configuration changes.
Configurations can be generated for any date in time since the device
was first added to Rancid.
Linux based command-line only product.

n  NetCanner - http://bangj.com

n  Vendor Specific Switch Programs:
HP Procurve Manager
CiscoWorks, etc.

7
 FCAPS – Configuration Management

NetCannery
Pros:
•  Graphical Front End
•  Troubleshooting tools such as:
IP address analyzer
Finds devices with unsaved changes
•  Ability to create custom reports

Cons:
•  Graphical Front End requires MacOS
•  Sometimes has difficulty logging into older
devices.
•  Retail Product, fee based
8
 FCAPS – Accounting

What is the goal of Accounting management?

To gather usage statistics for users and use those statistics, to

bill users and enforce usage quotas.

For non-billed networks, "administration" replaces "accounting".

To administer a set of resources in such a way as to provide

availability and accessibility to authorized users.

9 8/27/12
 FCAPS – Accounting

Components:

n  Managing Accounts, passwords and permissions.

n  Auditing system logs.

n  Performing backups of critical data.

10 8/27/12
 FCAPS – Accounting

Managing Accounts, passwords and permissions.

n  LDAP
•  Microsoft Active Directory
•  Novell eDirectory
•  OpenLDAP

n  TACACS
•  CiscoACS

n  RADIUS
•  Steelbelted Radius
•  FreeRadius

n  Diameter
11 8/27/12
 FCAPS – Accounting

Password Guidelines

n  length should be a minimum of 7 characters

n  should contain a mix of lower-case, upper-case, numeric and

punctuation

n  names, birthdays, holidays should be prohibited

n  words from any language should be prohibited

n  expire every 30-90 days

n  Remembered the last 6 passwords

n  lock out accounts after 3-5 failed attempts

12 8/27/12
 FCAPS – Accounting

Password Guidelines

n  Educate your users on using Mnemonic to remember complex

passwords

n  3vi1hax0r

n  2$3cur34u

n  ow&uP@k12

13 8/27/12
 FCAPS – Accounting

Auditing system logs

Basic Auditing in Windows

n  Enable auditing in Local Security Settings >Audit Policy or use a Group
policy

n  Failed logon attempts can be found in the “Security log”

Basic Auditing in *nix

n  Is enabled by default

n  Look for failed logon attempts

14 8/27/12
 FCAPS – Accounting

Performing backups of critical data

n  Microsoft System Center Data Protection Manager

n  Symantec Backup Exec and Veritas Netbackup

n  Windows backup and restore

n  Amanda (www.Zamanda.com)

15 8/27/12
 FCAPS – Accounting

Windows backup and restore

Pros:
•  Free
•  Easy to use
•  Bare metal restore capable (ASR)

Cons:
•  Windows only
•  Reliance on legacy technology

16 8/27/12
 FCAPS – Accounting

Amanda

Pros:
•  Freeware
•  Clients for most OS
•  Easy to setup

Cons:
•  Server is Linux only
•  CLI intensive

17 8/27/12
 FCAPS – Performance Management

Goal of Performance Management:

Prepare the network for the future by monitoring current network
trends, utilization, error rates, and response times.

Components:
n  Data Collection – Store performance information for retrieval.
n  Visualization – Turn data into images for quick comprehension.
n  Trend Analysis – Monitor data over time to recognize patterns.
n  Summarization – Consolidate data in larger time blocks.

18
 FCAPS – Performance Management

Types of Performance Measurement:

n  Performance Measurement – Cacti, PRTG, MRTG, Smokeping,

n  Forensics Analysis – Wireshark, NTOP, Netstumbler, TCPDump

n  Load Generation – Iperf, D-ITG, Internet 2 NDT

19
 FCAPS – Performance Management

Cacti - http://www.cacti.net/
n  Open Source Visualization Tool
n  Monitors all types of statistics from SNMP or custom scripts.
n  Web Based administration / viewing
n  Module support for scripts to handle additional types of monitoring.
n  Based on RRDTool.
n  Automatically summarizes data as time goes on.

20
 FCAPS – Performance Management

WireShark - http://www.wireshark.org/
n  Forensic Analysis of data on a network.

n  Determine network issues like retransmissions.

n  Statistics feature can playback IM sessions, and VoIP calls.

n  Open Source

21
 FCAPS – Security

What is the goal of Security management?

n  The process of controlling access to assets in the network

22 8/27/12
 FCAPS – Security

Components:

n  Policies and Procedures

n  Physical security

n  Firewalls

n  Anti-virus, Trojan and Malware protection

23 8/27/12
 FCAPS – Security

Policies and Procedures:

n  "Acceptable Use Policy" and "Network Connection Policy.“

n  Procedure for requesting security changes.

n  These documents should be very straightforward, easy to

understand.

24 8/27/12
 FCAPS – Security

Physical Security:

n  Servers should be kept in temperature and humidity controlled,

locked rooms with keyboards and monitors hidden from plain
sight if possible.

n  Access to these rooms should be limited to key personnel.

n  Don't forget a good chemical fire extinguisher.

25 8/27/12
 FCAPS – Security

Firewalls:

n  Host firewalls

•  Windows firewall
•  Iptables

n  Network firewall

•  Cisco ASA/Pix
•  Fortigate
•  Sonicwall
•  Juniper Netscreen
•  Iptables

26 8/27/12
 FCAPS – Security

Anti-virus, Trojan and Malware Protection/Removal:

n  Trendmicro AV (www.antivirus.com)

n  Symantec AV (www.symantec.com)

n  ClamAV (www.clamav.net)

n  Malwarebytes (http://www.malwarebytes.org)

n  Spybot- S&D (http://www.safer-networking.org/en)

n  HijackThis (http://www.download.com/Trend-Micro-HijackThis/

3000-8022_4-10227353.html)

27 8/27/12