The Network Design and Equipment Deployment Lifecycle

As we all know, technology has a life cycle of birth, early adoption, mainstream, and then obsoletion. Even the average consumer is very in touch with this lifecycle. However, within this overarching lifecycle there are “mini” lifecycles. One of these mini lifecycles that is particularly important to enterprises is the network design and equipment deployment lifecycle. This lifecycle is the basic roadmap of how equipment gets deployed within a company data network and key a topic of concern for IT personnel. While it’s its own lifecycle, it also aligns with the typical ITIL services of event management, incident management, IT operations management, and continual service improvement.

There are 5 primary stages to the network design and equipment deployment lifecycle: pre-deployment, installation and commissioning, assurance monitoring, troubleshooting, and decommissioning. I’ll disregard the decommissioning phase in this discussion as removing equipment is fairly straightforward. The other four phases are more interesting for the IT department.

The adjacent diagram shows a map of the four fundamental components within this lifecycle. The pre-deployment phase is typically concerned with lab verification of the equipment and/or point solution. During this phase, IT spends time and effort to ensure that the equipment/solution they are receiving will actually resolve the intended pain point.

During the installing and commissioning phase, the new equipment is installed, turned on, configured, connected to the network and validated to ensure that the equipment is functioning correctly. This is typically the least costly phase to find set-up problems. If those initial set-up problems are not caught and eliminated here, it is much harder and more costly to isolate those problems in the troubleshooting phase.

The assurance monitoring stage is the ongoing maintenance and administration phase. Equipment is monitored on an as-needed or routine basis (depending upon component criticality) to make sure that it’s functioning correctly. Just because alarms have not been triggered doesn’t mean the equipment is functioning optimally. Changes may have occurred in other equipment or the network that are propagating into other equipment downstream and causing problems. The assurance monitoring stage is often linked with proactive trend analysis, service level agreement validation, and quality of service inspections.

Troubleshooting is obviously the reactionary portion of the lifecycle devoted to fixing equipment and network problems so that the network can return to an optimized, steady state condition. Most IT personnel are extremely familiar with this stage as they battle equipment failures, security threats and network outages due to equipment problems and network programming changes.

Ixia understands this lifecycle well and it’s one of the reasons that it acquired Breaking Point and Anue Systems during 2012. We have capabilities to help the IT department in all four of the aspects of the network design and equipment deployment lifecycle. These tools and services are focused to directly attack key metrics for IT:

  • Decrease time-to-market for solutions to satisfy internal projects
  • Decrease mean-time-to-repair metrics
  • Decrease downtime metrics
  • Decrease security breach risks
  • Increase business competitiveness

The exact solution to achieve customer-desired results varies. Some simple examples include the following:

  • Using the NTO monitoring switch to give your monitoring tools the right information to gain the network visibility you need
  • Using the NTO simulator to test filtering and other changes before you deploy them on your network
  • Deploying the Ixia Storm product to assess your network security and also to simulate threats so that you can observe how your network will respond to security threats
  • Deploying various Ixia network testing tools (IxChariot, IxNetwork) to characterize the new equipment and network during the pre-deployment phase

Additional Resources:

Ixia Solutions

Network Monitoring

Related Products

Ixia Net Optics Network Taps Ixia Net Tool Optimizer
Ixia Network Tap
Ixia Net Optics network taps provide access for security and network management devices.		 Net Tool Optimizers
Out-of-band traffic aggregation, filtering, dedup, load balancing

Thanks to Ixia for the article.

Key Factors in NCCM and CMDB Integration – Part 2 – Change Configuration and Backup

In Part 1 of this series I discussed how an NCCM solution and a CMDB can work together to create a more effective IT inventory system. In this post, I will be taking that a step further and show how your change configuration process will benefit from integration with that same CMDB.

In general, the process of implementing IT infrastructure change happens at 3 separate stages of an assets lifecycle.

  1. Initial deployment / provisioning
  2. In production / changes
  3. Decommissioning / removal

In each of these stages, there is a clear benefit to having the system(s) that are responsible for orchestrating the change be integrated with an asset inventory / CMDB tool. Let’s take a look at each one to see why.

1. Initial Deployment / Provisioning

When a new device is ready to be put onto the network, it must go through at least one (and probably many) pre-deployment steps in order to be configured for its eventual job in the IT system. From “out of the box” to “in production” requires at least the following:

  1. Installation / turn on/ pretest of HW
  2. Load / upgrade of SW images
  3. Configuration of “base” information like IP address / FQDN / Management configuration
  4. Creation / deployment of full configuration

This may also include policy security testing and potentially manual acceptance by an authorized manager. It is best practice to control this process through an ITIL compliant system using a software application which has knowledge of what is required at each step and controls the workflow and approval process. However, the CMDB / Service desk rarely if ever can also process the actual changes to the devices. This is typically a manual process or (in the best case) is automated with an NCCM system. So, in order to coordinate that flow of activity, it is absolutely essential to have the CMDB be the “keeper” of the process and then “activate” the NCCM solution when it is time to make the changes to the hardware. The NCCM system should then be able to inform the CMDB that the activity was performed and also report back any potential issues or errors that may have occurred.

2. In Production / Changes

Once a device has been placed into production, at some point there will come a time where the device needs to have changes made to its hardware, software or configuration. Once again, the change control process should be managed through the CMDB / service desk. It is critical that as this process begins, the CMDB has been kept up today as to the current asset information. That way there are no “surprises” when it comes time to implement the changes. This goes back to having a standard re-discovery process which is performed on a known schedule by the NCCM system. We have found that most networks require a full rediscovery about 1x per week to be kept up to date –but we have also worked with clients that adjust this frequency up or down as necessary.

Just as in the initial deployment stage, it is the job of the NCCM system to inform the CMDB as to the state of the configuration job including any problems that might have been encountered. In some cases it is prudent to have the NCCM system automatically retry any failed job at least once prior to reporting the failure.

3. Decommissioning / Removal

When the time has come for a device to be removed from production and/or decommissioned the same type of process should be followed from when it was initially provisioned (but in reverse). If the device is being replaced by a newer system then the part of (or potentially the whole) configuration may just be moved to the new hardware. This is where the NCCM systems backup process will come into play. As per all NCCM best practices, there should be a regular schedule of backups that happen in order to make sure the configuration is known and accessible in case of emergency etc.

Once the device has been physically removed from the network, it must also either be fully removed from the CMDB or at the very least should be tagged as decommissioned. This has many benefits including stopping the accidental purchase of support and maintenance on a device which is no longer in service as well as preventing the NCCM system from attempting to perform discovery or configuration jobs on the device in the future (which would create a failure etc).

NCCM systems and CMDB’s really work hand in hand to help manage the complete lifecycle of an IT asset. While it could be possible to accurately maintain two non-connected systems, the time and effort involved, not to mention that much greater potential for error, makes the integration of your CMDB and NCCM tools a virtual necessity for large modern IT networks.

Top 20 Best Practices for NCCMThanks to NMSaaS for the article. 

{tag}link rel=”canonical” href=”http://blog.nmsaas.com/key-factors-in-nccm-and-cmdb-integration-part-2-%E2%80%93change-configuration-and-backup”{/tag}

Infosim® Announces Release of StableNet® 7.5

Infosim®, the technology leader in automated Service Fulfillment and Service Assurance solutions, today announced the release of version 7.5 of its award-winning software suite StableNet® for Telco and Enterprise customers.

StableNet® 7.5 provides a significant number of powerful new features, including:

  • Dynamic Rule Generation (DRG); a new and revolutionary Fault Management concept
  • REST interface supporting the new StableNet® iPhone (and upcoming Android) app
  • Highly customizable dashboard in both the GUI and Web Portal
  • Enabling integration with SDN/NFV element managers
  • NCCM structurer enabling creation of optimized and well-formatted device configurations
  • New High-Availability (HA) infrastructure based on Linux HA technology
  • Syslog & Trap Forwarding enabling integration of legacy systems that rely on their original trap & syslog data
  • Open Alarms GeoMap enabling geographical representation of open alarms

StableNet® version 7.5 is available for purchase now. Customers with current maintenance contracts may upgrade free of charge as per the terms and conditions of their contract.

Supporting Quotes:

Jim Duster, CEO Infosim® ,Inc.

“We are happy that our newest release is again full of innovative features like DRG. Our customers are stating this new DRG feature will help them receive a faster ROI by improving automation in their fault management area and dramatically increase the speed of Root-Cause Analysis.”

Download the release notes here.

Thanks to Infosim for the article.

How Testing Solutions Reduce Risk & Improve Customer Satisfaction

Imagine you’re trying to book a flight. You call the toll-free number and use the interactive voice response (IVR) to get through to bookings, but instead you are put through to the baggage area. You hang up and try again, but this time you wind up speaking to the airline lounge. Do you try a third time or call a competitor? I know what I would do.

The IVR is now a key component to delivering a great customer experience, so what steps should a business take to ensure these systems are working optimally? Do they take proactive measures, or just wait until a customer lets them know that something is broken? And, by the time it gets to this stage, how many customers may have been lost?

There are some businesses out there taking unnecessary risks when it comes to testing the reliability of their communications systems. Instead of performing extensive tests, they’re leaving it up to their customers to find any problems. Put bluntly, they’re rolling the dice by deciding to deploy systems that haven’t been properly tested. This is the primary line of communication with their customers and, in many cases, it’s also how they generate significant revenue, why would they put both customer satisfaction and revenue in jeopardy?

Businesses have quite a few useful options when it comes to proactive testing. We recently acquired IQ Services, a company that tests these environments on a scheduled basis to make sure they’re working properly. It’s an automated process that tests how long it takes to answer, makes sure that the correct responses are given, and even performs a massive stress test with up to 80,000 concurrent calls. (It’s very useful for scenarios such as a large healthcare provider going through open enrollment.) These testing solutions are the way that businesses can ensure that their systems are working reliably under heavy load without leaving anything to chance.

In a world where we think of people as risk-averse, it’s interesting to observe anyone who chooses not to perform these tests. It’s not necessarily a conscious decision if the situation were actually framed in a way where someone knew exactly what they were putting at risk, they’d probably make a better choice. You wouldn’t buy car insurance after you already had an accident. It simply wouldn’t do you much good at that point. The same thing applies to your communications systems. It only makes sense to take a proactive approach to make sure things are working as expected.

Now that you’re aware of what’s at risk if you don’t perform these important tests, don’t make the conscious decision to wait until something has already gone wrong. We’re talking about the potential loss of millions of dollars per hour (or even per minute in certain cases). Some strategic planning can give you the peace of mind you’ll avoid catastrophic loss of revenue in the future. Whenever you do go live with a new feature, you can do so with confidence.

We’ve brought these new Testing Solutions into the Prognosis family. Above and beyond, we want to make sure people understand these capabilities are available. You don’t have to be reactionary, there are proactive solutions to stop you from rolling the dice when it comes to your business and customers. Don’t leave the livelihood of your organization to chance. Of course, if you’re in the mood to gamble your money, there’s always Vegas.

Thanks to IR Prognosis for the article.

Two Ways Networks Are Transformed By NetFlow

According an article in techtarget.com “Your routers and switches can yield a mother lode of information about your network–if you know where to dig.” The article goes on to say that excavating and searching through endless traffic data and logs manufactured by your network system is a lot like mining for gold, and punching random holes to look for a few nuggets of information isn’t very efficient. Your search will be much more fruitful if you know where to look and what it will look like. Fortunately, the data generated by a NetFlow traffic reporting protocol yields specific information and you can easily sort, view and analyze the information into what you want to use or need. In contemporary networks, there is a need to collect and retain a good set of traffic records for several different purposes. These include the ability to monitor traffic for network planning, security and analysis as well as track traffic usage for billing purposes. Every business experiences network problems. The goal is to transform these “bad behaving” networks by investigating the data that is being generated by the routers, switches and other hardware that make up the system.

  • Trace and repair network misconfigurations

Problems with networks can run the gamut from mismatched applications and hardware to wireless access points opened to accommodate BYOD users and other business uses. While there is always talk about software flaws and news about the latest internet threat, those things often distract IT pros from the real, every-day threat of unstable networks that have been configured to accommodate legacy hardware and a multitude of software applications.

The increasing complexity of the Internet itself, with the interconnection of lots of different devices and device types adds to the challenge of operating a computer network. Even though developing protocols to respond to unpredicted failures and misconfigurations is a workable solution, these out-of-date configurations can still cause frequent problems and denial of service (DOS). With many modern network devices monitoring functions and gathering data, retrieving and utilizing the NetFlow information makes tracing and repairing the problem of misconfigurations possible, easier and efficient.

  • Detect security breaches

There are many uses for NetFlow but one of the most important is the benefit of network security. This quote from an article by Wagner and Bernhard, describing worm and anomaly detection in fast IP networks, bears out the security problems facing governments, businesses, and internet users today.

“Large-scale network events, such as outbreaks of a fast Internet worm are difficult to detect in real-time from observed traffic, even more so if the observed network carries a large amount of traffic. Even during worm outbreaks, actual attack traffic is only a small fraction of the overall traffic. Its precise characteristics are usually unknown beforehand, making direct matching hard. It is desirable to derive parameters that describe large amounts of traffic data in such a way that details are hidden, but the type of changes associated with worm outbreaks and other network events are visible.”

NetFlow provides a 24/7 account of all network activity. There is an “unblinking” eye observing anything and everything that happens within the network boundaries. All the data needed to identify and enact a clean-up is recorded in the flow and this is invaluable to a security pro trying to reduce the impact of a breach in the network. NetFlow provides a visible, “what’s happening right now” view that other systems cannot provide. Most security systems alert after something has been detected, while NetFlow is constantly gathering information even when things seem to be just fine. In addition, NetFlow-based analysis relies on traffic behavior and algorithms which provides rapid detection of breaches that other technologies often miss.

NetFlow Auditor - Start your free trial today!Thanks to NetFlow Auditor for the article.

{tag}link rel=”canonical” href=”http://blog.netflowauditor.com/two-ways-networks-are-transformed-by-netflow?utm_campaign=September%2015%20-%20NetFlow%20Guide&utm_content=22860989&utm_medium=social&utm_source=linkedin”{/tag}

SDN/NFV – From Theory to Praxis with Infosim® StableNet®

InterComms talks to Marius Heuler, CTO Infosim®, about Infosim® StableNet® and the management and orchestration of SDN and NFV environments

Marius Heuler has more than 15 years of experience in network management and optimization. As CTO and founding member of Infosim®, he is responsible for leading the Infosim® technical team in architecting, developing, and delivering StableNet®. He graduated from the University of Würzburg with a degree in Computer Science, holds several Cisco certifications, and has subject matter expert knowledge in various programming languages, databases and protocol standards. Prior to Infosim®, Marius held network management leadership positions and performed project work for Siemens, AOK Bavaria and Vodafone.

Q: The terms SDN and NFV recently have been on everybody’s lips. However, according to the critics, it is still uncertain how many telcos and enterprises use these technologies already. What is your point of view on this topic?
A: People tend to talk about technologies and ask for the support of a certain interface, service, or technology. Does your product support protocol X? Do you offer service Y? What about technology Z?

Experience shows that when looking closer at the actual demand, it is often not the particular technology, interface, or service people are looking for. What they really want is a solution for their particular case. That is why I would rather not expect anybody to start using SDN or NFV as an end in itself. People will start using these technologies once they see that it is the best (and most cost-efficient) way to relieve their pain points.

Andrew Lerner, one of the Gartner Blog Network members, recently gave a statement pointing in the exact same direction, saying that Gartner won’t publish an SDN Magic Quadrant, “because SDN and NFV aren’t markets. They are an architectural approach and a deployment option, respectively.“

Q: You have been talking about use cases for SDN and NFV. A lot of these use cases are also being discussed in different standardization organizations or in research projects. What is Infosim®’s part in this?
A: There are indeed a lot of different use cases being discussed and as you mentioned a lot of different standardization and research activities are in progress. At the moment, Infosim® is committing to this area in various ways: We are a member of TM Forum and recently also joined the ETSI ISG NFV. Furthermore, we follow the development of different open source activities, such as the OpenDaylight project, ONOS, or OPNFV, just to name a few. Besides this, Infosim® is part of several national and international research projects in the area of SDN and NFV where we are working together with other subject matter experts and researchers from academia and industry. Topics cover among others operation and management of SDN and NFV environments as well as security aspects. Last but not least, Infosim® is also in contact with various hardware and software vendors regarding these topics. We thereby equally look on open source solutions as well as proprietary ones.

Q: Let us talk about solutions then: With StableNet® you are actually quite popular and successful in offering a unified network management solution. How do SDN and NFV influence the further development of your offering?
A: First of all, we are proud to be one of the leading manufacturers of automated Service Fulfillment and Service Assurance solutions. The EMAtm has rated our solution as the most definitive Value Leader in the EMAtm Radar for Enterprise Network Availability Monitoring Systems in 2014. We do not see ourselves as one of the next companies to develop and offer their own SDN controller or cloud computing solution. Our intent is rather to provide our well-known strength in unified network management for the SDN/NFV space as well. This includes topics like Service Assurance, Fault Management, Configuration, and Provisioning, Service Modelling, etc.

Q: Are there any particular SDN controller or cloud computing solutions you can integrate with?
A: There is a wide range of different SDN controllers and cloud computing solutions that are currently of general interest. In its current SDN controller report the SDxcentral gave an overview and comparison of the most common open source and proprietary SDN controllers. None of these controllers can be named as a definite leader. Equally regarding the NFV area, the recent EMAtm report on Open Cloud Management and Orchestration showed that besides the commonly known OpenStack there are also many other cloud computing solutions that enterprises are looking at and think of working with.

These developments remind me of something that, with my experience in network management, I have known for over a decade now. Also when looking at legacy environments there have always been competing standards. Despite years of standardization activities of various parties, often none of the competing standards became the sole winner and rendered all other interfaces or technologies obsolete. In fact, there is rather a broad range of various technologies and interfaces to be supported by a management system.

This is one of the strengths that we offer with StableNet®. We currently support over 125 different standardized and vendor-specific interfaces and protocols in one unified network management system. Besides this, with generic interfaces both for monitoring and configuration purposes we can easily integrate with any structured data source by the simple creation of templates rather than the complicated development of new interfaces. This way, we can shift the main focus of our product and development activities to the actual management and orchestration rather than the adaption to new data sources.

Q: Could you provide some examples here?
A: We continuously work on the extension of StableNet® with innovative new features to further automate the business processes of our customers and to simplify their daily work. Starting from Version 7, we have extended our existing integration interfaces by a REST API to further ease the integration with third party products. With Dynamic Rule Generation, Distributed Syslog Portal, and Status Measurements we offer the newest technologies for an efficient alarming and fault management. Our StableNet® Embedded Agent (SNEA) allows for an ultra-scalable, distributed performance monitoring as well as for the management of IoT infrastructures. Being part of our unified network management solution, all these functionalities, including the ultra-scalable and vendor-agnostic configuration management, can equally be used in the context of SDN and NFV. A good way to keep up-to-date with our newest developments are our monthly Global Webinar Days. I would really recommend you to have a look at those.

Q: As a last question, since we have the unique chance to directly talk with the CTO of Infosim®, please let us be a little curious. What key novelties can people expect to come next from Infosim®?
A: There are of course many things that I could mention here, but the two areas that will probably have the most significant impact on management and orchestration are our new service catalog and the new tagging concept. With the service catalog the management is moved from a rather device- or server-based perspective to a holistic service-based view. This tackles both the monitoring and the configuration perspective and can significantly simplify and speed up common business processes. This is of course also related to our new tagging concept.

This new approach is a small revolution to the way that data can be handled for management and orchestration. We introduce the possibility for an unlimited number of customizable tags for each entity, let it be a device, an interface, or an entire service, and combine this with automated relations and inheritance of proprieties between the different entities. Furthermore, the entities can be grouped in an automated way according to arbitrary tag criteria. This significantly extends the functionality, usability, and also the visualization possibilities.

Thanks to InterComms for the article. 

Don’t Be Lulled to Sleep with a Security Fable. . .

Once upon a time, all you needed was a firewall to call yourself “secure.” But then, things changed. More networks are created every day, every network is visible to the others, and they connect with each other all the time—no matter how far away or how unrelated.

And malicious threats have taken notice . . .

As the Internet got bigger, anonymity got smaller. It’s impossible to go “unnoticed” on the Internet now. Everybody is a target.

Into today’s network landscape, every network is under the threat of attack all the time. In reaction to threats, the network “security perimeter” has expanded in reaction to new attacks, new breeds of hackers, more regions coming online, and emerging regulations.

Security innovation tracks threat innovation by creating more protection—but this comes with more complexity, more maintenance, and more to manage. Security investment rises with expanding requirements. Just a firewall doesn’t nearly cut it anymore.

Next-generation firewalls, IPS/IDS, antivirus software, SIEM, sandboxing, DPI: all of these tools have become part of the security perimeter in an effort to stop traffic from getting in (and out) of your network. And they are overloaded, and overloading your security teams.

In 2014, there were close to 42.8 million cyberattacks (roughly 117,339 attacks each day) in the United States alone. These days, the average North American enterprise fields around 10,000 alerts each day from its security systems—way more than their IT teams can possibly process—a Damballa analysis of traffic found.

Your network’s current attack surface is huge. It is the sum of every access avenue an attacker could use to enter your network (or take data out of your network). Basically, every connection to and/or from anywhere.

There are two types of traffic that hit every network: The traffic worth analyzing for threats, and the traffic not worth analyzing for threats that should be blocked immediately before any security resource is wasted inspecting or following up on it.

Any way to filter out traffic that is either known to be good or known to be bad, and doesn’t need to go through the security system screening, reduces the load on your security staff. With a reduced attack surface, your security resources can focus on a much tighter band of information, and not get distracted by non-threatening (or obviously threatening) noise.

Thanks to Ixia for the article.

5 Reasons Why You Should Include LAN Switches in Your NCCM Scope

We’ve been doing a lot of blogging around here lately about NCCM and the importance of having an automated configuration and change management system. We’ve even published a Best practices guide for NCCM. One of the main points in any NCCM system is having consistent and accurate configuration backups of all of your “key” devices.

When I ask Network Managers to name their key devices, they generally start with WAN / Internet routers and Firewalls. This makes sense of course because, in a modern large-scale network, connectivity (WAN / Internet routers) & security (Firewalls) tend to get most of the attention. However, we think that it’s important not to overlook core and access switching layers. After all, without that “front line” connectivity – the internal user cannot get out to the WAN/Internet in the first place.

With that in mind, today’s blog offers up 5 Reasons Why You Should Include LAN Switches in Your NCCM Scope

1. Switch Failure

LAN switches tend to be some of the most utilized devices in a network. They also don’t generally come with the top quality hardware and redundant power supplies that core devices have. In many cases, they may also be located on less than pristine locations. Dirty manufacturing floors, dormitory closets, remote office kitchens – I have seen access switches in all of these places. When you combine a heavy workload with tough conditions and less expensive part, you have a recipe for devices that will fail at a higher rate.

So, when that time comes to replace / upgrade a switch, having its configuration backed up and a system which can automate the provisioning of the new system can be a real time and workload saver. Just put the IP address and some basic management information on the new device and the NCCM tool should be able to take off the rest in mere minutes.

2. User Tracking

As the front line connectivity device for the majority of LAN users, the switch is the best place to track down user connections. You may want to know where a particular user is located, or maybe you are trying to troubleshoot an application performance issue; no matter what the cause, it’s important to have that connectivity data available to the IT department. NCCM systems may use layer 2 management data from CDP/LLDP as well as other techniques to gather this information. A good system will allow you to search for a particular IP/MAC/DNS and return connectivity information like which device/port it is connected to as well as when it was first and last seen on that port. This data can also be used to draw live topology maps which offer a great visualization of the network.

3. Policy Checking

Another area where the focus tends to be on “gateway” devices such as WAN routers and firewalls is policy checking. While those devices certainly should have lots of attention paid to them, especially in the area of security policies, we believe that it’s equally as important not to neglect the access layer when it comes to compliance. In general terms, there are two aspects of policy checking which need to be addressed on these devices: QoS policies and regulatory compliance policies.

The vast majority of VoIP and Video systems will connect to the network via a traditional LAN switch. These switches, therefore, must have the correct VLAN and QoS configurations in order to accurately forward the traffic in the appropriate manner so that Quality of Service is maintained.

If your organization is subject to regulatory compliance standards such as PCI, HIPAA etc then these regulations are applicable to all devices and systems that are connected to or pass sensitive data.

In both of these cases, it is incredibly important to ensure policy compliance on all of your devices, even the ones on the “edge” of your network.

4. Asset Lifecycle Management

Especially in larger and more spread out organizations, just understanding what you have can be a challenge. At some point (and always when you are least prepared for it) you will get the “What do we have?” question from a manager. An NCCM system is exactly the right tool to use to answer this question. Even though NCCM is generally considered to be the tool for change – it is equally the tool for information. Only devices that are well documented can be managed and that documentation is best supplied through the use of an automated inventory discovery system. Likewise, when it is time for a technology refresh, or even the build out of a new location or network, understanding the current state of the existing network is the first step towards building an effective plan for the future.

5. New Service Initiatives

Whether you are a large IT shop or a service provider – new applications and services are always coming. In many cases, that will require widespread changes to the infrastructure. The change may be small or larger, but if it needs to be implemented on a number of systems at the same time, it will require coordination and automation to get it done efficiently and successfully. In some instances, this will only require changes to the core, but in many cases it will also require changes to the switch infrastructure as well. This is what NCCM tools were designed to do and there is no reason that you should be handcuffed in your efforts to implement change just because you haven’t added all of your devices into the NCCM platform.

Networks are complicated systems of many individual components spread throughout various locations with interdependencies that can be hard to comprehend without the help of network management tools. While the temptation may be to focus on the core systems, we think that it’s critical to view all parts, even the underappreciated LAN switch, as equal pieces to the puzzle and, therefore, should not be overlooked when implementing an NCCM system.

Top 20 Best Practices for NCCM

Thanks to NMSaaS for the article.

{tag}link rel=”canonical” href=”http://blog.nmsaas.com/5-reasons-why-you-should-include-lan-switches-in-your-nccm-scope”{/tag}

5 Perks of Network Performance Management

Network performance management is something that virtually every business needs, but not something that every business is actively doing, or even aware of. And why should they?

While understanding the technical side of things is best left to the IT department, understanding the benefits of a properly managed network is something that will help get the business managers on board, especially when good performance management solutions might be a cost that hadn’t been considered. So what are the benefits?

1. Avoiding downtime – Downtime across an entire network is going to be rare, but downtime in small areas of the network are possible if it gets overloaded. Downtime of any kind is just not something that business can tolerate, for a few reasons:

  • it leaves that area of the network unmonitored, which is a serious security issue
  • shared files won’t be accessible, nor will they be updating as users save the files. This will lead to multiple versions of the same file, and quite a few headaches when the network is accessible again
  • downtime that affects customers is even worse, and can result in lost revenue or negative customer experiences

2. Network speed – This is one of the most important and easily quantified aspects of managing netflow. It will affect every user on the network constantly, and anything that slows down users means either more work hours or delays. Obviously, neither of these is a good problem to have. Whether it’s uploading a file, sending a file to a coworker, or sending a file to a client; speed is of paramount importance.

3. Scalability – Almost every business wants to grow, and nowhere is that more true than the tech sector. As the business grows, the network will have to grow with it to support more employees and clients. By managing the performance of the network, it is very easy to see when or where it is being stretched too thin or overwhelmed. As performance degrades, it’s very easy to set thresholds that show when the network need upgraded or enlarged.

4. Security – Arguably the most important aspect of network management, even though it might not be thought of as a performance aspect. An unsecured network is worse than a useless network, and data breaches can ruin a company. So how does this play into performance management?

By monitoring netflow performance, it’s easy to see where the most resources are being used. Many security attacks drain resources, so if there are resource spikes in unusual areas it can point to a security flaw. With proper software, these issues can be not only monitored, but also recorded and corrected.

5. Usability – Unfortunately, not all employees have a working knowledge of how networks operate. In fact, as many in IT support will attest, most employees aren’t tech savvy. However, most employees will need to use the network as part of their daily work. This conflict is why usability is so important. The easiest way to minimize training costs with any network management program is to ensure that it is as user-friendly as possible.

The fanciest, most impressive network performance management system isn’t worth anything if no one knows how to use and optimize it properly. Even if the IT department has no issues with it, the reports and general information should be as easy to decipher as possible.

Is your network as optimized as it could be? Are you able to monitor the network’s performance and flow, or do network forensics to determine where issues are? Don’t try to tackle all of this on your own, contact us and let us help you support your business with the best network monitoring for your specific needs.

b2ap3_thumbnail_aec80d47-9384-4ff8-8d9b-294574b3612f_20151014-140219_1.png

Thanks to NetFlow Auditor for the article.

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

CT523-328-2ac-1n-bat LANforge WiFIRE 802.11a/b/g/n/ac 3 radio WiFi Traffic Generator (with Battery) Supporting 328 Virtual STA Interfaces

The CT523-328-2ac-1n-bat wireless traffic generator is an excellent choice for testing Access Points and other WiFi networks. The CT523-328-2ac-1n-bat uses a modified Wireless driver for WiFi NICs based on the Atheros chipset. The ath9k (a/b/g/n) chipset NICs can support up to 200 stations per radio. The ath10k (a/b/g/n/ac) chipset NICs can support up to 64 stations per radio. Each of the Virtual Stations has its own IP address, IP port space, MAC address and routing table. The Virtual Stations can be assigned to communicate to a particular Access Point, use a particular SSID, and Open or WPA/WPA2 authentication assigned. More advanced 802.1X authentication is also included. Each radio can be configured idependently of the other. Transmit power and channel/frequency is configured on a per-radio basis. Most other settings are configurable per virtual station.

There are two ath10k a/b/g/n/ac and one ath9k a/b/g/n WiFi radios per CT523-328-2ac-1n-bat and multiple LANforge systems can be clustered together for even more realistic radio interference patterns and increased traffic generation capability.

All virtual stations on the same radio must be on the same frequency, but as long as the protocol supports that fequency, the multiple protocols can be used concurrently. For instance, if the radio is configured for a 2.4Ghz channel, the stations can be /b, /g, /n, or /ac. If the radio is on a 5Ghz channel, the stations can be /a, /n or /ac. The bandwidth can be configured for all protocols. For 802.11n, configuring the MCS rates also determines the number of streams (1×1, 2×2, 3×3, etc.).

NOTE: ath10k 802.11ac radios and stations may be more limited in rate selection and other features for the initial release.

The Virtual Stations may be configured with all of the virtual interfaces on the same subnet, or different subnets, depending on the testing requirements. When used with something like VoIP, it allows all of the VoIP calls to use the standard IP ports (with one call per virtual interface).

The CT523-328-2ac-1n-bat has no fans and is silent. It has 9 antenna. It will fit into a small travel bag or briefcase for easy portability. No additional hardware or software is required, but it is suggested that you manage the system using the LANforge GUI on a separate machine. The CT523-328-2ac-1n-bat can also be managed over a serial console in text mode or through directly connected monitor, mouse and keyboard.

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

Quick Start Guide

  1. Connect Management Ethernet port to Management network or management PC. If connecting directly to a PC, an Ethernet cross-over cable should be used.
  2. Connect eth1 wired Ethernet interface to wired Ethernet interface on the AP or network under test. This usually is considered the ‘server’ side of the network.
  3. The Client side of the network will be the Virtual Stations configured on the CT523-328-2ac-1n WiFi NIC(s).
  4. Connect power brick to standard US or European AC power source. If using external battery pack, then connect to that instead.
  5. Install the LANforge-GUI on a separate management PC or Laptop. Windows and Linux GUIs are supported: Select the correct one from the CDROM or Candela Technologies Download page and install it. The CT523-328-2ac-1n appliance has a web server that also provides the LANforge GUIs.
  6. The CT523-328-2ac-1n should now boot. If DHCP is enabled on the Management network, the CT523-328-2ac-1n will automatically acquire an IP address. If DHCP is not available, the IP address will be set to 192.168.1.101 by the LANforge scripts.
  7. Start the LANforge-GUI on the management PC and click the ‘Discover’ button. It should find the CT523-328-2ac-1n appliance and add the IP address to the drop-down box in the Connect widget. Press ‘Connect’ and you will be connected to the CT523-328-2ac-1n.
  8. Select the Port Mgr tab in the GUI. Double-click on the device called ‘wiphy0’. This is the Radio device, and should be configured for the correct, channel, country-code, etc. Next, select one or more of the Virtual Station interfaces and click ‘Modify’. Enter the correct IP address information, SSID and WEP or WPA/WPA2 key (if Enabled). After applying these changes, the Virtual Station interface should associate with the AP and be ready to send traffic. You may create up to 328 Virtual Station interfaces per CT523-328-2ac-1n with the ‘Create’ button.
  9. Once the interfaces are configured correctly, you can click on the Layer 3, VOIP/RTP and other LANforge-FIRE related GUI tabs and configure/modify/start/stop particular traffic patterns that utilize the virtual stations and wired Ethernet interface. In most cases, you will want one of the FIRE endpoints to be on the wired interface and the other to be on the WiFi Virtual Station interface. It is also valid to generate traffic between two Virtual Station interfaces. The GUI Plugins menu (and right-click on some tables) provides some plugins to do automated testing and reporting. Contact support if you have suggestions for improvements.
  10. Any GUI modifications take place immediately after you click ‘Submit’.

LANforge WiFIRE Related Images
Virtual Station Configuration Screen

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

Layer 3 (Ethernet, UDP, TCP) Connections

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

Layer 3 Create/Modify Screen

Remote Location Testing? Transmit WiFi Traffic at a Remote Site for 12 Hours with LANforge WiFIRE

Software Features

  • Supports real-world protocols:
    • Layer 2: Raw-Ethernet.
    • 802.1Q VLANs.
    • PPPoE: Integrated PPPoE support.
    • Layer 3: IPv4, IPv6, UDP/IP, IGMP Multicast UDP, TCP/IP.
    • Layer 4: FTP, HTTP, HTTPS, TFTP, SFTP, SCP
    • 802.11a/b/g/n Wireless Station (up to 200 per machine).
    • 802.11a/b/g/n/ac Wireless Station (up to 128 per machine).
    • Layer 4: TELNET, PING, DNS, SMTP, NMAP (via add-on script).
    • File-IO: NFSv3, NFSv4, CIFS, iSCSI.
  • Supports up to 1000 concurrent TCP connections with base license package.
  • The CT523-328-2ac-1n-bat is able to push up to 345Mbps through an AP, depending on the protocols mix, wireless mode and environment, and speed of the network under test. Supports at least 60 VoIP (SIP, RTP) calls if appropriate licenses are purchased. When all two ath10k a/b/g/n/ac and one ath9k a/b/g/n radios are configured on different channels, combined maximum upload speed exceeds 625Mbps (NOTE: Tested with 802.11a/b/g/n NICs. The ath10k a/b/g/n/ac chipset NICs have not been performance tested yet.) More powerful systems are also available.
  • Supports real-world compliance with ARP protocol.
  • Supports ToS (QoS) settings for TCP/IP and UDP/IP connections.
  • Uses publicly available Linux and Windows network stacks for increased standards compliance.
  • Utilizes libcurl for FTP, HTTP and HTTPS (SSL), TFTP and SCP protocols.
  • Supports file system test endpoints (NFS, CIFS, and iSCSI file systems, too!). File system mounts can use the virtual interface feature for advanced testing of file server applications.
  • Supports custom command-line programs, such as telnet, SMTP, and ping.
  • Comprehensive traffic reports include: Packet Transmit Rate, Packet Receive Rate, Packet Drop %, Transmit Bytes, Receive Bytes, Latency, Jitter, various Ethernet driver level counters, and much more.
  • Supports generation of reports that are ready to be imported into your favorite spread-sheet.
  • Allows packet sniffing and network protocol decoding with the integrated Wireshark protocol sniffer.
  • GUI runs as Java application on Linux, Solaris and Microsoft Operating Systems (among others).
  • GUI can run remotely, even over low-bandwidth links to accommodate the needs of the users.
  • Central management application can manage multiple units, tests, and testers simultaneously.
  • Includes easy built-in scripting for iterating through rates and packet sizes, with automated reporting. Also supports scriptable command line interface (telnet) which can be used to automate test scenarios. Perl libraries and example scripts are provided!
  • Automatic discovery of LANforge data generators simplifies configuration of LANforge test equipment.
  • LANforge traffic generation/management software is supported on Linux, Solaris and MS Windows.

Hardware Specification

  • High-End Appliance with no fans.
  • Operating System: Fedora Linux with customized 64-bit Linux kernel.
  • Two 1Gbps Ethernet ports, room for three wifi NICs.
  • Intel i7-2655LE 2.2 GHz processor.
  • RJ45 Serial console (115200 8 N 1) for console management & initial configuration.
  • VGA/DVI-D, USB ports for desktop usage.
  • 8 GB RAM.
  • 40 GB Solid State Hard Drive.
  • Larger storage drives available.
  • 9-30v 4AMP external power supply (brick).
  • Weight: 8 lbs
  • Dimensions: 11 x 8 x 2.6 inches Metric: 277 x 194 x 67 mm.
  • Operating Temperature: -20 ~ 55°C.
  • Certification: CE Emission, FCC Class A, RoHS Compliant.
  • UPS-500AD External battery with 12+ hours runtime.
    • Capacity:Lithium battery 12v 26Ah 288Wh; Total Efficiency: Rated 500W, Peak 1000W; Output Waveform: Modified Sine Wave
    • AC Input Voltage:110-220V 50/60Hz
    • AC Output Voltage:110V 60Hz or 220V 50Hz
    • DC Output(4 barrel ports):12V/8A (10A MAX);
    • USB Output(4 ports):5V/ 6.2A
    • LED Light:1W,Max 3W
    • Solar Input Charging Panel (Panel Not Included): Voltage 18V 20-100W
    • Overload, Short circuit protection
    • Size:12.60 x 5.91 x 8.66in
    • Weight:3.2 kgs

Additional Feature Upgrades

Unless otherwise noted in the product description, these features usually cost extra:

  • WanPaths (LANforge-ICE feature set)
  • Virtual Interfaces: MAC-VLANs, 802.1Q VLANs, WiFi stations, etc
  • FIRE Connections: Base FIRE license includes 1000 active connections.
  • WiFi RF Attenuator: Adjust WiFi signal strength in a controllable manner.
  • SMA RF Cable Bundle: Used to cable LANforge WiFIRE radios to device-under-test.
  • LANforge-ICE Network Emulation.
  • VOIP: Each concurrent call over the included package requires a license.
  • Armageddon: Each pair of ports requires a license if not already included.

Thanks to Candela for the article.