by July 16, 2006 0 comments



Remote Infrastructure Management (RIM) is not a new concept, but its adoption
in recent years has increased rapidly. This trend is mainly derived by two key
factors. One is a rise in Outsourcing IT infrastructure management to a
competent authority, and second is the availability of tools and the bandwidth
to be able to deploy a remote infrastructure management solution on your own. In
both cases, the objective can be to reduce cost of management as well as the
downtime. In 2003, Gartner had also predicted that remote infrastructure
management was going to be a mega trend and forecasted that most of its
customers were likely to adopt this model in the next two years. Today, most of
the large companies around the world have adopted RIM in some form or the other.
Have you done it?

In this story, we will look at the key benefits of a RIM setup, and what are
the different scenarios and options available for you to have a Remote
Infrastructure Management System (RIMS) for your organization’s IT
infrastructure. We will also get our hands dirty on some well known and not so
well known but effective products and devices and will see how you can build
your own RIMS with those products.

Before going further, let’s talk about why you should go for RIMS. Let’s
assume that your company has its head office in Gurgaon with more than five
hundred desktops and a datacenter, which has hundreds of servers. Then you have
around 200 different branch offices across the country, each having anywhere
between 20 to 100 machines. You obviously want that your datacenter should have
at least 99.999 percent uptime and your other nodes should at least have 99.99
percent of uptime. To make sure that this happens, traditionally, either you
have your own IT team in each and every location or you outsource the
maintenance task to the local vendors who have provided you the machines. In the
first scenario, the cost you have to invest will be pretty high, because you
have to deploy skilled professionals in each location. In the second scenario,
you’ll have too many interaction troubles with the local vendors, with delays
in communication causing downtime. In other words, first a problem would happen
at a branch office, this would get noticed by the local staff, who in turn would
first try to fix it on their own. If this doesn’t work, then they would
contact the local vendor, who would then come and fix the problem. The HO would
come to know about it much later, and would then perhaps send some experts from
the center to fix the problem.

“Remote Management has been a recognized and accepted need but bottlenecks like sufficient bandwidth and expensive management software were the hurdles. Today, Remote Management providers have overcome these hurdles without compromising on the capabilities. In other words, Remote Management has come of age.”
Ponnanna Uthappa B, Team Computers

Key benefits

By deploying a RIMS in-house, in a central and connected location, or by
outsourcing the maintenance to a company who does Remote Infrastructure
Management, you can save a lot of cost as well as ensure uptime. Let’s have a
detailed look at some of the reasons why you should go for RIM and where would
it fit in your enterprise.

Uptime
The biggest challenge for a CIO or an IT decision maker today is to ensure that
the core business functions without any hitches caused by the IT infrastructure.
To make sure that happens, you have to have proper monitoring in place. To
maintain your uptime, RIMS can help you by providing better and centralized
monitoring. There are quite a few independent network device and monitoring
applications in both the commercial and Open Source world that are available for
the job. In the commercial space, three names come to the forefront. These
include HP’s OpenView, IBM’s Tivoli, and CA’s Unicenter. We’ve written
about how to deploy OpenView for RIM later on in this story. All of these have
remote infrastructure management capabilities. In the Open Source world, there’s
Nagios (Read the box item on how to install and use it), OpenNMS, and even some
good log polling applications such as Lire or xlog, which can fetch all the logs
to a centralized location for you to analyze.

Response time
Another key benefit you get from RIM is faster response time. This will happen
If you have a centralized setup, something like a NOC, for your RIMS from where
your IT team can access all nodes and servers from across the country. This can
immediately help spot problems remotely and do something about it immediately.
This cuts down the response time drastically and ensures higher uptime for your
servers and nodes. There are multiple ways to achieve this. Most network devices
and applications today provide a web-based management interface, meaning they
can be
accessed from anywhere. All you need is to access the network where these
devices are located. You can either go for a VPN setup to access the network and
then manage (test, configure, and even reboot if needed), or do one-to-one
NATing with the local IP address of the device to a public IP from your vendor
and then access it over the Internet directly. The latter idea is only suitable
if you have very few devices to manage. In this case you must also make sure
that you at least use the web interface over an SSL connection.

If you are trying to configure some servers or nodes remotely, then the
option will be Remote Desktop, which is available in all Windows OSs, since NT4,
and for other platforms, like Linux UNIX, and Mac, you can go for VNC, which is
available for most platforms. 

One problem you will face here is the BIOS level access, because the remote
connection is running over the OS. So if you have a machine that has a corrupted
BIOS, and you want to fix it, or you want to do a remote OS installation, then
the option for you is something like a KVM over IP switch. Read the last part of
this story to know about some such devices.

Scenarios
Here, remote offices are managed and monitored from a NOC setup over a secure public network. The NOC IT team is keeping an eye on the status of the entire IT infrastructure
Typically this setup is used by an Outsourcing company that is managing its clients’ IT infrastructure. All client side alerts are first fetched by a centralized RIM core and then forwarded to the NOC 

Cutting costs
Setting up a RIM is usually a one time cost. After that, around 95% of your
monitoring and management is done from one single place. So you immediately save
the cost of hiring more people in all your branch locations. Then, if you do
proactive monitoring of your infrastructure (logically and physically), which
also includes remote asset management, you can keep track of your resources and
do better resource allocations. This again saves costs in a big way.

If you still don’t want to go for implementing an RIM system for your own
organization, you can outsource it to a competent agency, which does it day in
and day out. This can again save some of your deployment cost according to the
type of plan you choose for your organization. There are quite a few companies
(Indian and MNCs) who do this. We will talk about them in detail in the
following sections of the story.




Types of solutions

Let’s now try to understand what kind of solutions are possible, and
compare their features. Broadly speaking, there are two different scenarios in
Remote Infrastructure Management. One is to outsource it to a third party, which
could be an independent managed service provider or even an ISP. Or you can do
it yourself. In case of the first two, we met some companies who are into this
to understand how it’s done.

ISP based RIMS
In this type of a scenario, the Web service provider goes one step ahead and
provides management to your applications and in house servers as well. Here, by
applications we mean the Web applications and services/data centers. ISPs
generally don’t cover the whole gamut of services, and keep out of things such
as desktop, network and inventory management.

This type of a scenario is good for those who already have an IT team for the
desktop’s support and maintenance, but need to outsource their applications
and servers management. They will provide the customer with ports that can be
polled using any network monitoring tool to view the reports that the ISP has
generated about your setup. This would help you determine how well is the ISP
going about the job, what have been the trends, were there any unwarranted
downtimes, etc.

Specialized RIMS vendors
There are companies who are purely dedicated to providing full support for your
IT infrastructure remotely. This includes support for your data centers,
servers, network and even Inventory Management. Many companies use their own
custom made software for the job. In such a setup (see figure 2), there is
likely to be a RIM core, which is basically a database that captures and stores
all your events and alerts. All alerts are fetched and sent to this RIM core
using either hardware polling devices, which have been developed by the vendors
or by some common fetching mechanism such as rsync or FTP. The software should
be installed/configured on each clients’ location. After these events are
captured by the RIM core, they are forwarded to a monitoring agent, which has
pre-defined thresholds configured for various types of services like database,
mail, system performance (RAM, CPU, etc), Web servers, etc. Here, all events are
checked against their preset thresholds and forwarded to a help desk/trouble
ticketing application. This application, in most cases also has built in the SLA
details that have been set between the vendor and the service provider. For
instance, if some organization wants that a set of his particular servers in the
datacenter should be treated on a priority basis, then the alerts generated from
those devices will automatically get priority on the helpdesk tickets. These
applications’ front end can then be monitored by the IT team for diagnostics
and repairs. For repairing, they again can use standard techniques such as IP
KVMs, Remote Desktop or VNC.

“ As businesses look to farm out their IT requirements, companies are focusing at efficient management products and services to reduce IT operation costs. Outsourcing infrastructure management is a trend that saw CIOs emphasizing on better productivity and improved ROI in 2005. Gartner estimates that offshore spending on IT services will reach $50 billion by 2007. This year will see the trend gain traction and remote infrastructure management will emerge from its infancy to gain wider acceptance.”
Sumeet
Sabharwal, MD, NaviSite India

In-house RIMS
It’s not necessary that you outsource your IT infrastructure management to an
external agency. If you already have a skilled IT team in place, then you can
setup your own RIM as well. You could then centralize your pool of skilled IT
manpower, and leave very little manpower at the branches for routine jobs, like
fixing minor hardware or network related problems. The applications and the
hardware for the job are easily available.

In case of Open Source applications, you will have to integrate all the
different components by yourself. It’s possible but difficult, whereas if you
go for a packaged product, then you will get everything in one place. But of
course, the magic doesn’t come cheap. You have to pay a good amount for this
kind of an application. We have talked about some of the packaged and Open
Source products at the end of this story. Before going directly on implementing
those software, lets first try to understand the basic requirements and
precautions you should take while deploying an RIMS.

Basic requirements

Like we said, you can setup your own RIM solution as well, but there are a
few pre-requisites and basic factors that must be taken care of such as
connectivity issues, security in remote access, bandwidth requirements, etc. Let’s
look at them in more detail.

Connectivity
For connectivity, you could either go over the Internet or have your own leased
lines. The choice depends upon the kind of setup you currently use to connect
your various branch offices. In case of a public network, security becomes a
major concern, which we’ve tackled separately. Leased lines are a good option
for remote data center monitoring. Needless to say, Internet based connectivity
costs less, but you would have to take into account the security aspects.

Bandwidth requirements
When you talk about deploying Remote Infrastructure Management, the first thing
you would need is good bandwidth. There are basically two components of RIMS
that require bandwidth. The first is polling of the events and sending them to
the NOC. This component is very necessary and will need reliable connectivity.
Because if the line is down, then you won’t be able to understand what is
happening at your Remote
location at all. The key here is to maintain a failsafe mechanism for the
connectivity.

Here, you won’t need a huge amount of bandwidth because the type of data
sent in this case is commonly plain text. A standard 256 Kbps line should be OK
for this. Ideally, have a 256 Kbps line with a 128 Kbps failsafe line. The
second component of RIMS, which will need bandwidth is the ‘Remedy’ or
rather the ‘Management’ part, where you will need to access the machines
directly from the remote location, either over IP
based KVMs or using some kind of a Remote Desktop application.

NaviSite’s NOC
location in India. Here, they keep track of around 900 devices across the globe

This is the type of task you wont always need. You’ll only need it when
there’s a major problem. Therefore, it may not be necessary to have a
dedicated link for the job for all your sites. You would however, need it for
all the main sites. Usually, at least 512 kbps is required for this function to
work effectively.

Security issues
This is the biggest challenge when you deploy RIMS, because you’re actually
opening up your entire IT infrastructure to be accessed from anywhere. There are
multiple ways to implement security. In case you’re using the Internet for
remote connectivity, then the first level of security would be creating a secure
tunnel, for which you can use VPN for SSH based applications. Then you can have
an ACL based connectivity over a
virtual console that would require LDAP authentication. The concept of virtual
consoles is very interesting. Here, instead of actually terminating the
connection to a machine at the remote location, the connection is terminated
over a virtual machine (may be MS Virtual Server or VMWware Server), which has
very few privileges and can only open a Web browser for authenticating the user
with the credential of the local network. When this authentication is done, the
user can then run remote desktops from that virtual console to connect to other
nodes on the network.

The other option is to restrict any type of inbound connection from the
remote locations. Surprised? You must be thinking, how could one connect to
those locations? This is indeed possible and is a very good mechanism to
restrict any kind of hacking. In this kind of a setup the key role is done by
the monitoring or alerting system. What exactly happens is very simple. Whenever
an event happens, that crosses a certain pre- defined threshold, it triggers an
outbound connection which then connects the location to the NOC and the
connection is made.




Features

Whether you’re outsourcing your IT infrastructure management or doing it in
house, there are a certain number of features that must be considered. These
depend largely upon what parts of the infrastructure you are going to manage
remotely.

Management console
One of the key things that every remote infrastructure management solution needs
is a management console that’s easily accessible from anywhere. This should be
able to give you, at one glance, a complete picture of your IT infrastructure.
It should tell you the services that are running smoothly, the ones that have
gone down, etc. It should be Web based and accessible from anywhere across the
world, as long as you have a Web browser and Internet access.

BIOS level access
The options available today for BIOS level access are Remote Management Cards
and IP KVM switches. The remote management cards are PCI cards and usually have
a network adapter and an on-board modem. Remote management of server would thus
be possible through the network adapter or by dialing into a modem. For
security, these cards use SSL v3 and user authentication. These cards come handy
when there are only a couple of servers in your remote location, whereas IP KVM
switches are useful for data centers where many servers are being managed
remotely. There are quite a few features, which you can get from an IP based KVM.
For example, some of them support monitor sharing, which means you can view all
the desktops from one interface. This helps you monitor a large number of
screens at one time. The second benefit is that, one gets
integrated security on such kind of devices. And last but not the least, you can
monitor heterogeneous devices from one place, because they don’t need any
specific client to get installed on the monitoring machine to access the remote
nodes. You can actually access and manage Linux, Unix, Windows and MAC machines
from one single console and that too at the same time.

Real time alerts
Another very important feature required from RIMS is real time alerts. After
deploying a remote infrastructure management solution, how do you want to
receive the alerts, and who should receive them? Plus, how should these alerts
be sent? Should they be e-mailed or SMSed? Once the alerts are received, what
action can the receiver take? Can the receiver remotely resolve the problem
using say a cellphone or PDA? These are all the things that need to be
considered when deploying a remote infrastructure management solution.

What to manage?

The network
Network monitoring is a key function of remote infrastructure management. Any
network infrastructure consists of a wide number of devices such as a wide
variety of routers, switches, various types of connectivity options like ATM,
frame relay, etc. They allow an enterprise to have more effective communication.
That’s why the health of these network devices is extremely critical, and
requires constant monitoring. To achieve effective monitoring, you need to
ensure that your network management package can automatically discover all the
devices on the network and keep polling them at regular intervals to get their
status. There are packages that can just do the monitoring part. They will
auto-discover your network devices and create a map of the same. There would be
other packages that would even allow you to connect to a particular device via
Telnet if some management is needed.

Applications
Application monitoring and management is a key area of concern for any IT
infrastructure. After all, at the end of the day, it’s the performance and
uptime of these applications that matters to the business. Today’s IT
infrastructure is heading towards heterogeneous, distributed and rapidly
changing architecture. It’s not enough to manage a single operating system and
applications running on it. These days you will monitor multiple hardware
elements and server configurations, operating systems, middleware and business
applications, which are running simultaneously. That’s why, the IT team of any
enterprise is always trying to monitor the health of their running business
applications like database servers, Web servers and mail servers. This is where
a remote application monitoring and management solution comes in, which can keep
a constant eye on the health of your business applications. In order to monitor
applications, you need to have an application monitoring system in place with
pre-determined application specific thresholds. This is to ensure that the
administrator can get alerts at the right time, and the moment an application
starts behaving abnormally.

Assets
In large organizations, it is difficult to track and counter issues of hardware
component thefts. Another issue can be more software copies installed vis-a-vis
the number of licenses that the company holds and which makes the installation
unauthorized. Using a good remote infrastructure tool, you can do remote
software inventory tracking and control, remote software license management, and
a regular audit of all applications installed in your organization. A RIMS can
regularly perform system audits and alarm you if a system component goes missing
or if a user installs an unwanted application. It also lets you remotely block
or remove any unwanted application or remove it completely from the node. Plus
the same system can also be used to document system configuration individually
which includes, IP address, admin passwords, etc. and can be referred by an IT
Manager to troubleshoot the system if any failure occurs.

Patches and updates
New vulnerabilities are discovered frequently and it becomes important to patch
these vulnerabilities before they pose any threat to your network. If you have
Windows update enabled on the nodes in your network, they will be able to patch
the Windows vulnerabilities. But other software vulnerabilities still need to be
patched. Most organizations prefer to use RIMS even for Windows update, as that
ensures the user has not interrupted the updation and vulnerabilities are
patched properly. With RIMS, patch management can also be updated, ie, the RIM
solution automatically checks for new patches on the configured vendor’s
website, and when new ones are available it automatically downloads and
distributes them to all nodes on the network.

Remote deployments
Whenever a new application is introduced in a large organization, going to every
node and manually installing it can be quite painful. While automating this
process with a RIM solution can reduce the time as well as the manpower needed.
All that’s needed is to upload the new application to the RIM solution and
schedule the time for the install to happen. Another option available is to keep
the setup of the application to be installed at a network and instructing the
RIM solution to pick the software from there and install it on the nodes.
Another option to do this is through login scripts. These network login scripts
have commands for installing the software. The method generally connects to each
computer that logs in to an organization’s network, though one issue with this
method is that users might not login to network everyday.

The Solutions

To do remote and centralized IT infrastructure management, there are many
commercial software available such HP OpenView, IBM Tivoli, Unicenter and even
some not so well known ones like Kaseya.

There are also companies who’ve developed their own tools and monitoring
software, due to cost and licensing issues of the commercially available RIM
solutions. For example, NaviSite India is a company that’s managing around 900
IT infrastructure (located in the US and the UK) remotely from India. They use
their own designed software to monitor their clients’ IT infrastructure. Their
solution polls their client locations and fetches alerts to NaviSite’s
monitoring system and then the monitoring system passes the alerts to their help
desk system to process it further.

Kaseya

Kaseya is an easy to use Web based Remote Infrastructure Management solution.
It has features like Patch management, Software Deployment, Network Monitoring
and Alerts. It can also do complete System Inventory and Audit for all hardware
and installed software.

Kaseya with the helps of its agents gives real time status of the nodes in the network

Kaseya also has helpdesk and trouble ticketing capabilities, allowing you to
create tickets of every problem, so that they can easily be tracked. Kaseya can
create reports of everything it does, from Audit reports to Network Bandwidth
usage reports. It can also let you remote control and manage the nodes on your
network and take their backups regularly.

Installation
Before installing Kaseya, you need to have at least a Microsoft Windows 2003 or
2000 Server and Microsoft Internet Information Server (IIS) version 5 up and
running with its SMTP service enabled. It also needs Microsoft SQL Server 2000
or MSDE 2000 (the latter is included with Kaseya). Installing it is fairly
simple, and during the installation, it asks for username, password and an
email-id. Once Kaseya has been installed, you need to deploy its Agents on all
nodes on your network, so that they can make outbound connection to the Kaseya
Server. You can roll out the agents in a number of ways. You could place them in
a Windows logon script or E-mail them to clients, if they’re in remote
locations. The agents can also be downloaded from the Kaseya server’s URL.

Remote patch management
Once the Agents have been installed on the nodes, Kaseya can scan them for
missing patches and apply them. Kaseya can also be configured to generate a
ticket or an alarm, or inform you by e-mail if a patch install fails. The option
for patch roll back is also available. You can also configure it in such a way
that a node automatically reboots after the patch has been installed, or take a
user’s permission before rebooting. All you need to provide is the URL from
where Kaseya can download the patches that you want to install on your nodes.

This software can be configured to perform recurring audits and alarm you when something goes wrong

To schedule a patch scan on a managed node, you need to go to the Path
Management link and click on the Scan Machine in the function list. Then under
Machine.Group.ID, you can see all the managed nodes. Choose the nodes on which
you want to perform a patch scan. You can run the scan immediately or schedule
it. Once the scan is finished, it will show you the missing patches. Then, click
on Machine update to schedule the updation of these missing patches. You can
directly update the nodes without even scanning them. For this, go to patch
update and choose the patches and against every patch you will see the machine’s
tab. Click on this tab to specify the nodes on which you want to install patches
and than you can schdule them in a similar fashion.

Remote application deployment
Kaseya lets you remotely deploy any third party installation program or create
your own software installation package with the Packager. It lets you remotely
install or uninstall any software suite or individual file. Just like patches,
application installation can be scheduled, and rollout of software updates and
deployed software installations can be done remotely from all managed nodes.
Kaseya creates scripts to deploy applications remotely using the installation
packages. It also has a utility called Packager, which lets you create custom
installation packages.

There’s a wizard that takes you through creating scripts for remote
application deployment. To do this, go to the main window of Kaseya and click on
Scripts. Then, from the left bar, click on Application Deploy. A wizard will
appear on the right side. Here, you have two options, either you can send the
installer from the Kaseya server to the remote machine and execute it locally or
execute the installer from a file share on the same network as the remote
machine. For the first option you need to upload the Installation package to the
Kaseya server. The wizard takes you through the process of choosing the location
where the file has to be uploaded on the server, choose the files and the type
of installer to deploy, and finally the name of the script; and also whether you
want to reboot the node after installing the application. After the script gets
created, simply select the nodes you want to deploy it to, and select whether to
do it immediately or schedule the task. To see the status of the script on a
particular node, you can go to Script Status where it will tell if the process
is pending or has been successfully executed.

Audit and inventory
Kaseya can automatically audit every managed machine. It can do hardware and
software inventory. It keeps all audited data on the server, and this data is
available even if the node is online or offline. So it provides you a complete
summary of the nodes.

To start an Audit, click on Audit on top of the main window and click on Run
Audit. You can choose between running a Baseline Audit, or a System Information
Audit, or both. You can also do a PCI and Disk Audit. Upon enabling this option,
you can see the hardware information collected in this display. The Agent on the
client machine collects hardware vendor and product information on PCI network
adapters, multimedia controllers, mass storage controllers, bridge devices, hard
disk drives, and CD-ROM devices. You can also schedule audits to be done at
regular intervals. Once the Audit has been performed, browse to View Group Data.
Here, you can see all the Audit results like System Information, Installed
Applications, Software Licenses, Disk Volume Information, CPU/RAM info, etc.
Just click on any of these and choose a particular node to see its detailed
information.

Once you have all the system inventory reports, you can go ahead and manage
the applications installed in the nodes. For this, go to protection, click on
Network Access and you will see the list of nodes. Click on any node and you
will see all applications running on that node. To select the applications you
want to block or remove, or to approve the new installed applications from the
nodes, click on Select. Now choose the nodes and click on block or remove or
approve as per your need. You can also enable or disable if you want the user to
be notified when the application is blocked. Similarly, you can also block
access to any file in the node.




Nagios

Nagios is a free Web-based monitoring software for Linux. It keeps a tab on
your system and network services and sends alerts through e-mail in case of
over-use of resources or errors.

It also informs when the process improves. You can track about 50 different
services, including HTTP, SMTP, NNTP, POP3, PING, processor load and disk usage.
The software is a little difficult to configure, but it’s worth the labor.

Installing Nagios
You need a Linux machine with a C Compiler to install Nagios. To use the Web
interface, you need a Web server (preferably Apache) and gd library 1.6.3 or
higher. We used Red Hat Linux 8.0 and Apache 2.0.40 for it. To start the
installation, download and untar the following two files:

#tar -zxvf nagios-2.0.tar.gz
#tar -zxvf nagiosplug-1.3.1.tar.gz

from the links- ‘http://prdownloads.sourceforge. net/nagios/nagios-2.4.tar.gz?download’
and ‘http:// dag.wieers.com/packages/nagios-plugins/nagios-plugins-1.3.1-10.1.fc3.rf.i386.rpm’.
This will create two new directories-nagios-1.0 and nagiosplug-1.3-containing
the core installation components and the installer for executable binary
commands, respectively. You’ll need to make a separate directory to install
Nagios. By default the configuration file looks for a Nagios directory in /usr/local.
So, create one as follows:

#mkdir /usr/local/nagios

The Nagios configuration file also searches for a default Nagios user. So,
add one as follows:

#adduser nagios

Set the password by running ‘passwd’ command.
Now go to nagios-1.0 and nagiosplug-1.3 directories and issue the following
commands in each:

#./configure
#make all
#make install

This will install the Nagios core and the command files. At this moment,
Nagios doesn’t have any script files from where it can take information about
hosts and services. You must, therefore, create the configuration files. The
easiest way is to install the sample config files by running the following
command from your nagios-1.0 directory:

#make install-config

Go to /usr/local/nagios/etc directory and you’ll find all the sample
configuration files. Rename them by removing the —sample at the end of each as
follows:

#mv filename.cfg-sample filename.cfg.

From this interface of Nagios you can monitor the different services of a node

Adding hosts
Nagios is now ready to start monitoring hosts, so you must now add them. To do
that, open the hosts.cfg file from /usr/local/nagios/etc directory and add the
following to it:

define host{
host_name PCQLabs
alias Labs Server
address 192.168.1.102
check_command check-host-alive
max_check_attempts 10
notification_interval 480
notification_period 24×7
notification_options d,u,r
}

Here, host_name is the computer name, alias is the description and address is
the IP address of the machine that will be monitored. All the information that’s
filled up is from our test setup, so you must replace it with similar
information from your setup. You can add as many hosts as you want and group
them according to the way you want to manage them. To add a host to a group,
open the hostgroups.cfg file and add the following entries.

define hostgroup{
hostgroup_
name Labsgroup
alias PCQuest
contact_groups linuxadmins
members PCQlabs,member2
}
D

Here, hostgroup_name is the name of the group, alias is the description,
members are hosts which are members of this group and contact_groups is the the
group of Admins who will receive the alerts.

Alert staff
Next, give the contact information of people who will recive all the alerts. Go
to contacts.cfg, and by default you will find an entry for the user Nagios as
follows.

define contact{
contact_name nagios
alias Nagios Admin
service_notification_period 24×7
host_notification_period 24×7
service_notification_
options w,u,c,r
host_notification_options d,u,r
service_notification_commands notify-by-email,notify-by- epager
host_notification_commands host-notify-by-email email root@localhost.localdomain
}

Besides this, you can modify or create additional users and create and assign
different groups to them. To add this contact to a contact group, for instance,
go to contactgroups.cfg and add these lines to it:

define contactgroup{
contactgroup_
name pcq-admins
alias PCQuest
Administrators members
nagios, root
}

Configure Web interface
To do this, first create an alias for the CGIs. By default, the Nagios
configuration script searches for it in http://yourmachine/nagios/ cgi-bin/
directory. So, just add the following lines in your httpd.conf file:

ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/

AllowOverride AuthConfig
Options ExecCGI
Allow from all
Order allow,deny

Next create an alias for the HTML files by adding the following lines:

Alias /nagios/ /usr/local/nagios/share/

Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all

Your Web server is also ready now. Next, we’ll set up the alerting
mechanism. Open the services.cfg, and you’ll find something like this

define service{
host_name DLSB
service_description PING is_volatile 0
check_period 24×7
max_check_attempts 3
normal_check_interval 5 retry_check_interval 1 contact_groups pcq-admins
notification_interval 120
notification_period 24×7
notification_options w,u,c,r check_command check_ping!
100.0,20%! 500. 0,60%
}

Here host_name is the name of the host on which the service will run,
service_description is the description of the service and check_command contains
the comands located in the /usr/local/nagios/libexec directory. These commands
are used with different switches seperated by a ! mark. You can know more about
these commands by running them with -h in the command prompt.

Start monitoring
You are now ready to start Nagios. Just restart the Web server and run the
following command from /usr/local/nagios/bin directory:

#./nagios ../etc/nagios.cfg

Open your favorite Web browser and type the following address. “http://yourmachine/nagios/index.
html”where yourmachine is the name or the IP address of your Nagios
server.Everything on the Web interface is self-evident. Just click on the
various menu items on the left to view different kinds of information about the
hosts being monitored.

HP OpenView NNM

The Network Node Manager Advanced Edition is a network monitoring software
designed to manage complex switched enterprise networks and to quickly pin-point
problems through its sophisticated root cause analysis facility. Its key
features include discovering and understanding your physical network, virtual
network services, and the complex relationships between them; assessing the
impact of problems with intelligent diagnostics for a networks’ root-cause
analysis and service state determination; increase efficiency of the network
through built-in intelligence, targeted polling and automated actions. It can be
expanded to manage additional services and technologies simply by adding more
plug-ins. The software is very easy to setup out of the box.

How to setup
To setup HP OpenView Network Node Manager for Windows, you need at least Windows
2000 with the latest services pack or even WinXP SP2 with IIS. Make sure that
the machine has a fixed IP and default gateway of your network subnet and also
gives the DNS address and DNS suffix to the machine. Plus, also check that the
virtual memory of the machine should not be anything less than 512 MB. The
machine should have Java run time installed and be SNMP enabled. After you’ve
installed OpenView on it, as per your requirement, you can check whether the NNM
services have started or not from Start>Programs>HP OpenView> Network
Node Manager Admin>NNM Service Status. Keep NNM running on your network for
some time to automatically discover all your network devices. The actual time
depends upon the size of your network. The software gives you two types of
interfaces to access-Web based and console based. Both have a neat interface
and are very easy to navigate. The browser interface can be accessed from
http://hostname/ OvCgi/ovlaunch.exe. Network Node Manager automatically
discovers and monitors complex switched networks and virtual network services in
various environments, ranging from small office networks with only a few devices
to very large networks with hundreds of thousands of devices.

HP OpenView Network Node Manager draws the layout of your network which includes switches, routers and nodes, and shows real time status of the network

The software gives you graphical representation of your network, and also
gives you easy-to-understand summary of your network’s status, with access to
detailed alarms of network related errors. The Home Base interface, which is
actually a Web-based interface of NNM quickly shows you the health of your
network devices. It even shows the relationship between the physical
infrastructure and virtual network services, and the location of trouble areas
before they become critical. If there is a connectivity problem in your network,
it will show you how your network elements are communicating. The software
intelligently filters and correlates the network events and presents a summary
message, which helps you quickly focus on the problem with a better
understanding of what needs to be done to restore the network operation back to
normal.

It has a Correlation Composer, which allows you to modify the event
correlation behavior to fit with your particular needs without any special
programming knowledge. The advanced edition of the same package features a new
multi-threaded poller and analysis subsystem, called the Active Problem
Analyzer.

This feature takes the output of the event-base and correlates the events
with the physical topology of your network and also augments it with additional
information gathered through targeted polling and data collection to determine
the root cause of many common network problems. From an alarm, you can launch
views focused on the area of the network in trouble to better understand the
problem. From your alarms browser, select an alarm and a specific menu will
appear showing what you need in order to troubleshoot the problem.

Presenting the right view helps you resolve the problem easily and quickly,
without having to navigate through the software and complex maps, thereby
reducing the time necessary to fix the problem.

Not only this, you can directly access the devices from the Telnet interface
by just clicking the device from the drawn layout, if you intentend to change
the configuration of the network device. This feature gives you the facility of
remote management of a network service from a centralized console.

HP OpenView Operations Manager 
The HP OpenView Operations
Manager for Windows is a software that provides you complete event
management, proactive performance monitoring, automated alerting,
reporting and graphing of all platforms and applications running in your
setup. It supports and lets you manage platforms such as Windows
NT/2000/XP/Server 2003, all major Linux distributions, Solaris, AIX,
HP-UX, Tru64 and NetWare. And all this can be done from a single console.
HP OpenView Operations for Windows can be configured as your centralized
management console for HP Server Management tools, such as HP Systems
Insight Manager, HP OpenView Network Node Manager and HP OpenView Internet
Services. Plus, you can also bind products like HP OpenView Reporter and
HP OpenView Service Information Portal.

The OpenView Operations Manager is easy
to use, quick to implement and fits in transparently into your existing
infrastructure. The new versions of HP OpenView Operations now support
linking system and application events directly to Microsoft’s online
Knowledge Base, which decreases time-to resolve IT related problems in
Windows systems. This also follows the smart plug-in concept, wherein you
can add a plug-in for the applications you want to monitor or manage using
OpenView Operations. Using the smart plug-ins, you can poll any system’s
logs and get the alert events on HP OpenView Operations Manager. It also
allows for auto-discovery and auto-deployment of applications. The
software also has built-in tools for taking automated corrective actions,
which can help system administrators and application specialists to
correct problems fast. The software also includes some visualization
capabilities, which let you monitor and manage virtual server environments
like VMware and MS Virtual server.

Data entry screen for entering a machine’s hardware and software configuration in the service desk database

You can use either the MMC-based console
from any Windows machines or use the Web GUI from any Web browser for
anytime/anywhere management of your environment. HP OpenView Operations
for Windows management server is capable of supporting more than 1,000
managed nodes and thousands of events. It also has High availability
features, which let you to manage servers on clustered nodes, providing
data consistency and load balancing between the management server and the
DBMS system.

In case of a failure, automatic, fast and
GUI-supported switchover and full recovery is provided.

HP OpenView Service Desk
This part of OpenView automates IT infrastructure management processes to
manage critical IT services. The system keeps an inventory of the systems,
which includes the make and hardware software configuration of all
machines in the organization. Plus, it also keeps a history of past
problems and their remedies for each machine. Once the problem comes to
the service desk, the engineers get instant access to the machine’s
Configurations database and history of past problems. This helps resolve
repeat problems quickly. If it is critical and can’t be solved by the
engineer, then the problem is escalated to higher authorities. Once the
problem is solved, its history is updated in the system along with its
solution. Other things that the software claims to do are reduce the time
required to resolve incidents, prevent incidents from occurring or
re-occurring, reduce the risks associated with an evolving IT
infrastructure and manage processes involved in delivering high-quality
service levels.

Where to use NNM
NNM 7.01 has two versions. There’s the Starter Edition 250, which is an
entry-level product designed for smaller networks wanting to manage basic layer
3 routers, hubs, and PCs from a single location. You can purchase as many as 250
node packs as you wish for one management station. This version is like a
traditional network management package.

The Advanced Edition is designed for networks of all sizes requiring
management of switches/VLANs, sophisticated root cause analysis and distributed
environments spanning multiple sites or departments. It is packaged in four
different node packs – 250, 1000, 5000 or Unlimited. It combines NNM, Extended
Topology and Problem Diagnosis in one product. Then there are the NNM Smart
Plug-ins that allow for extension of capabilities for specific environments such
as LAN/WAN Edge, MPLS VPN, and advanced routing protocol support for IPv6, OSPF,
HSRP, etc.

Anindya Roy, Sanjay Majumder and Swapnil Arora

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

<