DOCSLIB.ORG

Beyond Fault Management Implementing a NOC to Maintain High Availability Jim Thompson Jay Thondakudi

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

PS-510 © 2001, Cisco Systems, Inc. All rights reserved. 1 Beyond Fault Management Implementing a NOC to Maintain High Availability Jim Thompson Jay Thondakudi © 2001, Cisco Systems, Inc. All rights reserved. 2 MAKING IT INTERACTIVE © 2001, Cisco Systems, Inc. All rights reserved. 3 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Agenda • Availability Measurement and your business • Overview of a NOC • Network Management Framework • Fault Management • Performance Management • Tool Issues • People, Processes and Procedures • Back to the Concept of the NOC © 2001, Cisco Systems, Inc. All rights reserved. 4 Method for Attaining a Highly Available Network or a road to five 9’s • Establish a Standard Measurement Method • Define Business Goals as Related to Metrics • Categorize Failures, Root Causes, and Improvements • Take Action for Root Cause Resolution and Improvement Implementation © 2001, Cisco Systems, Inc. All rights reserved. 5 Why should we care about network availability? Recent studies by Sage Research determined that US based Service Providers encountered: • Percent of downtime that is unscheduled: 44% • 18% of customers experience over 100 hours of unscheduled downtime or an availability of 98.5% • Average cost of network downtime per year: $21.6 million or $2,169 per minute! Downtime - Costs too much!!! SOURCE: Sage Research, IP Service Provider Downtime Study: Analysis of Downtime Causes,Costs and Containment Strategies, August 17, 2001, Prepared for Cisco SPLO B © 2001, Cisco Systems, Inc. All rights reserved. 6 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Upside has Downside Application Downtime • Number of employees • Direct Revenue Loss affected x hours out • Compensatory x burdened hourly rate payments • Lost future revenue • Billing losses • Investment revenue losses • Customers • Revenue Recognition • Suppliers • Cash Flow • Financial markets • Lost discounts • Business Partners (accounts payable) • Careers lost • Temporary employees • Payment guarantees • Equipment rental • Credit rating • Overtime costs • Stock price Source: Gartner Research AVVID Team;rmarwah © 2001, Cisco Systems, Inc. All rights •reserved.Travel expenses 7 What are your business goals? • Financial ROI Economic Value Added Revenue/Employee • Productivity • Time to Market • Organizational Mission • Customer Perspective Satisfaction Retention Market Share Define your ‘end-state’? What is your goal? © 2001, Cisco Systems, Inc. All rights reserved. 8 BusinessBusiness Objectives Objectives & & Availability Availability Definition of Network Availability for your company– generalized (i.e.): Network availability management is the optimization of the avail ability and reliability of networking services and of the supporting network infrastructure, with the objective of ensuring all business requirements are met. Availability management policywill set a definite course of action for availability measurement, reporting, and procedures. This strategy for availability management will be based on defined and agreed upon business requirements that will help drive policy to determine present and future resource decisions. The role of network management including availability and performance management functions, is in managing growth and achieving effici encies of scale as a critical strategic objective for your company © 2001, Cisco Systems, Inc. All rights reserved. 9 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Availability Business Requirements • Yield Control Yield per customer by volume & mix Maximizing the yield per bandwidth, per router • Activity-based accounting Cost of downtime Cost of waiting for a needed part or tool Cost of reworking or redesign © 2001, Cisco Systems, Inc. All rights reserved. 10 Availability Business Requirements Availability as a Basis for Productivity Data Measurement of Total-Factor Productivity Benchmarking the Organization Overall Organizational Performance Metric Availability as a Basis for Organizational Competency Availability as a Core competency Availability Improvement as an Innovation Metric Resource Allocation Information Identify defects Identify root cause Measure MTTR – tied to process © 2001, Cisco Systems, Inc. All rights reserved. 11 How does your network enable your business to reach its goals? • User Requirements Timeliness Interactivity Reliability Quality Adaptability Security Affordability • Application Requirements Mission Criticality Controlled-Rate Applications Real-time • Performance Requirements Delay Reliability Capacity • Network Requirements Scaling Services Interoperability Performance Monitoring Troubleshooting © 2001, Cisco Systems, Inc. All rights reserved. 12 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Agenda • Availability Measurement and your business • Overview of a NOC • Network Management Framework • Fault Management • Performance Management • Tool Issues • People, Processes and Procedures • Back to the Concept of the NOC © 2001, Cisco Systems, Inc. All rights reserved. 13 What is a NOC? A Helpdesk? A trouble-ticket logging center? A Break-fix team? All of the above? © 2001, Cisco Systems, Inc. All rights reserved. 14 What is a NOC? Maybe a worst case discussion on CHAOS Theory! © 2001, Cisco Systems, Inc. All rights reserved. 15 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr What is a NOC? Are there references? • RFC1302 - Building a Network Information Services Infrastructure • Authored February ’92 by Merit contributors © 2001, Cisco Systems, Inc. All rights reserved. 16 What is a NOC? • From RFC1302 Definition of a NIC and a NOC A Network Information Center (NIC) is an organization whose goal is to provide informational, administrative, and procedural support, primarily to users of its network and, secondarily, to users of the greater Internet and to other service agencies. © 2001, Cisco Systems, Inc. All rights reserved. 17 What is a NOC? • Definition of a NIC and a NOC (cont) A Network Operations Center (NOC) is an organization whose goal is to oversee and maintain the daily operations of a network. … A NIC must work closely with its NOC to ensure users get the best service possible. © 2001, Cisco Systems, Inc. All rights reserved. 18 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Are there other resources? • North American Network Operator’s Group www.nanog.org www.merit.edu/internet/ Informative mailing lists Sean “Backhoe King” Donelan • puck.nether.net/netops/ NOC Telephone/Contact List! © 2001, Cisco Systems, Inc. All rights reserved. 19 Are there other resources? www.nocbuilder.com © 2001, Cisco Systems, Inc. All rights reserved. 20 Example of Network Management Goals • Increase/Maintain Network Availability • Provide meaningful analysis and correlation of events to assist in FAST fault resolution • Provide effective use of engineering resources by automating repetitive tasks and de-complexifing network operation © 2001, Cisco Systems, Inc. All rights reserved. 21 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Example of Network Management Goals • Ensure network configuration information is available for network/device restoration. • Monitor to ensure that no network outage is caused by a device which has reached its performance limitations. • Provide regular reports which summarize the network for the various management teams which require them. © 2001, Cisco Systems, Inc. All rights reserved. 22 What kind of NOC? Reactive Proactive Operational © 2001, Cisco Systems, Inc. All rights reserved. 23 Develop A Plan “First comes thought; then organization of that thought, into ideas and plans; then transformation of those plans into reality. The beginning, as you will observe, is in your imagination.” Napoleon Hill © 2001, Cisco Systems, Inc. All rights reserved. 24 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr What are our goals? • What type of shop are we? Lights Out & Remote… … or BIC-EOT © 2001, Cisco Systems, Inc. All rights reserved. 25 Initial Considerations • What are our Availability/SLA requirements? Maintenance Windows? • Is the NOC simply identify and escalate… … or also fix? • How many managed devices are we responsible for? • Roughly how many events/day (hour, minute) do we currently get or expect? © 2001, Cisco Systems, Inc. All rights reserved. 26 Initial Considerations (cont’d) • How much $$ can we allocate? • What are the skills of the operators? • What types of devices are we monitoring? • What are the technologies in use? © 2001, Cisco Systems, Inc. All rights reserved. 27 Copyright © 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr Develop A Plan! “Given two equally likely solutions to a problem… The simplest one is usually correct.” Occam’s Razor © 2001, Cisco Systems, Inc. All rights reserved. 28 Develop A Plan! “Given a choice between two methodologies, choose the simplest -- the method which requires the fewest resources. .” NOC Corollary to Occam’s Razor © 2001, Cisco Systems, Inc. All rights reserved. 29 Agenda • Availability Measurement and your business • Overview of a NOC • Network Management Framework • Fault Management • Performance Management • Tool Issues • People, Processes and Procedures • Back to the Concept of
Recommended publications
  • Ngenius Collector Appliance Scalable, High-Capacity Appliance for Collection of Cisco Netflow and Other Flow Data

    Ngenius Collector Appliance Scalable, High-Capacity Appliance for Collection of Cisco Netflow and Other Flow Data

    l DATA SHEET l nGenius Collector Appliance Scalable, High-Capacity Appliance for Collection of Cisco NetFlow and Other Flow Data Product Overview HIGHLIGHTS Deployed at key traffic aggregation locations, nGenius® Collectors extend the reach of the nGeniusONE® Service Assurance solution and are used primarily to generate flow‑based • Measure service responsiveness across statistics (metadata) in memory for specific traffic types. This NETSCOUT data source collects the network with up to 500 Cisco IP SLA metadata on IP SLA and IPPING protocols, flow data from NetFlow routers, link‑level statistics, synthetic transaction tests and utilization data from MIB‑II routers. • Scalable collection of up to 2 million Cisco NetFlow, IPFIX, Juniper J-Flow, Huawei® Listening passively on an Ethernet wire, nGenius Collectors examine specific traffic collected NetStream and sFlow flows per minute from flow‑enabled routers and switches (e.g., Cisco® NetFlow, Juniper® J-Flow, sFlow®, ® • Captures and stores Flow datagrams for NetStream ) and from IP SLA test results to generate a variety of statistics. In addition, Collectors historical deep-dive analysis can be configured to capture datagrams from Flow‑enabled routers and analyze them via datagram capture, which allows users to perform in‑depth capture and filtering. • Collects Flow data from up to 5,000 flow‑enabled router or switch interfaces Metrics from nGenius Collectors are retrieved through a managing nGenius for Flows Server per appliance for analysis, enabling display of utilization metrics, quality of service (QoS) breakdowns, and • Supports both IPv4 and IPv6 environments application breakdowns in nGenius for Flows and other tools in the nGeniusONE Service • Purpose-built hardware and virtual Assurance Solution.
  • Netflow Traffic Analyzer Real-Time Network Utilization and Bandwidth Monitoring

    Netflow Traffic Analyzer Real-Time Network Utilization and Bandwidth Monitoring

    DATASHEET NetFlow Traffic Analyzer Real-Time Network Utilization and Bandwidth Monitoring An add-on to Network Performance Monitor (NPM), SolarWinds® NetFlow DOWNLOAD FREE TRIAL Traffic Analyzer (NTA) is a multi-vendor flow analysis tool designed to proactively reduce network downtime. NTA delivers actionable insights Fully Functional to help IT pros troubleshoot and optimize spend on bandwidth by better for 30 Days understanding the who, what, and where of traffic consumption. Solve practical operational infrastructure problems with actionable insights and save money with informed network investments. WHY CHOOSE NETFLOW TRAFFIC ANALYZER? • NTA collects and analyzes flow data from multiple vendors, including NetFlow v5 and v9, Juniper® J-Flow™, sFlow®, Huawei® NetStream™, and IPFIX. • NTA alerts you to changes in application traffic or if a device stops sending flow data. • NTA supports advanced application recognition with Cisco® NBAR2. • NTA shows pre- and post-policy CBQoS class maps, so you can optimize your CBQoS policies. • NTA can help you identify malicious or malformed traffic with port 0 monitoring. • NTA includes WLC network traffic analysis so you can see what’s using your wireless bandwidth. • NTA supplements Network Performance Monitor by helping to identify the cause of high bandwidth. Built on the Orion® Platform, NTA provides the ability to purchase and fully integrate with additional network monitoring modules (config management, WAN management, VoIP, device tracking, IP address management), as well as systems, storage, and virtualization management in a single web console. page 1 DATASHEET: NETFLOW TRAFFIC ANALYZER FEATURES New! VMware vSphere Distributed Switch (VDS) Support Comprehensive support for the VMware VDS, providing visibility within the switch fabric to your east-west VM traffic to help IT pros avoid service impacts when moving workloads.
  • Netflow Optimizer™

    Netflow Optimizer™

    NetFlow Optimizer™ Installation and Administration Guide Version 2.4.7 (Build 2.4.7.0.23) January 2017 © Copyright 2013-2017 NetFlow Logic Corporation. All rights reserved. Patents both issued and pending. Contents Overview ....................................................................................................................................................................... 3 How NetFlow Optimizer Works .................................................................................................................................. 3 How NFO Updater Works .......................................................................................................................................... 3 NetFlow Optimizer Installation Guide ......................................................................................................................... 4 Before You Install NFO ................................................................................................................................................ 4 Pre-Installation Checklist ........................................................................................................................................... 4 Minimum Requirements ............................................................................................................................................. 4 Supported Platforms .............................................................................................................................................. 4 Virtual Hardware
  • Flow-Tools Tutorial

    Flow-Tools Tutorial

    Flow-tools Tutorial SANOG 6 Bhutan Agenda • Network flows • Cisco / Juniper implementation – NetFlow • Cisco / Juniper Configuration • flow-tools programs overview and examples from Abilene and Ohio- Gigapop Network Flows • Packets or frames that have a common attribute. • Creation and expiration policy – what conditions start and stop a flow. • Counters – packets,bytes,time. • Routing information – AS, network mask, interfaces. Network Flows • Unidirectional or bidirectional. • Bidirectional flows can contain other information such as round trip time, TCP behavior. • Application flows look past the headers to classify packets by their contents. • Aggregated flows – flows of flows. Unidirectional Flow with Source/Destination IP Key % telnet 10.0.0.2 10.0.0.1 login: 10.0.0.2 Active Flows Flow Source IP Destination IP 1 10.0.0.1 10.0.0.2 2 10.0.0.2 10.0.0.1 Unidirectional Flow with Source/Destination IP Key % telnet 10.0.0.2 % ping 10.0.0.2 login: 10.0.0.1 10.0.0.2 ICMP echo reply Active Flows Flow Source IP Destination IP 1 10.0.0.1 10.0.0.2 2 10.0.0.2 10.0.0.1 Unidirectional Flow with IP, Port,Protocol Key % telnet 10.0.0.2 % ping 10.0.0.2 login: 10.0.0.1 10.0.0.2 ICMP echo reply Active Flows Flow Source IP Destination IP prot srcPort dstPort 1 10.0.0.1 10.0.0.2 TCP 32000 23 2 10.0.0.2 10.0.0.1 TCP 23 32000 3 10.0.0.1 10.0.0.2 ICMP 0 0 4 10.0.0.2 10.0.0.1 ICMP 0 0 Bidirectional Flow with IP, Port,Protocol Key % telnet 10.0.0.2 % ping 10.0.0.2 login: 10.0.0.1 10.0.0.2 ICMP echo reply Active Flows Flow Source IP Destination IP prot srcPort
  • Brocade Vyatta Network OS Data Sheet

    Brocade Vyatta Network OS Data Sheet

    DATA SHEET Brocade Vyatta Network OS HIGHLIGHTS A Network Operating System for the Way Forward • Offers a proven, modern network The Brocade® Vyatta® Network OS lays the foundation for a flexible, easy- operating system that accelerates the adoption of next-generation to-use, and high-performance network services architecture capable of architectures meeting current and future network demands. The operating system was • Creates an open, programmable built from the ground up to deliver robust network functionality that can environment to enhance be deployed virtually or as an appliance, and in concert with solutions differentiation, service quality, and from a large ecosystem of vendors, to address various Software-Defined competitiveness Networking (SDN) and Network Functions Virtualization (NFV) use cases. • Supports a broad ecosystem for With the Brocade Vyatta Network OS, organizations can bridge the gap optimal customization and service between traditional and new architectures, as well as leverage existing monetization investments and maximize operational efficiencies. Moreover, they can • Simplifies and automates network compose and deploy unique, new services that will drive differentiation functions to improve time to service, increase operational efficiency, and and strengthen competitiveness. reduce costs • Delivers breakthrough performance flexibility, performance, and operational and scale to meet the needs of any A Proven, Modern Operating efficiency, helping organizations create deployment System The Brocade Vyatta Network OS new service offerings and value. Since • Provides flexible deployment options separates the control and data planes in 2012, the benefits of this operating to support a wide variety of use cases software to fit seamlessly within modern system have been proven by the Brocade SDN and NFV environments.
  • Introduction to Netflow

    Introduction to Netflow

    Introduction to Netflow Campus Network Design & Operations Workshop These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/) Last updated 14th December 2018 Agenda • Netflow – What it is and how it works – Uses and applications • Generating and exporting flow records • Nfdump and NfSen – Architecture – Usage • Lab What is a Network Flow • A set of related packets • Packets that belong to the same transport connection. e.g. – TCP, same src IP, src port, dst IP, dst port – UDP, same src IP, src port, dst IP, dst port – Some tools consider "bidirectional flows", i.e. A->B and B->A as part of the same flow http://en.wikipedia.org/wiki/Traffic_flow_(computer_networking) Simple flows = Packet belonging to flow X = Packet belonging to flow Y Cisco IOS Definition of a Flow • Unidirectional sequence of packets sharing: – Source IP address – Destination IP address – Source port for UDP or TCP, 0 for other protocols – Destination port for UDP or TCP, type and code for ICMP, or 0 for other protocols – IP protocol – Ingress interface (SNMP ifIndex) – IP Type of Service IOS: which of these six packets are in the same flows? Src IP Dst IP Protocol Src Port Dst Port A 1.2.3.4 5.6.7.8 6 (TCP) 4001 22 B 5.6.7.8 1.2.3.4 6 (TCP) 22 4001 C 1.2.3.4 5.6.7.8 6 (TCP) 4002 80 D 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 E 1.2.3.4 8.8.8.8 17 (UDP) 65432 53 F 8.8.8.8 1.2.3.4 17 (UDP) 53 65432 IOS: which of these six packets are in the same flows? Src IP Dst IP Protocol Src Port Dst Port A 1.2.3.4 5.6.7.8 6 (TCP) 4001 22 B 5.6.7.8 1.2.3.4 6 (TCP) 22 4001 C 1.2.3.4 5.6.7.8 6 (TCP) 4002 80 D 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 E 1.2.3.4 8.8.8.8 17 (UDP) 65432 53 F 8.8.8.8 1.2.3.4 17 (UDP) 53 65432 What about packets “C” and “D”? Flow Accounting • A summary of all the packets seen in a flow (so far): – Flow identification: protocol, src/dst IP/port..
  • Conntrack, Netfilter, Netflow and NAT Under Linux

    Conntrack, Netfilter, Netflow and NAT Under Linux

    Xurble conntrack, Netfilter, NetFlow and NAT under Linux Oliver Gorwits 9th February 2010 Milton Keynes Perl Mongers 1 “Policy Compliance” • We have legal obligations • Avoiding the courts ✔ • Avoiding the newspapers ✔ 2 (alleged) Copyright Violations Subject: File-sharing of unauthorised content owned by Twentieth Century Fox From: [email protected] Dear Oxford University: Twentieth Century Fox Film Corporation, located in Los Angeles, and its affiliated companies (collectively, 'Fox') own intellectual property rights, including exclusive rights protected under copyright laws, in many motion pictures, television programs and other audio-visual works, including the motion picture AVATAR (collectively, the 'Fox Titles'). Fox conducted an online check by scanning public networks and discovered that your Oxford University internet account was used to access and distribute an unauthorised copy of AVATAR. By distributing Fox content without Fox's permission, you infringed Fox's copyright. Here is the information Fox obtained from the online check: Timestamp of report: 07 Feb 2010 23:12:44 GMT Title details: Avatar (2009) PROPER TS XviD-MAXSPEED IP address: 163.1.xxx.yyy Port ID: 30854 Protocol used: BitTorrent - L5 Please respond to Fox and identify what steps you have taken to resolve this matter by contacting Fox at [email protected] 3 The Process • So, given: ○Timestamp with Time Zone ○IP address ○TCP port number • We need: ○User’s identity • Usually via: ○Network log-in logs, and DHCP logs 4 Linux network subsystems Kernel conntrack netfilter iptables pietroizzo 5 Network Address/Port Translation O’Reilly 6 State Tracking User Firewall Internet 1 A ✔ 2 B pre-NAT post-NAT • Traditional loggers run two packet captures and correlate the timestamps.
  • Ipv6-Security Monitoring

    Ipv6-Security Monitoring

    Security Monitoring ITU/APNIC/MICT IPv6 Security Workshop 23rd – 27th May 2016 Bangkok Last updated 22 July 2014 1 Managing and Monitoring IPv6 Networks p SNMP Monitoring p IPv6-Capable SNMP Management Tools p NetFlow Analysis p Syslog p Keeping accurate time p Intrusion Detection p Managing the Security Configuration 2 Using SNMP for Managing IPv6 Networks 3 What is SNMP? p SNMP – Simple Network Management Protocol p Industry standard, hundreds of tools exist to exploit it p Present on any decent network equipment p Query/response based: GET / SET p Monitoring generally uses GET p Object Identifiers (OIDs) p Keys to identify each piece of data p Concept of MIB (Management Information Base) p Defines a collection of OIDs What is SNMP? p Typical queries n Bytes In/Out on an interface, errors n CPU load n Uptime n Temperature or other vendor specific OIDs p For hosts (servers or workstations) n Disk space n Installed software n Running processes n ... p Windows and UNIX have SNMP agents What is SNMP? p UDP protocol, port 161 p Different versions n v1 (1988) – RFC1155, RFC1156, RFC1157 p Original specification n v2 – RFC1901 ... RFC1908 + RFC2578 p Extends v1, new data types, better retrieval methods (GETBULK) p Used is version v2c (simple security model) n v3 – RFC3411 ... RFC3418 (w/security) p Typically we use SNMPv2 (v2c) SNMP roles p Terminology: n Manager (the monitoring station) n Agent (running on the equipment/server) How does it work? p Basic commands n GET (manager → agent) p Query for a value n GET-NEXT (manager → agent) p Get next value (e.g.
  • White Paper Netflow Generation Security Value Proposition

    White Paper Netflow Generation Security Value Proposition

    WHITE PAPER Leveraging NetFlow Generation for Maximum Security Value Overview This kind of sparse traffic record is enough to establish trends for network and application performance, but it’s a non-starter for Cisco introduced NetFlow in 1996 as a way to monitor packets security analytics. Advanced persistent threats (APTs) can operate as they enter and exit networking device interfaces. The aim is low and slow on the network, moving laterally and communicating to gain insight and resolve congestion. Typical information in a with command and control sites over long periods of time (days, NetFlow record reveals traffic source and destination, as well months or longer). The key to spotting anomalous traffic is looking as protocol or application, time stamps, and number of packets. for hard-to-spot patterns over the complete network activity Although NetFlow was initially not on a standards track, it has picture. Naturally, looking at a fraction of packet records severely been superseded by the Internet Protocol Flow Information hampers the breadth and accuracy of the analysis. eXport (IPFIX), which is based on the NetFlow Version 9 implementation, and is on the IETF standards track with RFC 5101, Here are the drawbacks of generating NetFlow records using RFC 5102. networking gear: As organizations refocus network security efforts on insider 1. NetFlow generation can degrade router and switch threats and detection of compromise, NetFlow provides rich and performance important contextual information about the traffic, augmenting 2. To manage the impact on performance, networking devices analysis in order to determine where compromise has occurred. may give sampled NetFlow or just drop packets This takes NetFlow out of the traditional realm of use for 3.
  • Netflow Overview

    Netflow Overview

    Network Monitoring and Management NetFlow Overview These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Agenda 1. Netflow - What it is and how it works - Uses and applications 2. Generating and exporting flow records 3. Nfdump and Nfsen - Architecture - Usage 4. Lab What is a Network Flow? • A set of related packets • Packets that belong to the same transport connection. e.g. - TCP, same src IP, src port, dst IP, dst port - UDP, same src IP, src port, dst IP, dst port - Some tools consider "bidirectional flows", i.e. A->B and B->A as part of the same flow http://en.wikipedia.org/wiki/Traffic_flow_(computer_networking) Simple flows = Packet belonging to flow X = Packet belonging to flow Y Cisco IOS Definition of a Flow Unidirectional sequence of packets sharing: 1. Source IP address 2. Destination IP address 3. Source port for UDP or TCP, 0 for other protocols 4. Destination port for UDP or TCP, type and code for ICMP, or 0 for other protocols 5. IP protocol 6. Ingress interface (SNMP ifIndex) 7. IP Type of Service IOS: which of these six packets are in the same flows? Src IP Dst IP Protocol Src Port Dst Port A 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 B 5.6.7.8 1.2.3.4 6 (TCP) 80 4001 C 1.2.3.4 5.6.7.8 6 (TCP) 4002 80 D 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 E 1.2.3.4 8.8.8.8 17 (UDP) 65432 53 F 8.8.8.8 1.2.3.4 17 (UDP) 53 65432 IOS: which of these six packets are in the same flows? Src IP Dst IP Protocol Src Port Dst Port A 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 B 5.6.7.8 1.2.3.4 6 (TCP) 80 4001 C 1.2.3.4 5.6.7.8 6 (TCP) 4002 80 D 1.2.3.4 5.6.7.8 6 (TCP) 4001 80 E 1.2.3.4 8.8.8.8 17 (UDP) 65432 53 F 8.8.8.8 1.2.3.4 17 (UDP) 53 65432 What about packets “C” and “D”? Flow Accounting A summary of all the packets seen in a flow (so far): - Flow identification: protocol, src/dst IP/port..
  • IBM Tivoli Composite Application Manager for J2EE Operations V6.0

    IBM Tivoli Composite Application Manager for J2EE Operations V6.0

    Software Announcement July 18, 2006 IBM Tivoli Composite Application Manager for J2EE Operations V6.0 and for Internet Service Monitoring V6.0 help monitor the health, availability, and security of business applications Overview Key features of these monitoring products: At a glance Two powerful monitoring products, • IBM Tivoli Composite Application Help proactively monitor IBM Tivoli Composite Application Manager for J2EE Operations V6.0 performance thresholds for Manager for J2EE Operations V6.0 and IBM Tivoli Composite changes in status and IBM Tivoli Composite Application Manager for Internet • Send alerts about potential Application Manager for Internet Service Monitoring V6.0, are problems before brownouts and Service Monitoring V6.0 offer designed to provide real-time outages affect users benefits that help: intelligence and historical trending • on the health, availability, and • Deliver automated action for Increase operational efficiency security of critical business preemptive problem resolution − Training is minimized as the applications. End-to-end visibility products do not require from multiple points of reference can Key prerequisites programming expertise help you quickly isolate the source − Products are highly scalable of application and service problems, Refer to the Software requirements and can help manage large and take rapid corrective action. section. environments Monitoring simulated transactions, − Automated troubleshooting usage, applications, security, and helps deliver fast time-to-resolution other resources
  • Acronyms Reference Guide 19.5.R1

    Acronyms Reference Guide 19.5.R1

    ACRONYMS REFERENCE GUIDE RELEASE 19.5.R1 7450 ETHERNET SERVICE SWITCH 7750 SERVICE ROUTER 7950 EXTENSIBLE ROUTING SYSTEM VIRTUALIZED SERVICE ROUTER ACRONYMS REFERENCE GUIDE RELEASE 19.5.R1 3HE 15078 AAAA TQZZA 01 Issue: 01 May 2019 Nokia — Proprietary and confidential. Use pursuant to applicable agreements. ACRONYMS REFERENCE GUIDE RELEASE 19.5.R1 Nokia is a registered trademark of Nokia Corporation. Other products and company names mentioned herein may be trademarks or tradenames of their respective owners. The information presented is subject to change without notice. No responsibility is assumed for inaccuracies contained herein. © 2019 Nokia. Contains proprietary/trade secret information which is the property of Nokia and must not be made available to, or copied or used by anyone outside Nokia without its written authorization. Not to be used or disclosed except in accordance with applicable agreements. 2 3HE 15078 AAAA TQZZA 01 Issue: 01 ACRONYMS REFERENCE GUIDE RELEASE 19.5.R1 List of tables 1 7750 SR, 7450 ESS, 7950 XRS, and VSR Acronyms....................5 Table 1 Numbers .....................................................................................................5 Table 2 A .................................................................................................................5 Table 3 B .................................................................................................................8 Table 4 C ...............................................................................................................10