DOCSLIB.ORG

Monitoring the Backend and Logging Improvements for Operations and Support

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Monitoring the Backend and Logging Improvements for Operations and Support Monitoring the Backend and Logging Improvements for operations and support 27 th EGOWS Helsinki 20 th – 22 nd Sep 2016, Marcus Werner, DWD Overview Stakeholders and a enhancement request from operations & support Goals, Ideas & Challenges Extract, transform, reduce, store and present support information Good (free) available technology stack Non-existing standards EGOWS 2016 - DWD 2 The meteorological workstation system - NinJo Developed by an international Consortium Primary tool for our operational forecasters …and they need a stable and well supported system (7 x 24h) EGOWS 2016 - DWD 3 … typically forecasters ask for meteorological improvements EGOWS 2016 - DWD 4 Technical Infrastructure staff (TI) operates NinJo … …now we have implemented some of their feature requests… … this is finally in the interest of the forecasters. EGOWS 2016 - DWD 5 Our stakeholders End Users: Forecasters (work with meteorological data) Support and operations (work with monitoring systems, log files, admin tools) Adopting from IT operations (7x24h) 1st level support (on call) 2nd level support (office hours) 3rd level support (office hours), might be external EGOWS 2016 - DWD 6 Challenges Different support levels need specific “tailored” support information DWD operates ~200 NinJo Servers ( Routine , Dev/Eval , QA +Special Systems ) Highly distributed environment over multiple DWD locations Up to ~75 server processes per NinJo Site Resource limitations for support and operations (split into multiple teams) EGOWS 2016 - DWD 7 Application Developers vs. Operators /1 st Level Support Operators & 1 st Level Support take care of “many” applications, they will naturally have a limited insight knowledge 3rd Level Support / Appl. Developers highly specialized in the application, they know all the details TI admins do not like to work with application specific graphical tools ( shell ) Log and monitor information has to fulfil the needs of all involved support teams EGOWS 2016 - DWD 8 Goals and ideas (I) Move towards “pro-active” monitoring Reduce reaction times Simplify technical hurdles for administrators Increase automation level ( parsing, correlation) Use similar tools and methods for applications (for us NinJo) as used for data centre & infrastructure components Standardize the log content EGOWS 2016 - DWD 9 Goals and ideas (II) Each support level should get the “right” information (& not more) Support of daily operations and during / after changes being applied (software version, data, hardware, firmware, network, configuration) Different kinds of log information needs to be kept for specific hold times (few days, up to weeks, months and years) We want to keep log data for all operational NinJo Sites for 5 - 7 days (enough to cover for a long weekend) Implement an easier access to log / monitor data (incl. history) EGOWS 2016 - DWD 10 Monitoring vs. log message information (I) A monitoring application is like a (restrict to OK , Warning , Error ) Log files contain mostly (all) details Log files can be used as input for monitoring applications Monitoring applications can be feed via scripts (cron’ed + push ) Monitoring applications can collect information from multiple machines / processes ( pull ) EGOWS 2016 - DWD 11 Monitoring vs. log message information (II) Dump Transport Filter Correlate Transform Clean EGOWS 2016 - DWD 12 Standard operational monitoring via Nagios Most NinJo consortium members use Nagios (clone) for operational monitoring A Nagios Service monitors one specific parameter (e.g. CPU load of server X) Typical views (1) summary (2) service by problem-lvl (3) services for a machine EGOWS 2016 - DWD 13 NagVis – allows to summarize over NinJo Sites Graphically restrict the view to the important environments EGOWS 2016 - DWD 14 Monitoring summary: thread count of 52 processes OK 1) Service name 2) Current value 3) Warn-Level threshold 4) Critical-Level threshold EGOWS 2016 - DWD 15 critical error, 1/203 imports failed, but 28 /29 services OK EGOWS 2016 - DWD 16 CPU load (model import process, getting data every 6h) EGOWS 2016 - DWD 17 Memory (model import process, history over 3 days) EGOWS 2016 - DWD 18 Classic logging (I) Processes / applications write text log files (“event messages”) to a local file system or a network file system Typical log files include different log levels: INFO , WARN , ERROR , DEBUG Log messages are often free text In case of problems, logs might contain stack traces Not useful for operators & 1 st level support Crucial for developers / 3 rd level support Can easily fill “available” log space within minutes EGOWS 2016 - DWD 19 Classic logging (II) Each application (or component resp. developer) might use an own way of logging + log level assignment + syntax + content + granularity Management of log data Amount (with sufficient load, you cannot afford to run all time on DEBUG level) The log files are available for a specific time only (rolling behaviour: limited by file size or time) May be EOD compression and collection jobs Single file vs. multiple files for each process Content specific files (using different formats) EGOWS 2016 - DWD 20 Classic logging (III) SAMPLE: A certain amount of “application specific” knowledge is required to read and understand logs correctly… 4 elem. vs. no elem. imported, OK for a developer, but operator / administrator ???? EGOWS 2016 - DWD 21 Log event types (grade of implementation – subj. view) Negative events (Software or Resource Errors) Positive events (Successfully processed) Performance events (it took X sec to do action Y) Errors “that are not bad, but daily business” (e.g. organisation Z always sends corrupt data) “Static” log information Software version installed Extensions / Plugin components installed and started Configuration available / used Correlated “single” events (across machines / processes) EGOWS 2016 - DWD 22 Logs - Operation Systems / Network devices & Security Network devices / HW logging SNMP and syslog Standard tools for the Unix / Windows world Syslog(s) / Windows Event Logs Security related logging Firewalls / Intrusion detection Network / Resource Management User audit Compliance / Forensics SIEM – Security Information and Event Management EGOWS 2016 - DWD 23 Linux / *nix logging methods Linux / *nix OS’es syslog is the standard logging mechanism Syslog is a daemon and protocol, standardized by RFC3164 & RFC5424 Multiple implementations exist sysklogd Journald (as part of systemd) syslog works locally and over the network syslog has a rich ecosystem / technology stack around A lot of sources and destinations are supported, also filters & transformations NinJo 2.0 uses & that supports syslog EGOWS 2016 - DWD 24 Application Logging…. Technical: Libraries / Logging / Monitor FWKs (depended on your language) Java : LOG4J2, SLF , Java Logging API, Logback,… , JMX, jmxtrans , … C/C++: log4c, log4cxx, Boost.Log v2,… Python: logging (Std. Library) Non technical Methods / best practices for developers / implementation Guidelines Books (rare, recommend: “Logging and Log Management”) Logging / Events Industry Standards (finalized / accepted and used ?) Stopped all work Headers, Payload : Structure w. Key&Value, XML, JSON ?, parsing vs. readable EGOWS 2016 - DWD 25 Overview of our monitoring & logging types (selected tools) EGOWS 2016 - DWD 26 Syslog destinations A selection of possible destinations: Simple text files ELK stack (Splunk) NAGIOS Graphite Octopussy (picture) NoSQL DB RDBMS Key value storage – Redis Report generators (e.g. BIRT, Crystal Reports ) EGOWS 2016 - DWD 27 ELK open-source quasi-standard for logfile analysis ELK stack is an acronym for the combination of the three open-source tools Elasticsearch, Logstash, and Kibana. Elasticsearch is a search engine based on Lucene, a high-performance full-text search library. Logstash is a log pipe-line tool, accepting input from various sources, such as log files. It is able to filter and enrich the data and to export the information to Elasticsearch and other targets. Kibana is a web interface for Elasticsearch, providing searches and visualizations (e.g. sample next page). EGOWS 2016 - DWD 28 A sample of a multi-metric graph in Kibana EGOWS 2016 - DWD 29 Conclusions Technical side for monitoring & logging A lot of good tools are available (even for free) A lot of things are possible, but complex configuration is required (a lot of small design decisions tdb) Limit parameters to observe ( human / machine / storage) You need to be careful, it is easy to build up s.th. as complex as the application environment itself (requires even further maintenance) Content (is the challenge) Nothing around that can be adopted as-is Possible to adopt some ideas from here and there Difficult to get and agree good application specific parameters EGOWS 2016 - DWD 30 PBPV – 10/2013 31 Contact: Marcus Werner Referat FE ZE Frankfurter Str. 135 63037 Offenbach E-Mail: [email protected] Tel.: +49 (0) 69 / 8062 - 2076 EGOWS 2016 - DWD 32.
Load more

Recommended publications
  • Naemonbox Manual Documentation Release 0.0.7
    NaemonBox Manual Documentation Release 0.0.7 NaemonBox Team September 16, 2016 Contents 1 Introduction 3 1.1 Target audience..............................................3 1.2 Prerequisite................................................3 2 About Naemonbox 5 2.1 Project..................................................5 2.2 Features..................................................6 3 Installation Guide 7 3.1 System requirements...........................................7 3.2 Recommended system requirements...................................7 3.3 Client Operating Systems........................................7 3.4 Openvz VPS installation.........................................8 3.5 GNU/Linux Debian 7 (or later) Installation...............................8 3.6 Installing Naemonbox..........................................8 4 Getting Started 9 4.1 Step one.................................................9 4.2 Step two................................................. 10 4.3 Step three................................................. 10 4.4 Step four................................................. 10 5 Configuring Naemon 11 5.1 Introduction............................................... 11 5.2 Actions.................................................. 11 5.3 Hosts Definition............................................. 12 5.4 Services.................................................. 13 5.5 Commands................................................ 14 5.6 Time periods............................................... 15 5.7 Contacts................................................
    [Show full text]
  • Josh Malone Systems Administrator National Radio Astronomy Observatory Charlottesville, VA
    heck What the #%!@ is wrong ^ with my server?!? Josh Malone Systems Administrator National Radio Astronomy Observatory Charlottesville, VA 1 Agenda • Intro to Monitoring • Internet protocols 101 • • Nagios SMTP • IMAP • Install/Config • HTTP • Usage • Custom plugins • Packet sniffing for dummies • Intro to Troubleshooting • Tools • telnet, openssl • grep, sed • ps, lsof, netstat 2 MONITORING 3 Automated Monitoring Workflow 4 Monitoring Packages: Open Source • • Pandora FMS • Opsview Core • Naemon • • • • • • Captialware ServerStatus • Core • Sensu All Trademarks and Logos are property of their respective trademark or copyright holders and are used by permission or fair use for education. Neither the presenter nor the conference organizers are affiliated in any way with any companies mentioned here. 5 Monitoring Packages: Commercial • Nagios XI • Groundwork • PRTG network monitor • CopperEgg • WhatsUp Gold • PRTG network monitor • op5 (Naemon) All Trademarks and Logos are property of their respective trademark or copyright holders and are used by permission or fair use for education. Neither the presenter nor the conference organizers are affiliated in any way with any companies mentioned here. 6 Why Automatic Service Monitoring? • Spot small problems before they become big ones • Learn about outages before your users do • Checklist when restoring from a power outage • Gives you better problem reports than users • Problems you might never spot otherwise • Failed HDDs in RAIDs • Full /var partitions • Logs not rotating • System temperature rising 7 Why Automatic Service Monitoring? • Capacity planning • Performance data can generate graphs of utilization • RAM, Disk, etc. • Availability reports - CAUTION • Easy to generate -- even easier to generate wrong • Make sure your configurations actually catch problems • Will also include problems with Nagios itself :( • If you’re going to quote your availability numbers (SLAs, etc.) make sure you understand what you’re actually monitoring.
    [Show full text]
  • Monitoring Bareos with Icinga 2 Version: 1.0
    Monitoring Bareos with Icinga 2 Version: 1.0 We love Open Source 1 © NETWAYS Table of Contents 1 Environment 2 Introduction 3 Host 4 Active Checks 5 Passive Events 6 Graphite 2 © NETWAYS 1 Environment 3 © NETWAYS Pre-installed Software Bareos Bareos Database (PostgreSQL) Bareos WebUI Icinga 2 IDO (MariaDB) Icinga Web 2 Graphite 4 © NETWAYS 2 Introduction 5 © NETWAYS 2.1 Bareos 6 © NETWAYS What is Bareos? Backup Archiving Recovery Open Sourced Backup, archiving and recovery of current operating systems Open Source Fork of Bacula (http://bacula.org) Forked 2010 (http://bareos.org) AGPL v3 License (https://github.com/bareos/bareos) A lot of new features: LTO Hardware encryption Bandwidth limitation Cloud storage connection New console commands Many more 7 © NETWAYS Bareos Structure 8 © NETWAYS 2.2 Icinga 2 9 © NETWAYS Icinga - Open Source Enterprise Monitoring Icinga is a scalable and extensible monitoring system which checks the availability of your resources, notifies users of outages and provides extensive BI data. International community project Everything developed by the Icinga Project is Open Source Originally forked from Nagios in 2009 Independent version Icinga 2 since 2014 10 © NETWAYS Icinga - Availability Monitoring Monitors everything Gathering status Collect performance data Notifies using any channel Considers dependencies Handles events Checks and forwards logs Deals with performance data Provides SLA data 11 © NETWAYS What is Icinga 2? Core based on C++ and Boost Supports all major *NIX and Windows platforms Powerful configuration
    [Show full text]
  • Network Monitoring Using Nagios and Autoconfiguration for Cyber Defense Competitions
    NETWORK MONITORING USING NAGIOS AND AUTOCONFIGURATION FOR CYBER DEFENSE COMPETITIONS Jaipaul Vasireddy B.Tech, A.I.E.T, Jawaharlal Nehru Technological University, India, 2006 PROJECT Submitted in partial satisfaction of the requirements for the degree of MASTER OF SCIENCE in COMPUTER SCIENCE at CALIFORNIA STATE UNIVERSITY, SACRAMENTO FALL 2009 NETWORK MONITORING USING NAGIOS AND AUTOCONFIGURATION FOR CYBER DEFENSE COMPETITIONS A Project by Jaipaul Vasireddy Approved by: __________________________________, Committee Chair Dr. Isaac Ghansah __________________________________, Second Reader Prof. Richard Smith __________________________ Date ii Student: Jaipaul Vasireddy I certify that this student has met the requirements for format contained in the University format manual, and that this Project is suitable for shelving in the Library and credit is to be awarded for the Project. __________________________, Graduate Coordinator ________________ Dr. Cui Zhang Date Department of Computer Science iii Abstract of NETWORK MONITORING USING NAGIOS AND AUTOCONFIGURATION FOR CYBER DEFENSE COMPETITIONS by Jaipaul Vasireddy The goal of the project is to monitor the services running on the CCDC (College Cyber Defense Competition) network, using Nagios which uses plugins to monitor the services running on a network. Nagios is configured by building configuration files for each machine which is usually done to monitor small number of systems. The configuration of Nagios can also be automated by using shell scripting which is generally done in an industry, where the numbers of systems to be monitored are large. Both the above methods of configuration have been implemented in this project. The project has been successfully used to know the status of each service running on the defending team’s network.
    [Show full text]
  • Performance Monitoring Using Nagios Core Hpc4e-Comcidis Vin´Icius P
    Performance Monitoring Using Nagios Core HPC4e-ComCiDis Vin´ıcius P. Kl^oh Mariza Ferro Gabrieli D. Silva Bruno Schulze LNCC { Petr´opolis,RJ Abstract The High Performance Computing for Energy (HPC4e) project aims to apply\new exascale HPC techniques to energy industry simulations, customizing them if necessary, and going beyond the state-of-the-art in the required HPC exascale simulations for different energy sources that are the present and the future of energy like, wind energy production and design, efficient combustion systems for biomass-derived fuels (biogas), and exploration geophysics for hydrocarbon reservoirs". Beyond the general objective, there are specific technical objectives that will be developed to enhance the final results. Our objective is study the mapping and optimization of the codes proposed for simulations in energy domain (atmosphere, biomass and geophysics for energy), analysing all the aspects related with the performance of these simulations' codes. Trying to meet all these objectives, we are investigating performance tools that would help our research. We investigated at first tools that enable online measurement of performance (online approaches are without code instrumentation). More specifically, in this work we present our initial work with Nagios and the hard begin to put this performance tool on work. In this work we present the steps and instructions, on how to install and configure Nagios Core to enhance it monitoring your local and remote host. July 2016 Contents 1 Introduction 2 2 Nagios Core 3 3 Install and Configure Nagios Core and Basic Plugins 4 4 Plugins 6 4.1 Install and Configure NRPE (Nagios Remote Plugin Executor) .
    [Show full text]
  • Red Hat Ceph Storage 4 Monitoring Ceph with Nagios Guide
    Red Hat Ceph Storage 4 Monitoring Ceph with Nagios Guide Monitoring Ceph with Nagios Core. Last Updated: 2021-09-14 Red Hat Ceph Storage 4 Monitoring Ceph with Nagios Guide Monitoring Ceph with Nagios Core. Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
    [Show full text]
  • ETERNUS Nagios(R)
    P3AM-7242-07ENZ0 ETERNUS Nagios® Plugin 1.6 User's Guide This page is intentionally left blank. Preface The ETERNUS Nagios® Plugin (referred to as "ETERNUS Nagios Plugin" or "this plugin" in the remainder of this manual) is a plugin that is installed in a Fujitsu server (PRIMEQUEST or PRIMERGY) or non-Fujitsu servers to monitor the ETERNUS AF series, the ETERNUS DX200F All-Flash Arrays, or the ETERNUS DX series Hybrid Storage Systems (hereinafter referred to as "ETERNUS AF/DX"). This manual provides an overview and explains how to use this plugin. In addition, refer to the manuals that are related to the ETERNUS AF/DX as necessary. Seventh Edition December 2019 Microsoft and Internet Explorer are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Red Hat is a registered trademark of Red Hat, Inc. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. SUSE is a registered trademark of Novell Inc. in the U.S. and other countries. Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. Mozilla, Firefox, and the Mozilla and Firefox logos are trademarks or registered trademarks of the Mozilla Foundation in the United States and other countries. Other company names, product names, and service names are registered trademarks or trademarks of their respective owners. Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation. 3 ETERNUS Nagios® Plugin 1.6 User’s Guide Copyright 2019 FUJITSU LIMITED P3AM-7242-07ENZ0 About This Manual Organization This manual is composed of the following six chapters and an appendix.
    [Show full text]
  • Ubuntu Server Guide Ubuntu Server Guide Copyright © 2010 Canonical Ltd
    Ubuntu Server Guide Ubuntu Server Guide Copyright © 2010 Canonical Ltd. and members of the Ubuntu Documentation Project3 Abstract Welcome to the Ubuntu Server Guide! It contains information on how to install and configure various server applications on your Ubuntu system to fit your needs. It is a step-by-step, task-oriented guide for configuring and customizing your system. Credits and License This document is maintained by the Ubuntu documentation team (https://wiki.ubuntu.com/DocumentationTeam). For a list of contributors, see the contributors page1 This document is made available under the Creative Commons ShareAlike 2.5 License (CC-BY-SA). You are free to modify, extend, and improve the Ubuntu documentation source code under the terms of this license. All derivative works must be released under this license. This documentation is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE AS DESCRIBED IN THE DISCLAIMER. A copy of the license is available here: Creative Commons ShareAlike License2. 3 https://launchpad.net/~ubuntu-core-doc 1 ../../libs/C/contributors.xml 2 /usr/share/ubuntu-docs/libs/C/ccbysa.xml Table of Contents 1. Introduction ........................................................................................................................... 1 1. Support .......................................................................................................................... 2 2. Installation ............................................................................................................................
    [Show full text]
  • Nagios in High Availability Environments
    Nagios in High Availability Environments Introduction Nagios is a versatile and functional network management tool with a GUI (graphic user interface) comparable to other commercial tools. It’s free software, which makes it a perfect candidate for companies. When Nagios is used in a production environment, its high availability component is required. However, the solutions presented in the official documentation do not make Nagios a very reliable tool in this kind of environments. This document will show a more efficient way. First, we are going to approach the already existing solutions, and afterwards a new solution. It’s expected from the reader an understanding of Nagios’s existing solutions for high availability environments (http://nagios.sourceforge.net/docs/1_0/redundancy.html). Scenario 1 – Redundant Monitoring This solution has various problems. The most obvious one is the increase of redundant information in the network. Consequently, it wastes the available bandwidth, and increases the load on the machines that are being monitored. Another undesirable situation, when the master process recovers, is that two machines can send notifications. It happens because the master process doesn’t have any knowledge of the slave process. It obliges the slave to deactivate the notifications promptly. Finally, if one of the nagios processes fails, it won’t recover information gathered during the down period. This method doesn’t safeguards history. Scenario 2 - Failover Monitoring The difference between this solution and scenario 1 is the inexistence of more than one machine making checks. In this way monitored machines will not be submitted to an extra load, and the bandwidth use is more efficient.
    [Show full text]
  • Nagios & Icinga Network Monitoring
    autoscale: true Nagios & Icinga Philippines Network Operators Group, March 2018 Jonathan Brewer Telco2 Limited New Zealand Network Monitoring: Once you have SNMP data Once you have analysed Log data Once you have service performance data It's time to do something with it! Nagios Nagios is an Internet industry standard for monitoring At times it has been the most popular tool Its job is to monitor hosts & services, and alert on problems Alerting is its forte, it can use email, SMS, or API Handling of issues can be as complex as you need Nagios Home Nagios Hosts Hosts are containers for services If a host is unreachable, so are its services If a host is down, so are its services Nagios treats hosts differently from services! Nagios Hosts Nagios Host Groups Many hosts in a network are identical They can be added to a common group Nagios will behave the same way towards all hosts in a group This saves time & effort in adding hosts to Nagios Nagios Host Groups Nagios Services Nagios pre-defines service templates for many common things DNS, FTP, HTTP, HTTPS, SSH Users can define their own services for special cases For example calling a remote application via SSH Nagios Services Nagios Custom Service Nagios Heirarchy All services in Nagios are children of a host All hosts in Nagios are considered in a heirarchy If a host's parent is unavailable, its children are unreachable This prevents Nagios from alerting on unreachable hosts & services Nagios Heirarchy Nagios Contacts Alerting is what Nagios does best! Contacts the basis of alerting How a contact
    [Show full text]
  • Linux and Open Source for (Almost) Zero Cost PCI Compliance
    Linux and Open Source for (Almost) Zero Cost PCI Compliance Rafeeq Rehman 2 Some Introductory Notes ¡ Payment Card Industry (PCI) standard is not a government regulaon. ¡ Who needs to comply with PCI? ¡ Twelve major requirements covering policy, processes, and technology to protect Credit Card Data. ¡ What is Credit Card Data? ¡ Few Clarificaons ¡ Payment Card Industry (PCI) requires some tasks to be performed by external vendors depending upon merchant level. There is no other way around, unfortunately. ¡ Open Source soluCons do need people. That is why it is almost free but not totally free. 9/10/11 3 What the Auditors Look For? ¡ Is PCI just a checklist? ¡ Are auditors genuinely interested in securing the PCI data? ¡ Does it maer if you use an open source or commercial product to meet PCI requirements? ¡ What if you meet PCI requirements while improving security and spending less money? 9/10/11 4 Is it viable to use Open Source for PCI Compliance? ¡ Is there a real company who uses Open Source soQware to achieve PCI compliance? Is it even possible? ¡ PCI 2.0 focuses more on Risk based approach. ¡ PCI (or any compliance) is boring! Make it interesCng by using Open Source. 9/10/11 5 PCI Biggest Expenses 1. Log Management (Storage and archiving, Monitoring and Alerng) 2. Vulnerability Scanning 3. Network Firewalls and Network Segmentaon 4. Intrusion DetecCon System 5. EncrypCon for data-at-rest 6. File Integrity Monitoring 7. IdenCty Management (Password controls, Two factor for remote access, Role based access) 9/10/11 6 AddiConal PCI
    [Show full text]
  • The Migration Process of Mobile Agents Implementation, Classification, and Optimization
    The Migration Process of Mobile Agents Implementation, Classification, and Optimization Dissertation zur Erlangung des akademischen Grades Doktor-Ingenieur (Dr.-Ing.), vorgelegt dem Rat der Fakult¨atf¨ur Mathematik und Informatik der Friedrich-Schiller-Universit¨atJena von Diplom-Informatiker Peter Braun, geboren am 22. Juni 1970 in Neuss. Gutachter 1. Prof. Dr. Wilhelm R. Rossak, Friedrich-Schiller-Universit¨atJena 2. Dr. Bill Buchanan, Napier University, Edinburgh, Scotland Tag der letzten Pr¨ufung des Rigorosums: 30. April 2003 Tag der ¨offentlichen Verteidigung: 13. Mai 2003 Abstract Mobile agents provide a new and fascinating design paradigm for the architecture and programming of distributed systems. A mobile agent is a software entity that is launched by its owner with a user-given task at a specific network node. It can decide to migrate to other nodes in the network during runtime. For a migration the agent carries its current data, its program code, and its execution state with it. Therefore, it is possible to continue agent execution at the destination platform exactly where it was interrupted before. The reason for a migration is mainly to use resources that are only available at remote servers in the network. This thesis focuses on the migration process of mobile agents, which is to our knowl- edge not considered in literature so far, although the performance of a mobile agent based application strongly depends on the performance of the migration process. We propose a general framework an an innovative set of notions to describe and specify the migration process. By introducing the concept of a migration model, we offer a classification scheme to describe migration issues in existing mobile agent systems.
    [Show full text]