organized, hybridized network monitoring - mcrinc · organized, hybridized network monitoring use a...
TRANSCRIPT
Organized, Hybridized Network MonitoringUse a combination of technologies and organizational techniques to master complex network monitoring
Abstract
In the world of network monitoring, you’re basically dealing with two technologies to gather information: Agents that install locally on servers and other computers, and Simple Network Management Protocol (SNMP). SNMP is nice because it works well with appliance-style devices, such as routers and switches, although agents can often provide more detailed information with less overhead for computers and server applications.
A third technology, unique to Windows, is Windows Management Instrumentation (WMI). It’s similar to SNMP, but can provide greater detail for compatible services and applications. It’s not uncommon for monitoring solutions to use either locally installed agents or SNMP/WMI, but it’s uncommon to see hybrid solutions that use agents and SNMP/WMI.
This is especially true in situations where you don’t want to treat an entire network as a single unit. Sometimes you need to monitor different portions of your network in different ways. For instance, perhaps some business divisions need separate monitoring and reporting. Possibly you’re acting as a service provider to internal “customers” who have different monitoring needs, and you need to segregate their information from others’. Or, you may need to treat each remote office as an independent entity, keeping network performance and other information separate. In general, these needs are referred to as multi-tenancy, with each customer, office, or business division acting as an independent “tenant” within the overall monitoring system.
2
Simple Network Management Protocol is nice because it works well with appliance-style devices, such as routers and switches, although agents can often provide more detailed information with less overhead for computers and server applications.
Figure 1. Remote networks
Remote Network A Remote Network B
Your Network
The traditional approach
First, let’s look at how traditional monitoring solutions address
these kinds of issues. Typically speaking, you’ll install local
agents wherever you need them, and then identify SNMP or
WMI devices as needed. You’ll obviously have to do this for
each network that you’re monitoring.
3
There’s a hybridized approach, however, that can offer a better model.
Now, you’ll need a way for those agents to communicate their information back to the central monitoring service, and for SNMP information and traps to
be centralized. Typically, that’s done through establishing a Virtual Private Network (VPN), or working through an existing VPN.
Figure 2. Remote networks with VPN
Remote Network A Remote Network B
Your Network
Right here, there are a few problems.• First, you’re potentially running a lot of
traffic through that VPN, which may
be needed for other communications.
Transmitting the data out-of-VPN isn’t
usually an option, however, because you
need that data to be secured.
• Second, you’re bringing all of that
information into a single network-
monitoring database, meaning everything
will show up unsegregated. Many solutions
will let you manually reorganize the
information into partitions, but that’s a
hassle to maintain as devices are removed
and added over time.
• Third, your central monitoring server
is accepting communications from a
potentially huge number of agents and
SNMP devices. It also has to communicate
back with agents to provide configuration
information. That’s a lot of effort, and
it may impact the performance of the
monitoring solution itself.
There’s a hybridized approach, however, that can offer a better model.
Hybridized Network Monitoring
The solution is to implement a multi-tier, true multi-tenant network monitoring solution. Here, each site’s agents and SNMP devices communicate to a specific aggregating agent installed at the site. That site then communicates back to the central monitoring server. It can either use the VPN in place (as shown on Remote Network B), or communicate out-of-band using HTTPS to ensure security (Remote Network A).
4
This solves two of the three problems, and the solution for the third is simple: Each remote agent is represented as a
discrete organization within the central monitoring console.
This approach is called hybrid because it relies both on local data collection and remote monitoring, using an aggregation agent to make the connection between the local data sources and the remote monitoring server.
Figure 3. Hybrid remote monitoring
Figure 4. Remote organizations
Remote Network A Remote Network B
Your Network
Agent Agent
5
Using this approach, communications are consolidated to a single, secured channel. The aggregation agent in each location can also convey configuration information back to the agents in that site. A truly multi-tenant approach is revealed, with each site’s information being completely self contained (although the central console could also report on aggregate information that combines multiple sites, if desired).
This approach is called hybrid because it relies both on local data collection and remote monitoring, using an aggregation agent to make the connection between the local data sources and the remote monitoring server. This approach can not only optimize bandwidth, but also improve the performance of the monitoring solution by aggregating traffic into fewer overall connections.
Although this example uses physically remote sites, this same approach could be used for different logical divisions of a single large network. With this approach, you can easily segregate business units, departments, or whatever you need. There’s no need to manually track which devices go with which organization; that happens automatically, based simply on which aggregate agent each device or server is reporting to.
A lingering concern of this approach is the ability to properly secure the WMI and SNMP credentials that will be needed. After all, failure to secure those can result in unauthorized access to devices—something you’ll want to avoid at all costs.
Foglight Network Management System: Secure, hybridized, multi-tenant monitoring
Foglight Network Management System (NMS) provides exactly the kind of hybrid, multi-tenant monitoring illustrated here, and does so in a solution that takes less than a half hour to install and configure. The Foglight NMS Remote Agent is responsible for aggregating information,
and can also communicate policy and configuration information to remotely installed agents on your servers. What’s more, that same Remote Agent can also facilitate remote access to those servers, helping to make troubleshooting and maintenance easier and more efficient.
By letting you treat each Remote Agent as a distinct organization within the Foglight NMS console, you can create whatever boundaries you need. Treat business units as distinct entities. Even collect vertical segments of your own IT infrastructure into their own partitions, if desired. Using Foglight NMS, you can build network monitoring as a service that can be offered to internal customers, departments and divisions, or whomever you like. You’ll get the same consistent, secure, powerful network monitoring capabilities that Foglight NMS is famous for—and be able to offer them as a product to your internal customers.
Foglight NMS also solves the problem of SNMP and WMI credentials by securely encrypting credentials in storage. Unauthorized users will have no ability to retrieve those passwords from Foglight NMS (unlike a simple Excel spreadsheet or other record keeping mechanism, and unlike less-secure monitoring systems that store credentials in clear-text databases). Foglight NMS will have exactly the permissions you give it within each SNMP- or WMI-enabled device or server, and nothing more.
You’ll also get all of the other features that make Foglight NMS such a desirable network monitoring system:• Expert guidance for solving problems
• Performance baselines and trending
• Powerful reporting and network
visualization
• Automated alerting and remediation
The Foglight NMS Remote Agent is responsible for aggregating information, and can also communicate policy and configuration information to remotely installed agents on your servers. What’s more, that same Remote Agent can also facilitate remote access to those servers, helping to make troubleshooting and maintenance easier and more efficient.
© 2013 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Dell, Inc. (“Dell”).
Dell, Dell Software, the Dell Software logo and products—as identified in this document—are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners.
The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN DELL’S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT,
DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document.
About DellDell Inc. (NASDAQ: DELL) listens to customers and delivers worldwide innovative technology, business solutions and services they trust and value. For more information, visit www.dell.com.
If you have any questions regarding your potential use of this material, contact:
Dell Software5 Polaris Way Aliso Viejo, CA 92656www.dell.com Refer to our Web site for regional and international office information.
Whitepaper-OrganizedHybridNetworkMonitor-US-VG-01-10-13