David Winter's Blog

3 Posts
0

New Vision

Posted by David Winter May 22, 2008

I have a new vision that I have become very passionate about. Its one that I am sure many of you have already opened your eyes to. Working in the OSS community and finding ways to interconnect, leverage, mash up, synergize, pair, link in, and generally build integrations between great tools available today.

 

I currently run a shop that uses Zenoss Enterprise, Splunk, Variphy Insight, Zimbra, nTop, syslog-ng to provide management for Cisco networks and Cisco Unified Communications systems. The Technology Manager at CTI (ctiusa.com) are constantly coming to me asking me to build new offerings for Storage, Virtualization, Ironport, Cisco Mobility, Security and more.

 

I also have the knack of getting in good with the developer staff of the companies we work wtih. Shout out to Chet@Zenoss, Layne@Variphy, all the UC business units at Cisco, Cisco ROS counterparts, Kartick@Ziptie, and the boys at Netcordia.

 

I am really going to try and track my progress as I attempt to inspire these projects and companies to link thier systems together, openly, for the greater good of OSS management.

 

My next post should be regarding my decision making process as I choose a new ITIL based, Web 2.0, Rich Internet Applation, Portal providing Service Management application.

 

Those in the running:

 

Service-now

HP Service Manager

BMC Magic

Numara Footprints

 

Looking forward to feedback!

0 Comments Permalink
0

Cacti like oid discovery

Posted by David Winter Jan 27, 2008

As I am very Cisco Unified Communcations-centric, I will complain a lot about the Cisco products and how, since they are grown from aquistition, they lack a homogenous support structure.

 

Cisco constantly has MIBs that are not publisher, not listed, and pretty much hidden from everyone on thier UC applications. The only way to discover them is to walk an entire device at .1 and look for high numbers OID anomolies, then google for the OID in question to find a matching MIB.

 

 

 

 

 

 

Well, if monitoring applications allowed you to do this through thier software, that would be nice. Here is a thought, build in an snmpwalk in the discovery process, then allow you to select OIDs to build into a graph as you are looking at the data. Works better if you have the MIB loaded as well so you have some context. If I could load a MIB, walk a device and start checkboxing items I want in a graph, that is a great start to building usefull performance monitoring.

 

 

0 Comments 0 References Permalink
0

first blog

Posted by David Winter Jan 25, 2008

this is my first blog. ever. here goes.

 

 

 

 

To follow up to my barcampESM presentation on 'the needs of the Managed Services Provider (MSP) customer' I want to reiterate a few requirements (this may take a few posts)

 

 

 

 

  • h1. System must overcome overlapping subnets in customers' networks.

    • An MSP needs a fault/perf/alert system that can monitor multiple customers.

    • There will come a time when two customers are both running 192.168.1.0/24 on an inside LAN segment.

    • We now need to be able to keep data for CustA-192.168.1.24 (Windows Server) separate from CustB-192.168.1.24 (Firewall)

      • Separate Reporting

        • SLA

        • Alerts

      • Separate Events

    • The best way to do this is to have a collector/poller/probe/agent running on a device inside the customer's network doing the following:

      • Collecting syslogs

      • Collecting snmp traps

      • Polling snmp OIDs

      • tailing/greping logs on shared network drives

      • Collecting NetFlow data

      • Packet sniffing

      • Collecting IOS based configuration data (or other ssh/telnet gatherable data)

      • anything else you can think of

    • The collector should then encapsulate the data and send it to a centralized management server. Keep the data on the central server, as well as the collectors config. The collector should be a diposable entity.

      • Always nice if this data is somehow compressed/encrypted first as well.

      • Also nice if the data is pushed from collector to central server and not pulled, thereby allowing the collector to live inside the customer's network behind a NAT with no Firewall changes to allow the collector to talk to the master.

      • Building the data collection into apache or tomcat so port 80 and 443 (almost always open to hit from the inside of ANY Lan) would be nice as well. The goal here is to minimize the impact to a customer's firewall configuration.

        • no site to site vpn

        • no access list changes

        • no static NAT configs

 

0 Comments 0 References Permalink Tags: agent, msp
Click to view David Winter's profile

David Winter

 Member since: Jan 19, 2008

Needs of a Managed Services Provider for IP Telephony

View David Winter's profile

Recent Comments

No recent comments.

Popular Tags

View all