Understanding and Optimizing SNMP Management with CA ehealth PM & CA Spectrum IM. Dave Soares and Mike Taldo
|
|
- Felicia Carmella Page
- 7 years ago
- Views:
Transcription
1 Understanding and Optimizing SNMP Management with CA ehealth PM & CA Spectrum IM Dave Soares and Mike Taldo
2 Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is subject to change or withdrawal by CA at any time without notice. Notwithstanding anything in this presentation to the contrary, this presentation shall not serve to (i) affect the rights and/or obligations of CA or its licensees under any existing or future written license agreement or services agreement relating to any CA software product; or (ii) amend any product documentation or specifications for any CA software product. The development, release and timing of any features or functionality described in this presentation remain at CA s sole discretion. Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release referenced in this presentation, CA will make such release available (i) for sale to new licensees of such product; and (ii) to existing licensees of such product on a when and if-available basis as part of CA maintenance and support, and in the form of a regularly scheduled major product release. Such releases may be made available to current licensees of such product who are current subscribers to CA maintenance and support on a when and if-available basis. In the event of a conflict between the terms of this paragraph and any other information contained in this presentation, the terms of this paragraph shall govern. 2 August 12, 2009 [Enter presentation title in footer] Copyright 2009 CA
3 For Informational Purposes Only Certain information in this presentation may outline CA s general product direction. All information in this presentation is for your informational purposes only and may not be incorporated into any contract. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including without limitation, any implied warranties or merchantability, fitness for a particular purpose, or non-infringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, lost investment, business interruption, goodwill, or lost data, even if CA is expressly advised of the possibility of such damages. 3 August 12, 2009 [Enter presentation title in footer] Copyright 2009 CA
4 Abstract > Review the numerous updates that have been done for CA ehealth PM in polling, discovery, SNMP and SDM. > This session will discuss their added value and changes in configurations and administration. The focus will be on CA ehealth, but we will also cover topics on using the CA ehealth PM and CA Spectrum IM together. > Examples will include sharing SDC, getting SNMP credentials from CA Spectrum IM to CA ehealth PM through Synchronized Discovery and understanding differences in SNMP community string character support. 4 August 12, 2009 [Enter presentation title in footer] Copyright 2009 CA
5 Agenda > SNMP History > SNMP Challenges Security Scalability Unreliable message delivery Configuration of Trap Destinations Firewalls Private/Overlapping IP Ranges > SDM 5 August 12, 2009 [Enter presentation title in footer] Copyright 2009 CA
6 SNMP > SNMP has been the defacto standard network management protocol for 20+ years 3 versions, many RFCs > SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration > Variables can be queried or set by managing applications, such as CA Spectrum and CA ehealth Examples: Free memory, System Name, Number of running processes, etc. > SNMP uses UDP as its transport layer > SNMP is the primary data acquisition protocol for ehealth and Spectrum
7 SNMP v2 and v3 > SNMPv2 was introduced in 1993 in RFC 1441 and 1452 includes improvements in the areas of performance, security, confidentiality, and manager-to-manager communications It introduced GETBULK, an alternative to iterative GETNEXTs for retrieving large amounts of management data in a single request However, the new party-based security system in SNMP v2, viewed by many as overly complex, was not widely accepted > SNMPv2c The Community Edition in RFC 1901 and 1908 Included everything but the Security, 1996 > SNMPv2u The User Based Edition in RFC 1909 and 1910 Formed the basis for SNMPv3 > SNMPv3 defined in RFC 3411 and 3418 and standard in 2003 Authentication, Privacy and Access Control
8 MIBs > SNMP uses MIBs (Management Information Base) as its primary data objects > Managed objects are made up of one or more object instances (identified by their OIDs), which are essentially variables > Example of MIB Object: sysdescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software." ::= { system 1 } > iso.org.dod.internet.mgmt.mib-2.system.sysdescr > DisplayString : Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(37)SE, RELEASE SOFTWARE (fc2) Copyright (c) by Cisco Systems, Inc. Compiled Thu 10-May-07 16:43 by antonino
9 SNMP Questions > SNMP, while not the only protocol, underpins the core of Spectrum and ehealth > Is anyone not using SNMP or does anyone have plans to move away from using SNMP > Is anyone still using SNMPv1 > Has anyone adopted SNMPv2c > SNMPv3 > We are seeing a large adoption of SNMPv2c and SNMPv3 > Anyone use SNMP to manage agents over IPv6 What versions of SNMP
10 What are the largest challenges with SNMP? > Security Credentials Fuzzing Service Interruptions Denial of Service Attacks Unauthorized Access > Scalability > Unreliable message delivery > Configuration of Trap Destinations > Firewalls > Private/Overlapping IP Ranges
11 Security Challenge > Pushing and managing security credentials How do you distribute, update and coordinate Biggest inhibitor to adoption Secret key cryptography is used by SNMPv3 User, proxy password, and proxy priv password If each agent has a unique credentials, the manager has to store the same number of credentials as the number of nodes. Setup and changing of keys for all agents need to be done manually. If you use shared credentials then it lowers the security. one key is used for all agents, compromising the key compromises the entire managed network. > Coordinate security management with the folks managing the network
12 Security Challenge > Fuzzing Since the shared secret is not hidden, an attacker can monitor the SNMP traffic to determine network topology and harvest those shared secrets Among hackers, this is called fuzzing; amongst security professionals, this is Packet Sniffing Armed with topology data and shared secrets, like configuration information, the hacker is well informed to plan an attack and choose targets Internal v's External threat > To prevent Fuzzing, Spectrum and ehealth support SNMPv3
13 Security Challenge > Service Interruptions Vulnerabilities with decoding and processing SNMP messages (whether a trap or request) in various software products is exploited by the Badly Formed SNMP Trap Attack. The impact of this attack is to blind the NMS (prevent it from receiving more traps by causing it to crash) or blind the agent (making it unable to be queried by causing it to crash). The ability of the NMS to continue to manage is degraded at best or disabled at worst. From within a DMZ, an attacker can reach the NMS in the secure network when holes in the firewall are open to allow SNMP traffic or SNMP traps through directly. > With a unified SNMP Processing Core, Spectrum and ehealth drop malformed SNMP packets
14 Security Challenge > Denial of Service The denial-of-service attack disables NMS/agents by sending them more SNMP traffic than the NMS/agent can process or by sending malformed SNMP packets to crash the manager/agent. Better still, use an IPS > Unauthorized Privileged Access Typically exposed via Buffer Overflow This can enable malware to execute immediately in a privilege state or it may enable another process running on the host to switch to an elevated privileged state To mitigate this threat use management protocol proxy firewall which verifies SNMP traffic to ensure its authentic and valid as well as mitigates SNMP-based attacks
15 Scalability Challenge > Scalability Refers to the number of agents that can be managed by single management system Networks have grown exponentially since the early days of SNMP > Efficiency How quickly and effectively a system performs in such operations as the delivery and processing of data SNMP is not considered efficient when querying bulky data Security comes at a price of efficiency. Authentication of community string or user credentials and data encryption occurs for every SNMP packet > Spectrum and ehealth have an efficient multi-threaded core and specialize in processing SNMP packets ehealth and Spectrum retrieve the information through the GET,GETNEXT and GETBULK protocol operations or the agent will send data without being asked using TRAP or INFORM protocol operations.
16 Unreliable Message Delivery Challenges > Nature of UDP as a transport layer Unreliable, connectionless protocol. Out of order packet delivery. No acknowledgment > Impact Traps are not guaranteed to be received by NMS. Request retries, increased latency. Duplicate traps sent by agent. > How do ehealth and SPECTRUM address this? Applications implement reliability mechanisms such as trap buffering Intelligence to detect duplicate traps.
17 Other Challenge > Trap Destinations > Firewalls Present their own challenge to management of networks We use them to keep intruders out, but have to make holes in them to manage remote or secure networks > Private/Overlapping IP Ranges Managing Overlapping IP addresses, especially important with MSP s and those. Is a growing concern among customers
18 To work around some of the challenges > Proxy Used in several forms, but primarily for the following reasons > Trap Exploder To forward the SNMP request from the management application to the device sometimes over a different protocol support for aggregated managed objects where the value of one managed object instance depends upon the values of multiple other (remote) items of management information To multiplex SNMP traps to multiple applications No longer required for ehealth A shim for Network Admins, offers flexibility and control, altering the path of specific network mangement traffic
19 more working around > Use of NAT Allows MSPs to manage domains with overlapping IP addresses If all managed devices have a unique NAT IP address, then SPECTRUM can manage them directly without SDM If some or all of the managed devices have duplicate NAT IP addresses in different NAT zones, then ehealth and SPECTRUM can manage them with SDM > Source Based Routing Does anyone use or plan to use Source Based Routing Shows some promise but requires the Admin to make or set routing behavior We are looking to provide support for this in the future
20 Why are we still using SNMP > Simple > Interoperable > Widely Supported by both manager and agent communities > Standard, non-proprietary protocol to simultaneously manage devices from different vendors with single management system > Type of data acquired can be anything from the physical layer up to the application layer. Protocol analyzers cannot gather all of these.
21 Spectrum and ehealth Objectives > Native SNMP v1/v2c/v3 support Native stack Remove proxy > Integration SNMP config flow > Secure tunneling > Better and more integrated Overlapping IP management SDM > Unified solution for managing remote domains ehealth and SPECTRUM can use a common SDC for managing a remote domain > Lower admin burden
22 Secure Domain Manager For CA Spectrum and CA ehealth 2 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
23 Secure Domain Manager > Who might want to use SDM Managed service providers (MSPs) Hotspot (Wi-Fi) access providers Enterprise managers > When do you use SDM/SDC Managing network elements in overlapping (or private) IP domains (NAT environments) Managing network elements behind firewalls configured to block SNMP and ICMP traffic Managing network elements across insecure network domains 24 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
24 Basic Structure Secure Network SDM Firewall SDC 25 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
25 Secure Domain Connector > The SDC is a lightweight application that installs on designated machines within the secure domain. > The SDC is installed as a service or daemon in the secure domain which reduces the maintenance time if the SDC platform should experience downtime. The service can be managed by the OS Auto-started, Re-started etc.. SDC will collect request should the SDM go down and forward them on to a designated backup when it comes on-line > Failover from primary to backup SpectroServer or ehealth Server information. 26 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
26 Integrated Deployment 27 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
27 How do you make the decision on using Remote Poller or SDM > Test and use SDM/SDC as first choice Pay particular attention to bandwidth > Use Remote Poller Large Distributed Managed Networks approaching the high end of ehealth managed network elements You want ehealth to process v1 and v2c traps > Use SDM/SDC Lightweight Administration Lower Cost End to End Polling Scales with Spectrum, small to medium networks for ehealth
28 Benefits to SDM/SDC > To help with Performance No lag in Polling Live Health SDM/SDC scales with the SpectroServer ehealth performance in terms of elements is TBD > To help with Administration Lower Administrative overhead ehealth and Spectrum can share a SDC Optionally deployed with the Remote Poller > To help manage diverse geographical networks Supports Overlapping IP s > To help manage more securely Directional communication initialization FIPS Compliance 29 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
29 Issues > Integration issues Working on consistency between the products Example: community strings and credential passing Faster support with common code
30 Questions? 3 April 2009 ehealth Scale Architecture Overview Copyright 2009 CA
Hands-on Lab: CA ehealth PM Integration with Cisco Unified Communications Manager. Eve Curcio
Hands-on Lab: CA ehealth PM Integration with Cisco Unified Communications Manager Eve Curcio Terms of This Presentation This presentation was based on current information and resource allocations as of
More informationCA Workload Automation Restart Option for z/os Schedulers: NJE Restarts. Jared Moran
CA Workload Automation Restart Option for z/os Schedulers: NJE Restarts Jared Moran Terms of This Presentation This presentation was based on current information and resource allocations as of October
More informationWeb Admin Console - Release Management. Steve Parker Richard Lechner
Web Admin Console - Release Management Steve Parker Richard Lechner Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is subject
More informationCA Spectrum and CA Performance Center
CA Spectrum and CA Performance Center Integration Guide CA Spectrum Release 9.3 - CA Performance Center r2.3.00 This Documentation, which includes embedded help systems and electronically distributed materials,
More informationSIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)
1 SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) Mohammad S. Hasan Agenda 2 Looking at Today What is a management protocol and why is it needed Addressing a variable within SNMP Differing versions Ad-hoc Network
More informationSNMP SECURITY A CLOSER LOOK JEFFERY E. HAMMONDS EAST CAROLINA UNIVERSITY ICTN 6865
SNMP SECURITY A CLOSER LOOK JEFFERY E. HAMMONDS EAST CAROLINA UNIVERSITY ICTN 6865 NOVEMBER 25, 2013 SNMP SECURITY 2 ABSTRACT As a Network Monitoring System Administrator I have gained a substantial amount
More informationSolarWinds Certified Professional. Exam Preparation Guide
SolarWinds Certified Professional Exam Preparation Guide Introduction The SolarWinds Certified Professional (SCP) exam is designed to test your knowledge of general networking management topics and how
More informationGlobal Service Delivery: Industrialising Service Management
Global Service Delivery: Industrialising Service Management Drive Business Value with Service & Portfolio Management PS109SN Global Service Delivery: Industrialising Service Management in partnership with
More informationRECOVERY OF CA ARCSERVE DATABASE IN A CLUSTER ENVIRONMENT AFTER DISASTER RECOVERY
RECOVERY OF CA ARCSERVE DATABASE IN A CLUSTER ENVIRONMENT AFTER DISASTER RECOVERY Legal Notice This publication is based on current information and resource allocations as of its date of publication and
More informationConfiguring SNMP. 2012 Cisco and/or its affiliates. All rights reserved. 1
Configuring SNMP 2012 Cisco and/or its affiliates. All rights reserved. 1 The Simple Network Management Protocol (SNMP) is part of TCP/IP as defined by the IETF. It is used by network management systems
More informationCA Spectrum Active Directory and Exchange Server Manager
CA Spectrum Active Directory and Exchange Server Manager Solution Guide Release 9.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred
More informationThe Network and The Cloud: Addressing Security And Performance. How Your Enterprise is Impacted Today and Tomorrow
Addressing Security And Performance How Your Enterprise is Impacted Today and Tomorrow THE CLOUD: SECURED OR NOT? IN A STUDY BY MICROSOFT, 51 percent of companies who moved to the cloud said that since
More informationSimple Network Management Protocol
CHAPTER 4 This chapter gives an overview of (SNMP). It contains the following sections: Overview, page 4-1 SNMP Versioning, page 4-2 SNMP and Cisco Unified CM Basics, page 4-3 SNMP Basic Commands, page
More informationCA Spectrum Active Directory and Exchange Server Manager
CA Spectrum Active Directory and Exchange Server Manager Solution Guide Release 9.2.2 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred
More informationCA Spectrum and CA Embedded Entitlements Manager
CA Spectrum and CA Embedded Entitlements Manager Integration Guide CA Spectrum Release 9.4 - CA Embedded Entitlements Manager This Documentation, which includes embedded help systems and electronically
More informationjourney to a hybrid cloud
journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience
More informationComparison of SNMP. Versions 1, 2 and 3
Comparison of SNMP 1 Comparison of SNMP Versions 1, 2 and 3 Eddie Bibbs Brandon Matt ICTN 4600-001 Xin Tang April 17, 2006 Comparison of SNMP 2 During its development history, the communities of researchers,
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationA Guide to Understanding SNMP
A Guide to Understanding SNMP Read about SNMP v1, v2c & v3 and Learn How to Configure SNMP on Cisco Routers 2013, SolarWinds Worldwide, LLC. All rights reserved. Share: In small networks with only a few
More informationCisco Collaboration with Microsoft Interoperability
Cisco Collaboration with Microsoft Interoperability Infrastructure Cheatsheet First Published: June 2016 Cisco Expressway X8.8 Cisco Unified Communications Manager 10.x or later Microsoft Lync Server 2010
More informationIntegrating CA Software Change Management with CA Service Desk Manager for Enterprise Change Control
Integrating CA Software Change Management with CA Service Desk Manager for Enterprise Change Control Keith Allen Principal Consultant CA EMEA Team Lead ALM - SCM Activities Terms of This Presentation This
More informationConfiguring Simple Network Management Protocol (SNMP)
Configuring Simple Network Management Protocol (SNMP) This chapter describes the Simple Network Management Protocol (SNMP), SNMP Management Information Bases (MIBs), and how to configure SNMP on Cisco
More informationChange for the Better: Improved Productivity via CA Service Desk Manager
Change for the Better: Improved Productivity via CA Service Desk Manager Drive Business Value with Service & Portfolio Management PS105SN Change for the Better: Improved Productivity via CA Service Desk
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationOn the Deficiencies of Active Network Discovery Systems
On the Deficiencies of Active Network Discovery Systems Ofir Arkin Chief Technology Officer Insightix Copyright 2012 - All Rights Reserved. This material is proprietary of Insightix. Any unauthorized
More informationThe Role of Service Catalog in IT Asset Management. Faisal Faquih Khalid
The Role of Service Catalog in IT Asset Management Faisal Faquih Khalid Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is
More informationUsing SolarWinds Orion for Cisco Assessments
Using SolarWinds Orion for Cisco Assessments Cisco Network Assessments Registering Your Assessment... 1 Installing SolarWinds Orion Network Performance Monitor... 1 Discovering Your Network... 1 Polling
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More information10A CA Plex in the Cloud. Rob Layzell CA Technologies
10A CA Plex in the Cloud Rob Layzell CA Technologies Legal This presentation was based on current information and resource allocations as of April 18, 2011 and is subject to change or withdrawal by CA
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationHands-on Lab: CA Spectrum IM 9.2 Ad Hoc Reporting. David Cosgrove
Hands-on Lab: CA Spectrum IM 9.2 Ad Hoc Reporting David Cosgrove Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is subject
More informationABC s of Improved User Productivity with Service Desk Manager: Adoption, Best Practices and Content Development
ABC s of Improved User Productivity with Service Desk Manager: Adoption, Best Practices and Content Development Driving Business Value with Service & Portfolio Management PS104SN ABC s of Improved User
More informationThe Best Kept Secrets of Cloud Service Providers
Cloud Solutions CP103PN The Best Kept Secrets of Cloud Service Providers Matt Richards Senior Director, Product Marketing The Best Kept Secrets of Cloud Service Providers New cloud offerings are providing
More informationContinuous Improvement with CA Service Desk Manager KPIs. Rich Magnuson
Continuous Improvement with CA Service Desk Manager KPIs Rich Magnuson Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is subject
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationCisco Certified Security Professional (CCSP)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination
More informationSAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)
SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationLAB: Assembling a Business Service Insight (BSI) Dashboard
LAB: Assembling a Business Service Insight (BSI) Dashboard Drive Business Value with Service & Portfolio Management PS304LN LAB: Assembling a BSI Dashboard Brian Jurasic CA Technologies agenda Review of
More informationCA Spectrum. Virtual Host Manager Solution Guide. Release 9.3
CA Spectrum Virtual Host Manager Solution Guide Release 9.3 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationMeasuring end-to-end application performance in an on-demand world. Shajeer Mohammed Enterprise Architect
Measuring end-to-end application performance in an on-demand world Shajeer Mohammed Enterprise Architect Agenda 1 Introduction to CA 2 Application Performance Management and its Need 3 How CA Solutions
More informationSimple Network Management Protocol
A Seminar Report on Simple Network Management Protocol Submitted in partial fulfillment of the requirement for the award of degree Of Computer Science SUBMITTED TO: SUBMITTED BY: www.studymafia.org www.studymafia.org
More informationCA Big Data Management: It s here, but what can it do for your business?
CA Big Data Management: It s here, but what can it do for your business? Mike Harer CA Technologies August 7, 2014 Session Number: 16256 Insert Custom Session QR if Desired. Test link: www.share.org Big
More informationExam Name: Cisco Sales Associate Exam Exam Type: Cisco Exam Code: 646-151 Doc Type: Q & A with Explanations Total Questions: 50
Question: 1 Which network security strategy element refers to the deployment of products that identify a potential intruder who makes several failed logon attempts? A. test the system B. secure the network
More informationManage Log Collection. Panorama Administrator s Guide. Version 7.0
Manage Log Collection Panorama Administrator s Guide Version 7.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact
More informationExecutive Summary and Purpose
ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on
More informationITL BULLETIN FOR JANUARY 2011
ITL BULLETIN FOR JANUARY 2011 INTERNET PROTOCOL VERSION 6 (IPv6): NIST GUIDELINES HELP ORGANIZATIONS MANAGE THE SECURE DEPLOYMENT OF THE NEW NETWORK PROTOCOL Shirley Radack, Editor Computer Security Division
More informationSNMP Simple Network Management Protocol
SNMP Simple Network Management Protocol Simple Network Management Protocol SNMP is a framework that provides facilities for managing and monitoring network resources on the Internet. Components of SNMP:
More informationAgenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
More informationCA Workload Automation Strategy and Roadmap. Bill Sherwin Principal Consultant EMEA Workload Automation Owner
CA Workload Automation Strategy and Roadmap Bill Sherwin Principal Consultant EMEA Workload Automation Owner CA Workload Automation: Key component in successful enterprise IT management Service Service
More informationNetwork Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016
Jaakko Kotimäki Department of Computer Science Aalto University, School of Science Outline Introduction SNMP architecture Management Information Base SNMP protocol Network management in practice Niksula
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationAlternatives to SNMP and Challenges in Management Protocols. Communication Systems Seminar Talk 10 Francesco Luminati
Alternatives to SNMP and Challenges in Management Protocols Communication Systems Seminar Talk 10 Francesco Luminati Introduction Structure Network management Management approaches SNMP Alternatives: NetConf
More informationConnecting the dots from automated software discovery to asset management
Connecting the dots from automated software discovery to asset management Drive Business Value with Service & Portfolio Management PS113SN Connecting the dots from automated software discovery to asset
More informationCA Unified Infrastructure Management Server
CA Unified Infrastructure Management Server CA UIM Server Configuration Guide 8.0 Document Revision History Version Date Changes 8.0 September 2014 Rebranded for UIM 8.0. 7.6 June 2014 No revisions for
More informationPAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ
PAVING THE PATH TO THE ELIMINATION A RSACCESS WHITE PAPER 1 The Traditional Role of DMZ 2 The Challenges of today s DMZ deployments 2.1 Ensuring the Security of Application and Data Located in the DMZ
More informationTech Note Cisco IOS SNMP Traps Supported and How to Conf
Tech Note Cisco IOS SNMP Traps Supported and How to Conf Table of Contents Cisco IOS SNMP Traps Supported and How to Configure Them...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1
More informationCA ARCserve Backup for Windows
CA ARCserve Backup for Windows Agent for Microsoft SharePoint Server Guide r15 This documentation and any related computer software help programs (hereinafter referred to as the "Documentation") are for
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationActive Management Services
Active Management Services White Paper 2.0 for Ricoh Customers Prepared by Professional Services department of Ricoh International B.V. Monday, 14 January 2013 TABLE OF CONTENT 1. Introduction... 4 2.
More informationIntegration with CA Transaction Impact Monitor
Integration with CA Transaction Impact Monitor CA Application Delivery Analysis Multi-Port Monitor Version 10.1 This Documentation, which includes embedded help systems and electronically distributed materials,
More information11.1. Performance Monitoring
11.1. Performance Monitoring Windows Reliability and Performance Monitor combines the functionality of the following tools that were previously only available as stand alone: Performance Logs and Alerts
More informationTraining Course on Network Administration
Training Course on Network Administration 03-07, March 2014 National Centre for Physics 1 Network Security and Monitoring 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2 Crafting a Secure
More informationIntroduction to Simple Network Management Protocol (SNMP)
Introduction to Simple Network Management Protocol (SNMP) Simple Network Management Protocol (SNMP) is an application layer protocol for collecting information about devices on the network. It is part
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationNetwork Monitoring with SNMP
Network Monitoring with SNMP This document describes how SNMP is used in WhatsUp Gold v11 and provides examples on how to configure performance, active, and passive monitors. Introduction SNMP (Simple
More informationPCI Compliance Considerations
PCI Compliance Considerations This article outlines implementation considerations when deploying the Barracuda Load Balancer ADC in an environment subject to PCI Data Security Standard (PCI DSS) compliance.
More informationCA Virtual Assurance for Infrastructure Managers
DATA SHEET CA Virtual Assurance for Infrastructure Managers (Includes CA Systems Performance for Infrastructure Managers) CA Virtual Assurance for Infrastructure Managers (formerly CA Virtual Performance
More informationApplication Performance. Java.,.NET and the IBM i. Rory Hewitt. Co-branded Logo Footprint Aligned LEFT ON COVER ONLY Must Fit Within This Space
Application Performance Management for Java.,.NET and the IBM i Rory Hewitt Rob Layzell CA Aligned LEFT ON COVER ONLY Terms of This Presentation This presentation was based on current information and resource
More informationIPv6 First Hop Security Protecting Your IPv6 Access Network
IPv6 First Hop Security Protecting Your IPv6 Access Network What You Will Learn This paper provides a brief introduction to common security threats on IPv6 campus access networks and will explain the value
More informationHow To Secure An Rsa Authentication Agent
RSA Authentication Agents Security Best Practices Guide Version 3 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA,
More informationSNMP Extensions for a Self Healing Network
SNMP Extensions for a Self Healing Network Background Patent 6,088,141: This is a self healing network depending on additional hardware. It requires a second ring of connection to handle recovery operations.
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More informationCA Spectrum. Microsoft MOM and SCOM Integration Guide. Release 9.4
CA Spectrum Microsoft MOM and SCOM Integration Guide Release 9.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationAn Overview of SNMP on the IMG
An Overview of SNMP on the IMG Description SNMP The SNMP provides a way to control and monitor a variety of equipment using one network management protocol. To do this, SNMP uses a number of common Management
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationWho is Watching You? Video Conferencing Security
Who is Watching You? Video Conferencing Security Navid Jam Member of Technical Staff March 1, 2007 SAND# 2007-1115C Computer and Network Security Security Systems and Technology Video Conference and Collaborative
More informationNetwork Security Topologies. Chapter 11
Network Security Topologies Chapter 11 Learning Objectives Explain network perimeter s importance to an organization s security policies Identify place and role of the demilitarized zone in the network
More informationApplication Virtualisation Management. Steve Parker
Application Virtualisation Management Steve Parker Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and is subject to change or
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationConsiderations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.
Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet
More informationSolarWinds Technical Reference
SolarWinds Technical Reference Implementing SNMPv3 Why SNMPv3?... 3 SNMPv3 Security... 4 General Implementation... 6 SolarWinds Product-Specific Implementation... 7 SolarWinds SNMPv3 input mapped to IOS..
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationNetwork Monitoring with SNMP
Network Monitoring with SNMP This paper describes how SNMP is used in WhatsUp- Professional and provides specific examples on how to configure performance, active, and passive monitors. Introduction SNMP
More informationICTN 4040. Enterprise Database Security Issues and Solutions
Huff 1 ICTN 4040 Section 001 Enterprise Information Security Enterprise Database Security Issues and Solutions Roger Brenton Huff East Carolina University Huff 2 Abstract This paper will review some of
More informationCA Spectrum MPLS-VPN Manager
CA Spectrum MPLS-VPN Manager User Guide Release 9.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationA43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
More informationA Brief. Introduction. of MG-SOFT s SNMP Network Management Products. Document Version 1.3, published in June, 2008
A Brief Introduction of MG-SOFT s SNMP Network Management Products Document Version 1.3, published in June, 2008 MG-SOFT s SNMP Products Overview SNMP Management Products MIB Browser Pro. for Windows and
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationTips & Tricks: CA CMDB Data Mining Techniques. John Sorensen & Neil Mitchell
Tips & Tricks: CA CMDB Data Mining Techniques John Sorensen & Neil Mitchell Terms of This Presentation This presentation was based on current information and resource allocations as of October 2009 and
More informationtechnical brief browsing to an installation of HP Web Jetadmin. Internal Access HTTP Port Access List User Profiles HTTP Port
technical brief in HP Overview HP is a powerful webbased software utility for installing, configuring, and managing networkconnected devices. Since it can install and configure devices, it must be able
More informationSymantec Virtual Machine Management 7.1 User Guide
Symantec Virtual Machine Management 7.1 User Guide Symantec Virtual Machine Management 7.1 User Guide The software described in this book is furnished under a license agreement and may be used only in
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationStateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
More informationCA ERwin Data Modeling's Role in the Application Development Lifecycle
CA ERwin Data Modeling's Role in the Application Development Lifecycle Hybrid Data Protection DH010SN CA ERwin Data Modeling's Role in the Application Development Lifecycle Donna Burbank CA Technologies
More informationConfiguring an IPsec VPN to provide ios devices with secure, remote access to the network
Configuring an IPsec VPN to provide ios devices with secure, remote access to the network This recipe uses the IPsec VPN Wizard to provide a group of remote ios users with secure, encrypted access to the
More information