ANS Monitoring as a Service. Customer requirements



Similar documents
iphouse has chosen LogicMonitor to offer a Software as a Service (SaaS) monitoring solution.

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

VMware vcenter Log Insight Getting Started Guide

OnCommand Performance Manager 1.1

Goliath Performance Monitor Prerequisites v11.6

Preinstallation Requirements Guide

WhatsUpGold. v3.0. WhatsConnected User Guide

simplify monitoring Environment Prerequisites for Installation Simplify Monitoring 11.4 (v11.4) Document Date: January

PZVM1 Administration Guide. V1.1 February 2014 Alain Ganuchaud. Page 1/27

OnCommand Performance Manager 1.1

Installing and Using the vnios Trial

PHD Virtual Backup for Hyper-V

The Bomgar Appliance in the Network

How To Set Up Foglight Nms For A Proof Of Concept

Virtual Web Appliance Setup Guide

Monitoring Hybrid Cloud Applications in VMware vcloud Air

Using VDOMs to host two FortiOS instances on a single FortiGate unit

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments

Getting Started. Version 9.1

RealPresence Platform Director

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

OnCommand Unified Manager 6.3

RAP as a Service for. Team Foundation Server. Prerequisites

Enterprise Manager. Version 6.2. Installation Guide

Virtual Managment Appliance Setup Guide

SevOne NMS Download Installation and Implementation Guide

Installation and Configuration Guide for Windows and Linux

Government of Canada Managed Security Service (GCMSS) Annex A-7: Statement of Work - Security Information and Event Management (SIEM)

VMware vcenter Log Insight Security Guide

mbits Network Operations Centrec

Network Management System (NMS) FAQ

Required Ports and Protocols. Communication Direction Protocol and Port Purpose Enterprise Controller Port 443, then Port Port 8005

Quick Note 052. Connecting to Digi Remote Manager SM Through Web Proxy

Using WhatsUp IP Address Manager 1.0

Installation and Configuration Guide for Windows and Linux

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Veeam Backup Enterprise Manager. Version 7.0

GRAVITYZONE HERE. Deployment Guide VLE Environment

VMware vcenter Log Insight Getting Started Guide

vcenter Chargeback User s Guide

Deployment Topologies

Symantec Messaging Gateway 10.0 Installation Guide. powered by Brightmail

NMS300 Network Management System

Print Audit Facilities Manager Technical Overview

Installing and Configuring vcloud Connector

Chapter 11 Cloud Application Development

WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central

Step by Step: vcenter Syslog Collector installation

VMware vshield Zones R E V I E W E R S G U I D E

SolarWinds Log & Event Manager

Freshservice Discovery Probe User Guide

Network Discovery Preparing for Installation

Running custom scripts which allow you to remotely and securely run a script you wrote on Windows, Mac, Linux, and Unix devices.

Best of Breed of an ITIL based IT Monitoring. The System Management strategy of NetEye

Cisco WebEx Meetings Server Administration Guide

AKIPS Network Monitor Installation, Configuration & Upgrade Guide Version 15. AKIPS Pty Ltd

VMware Identity Manager Connector Installation and Configuration

EMC Data Domain Management Center

Quick Setup Guide. 2 System requirements and licensing Kerio Technologies s.r.o. All rights reserved.

Heroix Longitude Quick Start Guide V7.1

Deploying the BIG-IP System with Oracle E-Business Suite 11i

How to Backup and Restore a VM using Veeam

OnCommand Performance Manager 2.0

Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide

Network Management Deployment Guide

STERLING SECURE PROXY. Raj Kumar Integration Management, Inc.

HP Insight Remote Support

Introduction Installation firewall analyzer step by step installation Startup Syslog and SNMP setup on firewall side firewall analyzer startup

Network Monitoring Comparison

How To Get Started With Whatsup Gold

LifeSize Transit Deployment Guide June 2011

F-Secure Messaging Security Gateway. Deployment Guide

Rally Installation Guide

Virtual Appliance Setup Guide

SolarWinds Certified Professional. Exam Preparation Guide

BlackBerry Enterprise Service 10. Version: Configuration Guide

Centerity Monitor. Technical Guide: Centerity VCE VBlock Monitoring V6.15

emerge 50P emerge 5000P

CA Spectrum and CA Performance Center

Oracle Enterprise Manager Ops Center. Ports and Protocols. Ports and Protocols 12c Release 3 ( )

Adobe, Acrobat, and Acrobat Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the U.S. and/or other countries.

CounterACT 7.0 Single CounterACT Appliance

TIBCO LogLogic. HIPAA Compliance Suite Quick Start Guide. Software Release: December Two-Second Advantage

Quick Start Guide. for Installing vnios Software on. VMware Platforms

Panorama PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

WhatsUpGold. v14.2. Getting Started with WhatsUp Gold MSP Edition

WhatsUp Gold 2016 Getting Started Guide

Installing, Uninstalling, and Upgrading Service Monitor

Can You Afford Network Downtime?

WMI syslog management of Windows AD Server V 1.1.2

Configuration Guide. Websense Web Security Solutions Version 7.8.1

AKIPS Network Monitor Installation, Configuration & Upgrade Guide Version 16. AKIPS Pty Ltd

Proof of Concept Guide

IBM Security QRadar Version Common Ports Guide

Deployment Guide. Release March 2011

Installing and Configuring vcenter Multi-Hypervisor Manager

Active Directory Management. Agent Deployment Guide

Transcription:

ANS Monitoring as a Service Customer requirements

Version History Version: 1.0 Date: 29/03/2015 Version Date Summary Of Changes Pages Changed Author 0.1 17/07/15 Initial document created ALL Dale Marshall 0.2 29/07/15 Updated with feedback from CH ALL Chris Hodgson V1 27/08/15 Final document Chris Hodgson ANS Group Reviewers This document has been reviewed by the following ANS Group contacts. Name Role Email Address Chris Hodgson Director of Managed Services Chris.Hodgson@ansgroup.co.uk Dale Marshall Service Delivery Architect Dale.Marshall@ansgroup.co.uk Restriction on Disclosure This data shall not be disclosed in whole or in part to any third party without the express written permission of ANS Group plc. This does not restrict customer from using the data contained herein, provided it is obtained from a source other than ANS Group plc, or is independently developed by the recipient. E. & O. E. throughout the document The Supplier Terms and Conditions are located at http://www.ans.co.uk/site-info/terms-conditions, as currently in force are incorporated into and form part of this Contract. Page 2 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

Contents Version History... 2 1. Overview... 4 2. Solution Architecture... 4 3. Customer Requirements... 5 3.1 Collector Server Specification... 5 3.2 Service Account Configuration... 6 3.3 Cisco Device Configuration... 6 3.4 NetApp Configuration... 6 3.5 VMware Configuration... 6 3.6 Windows Configuration... 7 3.7 SQL Configuration... 7 3.8 Other devices or applications... 7 4. Collector Installation... 7 Appendix A Checklist... 8 Page 3 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

1. Overview The ANS Enterprise Monitoring System (EMS) is an IT Infrastructure monitoring system that enables ANS support to monitor and manage the availability, performance and capacity of customers supported devices. This enables the ANS support team to quickly and proactively detect and diagnose issues within your infrastructure. ANS have teamed up with LogicMonitor to implement industry leading monitoring and deliver the most advanced Enterprise Monitoring System to date with EMS 4.0. EMS 4.0 offers an improved insight into how your network, applications and infrastructure are performing. You will have access to real time and historical information from each device with a 1- Year Historical Data Minimum. The system also features alert escalations and predictive tools, ensuring issues can be caught before they cause an impact to your business. Our customers will have the ability to create private dashboards and personalise your view of the portal to enable you to prioritise the information that is most important to you. EMS 4.0 will feature customisable widgets within the portal including comparison views, custom performance graph and Network Operations Centre Views. The remainder of this document will detail how the system works and what we need from customers in order to install and configure the system. 2. Solution Architecture The EMS 4.0 solution consists of collector servers deployed within the customer s network. The collector uses a range of APIs and protocols (e.g. ICMP, SNMP, WMI, etc) to gather availability, capacity, and performance information for supported devices. This is then encrypted and transmitted through an outgoing SSL connection to LogicMonitor servers in a secure UK datacentre. Alert and performance data is then displayed within the EMS Portal and can generate email or telephone alerts to the ANS service desk. A ReportMagic Server is also installed at ANS. This is used to retrieve data from LogicMonitor and report upon it. Page 4 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

3. Customer Requirements The following requirements need to be met before a collector can be deployed: 3.1 Collector Server Specification The collector server requires a Windows server to run from. It is best practice to use a dedicated server so it is unaffected by maintenance work to other systems or applications. The collector server should meet the following requirements: Windows 2008 or 2012 (physical or virtual) server. If possible please name the server <Customer-Site-EMS01>, e.g. ANS-DC01-EMS01 A minimum of 4GB of RAM. Able to make an outgoing https connection (TLS on port 443) to the LogicMonitor servers (proxies are supported). This can be via standard Internet access or can be locked down to the following: o If DNS names in firewall access control rules are supported: account.logicmonitor.com o appproxy.logicmonitor.com If DNS names in firewall access control rules are not supported 212.118.245.0/24 (UK) 63.251.201.0/24 74.201.65.0/24 69.25.43.0/24 54.193.15.255 54.209.7.170 54.194.232.54 54.254.224.41 The collector must be able to reach all the hosts from which it will be collecting data by the appropriate methods, for example, SNMP, WMI, HTTP, JDBC. For reference those ports are: o ICMP for ping monitoring o 80 for HTTP monitoring o 135 and high ports for WMI o 161 for SNMP o 162 for SNMP traps o 443 for HTTPS o 445 for Perfmon o 1433 for SQL o 1521 for Oracle o 2055 for Netflow o 3306 for MySQL o 22 for Router and Switch Config Backups Minimize network impediments between the collector and the monitored hosts/devices. For example, it should not traverse any NAT (network address translation) gateways to do so. If firewalls or NAT devices are an issue, we recommend you install multiple collectors - one in each security zone. Install at least one collector per physical datacentre if possible. The collector should have reliable time - thus it should have NTP setup or Windows Time Services to synchronize via NTP. If running on a VMware virtual machine, install VMware tools with VMware tools periodic Time Sync disabled. For further information, see this VMware document. The collector should be added into the customer s domain, specifically the domain we will be monitoring any devices in to. Anti-Virus installed on the collector. This can be provided by the customer or ANS can provide a WebRoot Anti-Virus client if required. Please discuss with your Account manager. Page 5 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

Configure Windows Update to automatically download and install updates at 3am every Sunday. 3.2 Service Account Configuration A service account is required to run the collector application and to make WMI connections from the application to any supported Windows devices. ANS recommend the service account is given domain admin level permissions. The customer can enter the username and password during collector installation without ANS seeing it. The username and password specifies never leaves customer site and is not stored on ANS or LogicMonitor Servers. When creating the account please ensure that the Password never expires and User cannot change password options are checked. 3.3 Cisco Device Configuration Cisco Devices are monitored via SNMP. All that is required in order to monitor is an SNMP community string. Please also ensure that any Access Control Lists set up on the devices allow the collector s servers IP address to communicate with the device. EMS 4.0 is also able to backup Cisco device configurations. The collector makes an SSH call to the device to retrieve the current config. To use this functionality please provide ANS with a local admin account for the device. Note: for current EMS v3.0 customers, ANS may already have details of SNMP community strings. 3.4 NetApp Configuration There are two kinds of data collection used on NetApp Filers: SNMP and the NetApp API. For comprehensive monitoring, both must be configured. Please provide ANS with a valid community string configured on the NetApp device in question. To create a new user called ansmonitoring with read-only API access, on your NetApp filers perform these operations: useradmin role add ANSMonitorRole -a api-*,login-http-admin useradmin group add ANSMonitorGroup -r ANSMonitorRole useradmin user add ANSmonitor -g ANSMonitorGroup New password:<secret> Retype new password:<secret> Note: for current EMS v3.0 customers, ANS may already have details of SNMP community strings. 3.5 VMware Configuration EMS 4.0 uses the VMware API to provide comprehensive monitoring of VMware Virtual Center or standalone ESX hosts. All that s required is an account with read-only permissions to the vcenter or ESX host in question. Permissions should be set at the top level vcenter object. Page 6 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

3.6 Windows Configuration As outlined in section 3.2. A service account with sufficient permissions is required in order to monitor Windows devices via WMI. Windows Firewalls also need to allow inbound ICMP, WMI and DCOM requests from the collector server. 3.7 SQL Configuration For the SQL Server Connections checks to function, no specific rights are needed except the ability to connect to the database. Please assign the service account used to set up the collector with this ability. 3.8 Other devices or applications EMS 4.0 has the ability to monitor 1000 s of devices and Services. Please contact your Account Managed for help on other specific systems or applications. 4. Collector Installation When the requirements listed above have been met and the collector server is installed, a member of the ANS monitoring team will make contact to install the collector application software. This can be carried out remotely via WebEx or via any existing remote access solutions. Page 7 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

Appendix A Checklist Collector Server Details Customer Name Site Name Collector Server Name Collector Server IP Address Domain Name Proxy Server Address (if applicable) vcenter or Virtual Machine Manager name that the VM was built in, or of this is a physical server. Anti-virus installed (YES/NO) Domain Username Password SNMP Community String(s) SNMP ACLs configured? Service Account Details Cisco Device Configuration (if applicable) NetApp Configuration (if applicable) SNMP Community String(s) NetApp Read-Only account Username NetApp Read-Only account Password VMware Configuration (if applicable) vcenter Read-Only Account Username vcenter Read-Only Account Password ESXi Host Read-Only Account Username ESXi Host Read-Only Account Password Windows Configuration Windows Firewall configured to allow WMI, DCOM and ICMP from Collector Server IP SQL Configuration Service Account configured with permissions to connect to SQL database? Port 445 enabled on local Windows firewall from Collector IP. Other services (Please detail as required) Page 8 of 8, Issue No: 1 Issue Date: 27/08/2015: CLASSIFIED: CONFIDENTIAL

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information