SIG-NOC Tools Survey

Similar documents
TF-NOC Software Tools Survey Results: Analysis and Dissemination

Work Item C: NOC tools, interworking/interfacing issues, and automation

Maria Isabel Gandía Carriedo Communications Service Manager, CESCA. 2nd TF-NOC meeting Technology Park Ljubljana,

Monitoring Tools for Network Services and Systems

Introduction to Network Monitoring and Management

Introduction to Network Monitoring and Management

Operation and Technical Best Practice. IXP Automation and Operational Efficiency

TF-NOC Flash presentation. 5 th TF-NOC meeting Dubrovnik, 15 th February GARR Giovanni Cesaroni

Network Monitoring and Management Introduction to Networking Monitoring and Management

Network Management & Monitoring Overview

Network Management & Monitoring Overview

Network Management & Monitoring Overview

Details. Some details on the core concepts:

Network Monitoring and Management Introduction to Networking Monitoring and Management

Robust & Reliable DNS Operations Logging & Monitoring

3. The Task Force will be open to any individual who can offer appropriate expertise, manpower, equipment or services.

Part I: Overview. Core concepts presented:

AfNOG 2010 Network Monitoring and Management Tutorial. Introduction to Networking Monitoring and Management

Work Item C update: NOC tools, interworking/interfacing issues, and automation. Maria Isabel Gandía Carriedo Communications Service Manager, CESCA

Network Monitoring and Management Tutorial: SANOG 2015

Network Monitoring. Review of Software

Operations Management and Open Source Tools

System & Service Operations in CNNIC. September 10, 2013

AMRES NOC Bojan Jakovljević. 8 th TF-NOC meeting, Athens 2013.

Network Documentation & Netdot

How To Manage Ipv6 Networks On A Network With Ipvv6 (Ipv6) On A Pc Or Ipv4 (Ip6) (Ip V6) Or Ip V6 ( Ipv5) ( Ip V5

Modern Web development and operations practices. Grig Gheorghiu VP Tech Operations Nasty Gal

Zabbix 1.8 Network Monitoring

CAREN NOC MONITORING AND SECURITY

Operations Management Network Monitoring and Management

Network monitoring systems & tools

Network Monitoring. Lance Rea. Davis & Gilbert LLP lrea@dglaw.com

Introduction to perfsonar

GRNET NOC network monitoring & visualization tools

IPv6 network management. ATHENS 2005 Simon MUYAL

TF-NOC survey (tools and services)

Chapter 6.2: Network Management

The Check_MK monitoring system. Open Source Days 2016, Copenhagen Speaker: Troels Arvin Slides:

IPv6 network management

Grids & networks monitoring - practical approach

OpenITSM - IT Service Management with Open Source Software

IPv6 network management. Malta, April 2006

perfsonar MDM release Product Brief

OpenITSM - IT Service Management with Open Source Software

Summer Webinar Series Network Monitoring Probe Virtual Appliance

Результат запроса: Cacti weathermap

Network Monitoring. By: Delbert Thompson Network & Network Security Supervisor Basin Electric Power Cooperative

New features and highlights

Instructions for Access to Summary Traffic Data by GÉANT Partners and other Organisations

USING OPEN SOURCE SOFTWARE IN DAILY ISP OPERATIONS

DDoS Mitigation Techniques

The use of SNMP and other network management tools in UNINETT. Arne Øslebø March 4, 2014

Systems Management with Open Source

Deliverable DS4.3.2: Report on Development Infrastructure Usage and Adoption

Network and Server Statistics Using Cacti

Best Practices on Campus Network Monitoring. Ljubljana, October Vidar Faltinsen, UNINETT

Monitoring backbone networks

GitLab as an Alternative Development Platform for Github.com

Network and Server Statistics Using Cacti

IPv6 network management. Where and when?

Network performance overview. TEIN2 Bangkok September 2005

ITIL best practices at CC-IN2P3 NCSA / CCIN2P3 video conference on January 22nd, 2016 Frederic.Azevedo@cc.in2p3.fr

RATIONALIZING THE MULTI-TOOL ENVIRONMENT

IPv6 network management. 6DEPLOY. IPv6 Deployment and Support

Get Your FIX: Flow Information export Analysis and Visualization

Software Defined RON TROMPERT

How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik nino.ciurleo@garr.it

NetEye Release Notes Version 3.5

Mule Enterprise Service Bus (ESB) Hosting

TPAf KTl Pen source. System Monitoring. Zenoss Core 3.x Network and

Digital Industries Trailblazer Apprenticeship. Network Engineer - Occupational Brief

Beginning in 2007 and, for the following five years, Open Source Software (OSS)

A TYPICAL TELECOMMUNICATIONS NOC (an overview) Prepared by: Bode A. Oladipo

Reference Data and Large-Scale Network Management Automation

Network Monitoring. Sebastian Büttrich, NSRC / IT University of Copenhagen Last edit: February 2012, ICTP Trieste

A New Approach to Network Visibility at UBC. Presented by the Network Management Centre and Wireless Infrastructure Teams

APAN Backbone Network Operation

Migration to Zabbix. By Erik Skytthe, DBC, Denmark

IPv6 network management. 6DEPLOY. IPv6 Deployment and Support

A SURVEY ON AUTOMATED SERVER MONITORING

NETWORK MANAGEMENT SYSTEM SELECTION PROCESS 10 th TF-NOC Meeting - Cambridge

Free Network Monitoring Software for Small Networks

Infrastructure for active and passive measurements at 10Gbps and beyond

Proposal for a perfsonar Multi Domain Monitoring Service for LHCOPN

voopix Building the Educa4onal VoIP Cloud in Croa4a

Request For Proposal (RFP) Issued by FIRST.Org, Inc. INFRASTRUCTURE TECHNOLOGY SERVICES

MeritPresentationHandout

A new Service Activity: SA6 In support of European collaboration

How To Use Elasticsearch

mbits Network Operations Centrec

The Campus NMS tool NAV GN3 Network monitoring workshop Belgrade, 20th October 2009 Morten Brekkevold

Service Quality Analytics and Visualizations. SLA Suite

iphouse has chosen LogicMonitor to offer a Software as a Service (SaaS) monitoring solution.

TELCO challenge: Learning and managing the network behavior

Investor Newsletter. Storage Made Easy Cloud Appliance High Availability Options WHAT IS THE CLOUD APPLIANCE?

PCISS-1. Job Description: Key Responsibilities: I. Perform troubleshooting& support:

Newton Linux User Group Graphing SNMP with Cacti and RRDtool

SCF/FEF Evaluation of Nagios and Zabbix Monitoring Systems. Ed Simmonds and Jason Harrington 7/20/2009

Best of Breed of an ITIL based IT Monitoring. The System Management strategy of NetEye

Cheap and efficient anti-ddos solution

Transcription:

SIG-NOC Tools Survey What software tools R&E Network Operations Centres use June 2016 Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 1

Table of Contents 1. Introduction... 3 2. Survey Participants... 3 3. NOC Functions... 4 4. NOC Tools... 6 4.1. Monitoring... 6 4.2. Problem Management... 8 4.3. Ticketing... 9 4.4. Performance Management... 10 4.5. Reporting and Statistics... 11 4.6. Configuration Management and Backup... 12 4.7. Communication, Coordination and Chat... 13 4.8. Knowledge Management and Documentation... 14 4.9. Change Management... 15 4.10. Out-of-band Access Management... 16 4.11. Security Management... 17 4.12. Inventory Management... 18 4.13. DDoS Mitigation... 19 4.14. Resources Management... 20 4.15. Data Aggregation, Representation and Visualisation... 21 5. Standards and trainings... 22 6. Conclusions... 25 7. Acknowledgement... 25 8. References... 25 Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 2

1. Introduction The Special Interest Group Network Operations Centres (SIG-NOC) is a community effort [1] initiated by the National Research and Education Network organisations (NRENs) gathered under the GÉANT association in Europe. SIG-NOC creates an open forum where experts from the GÉANT Community and beyond exchange information, knowledge, ideas and best practices about specific technical or other areas of business relevant to the research and education networking community. SIG-NOC is the successor of the former TERENA Task Force on NOCs (TF-NOC). TF-NOC completed and published its first NOC Survey by December 2011 [2]. That survey had a wider scope covering the NOCs taxonomy, structures, resources, tools and other aspects. Towards the end of 2015, SIG-NOC decided to repeat only the NOC tools related part, because it was realised that the tools and techniques used by the NOCs had progressed a lot since the last survey. In the second NOC Tools Survey covered in this report, information about the software tools that NOCs use to operate networks and services was collected between December 2015 and February 2016. One section was dedicated to the adoption of standards and industry best practices as well as training activities. Since the survey was mainly focusing on tools and operation practices it was recommended to be filled out by someone who has an overview of the whole NOC s operations. The results of the survey are summarised in this report. The anonymised survey data is also available on the SIG-NOC home page [1] in MS Excel format (i.e. raw data and zoomable graphs) for further analysis. 2. Survey Participants We received 78 individual responses to the survey of which 64 were valid and fully or partly complete. It represents a much better turn out compared to the first survey in 2011, where we were able to analyse only 43 responses. Chart 1 shows the type and range of networks that participated in the survey. We got more coverage in each category. This is partly due to the fact that the SIG-NOC group has been growing and able to reach out to more operators, but it could also be caused by the fact that the same NOCs are covering more and more networks, services and functionalities. The numbers of national research and education networks, campus networks, and Internet Exchanges clearly stand out, compared to the results in 2011. Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 3

Type (range) of the network that your organization is responsible for 45 40 35 30 25 20 15 10 5 0 41 25 National research and education network (NREN) 18 15 Regional, metropolitan network 13 13 11 Wide area network, among several countries 8 Specific research network (any range) 24 6 Campus, university network 4 Commercial network, ISP (any range) February 2016 December 2011 10 3 2 3 1 Internet Exchange operator (any size) Other (please specify) Chart 1. Type (range) of networks answering the survey In 2016, the other category included datacentre, cross-border fibre and e-government network operators as special types. 3. NOC Functions The survey covered 15 functions that the NOCs may be responsible for. Table 1 lists all the functions in the order of their importance as rated by the respondents. In comparison to 2011, the relevance of problem management, performance management, configuration management, change management and DDoS mitigations have grown significantly. The importance of monitoring stayed constantly high, while resources management is often covered outside of the NOCs. December 2011 February 2016 Trend Monitoring Monitoring 0 Ticketing Problem Management +5 Reporting and Statistics Ticketing -1 Communication, Coordination and Chat Performance Management +4 Knowledge Management and Documentation Reporting and Statistics -2 Out-of-band Access Management Configuration Management and Backup +3 Problem Management Communication, Coordination and Chat -3 Performance Management Knowledge Management and Documentation -3 Configuration Management and Backup Change Management +3 Inventory Management Out-of-band Access Management -4 Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 4

Security Management Security Management 0 Change Management Inventory Management -2 Data Aggregation, Representation, Visualization DDoS Mitigation +2 Resources Management Resources Management 0 DDoS Mitigation Data Aggregation, Representation, Visualisation -2 Table 1. Comparison of NOC functions The 2015 data is also depicted in Chart 2. The functions in the first 9 columns (from monitoring to change management) are covered by more than 60% of the NOCs that responded to the survey. Responsibilities and functions of the NOC 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Yes No Skipped Chart 2. NOCs responsible for the particular functions Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 5

4. NOC Tools In this chapter, the various software tools used to fulfil the particular functions are shown rated by their importance and quality: horizontally the importance, vertically the ratings are depicted. The larger the circle the more the answers that we got regarding the particular tool. The smaller circles represent some tools that may be below or above average, but bear in mind that this is based on the opinion of a smaller set of respondents only. We suggest to take into account the bigger circles or the ones with the same/similar relative sizes in any comparison. 4.1. Monitoring Monitoring 5 4.5 4 3.5 3 2.5 2 1.5 1 ZINO WEATHERMAP SNMP OPENVIEW NETFLOW NAGIOS SYSLOG CACTI ICINGA NFDUMP MRTG RIPE RIS / BGPlay OBSERVIUM RIPE LOOKING-GLASS Atlas SMOKEPING / Stats NFSEN LOGGING SPECTRUM RANCID ZENOSS PERFSONAR INTERMAPPER CRICKET 1 1.5 2 2.5 3 3.5 4 4.5 SYSLOG SNMP NETFLOW CACTI NAGIOS LOOKING-GLASS RIPE Atlas / Stats WEATHERMAP MRTG LOGGING NFSEN RANCID SMOKEPING PERFSONAR Chart 3. Software tools used for monitoring SYSLOG is the preferred way to gather the information from the equipment, closely followed by SNMP and NETFLOW. The best rated tools are the same as in 2011: CACTI and NAGIOS. ZINO has got a high rating but its importance is less and it is not used by that many NOCs. For instance, PERFSONAR and RIPE Atlas are in the same size and importance, and the quality of the later is rated higher by the NOCs. Table 2 below lists some of the other tools and in-house developed solutions not included in the survey. Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 6

Other tools: Zabbix (4) Munin (3) CheckMK (2) AS-Stats LibreNMS CENTREON Swatch Ciena OneControl IBM Tivoli NAV Netdisco Net-minder Speedtest Puppet Racktables Patchmanager Splunk Network Polygraph NMS from DWDM vendors In-house developed GINS (GARR Integrated Networking Suite) minemon (ICMP and BGP session checks, perl-based) NAV developed by UNINETT Rancid frontend MRTG front-end, Netflow analyser Service availability overview: RRDtool FTAS, G3 by CESNET SMARTxAC Turbo Krt ViaIpe: a distributed cacti+smokeping on a georeferenced interface by RNP Table 2. Other tools and in-house developed solutions for monitoring Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 7

4.2. Problem Management 5 Problem Management 4.5 4 3.5 3 2.5 2 1.5 1 NAGIOS ELK REQUEST stack TRACKER RIPE Atlas RIS / BGplay / Stats NLNOG RING SPLUNK OTRS ZABBIX ZINO 1 1.5 2 2.5 3 3.5 4 4.5 NAGIOS REQUEST TRACKER RIPE Atlas / Stats OTRS RIPE RIS / BGplay SPLUNK NLNOG RING ZABBIX ELK stack ZINO Chart 4. Software tools used for problem management NAGIOS, REQUEST TRACKER and ELK Stack are rated the highest with relatively high importance although ELK Stack is not used by that many NOCs. There are a few good tools that are useful for problem management but less important, such as RIPE Atlas and RIPE RIS/BGplay. Other tools: JIRA (3) Kibana HP Openview SpiceWorks Observium Munin TTS Syslog-analyzer, alarm features on CheckMK and MRTG GN6, based on Ofbiz RT integration with Zenoss and Customer - link database Table 3. Other tools and in-house developed solutions for problem management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 8

4.3. Ticketing Ticketing 5.00 4.50 4.00 3.50 SERVICE NOW JIRA REQUEST TRACKER OTRS REQUEST TRACKER 3.00 2.50 ARS (Remedy) OTRS JIRA ARS (Remedy) 2.00 SERVICE NOW 1.50 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 5. Software tools used for ticketing REQEST TRACKER, OTRS and JIRA are in this exact order in terms of importance, quality and use. SERVICE NOW is rated highly, but only in a small sample and it s not primarily for ticketing. Other tools: MANTIS Bug Tracker TRAC HP Openview Service Desk VC4 IMS Clocking SpiceWorks GLPI TTS (2) GN6, based on OfBiz ticketing for drupal Table 4. Other tools and in-house developed solutions for ticketing Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 9

4.4. Performance Management Performance Management 5.00 ZINO 4.50 IPERF WIRESHARK BWCTL 4.00 MRTG PERFSONAR SMOKEPING NDT 3.50 RIPE Atlas NLNOG RING tools 3.00 HADES 2.50 2.00 1.50 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 IPERF WIRESHARK MRTG PERFSONAR SMOKEPING RIPE Atlas NDT BWCTL NLNOG RING tools HADES ZINO Chart 6. Software tools used for performance management IPERF, WIRESHARK, MRTG and SMOKEPING are the most important tools. ZINO has got a high rating but only on a small sample. Other tools: Mgen (2) RRD Spirent appliances Speedtest NAV BWM, Live BWM by CARnet Threshold alarming in MRTG and CheckMK Table 5. Other tools and in-house developed solutions for performance management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 10

4.5. Reporting and Statistics 5.00 Reporting and Statistics 4.50 4.00 ARBOR SPLUNK CACTI CA SPECTRUM ZENOSS MRTG NAGIOS 3.50 GRAFANA MUNIN NFSEN ZINO 3.00 2.50 2.00 TABLEAU 1.50 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 CACTI MRTG NAGIOS NFSEN GRAFANA MUNIN ARBOR SPLUNK ZENOSS ZINO CA SPECTRUM TABLEAU Chart 7. Software tools used for reporting and statistics CACTI, NAGIOS and MRTG stand out, but most of the tools are very close to each other in terms of importance and quality. Other tools: RequestTracker (2) Zabbix (2) Kibana LibreNMS Torrus RRDtool infovista sanet Grafana is included in NAV, NFDump and manual analysis GINS SNMP stats export, Netflow stats Pinger tool with added extensions, Nagios extensions Table 6. Other tools and in-house developed solutions for reporting and statistics Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 11

4.6. Configuration Management and Backup 5.00 Configuration Management and Backup 4.50 4.00 3.50 3.00 OXIDIZED 2.50 2.00 IMS 1.50 Git RANCID SUBVERSION CVS RANCID Git SUBVERSION CVS IMS OXIDIZED 1.00 0.00 0.50 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 8. Software tools used for configuration management and backup Git, RANCID, SUBVERSION and CVS are the popular tools, the others were not rated as important. Other tools: RCS (4) CA Spectrum and FTP server Puppet Backuppc etckeeper Racktables Patchmanager Ciena NMS SCCS veeam imc Rancid-like tools GN6, based on OfBiz Table 7. Other tools and in-house developed solutions for configuration management and backup Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 12

4.7. Communication, Coordination and Chat 5.00 Communication, Coordination and Chat 4.50 4.00 JABBER SLACK WIKI Mobile WHATSAPP E-mail SKYPEIRC IM MAILING LISTS 3.50 Landline TWITTER 3.00 2.50 2.00 1.50 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 E-mail MAILING LISTS WIKI SKYPE Mobile JABBER IM TWITTER Landline WHATSAPP IRC SLACK Chart 9. Software tools used for communication, coordination and chat Interestingly traditional communication and new social tools are considered almost equally good. However, e-mail, mailing lists and mobile phone are still the most important tools. Other tools: Asterisk Kamailio CalDav ServiceInfo (webbased sender for mailing lists) SharePoint N/A Table 8. Other tools and in-house developed solutions for communication, coordination and chat Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 13

4.8. Knowledge Management and Documentation 5.00 Knowledge Management and Documentation 4.50 4.00 3.50 3.00 2.50 2.00 1.50 CONFLUENCE MEDIAWIKI DOCUWIKI WIKI Cloud storage* REQUEST TRACKER SHAREPOINT OTRS WIKI Cloud storage* REQUEST TRACKER MEDIAWIKI CONFLUENCE DOCUWIKI SHAREPOINT OTRS 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 10. Software tools used for knowledge management and documentation Wiki platforms are considered the best for many users. Confluence has go the highest rating with slightly less users. Different cloud storage solutions are used by many NOCs, but their importance is relatively low. Other tools: MoinMoin Wiki TRACwiki TiddlyWiki FosWiki Drupal CMS File server Subversion Plone owncloud SURFdrive OneDrive Home-grown inventory / CMDB system (KIND) Database (GIS) Comunitats, based on Plone Table 9. Other tools and in-house developed solutions for knowledge management and documentation Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 14

4.9. Change Management 5.00 Change Management 4.50 4.00 3.50 3.00 CONFLUENCE REQUEST TRACKER OTRS JIRA REQUEST TRACKER OTRS 2.50 JIRA CONFLUENCE 2.00 1.50 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 11. Software tools used for change management REQUEST TRACKER is the most important and highly used tool for change management followed by JIRA and OTRS. Other tools: Redmine gitlab Racktables Patchmanager HP Openview Service Desk pymetric Wiki GN6, based on OfBiz In house Change Request generator ticketing for drupal Table 10. Other tools and in-house developed solutions for change management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 15

4.10. Out-of-band Access Management 5.00 Out-of-band Access Management 4.50 4.00 3.50 3.00 2.50 2.00 1.50 CONSOLE SERVER DRAC ADSL HP ILO KVM Landline (not the hypervisor) Mobile tech CONSOLE SERVER ADSL DRAC HP ILO Landline KVM (not the hypervisor) Mobile tech 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 12. Software tools used for out-of-band access management CONSOLE SERVER is felt to be the most highly rated and important solution. Other tools: ISDN (2) DWDM OSC we currently use POTS for access, but want to move away from that N/A Table 11. Other tools and in-house developed solutions for out-of-band access Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 16

4.11. Security Management 5.00 Security Management 4.50 4.00 3.50 3.00 2.50 2.00 1.50 BGMON FIREWALL ACL FREERADIUS RSA Software TACACS+ REQUEST RADIATOR TRACKER KERBEROS FIREWALL ACL FREERADIUS REQUEST TRACKER TACACS+ BGMON RADIATOR KERBEROS RSA Software 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 13. Software tools used for security management Firewalls and ACLs are used by almost all the institutions who answered this question. BGPmon is highly rated, but not used by so many NOCs. Other tools: FirewallBuilder (2) RTIR Netflow analyzer N/A Table 12. Other tools and in-house developed solutions for security management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 17

4.12. Inventory Management 5.00 Inventory Management 4.50 4.00 3.50 3.00 2.50 2.00 RANCID EXCEL WIKI EXCEL RANCID WIKI IMS 1.50 1.00 IMS 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 14. Software tools used for inventory management Almost all the listed tools are in the same quality and importance range however not primarily designed for proper inventory management. Better tools are listed in Table 13. Other tools: RackTables (2) IIR (2) Patchmanager HP Openview Service Desk HP Openview NNM KIND (home-grown inventory/ CMDB) tool based on SNMP, RANCID, Apache & MySQL CMT GarrDB MySQL + Perl + lots of text GIS Database Ciena NMS filemaker netdisco Observium inventory PHP based GN6, based on OfBiz home-grown databaseapplication Asset Database Grejp own database tool Table 13. Other tools and in-house developed solutions for inventory management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 18

4.13. DDoS Mitigation DDoD Mitigation 5.00 4.50 4.00 3.50 3.00 2.50 2.00 1.50 FLOWSPEC ARBOR Firewall on Demand UTRS Blackholing AKAMAI Solutions ACL RATE-LIMITING Traffic-washing ACL Blackholing RATE-LIMITING Firewall on Demand FLOWSPEC ARBOR Traffic-washing AKAMAI Solutions UTRS 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 15. Software tools used for DDoS mitigation FLOWSPEC, ARBOR and Firewall on Demand are highly rated tools in general, but most of the NOCs use Blackholing and ACLs. Other tools: Fastnetmon DDoS detection and traffic washers Table 14. Other tools and in-house developed solutions for DDoS mitigations Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 19

4.14. Resources Management 5.00 Resources Management 4.50 4.00 VISIO VISIO 3.50 3.00 6CONNECT CONFLUENCE WIKI EXCEL EXCEL WIKI CONFLUENCE 2.50 6CONNECT IPPlan 2.00 INFOBLOX BLUECAT IPPlan INFOBLOX 1.50 BLUECAT 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 16. Software tools used for resources management VISO, Wiki and Excel are the commonly used tools for resources management although this function is often considered outside the remit of the NOC. Other tools: Racktables (4) omnigraffle (2) Commercial GIS application vi, flat files, rcs, scripts Network Inventory Plaintext-files GestioIP HP Openview Service Desk phpipam KIND (home-grown inventory/ CMDB) Web pages using PHP IPAM Resources Management: Web-based list of networks and router-interfaces GIS Database BDcom database home-grown database application Table 15. Other tools and in-house developed solutions for inventory management Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 20

4.15. Data Aggregation, Representation and Visualisation 5.00 Data Aggregation, Representation and Visualisation 4.50 4.00 3.50 3.00 2.50 2.00 1.50 ELASTICSEARCH LOGSTASH SPLUNK KIBANA CACTI WEATHERMAP CACTI WEATHERMAP ELASTICSEARCH LOGSTASH KIBANA SPLUNK 1.00 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Chart 17. Software tools used for data aggregation, representation and visualisation CACTI, WEATHERMAP and ELASTICSEARCH are the most important tools: their qualities are almost the same. Other tools: MRTG, Tivoli maps, Juniper RIM Zino Zenoss CheckMK Observium N/A Table 16. Other tools and in-house developed solutions for data aggregation, representation and visualisation Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 21

5. Standards and trainings As part of the survey, SIG-NOC wanted to figure out the level of adoption by the NOCs of the various standards and industry best practice-based procedures and methodologies. These results will serve as an input to the NOC training development exercise that SIG-NOC intends to carry out later in 2016. Chart 18 shows the various standard adoptions. The ISO 27001 Information Security Management standard has been implemented by 23.5% of the respondents somewhere in 60 to 100% completeness. On the other hand, 47% of the respondents have not yet started implementing ISO 27001 standard at all. ISO 27000 is part of a growing family of ISO/IEC Information Security Management Systems (ISMS) standards, but its level of adoptions is not that significant. ITIL is not a standard but a set of industry best practices therefore it provides some room for implementation that is happening at many NOCs. About 80% of NOCs started to comply with ITIL recommendations, about one third of them are in 5 to 30% and another one third of them are in 30 to 60%. It represents a real take up and transitional path towards ITIL based operations. Estimated level of adoption of the given standard or methodology at the NOC NONE 0.5 0.45 0.4 60-100% 0.35 0.3 0.25 0.2 0.15 0.1 0.05 0 5-10% ISO ISO 20000 ISO 27001 etom ITIL NITS FIPS 30-60% 10-30% Chart 18. Estimated level of adoption of the given standards and methodologies Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 22

There was a question about the various internal trainings that the NOCs offer to their employees. Regarding the same set of standards and methodologies above, ITIL training yet again stands out a little, but in general it can be seen on Chart 19 that an average NOC person is not necessarily certified or trained fully to understand all the context and details of these standards and methodologies. They are just expected to follow the procedures relevant to them. Percentage of the NOC people certified or trained 0-10% 0.5 0.45 0.4 60-100% 0.35 0.3 0.25 0.2 0.15 0.1 0.05 0 10-30% ISO ISO 20000 ISO 27001 etom ITIL NITS FIPS 30-60% Chart 19. Percentage of NOC people certified or trained In conclusion, it can be said that there is an opportunity for SIG-NOC to develop a training programme primarily based on ITIL best practices that can be extended and applied to specific NREN NOC scenarios and provide that training to the GÉANT NOC community and beyond. The various training opportunities provided by NOCs to their people are listed in Table 17. Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 23

General/Procedural trainings Tool/Technology specific trainings Seminars, improvement courses Mixed in-house training Transmission training Crisis and communication training On the job training General technical training: Coursera MOOC We train our NOC members by: o having generic documentation o having specific documentation for our networks and/or customers o going on site to work with them o letting them come to our site for them to work with us o inviting them when the NREN technical staff is trained for a product / technology that is useful for the NOC Internal procedures walkthrough and working together with an older member ( shadowing ) Initial training to practical NOC duties. In-house training on relevant topics at random intervals (rarely) In-house. Many procedures are described in Dokuwiki and the rest is practice. ITIL foundations Network Auditing English language training Basic, in house, NOC training. Fibre safety. Data centre design/management. Troubleshooting. No standard trainings. Most is learning by doing with the background of long-year experience with most of the staff-members. Usually training on the job from the vendor when installing new equipment; in-house studies and workshops DWDM / optical management Juniper training Vendor related training: Juniper, Fortigate, Cumulus Dedicated courses on specific equipment (for instance Alcatel, Cisco, etc.), CCNA, Linux certification LPIC, RIPE NCC trainings CCNA, CCNP, MikroTik academy, different in-house trainings We do attend Juniper/Cisco/Alcatel education when appropriate Table 17. List of training opportunities that NOCs provide to their people Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 24

6. Conclusions As is evident, the range of tools in use across the NOCs who responded the survey is extremely wide. This report explicitly does not attempt to draw any conclusions on which tools are best. However it should be helpful in determining which tools are most commonly used and therefore likely have a healthy community around them. It also illustrates situations where tools are widely used, but perhaps not as widely found to be useful. While further conclusions are left to the reader; should this survey report raise any questions with you, then please engage with the SIG-NOC community [1] to find discussion and answers. 7. Acknowledgement SIG-NOC acknowledges the contributions of all the organisations and their NOCs who participated in the survey and extends its special thanks to the SIG-NOC Steering Committee members: Brian Nisbet (HEAnet), Maria Isabel Gandía Carriedo (CSUC), Jonny Lundin (NORDUnet) and Pieter Hanssens (Belnet). 8. References [1] GÉANT SIG-NOC home page https://wiki.geant.org/display/signoc/ [2] First NOC Survey 2012 https://www.terena.org/activities/tf-noc/survey.html Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 25

www.geant.org Parts of this document may be freely copied, unaltered, provided that the original source is acknowledged and the copyright preserved. 26

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information