CAREN CAREN Manager: Zarlyk Jumabek uulu 1-2 OCTOBER 2014 ALMATY, KAZAKHSTAN Copyright 2010 CAREN / Doc ID : PS01102014 / Address : Chui ave, 265a, Bishkek, The Kyrgyz Republic Tel: +996 312 900275 website: http://www.caren-noc.org / Email : support@caren-noc.org Documented by: CAREN TEAM
Network Operation Center / ABOUT ABOUT CAREN Network Operations Centre () services necessary to manage the CAREN network. The CAREN is a single organisation with responsibility for ensuring that all faults on the network are resolved and that customers are kept updated. Any fault that is reported to the CAREN will be owned by the CAREN until its resolution, even in cases where the problem is handed off to another organisation for actual resolution. The CAREN is the first level liaison between NRENs, telecommunication suppliers, CAREN Support Office and DANTE.
Network Operation Center / FUNCTIONS AND SERVICES FUNCTIONS AND SERVICES The CAREN providing mainly Help Desk and support service for NRENs and CAREN partners on a 24x7 basis. Also is operating a network monitoring system that is operational on real-time basis. The system is proactively and reactively (via SNMP polls and traps) monitoring the state and accessibility of all network elements and circuits which go to make up the network. The system is checked by operators who will commence investigations when a fault is detected. In addition, the monitoring system is checking the state of an agreed set of environmental indicators such as temperatures in the routers, and health indicators such as CPU load and memory status. In the event that such indicators fall outside acceptable ranges the CAREN will treat this as a fault. The CAREN is monitoring the IP routing stability of the network, and will identify and resolve possible IP routing mis-configurations. Any advanced services that have entered routine operations will similarly be monitored and maintained. The CAREN is ensuring that the monitoring system performs to the agreed level.
Open source solutions NAGIOS, CACTI, ZABBIX, ZenOSS, NFSEN, SNORT and etc
Open source solutions / NAGIOS What Nagios Provides Plan for infrastructure upgrades before outdated systems cause failures Respond to issues at the first sign of a problem Automatically fix problems when they are detected Coordinate technical team responses Ensure your organization's SLAs are being met Ensure IT infrastructure outages have a minimal effect on your organization's bottom line Monitor your entire infrastructure and business processes
Open source solutions / NAGIOS / How It Works Monitoring IT staff configure Nagios to monitor critical IT infrastructure components, including system metrics, network protocols, applications, services, servers, and network infrastructure. Alerting Nagios sends alerts when critical infrastructure components fail and recover, providing administrators with notice of important events. Alerts can be delivered via email, SMS, or custom script. Response IT staff can acknowledge alerts and begin resolving outages and investigating security alerts immediately. Alerts can be escalated to different groups if alerts are not acknowledged in a timely manner. Reporting Reports provide a historical record of outages, events, notifications, and alert response for later review. Availability reports help ensure your SLAs are being met. Maintenance Scheduled downtime prevents alerts during scheduled maintenance and upgrade windows. Planning Trending and capacity planning graphs and reports allow you to identify necessary infrastructure upgrades before failures occur.
Open source solutions / NAGIOS / Screenshot
Open source solutions / CACTI Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LANsized installations up to complex networks with hundreds of devices.
Open source solutions / CACTI / Screenshot
Open source solutions / CACTI / Screenshot
Open source solutions / NFSEN What is NfSen? NfSen is a graphical web based front end for the nfdump netflow tools. NfSen allows you to: Display your netflow data: Flows, Packets and Bytes using RRD (Round Robin Database). Easily navigate through the netflow data. Process the netflow data within the specified time span. Create history as well as continuous profiles. Set alerts, based on various conditions. Write your own plugins to process netflow data on a regular interval.
Open source solutions / CAREN NetFlow Data Collector CAREN NetFlow Data Collector
Open source solutions / Network Security Hardware based solutions (paid) For our own needs (only for services) we are using hardware based solutions (Cisco ASA and Sonic Wall) Open Source Software based solutions (Free) To analyze research traffic we are using SNORT as an IDS. IPS we not practicing yet. SNORT is now became a part of Cisco Systems. During The Silk Project every Central Asian Countries had CERT trainings and got equipment for CERT by the support of NATO. And each country had formed their own CERT teams and service. Unfortunately due to lack of financial support CERT activities were Stopped.
Open source solutions / Network Security
Open source solutions / Network Security
Open source solutions / Network Security
Open source solutions / Network Security
Network Operation Center / THANKS Thank you for your attention! CAREN ALMATY, 1-2 OCTOBER 2014