network information and management infrastructure n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Network Information and Management Infrastructure PowerPoint Presentation
Download Presentation
Network Information and Management Infrastructure

Loading in 2 Seconds...

play fullscreen
1 / 12

Network Information and Management Infrastructure - PowerPoint PPT Presentation


  • 134 Views
  • Uploaded on

Network Information and Management Infrastructure. Igor Mandrichenko, Eileen Berman, Phil DeMar, Maxim Grigoriev, Joe Klemencic, Donna Lamore, Mark Leininger, Don Petravick, Vladimir Podstavkov, Randy Reitz Fermi National Accelerator Laboratory. Challenges of FNAL LAN management.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Network Information and Management Infrastructure' - boyce


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
network information and management infrastructure

Network Information and Management Infrastructure

Igor Mandrichenko, Eileen Berman, Phil DeMar, Maxim Grigoriev, Joe Klemencic, Donna Lamore, Mark Leininger, Don Petravick, Vladimir Podstavkov, Randy Reitz

Fermi National Accelerator Laboratory

CHEP2006

challenges of fnal lan management
Challenges of FNAL LAN management
  • Specifics of FNAL network
    • Large
    • Open, dynamic
    • Exposed
  • Successful network and network security management requires coordinated cooperation of key players:
    • Data Communications
    • Computer Security
    • Users
    • Desktop support

CHEP2006

what is nimi
What is NIMI ?
  • NIMI stands for Network Information and Management Infrastructure
    • Hardware – 2 Linux servers
    • Database with quasi-real time network status data
      • PostgreSQL
    • Network Data Collector
    • Data access and application building framework
      • Python as programming language
      • PostgreSQL as the database solution
      • (Kerberized) SOAP as middleware communication mechanism
      • Kerberos, X509 as authentication mechanisms
      • Zope as Web interface development tool

CHEP2006

big picture
Big Picture

CHEP2006

nimi database
NIMI Database
  • PostgreSQL based
  • Stores network state quasi-realtime data
  • Uses PostgreSQL backup functionality to make backup in 3 locations
    • Another disk on the same server
    • Backup NIMI DB server
    • FNAL CD Backup Server
  • Data is kept since March 2004
  • < 5GB on disk

CHEP2006

nimi collector
NIMI Collector
  • Collects network state information from network devices
  • Stores data in NIMI Database and makes it available to applications
  • Information collected:
    • DHCP leases (quasi-realtime)
    • ARP tables (periodic polls)
    • VPN sessions (periodic polls)
    • Switch forwarding tables (periodic polls)

CHEP2006

nimi based applications
NIMI-Based Applications
  • Network Inventory
    • Up-to-date inventory of network devices and services
  • Scanners
    • Configuration problems
    • Software version monitoring
    • Vulnerabilities
  • TIssue
    • Computer Security Issue Tracking workflow system
    • Fed by scanners

CHEP2006

network inventory
Network Inventory
  • Provides up-to-date information about network devices present on the LAN
  • New node discovery
    • Periodic subnet pings (every 2 minutes)
    • ARP tables (delayed up to 15 minutes)
  • Uses ping scans and ARP tables data for node discovery
  • Collects information about OS version and services found on each computer
    • Most of new nodes scanned within 5 minutes
  • Helps optimize efficiency of other Scanners

CHEP2006

scanners
Scanners
  • Run on Scanner Farm
  • Use data from Inventory Scanner to scan new nodes within 10-20 minutes of their arrival, and then re-scan them in lazy manner as they stay online
  • Three areas:
    • Vulnerabilities (Vulnerability Scanner)
    • System misconfiguration
    • Outdated software
  • Vulnerability Scanner
    • Uses nmap to detect vulnerabilities
  • Scanners supply events for TIssue

CHEP2006

tissue
TIssue
  • Workflow engine used to keep track of security vulnerabilities and network-related issues
  • Provides flexible abstract interface to plug in Detectors (e.g. Scanners)
  • Keeps track of events in detector-independent way
  • Communicates with machine administrators via e-mail and web interface
  • Requests blocks of network addresses as the enforcement tool
  • Zope-based web GUI uses X509 certificates as the authentication mechanism

CHEP2006

advantages of using nimi
Advantages of using NIMI
  • Common data storage easily available to applications
  • Simple modular design of the system
    • Collector – deals with variety of vendor-specific network data
    • Central database
    • APIs
    • Middleware
  • Carefully chosen set of software tools covering all areas of application development
    • PostgreSQL
    • Python
    • SOAP
    • Zope
    • Kerberos, X509

CHEP2006

nimi success story
NIMI: Success Story
  • Recent computer security related events have demonstrated that applications such as TIssue and Inventory Scanner are very reliable, powerful and useful computer security and network management tools
  • NIMI provides building blocks for rapid development of applications like these
  • We continue new application development using NIMI as the framework

CHEP2006