Thursday, October 27, 2011

Network Egress Filtering

Today I volunteered to give a quick presentation on the importance of egress filtering to a wonderful group of education IT folks. Below is the slide deck that I used for the presentation for anyone that might find it interesting.


Tuesday, October 18, 2011

NMIS Configuration Part 2

In the previous post I presented a basic how to on configuring the basic notification system for NMIS.  Now I will show how to add network nodes to be monitored by NMIS.  First go to Configuration>System>Nodes.

Configuration>System>Nodes
This will bring up the Nodes listing showing currently configured nodes.  To add a node, click on add to the right of Action on the top right part of the screen.


Once you click Add, you will see the add node screen as shown below.  There are a lot of variables to configure for each node.

  • Name: This is the name of the node and should have no spaces in it.  This must be unique.
  • Name/IP Address:  This is the IP or the FQDN of the node.
  • Group: This is the group in which the node will be displayed.
  • Select Model:  This is the data model that NMIS will use to gather SNMP data from the device.  In most cases automatic works best.
  • Active:  This defines whether the node is currently actively polled.  You can use this set to false to take a group of nodes out of active monitoring without deleting them.
  • Ping: Should NMIS ping the node for availability?
  • Collect:  Should NMIS collect SNMP data from the node?
  • CBQoS:  Should NMIS collect data about Class Based QoS on inbound, outbound, both or none?
  • Modem Calls:  Should NMIS collect data on modem calls (not used often)?
  • Threshold:  Should NMIS run threshold calculations on this node?
  • Rancid: Should the Rancid add in add this node to a rancid configuration file? (I'm not sure if this tool is still supported.)
  • Web Server:  Does this device run a webserver?
  • Net Type:  Is this device WAN or LAN?
  • Role Type:  Is the device core, distribution or access?
  • Depend:  What devices must be up for this device to be up?  This provides NMIS with a way of knowing when not to alert on a node if an upstream node is down.
  • Services: Should NMIS check to make sure certain services are running on the node?
  • Time Zone: What is the time zone offset for the device from GMT?
  • SNMP Settubgs:  What version of SNMP should be used to poll the device and what is the configuration for that version?
When the configuration is complete, click Add and Update node to add the node to the NMIS configuration and tell NMIS to run an initial scan of the host. 


Once the nodes are added, it may take 10-15 minutes for data to start to show up depending on how often the NMIS cron jobs are set to run.  This concludes the basic configuration of NMIS.  There are a lot more nerd nobs in the software, but unfortunately good documentation is not available for the product, especially the newest 8.x versions.  Opmantek has said that documentation is a focus for their team so hopefully it will be coming soon.  In my next post I will discuss how to use NMIS once it is collecting data.

Monday, October 17, 2011

NMIS Configuration Part 1

Since I posted my first article about NMIS, I have had several requests to do a series on how to configure NMIS.  Although I took a break from blogging in September, here is the first in the requested series.


NMIS' configuration is stored in text files in /usr/local/nmis8/conf/ and can be edited by hand.  However, it is highly recommended to use the built in tools to edit the configuration.  The main configuration can be found under Configuration > System > NMIS Configuration.