Home Introduction Contact Search Sitemap Raspberry Pi

Network Monitoring
 
News and links
Availability
Projects
Interests
Aviation Calculator

 
 

bulletNetwork monitoring and testing tools

Tivoli and HP Openview NNM interface
I have designed an interface between Tivoli Enterprise Console (TEC10) and HP Openview Network Node Manger. This takes selected HP Openview network events and formats them into a message suitable for display in Tivoli.

Openview NNM object maintenance program.
All too often if a new object fails to be correctly added to HP Openview database in fails silently and analysis of the cause is difficult. I wrote a NNM object maintenance and enquiry program using Perl and standard NNM tools to allow operators to add and maintain objects in the NNM database. This is all done from a web browser.

Internet Lines Monitor
I have also recently produced a system to monitor internet lines based upon Cisco's remote ping. Using SNMP, remote routers are set up to regularly poll internet routers used by the group and their business partners. The current status is displayed in web pages which I wrote using HTML and CGI scripts. The results are forwarded to Cricket(MRTG) to graphically display historic performance data. The system detects failures and generates an event in HP Openview NNM to alert operators along with an optional mail alert. 

ISDN calls monitor
Another major problem was the tracking of backup ISDN calls. I have written a sophisticated system where the calls are logged and analyzed for later display in a Web browser or in a graph. Operational support can easily see the problem calls and the reason. Alarms are sent to HP Openview NNM. This system helps identify network routing problems, line failures, incorrect network monitoring and many more. This is written in Perl.

Arrowpoint load-balancer monitor program
The company uses Arrowpoint load-balancers to provide both load-balancing and redundancy for their e-business and web hosting zones. These devices are monitored by HP Openview but this does not provide a ready status of the of state of the various supported services. I wrote a fairly sophisticated tool to display the current status and system service and redundancy changes. This was written in Perl.

Testing specifications
All pharmaceutical companies are regulated by a number of bodies including the Federal Drug Administration in the USA (FDA) and more recently Sarbanes Oxley. An important aspect of this is the compliance with part 11 of the regulations which cover network performance qualification (GxP Good Lab Practices).  I am currently engaged in designing formal test specifications and production handover procedures for new network centers. These were used during the deployment of over 40 new network centers and end nodes during 2003. More recently I have been involved in testing activities in compliance with Sarbanes-Oxley legislation resulting from the Enron scandal in the United states.

GRE and ipSec VPN tunnel monitor.
The company has a private backbone running over frame relay which they are migrating to MPLS (Multi-Protocol-Label-Switching). They also make widespread use of VPN tunnels using GRE and ipSec. These provide secure connections for both users and LAN to LAN (between office locations). Some of these connections use policy-based routing to offload non-critical business traffic across the internet thus relieving the load on the backbone. If the internet VPN tunnel fails the tunnel flips back over to the backbone. Normal monitoring tools have virtually no capabilities when it comes to monitoring these VPN tunnels. I have written a GRE/ipSec monitoring tool which displays the state of these tunnels and their current routing (Backbone or internet). I will be continuing to help improve monitoring capabilities throughout 2005. I have also written a utility that quickly can establish the status of connections over the internet routing protocol BGP.

Nortel Contivity VPN monitor
Many companies now make use of Virtual Private Networking (VPN's). One of my clients made use of  VPN using PKI tokens and Ace SecurID tokens. The VPN' facility consists of PC based client software and Nortel Contivity VPN  switches. To improve monitoring of these devices I wrote a facility that monitored the periodic heartbeats sent via SNMP traps. The monitoring system (written in Perl and some Korn Shell) detects missing heartbeats and sends both an alarm to HP Openview and an e-mail notification to the operations department. Using the enquiry system the general health of the Contivity switch can be further examined to isolate the fault.

Courses followed
Network centers using IpSec/GRE and BGP.
Cisco MPLS and BGP (Cisco training).
Solsoft security manager.


Back Next
  Copyright 2003 Bob Rathbone. All rights reserved