Nectus installation

Device View Auto Population Rules

, ,

Device View Auto Population Rules

Device View is the logical grouping of the devices that can be used in different places within the Nectus application. In the previous versions of Nectus, the user would manually add devices into device views which may become a significant management overhead.

In Nectus version 1.55 we introduced an ability to automatically populate device views based on specific conditions such as device names, types, etc.

User can define a set of conditions which has to be true for Nectus to automatically add devices to device views.

This article will guide you through the process of defining the auto population rules for device views.

To access your SNMP Device Views go to Inventory Views SNMP Device View

 

 

To add a new Device View, click Create in the upper right hand corner of the SNMP Devices Views page.

 

Give a name to your new Device View.

 

.

Press Save button to finish creation of Device view.

 

Open again newly created device view and in the upper right-hand corner, select Edit Rules.

This will open the Devices View Auto Population Rules page.

 

Select the plus sign to add a new Auto Population Rule.

 

Add all the required Auto-population rules and press Ok button to Save.

If multiple rules are defined all the rules must be TRUE for device to be automatically added. (Logical AND).

Your rules will be processed daily at 3:00 PM.

If you would like to apply your rules immediately, press the Apply Rules button.

 

ClickHouse DB Installation for Nectus Netflow & Syslog Storage

, ,

ClickHouse Database Installation for Nectus Netflow & Syslog Storage

Requirements:

Ubuntu Server 18.04.2 LTS (with SSH access)

NOTE: Although ClickHouse can be installed on several different flavors of Linux, Ubuntu Server 16.04 & 18.04 are the only supported Linux distributions for Nectus at this point.

More information about installation on other OS’s can be found here: https://clickhouse.yandex/docs/en/getting_started/

Step 1

Import the public key:

sudo -E apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv-keys C8F1E19FE0C56BD4

NOTE: It is recommended to import the public key if it’s a fresh Ubuntu install.

Otherwise you may get the following error when adding the repository:

GPG error: http://repo.yandex.ru/clickhouse/deb/stable main/ Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY C8F1E19FE0C56BD4

Optional commands to run:

sudo apt-get install dirmngr # optional

sudo apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv E0C56BD4 # optional

Step 2

Create Clickhouse repository:

sudo apt-add-repository “deb http://repo.yandex.ru/clickhouse/deb/stable/ main/”

Please edit the sources.list file if you receive the following error:

” E: Malformed entry 55 in list file /etc/apt/sources.list”

Delete the entry XX and save/exit the file. Perform the update (and upgrade if you wish):

sudo apt update && sudo apt upgrade

Step 3

Get the packages list for the latest updates and the dependencies:

sudo apt-get update

Step 4

Download and Install the ClickHouse packages:

sudo apt-get install clickhouse-server-common clickhouse-client -y

NOTE: Make sure everything is installed without errors. Please run the following command if there are any errors related to an “unauthenticated package”:

sudo apt-get –allow-unauthenticated install clickhouse-server-common clickhouse-client -y

Step 5

Start the Clickhouse server as a daemon:

sudo service clickhouse-server start

Step 6

Now that we have installed the ClickHouse, it is time to test:

NOTE: TCP ports 8123 & 9000 must be open.

Start the Client:

clickhouse-client

Step 7

Create the Netflow/Syslog database.

In this example we are creating the netflow database named NETFLOW (database name is arbitrary):

clickhouse-client

create database NETFLOW

Step 8

We will now add the Clickhouse internal user “root” with password “nectus” to the Users.xml file located at: /etc/clickhouse-server/users.xml

NOTE: Paste the snippet of the code below starting at line 31 after “<users>” in the users.xml file. You can use vi or nano text editor to edit the file. WinSCP can also be used to accomplish this task. Use the file change owner command if needed “sudo chown -R xxxx users.xml”, where “xxxx” is the user that will take over the ownership of the file.

<root>

<password>nectus</password>

<networks incl=”networks” replace=”replace”>

<ip>::/0</ip>

</networks>

<profile>default</profile>

<quota>default</quota>

</root>

Save the file and exit.

Step 9

Restart the ClickHouse Server:

clickhouse-server restart

Step 10

Now that the ClickHouse Server has been restarted, we can start the ClickHouse client using the internal user that we created in step 8:

clickhouse-client –user default –password nectus

Step 11

We have completed the ClickHouse installation. This last step requires login to Nectus to finish the Netflow/Syslog integration.

Open to “Nectus Settings -> General Settings -> Netflow Integration” page

Enter the required information and click Test DB Connection (Remote Server IP is the IP address of the Ubuntu/ClickHouse server). The result should be “Test DB Connection OK”

Click “Run Integration Scripts” and finally Save.

 

Step 12

Restart Nectus NetFlow and Syslog Services.

Nectus Installation Procedure

,

Nectus Installation Procedure

Server Requirements:   Windows Server 2012 or newer.  8GB of RAM.

1. File Preparation

You start with downloading Nectus Distribution File from www.nectus5.com

Download the ZIP file called Nectus 1.2.51.zip and extract it to a temporary folder.

In the folder you will find two files:

 

Keep the htdocs.zip file compressed. Start installation by launching file Nectus Setup 1.2.51.exe

2. Nectus Installation

Accept the license agreement on the first page.

 

Choose an application installation folder.

 

Choose whether you want Nectus to discover Network devices or not.

 

If you selected “Yes” for the Network Device Discovery, Specify the version of the SNMP Protocol.

 

Then specify SNMP credentials.

 

Specify up to 10 IP Subnets where Nectus will be performing Network Discovery.

 

 

Setup an Administrator account.

 

Then click install, which will automatically complete installation.

 

When the installation Is complete, you will see the following page.

 

After you click Finish, the Nectus login page will come up, where you need to provide the credentials of the admin account you created during Installation.

 

when you log into Nectus you will see a Network Discovery Progress page.

 

Click “OK” to close it.

3. License Generation

Next, the license page will come up.

If you do not have a permanent license ready, Click “Generate Temporary License” button.

 

Complete the “Temporary License” Form and press the “Generate Temporary License” button.

Nectus server must have an Internet access to successfully generate the temporary license.

After temporary license is generated, Nectus is fully operational and ready to be used.

 

Challenges with deploying SNMP v3 based monitoring tools in diverse environments

, ,

One of the biggest challenges with SNMP v3 deployments in diverse environments is a lack of consensus

among hardware manufactures on what set of Privacy Ciphers has to be supported/included in standard SNMP v3 stack.

Even Cisco was unable to unify list of supported v3 Ciphers in different product lines (ASA vs NX-OS vs IOS-XR).

Partially this was caused by the lack of RFC that defined AES-192 and AES-256 implementations  for SNMP v3 but this didn’t stop top-tier hardware

vendors from implementing  those Ciphers internally and partially it was  caused by slow v3 adoption rate that put very low pressure on hardware vendors.

In any case it is very unlikely that you will be able to pick single set of  SNMP v3 Authentication/Encryption parameters that will be supported on all of the devices

in a good sized enterprise network. This results in having to use and support different encryption ciphers in different devices and what most important this

will require your Network monitoring tool to support multiple SNMP profiles based on device type. Your monitoring tool has to discover what SNMP profile

is compatible with each device, “remember” it and only use compatible SNMP parameters when communicating with specific device.

Nectus is the only tool that was built from ground up with support for device specific SNMP profiles and it deploys patented discovery logic that allows it to match

compatible SNMP profile to each device in sub-seconds. Nectus supports up to 1000 SNMP profiles and used by multiple customers with 10K+ routers.

60 days Nectus Trial