How to Implement Device View Restrictions in Nectus

,

In this chapter, you’ll learn how to implement User Group based Device Access Restrictions with the help of Device Views. By assigning one of these Views to a User Group, you control which Devices the Users in that Group can see.

Implementing Device View restrictions allows members of User Groups to focus on only those devices that are relevant to their work. For example, if your company has three facilities, you might create one View for each facility, showing only the servers that are physically located at that facility.

The specific topics we will cover in this chapter are:

  1. Creating a Device View
  2. Creating a User Group
  3. Applying the Device View to the User Group
  4. Creating a User Account and Assigning it to the User Group
  5. Viewing the Results of Applying Access Restrictions

1. Creating a Device View

To create a Device View go to the Nectus Home Screen and select Inventory -> Views -> SNMP Device Views.

This opens the “SNMP Devices Views” dialog box.

Click the Add View button to open the “Add SNMP Devices View” dialog box. Create the new View by entering a View Name and adding Devices to the “Selected SNMP Device” list.

2. Creating a User Group

To create a new User Group go to the Nectus Home Screen and select Settings -> Admin Accounts.

This opens the “Admin Accounts” dialog box. Select the User Groups tab.

Click Add New Group to open the “Add Group” dialog box. Enter the Group Name and make any changes necessary for the GUI and Context Menu tabs.

3. Applying the Device View to the User Group

Select the Views tab. Select the Device View in the “SNMP Devices Views” drop-down list.

4. Creating a User Account and Assigning it to the User Group

Return to the “Admin Accounts” dialog box. Select the User List tab.

Click Add New Account to open the “Add Account” dialog box. Enter the required information for the User and select the User Group in the “Group” drop-down list.

5. Results of Applying the Access Restrictions

Applying the Device View to the User Group results in Access Restrictions for the Users in that Group.

When a User from that group views the SNMP Devices Pane on the Nectus Home Screen, he can only see the Devices that were included in the Device View.

When the User views the Sites pane, he can only see the Sites that contain Devices included in the Device View.

Setting up AWS permissions to perform monitoring and backup with Nectus

,

Nectus AWS monitoring does not require root user permissions to performs it’s actions. Actually it requires a small set of permissions, so it’s more secure and reasonable to have a special AWS user’s account having that minimal set of grants. This guide will show to create such user’s account.

First login to the AWS console as a root user and choose IAM from the list of Services.

When you see the following form, choose Users.

Then select “Add user” on the following screen.

Enter user name and enable “programmatic access” in the next form.

Select “Attach existing policies directly” and then enable following 3 policies:

  • AmazonEC2FullAccess
  • CloudWatchActionsEC2Access
  • CloudWatchReadOnlyAccess

They could be found using “Filter policies” field.

After that click “Next: Review” button and you’ll see the following screen. Click “Create User” button.

If everything is OK and the user was created in AWS then the following form will appear. You should store Access key ID and Secret access key of the user since they are required by Nectus Monitoring. Click “Download .csv” and store this file. Also you can click “Show” to display the secret access key on the screen.

Last step is integrating AWS user’s access keys into Nectus Monitoring. Select Settings -> General Settings -> AWS integration in the Nectus GUI.

In the following form paste Access Key ID and Secret Access Key copied from AWS console (or from downloaded .csv-file).

Click OK to save the changes and Nectus is ready to perform AWS monitoring and backup.

Creating User Accounts and User Groups

,

Creating User Accounts and User Groups

In this chapter, you’ll learn how to create User Accounts and assign them to User Groups. You’ll also learn how to create User Groups and set their Access Rights.

The specific topics we will cover in this chapter are:

  1. Creating User Accounts
  2. Creating User Groups
  3. Setting User Group Access Rights

1. Creating User Accounts

Every Administrator should have their own User Account. To create a new User Account go to the Nectus Home Screen and select Settings -> Admin Accounts.

This opens the “Admin Accounts” dialog box.

 

Select the User List tab and click Add New Account to open the “Add Account” dialog box.

Enter the information for the user. Fields marked with an asterisk ( * ) are required. The group you assign determines the User’s Access Rights. You can assign the User to an existing Group, or create a new Group.

2. Creating User Groups

To create a User Group return to the “Admin Accounts” dialog box and select the User Groups tab.

Click Add New Group to open the “Add Group” dialog box and enter a Group Name.

Note that you can use the icons to the right of the Group Names to edit or delete an existing User Group.

3. Setting User Group Access Rights

Select the Group’s Access Rights from the drop-down list. Selecting “Read Only” or “Read / Write” rights sets all the GUI and Context Menu options to those values.

Selecting “Custom” rights allows you to set each GUI and Context Menu item individually. The options are “Read Only”, “Read / Write”, and “Hide”.

Select the Views tab to specify which views the User can see.

The drop-down list next to each view lists the items that will appear for that view. Setting “SNMP Devices Views” to “Cisco” for example causes only Cisco devices to appear in the SNMP Devices section or the Sites Section.

You can also designate the User Group as a “Super Admin.” Your installation must always have at least one Super Admin Group to ensure that Users have access to the system.

Tracking Objects in Wireless Networks

, ,

Troubleshooting of any wireless problems usually starts with determination of specific Access Point where client is currently associated with and tracking wireless client’s roaming behavior in time.

Access Point detection helps to understand current RSSI levels at given selected channel and presence of alternative AP at the client’s location.

Nectus provides basic tools that make locating and tracking wireless objects an easy task.

The specific topics we will cover in this chapter are:

  1. Using the Wireless Client Search Tool
  2. Using the Wireless Client Tracking Tool

1. Using the Wireless Client Search Tool

The Wireless Client Search tool shows you which access point (AP) a Wireless Client is connected to right now. To use Wireless Client Search go to the Nectus Home Screen and select Tools -> Wireless Tools -> Wireless Client Search.

This opens the “Wireless Client Search” dialog box.

Search for the wireless object by entering all or part of the Client MAC Address, IP Address, or Username. Set the Search Scope by checking any of the supported Wireless Controller types.

The search returns any matching objects in a table.

Click the MAC Address of the object to see all the Basic information the system has about that object.

Click the Client RSSI Info tab to see the RSSI (Received Signal Strength Indication) for every access point the object can detect.

2. Using the Wireless MAC Tracking Tool

The Wireless MAC Tracking tool is useful for troubleshooting intermittent problems. It uses the object’s MAC address to record which AP the object is connected to over a period of time. To use Wireless Client Search go to the Nectus Home Screen and select Tools -> Wireless Tools -> Wireless MAC Tracking.

This opens the “Wireless MAC Tracking” dialog box.

Click Add to begin tracking a MAC Address.

Enter the MAC Address you want to track, the Controller type, the Frequency of recording data, and the Duration of time you want to track the MAC address.

Once the Duration is complete, you can see the results by clicking the View MAC Tracking icon.

 

Silicon Valley in 1992

Silicon Valley

Generating Wireless Heat Maps in Nectus

,

Generating Wireless Heat Maps

Wireless Heat Map is the visual representation of the wireless signal levels at different locations of specific selected area.

Area can be a building floor or outdoors. We read signal level directly at the antennas of the Wireless APs and calculate signal attenuation with a distance

and overlay resulting signal levels on top of area map with a known dimensions.

In this chapter, you’ll learn how to generate Wireless Heat Maps of any area.

The specific topics we will cover in this chapter are:

  1. Preparing the Background Image
  2. Creating a New L2 Topology
  3. Placing the Background Image and Specifying the Scale
  4. Selecting the Wireless Controller
  5. Expanding the Topology and Selecting Your Access Points
  6. Positioning Wireless APs on the Heat Map

1. Preparing the Background Image

The Background Image shows the physical layout of the area that will be included in the Heat Map.

The image needs to be scaled with equal proportions horizontally and vertically. PNG and JPEG image formats are supported. You will need to be able to enter the corresponding length of the image, in feet, to create an accurate Heat Map.

Create the Background Image before proceeding to Step 2.

2. Creating a New L2 Topology

Once you have the Background Image prepared, you will need to create a new L2 Topology for your Heat Map. To create a new L2 Topology go to the Nectus Home Screen and select Topologies -> Start New L2 Topology.

An empty L2 Topology appears.

3. Placing the Background Image and Specifying the Scale

To place the Background Image in the Topology, click the L2 Topology Settings icon to open the “Settings” dialog box then select the Background tab.

Check the Display Image check box and load the Background Image you created in Step 1.

Enter the horizontal length of the Background Image (in feet) in the Background image length in Feet field.

Once the Background Image is visible in the Topology you can resize and reposition it as desired.

4. Placing the Wireless Controller

Find the Wireless Controller for this area in the Wireless Controllers section of the Sites Panel and drag it onto the Topology.

Click the Settings icon to open the “Settings” dialog box. Select the Wireless tab.

Check Show Wireless APs along with any other options you want displayed on the Heat Map. Nectus includes a large collection of Wireless AP icons you can use to customize the map.

Once you click OK the Heat Map reappears with a color-coded scale of signal levels.

5. Expanding the Topology and Selecting Your Access Points

Now you need to expand the Topology. This displays the Wireless Access Points that are connected to the Wireless Controller. To expand the Topology, right-click the Wireless Controller icon and select Expand L2 Network Topology.

This opens the “Expand L2 Network Topology” dialog box. Select the Wireless tab and expand the All Wireless Controllers list to see the Wireless APs connected to the controllers in the Topology. Check the Wireless APs you want to include in the Heat Map.

Click Generate Topology to add the selected Wireless APs to the Heat Map.

6. Positioning Wireless APs on the Heat Map

Drag each Wireless AP to its physical location on the Background Image. Once you do this, the Heat Map will show wireless coverage for this area.

Enabling Monitoring for SNMP Interfaces

,

Enabling Monitoring for SNMP Interfaces

In this chapter, you’ll learn how to enable monitoring and create monitoring groups for SNMP Interfaces.

The specific topics we will cover in this chapter are:

  1. Automatic Discovery and Grouping of SNMP Interfaces
  2. Creating and Activating Monitoring Groups
  3. Creating and Customizing Monitoring Profiles
  4. Customizing Alerts
  5. Placing Interfaces in Monitoring Groups

1. Automatic Discovery and Grouping of SNMP Interfaces

During the Discovery phase all network Interfaces are automatically added to the group called “No Monitoring Group.” This group has all monitoring functionality disabled and serves as a parking space for all unmonitored Interfaces.

To enable monitoring for a particular Interface you must move that interface from the “No Monitoring Group” to any group that has the monitoring checkbox set to “ON” and has a Monitoring Profile assigned.

2. Creating and Activating Monitoring Groups

To create and activate SNMP Interface Monitoring Groups go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Groups -> Interface Monitoring Groups.

This opens the “Interface Monitoring Groups” dialog box.

Nectus provides you with two predefined Monitoring Groups:

  • No Monitoring Group – Interfaces in this group are not being monitored.
  • Default Monitoring Group – Interfaces in this group are monitored by Nectus.

Click the Add Group button to open the “Add Monitoring Interface Group” dialog box and create an additional Monitoring Group.

To monitor a group, check its Enable Monitoring box in the “Interface Monitoring Groups” dialog box.

Next select the Monitoring Profile you want to use for the Group. See the next section for more information on Monitoring Profiles.

Then click the Edit Alert Recipients icon to open the “Alert Recipients” dialog box and select lists that specify who will receive alerts from this particular Monitoring Group and Profile.

3. Creating and Customizing Monitoring Profiles

Each Monitoring Group must have a Monitoring Profile that determines which parameters are monitored. You can customize each Profile, and create individual Profiles for each Monitoring Group.

To create a new Profile, go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Profiles -> Profiles – SNMP Interface Monitoring. This opens the “Interface Monitoring Profiles” dialog box. Click the Add Profile button to create a new Profile.

To edit a Profile click the Edit icon to the right of the Monitoring Profile for the Group. This opens the “Edit Device Monitoring Profile” dialog box.

Some of the parameters here allow you to set Threshold values or other customizations.

Set the Enabled checkbox next to each Parameter you want to monitor. Check any of the Log to DB, Email Alerts, SMS Alerts, or Traps Alerts boxes to send those types of alerts.

4. Customizing Alerts

To customize the alerts, click the Edit Alert Templates button to open the “Edit Alert Handler” dialog box.

If you select Email Alerts or SMS Alerts, Nectus will generate Alert messages when the Monitored Parameter exceeds threshold and Recovery messages when the Parameter returns to normal.

Selecting the tab for one of these messages allows you to customize the appearance of that message.

5. Placing Interfaces in Monitoring Groups

Once you have created the Monitoring Groups you want to use you need to place Interfaces in them. To do so, click the Monitoring Group Name to open the “Edit Monitoring Interface Group” dialog box.

Select the Group you want to add Interfaces to on the left, and the Group you want to take them from on the right. Use the arrows to move Interfaces between the two Interface Groups.

Note that if you move an Interface that is currently being monitoring into the No Monitoring Group, Nectus will immediately stop monitoring that Interface. This can be useful for situations where you know an Interface will be down for some time (extended maintenance, for example) and you don’t want the system to send alerts.

Enabling Monitoring for SNMP devices

Enabling Monitoring for SNMP Devices

In this chapter, you’ll learn how to enable monitoring and create monitoring groups for SNMP Devices.

The specific topics we will cover in this chapter are:

  1. Automatic Discovery and Grouping of SNMP Devices
  2. Creating and Activating Monitoring Groups
  3. Creating and Customizing Monitoring Profiles
  4. Customizing Alerts
  5. Placing Devices in Monitoring Groups

1. Automatic Discovery and Grouping of SNMP Devices

Nectus automatically discovers all live SNMP Devices. These devices are listed in the SNMP Devices Panel on the Home Screen. While Devices are detected automatically, they are not automatically monitored. New SNMP Devices are automatically added to the default “No Monitoring” Group.

To Enable monitoring for a Device you need to move it from “No Monitoring” group to any

of the group where monitoring is enabled.

2. Creating and Activating Monitoring Groups

To create and activate SNMP Device Monitoring Groups go to the Nectus Home Screen and select Monitoring -> SNMP Monitoring Groups -> Device Monitoring Groups.

This opens the “Device Monitoring Groups” dialog.

Nectus provides you with two predefined Monitoring Groups:

  • No Monitoring Group – Devices in this group are not monitored, and appear with a grey icon in the SNMP Devices Panel.
  • Default Monitoring Group – Devices in this group are monitored by Nectus. Their icons are either green or red, reflecting the state of the Device.

Click the Add Group button to open the Add Monitoring Device Group dialog and create an additional Monitoring Group.

To monitor a group, check its Enable Monitoring box in the Device Monitoring Groups dialog box.

Next select the Monitoring Profile you want to use for the Group. See the next section for more information on Monitoring Profiles.

Next click the Edit Alert Recipients icon to open the Alert Recipients dialog box and select lists that specify who will receive alerts from this particular Monitoring Group and Profile.

3. Creating and Customizing Monitoring Profiles

Each Monitoring Group must have a Device Monitoring Profile that determines which parameters are monitored. You can customize this Profile, and create additional Profiles for each Monitoring Group.

To edit the default Profile or create a new one, click the Edit icon to the left of the Monitoring Profile for the Group. This opens the Edit Device Monitoring Profile dialog box.

Each of the four tabs in this dialog contains parameters you can monitor. Many of the parameters allow you to set Threshold values or other customizations.

Set the Enabled checkbox next to each Parameter you want to monitor. Check any of the Log to DB, Email Alerts, SMS Alerts, or Traps Alerts boxes to send those types of alerts.

4. Customizing Alerts

To customize the alerts, click the Edit Alert Templates button to open the Edit Alert Handler dialog box.

If you select Email Alerts or SMS Alerts, Nectus will generate Alert messages when the Parameter goes out of bounds and Recovery messages when the Parameter returns to normal.

Selecting the tab for one of these messages allows you to customize the appearance of that message.

5. Placing Devices in Monitoring Groups

Once you have created the Monitoring Groups you want to use you need to place Devices in them. To do so, click the Monitoring Group Name to open the Edit Monitoring Device Group dialog box.

Select the Group you want to add Devices to on the left, and the Group you want to take them from on the right. Use the arrows to move Devices between the two Device Groups.

Note that if you move a Device that is currently being monitoring into the No Monitoring Group, Nectus will immediately stop monitoring that Device. This can be useful for situations where you know a device will be down for some time (extended maintenance, for example) and you don’t want the system to send alerts.

Nectus Partner Program

We are very happy to announce the launch of our Nectus Partner Program.

We are inviting all Professional Services Organizations and Independent consultants to become an Integration Partner for the best Network Monitoring Solution of 2018 and take advantage of enormous commissions that we offer to all of our Nectus Partners.

Please contact sales@nectus5.com for additional details.

Nectus Feature List

,

 

Nectus Feature List (October 2018)

  1. Network Discovery
  2. Basic SNMP Network Monitoring
  3. Basic SNMP Device Monitoring (CPU, RAM, TCAM, Up/Down)
  4. Basic SNMP Interface Monitoring (Errors, Dropped Packets, Traffic Volume, Utilization, Up/Down)
  5. Real Time Network Topology Visualization
  6. Windows Server Monitoring (CPU, RAM, Disk, Network, Services, Processes, Status, Up/Down)
  7. AWS Instance Monitoring and Backup (CPU, RAM, Disk, Network, Up/Down Status)
  8. MSSQL Database Monitoring
  9. HTTP URL Monitoring (Latency, Up/Down Status)
  10. Network Device Configuration Backup and Change Tracking
  11. Network Device Configuration Change Automation
  12. NetFlow Collector
  13. Syslog Collector
  14. Cisco SmartNet Status Reporting
  15. Wireless Monitoring and HeatMap Visualization
  16. CircuitDB (Database of All Telco Circuits)
  17. Network Engineer Toolset (Visual Ping, SNMP Walk, L3 Path Discovery, SSH Client)
  18. Best Practice Audits and Reports
  19. Top 100 Reports
  20. Operational Reports
  21. Email and Text Message based Alerting
  22. Custom Dashboards
  23. Google Map Outage Visualization

Many more coming in 2019 ..  !!!

Network Redundancy Visualization (Pure Art)

,

Another piece of art generated by Nectus with a help of D3.JS library. Discovery of small Datacenter was completed under 3 minutes and topology generated under 5 seconds.

Conversion to Visio is supported in Nectus starting  from 1.2.40.

Real-time Device and Link status is overlayed in this  topology making it suitable for NOC level monitoring.

Keeping Track of Your Telco Circuits

, ,

Keeping Track of Telco Circuits

Remember that awkward moment when you discovered that you still paying for the circuit that suppose to be decommed 2 years ago?

I do.

Keeping track of the Telco circuit is important on many levels: financial and technical.

Having Circuit ID ready and knowing where to call when circuit goes down can make a difference between 6-hour outage and 30 minutes.

Keeping track of all the contracts for each circuit is also important for managing your budget. Beyond that, the end of a contract offers you the opportunity to negotiate better contract terms for that circuit in the future.

A typical IT organization can lease dozens, sometimes hundreds or even thousands of circuits from external providers. Whether Internet circuits, Dark-Fiber, MPLS circuits, Telephone circuits, each circuit has a lot of information associated with it.

Nectus includes a built-in database, called CircuitDB, to help you keep track of all the information related to all your circuits. This database can give you both a high-level view and a detailed view for every circuit.

Getting a High-Level View of Your Circuits

The high-level view of your circuits shows the basic information about each end of a circuit. When you open CircuitDB you get a table showing this high-level view for every circuit you have added to CircuitDB.

Opening CircuitDB

To open CircuitDB go to the Nectus Home Screen open Tools and click CircuitDB.

One thing to notice here is that Nectus shows the Up or Down status of a circuit in real time. This is indicated by the red or green icon to the left of Interface A.

If you have a lot of circuits in the database, you can search for a specific circuit by name or ID, or filter the table by Site, Carrier, Circuit Type, or Circuit Status.

High-Level Fields in CircuitDB

The high-level fields in CircuitDB are:

  • Site A – One of the sites that the circuit connects.
  • Device A – The router that the circuit connects to at Site A.
  • Interface A – The name of the circuit interface at Site A.
  • Site B – The other site that the circuit connects.
  • Device B – The router that the circuit connects to at Site B.
  • Interface B – The name of the circuit interface at Site B.
  • Carrier – The name of the outside provider for the circuit.
  • Circuit ID – The ID of the circuit. Provided to you by the Carrier.

Getting a Detailed View of Your Circuits

To get all the details about a particular circuit, click the Edit CircuitDB icon to the right of the Circuit ID. This opens the Update CircuitDB dialog.

Full Set of Fields for a Single Circuit

Here is the full set of fields for a single circuit. It is divided into two sections.

The first section deals with the physical connections of the Circuit and is duplicated for End Point A and End Point B:

  • Site – The name of the site where this endpoint is located.
  • Room – The name or number of the room where the circuit connects.
  • Cage, Cabinet, Rack – User-defined fields dependent on the physical setup of the Site.
  • Patch Panel – The name or number of the point where the circuit terminates at the Site.
  • Device – A Device selected from those listed in the Nectus Device database.
  • Interface – An interface selected from those supported by the Device.
  • Media – Copper or Fiber.
  • Fiber Type – Single-Mode or Multi-Mode.
  • Media Connector – RJ45, LC, SC, MTP.

The second section deals with the contract for the Circuit:

  • Carrier – The name of the external provider for the Circuit.
  • Circuit Type – User-defined name for the type of Circuit.
  • Circuit Status – Decommissioned, Testing, In Production.
  • Circuit Media Speed – Maximum speed of the media in Kbps, Mbps, Gbps.
  • Circuit CIR – Committed Information Rate in Kbps, Mbps, Gbps.
  • Circuit ID – Carrier-defined ID of the Circuit.
  • Contact Info – Name of the Carrier salesperson or other contact.
  • Contract Start & Contract End – Starting and ending dates of Circuit contract.
  • Support Email – Email of support staff at Carrier.
  • PO – Purchase Order number of this Circuit.
  • Price – Price for this contract.
  • Phone – Telephone number of contact at Carrier.
  • Comments – Comments related to this particular Circuit.

Dark or Light? Heated Debate over Dashboard Color Theme

,


Coming Soon

Generating Site Network Topology in Nectus

, ,

Visualizing Network Topology

In this chapter, you’ll learn how to generate a map of the L2 Topology for your site. An L2 Topology shows the physical connections between devices, which can be extremely useful for maintenance and troubleshooting. The topology can display real-time up/down status information along with other relevant information about the site.

The specific topics we will cover in this chapter are:

  1. Generating an L2 Topology
  2. Manipulating the L2 Topology
  3. Changing L2 Topology Settings

Generating an L2 Topology

You can generate an L2 Topology for any site in just a few steps. The devices that appear in this topology are those that were found during the nightly site discovery operation.

1.1 Generate the L2 Topology

Follow these steps to generate the L2 Topology for a site:

  1. In the Sites Panel on the Nectus Home Screen, open Sites and right-click the Site you want to work on.

  1. Click Create L2 topology of this site to open the Generate Topology dialog.

  1. Select the devices you want to appear in the topology then click Generate Topology. After a moment Nectus displays the site’s L2 Topology.

Manipulating the L2 Topology

The L2 Topology displays the physical connections between the devices at the site, along with information about those connections. You can drag the entire Topology around the window, as well as drag and resize individual devices.

Open the Topology toolbar in the top left of the window for the additional options shown here:

Changing L2 Topology Settings

Click Settings in the L2 Topology window to open the Settings dialog and customize the information that appears in the Topology.

Assign the Topology a Title if you plan to reuse it.

In the Device Info tab, check Up-Down Status and the type of alert (Color Alert, Audio Alert) for real-time alerts when a device in the Topology is down. With Color Alerts, both the device that is down, and the title of the Topology will flash red as shown in the Topology image above.

Be sure to click the Save icon in the Topology Toolbar to save your changes.

Cascading Syslog Servers

, ,

Cascading Syslog Servers

Introduction to the Syslog Protocol

Syslog is a protocol that allows systems to send Event Notification Messages through IP networks to Syslog Servers (also known as Event Message Collectors). There the messages can be sorted, searched, and analyzed to monitor the state of individual devices as well as the overall system.

Syslog messages contain both status information and a Severity Level, which ranges from 0 (zero) to 7. Level 0 messages are emergencies. Level 7 messages signify that the sender is in Debug mode. The meanings of Levels 1 through 6 are application dependent.

2. Multiple Syslog Servers – The Traditional Approach

In some situations you might want to add additional Syslog Servers to your system. Traditionally you would do this by configuring each connected device or server to send messages to the Main Syslog Server and to each Secondary Syslog Server. This configuration is shown in the following image:

This works fine if you just have a few devices. But it quickly becomes impractical as the number of connected devices grows. Imagine configuring 1000+ devices to send Syslog messages to one or more additional servers for a special project, then disconnecting them all later.

This makes the traditional approach impractical for large installations.

3. Multiple Syslog Servers – The Cascading Approach

To avoid the problems of the traditional approach, Nectus implements Cascading Syslog Servers. Instead of connecting each device to each Syslog server, you need only connect them to the primary Syslog server. The primary server can then forward copies of the messages to any secondary servers, as shown in the following image:

This approach makes adding and removing secondary Syslog servers simple. However, forwarding every Syslog message does increase the load on the primary Syslog server. You need to carefully monitor the primary server to avoid overloading it.

Nectus recommends you cascade no more than 10 secondary Syslog servers to avoid overloading the primary server.

3.1 Configuring the Nectus Cascading Syslog Servers Solution

Follow these steps to configure Cascading Syslog Servers:

  1. Click Settings in the Nectus Home Screen.
  2. In the Settings menu that appears, hover the cursor over the General Settings option.
  3. Click the Syslog Settings option that appears. Select the Forwarding IP tab in the Syslog Settings dialog that appears.

  1. Click the Add New IPv4 button to open the Add Forwarding IPv4 dialog.

  1. For each secondary Syslog server add the IPv4 Address of the server, the number of the UDP Port the server is listening on, and a Description of the server.

AWS Backup Automation with Nectus

, ,

AWS Instance Backup Automation with Nectus

Having your data backed up and secured is crucial for business-critical systems. If your servers run in AWS infrastructure,

then you already have an advantage of performing backup of the hosted instances using Amazon built-in features.

This can be performed manually using AWS console the following way. First, select Instances menu from EC2 Dashboard.

Then select an instance you would like to backup.

In Description tab you will see the Block devices attached to the selected instance.

Clicking on one of the block devices will bring up the window displaying the block device’s EBS ID:

By clicking that EBS ID you get to the Volumes menu of the EC2 Dashboard:

Right-click on the selected volume will display a menu with “Create snapshot” option.

After selecting this option you have to enter a description of your snapshot and the snapshot will be created.

After that the snapshot created will appear on the list displayed on the EC2 Dashboard/Snapshots page. To restore data from that snapshot you should select

“Create Volume” option from the snapshot’s context-menu. A new volume will appear with exactly the same data you had on your volume when snapshot was created.

But taking snapshots manually is hardly an option, especially if you deal with a lot of the EC2 instances. This process must be automated.

One of possible solutions is utilizing the Nectus AWS backup functionality. Nectus is able to take snapshots of your volumes constantly and

regularly with the required periodicity according to the backup profiles you set.

The following steps will show how to enable and set up the automated backup of AWS instances using Nectus. First you need to set up your backup profiles.

Select Settings/General Settings/AWS Integration menu.

In the “Backup” tab you will see backup profiles already created and also the “Add Backup Profile” button.

Pressing this button will open the following “Add New AWS Backup Profile” dialog.

Here you can enter a name for a new backup profile, periodicity of snapshots creation (Snapshot Interval), period of retention for snapshots created (Snapshot retention)

and the allowed time interval to take snapshots (this setting is available only if Snapshot Interval is 1440 minutes or more).

Pressing “Save” button will add the new backup profile to the list. Editing of existing profiles is also possible.

You can create any number of backup profiles for different purposes.

For example, you may want to backup your most critical production instances quite often (every 5 minutes) but your test servers rarely (once a day or maybe even once a week).

The procedure of taking a snapshot is free of charge from Amazon but storing them is charged depending on the volume (see AWS EC2 pricing).

That should be considered when choosing the Snapshot retention period.

After you have set the required backup profiles, it is time to assign them to your instances. To perform it select “AWS Instances” from the “Inventory” menu.

In the form displayed you can see a list of already existing instance groups. To create a new AWS instance group press the button “Create new Group” at the top-right of the form.

In the window opened you should set a new group name, check the “Enable Backup” box and choose one of the backup profiles created earlier.

If the box is not checked, then no backups will be performed for instances of this group.

Now when you have backup profiles assigned to AWS instance groups you can switch to the next tab “AWS Instances”.

The next window displays a list of AWS instances.

Each instance belongs to one of the AWS instance groups and so the group settings affect the instance backup policy.

To change backup profile for an instance you should move it to another instance group with appropriate backup profile.

For example, if you want to change backup profile for “www.nectus5.com” from “Weekly Backups” to “Daily Backups”

just click on the Instance ID and change AWS instance group.

After such setup Nectus will automatically start creating new snapshots and deleting old ones.

You will see those snapshots in your EC2 Dashboard.