Network Management

12K

Solutions

14K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Share tech news, updates, or what's on your mind.

Sign up to Post

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance.

A concise guide to the settings required on both devices
1
Get HTML5 Certified
LVL 9
Get HTML5 Certified

Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.

Use of TCL script on Cisco devices:
 - create file and merge it with running configuration to apply configuration changes
0
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona.

Thanks David, for your detailed and honest evaluation!
0
 
LVL 5

Author Comment

by:Kimberley from Paessler
Comment Utility
Hi Ryan,

Thanks for your message.  I'll flesh it out a bit and then submit it again.

I have a related question:  If I have a topic/article/post that I only want to post to the Paessler Topics page, does it still go through independent review?  I tagged "paessler" on several articles, but haven't been asked to review or approve them.  Who decides what can appear on our topics page?

(um, to avoid confusion, yes, I'd like to post this article to several topics, after it meets the requirements for an article.  My question is more a hypothetical one, in case I have things to post only to the Paessler topics page at some point).

Thanks for your help!

Kimberley
0
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
0
Is your computer hacked? learn how to detect and delete malware in your PC
0
Join Greg Farro and Ethan Banks from Packet Pushers and Greg Ross from Paessler for a discussion about smart network monitoring with PRTG.  Ethan, Greg and Greg discuss strategies for monitoring your IT infrastructure, how to deal with the complexity of monitoring large networks, and how to glean actionable information from multiple data points.

Listen to the podcast to learn how network monitoring can identify issues in your network before they impact your users.

Please note that this podcast was sponsored by Paessler.
0
Five Golden Stars
Every business owner understands the significance of online customer reviews and the impact it can have on sales and revenues. With technology advancing at such a rapid pace, getting online reviews has never been easier, especially when many regions around the world are already using the Internet.
0
 
LVL 2

Author Comment

by:Superb Internet Corporation
Comment Utility
Do you know when my articles will be approved? Not sure if that's why I only have a few points per the recently submitted articles (x3). Thanks
0
 
LVL 2

Author Comment

by:Superb Internet Corporation
Comment Utility
Understood. Will wait for your update tomorrow on the approvals for the articles. Thanks
0
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
0
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
3
Transparency shows that a company is the kind of business that it wants people to think it is.
3
Optimum High-Definition Video Viewing and Control
Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

So, you're experiencing issues on your network and you've decided that you need to perform some tests to determine whether your cabling is good.  You're likely thinking that you may need to spend money which you probably don't have on hiring/purchasing a cable test tool, or even a cabling tech if you're not sure where the issue lies.  That can be expensive, especially if you have to get someone to site quickly to help diagnose an issue.

Did you know that if you have a Cisco switch-based network you may well have a cable-test function already to hand?

Pretty-much any Enterprise-level Cisco switch made since the 2960 family includes a feature called the TDR test, and even some switches before (such as the 3560G) support this function.  It's only available for copper-based connections though as it's only a TDR and not an OTDR, so you can't test fiber-based links using this functionality.

This test will enable you to verify the length of a cable right from the switch to the other end, using the TDR (time-domain reflectometer) function.  This is essential in diagnosing faults as a break in the cable can be easily identified on a single wire within the cable, as well as shorts and crossed-pairs.

To use this test, simply issue the following command in privileged exec mode...

test cable-diagnostics tdr interface gi0/1

Open in new window

(substitute the gi0/1 interface with whichever one you need to test)

Note: Cisco recommend performing the test with the …
10
This article is in response to a question here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses as input, PING each of the IP addresses in the list, and send an email via SMTP to a support group when the PING is not successful on an IP address.

The method presented in this article requires AutoHotkey, an excellent (free!) programming/scripting language. The quick explanation for installing AutoHotkey is to visit its website and click the big blue Download button. A more comprehensive explanation is to read my EE article, AutoHotkey - Getting Started. After installation, AutoHotkey will own the AHK file type, supporting the solution discussed in the remainder of this article.

The utility takes as input a plain text file with each IP address on a separate line, such as:

192.168.0.123
192.168.0.456
192.168.0.789


The utility reads the file with the list of IP addresses and PINGs each one. It redirects the output of the PING command to a text file (via the command line ">" operator). It then looks for the five most common PING errors anywhere in the PING output, namely:

Destination Host Unreachable
Ping request could not find host
Request Timed Out
TTL Expired in Transit
Unknown Host


If the utility finds any of these, it sends an email via SMTP with PING Error Notification as the Subject and with an email Body
5
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
Joe,

Just tested,

Works great two errors in my test and only one email.

My next phase will be to get email to get thru my exchange server.

Thanks again

If I get the exchange server code working I will post here for you.
0
 
LVL 55

Author Comment

by:Joe Winograd, EE MVE 2015&2016
Comment Utility
Tom,
Great to hear that the new code works for you. Documenting the settings needed for Exchange will be very helpful. Good luck!
0
A Wildcard Certificate means all of your sub-domains will resolve to the same location, regardless of the non-SSL Document-Root specification. A user will need to purchase a wildcard SSL from a vendor or a reseller that supplies them.
Similar to having multiple certificates installed on a server, each sub-domain containing the certificate needs its own IP as well.  Wildcard SSL’s do not work like Wildcard DNS – you will have to specifically install the certificate on each sub-domain. Following are two methods to set up a Wildcard SSL for a domain.

Multiple Accounts

In a case where you have each sub-domain hosted as a separate cPanel account, and each cPanel account has its own IP address, then follow these steps:
•      Generate the Certificate Signing Request (CSR) in WHM, using *.domain.com
•      There are two ways to change a site’s IP address:
               i.            Via WHM:
Go to WHM > Change site’s IP Address, select the account, then select the IP
              ii.      Via Command Line:
/usr/local/cpanel/bin/setsiteip -u $user $ip
When you’ve obtained the certificate, go to WHM > Install a SSL Certificate and Setup the Domain and paste in the CRT and CA Bundle for *.domain.com
•      The fields should auto-populate, in which case you need to make sure the IP is correct, then change the SSL hostname from *.domain.com to the target sub-domain
•      Click install to install the certificate

One Account

This method may be best for users that are not resellers…
0
I was at a customer and we recently set up a new DNS Server.  I asked him to ensure that all servers pointed to the new server.  140 remote servers – estimated 6 days of work to do this manually.

Ever had this experience and just need to get the job done ASAP?  PSExec is a saviour in these cases.

Simply download PSTools from http://technet.microsoft.com/en-gb/sysinternals/bb896649.aspx

PSExec is in here, all thanks to Mark Russinovich.  Although PSTools contains a load of tools, I really want to focus on PSExec right now.  This is the one tool I use more than any.

In summary, whatever you can run in the CMD prompt or script, you can do remotely with PSExec.

E.g. Get every machine in the domain to renew it’s IP Address:

psexec \\* ipconfig /renew

Open in new window


It’s that simple.

Ok, to get all Domain Controllers to restart their netlogon service:

for /F %i in (‘dsquery server -o rdn’) do psexec \\%i net stop netlogon & net start netlogon

Open in new window


Easy enough?

Ok, change the Primary DNS Server on all Domain Controllers:

for /F %i in (‘dsquery server -o rdn’) do psexec \\%i netsh interface ipv4 set dnsservers static 192.168.0.1 primary

Open in new window


Perhaps you have a specific list of computers to run a command on.  Add them to a text file (like computers.txt).  Then place the text file in the directory you are running PSExec from and run the following:

PSExec @filename.txt CommandToRun (e.g. shutdown /r)

Open in new window


One issue I found which is really a pain is when having to use PSExec and run a command which interfaces with remote network resources.  e.g.

psexec \\server15 \\server\share\executable.exe

Open in new window


This won’t work unless you supply credentials.  Something like this:

psexec -u domain\user -p PasswordHere\\server15 \\server\share\executible.exe

Open in new window

4
 
LVL 26

Expert Comment

by:MidnightOne
Comment Utility
Be aware that the latest version of Symantec Endpoint Protection flags psexecsvc.exe as an attack and will block it. PSEXEC then gets stuck looping as it installs the service, the service gets deleted, and it lathers, rinses and repeats.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
Thanks for the bit about running an exe from a network share.
0
How would you tell what computer was using up all of your Internet bandwidth ?

If you cannot answer this question, this article is for you.  

The solutions below should work with just about anything using established standards rather than proprietary software. Some commercial firewall appliances will already tell you this info. For this Article, I do refer to Sonicwall, but the suggestions will provide valuable information regardless. The resulting information is extremely valuable to have when there are problems (either real, or just perceived by your users).

Now, if budget was not a problem and there was a pressing need to just purchase something, I would probably purchase the PRTG Network Monitor ($380) or Solarwinds Orion NPM ($2475) because they will work with just about anything and aren't tied to Sonicwall.  They can even collect usage from packet sniffing so will work with ANYTHING.  

The quick answer may be able to just download and configure Passler PRTG trial or free version or AdvancedRM to get what you need, if needed "now".  Both of these utilities rely on SNMP.  PRTG also can collect info a few different ways and is more versatile and comprehensive.  Free version is limited to 10 sensors but the commercial version isn't that expensive compared to enterprise consoles.  If you enable the SNMP services on each of the servers and user systems as well as the Sonicwall, you can compare charts and get what you need.  

Being budget concious, what I …
2
 
LVL 8

Expert Comment

by:J Spoor
Comment Utility
Overall a really good document !
0
 
LVL 5

Expert Comment

by:Kimberley from Paessler
Comment Utility
Hi cybervzhn_tech,

Yes, a good article!  I wonder if you could update the parts about PRTG, since there's been a significant change in our licensing since 2010.  In particular, the 100-sensor licence which was $380 is now free!  The first paid license is now the 500-sensor license ($1600).  Could you please update the price from $380 to $1600, and then later in the article, where you talk about 10 free sensors, update this part to 100 sensors?

Thanks!

Kimberley (from Paessler)
0
Setting up SSH Cisco

We are all told that you should not use Telent for connecting to devices because it is unsecure and all clear text. Much better is to use SSH, but it can seem a bit of a challenge setting it all up and especially in a small network you might not think it's worth the effort.

Below are the instructions to enable SSH on Cisco switches and routers, apply this to the VTY lines and use a client software to connect up.

You will need:

1)      A Cisco device running a IOS that supports SSH, this means any IOS with Crypto features. (if you have an IOS that is not crypto you can upgrade for free as long as you keep the same feature set, ask a Cisco reseller more about this if you need to get hold of one)

2)      A client that can support SSH such as Tera term or Putty.

First Step.  We need to generate some RSA Keys. These are used by the SSH session to encrypt the data. This requires first setting a hostname and a domain for the Device.

Any thing in bold is commands that need to be entered.

Router(config)#hostname test   (set a host name)
test(config)#ip domain-name test.com  (sets the domain the keys will be used for, this does not have to be the same as your windows AD domain, although often it will be)

test(config)#crypto key generate rsa
The name for the keys will be: test.test.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus
2
 

Expert Comment

by:Kumar Jadhav
Comment Utility
Thanks, I'm wondering if there is a way to push out updates/ changing config on multiple Cisco devices at once. Not sure if cisco prime is able to handle this.
0

Network Management

12K

Solutions

14K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.