محصولات . Products / Network Switching / IronView

مرصاد نماینده رسمی SONY در ایران                                      Hightech Security and Communication Total Solution Provider

IronView Network Manager

IronView Network Manager
  • Delivers fault, configuration, accounting, performance, and security management for Foundry's high performance wired and wireless enterprise, service provider, application traffic management, and security networking products
  • Includes comprehensive security capabilities such as password policy management, authentication, secure device access, secure web, and interface to open source IDS/IPS products and other intrusion detection software solutions
  • Supports a broad range of industry standard operating systems, including Windows, Linux, and Solaris

Overview

Foundry IronView® Network Manager (INM) provides network administrators with comprehensive tools for configuring, managing, monitoring, and securing Foundry's award-winning line of wired and wireless network equipment. INM is an intelligent network management solution that reduces the complexity of changing, monitoring, and managing network-wide features such as Access Control Lists (ACL), rate limiting policies, VLANs, software and configuration updates, and network alarms and events.

With INM's intuitive and easy-to-use web-based tools, networks are less prone to outages due to incorrect configurations or invalid software upgrades. Built on a Java-based platform, Foundry INM empowers network operators to seamlessly control software and configuration updates for any Foundry product from anywhere in the network, enabling more effective management of medium and large networks.

Using INM, network managers can automatically discover Foundry network equipment and immediately acquire, view, and archive each device's configuration. Group policies can be easily configured and deployed for Foundry's wired and wireless products, including security requirements, rate limiting, and event management policies.

INM can be easily configured to collect sFlow data from Foundry switches and routers. This data provides network managers with detailed visibility into all areas of the network, including the edge, aggregation, and core. Typically this visibility is hard to achieve without costly and difficult to operate network sensors. With Foundry's embedded sFlow support, and INM sFlow collection and reporting capabilities, network managers can achieve this visibility without additional cost. INM can also provide an array of security services around the sFlow collection capability.

Features

INM provides a high-level dashboard, with views of network assets, status and alarms, and the current state of INM. This quick look at the overall health of Foundry devices and INM itself permits network managers to quickly identify and focus on a network problem without having to sift through every detail.

Leveraging Foundry switches and embedded sFlow capability, INM can process sampled traffic data from the edge, aggregation, and core network elements, and convert this data for input and analysis by the Open Source Snort intrusion detection software package.

INM is comprised of a powerful of network Application Managers, including:

  • INM Dashboard
  • Administration Manager
  • Topology Manager
  • Device Configuration Manager
  • Access Control List Manager
  • Rate Limiting Manager
  • MAC Filter Manager
  • Event Manager
  • Configuration Manager
  • Service Director
  • Report Manager
  • Change Manager
  • RF Monitoring Manager
  • ServerIron Traffic Manager
  • SecureIron Denial-of-Service Manager
  • IronPoint Wireless Products Management Solutions
  • IronShield 360 Security—Closed Loop Intrusion Detection and Prevention

Each Application Manager is web-based, so network managers can access network elements from any client, anywhere in the network. Because INM uses Java, clients are free from operating system dependencies and can perform network operational activities anywhere critical changes to the network are required.

When accessing a device's web management interface, the network manager can choose between HTTP and secured HTTP (HTTPs). INM also provides mechanisms to secure access to Foundry devices, including SSH for secure command line interface access, and SCP for secure copy access.

INM Dashboard

The INM dashboard shows the status of Foundry devices, including asviews, status and alarms, as well as INM status.

Dashboard views include a wired and wireless device status pie chart and an inventory bar graph showing the number and family type of each Foundry device discovered. An event summary bar chart shows the number and type of events for each severity defined by INM, and event types include traps, internal INM events, security events (for Snort or partner security events), and syslog events. This bar graph can show the event summary for the last 24 hours, 7 days, or 30 days.

Figure 1: Dashboard

The dashboard's INM status window shows internal INM processes, including:

  • Discovery status
  • Topology status
  • Polling interval
  • Email alert status
  • sFlow collector and PCAP conversion status
  • Server uptime
  • Number of active management users
  • Last timestamp

Administration Manager

INM Administration Manager is comprised of key sub-managers that manage INM access, global settings and network discovery.

The User and Role Manager allows network managers to assign access, security levels and configuration authority to individuals and groups, securely separating common tasks across multiple management entities. Each user's actions are logged for any configuration deployed within a Foundry device or group of devices, enabling network managers to view the configurations used during deployment and troubleshoot any network problems caused by them. Additionally, the use of external authentication solutions, such as TACACS+ or AAA simplifies and combines the security systems that are typically used in organizations.

The Discovery Manager provides administration of the discovery process, for periodic network topology updates, and has a Topology Configuration sub-manager that provides an interface for the export of topology data to HP OpenView Network Node Manager (NNM).

Topology Manager

INM's Topology Manager provides an integrated topology discovery and network map capability that allows Layer 2, VLAN, and IP subnet views of Foundry's network equipment. A number of tools can be used to layout the topology in a variety of different ways, including hierarchically, tree-like, and graph views. A sophisticated find capability enables quick location of key assets. Individual and groups of nodes can be selected for fixed placement on the map when zooming. Nodes are shown with detailed information, including name, IP address, trunk groups, and interface names.

Figure 2: Topology Manager

Network Managers can create groups based on devices or ports using Device and Port Groups under the Network Object Manager in the Topology Manager application. This enables rapid deployment of configuration changes, loading of common configurations, and performance of common monitoring facilities.

Device Configuration Manager

INM's Device Configuration Manager provides tools for configuring, managing, and deploying wireless and wired devices through multiple sub-managers, including:

  • Configuration Wizard—allows configuration payloads to be defined and then rapidly deployed to targeted wireless and wired devices.
  • VLAN Manager—enables network managers to discover already configured VLANs and perform adds, moves, and changes to any VLANs within their network.
  • Device Configuration Realm Manager—allows wireless Realms to be defined, configured, and managed in the Foundry IronPoint 200 wireless AP.
  • Automatic Discovery and Configuration (ADC) Manager—allows the dynamic discovery and configuration of Foundry wireless access points.
  • Wireless Mobility Manager—allows Foundry wireless LAN switches to be grouped into domains for layer 3 mobility support.
  • CLI Configuration Manager—allows CLI commands to be executed against specific devices or groups of Foundry devices. This powerful tool allows complex scripting to be employed to execute groups of commands and includes parameter substitution capabilities.

Access Control List Manager

Access Control List (ACL) Manager allows rapid configuration and deployment of ACLs in Foundry's wired and wireless switches and routers. ACLs are useful for allowing devices to permit or deny packets based on source and destination MAC or IP address, IP protocol, or TCP/UDP port. The ACL Manager also allows network managers to import ACLs from a Foundry device or a group of Foundry devices, permitting them to move existing ACLs within the ACL Manager and redeploy existing ACLs in other Foundry devices.

The ACL Manager has three sub-applications:

  • Service Manager—allows network managers to use pre-defined and well-known service ACLs, providing flexible and simple mechanisms to easily create ACLs. In addition, the Service Manager can add group ACLs for support of multiple port range ACLs.
  • Network Manager—allows users to add and group IP subnets or IP addresses.
  • Layer 2 Manager—allows Layer 2 ACLs to be easily defined and deployed across individual or groups of Foundry devices

MAC Filter Manager

INM MAC Filter Manager supports the configuration and deployment of MAC filters on those Foundry's wired and wireless devices that support MAC filters. MAC filtering capabilities allow permit and deny functions to be configured for source and destination MAC and VLAN. MAC filters can be imported into INM from Foundry devices, allowing them to then be redeployed throughout the network.

Event Manager

INM Event Manager provides tools to assist network managers in troubleshooting network-related problems. The Event Manager can receive SNMP traps, Syslog events, Snort, and security partner event messages for reporting, analysis, monitoring, and remediation. The Event Manager can also alert network managers proactively to any events INM is configured to analyze. Event Manager can use Foundry's CLI configuration manager to support full closed-loop network remediation. Under the IronShield 360 security umbrella, INM Event Manager can accept events from open source software, such as Snort, as well as third-party security products, and take remedial action on these events based on user-defined security policies.

Event Manager can also take traps from the IronPoint Wireless Location Manager (WLM). This enables WLM to use the virtual shield capability, which prevents wireless access outside specific geographically defined regions.

Service Director

INM Service Director provides management tools for sFlow and SNMP-based data collection, reporting, accounting, and presentation. Service Director also has a custom report generator capability that allows network managers to define any of reports based on the data collected from sFlow.

Report Manager

INM Report Manager provides a rich of canned reports that give details on dynamically or statically discovered wired and wireless devices as well as key attributes, such as name, IP address, version information, product type, last scan day/time, and status.

The library of asreports contains a number of canned reports, including:

  • Wired and Wireless Devices
  • Modules and VLANs
  • IP Subnets, IP, and MAC Addresses
  • AP Current Session, Session History, Throughout, and Usage

Figure 3: Report Manager—IP Address Report

Change Manager

INM Change Manager provides mechanisms for viewing, retrieving, and restoring configuration files. During the discovery process, copies of the device configurations are dynamically imported into INM. Change Manager can be scheduled to automatically backup configurations, or backup can be done manually. Configurations can be compared and contrasted to quickly spot problems during configuration deployments, and can be used to roll back to a previous configuration as needed.

Change Manager also allows software and boot images to be manually or automatically imported into INM. Multiple versions of software can be stored in INM, and these may be deployed to devices directly by the network manager.

ServerIron Traffic Manager

INM ServerIron Manager provides both Virtual IP Address (VIP) server management capabilities and Global Server Load Balancing (GSLB) management support for centralized management of the Foundry ServerIron Application Traffic Manager products.

The VIP Server Manager includes functions such as:

  • Display of VIPs configured on a ServerIron
  • Display of virtual server and real server port bindings configured on a ServerIron
  • Display of real server and virtual server port status
  • Enabling/disabling real or virtual server ports

INM GSLB Manager provides support for the configuration of GSLB capabilities (such as policy, site, zone, and controller management and deployment) in the ServerIron product family.

SecureIron Denial-of-Service Manager

INM SecureIron DoS Manager provides centralized management services for Foundry's SecureIron family of security products. DoS Manager provides tools for the creation and display of generic and pre-defined SecureIron signature rules, as well as the definition and display of filters (collection of rules and actions), including the ability to define multiple actions (log, drop). Using the controller, INM's DoS Manager can rapidly deploy filters on groups of SecureIron devices and across multiple interfaces.

INM DoS Manager allows SecureIron Traffic Managers and SecureIron LAN Switches to be rapidly and easily configured, deployed, monitored, and managed, which significantly lowers the total cost of ownership of an organization's security devices.

IronPoint Wireless Family of Management Solutions

INM now includes central management support for the entire family of Foundry wireless products and solutions, including the IronPoint IP200 wireless access point, IronPoint switches, and the IronPoint Mobility Controller series. Using INM, Foundry wireless access points, wireless switches, and mobility controllers can be quickly and easily discovered, monitored, and managed. This significantly decreases the total cost of ownership for both small, medium, and large deployments of wireless devices.

The IronPoint RF sensor provides monitoring for rogue access points and ad-hoc client networks. INM can collect and analyze data from the Foundry RF sensor to assist in generating rogue AP and ad-hoc alerts and reports.

For significantly enhanced scalability, the FastIron Edge Wireless LAN (FES-WLAN) switch can be used to offload the manage-ment of IP200 wireless access points. INM can then manage the FES-WLAN switches rather than manage each AP separately.

The IronPoint Wireless Location Manager (WLM) can interface with INM's Event Manager to provide alarms and shut out clients based on the location of a wireless client. This enables WLM to use the virtual shield capability, which prevents wireless access outside specific geographically defined regions.

Figure 4: Automatic Discovery and Configuration Manager—AP Location Map

IronShield 360 Security and Intrusion Detection

Foundry's IronShield 360 Security solution turns Foundry networking devices into network sensors, that can feed data into INM, which can work with both open source and partner security products for packet and flow analysis. Security events can then trigger INM security policies, which can dynamically reconfigure the network to insure attackers cannot disrupt network services.

With IronShield 360, the sFlow data collected by INM can be converted to the open source PCAP format. The PCAP data can then be piped directly into Snort and other open source IDS software to spot accidental or malicious network activity and send alerts to INM through the Event Manager. INM can then take direct remedial action on this network activity, through its powerful CLI Configuration Manager tool.

This security capability turns INM into a full intrusion detection and prevention solution. Because sFlow is available on Foundry switches and routers, INM can cost-effectively detect and prevent intrusions throughout the network, even on Gig and 10-Gig links, and at the edge of the network, where sensors would be extremely costly to deploy.

INM can also process events and take remedial action for a number of Foundry's anomaly detection partners, who can also support sFlow. By extending our event processor to handle events from our IronShield 360 security partners, INM provides the industry's first closed-loop security and management solution for both signature and anomaly detection solutions.

Foundry's INM is the only industry network management solution that can directly take data from network elements and pipe this data into a variety of signature and anomaly detection devices for deep packet inspection and security analysis. These security devices can then send security events directly into INM, which can be configured with a number of security policies to take direct remedial action to stop attacks before they threaten vital network services.

INM DoS Manager allows SecureIron Traffic Managers and SecureIron LAN Switches to be rapidly and easily configured, deployed, monitored, and managed, which significantly lowers the total cost of ownership of an organization's security devices.

Figure 5: IronShield 360 sFlow and Snort Security

System Requirements

The INM software and documentation are shipped on a CD-ROM. In addition to a CD-ROM drive, your system needs to meet the following requirements to install and run INM. The following table shows the server requirements needed to successfully install INM.

Windows Solaris Linux
Minimum OS version 2003 Server (SP2)
XP Professional Edition (SP2)
9, and 10 Red Hat Enterprise Linux WS Release 4
Minimum CPU and Speed

1-200 devices:
2.0 GHz Pentium 4 with 2GB of RAM (minimum), 3.0 GHz Pentium 4, 3GB of RAM (recommended)

200-1000 devices:
2.0 GHz Dual Core CPU with 3 GB of RAM (minimum), Multi Core Xeon Processor 3000 sequence or above (or similar AMD processor) with 4 GB of RAM (recommended)

1000+ devices:
Dual (or more) Xeon 5000 sequence or above (or similar AMD processor) with 4+ GB of RAM (recommended)

1-200 devices:
Sun UltraSPARC T1 (or similar UltraSPARC processor) with 2GB of RAM (recommended)

200 - 1000 devices:
Sun UltraSPARC T2 (or similar UltraSPARC processor) with 4GB of RAM (recommended)

1000+ devices:
Sun UltraSPARC T2+ (or similar UltraSPARC processor) with 4+GB of RAM (recommended)

1-200 devices:
2.0 GHz Pentium 4 with 2GB of RAM (minimum), 3.0 GHz Pentium 4, 3GB of RAM (recommended)

200-1000 devices:
2.0 GHz Dual Core CPU with 3 GB of RAM (minimum), Multi Core Xeon Processor 3000 sequence or above (or similar AMD processor) with 4 GB of RAM (recommended)

1000+ devices:
Dual (or more) Xeon 5000 sequence or above (or similar AMD processor) with 4+ GB of RAM (recommended)

Minimum RAM Requirement 2 GB 2 GB 2 GB
Maximum RAM Requirement 120GB 120GB 120GB

The following table shows the requirement for client browser, which is required to access any of INM's web-based application.

INM 03.0.00b Client Requirements

Windows 2003, 2000, or XP Professional Edition Solaris 8, 9, and 10 Red Hat Enterprise Linux WS Release 3 and 4
Internet Explorer Browser IE 6.0 and above Not Supported Not Supported
Mozilla Firefox Firefox 2.0 Firefox 2.0 Firefox 2.0
Java Plug-In JRE-1.6.0_05 JRE-1.5.0_15 JRE-1.5.0_15

INM 03.0.00a and Earlier Client Requirements

Windows 2003, 2000, or XP Professional Edition Solaris 8, 9, and 10 Red Hat Enterprise Linux WS Release 3 and 4
Internet Explorer Browser IE 6.0 and above Not Supported Not Supported
Mozilla Firefox Firefox 2.0 Firefox 2.0 Firefox 2.0
Java Plug-In JRE-1.5.0_12 JRE-1.5.0_12 JRE-1.5.0_12

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). This product includes software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

...............................................................................
اعضا ثبت نام
نام کاربری  
کلمه عبور
  فراموشی کلمه عبور  
...............................................................................
خبرنامه
 

تمام حقوق متعلق به شرکت مرصاد است 1384-1389          All rights reserved for Mersaad New Technology 2004-2010