OPMANTEK NETWORK MANAGEMENT AND IT AUDIT SOFTWARE. Troubleshooting Open-AudIT Discoveries v1 January 2019

Similar documents
Powerful Insights with Every Click. FixStream. Agentless Infrastructure Auto-Discovery for Modern IT Operations

Frequently Asked Questions

Goliath Performance Monitor Frequently Asked Questions: Citrix XenServer

SysAid Technical Presentation. Phone (Toll-Free US): Phone: +972 (3)

KASEYA (LEGACY) CLOUD SOLUTION CATALOG 2014 Q1

Goliath Performance Monitor Frequently Asked Questions: Citrix XenDesktop

Guide for network administrators Systems Management. Guide for network Administrators. Version: Author: Panda Security

Goliath Technology Overview with MEDITECH Module

Server & Application Monitor

QUICK INSTALLATION GUIDE Minder 4.2

ZENworks 11 Support Pack 4 Management Zone Settings Reference. October 2016

Server & Application Monitor

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

Enhancements and new features in ILMT/SUA IBM License Metric Tool & Software Use Analysis Questions and Answers Enablement Team

WhatsUp Gold. Evaluation Guide

Goliath Application Availability Monitor. Technology Overview

BMC Remedyforce Discovery and Client Management. Frequently asked questions

ITSM SERVICES. Delivering Technology Solutions With Passion

FactoryTalk AssetCentre Overview

Goliath Certified Platform Engineer GCPE Training Program

Unified Networks Administration & Monitoring System Specifications : YM - IT. YM Unified Networks Administration & Monitoring System

L105190: Proactive Security Compliance Automation with CloudForms, Satellite, OpenSCAP, Insights, and Ansible Tower

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.2

Server & Application Monitor

TXU Energy. Key Considerations for Managed & Cloud Services

No Limits Cloud Introducing the HPE Helion Cloud Suite July 28, Copyright 2016 Vivit Worldwide

ArcGIS Enterprise: Advanced Topics in Administration. Thomas Edghill & Moginraj Mohandas

TECHNICAL DESCRIPTION

Ipswitch: The New way of Network Monitoring and how to provide managed services to its customers

Secure wired and wireless networks with smart access control

Tanium Discover User Guide. Version 2.5.1

Symantec Discovery. Track hardware/software assets and monitor license compliance throughout a multiplatform IT infrastructure

Venafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

GFI product comparison: GFI LanGuard 12 vs Microsoft Windows Intune (February 2015 Release)

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

PSOACI Tetration Overview. Mike Herbert

KASEYA On-Premise Perpetual SOFTWARE CATALOG 2014 Q1

Sentinet for Microsoft Azure SENTINET

Cisco Tetration Analytics

Roles. Ecosystem Flow of Information between Roles Accountability

Kaseya IT Services KASEYA IT SERVICES PROGRAM CATALOG 2014 Q3

TECHNICAL WHITE PAPER DECEMBER 2017 VMWARE HORIZON CLOUD SERVICE ON MICROSOFT AZURE SECURITY CONSIDERATIONS. White Paper

Everything visible. Everything secure.

Performance Monitoring and SiteScope

Tetration Hands-on Lab from Deployment to Operations Support

ALERT LOGIC LOG MANAGER & LOG REVIEW

NE Administering System Center Configuration Manager and Intune

Becoming Proactive on High Availability and Disaster Recovery Readiness

Microsoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit. Alan Maddison, Architect Amit Bhatia, Architect

Predictive Resilience: Leveraging Integrated DCIM to Reduce Data Center Downtime

Administering System Center 2012 Configuration Manager

JOB SCHEDULING CHECKLIST

Launching a Highly-regulated Startup in the Cloud

CommandCenter NOC. CommandCenter NOC - Features and Benefits. Out of Band access to target systems. Network management. Windows system management

Security Compliance and Data Governance: Dual problems, single solution CON8015

Getting Started Guide. Version 4.4

HPE Operations Agent. Concepts Guide. Software Version: For the Windows, HP-UX, Linux, Solaris, and AIX operating systems

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Optimisation drives digital transformation

Centerity Monitor Standard V3.8.4 USER GUIDE VERSION 2.15

IBM. Migration Cookbook. Migrating from License Metric Tool and Tivoli Asset Discovery for Distributed 7.5 to License Metric Tool 9.

LEVEL 3 SM WEB MEETING

IBM Tivoli Monitoring (ITM) And AIX. Andre Metelo IBM SWG Competitive Project Office

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Get Started with Cisco DNA Center

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

One Hospital s Cybersecurity Journey

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Audit report and analyse overview. Audit report user guide v1.1

MS-20696: Managing Enterprise Devices and Apps using System Center Configuration Manager

Proactive Performance Monitoring for Citrix XenApp & XenDesktop

SOLARWINDS PARTNER SALES CARDS

INTRO TO AWS: SECURITY

vcenter Server Appliance Configuration Update 1 Modified on 04 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Installation Guide. EventTracker Enterprise. Install Guide Centre Park Drive Publication Date: Aug 03, U.S. Toll Free:

CA Automation Capabilities A Technical Look at Process and Runbook Automation. Tom Kouhsari and AJ Dennis

the SWIFT Customer Security

MyCloud Computing Business computing in the cloud, ready to go in minutes

Exam : Implementing Microsoft Azure Infrastructure Solutions

Best Practices for Monitoring VMware with System Center Operations Manager

VMware vcloud Air SOC 1 Control Matrix

2018 GLOBALSCAPE TRAINING OVERVIEW

Log Data: A Source of Value. Nagios Enterprises LLC Nagios Enterprises 2017 Logs: A Source of Value // 1

ExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you

Getting started with System Center Essentials 2007

Automating for Agility in the Data Center. Purnima Padmanabhan Jeff Evans BMC Software

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY

NetApp Element Plug-in for vcenter Server User Guide

Tivoli Application Dependency Discovery Manager Version 7.3. Sensor Reference IBM

Smart Net Total Care SNTC Deployment, Demo and Features. Hernani Crespi Technical Engagement Manager Oct 2014

SERVICE DESCRIPTION MANAGED FIREWALL/VPN

The Convergence of Management and Security. Stephen Brown, Sr. Product Manager December 2008

Threat Detection and Response Release Notes Introduction

WhatsUpGold. v14. Getting Started Guide

Administering System Center Configuration Manager and Intune

Core Services for ediscovery Perfection

Data Sheet: Archiving Altiris Server Management Suite 7.0 Essential server management: Discover, provision, manage, and monitor

HySecure Quick Start Guide. HySecure 5.0

ConRes IaaS Management Services for Microsoft Azure

Transcription:

OPMANTEK NETWORK MANAGEMENT AND IT AUDIT SOFTWARE Troubleshooting Open-AudIT Discoveries v1 January 2019

We will send you the recording. Submit your questions anytime. We ll do Q&A throughout. Please complete the Exit survey.

Topics for Today In this Webinar we will review the processes and methodologies for understanding why your Discoveries aren't finding and auditing devices. We will cover everything from installation problems, to server and target device configuration, common network issues, and challenges cause by antivirus, firewalls, and credentials. Join us for this hour long session while we explore How to use Open-AudIT's logs and tables to aid in Troubleshooting Command line options for testing connectivity from the Open-AudIT server to your target device(s) Options for determining what processes on the target device is stopping an audit from running

IT Service Management Maturity Model Level 0 CHAOTIC Ad Hoc Undocumented Unpredictable Multiple help desks Minimal IT operations User call notification Tool Leverage Level 1 REACTIVE Fight fires Inventory Desktop software distribution Initiate problem management process Alert and event management Measure component availability (up/down) Level 2 PROACTIVE Analyze trends Set thresholds Predict problems Measure application availability Automate Mature problem configuration, change, asset and performance mgmt. processes Operational Process Engineering SERVICES Level 3 Increasing Performance & Value to Organization VALUE IT as a strategic business partner IT as a service provider IT and business metric Define services, classes, linkage pricing IT/business collaboration Understand costs improves business process Guarantee SLAs Real-time infrastructure Measure and report Business planning service availability Integrate processes Capacity Mgmt. Service Delivery Process Engineering Level 4 Service & Account Management Manage IT as a Business

References Where can I go when I have questions? Opmantek - https://opmantek.com/it-audit-configuration-and-compliance-bundle/ Open-AudIT Wiki https://community.opmantek.com/display/oa/home Opmantek VM https://tinyurl.com/ybqqn66h Community Questions Board - https://community.opmantek.com/questions Support Issues support@opmantek.com Sales usa@opmantek.com

Architecting a Solution Open-Source Open-AudIT Community: Basic Device Discovery and Auditing Commercial Solutions Open-AudIT Professional: Scheduled discoveries Open-AudIT Enterprise: Cloud Auditing, scalability

Community Professional Enterprise Network Discovery Yes Yes Yes Device and Software Auditing Yes Yes Yes Configuration Changes Detection and Reporting Yes Yes Yes Hardware Warranty Status Yes Yes Yes Inventory Management Yes Yes Yes Custom Fields Yes Yes Yes Interactive Dashboard Yes Yes Geographical Maps Yes Yes Devices Export Yes Yes Scheduling discovery and reporting Yes Yes Enhanced Reports incl. Time based, Historical and Multi Reporting Yes Yes High Scale Yes High Availability Yes Visual Racks Yes Cloud Auditing (AWS, Azure) Yes File Auditing Yes Baselines Yes Configurable Role Based Access Control including AD and LDAP Yes RESTful API Yes Commercial Support Yes Yes

DEVICE DISCOVERY AND AUDITING

Open-AudIT So, what is this Open-AudIT thing anyway? Agentless device discovery and auditing From network devices to servers and workstations, even HVAC units and VOIP devices AIX, ESXi, HP-UX/Linux/Unix, macos, Sun-Solaris, Windows (Win98/NT2k forward) Flexible auditing options to handle all network configurations and security configurations, including air-gapped networks. Easily scales from laptop deployments through multi-site 100k+ device deployments

Link A - Audit a computer with no network connectivity Link B - How to use Active Directory Discovery Link C - Collector / Server Link D - Auditing with a Script Link E - Building your Network Discovery

Device Discovery Process Flow

Discovery Process How does Open-AudIT work? NMAP is used to determine if a device exists at an IP Scans top 1k TCP ports, plus UDP 62078 (Apple IOS) and UDP 161 (SNMP) If any ports respond OPEN or CLOSED then Open-AudIT considers it a valid device A target that responds with ONLY UDP/161 and NO other ports is NOT a device The open NMAP ports are then used to determine what kind of device it is and how to talk to it, i.e. WMI, SNMP, SSH, etc. WMI and SSH issues commands remotely, then execute discovery script

System Configuration Port and Protocol Requirements 22/TCP SSH 135/TCP WMI 161/UDP - SNMP 80 or 443/TCP HTTP/S 445/TCP File and Print Sharing, AD https://community.opmantek.com/display/oa/information+about+network+ports

Target Client Configuration Most common problems encountered. Ensure appropriate ports are open to the Open-AudIT server Ensure services (SNMP/WMI/SMB) are running and configured Appropriate credential sets Disable or configure firewall to allow audit Check Windows firewall and Linux iptables https://community.opmantek.com/display/oa/target+client+configuration

INTRODUCTION TO TROUBLESHOOTING DISCOVERY

Troubleshooting Houston we have a problem. Check target client configuration Disable Blessed Subnets (Admin->Configuration->All, set blessed_subnets_use to n) Stop all running discoveries Set Log Level to verbose (Admin->Configuration->All, set log_level to 7) Audit an individual device Analyse the discovery_log table (Admin->Database-> List Tables) https://community.opmantek.com/display/oa/troubleshooting

Device Discovery Process Flow

Log Analysis Match the log entries to the discovery steps 1. Did NMAP recognize a device at that IP address 2. Which ports/protocols were open 3. Are the correct ports open for the protocol you would expect for the device type 4. Were the credentials accepted for the device 5. Was the audit script written to the device 6. Were results returned from the audit script back to Open-AudIT https://community.opmantek.com/display/oa/troubleshooting

Testing NMAP Verify the ports and protocols you expect are open Execute these commands from the Open-AudIT server s command line: Run a fast scan of the first 100 ports of the device nmap F {ip_address} Run a scan on 161/UDP to check for SNMP nmap su p 161 {ip_address} https://community.opmantek.com/display/oa/troubleshooting

Check Audit Ports Responding Open Verify the ports and protocols you expect are open AIX/ESX/Linux/OSX/Solaris 22/tcp (SSH) (SNMP is also supported) Windows 135/tcp (WMI) (SNMP is also supported) Network gear 161/udp (SNMP) https://community.opmantek.com/display/oa/target+client+configuration

Calling for Beta Testers Interested in helping Opmantek improve the quality of OAE? The next version of Open-AudIT is now in development. If you are interested reach out to beta@opmantek.com

CONTACT FOR FOLLOW UP Commercial enquiries: Tom Wiri Account Executive +1 (512) 430-4450 usa@opmantek.com Technical enquiries: Mark Henry Senior Engineer +1 (207) 951-2428 markh@opmantek.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback