Transcript System Center 2012 Device Monitoring Solution SNMP Device

System Center 2012
Device Monitoring Solution
Created by Tyson Flint & Gabe Markowitz
March 26th, 2014
Overview of Devices used for the Proof of Concept
25 Different Hardware Types
IP Based Security Cameras
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Panasonic WV-NW484S
Panasonic WV-NF284
Panasonic WV-SF336 H264
ArecontVision AV3135
ArecontVision AV2155 H264
ArecontVision AV8365 H264
Sony SNC-DH120_VCS2
Sony SNC-DH220 H264
Sony SNC-DH140_VCS2
IQinVision IQA12S
IQinVision IQeye852
IQinVision IQA10S
Axis P3354 H264
Axis P3344
Axis P3343 H264
Power Supply Panels
• LifeSafety Power
• Altronix
Access Control Panels
•
7/17/2015
Digital Alarm Receivers
• Bosch D6600
• Lantronix UDS 2100
• Lantronix CoBox-FL-11 UDS-5350558
Stentofon Zenitel (Intercoms)
• Stentofon Master Exchange - AlphaWebXE
• AlphaWebX
Intrusion Panel
• Bosch B420 Intrusion Panel
PoE Switch
• Interlogix GE-DS-82-POE Managed Switch
Storage Array
• Equilogic MD1000
Mercury (Lenel) LNL-3300
© Copyright Denali Advanced Integration. All Rights Reserved.
2
Overview of Investigation
• Evaluate device for SNMP support or not.
• Support for enabling SNMP remotely via HTTP.
• Remote reboot capability either by writing to a value to an OID or by using a special HTTP request.
• Are the OIDs writeable, or read-only (like the sysContact, sysName, sysLocation, sysDescription
fields – info pulled by SCOM).
• Do the OIDs returned by an SNMPWalk show custom private enterprise OIDs? Are we able to get
the MIB file from the device manufacturer?
• Do the devices have sensors or probes and can they be alerted upon via SNMP or HTTP?
• Which version of SNMP does the device support (v1, v2c, v3)?
7/17/2015
© Copyright Denali Advanced Integration. All Rights Reserved.
3
Standard OIDs used by System Center 2012
All SNMP Based Cameras, Security Panels, Power Supplies, Switches and Management Servers
Object
Name
7/17/2015
OID
Values
Comments
sysDescr
1.3.6.1.2.1.1.1
NW484 Series
Model number
sysObjectID
1.3.6.1.2.1.1.2
1.3.6.1.5.1.258.5001.100.1000
ID
sysUpTime
1.3.6.1.2.1.1.3
23:20.6
Lapsed time after turning on
a camera
sysContact
1.3.6.1.2.1.1.4
[email protected]
The email address or the
phone number of who's
responsible for the device.
sysName
1.3.6.1.2.1.1.5
047 11XE OTC EAS #6801
A friendly name to be used
to manage the camera
sysLocation
1.3.6.1.2.1.1.6
REDMOND-CAMPUS122-LNVR12
The name of the location
where the camera is
installed.
© Copyright Denali Advanced Integration. All Rights Reserved.
4
SNMP Tools used in obtaining Device Information
The following tools were used in discovering PoC device capabilities:
• GetIf - http://www.wtcs.org/SNMP4tpc/getif.htm
• iReasoning MIB Browser – http://ireasoning.com/mibbrowser.shtml
• SmpSoft Free Command-line Tools – http://www.SNMPsoft.com/freetools
• Net-SNMP for Windows – http://www.net-SNMP.org
• Fiddler HTTP debugging proxy – http://www.telerik.com/fiddler
• WMI Code Creator – http://www.microsoft.com/en-us/download/details.aspx?id=8572
• Foundstone SuperScan – http://www.mcafee.com/us/downloads/free-tools/superscan3.aspx
7/17/2015
© Copyright Denali Advanced Integration. All Rights Reserved.
5
Device Commonalties:
Commonalities across all devices used during the PoC:
• Most devices utilized SNMP v1 and v2c
• Most Devices used Standard MIB’s.
• Many Device Manufactures have Enterprise OID’s for additional
functionality.
• Devices used Industry Standard OID’s.
7/17/2015
• 1.1 – sysDescr
8.1 -- egp
• 2.1 – interface counters
9.1 -- cmot
• 1.3 – at
10.1 -- transmission
• 4.1 -- ip counters
11.1 – SNMP counters
• 5.1 -- Icmp counters
31.1 -- ifMIBObjects
• 6.1 -- TCP counters
55.1 – ipv6MIBObjects
© Copyright Denali Advanced Integration. All Rights Reserved.
6
Items That Could be Standardized:
What we found lacking that could be beneficial across all devices:
• Better availability of Enterprise MIB Files. Out of 16 device manufactures we were
able to obtain 5 Enterprise MIBs.
• Standard way of enabling and configuring SNMP on devices.
• Standard implementation of SNMP on devices. Some devices are read only!
• Standardization of OID Values. SysUpTime for example has been implemented
on some devices with different values. Example 23:23.6 & 23:23:6
• Many devices have probes that are not available from SNMP.
• OID’s can be difficult to pair with a friendly name unless tools are used.
• MIB files with friendly descriptions. Many devices had blank descriptions.
7/17/2015
© Copyright Denali Advanced Integration. All Rights Reserved.
7
Challenges:
Challenges we found when working with devices:
• Non- consistent way of enabling SNMP on devices. Some had web interfaces,
some used web commands. Some devices SNMP was enabled by default with
standard community strings.
• Some devices have Read Only sysDescr OID’s.
• Obtaining MIB files from manufactures.
• OID values returned are not consistent with the data type represented.
• Senor data available in ONVIF, PSIA and HTTP but not available via SNMP.
• MIB’s are not always friendly. Some OID’s give a name such as Sensor 2 but don’t
provide a description of the sensor.
7/17/2015
© Copyright Denali Advanced Integration. All Rights Reserved.
8
Nice to Haves:
Items that would make implementing SNMP Monitoring easer:
• MIBs available for download or embedded on the device’s file system.
• MIBs should have the description field populated. OID names are not always
Intuitive.
• sysDescr OIDs should be writable.
• Device senor information available through SNMP OIDs.
• Standardization and enforcement during firmware development of OID values
for given data types. (TimeTicks)
• More devices with support for SMNP v3.
7/17/2015
© Copyright Denali Advanced Integration. All Rights Reserved.
9
System Center 2012 Demo
Questions?
Thank you.