Adding Redundancy and Security to Network-Monitoring Systems

Previous page
Table of content
Next page

Network-monitoring systems are deployed to monitor the network for potential problems. Unfortunately, the network-monitoring system itself is equally prone to hardware or software failure. This can leave the entire system susceptible to unnoticed failures while the Netadmin has let his guard down. It is good practice for Netadmins to add a second network-monitoring system in conjunction with the primary server. Big Brother allows multiple instances of BBDISPLAY, BBPAGER, and BBNET server. The only requirement is that the bb-hosts files must be identical on all the servers. Note that multiple BBPAGER servers can result in multiple notifications for the same event. Similarly, Nagios allows you to run dual servers in redundancy or failover mode. In redundancy mode, two Nagios servers monitor the network concurrently, but the one designated as slave sends notification only when the other Nagios server is down. In the failover mode, the slave Nagios server sits idle and neither runs tests nor sends notifications. The slave starts monitoring and sending notifications only when the master is down.

Also, ensure that the secondary monitoring system is connected to a different switch and uninterrupted power supply (UPS) than the primary one, to avoid a single point of failure.

When monitoring systems on both public and private sides of the firewall, you should place the network-monitoring systems on the inside network. The Netadmin should ensure that the operating system on the network-monitoring server has been patched with the latest security updates. Network-monitoring servers are often left unsecured and with weak passwords, whereas the production servers are given special attention. Netadmins should be aware that the unprotected network-monitoring server can act as a back door for attackers.

Note

To secure your Linux system, use the Bastille Linux hardening script from http://www.bastille-linux.org/. Another URL for hardening Debian-Linux is http://www.debianhardened.org/. A Windows server must be updated regularly with the latest service packs and security patches. In addition, turn off all services and features that are not required, including default programs such as Windows Media Player and Outlook Express.



Previous page
Table of content
Next page
Network Administrators Survival Guide
Network Administrators Survival Guide
ISBN: 1587052113
EAN: 2147483647
Year: 2006
Pages: 106
Authors: Anand Deveriya
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Metrics and Models in Software Quality Engineering (2nd Edition)
101 Microsoft Visual Basic .NET Applications
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy