Network Monitoring System

NETWORKMONITORING SYSTEM

Rofiq Fauzi

Jakarta, Nov 1, 2016

ID-NETWORKERS | WWW.IDN.ID

1

ABOUT ROFIQ FAUZI

ID-NETWORKERS | www.training-mikrotik.com

CONSULTANT

CERTIFIED TRAINER

http://www.mikrotik.com/consultants/asia/indonesia

• 2004, Politeknik Negeri Semarang (Telecommunication Engineering)& 2008 Universitas Semarang (Teknik Informatika)

• 2007-2012, Network & Wireless Engineer at INDOSAT• 2012-Now, MikroTik Consultant & Certified Trainer at ID-Networkers.• 2013-Now, Remote Consultant at Connexin.co.uk• 2013-Now, Network Manager, ISP in Salatiga• 2013-Now, Co founder, IDNFoundation.org

http://www.mikrotik.com/training/partners/asia/indonesia

2

MY PREVIOUS JOB


01. TRANSMISSION ENGINEERLearn about Telco transmission infrastructure,

installation and maintenance, especially in microwave transmission

02. NETWORK ENGINEERLearn lot of thing about TCP/IP, Telco network

topology and infrastructure, how to install, maintenance and troubleshooting

03. PROCUREMENTI learn lot of thing here, how to handle meeting, how to

make formal letter, how to build communication and relation ship with corporate vendor

EMPLOYEE

ID – NETWORKERS | WWW.ID-NETWORKERS.COM

If you want to be an entrepreneur, it's not a job

it's a lifestyle..(Niklas Zennstrom),

MY CURRENT JOB

Malaysia, Singapore, Cambodia, Thailand, Philipine, Qatar, Finland, Poland, Turkey, Singapore,India, Nepal, Myanmar

ID NETWORKERS


In the Most Prestigious Networking Certification

EXPERT LEVEL TRAINERS & CONSULTANS

OVERVIEW

We are young entrepreneurs, we are only one trainingpartner & consultant who has expert level trainers in themost prestigious networking certification, CCIE Guru ,JNCIE Guru and MTCINE guru, which very limitednumber in Indonesia even Asia. Proven that hundred ofour students pass the certification exam every year. Weare the biggest certification factory in Indonesia.

WEBSITE www.idn.id | www.trainingmikrotik.com

5

ABOUT idNfoundation.org

ID-NETWORKERS | www.trainingmikrotik.com

6

• NGO as Yayasan IDN – Kemenkumham No.AHU – 0025185. AH .01.04 tahun 2016

• Programü Sekolah IT gratis SD s/d SMP (Super

Human Project) – first timeü Pesantren Networking (program pelatihan

gratis lulusan SMK 1 tahun) angkatan ke-4ü Pelatihan gratis untuk guru-guru SMK TKJ

– since 2014ü SMK Madinatul Qur’an – since 2014

PESANTREN NETWORKING


7

SUPER HUMAN PROJECT


8

EATPRAY

CODING

SUPER HUMAN PROJECT


9

EATPRAY

CODING

SUPER HUMAN PROJECT


10

EATPRAY

CODING

SUPER HUMAN PROJECT


11

LEARNENGLISH

EATPRAY

CODING

SUPER HUMAN PROJECT


12

PLAYINGJ

NETWORK MONITORING SYSTEM (NMS)

13


WHAT IS NMS?

NOC


Monitoring an active communications network in order todiagnose problems and gather statistics for administrationand fine tuning.

the use of a system that constantly monitors a computernetwork for slow or failing components and that notifies thenetwork administrator in case of outages via email, pager orother alarms. It is a subset of the functions involved in networkmanagement

WHAT IS NMS?


WHAT IS NMS?


• Identifying unofficial services or servers• Monitoring usage and traffic statistics• Troubleshooting your network• Investigating a security incident• Keeping logs of users activities for

accountability

17

WHAT NMS USE FOR?


18

• Who is accessing your network?– students, academics, staff, visitors or others

• What are they accessing your network for?– academic study, social use, business use, illegal use

• Where are they accessing your network from?– internal, external

• How are they accessing your network?– remote user, local Ethernet, WAN, dial-up, Wi-Fi, VPN

• When did they access your network?– today, yesterday, last week, last month…

Who DOING What? Where? How? When?

LIST OF NMS


19

QUIZ?


WHAT IS THE SIMPLEST NETWORK NAMANEGEMENT TOOL

20


21

WHAT is PING and Traceroute?• Ping

– measure the time for a packet to travel to a remote host and back

– The server sends back an acknowledgment when the packet arrives

• Traceroute– list the router hops between the client host and a

remote host.– The IP address and domain name (if there is one) of

each router is returned to the client

PING


mac:~ ropix$ ping 8.8.8.8PING 8.8.8.8 (8.8.8.8): 56 data bytes64 bytes from 8.8.8.8: icmp_seq=0 ttl=43 time=224.472 ms64 bytes from 8.8.8.8: icmp_seq=1 ttl=43 time=206.019 ms64 bytes from 8.8.8.8: icmp_seq=2 ttl=43 time=192.759 ms64 bytes from 8.8.8.8: icmp_seq=3 ttl=43 time=84.939 ms64 bytes from 8.8.8.8: icmp_seq=4 ttl=43 time=54.392 ms64 bytes from 8.8.8.8: icmp_seq=5 ttl=43 time=24.057 ms64 bytes from 8.8.8.8: icmp_seq=6 ttl=43 time=31.974 msRequest timeout for icmp_seq 764 bytes from 8.8.8.8: icmp_seq=8 ttl=43 time=19.879 ms64 bytes from 8.8.8.8: icmp_seq=9 ttl=43 time=31.391 msRequest timeout for icmp_seq 1064 bytes from 8.8.8.8: icmp_seq=10 ttl=43 time=1055.267 ms64 bytes from 8.8.8.8: icmp_seq=11 ttl=43 time=214.318 ms

22

Respond time from8.8.8.8 to our pc

TTL = Time to live

TRACEROUTE


mac:~ ropix$ traceroute detik.comtraceroute: Warning: detik.com has multiple addresses; using 103.49.221.211traceroute to detik.com (103.49.221.211), 64 hops max, 52 byte packets1 192.168.2.1 (192.168.2.1) 7.568 ms 2.346 ms 1.384 ms2 192.168.1.1 (192.168.1.1) 8.758 ms 74.343 ms 7.884 ms3 10.90.0.1 (10.90.0.1) 2.805 ms 3.487 ms 3.013 ms4 172.16.88.33 (172.16.88.33) 5.365 ms

172.16.88.29 (172.16.88.29) 9.179 ms172.16.88.33 (172.16.88.33) 2.959 ms

5 172.16.88.134 (172.16.88.134) 2.926 ms172.16.88.146 (172.16.88.146) 3.245 ms172.16.88.134 (172.16.88.134) 10.214 ms

6 * * * 7 tengiga-0-0.openixp.net (218.100.27.128) 57.063 ms 3.339 ms 3.265 ms8 detik.openixp.net (218.100.36.9) 3.949 ms 10.155 ms 3.713 ms9 203.190.244.34 (203.190.244.34) 7.879 ms 3.556 ms 3.671 ms10 103.49.221.211 (103.49.221.211) 4.602 ms 3.744 ms 3.911 ms

23

Number of hop from laptop to detik.com

QUIZ


WHAT IS THE laziest NETWORK NAMANEGEMENT SYSTEM

24

THE laziest NMS


25

When the music stops playing, mean internet is down

Music Streaming

Multi Router Traffic Grapher (MRTG)

26


27

WHAT is MRTG?• Tool to monitor the traffic load on network links.• MRTG generates HTML pages containing PNG

images which provide a LIVE visualrepresentation of this traffic.

• MRTG uses the Simple Network ManagementProtocol (SNMP) to send requests withtwo object identifiers (OIDs) to a device.

• Example tools : Linux-mrtg, cacti, prtg, munin,observium, etc


28

WHAT is MRTG?A sample MRTG bandwidth graph

QUIZ


WHAT IS THE MOST POPULAR & FREE Mrtg MONITORING SYSTEM

29


30

• Free and open source.• Based on PHP and MySQL.• A tool to monitor, store and present network and

system/server statistics• Designed around RRDTool to graph SNMP with

a special emphasis on the graphical interface• Almost all of Cacti's functionality can be

configured via the Web.• You can find Cacti here: http://www.cacti.net/

WHAT IS CACTI?


31

• SNMP (Simple Network Management Protocol).• Use for collecting and organizing information

about managed devices on IP networks.• Also for modifying that information to change

device behavior

WHAT IS SNMP?


32

WHAT IS SNMP?


33

CACTI VIEW


34

HOW TO INSTALL CACTI on UBUNTU SERVERBefore installing cacti you need to make sure to install all dependencies1. LAMP server

First step is to install Lamp server (Apache, Mysql, PHP)apt-get install apache2 mysql-server php5 libapache2-mod-php5

2. SNMP & SNMPDIf you want to monitor the localhost where cacti is installed you need to install and configure the service snmpd.sudo apt-get -y install snmp snmpd


35

HOW TO INSTALL CACTI on UBUNTU SERVER3. Cacti and spine

If you want a faster way to poll servers for information than the default php script cmd.php, you need to install cacti-spine.sudo apt-get -y install cacti cacti-spine

Popup message will appear like this just select OK and move on


36

SETUP CACTIVisit the following url to start the installation of cacti. http://your-ip-address/cacti. Click on Next to continue.


37

SETUP CACTIEnter User Name and Password (Default admin / admin)

You must change the default password.


38

ADD NEW DEVICE IN CACTI

• We have to activate/enable snmp trap in the deviceswitch will be monitored by cacti.

• For example we want to monitor MikroTik device, soin mikrotik we have to enable snmp with command:

snmp set enabled=yes [email protected]=Jakarta


39



40


IP Router


41


Create Graph


42


Choose interface, graph type, and create


43


Choose device and put in the default tree

THE DUDE

44


45

WHAT is THE DUDE?• The Dude is a free application by MikroTik.• It will automatically scan all devices within

specified subnets,• Draw and layout a map of your networks,

monitor services of your devices and executeactions based on device state changes.

• Not only can you monitor your devices, you canalso manage them.


46

THE DUDE Features • Client-server• Supports various network monitoring tasks from

simple ping checks to port probes and service checks.• Support SNMP to access traffic individual link usage

monitoring and graphs.• Direct access to remote control tools for device

management.• Support logs server.

THE DUDE Look Like


47


48

INSTALL THE DUDE ON WINDOWS• Only The Dude version 3 and 4 can

be installed in Windows / Mac.• Newest dude (version 6) can be

installed only in MikroTik RouterOS.• There is no big different between

new and old version.


49

Add Device in The Dude


50

Add Device in The Dude


51

CUSTOMIZE DEVICE IN The Dude


52

CUSTOMIZE LINK IN The Dude


53

CUSTOMIZE LINK IN The Dude

PRTG (Paessler Router Traffic Grapher)

54


55

WHAT IS PRTG?• Premium network monitoring tool by Paessler

(Germany Company)• Installed in a few minutes• Automatically discovers your entire network• Use as Free Network Monitoring Software with

100 sensors• Tool monitors your network 24/7• Alerts you before emergencies occur• Used by 150,000 administrators worldwide


56

HOW MUCH PRICE OF PRTG LICENSE?


57

THE PRTG FEATUREs?• Supports the three most common methods of data

acquisition:• SNMP (Simple Network Management Protocol) to

access traffic counters or other readings from SNMPenabled devices (most common)

• Packet Sniffing to look at incoming/outgoing networkpackets that pass through a network card of a compute

• NetFlow analyzer.


58

WHAT IS NETFLOW?• NetFlow is a feature that was introduced on Cisco

routers that provides the ability to collect IP networktraffic as it enters or exits an interface.

• By analyzing the data provided by NetFlow, anetwork administrator can determine things such asthe source and destination of traffic, class of service,and the causes of congestion


59

INSTALL PRTG IN WINDOWS?• Download PRTG from https://www.paessler.com/,

chose the trial version (input your email).• Follow the step to install in windows, until its need

license key.• Input your license key which you get it in your email

after registration for download.


60

WHAT PRTG WITH NETFLOW LOOK LIKE?

DEMO SECTION

61

“If you cannot survive in the tired of learning, then you will be suffering by the pain of stupidity” (Imam Syafi’i)

THANK YOUFOR YOUR TIME

If you have any other questions or would like me to clarify anything else, please, let me know. I am always glad to help in any way I can

Jakarta & Semarang, [email protected]+62 [email protected]/ropix

ADDRESS:

WEBSITE:

EMAIL:TELEPHONE:

id.linkedin.com/in/ropix/rofiq.fauzi

CONTACT


62

Internet

Network Monitoring System