Main Page

From AVNOC

Revision as of 17:31, 16 March 2017 by EdLang (talk | contribs)

AVNOC provides a secure monitoring framework.

Instructional Videos

NOTE: If The Videos are Scrolling Too Fast Stop the Video as it Plays

A brief introduction to what role the Agent Plays in the monitoring plan.

| Agent Introduction

Introduction on hosting scenarios.

| Hosting Introduction

Introduction to adding a Customer.

| Add a Customer/Agent

Having trouble Logging In?

| Login Help

Browser Tips

To find things on a web page use CTRL-F (CONTROL-F).

To Enlarge test use CTRL+ (CONROL-PLUS) To Decrease Text use CTRL- (CONTROL-MINUS)

Browser Cache Settings

Most browsers think they are smarter than the user and want to cache certain portions of a web page and present them to the user. This does not work for dynamic web applications that use java script to build web pages. AVNOC is java script based and requires the browser cache to be turned off.

Turn Chrome Cache Off

There are two more options to disable page caching in Chrome for good:

Deactivate Chrome Cache in the Registry

Open Registry (Start -> Command -> Regedit)

Search for: HKEY_CLASSES_ROOT\ChromeHTML\shell\open\command

Change the part after ...chrome.exe" to this value: –disable-application-cache –media-cache-size=1 –disk-cache-size=1 — "%1"

Example: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -disable-application-cache –media-cache-size=1 –disk-cache-size=1 — "%1"

IMPORTANT:

there is a space and a hyphen after ...chrome.exe" leave the path to chrome.exe as it is If you copy the line, be sure to check, if the quotes are actual quotes.

Deactivate Chrome cache by changing the shortcut properties

Open Windows Start Menu

Find Chrome Shortcut

Right Click on Properties

Right-click on the Chrome icon and select "Properties" in the context menu. Add following value to the path: –disk-cache-size=1

Example: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" –disk-cache-dir=null

IMPORTANT:

there is a space and a hyphen after ...chrome.exe" leave the path to chrome.exe as it is

Turn Firefox Cache Off

1. enter about:config in the url bar 2. Find browser.cache.disk.enable (Non Private Browsing) 2.1 Click to toggle value to false

Turn Internet Explorer Cache Off

Click on Tools Click on Settings Click on Every time I visit the webpage

Installing AVNOC

AVNOC is delivered as:

  • Hardware Agent: Pre-configured to be plug and play once it lands in the customers network.
  • Software Agent: ISO Installer Pre-configured to be plug and play once it lands in the customers network.
  • Hosting Portal: ISO Installer Pre-configured to be plug and play once it lands in the customers network.
  • Support Gateway: ISO Installer Pre-configured to be plug and play once it lands in the customers network. Require final configuration once installed.

ISO Installer

Our installer is a DISK DRIVE DUPLICATOR. The bootable iso uses Clonezilla to copy a disk drive image from our servers to a VM or Bare Metal device in your environment.

Misconceptions

  • It is not w Windows Installer. It can be installed under windows HyperVisor.
  • It is not a RedHat RPM. It is a current version Debian Install.
  • It is not a Linux Debian Package.

Why a Disk Image

Disk images are compatible across multiple VM strategies including VM Ware, Citrix XEN and Bare Metal installations.

Questions about OVA's

Why not use an OVA?

OVA installations are huge, the size of the hard drive. OVA files are not cross compatible between Citrix and VM Ware.

Moving huge files around are not an option using our installation we achieve small file sizes and cross platform compatibility.

OS Patching

Hosting Portals and Agents are patched daily using an automated script. OS and Security patches are included. It may take a little longer for some processes to update but it time well spent.

Automating the patching process without any intervention was a requirement.

Application Patches

We have a 6 month release cycle for platform updates.

Security patches are rolled out as needed.

Bug fixes are rolled out as needed.


Best Practices for End Customer Setup

On boarding the end customer is crucial. End customers come in different levels of experience and can be a hindrance when trying to implement AVNOC. Customers are looking to the dealer for taking a role in ensuring a successful monitoring solution.


Manage DCHP Reservation System for Asset Management

  • Setup target device for DHCP BOOT, can be endpoints for direct monitoring
  • Put Program On
  • Ask for DHCP Reservation From Customer For target MAC ID and IP Subnet of the RJ45 Jack
  • Update Target Device with Host Name Assigned By Customer
  • Move Target Device to Customer Once Reservation is Complete
  • [| Test Device During Installation]



Obtaining a List of Assets to Monitor

Some customers may already have the needed information available in electronic form.

Customers with lists are the easiest to on board because we can use their data for importing into the asset data base with some modifications to make a correct CSV file.

However, we have found the lists to be out of date and may a general guideline for assets in the building.

The best method for on boarding customers is to perform a site survey, fixing things that need to be fixed along the way. Things like authentication in setting up a secure environment should be fixed during the survey.

During the site survey the asset can be populated for monitoring into the hosting portal.

Site Survey Tools for Network Scanning

Scanning a customers network should be performed with care. The customer may employ intrusion detection and scanning will cause intrusion detection to black list the Agent.

It is safe to scan a private network. If your AV is on a private network say: 192.168.1.XXX, then it is safe to scan the network to obtain the current ip address on the sub net.

Here is a Windows based IP scanner [NMAP IP Address Scanner]. We use the command line version of this by creating a shortcut to cmd in the installation zip folder and setting its properties to start in the same folder. Run nmap to get the options and start scanning.

A sample scan of the 192.168.15 sub net would be nmap -sn 192.168.15.0-255.

This will reveal all ip address that answer for ping. Some of the ip addresses will have net bios names and some will not. This is the down fall of scanning a network, but it is a good starting point. Also, take into consideration that some devices may be DHCP boot and the IP address will not be the same after a power reset.

The information from the scanner can be used to populate Assets.

Fixing Setup During Survey

  • Enable SSH Login for supported devices to retrieve log files. At the time of this writing, Cisco, Polycom (Telnet) Lifesize and Crestron are some of the devices which the log files can be retrieved.
  • Enable SNMP on Crestron in Toolbox and send traps to Agent. Useful for OS related trapping only.
  • Enable SNMP on other devices for Trapping
  • Setup permanent IP address for those devices which are DHCP

Preparing a room for monitoring is a very important step.

In some cases where there was no network connectivity to the corporate LAN, a bridge needs to be made between the private LAN to the corporate LAN.

We suggest using a router to bridge the networks. See [this] for details.

The end customer is looking to the dealer for guidance. Establishing a leading position ensures a successful relationship and add on business in the future.

Most end customers do not understand networking, which is a crucial ingredient for pushing monitoring events to a hosting portal. The hosting portal takes care of ticket management and notification.

Dealers that establish their knowledge in secure networking will be rewarded with continuing business.

Handling Engineering Changes

Once a network has been analyzed and a monitoring plan established, change orders play a big role.

Some changes are transparent such as equipment swap out using the same parameters as original equipment.

Challenging changes are ones where additional equipment is placed in the customers network. This equipment requires on boarding into the hosting portal.

Ip Requests for Agent

We usually operate in an environment where SNMP traps will be sent to the Agent. Using SNMP trapping requires am Agent with a permanent IP address. If this is not the case then the device can be setup with a DHCP boot option.

Customer Firewall Rules

It is VERY important to make sure that the network that the Agent is on can reach the Hosting Portal Port 443 HTTPS. Outbound connections to the hosting portal is all that is required.

Agent Commands

It is recommended to make sure everything is operating as expected during the installation process.

The Agent will contact the Hosting Portal upon power on. This can be verified by logging into the portal and seeing if the last check alive date is recent.

There are some situations that require a forced download and phonehome from the Agent to make sure Crestron, Cisco, etc are communicating with the portal and the local device.

Use putty [Download putty.exe] and run it on your windows desktop.

Putty Tips

Right click the title bar to start another session.

Save your connections for recall.

Change the number of scroll back line

5004.PNG

Change the font size

5005.PNG

Connect to the Agent IP Address and logon.

Force a Download to get current monitoring information

Enter /opt/bin/download PRESS ENTER KEY

Force a Phone Home which does discovery of your Crestron SNMP Devices

Enter /opt/bin/phonehome PRESS ENTER KEY

Once the download and phone home are completed check the hosting portal in about 30 minutes to see if the Crestron devices populated and the log files are retrieved for those assets which can be accessed.


Change IP Address of Agent

Exercise great caution here. If your foul the network setting up, you will need to connect a USB keyboard and HDMI monitor to repair the settings.

Make sure the hosting portal Appliance Setup is changed to match.

Login in using putty and

Type nano /etc/network/interfaces PRESS ENTER

5000.PNG

Edit the settings

5001.PNG

Use the cursor keys to navigate the settings and change the necessary values

Press CTRL-X to exit the editing session

5002.PNG

Enter Y to save the file Press enter

Type service network restart to execute the changes

Log out of Agent then Log in again to work with the Agent on the new IP Address

5003.PNG

After changing the IP address use putty to log in to the new IP address


On Boarding Dealers Agents Hosting Portals and Support Gateways

Use this form IP Information Form to submit information for setup.

AVNOC delivers plug and play Hosting Portals and Agents.

When we on board a new customer a form is sent to the particular parties to be filled out. We use this information in the production process to notify you of the mac id and initial authentication. When you send the data back, we can complete the build and deliver the product to you.

Server Data Fields Definitions

Server Properties
Field Value Chain
Server Mac ID AVNOC When Server is Initialized
Server IP Address Customer when MAC ID Received
Server IP Network ____________________________________________ Customer when MAC ID Received
Server IP Netmask ____________________________________________ Customer when MAC ID Received
Server IP Gateway ____________________________________________ Customer when MAC ID Received

Server Mail Processing

Server Mail Properties
Field Value Chain
Mail Server ____________________________________________ Customer when MAC ID is Received
Mail User ID ____________________________________________ Customer when MAC ID Received
Mail Password ____________________________________________ Customer when MAC ID Received

Agent Data Fields Definitions

Agent Properties
Field Value Chain
Agent Mac ID ____________________________________________ AVNOC When Server is Initialized
Agent IP Address ____________________________________________ Customer when MAC ID Received can be DHCP
Agent IP Network ____________________________________________ Customer when MAC ID Received
Agent IP Netmask ____________________________________________ Customer when MAC ID Received
Agent IP Gateway ____________________________________________ Customer when MAC ID Received

Software Downloads Definitions

Download Properties
Field Value Chain
Download ISO Location ____________________________________________ AVNOC after IP Data Received
Download User ID ____________________________________________ AVNOC after IP Data Received
Download Password ____________________________________________ AVNOC after IP Data Received
Download Server ____________________________________________ AVNOC after IP Data Received


Application User ID Definitions

User ID Hosting Portal
Field Value Chain
Application User ID ____________________________________________ AVNOC after server is built
Application Password ____________________________________________ AVNOC after server is built
Application Password ____________________________________________ AVNOC after server is built
Application Pin Number ____________________________________________ AVNOC after server is built

We pass information back and forth the first phase lets you know the MAC ID of the device. This is usefull for IT Departments for setting up fire wall rules and provisioning.

After we notify the MAC ID, fill out relevant data concerting IP and mail processing(only for server)

When we have the returned information, the server/agent will be provisioned or shipped. For software products, we provide an installation iso. This ISO can be placed in a vm repository or written to a cd. The ISO is booted and the software image is placed on the booting computer.

General Guide Lines

Server - Agent - Gateway - Details

Device Family Monitoring Use Cases

Managing Power

Managing Messaging to Outside Service

Managing Agent HTTPS Proxies


Daily Notices

Selling to End Users