Uploaded by jacob_bonney

Assessment Task - System and Network Monitoring with Nagios

advertisement
ICA50411 - Diploma of Information Technology Networking
Task – System and Network Monitoring with Nagios
ICA11 R2 IT Training Package
28. System and Network Monitoring with Nagios
Nagios is the industry standard in IT infrastructure monitoring
Achieve instant awareness of IT infrastructure problems, so downtime doesn't adversely affect your business.
Nagios offers complete monitoring and alerting for servers, switches, applications, and services.
With Nagios you can:







Monitor your entire IT infrastructure
Spot problems before they occur
Know immediately when problems arise
Share availability data with stakeholders
Detect security breaches
Plan and budget for IT upgrades
Reduce downtime and business losses
Nagios is Open Source Software licensed under the GNU GPL V2.















Monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
Monitoring of host resources (processor load, disk usage, system logs) on a majority of network
operating systems, including Microsoft Windows with the NSClient++ plugin or Check_MK.
Monitoring of anything else like probes (temperature, alarms...) which have the ability to send
collected data via a network to specifically written plugins
Monitoring via remotely-run scripts via Nagios Remote Plugin Executor
Remote monitoring supported through SSH or SSL encrypted tunnels.
Simple plugin design that allows users to easily develop their own service checks depending on needs,
by using the tools of choice (shell scripts, C++, Perl, Ruby, Python, PHP, C#, etc.)
Plugins available for graphing of data (Nagiosgraph, PNP4Nagios, Splunk for Nagios, and others
available)
Parallelized service checks available
Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction
between hosts that are down and those that are unreachable
Contact notifications when service or host problems occur and get resolved (via e-mail, pager, SMS, or
any user-defined method through plugin system)
Ability to define event handlers to be run during service or host events for proactive problem
resolution
Automatic log file rotation
Support for implementing redundant monitoring hosts
Optional web-interface for viewing current network status, notifications, problem history, log files,
etc.
Data storage is done in text files rather than database
28.1. Install Nagios System
Your task is to Install the Nagios system and use it to monitor your infrastructure in a range of scenarios. There
are a number of parts to this task each building in complexity upon the previous.
Complete the following tasks:
M Schmalfuss, IT – Hobart, Version 1.4 – 28/07/2013
1
ICA50411 - Diploma of Information Technology Networking
Task – System and Network Monitoring with Nagios
ICA11 R2 IT Training Package
28.1.1. Task – Install Nagios Monitoring System
1.
2.
3.
Install Operating System
Configure network and localhost
Configure Administrator services for system
a. user accounts
b. sudoers
c. ssh
d. webmin
e. firewall
4. Install Nagios prerequisites
a. Apache
b. MySQL
c. PHP
d. relevant plug-ins and connectors
e. Check documentation for others
5. Test web server
6. Install Nagios
7. Test Installation
8. Install nconf (a Nagios frontend)
9. Modify nagios for nconf
10. Test configurations
11. Network monitor Map
12. Update journal and documentation for assessment
28.2. Host and Services Monitoring
Once the Nagios system is up and running you will now add hosts which are to be monitored and reported by
the system.
Given that each LAN consists of:









Windows Server
Linux Server
Enterprise Switch
Enterprise Router
Wireless Access Point
Printer
Web Server
Mail Server
Firewall Gateway Device
M Schmalfuss, IT – Hobart, Version 1.4 – 28/07/2013
2
ICA50411 - Diploma of Information Technology Networking
Task – System and Network Monitoring with Nagios
ICA11 R2 IT Training Package
Follow through the documentation to achieve the following tasks
28.2.1. Task – Nagios monitoring for Hosts and Services
1.
2.
3.
4.
5.
6.
7.
Add Hosts for monitoring
Add Services for monitoring
Attach services for hosts
Add network components
Document configurations
Update journal and documentation for assessment
Submit evidence document to the Learning Management System
28.3. Network Monitoring
Once the hosts are added to the system and monitoring is occurring you will want to analyse the logs and
reports and have Nagios raise alarms when certain events occur.
Monitor Protection
The LAN and security framework should include:
 Nessus - Vunerablilty Assessment
 Nagios - Host and Service Monitoring, Logging and Alarms
 IDS IPS Snort - Intrusion Detection, Logging, Capture and Alarms
 Honey Pot - To capture interesting traffic
Monitors may be installed with special ethernet tapping cabling to conceal presence.
 Each Student has a Virtual Environment incorporating Enterprise Network components as listed.
 Nagios may be used as a Distributed Collector for a Central Monitor.
 So a large amount of host and services data may be gathered and monitored.
Alerts and Alarms
 Set up a proper DNS infrastructure.
 DNS will enable all hosts to be referred to by name and domain.
 Email services set up so that Alerts may be able to be automatically generated and distributed.
M Schmalfuss, IT – Hobart, Version 1.4 – 28/07/2013
3
ICA50411 - Diploma of Information Technology Networking
Task – System and Network Monitoring with Nagios
ICA11 R2 IT Training Package
28.3.1. Task – Network Monitoring and Alarms
1.
2.
3.
4.
5.
6.
7.
View and record many reports for hosts from various platforms such as:
a. Windows Server
b. Linux Server
c. Appliance type server
d. LAN Switch
e. Router
f. Wireless Access Point
g. Printer
Create and alarm for some certain events such as:
a. Failed Logon
b. Service going down
c. Network connection going down
d. Web service page failure
e. Excessive icmp traffic
f. Port scanning traffic
Create varied event scenarios which will trigger and alarm
Test monitoring and alarm
Document configurations
Update journal and documentation for assessment
Submit evidence document to the Learning Management System
M Schmalfuss, IT – Hobart, Version 1.4 – 28/07/2013
4
Download