The Next Giant Leap in Operational Efficiency:...

©2009 HP Confidential template rev. 12.10.091©2009 HP Confidential template rev. 12.10.09

Rob HavilandTechnical Marketing EngineerAugust 2010

The Next Giant Leap in Operational Efficiency: Intelligent Management Center

©2009 HP Confidential template rev. 12.10.0922

HP MANAGEMENT PORTFOLIO

Consolidated Operations BridgeEvent Consolidation | Service Health | Analytics | SLM | Reporting | Dashboards

OMi | SH | PI | SLM | BSMR | myBSM

Application Management

EUM / BTMPackaged Apps

System Management

OMSiteScope

Storage Management

Storage Essentials

BSM FoundationCommon Data Model | Actual State DB | PMDB | Shared Services

Network Management

NNMNA

Infrastructure Element Management

Intelligent Management Center, IMC Service ModulesProcurve Manager, PCM modules

Business Services, Operations and Automation

Simple, Advanced Element Management


Intelligent Management

Managing to achieve Efficiency, Productivity and Availability


Vendor Management Tools

CiscoWorks

AlcatelNortel EMS

Epicenter

IronView

Junoscope

RingMaster

Force 10 - FTMS

Enterasys -EMS

General Management Tools

ManageEngine

MRTG

CLI

Syslog

NAC

Open NMS

Nagios

nTop

The State of Management Today … Obstacles !!

The Future of Infrastructure Management

A Single Pane of Management


Critical Elements of an Integrated Management Solution

Unified resourcemanagement

IMC helps enterprises meet the stringent demands of today’s business-critical IT applications

Unified traffic analysis and change management providing full visibility into business-critical networks

Improving endpoint defense, control and visibility through integrated management and enforcement

Integrated access &user management

Single pane visibility

The Silver Bullets


Intelligent Management Center (IMC)– What ?: IMC is a Fully integrated management platform that not

only delivers full FCAPS functionality, but through its Service Orientated Architecture (SOA) & modular design enables highly integrated modules to deliver new functionality to control resources, services and users

– Why?: The IMC provides a single common platform for which HP can rapidly introduce new technologies and products

– Positioning: The various platform offerings and modules allow IMC to be sold to ANY and ALL customers from the SMB to the Service Provider

– Benefits:• Lower TCO • Business Continuity • Defense in Depth management and enforcement


Resources

Users

S

Services

Homepage

Overview of network, user and service information

ResourceIntegrated management of network

resources, faults and performance information

UserIntegrated management of user access and security

ServiceProcess management of service flows

IMC– Resource, Service and User integration


The IMC Product SuitePl

atfo

rms

Mod

ules

8

Voice Services Manager

Network Traffic Analyzer

Wireless Services Manager

IMC Standard

IMC Enterprise

MPLS/VPLS/VPN

Endpoint Admission Defense

User Access Management

Qos/SLA

Tool

s

Integration Kit

And More to come …

©2009 HP Confidential template rev. 12.10.099 ©2009 HP Confidential9

Solving the Visibility Problem


After any enterprise network is constructed, every administrator will face the following problems:

› What applications are running in the network?

› What traffic affects the running of the network?

› What applications are unrelated to services? How to ensure important services?

› How to deploy the resources in the network? How to change the deployment

with the change of services?

› Who or what is consuming bandwidth?

› Whether more bandwidths are needed?

› Which users need to be controlled, and how?

The Problem …


The Solution … NTA

NTA serverNetwork device

Resolves packets sent from the network device

Collects statisticsto the databaseAnalyzes the data

and generates traffic reports

Packet

NetStream/sFlow

Port mirroring traffic

DIG probeObtains device mirroreddata, and generatesNetStream logs

Analyzes network packets

Picks up statistics information of the traffic that matches the conditions

Outputs the statistics information

Cooperation with multiple models of HP A Series routers, switches and all the network devices supporting port mirroring

Support for multiple log formats such as NetStream and sFlow

Automatic generation of four types of reports based on traffic, application, node, and session

Intelligent traffic baseline and abnormal traffic detection

P2P application traffic monitoring and analysis

MAC address and host name based traffic monitoring

Cooperate with UAM component to provide access details query


Traffic Reporting

› A traffic report allows you to analyze and observe the inbound and outbound traffic trends, max/min/average rate, traffic summary, and traffic details in a given period.

Traffic informationis taken at a glance

Short-term data is used as a referenceof abnormal trafficdetection

Long-term traffic trendprovides a basis fornetwork optimization


Application ReportingAn application report allows you to analyze how the usage of an application on an interface varies with time and the change details within a given period.

Who’s consuming bandwidth and what destinations are they going to access?


Top 10 Traffic Report by Source Host

View the hosts with top ranking and traffic statistics information, including source hosts and destination hosts What protocols are they using ? and whom are they communicating with?

What ports are being frequently used?


Solving the Security Problem

Subtitle Placeholder


– Internal networks are facing various threats:

› External users access the internal network illegally

› Internal users bypass firewalls to access external networks

› Internal users access confidential data without permission

› Not all users have their operating systems patched properly in time

› Not all users‘ virus definitions are up-to-date.

……

The Problem

网络终端的安全威胁

› Current security devices can’t protect internal networks effectively, they …

› Can’t check the security status of hosts on an internal network.

› Can’t control access of legal hosts to the internal network.

› Can’t protect hosts against attacks, such as ARP attacks.

› Internal networks contain large amounts of hosts and are hard to mange, there is …

› No effective solution for centralized management of network assets.

› No monitoring of peripherals such as USB devices.› No monitoring of user network access behaviors.› No way to track software and hardware changes on

hosts in time.……


Policies and Regulations – SOX Act

From June of 2004 on, all public companies in America must

submit annual reports that include the following contents:

1- A statement of management's responsibility for

establishing and maintaining effective internal control

framework and procedures for financial reporting of the

company.

2- Management's assessment of the effectiveness of the

internal control framework and procedures as of the end

of the company's most recent fiscal year.

How does a company comply with the above internal control policies and regulations for enterprises effectively?


Network Access Management

Identify

Access

Enforcement• User or Device

•Quarantine, Block, Alert

Device / UserIdentification

User / DeviceAccess Rights

UAM


Support for Various Access Control Methods

› Support 802.1x and VPN, multiform binding based authentication, domain integrated authentication, and LDAP authentication


Centralized, Easy Access Management

› Provide “service”-based user classification and management.› Provide centralized display of access user management actions.


Network Access Management with Health Check

Identify

PrePosture

Access

Enforcement• User, Device, Flow

•Quarantine, Block, Alert

Device / UserIdentification

DeviceHealth Check

User / DeviceAccess Rights

UAM/EAD


The Endpoint Admission Defense (EAD) solution focuses on the security control at network access points. Through the cooperation between secure clients, security policy servers, network access devices, and third-party software, the EAD solution can force users trying to access a network to comply with the security policies of the network, improving the active defense ability of all user terminals and helping control network resource usage of users.

EAD solutionUser authentication management

Security policy management Cooperative

network devices

Secure client

System patches management

Anti-virus management

......Network access rights management

Endpoint Admission Defense


Unqualified users are quarantined and forced toImprove their terminals’ security

Quarantined area

Security authentication

Legal users

Illegal users are rejected

Identity authentication

Access requests

Who are you?

Corporate network

Dynamic authorization

Qualified users

Different users enjoy different access rights

Are you secure?

What can you do?

What are you

doing?

Behavior audit

The Four Steps for Secure Access


Under the Covers of IMC


The Framework for Intelligent Management

Communications Bus

Deployed as needed

Modularized

Platform-based

Value Added Solutions

SLA Desktop Asset NAC solutions User Behavior

Value Added Services

MPLS VPN ETTH Provisioning Voice Service MgmtGuest Services

Wireless Services Traffic Analysis EPONAuthentication &

Authorization

Unified Resource ManagementPerformance Monitoring VLAN Management Network Warning

ACL/QoS Management

Configuration ManagementTopology Management Attack Control

Device/Terminal

Device/File/DB Access Adaptation Layer

File System Database

Device ResourceManagement

User ResourceManagement


IMC Deployment Models

To meet the requirements of scale, performance and high availability. IMC supports Distributed as well as Hierarchical deployment models.

–Distribution allows components of IMC to be deployed as Master or Slave to different servers to implement load balancing and improve the performance and availability,.

–Hierarchical deployment provides scale by utilizing a Parent /Child model with each child IMC managing its own domain, This model provides infinite scalability 1

Distributed

Slave 1 Slave 2 Slave 3

Child IMC

Child IMC

Child IMC

Hierarchical Parent

Master

Using the various deployment models, IMC is managing some of the largest enterprises in the world• SNCF - 15,000+ nodes• China Bank – 63,000 users• Israeli Govt – 11,000 nodes• Taser – 240,000 nodes 1 Based on 5k nodes with 300k

monitoring units per IMC server


Summary


HP IMC is not just a hardware configuration tool - but a single pane of glass for fault,

configuration, accounting, performance and security with visibility not just into the networking infrastructure, but users, endpoints, and services used on the

network

HP IMC is not exclusive to HP products. HP IMC provides over 3000

templates for 3rd party products to provide single-pane FCAPS management

for the entire network

HP IMC is modular, allowing customers to build a solution set appropriate for their

organization with the ability to grow in the future without learning new management

tools


HP IMC is highly scalable, with distributive and hierarchical modes and customizable administration to work for any topology

regardless of size or geography

Next Generation of HP IMC will offer deep visibility into virtual networks unlike any other tool of its kind. NG HP IMC

supports visibility into VMware resources and will be able to build out that virtual

topology

The Next Giant Leap in Operational Efficiency:...

Documents

Transcript of The Next Giant Leap in Operational Efficiency:...