QuantaStor has always allowed for remote system monitoring using SNMP and now with the release of QuantaStor v3.15 we’ve enhanced the platform’s alerting and notification capabilities as well as security and privacy by including SNMPv3.
For those unfamiliar with Simple Network Management Protocol (SNMP), it’s an Internet-standard protocol to monitor network-attached devices that need administrative attention. SNMP supports devices such as routers, switches, servers, storage, workstations, printers, and modem racks. The SNMP protocol is an easy way to collect and organize information about managed devices and then lets admins make modifications.
By default the QuantaStor SNMP agent is turned off but you can enable it from your Linux terminal with two commands:
sudo qs-util snmpenable
sudo qs-util snmpactivate
You’ll also need to install the SNMP package that contains the snmpwalk and snmpget utilities for testing the agent.
sudo apt-get install snmp
For more information on configuring and testing the SNMP Agent visit the OSNEXUS Wiki here. More on SNMP Utility Commands can be found here.
Configuring SNMPv2 Traps
One of the advantages of SNMP is that it enables an agent to asynchronously notify QuantaStor appliances of significant events by way of messages or alerts where the client always actively requests information from the server. SNMPv2, also included in QuantaStor v3.15, allows the additional use of so-called “traps.” These are data packages that are sent from the SNMP client to the server without being explicitly requested.
SNMP Trap Configuration
Destination addressing for traps is determined in an application-specific manner typically through trap configuration variables in the management information base or “MIB,” the database used for managing the entities in QuantaStor. The QuantaStor MIB can be downloaded here.
By default the SNMP agent pushes out traps every 120 seconds. QuantaStor only raises traps for Alert objects, so anything you see in the QuantaStor web interface Alert Status Bar or in the ‘qs alert-list’ will be sent out as traps. You can find more information about configuring QuantaStor SNMP Trap settings here.
Monitoring Traps with OpenNMS
With QuantaStor there are two options for monitoring SNMP events and alerts. The first is through a Linux terminal and the other is to use a network management application that supports SNMP. OpenNMS is an example of a free network management application platform that can be configured and used with QuantaStor as a SNMP Trap receiver.
OpenNMS Monitoring QuantaStor SNMP Traps
SNMPv3 and Security
SNMPv3, also included in QuantaStor v3.15, focuses on security and administration by offering both strong authentication and data encryption for privacy, notification originators and proxy forwarders. The protocol includes three important security features:
- Confidentiality – Packet encryption to prevent traffic decoding
- Integrity – Ensures that packets have not been tampered with while in transit and includes an optional packet replay protection mechanism
- Authentication – Verifies that messages are from a trusted source
While security requirements vary between organizations, care should be taken in common environments such as mixed-tenant datacenters, server hosting and colocation facilities. The following article outlines the relative security strengths and weaknesses of SNMPv1/v2/v3.
Categories: Security, SNMP Traps
Leave a Reply