Preparing production environment for VOSS Netflow Solution¶
Abstract¶
This document is an overview of all the action items that need to be completed by system administrators before implementation of a successful deployment.
Checklist¶
The following action items need to be completed by system administrators before the implementation starts:
| ID | Action | Description | Criticality |
|---|---|---|---|
| 1 | Hardware specifications | The hardware/VM specifications have to meet the requirements defined by VOSS | Critical |
| 2 | Software specifications | VOSS Dashboard server is delivered as an ISO which includes an operating system. DS9 server is built on top of a CentOS 7.7 machine. If this is a VM deployment, the following should be available in customer’s VM datastore:
|
Critical |
| 3 | Firewall rules | All the required traffic rules are applied to customer environment based on the firewall matrix provided by VOSS deployment Team. | Critical |
| 4 | Internet access | Internet access is enabled for the DS9 during implementation. Once the implementation is over, internet access is no longer required. | Critical |
| 5 | Round trip times (RTT) | RTT time between the DS9 and Dashboard Server is not more than 100msec. | Critical |
| 6 | Netflow configuration | Netflow sources are configured to send their Netflow data to VOSS DS9 Servers based on the suggested settings by VOSS | Critical |
| 7 | SNMP configuration | Netflow sources are configured with SNMP v1 or 2c or v3. | Critical |
| 8 | Netflow and SNMP details | Following information is provided to VOSS deployment team:
|
Critical |
| 9 | Remote access | Some method of remote access is enabled for VOSS deployment team. | Critical |
| 10 | Integration to customer environment | Both DS9 and Dashboard Servers have access to customers data infrastructure for the following services: NTP, SMTP, DNS. | Critical |
| 11 | Authentication via existing customer resources | Dashboard Servers have access to customers’ existing Active Directory/Identity servers to authenticate users via LDAP or SAMLv2. | Optional |
Requirements¶
The following list of items needs to be provided to VOSS before the deployment:
| ID | Action | Description | Criticality |
|---|---|---|---|
| 1 | IP Addresses for VOSS components | IP addresses & Subnetmasks & Default IP Gateway settings for all the VOSS Host Machines (DS9, Dashboard Servers). | Critical |
| 2 | IP Addresses for Data services | IP addresses for the following services: DNS, NTP, SMTP, LDAP/SAMLv2. | Critical |
| 3 | Remote access details | VPN access details for VOSS Team to access the DS9 and Dashboard remotely. | Critical |
| 4 | Primary and Secondary contact details | Primary and secondary contact details for technical and project management related items. | Critical |
| 5 | Email authentication for scheduled reports | SMTP authentication details for smart host servers. | Optional |
| 6 | SNMP community strings, versions and other details | SNMP community strings and protocol versions need to be provided to VOSS for successful SNMP queries. | Critical |
| 7 | List of Netflow Sources | Provide VOSS a list of Netflow sources (routers, switches) with the following details: IP addresses, Make/Model, Software Version, Netflow version. | Critical |
| 8 | List of IP addresses and Hostnames | A CSV or Excel file that maps certain IP addresses to internal hostnames can help VOSS Team to improve the data visualization experience by mapping IP address fields to hostnames. | Optional |
