Preparing production environment for VOSS Netflow Solution¶
Abstract¶
This document is an overview of all the action items that need to be completed by system administrators before implementation of a successful deployment.
Checklist¶
The following action items need to be completed by system administrators before the implementation starts:
ID |
Action |
Description |
Criticality |
|---|---|---|---|
1 |
Hardware specifications |
The hardware/VM specifications have to meet the requirements defined by VOSS |
Critical |
2 |
Software specifications |
VOSS Dashboard server is delivered as an ISO which includes an operating system. DS9 server is built on top of a CentOS 7.7 machine. If this is a VM deployment, the following should be available in customer’s VM datastore:
|
Critical |
3 |
Firewall rules |
All the required traffic rules are applied to customer environment based on the firewall matrix provided by VOSS deployment Team. |
Critical |
4 |
Internet access |
Internet access is enabled for the DS9 during implementation. Once the implementation is over, internet access is no longer required. |
Critical |
5 |
Round trip times (RTT) |
RTT time between the DS9 and Dashboard Server is not more than 100msec. |
Critical |
6 |
Netflow configuration |
Netflow sources are configured to send their Netflow data to VOSS DS9 Servers based on the suggested settings by VOSS |
Critical |
7 |
SNMP configuration |
Netflow sources are configured with SNMP v1 or 2c or v3. |
Critical |
8 |
Netflow and SNMP details |
Following information is provided to VOSS deployment team:
|
Critical |
9 |
Remote access |
Some method of remote access is enabled for VOSS deployment team. |
Critical |
10 |
Integration to customer environment |
Both DS9 and Dashboard Servers have access to customers data infrastructure for the following services: NTP, SMTP, DNS. |
Critical |
11 |
Authentication via existing customer resources |
Dashboard Servers have access to customers’ existing Active Directory/Identity servers to authenticate users via LDAP or SAMLv2. |
Optional |
Requirements¶
The following list of items needs to be provided to VOSS before the deployment:
ID |
Action |
Description |
Criticality |
|---|---|---|---|
1 |
IP Addresses for VOSS components |
IP addresses & Subnetmasks & Default IP Gateway settings for all the VOSS Host Machines (DS9, Dashboard Servers). |
Critical |
2 |
IP Addresses for Data services |
IP addresses for the following services: DNS, NTP, SMTP, LDAP/SAMLv2. |
Critical |
3 |
Remote access details |
VPN access details for VOSS Team to access the DS9 and Dashboard remotely. |
Critical |
4 |
Primary and Secondary contact details |
Primary and secondary contact details for technical and project management related items. |
Critical |
5 |
Email authentication for scheduled reports |
SMTP authentication details for smart host servers. |
Optional |
6 |
SNMP community strings, versions and other details |
SNMP community strings and protocol versions need to be provided to VOSS for successful SNMP queries. |
Critical |
7 |
List of Netflow Sources |
Provide VOSS a list of Netflow sources (routers, switches) with the following details: IP addresses, Make/Model, Software Version, Netflow version. |
Critical |
8 |
List of IP addresses and Hostnames |
A CSV or Excel file that maps certain IP addresses to internal hostnames can help VOSS Team to improve the data visualization experience by mapping IP address fields to hostnames. |
Optional |