Snmp data collection, Vulnerability scanning, Events, historic data, and graphs – Raritan Computer COMMANDCENTER NOC User Manual

108

COMMANDCENTER NOC ADMINISTRATOR GUIDE

The notifications service does not generate any events; it only reacts to them. It does,
however, save its history in the database so that you can review past notifications.

SNMP Data Collection

The SNMP data collection service collects additional data from nodes that support SNMP. Just
like the pollers, the SNMP data collection service runs every five minutes by default. If a
scheduled device is available, it will collect as much information as it possibly can. This
information is stored in a database so that you can run historic reports on it.

The SNMP data collection service will also look for exceptional conditions. If a given value
exceeds a threshold or signifies an outage, it will generate an event. This event may (depending
on your configuration) trigger a notification. The SNMP data collection service relies solely on
the SNMP protocol, which works over TCP/IP.

Vulnerability Scanning

The vulnerability scanning service scans specified nodes to check for potential security
vulnerabilities. It relies heavily on some very advanced features of each TCP and UDP service on
your nodes.

The vulnerability scanning service runs upon request, scanning each specified node at the
scanning level it was assigned to. If a vulnerability is discovered on a target system, it will be
identified in the scan list and all relevant information available for that vulnerability will be listed.

Events, Historic Data, and Graphs

All events and historic data are stored or summarized in one or more databases. This is so that
you can analyze the history of troubled network nodes or provide reports to demonstrate certain
behaviors.

Note: Systems management through WMI is an add-on component in the CC-NOC. The CC-NOC
runs effectively without collecting WMI data—it is not required. WMI, however, provides to a
good deal more information than the CC-NOC can obtain remotely.

Some data is summarized over time to keep disk utilization consistent. Most of the data that is
summarized will come from sources such as the SNMP data collection service or the System
management sub-system.

Windows Management

The CC-NOC, through the use of a CC-NOC appliance and a configured proxy, collects
information about Microsoft Windows systems (2000, 2003, and XP) that cannot be collected
through other means (such as TCP, UDP, or SNMP). WMI is a special software program,
developed by Microsoft, which runs silently on a Microsoft Windows machine and makes key
data available to the CC-NOC.

The data collected by WMI is handled in much the same way as data from the SNMP data
collection service. Most data is stored for historic purposes. If, however, an exceptional condition
occurs, it will generate an event to notify the other services. This event may (depending upon the
configuration) trigger a notification.