Raritan Computer COMMANDCENTER NOC User Manual
Page 16
4
COMMANDCENTER NOC ADMINISTRATOR GUIDE
• ICMP – (Internet Control Management Protocol) ICMP is used by the CC-NOC to discover
devices in your network and is documen
• In-band – going through the TCP/IP network to control a target by accessing the target
directly. KVM, Serial, and Generic devices can be accessed via these in-band applications:
RemoteDesktop Viewer, SSH Client, VNC Viewer.
• Intrusion Detection – monitors and analyzes system events for attempts to access system
resources in an unauthorized manner.
• Inventory – see Assets.
• NetBIOS – Network Basic Input/Output System is a program that allows applications on
different computers to communicate within a local area network. It was created by IBM for
its early PC Network, later adopted by Novell and Microsoft. NetBIOS is used in Ethernet,
token ring and Windows NT networks. It does not support a routing mechanism, so
applications communicating on a wide area network must use another "transport mechanism"
(such as TCP/IP) rather than, or in addition, to NetBIOS.
• Network Management – proactively monitors, collects, and maintains all devices and
services on a network.
• Notices – see Notifications.
• Notifications – a notice that is sent to one or more recipients via email, pager, etc. and is
based on an event being triggered. A CC-NOC provides default notifications. You can
control the content of a notification message. A CCNOC evaluates each event against the
configured notifications rules and if it matches one or more rules, a notification is sent. To
receive a notification, a user has to be added to a notification group. Notices can be
outstanding or acknowledged.
• NFS – (Network File System) Standard for accessing files on a remote computer appearing as
a local volume.
• Outage – instances where successive attempted polls of a given service have timed out and a
“node lost service” event was created. Each entry is assigned a unique Outage ID, a
sequential numeric identifier to uniquely identify a given outage. That ID, coupled with the
node label for the node experiencing the outage, the address of the impacted interface, the
service name, and the time the outage occurred are all tracked within the Outages Browser.
At the onset of an outage, all calculations for reporting purposes, for example, Availability
calculations in the Web Console and Availability Report reflect the current service as down
until a future poll is successful. When a service experiencing an outage is successfully polled,
a “node regained service” event will terminate the outage and assign an “Up” date and
timestamp, which is used as the end of the outage for service level availability calculations.
• Out-of-band – using applications such as Raritan Remote Console (RRC), Raritan Console
(RC), or Multi-Platform Client (MPC) to correct or troubleshoot a KVM or serial managed
target in your network..
• Pollers – programs that collect service information from infrastructure devices and servers,
for example, web, NTP, and email and create service down messages.
• Port Scan – is the probing for openings and availabilities in a network. Attackers generally
use port scanning utilities to probe targets and make a list of all open ports on a device. They
will send specific attacks to open ports hoping to exploit a vulnerability on the target. Port
scanning is detectable by monitoring traffic on the target machine. Scan Level 1 Vulnerability
Scanning uses port scanning methods to search target systems for open ports. However,
normal and legitimate activity, such as DNS and NFS, often resembles the activity of an
attacker executing a port scan against a target and may produce false-positive port scan
events. Those servers performing those services should be excluded from port scanning
activity.
• Proxy host – a system that facilitates connectivity between the CC-NOC and your
managed Windows servers and workstations. The proxy forwards WMI data from the servers
and workstations to the CC-NOC.
• Signature – a fingerprint of network traffic that signals an attack.
• SMB – (Server Message Block) The communications protocol used by Windows-based
operating systems to support sharing of resources across a network to discover systems.