Applicable to ENA v18.0 upwards
To install the ENA tcptraceroute agent software
To manage your SurePath agents
To create, edit or remove a traceroute agent
Note on restricting access to a SurePath agent
Note on changing the network configuration on the server
SurePath uses tcptraceroute to create a TCP connection to the destination. tcptraceroute (the SurePath agent) has advantages over normal traceroute:
- SurePath agent sends packets to the destination. In this way, SurePath more closely mimics the behavior of an application, within your managed network or beyond it.
- the Entuity SurePath agent has enhanced tcptraceroute to remove queueing latency along each hop in the path.
Normal traceroute is agentless and uses ICMP, and therefore does not create a connection.
By default, Entuity comes with a SurePath agent installed on each Entuity server, but you can also download the SurePath agent software to non-Entuity servers (for example, if you are a MSP and want to run SurePath from a server at a customer site). The SurePath agent contains the traceroute software that goes out and collects and measures all the path data.
In Entuity, you can create up to 100 paths per agent. You can, however, have more agents. The overall number of paths you can create is determined by your license. For further help and information on licensing for SurePath in Entuity, please see this article.
To download and install the Entuity SurePath agent software:
- Installing the Entuity SurePath agent software for Windows will also require Npcap to be installed. The Npcap driver and library are included in the Windows installation package for ENA v18.0. The Npcap directory can be found in windows\system32. If you enable SurePath when running configure, you will be prompted to install the Npcap directory.
- For Linux, the libpcap.x86_64 package will need to be installed. In Red Hat and Oracle, run the following:
yum install -y libpcap
To download the Entuity SurePath agent software:
- Click the Main Menu, and then Administration. This will open the Administration page.
- Under SurePath Admministration, click Agent Software.
- This will open the Agent Software page.
- Click the traceroute agent installation package that you wish to download - either for Windows or Linux.
To install via UI:
- Copy the rpm file to the server, using any method you wish (e.g. scp).
- Install the package, e.g. rpm -iv ./entuity_agent.rpm
Via command line:
From the command line, run the following:
rpm -ivh https://[servername]/EOS/entuityAgent/entuityAgent-1.0-1.x86_64.rpm
To manage your SurePath agents:
You manage SurePath agents on the Agent Administration page. On this page, you can create, edit and remove SurePath agents (see below for further information), and it also lists the SurePath agents that you have created.
To create, edit or remove a SurePath agent:
- Click the Main Menu, and then Administration. This will open the Administration page.
- Under SurePath Administration, click Agents.
- This will open the Agent Administration page. To create an agent, click Create Agent at the top of the page. To edit an existing agent, select it from the list and click Edit Agent at the top of the page.
- Both options will open the form on right hand side, where you can specify the following. To save your changes, click Done in the top right of the form, otherwise click Cancel.
- Specify an Agent Name.
- In the Agent Address field, specify the server on which the agent exists. This can either be a hostname or an IP address. Note, Entuity recommends using a hostname, because this could change less frequently than an IP address.
- In the Agent Port field, specify the port that the agent uses (there is no need to change this. The port encrypts all traffic).
- In the Zone field, specify the zone to which the agent belongs.
- In the Description field, enter a description of the agent.
- From Entuity v19.0 P02 upwards, click the Advanced Settings field to open the Advanced Settings form, where you can specify custom username and password credentials for the agent. Please see the note below on restricting access to the SurePath agent.
- To delete an agent, select it from the list and click Remove Agent at the top of the page.
Note on restricting access to a SurePath agent:
You can restrict access to a SurePath agent by running commands described in the entuityAgent.users file, which can be found in the etc directory. This file has the following default contents:
# This file defines users that may connect to Entuity's traceroute agent.
# It should not be directly edited. Instead run entuityAgent with the "user" command line option.
#
# Examples
#
# To grant access to user named fred from any host using the password letmein
# entuityAgent user add fred 0.0.0.0/0 letmein
# To grant access to user named george from hosts with an IP address starting 10.44 using the password letmein
# entuityAgent user add george 10.44.0.0/16 letmein
# To grant access to user named claire from a host with an IP address of 10.44.2.201 using the password cheese
# entuityAgent user add claire 10.44.2.201/32 cheese
# To grant access to user named stephen from hosts within the domain entuity.local using the password cake
# entuityAgent user add stephen *.entuity.local cake
#
# To delete a user
# entuityAgent user delete george 10.44.0.0/16
#
# Use of IP addresses is prefered over host names as it avoids the need for reverse DNS look ups.
# Where a clients host address matches multiple entries the most selective is used.
# Eg. a host IP of 172.45.23.4 will matched with 172.45.23.0/24 in preference to 172.45.0.0/16 and
# me.my.domain.com will match *.my.domain.com before *.domain.com
# When checking credentials only the first matching entry is used.
#
# Using * as a host is equivalent to 0.0.0.0/0 and localhost is equivalent to 127.0.0.1
#
# As installed the user ENAServer is granted access from anywhere
Note on changing the network configuration on the server:
If you change the network configuration on the server to which the SurePath agent is installed, you will need to stop and restart the SurePath agent.
If the agent has been deployed with the Entuity install:
To stop the agent, you will need to run the following from the bin directory in the Entuity home folder:
stop entuityAgent
To restart the agent, run the following:
start entuityAgent
If the agent is running independently on its own on a different server:
To stop the agent, you will need to run the following from the agent folder:
entuityAgent stop
To restart the agent, run the following:
entuityAgent start
Comments
0 comments
Please sign in to leave a comment.