An IEEE standard for providing quality of service (QoS) in 802-based networks. 802.1p uses three bits (defined in 802.1q) to allow switches to reorder packets based on priority level. It also defines the Generic Attributes Registration Protocol (GARP) and the GARP VLAN Registration Protocol (GVRP). GARP lets client stations request membership in a multicast domain, and GVRP lets them register into a VLAN.
AAL (ATM Adaptation Layer)
AAL enhances the service provided by the ATM layer to a level required by the next higher layer. It performs the functions for the user, control and management planes and supports the mapping between the ATM layer and the next higher layer.
Advanced Actions, also known as user menus and user actions, are defined through configuration files. Actions may be automatically triggered through Entuity raising an appropriate event, or interactively through advanced action menus, available both from the menu bar and context menus.
Intelligent management software embedded in a network device. In network management systems, agents reside in all managed devices and report the values of specified variables to management stations.
Antenna / Radio
Each Wireless Access Point has one or more antennas. Each antenna is attached to an 802.11 radio within the Access Point. Wireless Hosts communicate with the network via a wireless association with an antenna/Radio. Each antenna/radio can have multiple hosts simultaneously attached. Each antenna/Radio operates in a chosen 802.11 compatibility mode such as 802.11a, 802.11b or 802.11g. Additionally, each antenna/radio has a single SSID assigned. Each antenna/radio operates on a chosen radio channel and with a specified transmit power setting, which is measured in mW. Many controller based installations use dynamic optimization algorithms to pick a suitable channel and power setting. Frequent auto-adjustment of these setting indicates that there are problems being encountered with the quality of the wireless communications.
AP (Access Point) / WAP (Wireless Access Point)
A device that has one or more 802.11 radios and Wireless Antennas. For example, laptops, PDAs, connect to a wired LAN through an AP, which is a hardware device or software that acts as a communication hub.
It bridges traffic from wireless attached hosts to/from an Ethernet interface that connects to an access layer switch port. APs provide heightened wireless security and extend the physical range of a wireless LAN. The access layer switch will see the MAC addresses of the individual wireless attached hosts (the MAC address of the wireless NICs) plus the MAC of the Access Point Ethernet interface.
BMC Remedy Action Request System (AR System) is a framework within which applications are built by AR System administrators. Applications consist of a set of AR System forms that are linked using workflow rules designed for the application. These forms contain fields which Entuity can be configured to populate.
Entuity integrates with AR System to generate Action Requests (ARs). The sample integration with the Remedy Help Desk includes ARs of the type incident.
ARP (Address Resolution Protocol) is the layer 2 standard for TCP/IP. It is used to obtain a node’s physical address when only its logical IP address is known.
ATM (Asynchronous Transfer Mode) is a packet-switching technology, that delivers high-speed performance together with a scalable architecture. Its use of small packets (fixed length cells of 53 bytes), provide for low latency so sound and vision arrive together. It can also handle bursty, non time-sensitive data, translating variable length packets to fixed size packets.
In Entuity, an attribute is a property of an object that is defined through Entuity Configurable Framework. Attribute data can be charted by highlighting the attribute and selecting Show on Chart, and is available to Report Builder.
Autonomous Wireless Access Point (AWAP)
A Wireless Access Point (WAP) that embodies all of its necessary control functionality in a self-contained manner. AWAPs are usually connected to switched access layer ports and can coexist with ordinary wired connections to end user hosts and servers on the same switch. AWAPs do not require wireless controllers and do not interact with them if they exist.
The part of a network that acts as the primary path for traffic that is most often sourced from, and destined for, other networks.
BECN (Backward Explicit Congestion Notification)
BECN is a bit in the header of a frame-relay frame that is set when frames are sent on the data path backwards from destination to source. It indicates congestion to the source node.
WAN News combines BECN and FECN values to determine congestion on a data path.
The upper limit of the rate at which data can be transferred.
BMC Atrium CMDB
The BMC Atrium Configuration Management Database (BMC Atrium CMDB) is a data repository that provides a working model of your enterprise IT infrastructure.
BMC Impact Manager instance. A cell receives events from Entuity and displays them in the
BMC II Web Services Server
BMC Impact Integration Web Services Server. You can connect to the BMC II Web Services at the end point as defined by the URL format, http://webServerHostName:
webServerPortNumber/webServiceName, e.g. http://decade:6080/impactManager.
BMC IX (BMC Impact Explorer) displays events received from Entuity.
BMC ProactiveNet Performance Management
BMC ProactiveNet Performance Management which receives events from Entuity.
Blackout is complete loss of the network, as opposed to a brownout, which is degradation in the performance of the network.
Bridge Data Protocol Units are special frames that contain spanning tree information. There are two types of BPDU, Topology Change Notification (TCN) BPDU contains topology change information, Configuration BDU contain configuration information.
A device that interconnects local or remote networks. Bridges form a single logical network, centralizing network administration. They operate at the physical and link layers of the OSI Reference Model.
Brownouts, also known as soft faults, are typically caused by cabling faults, faulty transceivers, faulty NIC cards and configuration errors such as duplex/half-duplex mismatches. These problems cause a percentage of the packets traversing that particular area of the network to be corrupted. The total number of packets discarded as a percentage of packets is directly related to the severity of the brownout.
Burst is the access rate of the physical connection to the Frame Relay carrier network.
A central server is an Entuity server trusted by remote Entuity server(s). A user logged into the central Entuity server is able to view information collected by the remote Entuity server(s), according to their user account access rights. A remote Entuity server responds to requests from a trusted central Entuity server, and freely shares information with it.
An Entuity server can be configured to perform both roles, be both a remote and central Entuity Server. This allows administrators to create both hub-n-spoke and fully meshed deployments.
A central Entuity server can also act as a central license server. From it you can allocate, and de-allocate, license credits to its remote servers.
Configuration of central and remote servers is through the Multi-Server Administration area of the Entuity web UI.
CDP (Cisco Discovery Protocol)
CDP is a proprietary layer 2 protocol, that is primarily used to obtain protocol addresses of neighboring devices and discover the platform of those devices. CDP can also be used to show information about the interfaces your router uses. CDP is media- and protocol-independent, and runs on all Cisco-manufactured equipment including routers, bridges, access servers, and switches. It is also a licensed technology available with some other manufacturer's devices.
Entuity uses CDP as a method when maintaining links on maps and identifying trunk ports. Entuity gathers CDP from the CDP MIBs, providing a complete and fully accurate layer 2 and layer 3 topology. This relies on:
- devices all being under Entuity management.
- CDP being enabled globally and on each interface. Including the detail parameter allows the layer 3 addressing that is configured on the neighbor to be displayed.
- CDP is of compatible versions.
- MIB population is working.
Within BMC Atrium CMDB a Configuration Item (CI) is a collection of objects related to the specific functionality of a larger system.
Committed Information Rate is the rate (in bps) that the network agrees to transfer information over a permanent virtual circuit (PVC) in Frame Relay. The CIR applies to the rate of data entering the network.
Cisco IOS IP SLA Operations
Cisco IOS IP SLA Operations are created on devices by Entuity (via SNMP). Entuity currently fully supports DHCP, DNS, HTTP, HTTP Raw, ICMP Echo, ICMP Path Echo, TCP, UDP Echo, UDP Jitter and UDP Jitter VoIP operations. Entuity can also monitor operations other than these ten, for example FTP. The completeness of the returned data depends upon how close the operation’s data structure corresponds to Entuity's default representation of the IP SLA operation data structure.
These are the ten fully supported operations:
- DHCP, Verify availability of dynamic IP addresses.
- DNS, DNS server functionality check.
- HTTP, Web page availability.
- HTTP Raw, Web page availability.
- ICMP Echo, Simple connectivity tests.
- ICMP Path Echo, Simple connectivity tests.
- TCP, Connect Application availability.
- UDP Echo, Simple connectivity tests.
- UDP Jitter, Detailed latency measurements (requires IP SLA on both devices).
- UDP Jitter VoIP, Detailed latency measurements (requires IP SLA on both devices).
Collisions occur when two transmitters attempt to send data at the same time. The greater the number of collisions the poorer network performance appears.
Context menus are available from the Entuity web UI. The contents of the menu are dependent on the position of the mouse when you clicked the right button.
Entuity considers core ports, as WAN ports, administratively up ports which have a configured IP addresses (i.e. layer 3 ports) on devices which are routers or have router capability, or trunks and uplinks that are administratively up.
By default the port status event, Port Operationally Down, is only enabled for core ports.
The device configuration (either startup- or running) currently being processed.
DLCI (Data Link Connection Identifier)
A unique logical identifier assigned to a PVC end point in a frame relay network. It identifies a particular PVC endpoint within a user’s access channel therefore allowing multiple connections to many destinations over a single, physical channel.
Data Management Kernel (DMK)
The DMK supports Entuity's intelligent discovery function. It includes out of the box data models for a wide range of managed devices including hundreds of Ethernet switches and routers. These customizable data models define the attributes of each managed element, its possible dependencies in relation to other elements of the network, and the specific details to retrieve for each element. The DMK manages these data models and automatically applies updates and changes to the Entuity database schema.
A data direction on each PVC is a data path. For example, a PVC that connects points A and B has two data paths, from A to B and from B to A. WAN News analyzes the data paths separately.
Data Rollup is a method of taking polled data and bundling it into larger more manageable units, e.g. rolling 24 hourly datapoints into one daily sample. If Entuity generated monthly reports from live polled data then this would cause a significant increase on the processing overhead, i.e. instead of one datapoint for each day there would be hundreds.
DE (Discard Eligibility)
DE is a bit in the header of a frame-relay frame that indicate the frame may be discarded in preference to other frames if congestion occurs. It is usually set by a network node if the user is offering data (frames) at a higher rate than has been negotiated. This maintains the committed quality of service within the network. Frames with the DE bit set are considered to be excess data.
IA derived event is an event derived from an existing event definition. It retains the event identifier of the original definition, unlike a custom event which has its own unique identifier. Derived events are defined as part of an action. They useful for adding additional information to an incoming event, and can also be called from an incident.
In Entuity, devices refers to network devices, for example switches and routers.
Device Support Datasets
Device support datasets define the attributes of each managed element, its device type, its possible dependencies in relation to other elements of the network, and the specific details to retrieve for each element. This comprehensive library streamlines modeling and ultimately shows exactly what you own, where it is deployed and how it is connected.
Datasets are available through these types of vendor files, all have a .vendor extension. These vendor files are, listed in ascending order of priority:
- newbin.vendor, which is created in entuity_home\etc when Entuity discovers devices with sysoids for which there is not a device support dataset. These generic device support datasets should be considered temporary definitions, and only used until Entuity supply an appropriate vendor file.
Device support datasets in newbin.vendor have the lowest priority when Entuity is determining which vendor device definition to use to manage a device type.
- bin.vendor has the second lowest priority when Entuity is determining the source of device information. Device support datasets in bin.vendor have the second lowest priority when Entuity is determining which of those available to use to manage a device type.
- exotica vendor files are installed to entuity_home\etc\exotica. Exotica files are only used by Entuity when they are copied to entuity_home\etc, either manually or during Entuity configuration, e.g. when selecting a module.
Device support datasets in exotica vendor files have the highest priority when Entuity is determining which vendor device definition to use to manage a device type. These files use a simple naming convention, using the vanilla filename, with a plus sign in the filename and identifying name, e.g. SOLSERV+managed Host.vendor.
During Entuity upgrades, configure identifies and removes exotica files from the installation that are now part of the updated bin.vendor.
vendinfo identifies the vendor device support datasets available to Entuity and the decisions made when more than one vendor file is available for a particular sysoid; which device support dataset Entuity uses to manage that device type (as identified through its sysoid).
In Entuity, every device has a type, which you can view through the web interface. The device type is derived from its vendor file information, and helps to determine how Entuity manages a device. Device types include hubs, switches and routers. There are also two Unclassified device types, Basic Management and Ping Only, and also Full Management.
Unclassified device types have two distinct roles:
- Basic Management and Ping-only, is used for those devices Entuity has taken under management at the Basic Management and Ping-only level.
- Full Management, is used for those devices Entuity has taken under management at the Full level but for which there is no vendor file information but Entuity can generate a suitable generic device type. These are uncertified devices.
The IP SLA DHCP operation measures the round trip time (RTT) taken to discover a DHCP Server and obtaining a lease from it. After obtaining an IP Address, Cisco IOS IP SLA releases the IP address that was leased by the server.
The Dynamic Host Configuration Protocol (DHCP) is an Internet protocol for automating the configuration of computers that use TCP/IP. DHCP can be used to automatically assign IP addresses, to deliver TCP/IP stack configuration parameters such as the subnet mask and default router.
A full-duplex link with one connected party at each end, transmitting alternately in each direction.
Dynamic thresholds enable Entuity to alert the user to deviations from what Entuity's previous polling has established as normal behavior for that hour on that day. Entuity establishes normal behavior for a given attribute on a given port by maintaining the last four weeks worth of polled data, and applying an averaging algorithm.
The Excess Information Rate (EIR) is the sustainable rate of information in excess of CIR, that the network will deliver if there is available bandwidth. The total information rate is CIR + EIR. Frame Relay allows data rates in excess of the CIR to be successfully used on occasions. It is also possible that the amount of data that can be transferred per measurement interval (Tc) may be limited to less than the burst (or access rate) of the physical connection to the carrier network.
EIR defines how many bits per second beyond the CIR the data rate may be exceeded. This is may be policed by the carrier ingress switch per Tc on a pro-rata basis. This means that although data can be transmitted for periods of time at the burst rate of the physical port it would not be possible to continue transferring data at this rate successfully on a continuous basis if the CIR+EIR were to be less than the burst rate.
entuity_home is used within the Entuity documentation to indicate the Entuity server’s root folder. The root folder is set by Entuity install, in Windows environments the default is C:\Entuity. You can view its current setting through destination in entuity_home\etc\entuity.cfg. Within Entuity, configuration files it is represented by the variable entuity_home.
IEEE standard network protocol that specifies how data is placed on and retrieved from a common transmission medium. Forms the underlying transport vehicle used by several upper-level protocols, including TCP/IP and XNS.
Events are alerts and alarms that are generated through Entuity monitoring the network. Event Viewer displays events and they can also be reported on.
Expect is a Unix automation and testing tool, written by Don Libes as an extension to the Tcl scripting language, for interactive applications such as telnet, ftp, passwd, fsck, rlogin, tip, ssh, and others. It uses Unix pseudo terminals to wrap up subprocesses transparently, allowing the automation of arbitrary applications that are accessed over a terminal. With Tk, interactive applications can be wrapped in X11 GUIs.
Entuity Remedy AR System Integration
The Entuity Remedy AR System integration allows forwarding of event and managed object information from Entuity to one or more AR System servers.
Entuity allows two types of forwarding:
- automatic generation of Action Requests (ARs), derived from Entuity events, to particular application forms on target AR System servers
- interactive generation of Action Requests (ARs), initiated from Entuity. The specified application forms on target AR System servers are opened for editing, with default data populated from the current Entuity managed object(s) or event(s).
Entuity can also pass to AR System a URL identifying the managed object that is the source of the AR. From AR System you can open Entuity's UI with the focus on the managed object.
The shipped values of event thresholds are the factory defaults. You can amend a factory default, which if done at the root level effectively changes the default value for all objects against which that threshold can be set. For example, if you amend a threshold setting for a device event at the Entuity (system) level, all devices on that server will have a new default value.
Forwarding Equivalence Class (FEC) is central concept to MPLS. An FEC is a set of packets that a single router forwards to the same next hop, using the same interface and with the same handling (e.g. queuing). The FEC is determined only once, at the ingress to an LSP, rather than at every router hop along the path.
FECN (Forward Explicit Congestion Notification)
FECN is a bit in the header of a frame relay frame that is set to indicate to the destination node that congestion is occurring on the network. WAN News combines BECN and FECN values to determine congestion on a data path.
Filters in Entuity act by filtering in those objects specified in the filter. There are three types of filters, view, event and Flex Report.
Entuity uses these types of filter:
- View content filters are applied to the Views, restricting the components available from a View to those that meet the criteria.
- Event Filters restrict the events available through a view.
- Flex Report filters restrict the data included to the report
The Flow Collector is the set of processes within an Entuity Integrated Flow Analyzer responsible for the receiving, processing and storage of flow records.
Administrators can enable/disable an Entuity server’s Flow Collector through configure, a decision which should be made according to the role the administrator wants the server to perform in the management of the network.
A fast packet protocol that relies on physical component and higher level software reliability. The network discards any frame with bit errors. Frame relay services include PVCs (Permanent Virtual Circuit) and SVCs (Switched Virtual Circuit).
A full-duplex link with one connected party at each end, transmitting alternately in each direction.
Generic Device Type
Entuity uses the concept of an underlying generic object against which are mapped the characteristics of different device types, e.g. routers, switch, firewalls, BladeCenters. This allows complete management of devices that have characteristics of one or more of the traditional types of devices, e.g. a router with switching capabilities.
A type of communication channel using a single circuit which can carry data in either direction but not both directions at once.
Your Entuity representative requires the host identifier of the Entuity server machine before they can generate your license. The host identifier associates the Entuity license with the physical footprint of the machine. Entuity install and configure programs both display the host identifier, alternatively you can run the command line program hostIdent (which is included with the software but is also available from the Support website).
Hot Standby Router Protocol (HSRP)
Hot Standby Router Protocol (HSRP) establishes a framework between network routers to achieve default gateway failover if the primary gateway becomes unavailable in close association with a rapid-converging routing protocol like EIGRP or OSPF. By multicasting packets, HSRP sends its hello messages to the multicast address 188.8.131.52 (all routers) using UDP port 1985, to other HSRP-enabled routers, defining priority between the routers. The primary router with the highest configured priority will act as a virtual router with its own IP and MAC address, which the hosts on the local segment will be configured to use as a gateway to the destination in question. If the primary router should fail, or the link to the destination drop, the router with the next-highest priority would take over communications through alternative routes within seconds, without major interruption to network connectivity.
HSRP and VRRP on some routers have the ability to trigger a failover if one or more interfaces on the router go down. This can be useful for dual branch routers each with a single serial link back to the head end. If the serial link of the primary router goes down, you would want the backup router to take over the primary functionality and thus retain connectivity to the head end.
A hypervisor, also called virtual machine monitor (VMM), allows multiple operating systems to run concurrently on a host computer. The hypervisor presents to the guest operating systems a virtual operating platform and monitors the execution of the guest operating systems. Multiple instances of a variety of operating systems may share the virtualized hardware resources. Hypervisors are installed on server hardware whose only task is to run guest operating systems.
Entuity considers infrastructure ports, as:
- router ports.
- uplinks - ports connecting routers with switches.
- trunk ports - ports connecting switches together.
This is the entity on a node which is polled, such as a physical port. Nodes are likely to have more than one interface.
In TCP/IP, the standard for sending the basic unit of data, an IP datagram, through the Internet.
IP links may be autoDiscovered or created manually. They represents a link of some form at layer 3 or above e.g. a pair of IP addresses, an IP address and a URL.
IP Peering provides visibility into your WAN links, i.e. leased line, Frame Relay DLCIs, ATM VCCs, using subnet masking. It also reflects any manual IP pairings you may have made in Entuity.
International Standards Organization - international body that is responsible for establishing standards for communications and information exchange; developed the OSI reference model.
LAP (Lightweight Wireless Access Point)
A low cost Wireless Access Point (WAP) that delegates much of the control functionality usually embodied within an Autonomous WAP to a WC. LAPs are usually connected to switched access layer ports and can coexist with ordinary wired connections to end user hosts and servers on the same switch. The associations between the LAPs and WCs are negotiated dynamically and can change under fault conditions.
A LAP is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). The LAP provides dual band support for IEEE 802.11a, 802.11b, and 802.11g and simultaneous air monitoring for dynamic, real-time radio frequency (RF) management. In addition, Cisco Aironet 1000 Series LAPs handle time-sensitive functions, such as Layer 2 encryption, that enable Cisco WLANs to securely support voice, video, and data applications.
Entuity Wireless currently supports Cisco LAP, part of the Cisco Unified Wireless Network architecture.
A leased line is a dedicated point-to-point connection over a WAN via a router at the subscriber’s premises to the telecommunications provider.
Entuity identifies a leased line, by default, when both of these conditions are true:
- The interface type is either IANAifType 22 (propPointToPointSerial) or 23 (PPP).
- The WAN port is not:
- A Frame Relay port.
- An ATM port.
- An ISDN port. These are identified as having an associated lower layer protocol port (found from the ifStack table) of ifType 81 (ds0). This indicates the port is a layer on top of either basic rate or primary rate ISDN.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB Link Layer Discovery Protocol (LLDP), provides a solution for the configuration issues caused by expanding LANs. It runs over the data link layer and specifically defines a standard method for Ethernet network devices to advertise information about themselves to other nodes on the network and store the information they discover. LLDP is available as a technology link type on the Entuity maps.
Load balancers are devices that control and optimize traffic flow over your network. For example, directing traffic away from over utilized servers to those less utilized, improving mission critical service delivery, providing fall over protection.
Entuity delivers a similar level of fault, performance and inventory management for load balancers as provided for other standard Entuity device types, e.g. routers, switches, hubs. For example, device reports can include load balancers. Full load balancer details are viewable through the Entuity UI.
Entuity currently manages F5 Labs Big IP 6400 Load Balancer. Entuity delivers additional polling of the device ports using F5 lab’s propriety MIB, returning additional port identification, port status, port traffic and port utilization data. The full integration of this additional data within Entuity allows administrators to set up utilization and traffic events against this data.
Entuity process messages are written to their individual log files, in entuity_home/log. For example, applicationMonitor writes to applicationMonitor.log. When the log file becomes full, it automatically wraps to another file with up to four versions, e.g. applicationMonitor.log.1, applicationMonitor.log.2, applicationMonitor.log.3.
Every device under Entuity management is managed according to its management level, which is set when the device is added to Entuity but can be subsequently amended. Each managed device costs one license object.
These are the management levels:
- Full - Entuity manages all interfaces on the device.
- Full (no ports)
- Basic - Entuity collects only basic system information and the full IP address table via SNMP. This management level is used when Entuity does not have the appropriate device support dataset (vendor file), cannot generate an appropriate dataset or you only want the device placed under basic management. Entuity does not manage any ports or modules on the device.
- Ping Only - devices only under ping management, SNMP data is not collected for these
Handles requests for information or action from the management station on a node. A protocol links the management station and the Managing Agent; for Entuity users this must be SNMP.
MIB (Management Information Base)
Entuity supports SNMP MIBs only. MIBs are present within nodes on a network, and comprise a logical collection of managed objects arranged in a tree structure. Managing agents on an element use MIBs to store information regarding the element, e.g. the speed at which packets of information are transferred.
All managed objects within a MIB share a common root.
An SNMP manageable hardware device, manufactured by Aruba, that controls and coordinates the operation of a group of Aruba Wireless Access Points. In an Aruba wireless network deployment all wireless equipment discovery and real-time monitoring is performed via the Mobility Controllers rather than via SNMP/ping monitoring of the individual Access Points.
Network communication between a single sender and multiple receivers.
Supplied view that contains the entire set of managed object’s the user is permitted to view. Different users may have different devices in their My Network view, reflecting their different access permissions.
An SNMP managed device attached to a network, from which data can be retrieved. For example, node devices such as hubs, routers, bridges, or network printers.
An Object Identifier is a sequence of integers that represent the position of an object in the hierarchical structure of objects in a MIB.
OMF (Open Modeling Framework)
Flexible Entuity framework that allows the fast integration and management of new types of managed objects, e.g. new device types. For example, the BladeCenter device type is implemented through the OMF.
A model for networks developed by International Standards Organization (ISO). The network is divided into seven layers, each layer building on the services provided below it
Any logical block of data sent over a network; it contains a header consisting of control information such as sender, receiver, and error-control data, as well as the message itself. May be fixed or variable length.
PCR (Peak Cell Rate)
PCR is the maximum short term data throughput supported by an ATM port; the limit to which traffic can burst.
Percentile Utilization indicates that for a defined percent of the time, e.g. 95, port utilization is below this value. It is useful for monitoring the sustained utilization of the port.
The 95th percentile is derived by ordering the utilization data by value, from highest to lowest. Application of a least square fit method removes spikes that would distort the analysis. The top 5% values are discarded, leaving the 95th percentile. This value is calculated for both inbound and outbound utilization.
Entuity licensing is enabled by grouping related types of managed objects into groups. These Policy Groups are then assigned a license credit quota. Before Entuity manages an object, it first checks whether the license allows its management and then whether a credit is required. When a license credit is required, Entuity checks that the policy group to which the object’s type is associated has available credits. For example, before Entuity manages a device it checks the device licensing policy group for available credits.
Devices on the network are accessed by the system at regular, pre-defined, intervals in order to retrieve required data. This is referred to as polling the devices.
The Polling Engine (or Core Management Engine) is the set of processes within an Entuity server responsible for all general network management tasks excluding flow collection (e.g. network discovery, inventory, monitoring, event management).
Administrators can enable/disable an Entuity server’s Polling Engine through configure, a decision which should be made according to the role the administrator wants the server to perform in the management of the network.
Entuity considers ports as interfaces on network devices, e.g. routers, and as endpoints in communications systems. In IP an upper-layer process that receives information from lower layers. Ports are numbered, and each numbered port is associated with a specific process. For example, SMTP is associated with port 25.
TCP and UDP transport layer protocols used on Ethernet use port numbers to distinguish between (demultiplex) different logical channels on the same network interface on the same computer.
Port channels aggregate multiple physical interfaces into one logical interface, identified in Entuity as an upper layer port. Port channels are often used to increase link bandwidth, load balance traffic and deliver high availability. Knowledge of the interfaces contributing to a channel, and their current state, is important to maintaining service delivery.
Administrators can configure physical ports into a series of channels, identified in Entuity as lower layer ports.
A set of formal rules detailing how to transmit data across a network. Example protocols include TCP, UDP and IP.
PVC (Permanent Virtual Circuit)
PVC is a Frame Relay virtual connection providing the user with the equivalent of a physical connection to a destination address, using shared facilities. Virtual circuits can be permanent (PVC) or switched (SVC).
Availability Monitor sends an ICMP ping to the management IP address of managed devices, by default every two minutes. Devices that respond are considered reachable, those that do not respond, after the set number of retries, are considered unreachable. When Availability Monitor (applicationMonitor) is not running, then the reachability of the device is Unknown for that period, although Entuity maintains the last known state of the device.
Entuity uses the device sysuptime to calculate when the device was last rebooted, or more accurately when the device last came up after being rebooted.
Within BMC Atrium reconciliation rules are applied by the reconciliation engine to improve
accuracy and efficiency of maintaining IT environment data in the CMDB. Reconciliation is
used to identify and merge CI information and relationship form imported dataset with
Remedy Help Desk / Service Desk
Entuity Remedy AR System Integration for Remedy AR System 7.0 includes a sample configuration that integrates with the Remedy Service Desk application.
A remote server is an Entuity server configured to trust another central Entuity server. A user logged into the central Entuity server is able to view information collected by the remote Entuity server(s), according to their user account access rights. A remote Entuity server responds to requests from a trusted central Entuity server, and freely shares information with it.
An Entuity server can be configured to perform both roles, be both a remote and central Entuity Server, allowing administrators to create both hub-n-spoke and fully meshed deployments.
Configuration of central and remote servers is through the Multi-Server Administration area of the Entuity web UI.
Root Cause Analysis (RCA)
RCA isolates IT related problems using vector differencing. This involves the building of a dependency chain of objects and monitoring the object states in that chain. In the event of state changes (where each object state change is a vector), differencing the dependency chain state vectors enables Entuity to determine the true cause of the event. Entuity can then raise the appropriate event.
For example, if an application becomes unavailable because a switch has failed then Entuity raises an event relating to the switch failure in Event Viewer. Entuity does not raise events for the application being unavailable as changes in state in the dependency chain are attributed to the switch failure.
A device that routes data between networks. Routers connect multiple LAN segments to each other or to a WAN.
Routers may be equipped to provide frame relay support to the LAN devices they serve. These routers can:
- encapsulate LAN frames in frame relay frames and send those frames to a frame relay switch for transmission across the WAN.
- receive frame relay frames from the WAN, strip the frame relay frame off each frame producing the original LAN frame, and forward it to the end device.
The configuration controlling the current operation of a piece of Cisco hardware. This may be different to the start-up config if changes have been made since start-up and the changes have not been saved. The running-config can be saved as the startup-config replacing any previous start-up config. The running-config is held in DRAM. If the machine is restarted without the running-config being saved, all changes are lost.
In Entuity, this is the period between two data samples. This may be between two pollings of a port, or between two rolled up data samples.
SCR (Sustainable Cell Rate)
SCR is the long term data throughput of an ATM port. Traffic can burst above this limit up to the PCR.
Any computer whose function in a network is to provide user access to files, printing, communications, and other services. Servers usually have more memory, more disk storage, and a more advanced processor than a single-user desktop PC.
Where Entuity manages an application, Entuity can manage the application server as a device.
Services is a method of grouping together collections of ports that provide a service and associating with them other ports which use that service. For example, a service maybe email, with one port designated as the provider of the service and all others in the group defined as consumers.
A Service Level Agreement (SLA) is a set of rules and metrics which can be used to measure the efficiency and performance of an object. That object may be a department, a server, a network or any other functional component of an organization. If an object adheres to its associated set of rules and metrics, then it can be said to be conforming to its SLA. Similarly, if the object breaches the set of rules and metrics, then this means that it is no longer conforming to its SLA.
Standardized method of managing and monitoring network devices on TCP/IP based internets. SNMP defines the formats of a set of network management messages, and the rules by which those messages are exchanged. The network management messages are used to make requests for performing network management functions and to report on events that occur in the network. Also, SNMP defines the allowable data types for MIBs, they way in which MIBs can be structured, and a set of standard objects that can be used in implementing a MIB.
Spanning tree provides a vendor neutral technology for visibility into your network. When correctly implemented, Entuity discovers bridge links, switch to switch relationships, through polling the Bridge MIB. Complete spanning tree connectivity relies on a contiguous set of Entuity managed devices.
Spanning tree shows trunk connectivity, and also includes uplinks when spanning tree is enabled, i.e. they are 'router on a stick' or layer 3 switch connections - fast ethernet connections which can route between VLANs.
Spanning tree will not show uplinks in other cases, and these are then detected using uplink detection.
This technology can be disabled in entuity.cfg by setting the following:
By default, Entuity spare port calculations include ports that have been unused for forty days or more, include ports that have system uptime of less than forty days and are currently unused and exclude ports that have been unused for less than forty days but have a system uptime of forty days or more.
By default, Entuity spare port calculations:
- include ports that have been unused for forty days or more.
- include ports that have system uptime of less than forty days and are currently unused.
- exclude ports that have been unused for less than forty days but have a system uptime of forty days or more.
The forty day threshold is configurable through the reporting section of entuity.cfg. Entuity distinguishes between physical and virtual ports using interface type. If required, System Administrators can amend the virtual port identifier.
Management code that resides in the device, controls the operation of the device, and responds to SNMP requests.
An SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a browser points to a secured domain, an SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key. They can begin a secure session that guarantees message privacy and message integrity.
The initial configuration when a piece of Cisco hardware starts-up. If there have been no changes to the configuration since start-up, this will be the same as the running-config. The startup-config is also referred to as the saved config. The startup-config is held in NVRAM.
Static threshold settings allow you to configure the trigger points which, when crossed, cause Entuity to raise events. You can set thresholds against an individual event, a managed object, View or all objects on an Entuity server.
Entuity Configurable Framework is the internal Entuity engine, also known as the Data Management Kernel (DMK). It runs as the DsKernelStatic process. Entuity Configurable Framework enables the delivery of functionality through a highly configurable set of core services. The configuration files, found in entuity_home\etc, prefixed with sw_, define and configure Entuity Configurable Framework services.
Entuity assigns all of the objects it manages their own Entuity Configurable Framework identifier. Entuity Configurable Framework identifiers are sequentially assigned, do not consider the object type and are unique within each Entuity server. StormWorks ID is visible from the object’s web UI Advanced tab, and is used in creating dashboards to the user, for example during Data Export, Map Export, running of Flex Reports.
Information that Entuity collects from your network is stored within Entuity as an attribute of the managed object, for example a port’s name and a port’s utilization are stored as attributes. Stream attributes are to maintain a history of a metric, for example Entuity maintains a history of port utilization.
Scalable Vector Graphics (SVG) is a graphics file format and Web development language based on XML. SVG is used by Entuity's reports to dynamically generate, high-quality graphics from real-time data.
A switch is a network device that selects a path or circuit for sending a unit of data to its next destination. It is usually simpler and faster than a router, which requires knowledge about the network to determine the route.
A switch may also include the function of the router, a device or program that can determine the route and specifically what adjacent network point the data should be sent to.
SynOptics Network Management Protocol (SONMP)
SONMP is also known as the Nortel Discovery Protocol (NDP), a Data Link Layer network protocol for discovery of Nortel (Avaya and Ciena) devices. It is available as a technology link type for the Entuity maps.
Entuity determines the switching capability of a device by checking the group dot1dtp, specifically the mandatory scalar value dot1dTpLearnedEntryDiscards. dot1dtp is only present when the device supports transparent bridging, which implies it has Ethernet switching capability.
Entuity determines the routing capability of a device by checking for the ip-forwarding variable from the ip group in the MIB of the device. When ip-forwarding has a value of 1, this implies the device is acting as a gateway and so has routing capability.
Entuity determines whether the device type is hub by comparing its type to device types detailed in the vendor files.
Connection-oriented protocol that provides a reliable byte stream over IP. A reliable connection means that each end of the session is guaranteed to receive all of the data transmitted by the other end of the connection, in the same order that it was originally transmitted without receiving duplicates.
Combination of TCP and IP protocols common to many different computer systems and so often used for communication between them.
Trivial File Transfer Protocol (TFTP) is a very simple file transfer protocol, with the functionality of a very basic form of FTP. It uses UDP as its transport protocol and has no authentication or encryption mechanisms.
Ticker allows you to view real time output at the device and port level, viewing data changes as they occur. You can select to view data activity for one or more client devices or ports.
- ports, you can select from a list of MIB variables the particular variable(s) you want to use to monitor the port. Entuity is supplied with a default number of MIB variables for use with ports and you can also add your own MIB variables to this list.
- devices, you can create your own list of MIB variables on which to monitor the device.
Traceroute in Entuity is identified as traceroute from Server. Traceroute from Entuity Server, uses data collected by applicationMonitor. This traceroute information is updated every two minutes, so calling TraceRoute from Server does not initiate a live traceroute but instead interrogates the data returned from the last applicationMonitor traceroute.
applicationMonitor uses Entuity's own implementation of traceroute functionality. This implementation performs ICMP pings in a similar way to a standard traceroute but with this key difference. When performing a traceroute applicationMonitor increments TTL values by one, until the pings reach the edge of an invisible cloud. At this point, applicationMonitor increase the TTL value to 32. When this results in the ping reaching its target, the response from the target includes the actual number of hops required to reach target.
Traps can be used by network components to signal abnormal conditions. Entuity can both receive and forward SNMP traps.
Entuity can be configured to:
- Generate events in Event Viewer when traps are received.
- Forward traps to up to six concurrent recipients.
A difference between a current-configuration file and a previously archived one that is not considered important by the system because it matches a set of rules codified as patterns in an “ignore file”. Trivial changes may include comments such as timestamps in a configuration file.
Trunk ports, i.e. ports connecting switches together. Entuity identifies a trunk port by:
- reading the MIB.
- macman identifying the switch port as having more than ten MAC addresses and also having associated VLANs.
- using CDP Trunk Port Discovery, a CISCO proprietary method.
When one or more of these methods identifies a trunk port, Entuity also considers it as a trunk port.
Entuity managed devices for which EMA does not have a device support dataset, provided through individual vendor, bin.vendor or newbin.vendor files, are included to Entuity as Unclassified devices under Full Management, or Unclassified devices under Ping-only and Basic Management.
Unclassified generically managed devices use an Uncertified device type, created by Entuity and held in newbin.vendor. These are Entuity managed devices and do incur a license charge. System Administrators should contact their Entuity support representative for a vendor file which would ensure Entuity fully manages these devices.
Unicast is network communication between a single sender and a single receiver.
Entuity considers an uplink as trunking on a connection to a router or layer 3 switch, which is visible through spanning tree. This technology attempts to link layer 3 with layer 2.
Where links between switches and routers are not done using VLAN trunking and spanning tree then the spanning tree technology will not detect them. This is typically at smaller satellite offices, which do not need the greater port density and much greater speed available from router on a stick and even greater speed available from layer 3 switching.
Ports connecting routers with switches.
By default, Entuity polls devices every five minutes, retrieving device sysuptime. Entuity checks as to whether the device has been continually up since the last poll, and modifies the device’s uptime value accordingly.
When sysuptime indicates the device has been down during the polling interval but is now up, from sysuptime alone Entuity cannot identify for how long the device was down. Entuity takes this unknown time, and adds fifty percent of it to the known uptime value, with the remaining fifty percent considered UNKNOWN. For example, where sysuptime has a value of two minutes. Entuity cannot determine the state of the device over the first three minutes of the polling interval. Entuity adds ninety seconds to the sysuptime value, giving an uptime value of two hundred and ten seconds and records the device state as UNKNOWN for ninety seconds.
In Entuity, port utilization is expressed as a percentage of actual traffic volume against the maximum volume that can be handled by the port.
UUID (Universally Unique ID)
A 16-byte value written to a system’s planar at manufacturing time to uniquely identify a system.
A variable binding, or VarBind, refers to the pairing of the name of a MIB variable to the variable's value. A VarBindList is a simple list of variable names and corresponding values. Some PDUs are concerned only with the name of a variable and not its value (e.g., the GetRequest-PDU). In this case, the value portion of the binding is ignored by the protocol entity. However, the value portion must still have valid ASN.1 syntax and encoding. It is recommended that the ASN.1 value NULL be used for the value portion of such bindings.
VCC (Virtual Channel Connection)
A VCC is an association established at the ATM Layer between two or more endpoints for the purpose of user-user, user-network, or network-network information transfer. The points at which the ATM cell payload is passed to the AAL for processing signify the endpoints of a VCC. Virtual Circuit is a more generic, non-ATM specific term.
VCI (Virtual Channel Identifier)
VPI and VCI together identify a virtual channel link on an ATM interface.
Entuity identifies the device type of discovered devices by matching their sysoid to that held against the device support datasets. Device support dataset definitions are listed here in order of precedence: individual vendor files, bin.vendor file, newbin.vendor file, and then uncertified file.
vendinfo identifies the vendor information available to Entuity and the decisions made when more than one vendor file is available for a particular sysoid; which vendor device definition Entuity uses to manage that device type.
|individual vendor files||when Entuity does not currently manage a device that you need it to, you can request your Entuity Support representative for an appropriate vendor file. Those non-standard definitions are listed in entuity_home/etc/exotica. Only when a vendor file is moved to entuity_home/etc does Entuity use that definition.|
|bin.vendor file||file includes the default vendor file definition.|
|newbin.vendor file||file includes device type definitions generated by earlier versions of Entuity.|
|uncertified file||file includes device type definitions created by Entuity, using proliferate with the -g parameter. Devices of this type are considered as Unclassified Devices.|
All network objects within Entuity are displayed through views. View filters allow you to restrict the displayed objects in the view to the ones you are interested in. You can also use user profiles to control access to different views.
Virtual Channel Links (VCLs)
A VCC consists of the concatenated VCLs. A VCL is a means of unidirectional transport of ATM cells between the points where a VCI value is assigned and the point where the value is translated or removed. The VPI and VCI within the ATM cell header associates each cell with a particular VCL over a given physical link.
A Virtual Circuit is a generic term for an association established between two or more endpoints for the purpose of user-user, user-network, or network-network information transfer. An example would be ATM’s VCC.
Entuity distinguishes between physical and virtual ports using interface type. If required, System Administrators can amend the virtual port identifier.
A logical association that allows users to communicate as if they were physically connected to a single LAN, independent of the actual physical configuration of the network.
Entuity currently manages Oracle and VMware VMs through its VM Platform device type. Entuity communicates with VMs and their hypervisors through the VM’s SDK. This requires specification of different connection attributes when compared to devices of other types. It also requires that all VMs are added to Entuity with a Ping Only management level, as this allows the selection of the VM Platform type and its connection configuration. When adding VMs using autoDiscovery care must be taken to ensure candidate device VMs are always added as Ping Only.
VPD (Vital Product Data)
VPD is information about a device that is stored on a computer's hard disk (or the device itself) that allows the device to be administered at a system or network level. Typical VPD information includes a product model number, a unique serial number, product release level, maintenance level, and other information specific to the device type. Vital product data can also include user-defined information, such as the building and department location of the device. The collection and use of vital product data allows the status of a network or computer system to be understood and service provided more quickly.
VPI (Virtual Path Identifier)
VPI identifies a virtual path leg on an ATM interface.
VRF (Virtual Routing and Forwarding)
VRF allows multiple instances of a routing table to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP addresses can be used without conflicting with each other.
VTP (VLAN Trunk Procotol) Domain
A VTP domain consists of one or more connected switches that share the same VTP domain name. A switch can be configured to be in one, and only one, VTP domain. The vtpDomainTool generates a View that groups devices and VLANS by this VTP domain name.
Wireless Controller (WC)
A network attached device that coordinates traffic to and from Lightweight Wireless Access Points (LAPs). It provides centralized control over the configuration and dynamic behavior of potentially many LAPs.