Installation Guide for Cisco Unified Operations Manager 2.3
Prerequisites
Downloads: This chapterpdf (PDF - 210.0KB) The complete bookPDF (PDF - 1.65MB) | Feedback

Prerequisites

Table Of Contents

Prerequisites

Product Overview

Server Requirements

Coresident Guidelines

VMware Guidelines

Terminal Server Support for a Windows 2003 Server

Enabling and Disabling Terminal Services on a Windows 2003 Server

Enabling and Disabling FIPS on a Windows 2003 Server

Client Requirements

Cisco Unified Computing System

Other System Software

System Capacity

Bandwidth Estimation

Supported Devices and Software


Prerequisites


This chapter describes the prerequisites for installing Cisco Unified Operations Manager (with Cisco Unified Service Monitor) on a Windows system. It includes:

Product Overview

Server Requirements

Client Requirements

Cisco Unified Computing System

Other System Software

System Capacity

Bandwidth Estimation

Supported Devices and Software

For additional requirements before you begin your installation or upgrade, see Preparing the Operations Manager Server, page 2-2 or Before You Start the Upgrade, page 2-18.

Product Overview

Cisco Unified Operations Manager (Operations Manager) is a product from the Cisco Unified Communications Management Suite, which provides a comprehensive and efficient solution for network management and monitoring of Cisco Unified Communications deployments.

Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the underlying transport infrastructure in the network. Operations Manager uses open interfaces such as Simple Network Management Protocol (SNMP), Hypertext Transfer Protocol (HTTP), and Windows Management Instrumentation (WMI) to remotely poll data from different devices in the IP communications deployment.


Note Operations Manager does not deploy any agent software on the devices being monitored and thus is nondisruptive to system operations.


Cisco Unified Operations Manager increases productivity of network managers in the following ways:

Provides contextual diagnostic tools—Enables you to isolate problems more quickly:

Diagnostic tests provide performance and connectivity details about different elements of the converged IP communications infrastructure.

Synthetic tests replicate end-user activity and verify gateway availability and other configuration and operational aspects of the IP communications infrastructure.

IP service-level agreement (SLA)-based diagnostic tests can measure the performance of WAN links and node-to-node network quality.

Clickable information in notification messages—Includes context-sensitive links to more detailed information about service outages.

Context-sensitive links to other CiscoWorks tools and Cisco tools—For managing IP communications implementations.

Presents service-quality alerts—Uses information from Cisco Unified Service Monitor, when it is also deployed, to:

Display mean opinion scores (MOSs) associated with poor voice quality between pairs of endpoints (Cisco IP Phones, Cisco Unity messaging systems, or voice gateways) involved in a call and other associated details about the voice-quality problem.

Enable you to perform a probable path trace between the two endpoints and reports on any outages or problems on intermediate nodes in the path.

Provides information on current connectivity-related and registration-related outages affecting IP phones (both Session Initiation Protocol and Skinny Client Control Protocol based phones) in the network. In addition, provides contextual information that enables locating and identifying the IP phones involved.

Tracks IP communications devices and IP phone inventory—Tracks IP phone status changes and creates a variety of reports that document move, add, and change operations on IP phones in the network.

Provides real-time notifications—Uses SNMP traps, syslog notifications, and e-mail to report the status of the network being monitored to a higher-level entity (typically, to a manager of managers).

Server Requirements

Table 1-1 lists the minimum server system requirements for installing Operations Manager. If you are planning to run Service Monitor or other IP Communications Management software on the same server as Operations Manager or in a virtualization environment, see Coresident Guidelines and VMware Guidelines for more information.

For details on supported devices and software, see the Supported and Interoperable Devices and Software for Cisco Unified Operations Manager 2.3.

Table 1-1 Installation Server System Minimum Requirements for Operations Manager
(without Service Monitor deployment) 

Requirement Type
Minimum Requirements for Deployment of up to...
1,000 IP Devices and 10,000 Phones
1,000 IP Devices and 30,000 Phones
2,000 IP Devices and 45,000 Phones

Processor1

Dual-core processor greater than 2 GHz.

One of the following (that add up to four processors):

Two dual-core processors greater than 2 GHz

One Quad-core processor greater than 2 GHz

Memory (RAM)

4 GB.2

4 GB.1

8 GB RAM.

Page File Space3

8 GB.

8 GB.

16 GB.

Disk Space4

72 GB recommended.

NTFS file system (required for secure operation).

At least 16 MB in Windows temporary directory (%TEMP%).

Hardware

Color monitor. (For optimum viewing on the Operations Manager display, Cisco recommends that you use the highest native resolution supported by the client PC and monitor. A large, high-resolution display will also allow for less scrolling through information presented and increase operator efficiency. The minimum resolution recommended is 1024 x 768 on a 17" monitor.)

CD-ROM drive.

Support for one or two 1-GB NICs (one is required, and the second is for failover support; both NIC cards must have the same IP address).

Software5 ,6 ,7 ,8

One of the following:

Windows Server 2003 with Service Pack (SP) 2, Standard and Enterprise Editions (32-bit version).

Windows Server 2003 Enterprise R2 Edition SP2 (32-bit version).

One of the following:

Windows Server 2003 SP2 Enterprise Edition (32-bit version).

Windows Server 2003 SP2 Enterprise R2 Edition (32-bit version).

ODBC Driver Manager9 3.5.10 or later.

(Optional) ESX 3.5 and ESXi 4.x—Operation Manager supports ESX for virtualization. For requirements, see VMware Guidelines.

(Optional) NTP—If you are going to use Cisco Unified Service Monitor, configure the server to use Network Time Protocol (NTP) to synchronize with the time server that is used by Cisco Unified Communications Managers in your network. See NTP Configuration Notes, page 2-27.

1 Processor can be Intel Xeon or AMD Opteron.

2 For details on enabling the full 4 GB of RAM on Windows, see Enabling the Full 4 GB of RAM, page 2-5.

3 When configuring the page file, you should set both the minimum and maximum file size parameters to same size. This ensures that Windows creates a page file of the required size.

4 Do not install Operations Manager on a FAT file system.

5 You must install Operations Manager on a dedicated system. Do not install Operations Manager on a Primary Domain Controller (PDC) or Backup Domain Controller (BDC). Do not install Operations Manager in an encrypted directory. Operations Manager does not support directory encryption.

6 Immediately following installation, the TCP/IP stack should be hardened to avoid denial of service attacks. Ensure these steps are taken before product use.

6 - Apply Windows security patches. See Microsoft Security Updates for Denial of Service Attacks for details. The system that you use for your Operations Manager server should meet all the security guidelines that Microsoft recommends for Windows 2003 Server. See the NSA website for security guidance: http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml#microsoft. (Specifically, the TCP/IP stack should be hardened to avoid denial of service attacks.) See "Security Consideration for Network Attacks", page 103 in "The Windows Server 2003 - Security Guide, v2.1" for download from this NSA URL.

6 - Apply Common Services patches. Common Services has released OpenSSL security patch for TLS/SSL renegotiation vulnerability (CSCtd01597) on Cisco.com. The patch can be downloaded from the following URL: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=276698858.

6 - Perform a procedure on their Windows Server 2003 Standard/Enterprise Edition to block remote access to all TCP/UDP ports except for those ports used by Operations Manager required for external access. See Operations Manager Firewall Updates to Avoid Denial of Service Attacks.

6 For details about issues that may occur with the Nessus vulnerability scan even after performing these steps, see the release notes.

7 The default locale for your Windows operating system must be set to either US-English or Japanese.

8 Windows Terminal Services is supported in Remote Administration mode only. Use of Windows Terminal Services or Remote Desktop and Virtual Network Computing (VNC) to remotely control the server is not recommended for performing day-to-day operations (for example, running reports, keeping dashboards and Service Level View open, and so on). For more information, see Terminal Server Support for a Windows 2003 Server.

9 To verify the version of ODBC Driver Manager, from the Windows desktop, select Start > Settings > Control Panel > Administrative Tools > Data Sources (ODBC). Select the About tab. If necessary, install Microsoft Data Access Component (MDAC) 2.5 or later.


Coresident Guidelines


Note For supported configurations in a virtualization environment, see VMware Guidelines.


Operations Manager, Service Monitor, Service Statistics Manager, and Provisioning Manager can be coresident with up to 10,000 phones. Table 1-2 provides the minimum requirements for a coresident installation.

Table 1-2 Installation Server System Minimum Requirements for Coresidence 

Requirement Type
Minimum Requirements for Coresident Deployment of up to 10,000 Phones

Processor 1

Two-way quad-core Xeon X5460 processors at 3.16 GHz.


Note A two-way quad-core processor is a system that contains 2 physical processors—each of which is a quad-core processor—effectively containing 8 (2x4) logical CPUs.


Memory (RAM)

16 GB (PAE enabled).

Page File Space2

32 GB.

Disk Space3

320 GB recommended. (Minimum four SAS drivers.)

For optimal I/O throughput, you must have a Battery Backed Write Cache (BBWC); we also recommend two I/O controllers (with two disks on each controller).

NTFS file system (required for secure operation).

At least 16 MB in Windows temporary directory (%TEMP%).

Hardware

Color monitor. (For optimum viewing on the Operations Manager display, Cisco recommends that you use the highest native resolution supported by the client PC and monitor. A large, high-resolution display will also allow for less scrolling through information presented and increase operator efficiency. The minimum resolution recommended is 1024 x 768 on a 17" monitor.)

CD-ROM drive.

Support for one or two 1-GB NICs (one is required, and the second is for failover support; both NIC cards must have the same IP address).

Software4 ,5 ,6 ,7

One of the following:

Windows Server 2003 Enterprise Edition SP2 (32-version)

Windows Server 2003 R2 Enterprise Edition SP2 (32-version)

ODBC Driver Manager8 3.5.10 or later.

(Optional) NTP—If you are going to use Cisco Unified Service Monitor, configure the server to use Network Time Protocol (NTP) to synchronize with the time server that is used by Cisco Unified Communications Managers in your network. See NTP Configuration Notes, page 2-27.

1 Processor can be Intel Xeon or AMD Opteron.

2 When configuring the page file, you should set both the minimum and maximum file size parameters to 32 GB. This will ensure that Windows creates a 32-GB page file.

3 Do not install Operations Manager on a FAT file system.

4 Do not install Operations Manager on a Primary Domain Controller (PDC) or Backup Domain Controller (BDC). Do not install Operations Manager in an encrypted directory. Operations Manager does not support directory encryption.

5 Immediately following installation, the TCP/IP stack should be hardened to avoid denial of service attacks. Ensure these steps are taken before product use.

5 - Apply Windows security patches. See Microsoft Security Updates for Denial of Service Attacks for details. The system that you use for your Operations Manager server should meet all the security guidelines that Microsoft recommends for Windows 2003 Server. See the NSA website for security guidance: http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml#microsoft. (Specifically, the TCP/IP stack should be hardened to avoid denial of service attacks.) See "Security Consideration for Network Attacks", page 103 in "The Windows Server 2003 - Security Guide, v2.1" for download from this NSA URL.

5 - Apply Common Services patches. Common Services has released OpenSSL security patch for TLS/SSL renegotiation vulnerability (CSCtd01597) on Cisco.com. The patch can be downloaded from the following URL: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=276698858.

5 - Perform a procedure on their Windows Server 2003 Standard/Enterprise Edition to block remote access to all TCP/UDP ports except for those ports used by Operations Manager required for external access. See Operations Manager Firewall Updates to Avoid Denial of Service Attacks.

5 For details about issues that may occur on the Nessus devices even after performing these steps, see the release notes.

6 The default locale for your Windows operating system must be set to either US-English or Japanese.

7 Windows Terminal Services is supported in Remote Administration mode only. Use of Windows Terminal Services or Remote Desktop and Virtual Network Computing (VNC) to remotely control the server is not recommended for performing day-to-day operations (for example, running reports, keeping dashboards and Service Level View open, and so on). For more information, see Terminal Server Support for a Windows 2003 Server.

8 To verify the version of ODBC Driver Manager, from the Windows desktop, select Start > Settings > Control Panel > Administrative Tools > Data Sources (ODBC). Select the About tab. If necessary, install Microsoft Data Access Component (MDAC) 2.5 or later.


To successfully perform coresident installations, follow these recommendations:

Install each application along with its databases on a separate drive. You can install one of the applications on the system drive (C:), but if you have a sufficient number of drives, we recommend that none of the applications be installed on the system drive.

Install applications in this order (recommended, not required):

1. Operations Manager (includes Service Monitor)

2. Service Statistics Manager

3. Provisioning Manager (in Advanced mode)


Note If you have already installed Provisioning Manager, before you install Operations Manager on the same server, perform the tasks in Preparing a Server Where Provisioning Manager Has Already Been Installed, page 2-4.


VMware Guidelines

Operations Manager supports VMware ESX 3.5 and ESXi 4.x. Operations Manager must have the same system resources available to it inside the virtualization environment that it has for a standard (nonvirtual) installation. When determining the performance of Operations Manager in your virtual setup, you must take into account that the VMware instance will use some system resources that would normally be available to Operations Manager in a standard installation. Additional requirements for running Operations Manager in a virtualization environment might vary with your environment and system load. For more information, see Best Practices for Cisco Unified Communications Management Suite on Virtualization, at this URL:

http://www.cisco.com/en/US/products/ps6535/prod_white_papers_list.html

The following configurations are supported for Operations Manager in a virtual environment:

Three instances of Operations Manager, each supporting up to 5,000 phones and 1,000 IP devices

Each of these products installed on a separate virtual machine:

Operations Manager

Service Monitor

Service Statistics Manager

Provisioning Manager

with each supporting up to 10,000 phones and 1,000 IP devices. (Running one instance of an application on one virtual machine is the only supported configuration.)

One instance of Operations Manager supporting up to 45,000 phones and 2,000 IP devices


Note For other supported Service Monitor, Service Statistics Manager, and Provisioning Manager configurations in a virtualization environment, see Best Practices for Cisco Unified Communications Management Suite on Virtualization, at this URL: http://www.cisco.com/en/US/products/ps6535/prod_white_papers_list.html.


When setting up Operations Manager in a VMware environment, keep in mind the following guidelines:

Resources must be reserved at 100% of requirements for the virtual machine.

To use a licensed Operations Manager in a VMware environment, you must configure your virtual machine with a static MAC address.


Note You can run Operations Manager in Evaluation mode with a dynamic MAC address. However, before you can run a licensed copy of Operations Manager, you must configure a static MAC address.


To set up a static MAC address, do the following:


Step 1 Power down the virtual machine.

Step 2 In the Inventory panel, select the virtual machine.

Step 3 Click the Summary tab and then click Edit Settings.

Step 4 In the Hardware list, select Network Adapter.

Step 5 For MAC address, select Manual.

Step 6 Change the current MAC address of the virtual machine to a static MAC address in the following range: 00:50:56:00:00:00 to 00:50:56:3F:FF:FF.

When assigning a static MAC address, we recommend choosing a complex address. An example of a complex MAC address is 00:50:56:01:3B:9F. A less complex MAC address is 00:50:56:11:11:11, because of the repeating ones (1).


Note Choosing a complex address makes it less likely that you will choose an address being used by another customer. This can prevent accidental licensing overlap between different customers.


Step 7 Click OK.


Terminal Server Support for a Windows 2003 Server

You can install Operations Manager on a system with Terminal Services enabled in Remote Administration mode. However, you must not install Operations Manager on a system with Terminal Services enabled in Application mode.

If you have enabled Terminal Services in Application mode, you should disable the Terminal Server, reboot the system, and start the installation again.

Table 1-3 summarizes the Terminal Services features on a Windows 2003 Server.

.

Table 1-3 Terminal Services on a Windows 2003 Server

Windows 2003 Server
Features

Terminal Server

Remote access and virtual system. Each client has its own virtual OS environment.

Remote Desktop Administration

Remote access only. All clients use the same (and the only) operating system.

Note Do not use terminal services to perform day-to-day tasks in Cisco Unified Management Communications Suite applications, such as viewing the Service Level View in Operations Manager or viewing reports in Service Monitor.


Enabling and Disabling Terminal Services on a Windows 2003 Server

To enable or disable the Terminal Server, go to Manage Your Server > Add or Remove a Role > Terminal Server.

To enable or disable remote desktop administration, go to Control Panel > System > Remote.

Enabling and Disabling FIPS on a Windows 2003 Server

Sometimes, Federal Information Processing Standard (FIPS)-compliant encryption algorithms are enabled for Group security policy on a Windows server.

When FIPS compliance is enabled, SSL authentication may fail on the Operations Manager server. For Operations Manager to work properly, you must disable FIPS compliance.

To enable or disable FIPS compliance on a Windows 2003 server:


Step 1 Go to Start > Settings > Control Panel > Administrative tools > Local Security Policy.

The Local Security Policy window appears.

Step 2 Click Local Polices > Security Options.

Step 3 Select System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.

Step 4 Right-click the selected policy and select Properties.

Step 5 Select Enabled or Disabled to enable or disable FIPS-compliant algorithms.

Step 6 Click Apply.

You must reboot the server for the changes to take effect.


Client Requirements

Table 1-4 shows the minimum system requirements for Operations Manager clients.

If a client system is available, it is recommended that you perform all configurations and day-to-day activities on the client system. If a client system is not available, the Operations Manager server must also meet all the system requirements for a client system (see Table 1-4).

Table 1-4 Client System Requirements 

Requirement Type
Minimum Requirements

System hardware

Any PC or server platform with an Intel Pentium 4 or Xenon processor greater than 1.0 GHz.

Color monitor with video card set to 24 bits color depth. (For optimum viewing on the Operations Manager display, Cisco recommend that you use the highest native resolution supported by the client PC and monitor. A large, high resolution display will also allow for less scrolling through information presented and increase operator efficiency. The minimum resolution recommended is 1024 x 768 on a 17" monitor.)

Screen resolution of 1024 x 768 dpi.

Note Not every LCD projector or monitor provides a clear display at the minimum resolution. On LCD projectors and monitors, dot pitch impacts the readability of the screen.

System software

One of the following:

Windows Server 2003 Standard or Enterprise Edition without Windows Terminal Services.

Windows Server 2003 R2.

Windows XP Professional with SP2.

Internet Explorer 6.0.28, 6.0.37, or 7.01 ,2 .

Adobe Flash Player 8.0 or 9.0. Downloading Flash from the Adobe website requires that you install ActiveX cookies on the system. An offline installation of Flash may be required if Internet Explorer security patches are present on a newly installed Operations Manager server.

Memory (RAM)

1 GB recommended.

Page file space

2 GB.

Environment

Clients must be able to access Operations Manager:

From outside a firewall—Refer to documentation for your firewall for how to configure client access.

Across a Virtual Private Network (VPN)—The VPN tunnel should connect the client and a VPN router or similar device.

1 If your Internet Explorer window unexpectedly quits, see the Operations Manager release notes for information on Microsoft updates.

2 Your browser's Internet security level must be set to Medium. To check the current level in Internet Explorer, select Tools > Internet Options, and click the Security tab.


Cisco Unified Computing System

Operations Manager can be installed on a Cisco Unified Computing System. If you are going to install Operations Manager on a Cisco Unified Computing System, make sure that the system has the latest firmware installed.For more information, see Best Practices for Cisco Unified Communications Management Suite on Virtualization, at this URL:

http://www.cisco.com/en/US/products/ps6535/prod_white_papers_list.html

Other System Software

Ensure that any prerequisites for interoperable software (such as Service Monitor or Service Statistics Manager) are reviewed and acted upon before installing or upgrading Operations Manager 2.3. For information on preparing to install or upgrade, see Preparing the Operations Manager Server, page 2-2. See the latest information on supported devices and interoperable software at http://www.cisco.com/en/US/products/ps6535/products_device_support_tables_list.html.

Operations Manager has undergone interoperability testing with McAfee Virus Scan Enterprise 8.0.


Note When using Operations Manager on a system with virus protection software, it is recommended that you enable virus protection only after the installation or upgrade is complete. You should schedule active scanning of drives and memory to occur during off-peak hours. You may experience delays, and performance may be degraded, when the virus scan software is scanning all files.


System Capacity

Table 1-5 lists the maximum capacity of Operations Manager when it is installed on a system that meets the requirements for the deployment (see Table 1-1).

Table 1-5 System Capacity

System Parameters
Deployment up to...
1,000 IP Devices and 10,000 Phones
1,000 IP Devices and 30,000 Phones
2,000 IP Devices and 45,000 Phones

Access ports1 , 2

15,000

45,000

60,000

Trunk ports and interfaces2

4,500

4,500

7,500

Cisco Unified Communications Manager clusters

6

6

20

Unified Communications Managers

4-8 per cluster (total 30)

4-8 per cluster (total 30)

150

Cisco Unified Communications Manager Express and Cisco Unity Express

300

300

600

Route lists and route groups

1,000

1,000

2,200

Phone status tests

500

500

1,000

Synthetic tests

100 (50 end-to-end and 50 dial-tone tests)

100

250

Node-to-node tests

100

100

500

SRST monitoring

250

250

1,000

Sustained event rate per minute3 , 6

25

50

50

High event rate per minute4 , 6

100

200

200

Burst events5 , 6

1,000

1,500

1,500

Concurrent client (browser) logins

5

5

5

1 By default, Operations Manager does not manage access ports; however, it discovers the phones connected to these ports.

2 You can use the sm_tpmgr command to view the number of ports and interfaces in your inventory. See the tip below for information on how to use this command in Operations Manager.

3 Sustained events are event rates handled by the system on a continuous basis.

4 High events are event rates handled by the system during high activity periods that last for a short duration (up to one hour).

5 Burst events are event rates handled by the system for a one-time high activity period.

6 This is a process event count that includes poll events, traps, syslogs, and service quality traps.



Tip To find out how many trunk and access ports are currently in the Operations Manager inventory, use the sm_tpmgr command:


# NMSROOT\objects\smarts\bin\sm_tpmgr.exe --server=DFM --sizes

Locate the line in the output that is similar to the following:

Total Number of Ports: 655 [42/42]

In this example, 665 ports were discovered in the server, of which 42 are monitored for connectivity and 42 are monitored for performance.


Bandwidth Estimation

As you plan your deployment, you can obtain an estimate of the bandwidth that Operations Manager requires to manage Cisco Unified Communications network elements. For more information, see the Cisco Unified Operations Manager: Bandwidth Estimator tool available on this Tool Index page: www.cisco.com/en/US/products/prod_tools_index.html.

Supported Devices and Software

Device adapter packages for all supported devices are installed when you install Operations Manager. Information about device support can be found on Cisco.com at http://www.cisco.com/en/US/products/ps6535/products_device_support_tables_list.html.

As additional device adapter packages become available, you can download the IDUs that contain them, by logging into Cisco.com.

For details on how to configure Cisco devices to be monitored by Operations Manager, see Configuring Operations Manager to Monitor Devices, page 3-1. For details on how to configure Cisco software applications (such as Service Monitor, Provisioning Manager, or Service Statistics Manager), see Adding Cisco Unified Communications Management Server Links from Operations Manager, page 3-20.


Caution Be sure to read the important sections on steps to take before installing or upgrading Operations Manager to release 2.3. For prerequisite installation steps, see Preparing the Operations Manager Server, page 2-2. For prerequisite upgrade steps, see Backing Up Data Before the Upgrade or Reinstallation, page 2-15 and Before You Start the Upgrade, page 2-18.