Web Element Manager Overview


Web Element Manager Overview
 
 
 
Starent Networks' market leading ST-Series Multimedia Core Platform is a powerful, service-enabling platform for mobile operators looking to provide a superior service experience for their subscribers. Part of the power and flexibility of the system is its robust, standards-based management application.
The Web Element Manager (WEM) is a Common Object Request Broker Architecture (CORBA)-based application that provides complete Fault, Configuration, Accounting, Performance, and Security (FCAPS) management capability for the system.
For maximum flexibility and scalability, the WEM application implements a client-server architecture. This architecture allows remote clients with Java-enabled web browsers to manage one or more systems via the server component which implements the CORBA interfaces. The server component is fully compatible with the fault-tolerant Sun® Solaris® operating system. For added security, management traffic can be encrypted using the Secure Sockets Layer (SSL) protocol.
 
Web Element Manager Network Interfaces
 
Supported Features
 
FCAPS Support
The Web Element Manager application provides Fault, Configuration, Accounting, Performance and Security (FCAPS) management functionality for the ST16 and ST40.
 
Fault Management
Fault management consists of an event logging function wherein all alarms, warnings, and other faults can be configured, reported, and acknowledged by network operations personnel.
The Simple Network Management Protocol (SNMP) is used by both the Web Element Manager and the ST16/ST40 to report event notifications. The application’s fault management system offers the following support for generated alarms:
 
Configuration Management
The Web Element Manager implements an easy to use, point-and-click GUI for providing configuration management for one or more systems. This GUI provides all the flexibility offered by the system’s command Line Interface (CLI), while providing the scalability of performing certain functions across multiple ST16s/ST40s. All configuration information is stored in the PostgreSQL Database.
At the system-level, the Web Element Manager application provides support for the following:
At the network level, the application is capable of transferring configuration and/or software images to multiple systems simultaneously in advance to performing software upgrades.
The Web Element Manager supports the configuration of all parameters required to perform software upgrades including:
The Web Element Manager further simplifies the software upgrade process by providing tools for managing system configuration files:
Back-up Tool: Enables the Web Element Manager to transfer a copy of the configuration file currently being used by a managed system at user-defined intervals. Files are transferred to the host server in a specific directory. The number of files to retain in the directory is also configurable. This tool provides a useful mechanism for testing configurations and/or quickly restoring a last-known-good configuration in the event of an error.
Compare Tool: Provides a powerful tool for comparing the configuration files of two managed systems. Once the two files are specified, a dialog appears displaying the two documents side-by-side. Line numbers are added for convenience. Text additions, modifications, and deletions are displayed in different colors for easy recognition. This tool can be useful on its own to determine variations between multiple iterations of the same configuration file, or, when used in conjunction with the Back-up tool, it can provide an audit trail of configuration changes that occurred during system operation.
 
Accounting Management
Accounting management operations allow users to examine and perform post-process statistical analysis on systems managed by the Web Element Manager application.
The type of statistics used for element management-based accounting are called bulk statistics. Bulk statistics are grouped into categories called schemas and are polled by the system at fixed polling intervals and then transferred to the Web Element Manager at a different transfer intervals (defined in minutes).
Once the Web Element Manager server application, called the receiver, has received bulk statistics files from the managed system, these files are parsed and added to the PostgreSQL database. This database is updated as new files are received.
The Web Element Manager’s accounting management functionality is compliant with TS 32.401, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Performance Management (PM); Concept and requirements and allows you to:
 
Performance Management
Performance management operations supported by the Web Element Manager allow users to examine and perform real-time statistical analysis on systems managed by the application as well as on the server on which the application is running.
Information pertaining to various aspects of the Web Element Manager (CPU and memory utilization, disk space, and process status) and its managed systems (hardware, protocols, software subsystems, and subscribers) is collected in real time and is displayed in tabular format. Alternatively, most of the information can be graphed as a function of time in either line or bar-chart format. Multiple statistics can be graphed simultaneously for quick comparison of data.
In addition to collecting and providing mechanisms for the real-time viewing of statistical information, the Web Element Manager provides useful monitoring tools similar to those found in the CLI. These tools can be used to monitor active subscriber sessions, protocol flows, and port information. Data collected during this monitor operation can be saved to the client machine for further analysis.
 
Security Management
Security management pertains to the operations related to management users. This includes both Web Element Manager application users and local management users who are configured on the ST16/ST40. In many cases, management users can be allowed access to both the system (via its CLI) and the application. It is possible for both management user accounts to share the same username and password.
The security management features of the Web Element Manager allow you to:
Regardless of the administrative user type (ST16/ST40 or application-level), there are four levels of management user privileges:
Inspector: Inspectors are limited to a small number of read-only Exec Mode commands.The bulk of these are “show” commands giving the inspector the ability to view a variety of statistics and conditions. The Inspector cannot execute show configuration commands and do not have the privilege to enter the Config Mode.
Operator: Operators have read-only privileges to a larger subset of the Exec Mode commands. They can execute all commands that are part of the inspector mode, plus some system monitoring, statistic, and fault management functions. Operators do not have the ability to enter the Config Mode.
Administrator: Administrators have read-write privileges and can execute any command throughout the CLI except for a few security-related commands that can only be configured by Security Administrators. Administrators can configure or modify the system and are able to execute all system commands, including those available to the Operators and Inspectors.
Security Administrator: Security Administrators have read-write privileges and can execute all CLI commands including those available to Administrators, Operators, and Inspectors.
The audit trail functionality supports the configuration of filters defining the type of operations to audit and also provides a dialog for performing the audit in real-time.
Audit trail results are stored in the PostgreSQL database for later retrieval and analysis.
The new Network Audit Tool functionality in WEM supports the on-demand or periodic auditing of IMG configuration attributes such as PPP MRU, Auth Sequence, Bulkstats Schema Needs Update, etc.
 
Additional Features
Additional features provided by the Web Element Manager application include:
Utilizing the Object Management Group's (OMG) standard CORBA northbound interface, the Web Element Manager application can be integrated with higher-level TMN-modeled applications such as network, business, and service layer applications. The OMG's Interface Definition Language (IDL) can be used to develop custom interfaces to various other third-party components such as Application Servers, etc.
All databases used for audit trail, performance and statistical information, event management, and device inventory information will be stored on the Web Element Manager server using the UNIX file system.
In the event of a server failure, a backup server could quickly access the latest configuration, inventory, and other information.
The Web Element Manager provides the ability for users to select a specific language the information is provided in. The currently supported languages include U.S. English and Korean.
The Web Element Manager has a complete web-based Help system that provides user assistance for every screen and function available within the application. This Help system resides on the Web Element Manager server and is accessible from any supported client workstation.
 
Web Element Manager System Requirements
Important: The hardware required for the Web Element Manager server may vary, dependent upon the number of chassis being managed, the number of clients that require access, and other variables. This minimum configuration has been tested to support up to 30 Web Element Manager clients, managing up to 25 chassis.
 
Server Application
Important: It is recommended that users ensure all recommended patches are installed before performing a new installation or software upgrade.
Important: Users based in the United States should ensure that the timezone patch 109809-05 (or later) and libc patch 108993-52 (or later) be installed in support of extended daylight savings time (DST) support.
Important: Users based in the United States should ensure that the timezone patch 113225-07 (or later) and libc patch 112874-33 (or later) be installed in support of extended daylight savings time (DST) support.
Important: In addition, if Solaris 9 is used, it must be installed using the “End User System support 64-bit” software group must be specified during the installation of the operating system. This option installs the libraries required for proper operation of the Web Element Manager.
Important: Solaris 10 Kernel patch released between 137137-09 and 142900-04 may result in kernel panic while executing/invoking system calls.
 
Client Access
Important: Web Element Manager clients cannot access the Web Element Manager server if the server is separated by an NAT'd firewall or other device that restricts access between the client workstation and server.
 
WEM Architecture
The WEM architecture consists of the following components:
 
 
Host Filesystem
Running on the fault-tolerant Sun Solaris operating system, the WEM uses the native filesystem for such things as creating and writing to log files, storing alarm and bulk statistic-related information, and configuration file management.
 
Apache Web Server
Remote clients interface with the WEM by establishing session with the server using the Hyper Text Transport Protocol (HTTP). The session is hosted by the Apache Web Server which launches a Java applet providing a graphical user interface for managing the system. When HTTPS is mentioned in the URL instead of HTTP, secure connection is established between the WEM client and WEM server. The Apache Web Server is also used to execute Common Gateway Interfaces (CGIs) invoked by the applet using CORBA/Internet Inter-ORB Protocol (IIOP).
 
WEM Server FCAPS Support
This component provides Fault, Configuration, Accounting, Performance, and Security (FCAPS) functionality.
 
Fault Management
Fault management consists of an event logging function wherein all alarms, warnings, and other faults can be configured, reported, and acknowledged by network operations personnel.
The Simple Network Management Protocol (SNMP) is used by both the Web Element Manager and the ST16/ST40 to report event notifications. The application’s fault management system offers the following support for generated alarms:
 
Configuration Management
The Web Element Manager implements an easy to use, point-and-click GUI for providing configuration management for one or more systems. This GUI provides all the flexibility offered by the system’s command Line Interface (CLI), while providing the scalability of performing certain functions across multiple ST16s/ST40s. All configuration information is stored in the PostgreSQL Database.
At the system-level, the Web Element Manager application provides support for the following:
At the network level, the application is capable of transferring configuration and/or software images to multiple systems simultaneously in advance to performing software upgrades.
The Web Element Manager supports the configuration of all parameters required to perform software upgrades including:
The Web Element Manager further simplifies the software upgrade process by providing tools for managing system configuration files:
Back-up Tool: Enables the Web Element Manager to transfer a copy of the configuration file currently being used by a managed system at user-defined intervals. Files are transferred to the host server in a specific directory. The number of files to retain in the directory is also configurable. This tool provides a useful mechanism for testing configurations and/or quickly restoring a last-known-good configuration in the event of an error.
Compare Tool: Provides a powerful tool for comparing the configuration files of two managed systems. Once the two files are specified, a dialog appears displaying the two documents side-by-side. Line numbers are added for convenience. Text additions, modifications, and deletions are displayed in different colors for easy recognition. This tool can be useful on its own to determine variations between multiple iterations of the same configuration file, or, when used in conjunction with the Back-up tool, it can provide an audit trail of configuration changes that occurred during system operation.
 
Accounting Management
Accounting management operations allow users to examine and perform post-process statistical analysis on systems managed by the Web Element Manager application.
The type of statistics used for element management-based accounting are called bulk statistics. Bulk statistics are grouped into categories called schemas and are polled by the system at fixed polling intervals and then transferred to the Web Element Manager at a different transfer intervals (defined in minutes).
Once the Web Element Manager server application, called the receiver, has received bulk statistics files from the managed system, these files are parsed and added to the PostgreSQL database. This database is updated as new files are received.
The Web Element Manager’s accounting management functionality is compliant with TS 32.401, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Performance Management (PM); Concept and requirements and allows you to:
 
Performance Management
Performance management operations supported by the Web Element Manager allow users to examine and perform real-time statistical analysis on systems managed by the application as well as on the server on which the application is running.
Information pertaining to various aspects of the Web Element Manager (CPU and memory utilization, disk space, and process status) and its managed systems (hardware, protocols, software subsystems, and subscribers) is collected in real time and is displayed in tabular format. Alternatively, most of the information can be graphed as a function of time in either line or bar-chart format. Multiple statistics can be graphed simultaneously for quick comparison of data.
In addition to collecting and providing mechanisms for the real-time viewing of statistical information, the Web Element Manager provides useful monitoring tools similar to those found in the CLI. These tools can be used to monitor active subscriber sessions, protocol flows, and port information. Data collected during this monitor operation can be saved to the client machine for further analysis.
 
Security Management
Security management pertains to the operations related to management users. This includes both Web Element Manager application users and local management users who are configured on the ST16/ST40. In many cases, management users can be allowed access to both the system (via its CLI) and the application. It is possible for both management user accounts to share the same username and password.
The security management features of the Web Element Manager allow you to:
Regardless of the administrative user type (ST16/ST40 or application-level), there are four levels of management user privileges:
Inspector: Inspectors are limited to a small number of read-only Exec Mode commands.The bulk of these are “show” commands giving the inspector the ability to view a variety of statistics and conditions. The Inspector cannot execute show configuration commands and do not have the privilege to enter the Config Mode.
Operator: Operators have read-only privileges to a larger subset of the Exec Mode commands. They can execute all commands that are part of the inspector mode, plus some system monitoring, statistic, and fault management functions. Operators do not have the ability to enter the Config Mode.
Administrator: Administrators have read-write privileges and can execute any command throughout the CLI except for a few security-related commands that can only be configured by Security Administrators. Administrators can configure or modify the system and are able to execute all system commands, including those available to the Operators and Inspectors.
Security Administrator: Security Administrators have read-write privileges and can execute all CLI commands including those available to Administrators, Operators, and Inspectors.
Provide authentication and privilege restoration based on the login information entered by administrative users.
The audit trail functionality supports the configuration of filters defining the type of operations to audit and also provides a dialog for performing the audit in real-time.
Audit trail results are stored in the PostgreSQL database for later retrieval and analysis.
The new Network Audit Tool functionality in WEM supports the on-demand or periodic auditing of IMG configuration attributes such as PPP MRU, Auth Sequence, Bulkstats Schema Needs Update, etc.
 
ANSI T1.276 Compliance
The WEM supports ANSI standard T1.276, providing a set of baseline security features to help mitigate security risks in the management of telecommunication networks. New users will be sent a randomly generated password automatically, and will be prompted to provide a new password upon first login. New passwords must meet strict requirements to comply with the ANSI standard:
Users will also be required to change passwords after a configurable number of days, and will be barred from reusing the same password for a configurable number of password change cycles. Too many failed login attempts will result in an account lockout, which may be removed either by an administrator or by waiting for a defined period of time to elapse.
 
WEM Process Monitor
The Process Monitor (PSMon) is a Perl script that monitors the status of processes pertaining to the WEM application.
The script is a plain text Apache-style configuration file that allows the user to define a set of rules. These rules describe what processes should always be running on the system, any limitations on concurrent instances, Time-To-Live (TTL), and maximum CPU/memory usage of processes. It can be run as a stand alone program or a fully functional background daemon.
PSMon scans the UNIX process table and, using the set of defined rules, will re-spawn any dead processes, and/or slay or “deal with” any aggressive or illegal processes. The number of retries and time interval the PSMon scans the table is configurable meaning that it will never try to start the process if 'number of retries' exceeds in given time interval.
PSMon logs events to syslog and to a log file and is equipped with customizable e-mail notification facilities.
 
Bulk Statistics Server
The Bulk Statistics Server process is responsible for collecting and processing all bulk statistic-related information from the system as part of the WEM’s accounting management functionality.
The Bulk Statistics Server parses collected statistics and stores the information in the PostgreSQL database. If XML file generation and transfer is required, this element generates the XML output and can send it to a Northbound NMS or an alternate bulk statistics server for further processing.
Additionally, if archiving of the collected statistics is desired, the Bulk Statistics server writes the files to an alternative directory on the server. A specific directory can be configured by the administrative user or the default directory can be used. Regardless, the directory can be on a local filesystem or on an NFS-mounted filesystem on the WEM server.
 
Script Server
The WEM supports the ability to configure the properties for alarms. One of the properties that can be configured is specifying a script that can be executed upon receipt of that alarm. The Script Server process is responsible for executing the specified script.
Upon receipt of the alarm, the WEM Server FCAPS Support function passes the name of the script to execute and the trap logged time to the Script Server. An acknowledgement is sent and the script is executed by the Script Server. In the event, an error is experienced while executing the script, the Script Server generates an SNMP trap.
 
PostgreSQL Database Server
The PostgreSQL Database consists of multiple databases maintaining information pertaining to the following WEM functions:
Configuration: This database contains tables which maintain configuration information for user details, topology for maps and manageable systems.
Trap: This database contains tables which maintain SNMP trap configuration information and all the received SNMP traps.
MIB: This database contains all the information required to translate SNMP Object identifiers to proper MIB names and their types as given in the MIB file.
Audit Trail: This database contains table that maintains the configuration trail including the following:
Bulk Statistics: This database contains various tables containing counter values periodically received from the system via the File Transfer Protocol (FTP).
 
WEM Logger
The WEM application generates and stores logs pertaining to server installation and operation. The logs can be stored locally or to another server. In addition, the WEM provides enhanced logging functionality for customizing log output and log files.
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883