About OPTOSS Plus
Opt/Net presents OPTOSS - (near real-time Operator Time Optimized decision Support System for complex ICT infrastructures). OPTOSS is 14 years old and became an indispensable tool for rapid data collection for audits and network infrastructure assessments.
OPTOSS Plus delivers top results through discovery and visualization of the very large-scale ICT installations and AI assisted anomaly detection and recognition. It provides:
- Accurate and up-to-date very large-scale network maps
- Exact IP address maps for used and configured networks
- Precise inventory of installed network assets
- Automatic configuration change tracking and archiving
- Automatic anomaly detection and recognition
- Automatic issue mitigation
Intuitive design of the tool and its ability to elevate up to the highest desired levels or get down to the port and card configurations empower operators and improve productivity and precision. When used for assessment of the infrastructures, OPTOSS Plus quickly finds the misconfiguration and omissions. Mistakes (e.g. duplicate IP address spaces, wrong IPs, missing links) and imperfections come into clear view from the first glance and even medium-skilled operators can detect hard-to-find issues in a fraction of the time that it would otherwise take an expert to find.
OPTOSS Plus really shines when it comes to the visualization and central archival point for the very large network event flows (i.e. Syslogs and SNMP alarms big data stores). It allows the operator to visualize and analyze current and historical events and alarms for current (near real-time) or past anomalous behaviors. Either in forensics analytics of incidents that happened in the past or in day-to-day operations support, the abnormal events are automatically detected and may be reacted upon by the operators and systems analysts.
OPTOSS Plus customizable and modular design is flexible and future-proof. In a very short time, the tool can be reoriented for support of new complex services and systems. Many versions of the software may run concurrently or arranged in a hierarchical distributed system if very large-scale performance is required.
OPTOSS-Plus is a professional commercial framework built on top of the free open source web-based end-to-end management framework NG-NetMS.
OPTOSS-Plus provides near real-time visibility of the networks and ITC infrastructures and interconnected computing resources on a large scale. It can therefore give service providers and telecom operators end-to-end visibility of the network services and assist with quick localization of the root causes of potential incidents and outages.
The main benefit of the OPTOSS-Plus tool is that it provides a central vantage point and end-to-end visibility into the cyber security aspects of large-scale ICT infrastructures.
The OPTOSS-Plus tool is a Linux application and is currently supported on Ubuntu 14.04 LTS operating system. It should be deployed alongside the free NG-NetMS open source tool. It may be deployed in cloud-based virtualized environments if a low system footprint is required and cost is of concern. But in order to support the very large-scale mission-critical environments, the recommended deployment will need dedicated server hardware in order to provide high performance and security. In this case, it will need a server platform with at least 4 cores and 32 Gbytes of RAM and at least 256 GB SSD and 2 TB of HD storage space.
OPTOSS-Plus connects to the network routers and retrieves most current network topology parameters and automatically monitors additions and deletions of the devices and network links between them.
It creates precise maps and is quick and efficient in collection of most complete information about the managed network’s inventory, topology, map of IP address space and most important, analysis of syslog events and SNMP alarms in near real-time or from historical archives.
NG-NetMS-Plus is an autonomous and dynamic system once it has been initiated and configured by the operator to locate the seed devices.
It consists of the following modules:
- Network audit and host polling modules
- Device specific plugin modules
- Central database
- Event collector modules
- Web GUI
- OPTOSS-Plus GUI (high performance)
- OPTOSS-Plus Profiler module
Operators perform initialization and basic configuration of NG-NetMS via Web GUI or OPTOSS-Plus system GUI. At this time, authentication methods for an entire managed domain should be configured and applied accordingly. Also, the active feedback loop via syslog or SNMP from all managed hosts should be established.
All network devices should be configured to send syslog and SNMP messages to the NG-NetMS platform via UDP or TCP network protocols, where these messages are received, processed and profiled by event collector modules in near real-time. All devices should have logging and authentication configuration settings necessary in order to be managed by OPTOSS suite.
In order to discover and conduct a complete in- ventory of the network infrastructure, NG-NetMS needs network topology information, which is created and maintained by the network routers. When networks and devices are configured or new de- vices are added, the infrastructure update cycle is triggered automatically via configuration in the rules.txt file. The device configuration is retrieved by NG-NetMS automatically, as soon as it receives notification that infrastructure has changed. Then, NG-NetMS would initiate the network audit cycle and will rediscover the entire network topology. The network discovery may be partial or complete, depending on the type of change that took place.
OPTOSS-Plus GUI works in tandem with Web GUI from the free NG-NetMS and provides access to inventory information and has reporting capabilities, sorting and filtering capabilities. It can handle thousands of devices at a time. Information such as system software version and inventory of network interfaces, IP addresses and hardware is presented quickly to the operator and could be sorted and filtered on demand, in addition to the number of reports, provided by the base package of NG-NetMS.
IPv4 address tree provides information about IP addresses used and names of the interfaces that used them.
All discovered nodes are continuously monitored and, periodically, an inventory of the complete network is taken. In real-time, all managed node events are accepted by collectors and stored in the central database for the sake of archiving and analysis.
On top of that, Web GUI from NG-NetMS provides analytics for all collected events. There are two kinds of analytics reports available: (I) Cumulative severity of events per origin; and (II) Cumulative severity of events per facility.
It is easy to detect top sources of important events on the network based on these high-level reports. Top sources could be investigated further once enough statistics becomes available through the historical and detailed event views.
The cumulative severity of the received messages may be plotted in near real-time with OPTOSS-Plus GUI. Historical analysis is also possible. OPTOSS-Plus is much more scalable, powerful and faster than its free counterpart. This graphical representation helps with interpretation of the largest network device activity and simplifies search for the root causes of different events in very large event databases.
After top sources are identified, the historical events view may be used for data analytics and search for the root causes of different events. Often, it helps with troubleshooting of different problems on the network and associated cloud services. It is particularly useful with detection of unauthorized tampering and for security monitoring. NG-NetMS-Plus provides parallel analysis of event flows for several devices and gives visual correlation clues.
Disclaimer: OPTOSS Plus is a scalable and modular tool and this is one of the reasons why it is offered for the visualisation of the largest networks and processes in them for most challenging projects. It is used in conjunction with the OPTOSS NG-NetMS, which provides the base for OPTOSS-Plus deployment. NG-NetMS is an open source project and is hosted on SourceForge but OPTOSS-Plus is proprietary software that is developed and marketed by OPT/NET BV. OPT/NET BV distributes NG-NetMS code under GPL3.0 license and OPTOSS Plus under commercial software license. This guarantees that NG-NetMS will benefit free software and research and education communities, while OPTOSS-Plus can still tackle the challenges of the most complex and largest environments as expected from high-grade commercial product. OPTOSS and NG-NetMS suites of products has been developed by OPT/NET BV under business incubation grant from European Space Agency (ESA) in SBIC Noordwijk. The commercial version product (OPTOSS Plus) relies on intellectual property developed by ESA in the area of advanced operations concepts. Opt/Net uses the ESA patens under R&D license agreement signed in 2014.