Best way to learn Ansible and the whole idea of automation is to start from the small playbooks and then grow big. If you first automate simple tasks, even those that may be easier and quicker to perform from the command line, you will learn how Ansible is working. Let’s say, we want to test if SNMP is responding on the remote host (we name it HostA). We will use SNMPv3 and authPriv security model. And of course, we want to write the Ansible playbook and run it on server HostNOC.
You can use Synology NAS products not only as file storage. The DSM system provides a broad spectrum of additional services via packages – either signed by Synology or provided by third-party communities – the SynoCommunity repository is the most known. The only limitation you have is your NAS hardware platform and its performance. I own DS211 model which reached its End of Sale status already. I run several network services like DNS server there, and I use it as remote storage for SMB and AFP shares as well as for iSCSI LUNs. It also provides some services for my home network and lab. One of them is RADIUS server.
I want to show you how you can use the Synology products as RADIUS server which will use LDAP database for user authentication. This way local accounts that I use for network shares authentication remains separated from any additional accounts dedicated to RADIUS service. Both RADIUS and LDAP runs on the NAS itself.
Now it is time to create Lambda functions for our small state machine. The first one will fetch version stored in S3 bucket object; the second function will get it from firewall using REST API. Then we will pass the collected values to the third function. With AWS Step Functions it is very easy to achieve!
In the previous post, I told you that it is not possible to update State Machine configuration once you create it. I prefer an approach like in API Gateway where you have stages of the same project, but Amazon for some reason did not follow this way. So if you want to deploy a new version of your Step Functions project you need to delete old and create new State Machine. Using the GUI interface is not efficient in a long term, you can do this much easier using AWS CLI.
AWS has many great tools and products that may simplify your task. In day to day work, no matter if you are networks engineer, software administrator or have a different role in your organization you will perform small repetitive tasks to complete the bigger project. Writing a long, complex scripts or programs is a solution, but it is flexible? Step Functions is a good option in such cases.
Good programming rule is to create small functions to complete small chunk of work and then pass it on another one. So instead of writing one script that will log into 100 devices to fetch firmware version you create a small function that does it for one device and then you call it in a loop in other function passing the new IP as an argument. That is exactly what AWS Step Functions are meant for. Using this service you can create a flow of small tasks, each dependent on other if required, to complete bigger work. Let me show you the basics and how you can use it.
Microsoft Operations Management Suite is nice, and in some cases free, tool to manage and search through logs. But it’s dedicated to Windows and Linux operating systems by default. In many environments, especially those most secure ones, huge amount of logs are generated by network devices. Firewalls placed on the edge between Internet and DMZ zone quite often are set up to log all denied connections. Those firewalls can produce significant volume of logs that need to be searched and analyzed. Microsoft Operations Management Suite seems to be perfect tool for that but there is no native support of such feature. But we can implement this doing small workaround. Let’s look how to add network device to Microsoft Operations Management Suite using syslog.
Collecting and processing logs from all systems and network devices can be a nightmare for any systems admin. Searching through them and performing security audits can be a nightmare for security team if collector engine is not powerful enough to process queries in efficient time. Microsoft Operations Management Suite is interesting solution to answer both those problems and add much more analysis giving administrators visibility and control across on-premise and cloud installations.
Microsoft Operations Management Suite runs in Azure which means it’s extremely fast in processing the data. Millions of records are not problem for OMS so we can get Insights and Analytics of what is happening on our servers or workstations, detect and respond to threads or apply proper protection or even put in place some automation in controlling. It’s quick to setup and for many users it can be for free!