We love containers. We use them for managing all of our infrastructure. Currently transitioning from OpenVZ to LXC and have hit some roadblocks trying to nest containers (Docker in LXC.) For the time being, the least complicated workaround is to use full virtualization, which requires additional CPU, RAM, and disk space. Solutions like boot2docker help with these, but current install scripts have dependencies on many other programs. Docker Compose should be able to install UNMS without the complex scripts, which would improve performance both on VM platforms and for low powered hardware.
Now that UNMS exists, isn't it the perfect place to allow the storage and interrogation and onwards export of DPI data?
We are a not for profit organisation building networks for other non-profits. Visibility into the usage of the networks could make a big impact in reporting to funding bodies.
I'd like the endpoints and/or devices to show their connectivity (if any)
I think there are probably 2 primary uses (and they might mix) for UNMS.
1) wISP type use, where each device has connectivity to 1 or more other devices. In this case, all connectivity between devices should be shown.
-also, most wISPs either have or want a ring/multipath network, so UNMS should visually indicate the primary and if possible, the secondary routes off each device. For secondary, just pull the next-best metric from routing table or OSPF etc. On the map, it should look like small roads for access, and highways for default and secondary routes.
This is espessially important to monitor because it can be hard to identify when a main path is down without 'remembering' that router_25 is a main backhaul etc.
2) Multi-site IT managed networks. These sites might not have 'hard' lines between all devices because the various sites might me stand-alone or VPN connected. I suggest if there is a VPN between locations, there be a link to a 'cloud' icon for these to symolize VPN connectivity. If they are stand-alone, then no topology needs to be shown.
We would like the ability to have UNMS managed equipment automatically out of the box point to the UNMS server. This can be something like a DHCP option or a DNS entry -- similar to Unifi Controller operation for access points.
The abilitly to make single-line to multi-line configuration changes in bulk. Selecting specific devices or all of certain type.
We currenty have 50 deployed across the US and the ability to make a DNS, firewall, ip, etc. change in one swoop or defined "roll-out period" would be great.
Need a Dashboard with 2 main areas. One for a heads up of general info, like throughput on an interface on a selected edge router, max use clients etc.
Then another section showing current outages. The log is cumbersome, a dashboard that refreshes is much nicer.
Would be nice to consolidate logs covering failed external connection attempts in order to block them for all routers after a limit exceeds.
I saw ip and port scanners and connect scripts that tried to break in into a range of ips trying ranges of ports and a list of passwords or exploits. On a single router it's hard to classify one source IP address as problematic. But if several routers monitor this behavior from outside, blocking such attempts is much more precise and will reduce false positives significantly.
'up/no error' devices should be on a lower visual layer than issues. If a device/site has an issue, then not only sould it turn orange or red, but it should also come to the top. Currently, the devices/sites are just a baloon pin and service issues can be covered (and are many times in the demo) making it less visually obvious that there is an issue.
Also, there should be come color coding. RED should only be for outage. yellow and orange for other issues like ram or cpu utilization, or interface over threshold.
Can you add in-depth reporting for uptime stats, usage, etc. or give the admin a dashboard where he/she can create these types of reports from just selected fields? I can see where this could be useful in providing all types of reports like SLA, etc.
Would it be possible to add the ability to bind to LDAP, Active Directory, etc. for authentication instead of having all users be local users? Groups from within the authentication realm could dictate the privilege level of the user such as read only, admin, etc.
- UBNT-Jindrich on: Pure Docker Deployment
New Statistic Temperutur
- reverend on: Bandwidth Usage
Two Factor Authentica
- UBNT-Jindrich on: UNMS In-App Upgrade
- UBNT-Jindrich on: SNMP v2 v3 Support For Non UBNT Devices
- UBNT-Jindrich on: dashboard