Wednesday, March 15, 2017

MIMIC NetFlow Simulator drives ELK flow analyzer

Now you too can customize your ELK-based flow analysis by running through
many hard-to-reproduce scenarios with MIMIC NetFlow Simulator.

In the attached screenshot, we created a spike in an otherwise normal traffic
pattern on-demand on a simulated device in MIMIC, to see how the analyzer
treated it.

Kibana shows regular traffic except for the periods where we artificially
created traffic spikes. Any of the dimensions in the traffic matrix can be
manipulated at will.

Friday, March 10, 2017

Simulated sensors publishing to mqtt-spy

We are simulating 100 sensors with MIMIC MQTT Simulator publishing JSON
payloads through to mqtt-spy .

Thursday, February 23, 2017

Vehicle fleet simulation with MIMIC MQTT Simulator

Simulated vehicles are publishing GPS coordinates via MQTT in real-time to
the Losant IoT platform, and the dashboard is tracking their movements
in real-time.

This 2-minute video was setup in a couple of hours. Each vehicle simulation
is independent from the others, moves along its own route, at its own speed.

With MIMIC MQTT Simulator you can create large-scale IoT environments
with upwards of 100,000 static and/or moving sensors/vehicles to test your
IoT application.

Tuesday, February 21, 2017

Publically accessible simulated SNMP agent for Cisco 7513

We have a simulated Cisco 7513 device available for you to test your
SNMPv1, v2c or v3 application.

You can access it using the address .
Feel free to point your application to it.

Here are some examples on how to access it:

% snmpwalk -v 2c -c public system
SNMPv2-MIB::sysDescr.0 = STRING: Cisco Internetwork Operating System Software ..IOS (tm) RSP Software (RSP-JSV56I-M), Version 12.1(7), RELEASE SOFTWARE (fc1)..Copyright (c) 1986-2001 by cisco Systems, Inc...Compiled Fri 23-Feb-01 05:14 by kellythw
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.46
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3651511261) 422 days, 15:05:12.61
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: cisco-7513
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00

It implements the following SNMPv3 authentication/privacy parameters:
% snmpget -v3 -uuser1 -lnoAuthNoPriv sysDescr.0
% snmpget -v3 -uuser2 -lauthNoPriv -aMD5 -A1234567890abcdef sysDescr.0
% snmpget -v3 -uuser3 -lauthNoPriv -aSHA -A1234567890abcdef sysDescr.0
% snmpget -v3 -uuser4 -lauthPriv -aMD5 -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser5 -lauthPriv -aSHA -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser6 -lauthPriv -aMD5 -A1234567890abcdef -xAES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser7 -lauthPriv -aSHA -A1234567890abcdef -xAES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext11 -uuser11 -lnoAuthNoPriv sysDescr.0
% snmpget -v3 -ncontext12 -uuser12 -lauthNoPriv -aMD5 -A1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext13 -uuser13 -lauthNoPriv -aSHA -A1234567890abcdef  sysDescr.0
% snmpget -v3 -ncontext14 -uuser14 -lauthPriv -aMD5 -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext15 -uuser15 -lauthPriv -aSHA -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0

Monday, January 23, 2017

How is a commercial SNMP simulator different from a free SNMP simulator?

In a previous post we have detailed the tradeoffs of building your own SNMP
simulator. In the end it comes down to return on investment (ROI): do you
want to spend time and effort (thus $$$) on something that is not your core

In this post we lay out the technical reasons to choose a commercial
solution like MIMIC SNMP Simulator   over a free, open-source version if you
want to simulate more than a the simplest scenario on more than a small
scale (a few dozen devices):

1. performance: in order to perform adequately, a simulation has to satisfy
the equation

 power (simulator) >= power (management application)

that is, the simulator has to be at least as powerful as the management
side. For example, if the management app runs on a 32 CPU server (or
multiple servers) and the simulator on only a single CPU server, then
your response time is guaranteed to suffer under high load.

But, even if you have a powerful server on the simulator side, open
source solutions will likely not use that power. They are single-threaded,
running all your simulated devices in a single thread, regardless of the
power of your server. A good commercial solution will use all the CPU
power of the machine to handle the required performance. In addition,
it will scale up with the CPUs / memory.

MIMIC Simulator is designed to be highly scalable, and openly publishes
its performance results.

2. customizable responses: in the real world each device returns unique
values for MIB objects. For a simplest example, the sysDescr may be
the same for 2 devices of the same type, but sysName will likely have
different values. Similarly, topology or chassis objects and performance
counters will all have unique values. A commercial simulator will allow
you to easily customize the values for each of the device instances in
your simulation. This allows configuring large topologies such as in
in this post.

3. run-time changes to values: 10% of a devices instrumentation is
static, ie. the vast majority of the MIB object instances will change
value over time. Even further, MIB object instances in tables will appear
and disappear. For example, the interface statistics are highly dynamic,
and log table entries rotate.

A good simulator will allow for a highly dynamic simulation that changes
from one second to another to re-create whatever scenario you require.
Not only that, but those scenarios should be easily reproducible so that
you can implement regression testing.

4. multiple management protocols: in modern environments, SNMP
does not operate in a vacuum to manage your environment, but is just part
of a group of protocols like NetFlow, sFlow, command line interfaces (CLI)
such as IOS and JUNOS, Web Services like REST, SOAP, Redfish, etc.
If your management application uses any of these in conjunction with
SNMP then your simulator should too.

Not only should will a good simulator support the protocols you require,
but the view through any of these protocols should be consistent with each
other. For example, if the NetFlow flows show high bandwidth utilization
for an interface on a router, so should the SNMP counters.

5. record your environment: since it is likely that you'll want to
simulate a real-world environment that you are interested in, recording
that network and importing it into the simulation should be easy.

A good simulator will have a facility to take a snapshot of a real-world
network and create a facsimile without much effort, similar to MIMIC's
Discovery Wizard. Alternatively, you should be able to add onto a simulation,
for example like MIMIC's Topology Wizard.

6. APIs in your favorite language: in addition to a user-friendly GUI
to customize your simulation, a good simulator will have a variety of
language bindings to control the simulator. Since everyone has their
favorite language, the simulator should not force you to become proficient
in one you don't use. MIMIC has Java, Python, PHP, Perl, Tcl and C++
bindings to its API. In fact, the MIMICview GUI is open-source, and it's
PHP implementation is available on Sourceforge.

7. robustness: finally, a simulator should be stable and not crash.
MIMIC Simulator has been deployed in a 24/7 cloud-based CCNA training
appliance for more than 10 years serving thousands of customers.
Add in programmability, it should be good enough that it is invisible, like in
online virtual sales appliances like Cisco's dCloud.

Training on HPE NNMi for your Devops

What you want in a training environment is an on-demand, predictable
scenario that addresses issues faced in your production network, and
allow experimentation without impacting that network.

With the advent of ubiquitous virtual machines (VMs) and network
simulation, training labs can be provisioned cost-effectively by
implementing virtual training appliances on either public or private
clouds. Bundling the management app and MIMIC Simulator on a VM image,
allows the training organization to instantiate as many training labs
as needed at any point in time, and for the trainee to access the
training environment over the Internet whenever and as long as needed.
Realistic self-service training sessions can be provisioned automatically.

With a simulator you can setup any kind of topology such as

to illustrate routing and switching concepts.

For example, in this scenario we have simulated a network of 250 SNMP agents
with MIMIC SNMP Simulator which was discovered by HPE Network Node Manager.
MIMIC simulated devices from different vendors and types in addition
to runtime-customized interconnecting MIB data.

In the following images you can see that NNMi has discovered all the
devices and is displaying a nice topology of various routers and switches.
You can drill down and see the detailed device configuration.

You can also see that it is polling and graphing counters at real-time and they
are increasing at a predictable rate set by MIMIC Simulator. It is very easy to
create customized variations in counters using the MIMIC GUI or a batch script.
In training scenarios, the user usually does not even know that a simulator
is running behind the scenes.

Friday, December 16, 2016

IoT Sensors Need to be Managed

In order to be adopted, the components of the Internet of Things must be
manageable and managed, according to this Gartner report .
Specially in light of the revelations of vulnerabilities in commercial
networking equipment, such as the recent CERT advisory regarding Netgear
routers, CIOs are going to be hesitant of adding to the exposure to hackers
with this new class of networked gadgets.

Whether the sensors themselves have management interfaces, or the
network infrastructure (edge gateways, wireless access points, ...), the IoT
environment consists not just of the data plane, but must consider the
management plane.

MIMIC IoT Simulator provides a comprehensive, integrated framework for
simulating large IoT environments by providing common network
management APIs to simulated devices, such as SNMP, command line
interfaces (CLI), Web services, NetFlow, etc.  By combining the required
interfaces into your simulation you can exercise your management
plane for intrusion detection, fault and performance monitoring while
generating desired payloads to your IoT platform for large data analytics
and anomaly detection.

From original post