Wednesday, May 31, 2017

British Airways loses business due to IT failure

In light of the British Airways IT disaster, we can illustrate the failure
of updating your IT system. Not only are revenues affected from a disruption
of operations, the stock price drops are proportional to the loss of trust in
your brand.

When it happens to you, how much will it cost you?

Mission-critical IT systems require testing your power failure cut-over and
other disastrous scenarios in advance. The IT staff needs to be familiar with
the network topologies and configurations so they are prepared for any such
conditions. This is where SNMP simulation is designed to reproduce disaster
scenarios to exercise your network management environment custom policies.

MIMIC Simulator is designed for disaster preparedness. MIMIC's device
recording and simulation capabilities help to create a replica of the production
network. This virtual lab can then be used to practice disaster scenarios and
recovery procedures without affecting the production network. With MIMIC, users
can easily remove a part of the network, shutdown major routers, simulate cut
cables, increase/decrease the traffic or generate trap storms. In this way, they
can experience how their management applications react to such conditions and
practice how to respond. The participants can gain real-world experience in
disaster response.

Are you completely prepared for the disasters? If not, take a look at MIMIC

Monday, May 8, 2017

Simulated VOIP NetFlow flows visualized with Kibana

When you have many branch offices with a VOIP telephone system, such
as any brick-and-mortar retailer, bank, or multi-national company,
you will have a monitoring system, likely based on NetFlow, to assure
smooth operations.

This system likely will require a lot of customization to fit into your
IT system. Thus, you will require development, testing and training of
these customizations.

This use-case documents the use of an ELK-based flow-monitoring solution
to monitor VOIP traffic. Instead of affecting the production network, a
simulator in a lab can recreate your network without impacting operations.

Kibana is visualizing simulated VOIP traffic between many phones and
a PBX through CUCM as is common in banks, retailers, brokers or any
brick-and-mortar branch office where there are a lot of phones. Intensity
of traffic can be customized at will to test detection of usage patterns
and security risks.

MIMIC NetFlow Simulator is generating realistic VOIP flows from many
branch-office phones to some external "outside" phone numbers. By
tailoring the flows to your needs, you can verify that your monitoring
system is reacting as expected.

For example, you can have many phones with expected usage, and a small
set of high-traffic phones, and see if they are detected.

Wednesday, March 15, 2017

MIMIC NetFlow Simulator drives ELK flow analyzer

Now you too can customize your ELK-based flow analysis by running through
many hard-to-reproduce scenarios with MIMIC NetFlow Simulator.

In the attached screenshot, we created a spike in an otherwise normal traffic
pattern on-demand on a simulated device in MIMIC, to see how the analyzer
treated it.

Kibana shows regular traffic except for the periods where we artificially
created traffic spikes. Any of the dimensions in the traffic matrix can be
manipulated at will.

Friday, March 10, 2017

Simulated sensors publishing to mqtt-spy

We are simulating 100 sensors with MIMIC MQTT Simulator publishing JSON
payloads through to mqtt-spy .

Thursday, February 23, 2017

Vehicle fleet simulation with MIMIC MQTT Simulator

Simulated vehicles are publishing GPS coordinates via MQTT in real-time to
the Losant IoT platform, and the dashboard is tracking their movements
in real-time.

This 2-minute video was setup in a couple of hours. Each vehicle simulation
is independent from the others, moves along its own route, at its own speed.

With MIMIC MQTT Simulator you can create large-scale IoT environments
with upwards of 100,000 static and/or moving sensors/vehicles to test your
IoT application.

Tuesday, February 21, 2017

Publically accessible simulated SNMP agent for Cisco 7513

We have a simulated Cisco 7513 device available for you to test your
SNMPv1, v2c or v3 application.

You can access it using the address .
Feel free to point your application to it.

Here are some examples on how to access it:

% snmpwalk -v 2c -c public system
SNMPv2-MIB::sysDescr.0 = STRING: Cisco Internetwork Operating System Software ..IOS (tm) RSP Software (RSP-JSV56I-M), Version 12.1(7), RELEASE SOFTWARE (fc1)..Copyright (c) 1986-2001 by cisco Systems, Inc...Compiled Fri 23-Feb-01 05:14 by kellythw
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.46
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3651511261) 422 days, 15:05:12.61
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: cisco-7513
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00

It implements the following SNMPv3 authentication/privacy parameters:
% snmpget -v3 -uuser1 -lnoAuthNoPriv sysDescr.0
% snmpget -v3 -uuser2 -lauthNoPriv -aMD5 -A1234567890abcdef sysDescr.0
% snmpget -v3 -uuser3 -lauthNoPriv -aSHA -A1234567890abcdef sysDescr.0
% snmpget -v3 -uuser4 -lauthPriv -aMD5 -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser5 -lauthPriv -aSHA -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser6 -lauthPriv -aMD5 -A1234567890abcdef -xAES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -uuser7 -lauthPriv -aSHA -A1234567890abcdef -xAES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext11 -uuser11 -lnoAuthNoPriv sysDescr.0
% snmpget -v3 -ncontext12 -uuser12 -lauthNoPriv -aMD5 -A1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext13 -uuser13 -lauthNoPriv -aSHA -A1234567890abcdef  sysDescr.0
% snmpget -v3 -ncontext14 -uuser14 -lauthPriv -aMD5 -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0
% snmpget -v3 -ncontext15 -uuser15 -lauthPriv -aSHA -A1234567890abcdef -xDES -X 1234567890abcdef sysDescr.0

Monday, January 23, 2017

How is a commercial SNMP simulator different from a free SNMP simulator?

In a previous post we have detailed the tradeoffs of building your own SNMP
simulator. In the end it comes down to return on investment (ROI): do you
want to spend time and effort (thus $$$) on something that is not your core

In this post we lay out the technical reasons to choose a commercial
solution like MIMIC SNMP Simulator   over a free, open-source version if you
want to simulate more than a the simplest scenario on more than a small
scale (a few dozen devices):

1. performance: in order to perform adequately, a simulation has to satisfy
the equation

 power (simulator) >= power (management application)

that is, the simulator has to be at least as powerful as the management
side. For example, if the management app runs on a 32 CPU server (or
multiple servers) and the simulator on only a single CPU server, then
your response time is guaranteed to suffer under high load.

But, even if you have a powerful server on the simulator side, open
source solutions will likely not use that power. They are single-threaded,
running all your simulated devices in a single thread, regardless of the
power of your server. A good commercial solution will use all the CPU
power of the machine to handle the required performance. In addition,
it will scale up with the CPUs / memory.

MIMIC Simulator is designed to be highly scalable, and openly publishes
its performance results.

2. customizable responses: in the real world each device returns unique
values for MIB objects. For a simplest example, the sysDescr may be
the same for 2 devices of the same type, but sysName will likely have
different values. Similarly, topology or chassis objects and performance
counters will all have unique values. A commercial simulator will allow
you to easily customize the values for each of the device instances in
your simulation. This allows configuring large topologies such as in
in this post.

3. run-time changes to values: 10% of a devices instrumentation is
static, ie. the vast majority of the MIB object instances will change
value over time. Even further, MIB object instances in tables will appear
and disappear. For example, the interface statistics are highly dynamic,
and log table entries rotate.

A good simulator will allow for a highly dynamic simulation that changes
from one second to another to re-create whatever scenario you require.
Not only that, but those scenarios should be easily reproducible so that
you can implement regression testing.

4. multiple management protocols: in modern environments, SNMP
does not operate in a vacuum to manage your environment, but is just part
of a group of protocols like NetFlow, sFlow, command line interfaces (CLI)
such as IOS and JUNOS, Web Services like REST, SOAP, Redfish, etc.
If your management application uses any of these in conjunction with
SNMP then your simulator should too.

Not only should will a good simulator support the protocols you require,
but the view through any of these protocols should be consistent with each
other. For example, if the NetFlow flows show high bandwidth utilization
for an interface on a router, so should the SNMP counters.

5. record your environment: since it is likely that you'll want to
simulate a real-world environment that you are interested in, recording
that network and importing it into the simulation should be easy.

A good simulator will have a facility to take a snapshot of a real-world
network and create a facsimile without much effort, similar to MIMIC's
Discovery Wizard. Alternatively, you should be able to add onto a simulation,
for example like MIMIC's Topology Wizard.

6. APIs in your favorite language: in addition to a user-friendly GUI
to customize your simulation, a good simulator will have a variety of
language bindings to control the simulator. Since everyone has their
favorite language, the simulator should not force you to become proficient
in one you don't use. MIMIC has Java, Python, PHP, Perl, Tcl and C++
bindings to its API. In fact, the MIMICview GUI is open-source, and it's
PHP implementation is available on Sourceforge.

7. robustness: finally, a simulator should be stable and not crash.
MIMIC Simulator has been deployed in a 24/7 cloud-based CCNA training
appliance for more than 10 years serving thousands of customers.
Add in programmability, it should be good enough that it is invisible, like in
online virtual sales appliances like Cisco's dCloud.