Kirsten,
I would recommend this type of solution:
1. At EACH customer install an "Attended Distributed NetView".
- an NT NetView 5.1
- install on the SAME box the NT MLM 5.1 product
2. From your central NetView box you can push out the ovsnmp.conf, so
you are maintaining
only one set of community strings from a central location.
3. You did not say how many interfaces you were managing total.
Depending on that number
I would put the entire customer's network into the
mlmDomain_xxxxxxxxxxxx collection
so that the NT MLM would be polling the nodes for that customer.
This is not necessary,
but opens the door for them to use other NetView functions on
"their" nodes.
4. Assumption: each customer should NOT be routed to one another as
additional safety.
Since they would be MIB browsing from a box in their network, they should
never see any other customer devices
since there are no routes and probably other firewalls between customer X
and customer Y.
>
> Date: Thu, 3 Sep 1998 12:33:36 +0100
> From: "Kirsten S, Campbell" <Kirsten.Campbell@NAUTEC.CWPLC.COM>
> Subject: MIB Browsing vis WEB browser (NV AIX V5)
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
>
> We need to allow our customers access to the MIB browsing via the WEB
> interface of Netview V5, but ONLY to their part of the network.
> Unfortunately Netview will allow ANY user to MIB browse any router as
long
> as you know the IP address (at least that is what I have seen in V5,
don't
> know about V5.1) and it will even provide the Community name for the
> router.
> Is there any way of restricting the access by using an IP-addressing
> range/list?? , in Netview or in Tivoli???
> Or are there any alternative solutions ?? (apart from setting up a MLM or
> Netview NT in the customers network).
>
>Most grateful for any replies.
>
>Kirsten Campbell
>Project Manager - Cable & Wireless Nautec, UK
|