6 EMS Features
This chapter describes features associated with EAGLE Element Management System (EMS).
6.1 Command Manager Interface Enhancements (EMS 40.0)
- CMI Administration
EMS Users must log in to the CMI with a user name and password in order to use the Command Manager Interface. EMS Users using the CMI can be designated as CMI Administrators. A CMI Administrator is defined to have access to all CMI functions and EAGLE 5 ISS commands supported by the Command Manager Interface. EMS Users who belong to the NetBoss Administrator group are automatically designated as CMI Administrators.
To accomplish this access control the following enhancements have been added to the CMI.- CMI User Groups
CMI Administrators define "User Groups" that are associated with subsets of CMI functions and EAGLE 5 ISS commands. CMI Administrators then associate each EMS User with a particular User Group according to the roles and appropriate access rights for that EMS User. The Command Manger Interface ensures that EMS Users only use the commands and functions associated with that User Group.
- EAGLE 5 ISS Command Access Control
EMS Users are only permitted to use EAGLE 5 ISS commands that they have been specifically authorized to use (according to CMI User Group). CMI Administrators can define CMI Command Classes, which contain subsets of EAGLE 5 ISS commands. These, in addition to the standard EAGLE 5 ISS Command classes, are associated with CMI User Groups in order to control the EAGLE 5 ISS commands to which an EMS User has access.
Before sending a command to an EAGLE 5 ISS for execution or saving a command in a CMI command script, the Command Manager Interface ensures that the EMS User is authorized to use that command.
- CMI Function Access Control
EMS Users are only permitted to use the CMI functions that they have been specifically authorized to use (according to CMI User Group). CMI functions include the following:
- Sending commands
- Managing CMI command scripts
- Defining Categories of CMI command scripts
- Scheduling CMI command script execution and viewing the results
- Viewing logs of CMI activities
- Performing CMI Administrator tasks
- CMI User Groups
- CMI Command Completion and Selection
When menus are used to build EAGLE 5 ISS commands, only the permitted commands will be presented. EMS Users can further refine the list of commands that are presented by selecting a command class, causing only the commands belonging to that command class to be listed.
Additionally, a command "search" capability is provided that facilitates quick selection of a desired EAGLE 5 ISS command. The EMS User begins typing the name of the command and the Command Manger Interface will provide the command that most closely matches the characters as they are typed.
Once a command is selected, the EMS User can "Get Parameters", which causes the Command Manager Interface to present the parameters defined for that command. Parameter values can be selected from drop-down lists by selecting the first character of the desired value.
- CMI Parameter Save
The Command Manager Interface stores the most-recent 20 EAGLE commands built during an EMS User session. On request, the most recently used commands and parameter values are presented in order to expedite the entry of similar commands.
- CMI Free Command Edit
In addition to building EAGLE 5 ISS commands using menus, EMS Users have the option of entering the command directly. The Command Manager Interface ensures that the EMS User is a member of a User Group that was authorized to use this command before sending it to a EAGLE 5 ISS or saving the CMI command script that contains the command.
- EAGLE 5 ISS Release 40.0 Command Set Support
The Command Manager Interface supports all of the commands defined for the EAGLE 5 ISS Release 40.0 except for those belonging to the EAGLE 5 ISS "debug" command class, those commands requiring a password, and the logout command.
- CMI Support for Multiple Eagles
EMS Users have the ability to login on multiple EAGLE systems and send a command to all of those systems.
- CMI Command Script Enhancements
EMS Users can define categories to classify their CMI command scripts and assign their own scripts to those categories. CMI Administrators can view, modify, delete, and schedule the execution of CMI command scripts created by all EMS Users. EMS Users who are not CMI Administrators can only access their own CMI command scripts.
- Password Management
EMS Users must log in to the CMI using a user name and password. Both CMI Administrators and EMS Users can change that password.
6.2 Command Manager Interface (EMS 43.0)
The Command Manager Interface provides access to EAGLE 5 commands and parameters.
Password Security
- Password Composition Management
Password security is strengthened by making the user password more complex. Rules can be configured to ensure user password complexity. Enforcement of password composition constraints on CMI users is configurable.
Also provided is restricting the number of previously used passwords for a user that cannot be reused as new passwords and configuration of a minimum password change interval for CMI users.
- Password Change Management
Password expiration aging and notification are configurable.
- Login Restrictions Management
These enhancements are provided to manage user-account information.
- When a user password has been set/reset, the user will be required to change password to continue login to the CMI.
- The maximum permissible number of wrong login attempts that can be made by a CMI user is now configurable. The user account exceeding the attempts will be locked. A user whose account has been locked will not be allowed to login to the CMI and an attempt to do so will result in an error message.
- A maximum permissible inactivity period (in minutes) after which user will be logged out of the CMI is now configurable. The logged-out user will be allowed to login again immediately to the CMI.
- CMI Administrators can now configure whether or not multiple users can log into the CMI using the same user name.
- CMI Administrators can now revoke a user's login rights (except NetBoss Administrators and CMI users that are not associated with any usergroup).
- User account information (such as status of a user (revoked/locked/expired), number of unsuccessful login attempts, number of wrong login attempts, last successful login date and log-out time) is maintained by the CMI.
- User Account Recovery
CMI Administrators can now reactivate a user account that was locked or revoked.
- CMI Activity Logging
All configuration changes and security events resulting from the enforcement of the security enhancements provided in Release 43.0 will be logged by the CMI.
Script Results Enhancements
This enhancement provides the CMI user a better experience in viewing the results of command and script executions.execution and management of script results. This enhancement on the CMI It is being implemented as an extension to the existing CMI Send Command and Execute Script functions.including resultant file management.
For these enhancements, the most recent 5000 lines of results are presented on the Execute Script and Send Command pages on the respective Results panes.
With this enhancement, the most recent 5000 lines of results are presented on the Send Command page in the Results pane. The most recent 1500 lines of ad-hoc script execution results are presented on the Execute Script page on the Results pane.
In addition, a separate new browser window is provided where the user is able to view command and script execution result data. The new browser window pane will display up to 500,000 lines of the most recent results.
In addition, new browser windows are provided, in which the user can view command and script-execution result data. For the command results, the new browser window will display up to 500,000 lines of the most recent results for commands sent during the current User session. For script results, the new browser window will display up to 500,000 lines of results from the most recent script execution, whether that script execution was scheduled or ad-hoc.
In the case of script results, this window will display the results of the most recent Execute Script (either scheduled or ad-hoc execution). Each ad-hoc and scheduled execution of a command script will replace the previous result data stored in the corresponding result file with the new execution result data.
In the case of Send Command results, this window will display the most recent results of all of the commands run in the current login session - up to 500,000 lines.
Add History To Search Command Box
This enhancement to the existing Search Command functionality, in the Build Commands pane of the Send Command/Create Script/Modify Script pages, enables a user to view the latest 20 command search strings entered by the user in a particular user session.
A suggestion box displaying previously entered search strings will be displayed below the Search Command box. Up to 20 of the most recent search strings entered during the current user session are available. As the user types more characters, the list of suggested search strings will be refined accordingly.
6.3 Command Manager Interface Enhancements - Command Scripts (EMS 41.0)
CMI Command Script Validation
- CMI command scripts must only use EAGLE 5 commands and access EAGLE 5 systems that the EMS User using that script has been authorized to use, as specified by the associated CMI Usergroup.
- To allow CMI command scripts to be validated for access control rights, variable substitutions for EAGLE 5 command names and CLLI parameters are no longer permitted in CMI command scripts. Literal strings must be used instead. For example,
must be written assend_command($command, $CLLI);
andsend_command("rtrv-sid","stpa");
must be written assend_login($CLLI);send_login("stpa");
Note:
CMI command scripts that are created, modified, and/or executed by either CMI Administrators or EMS Users associated with a CMI Usergroup that allows access to all EAGLE 5 commands and all EAGLE 5 systems are not validated in this way as described in Legacy CMI Command Script Support.Legacy CMI Command Script Support
- In addition to alphanumeric characters (a-z, A-Z, 0-9) previously allowed in CMI command script names, the character set has been enlarged to include underscores (_), hyphens (-), and periods(.). The first character in the script name must be an alpha character (a-z, A-Z).
- The CMI command scripts created, modified, and/or executed by CMI Administrators are not checked for validity as described in CMI Command Script Validation.
- The CMI command scripts created, modified, and/or executed by EMS Users that are authorized to use all EAGLE 5 commands and access all EAGLE 5 systems to which the EAGLE EMS is connected are not checked for validity as described in CMI Command Script Validation.
Note:
EMS Users can be prevented from creating new CMI command scripts or modifying legacy CMI command scripts by associating them with a CMI Usergroup that does not allow those Functions. If that CMI Usergroup allows CMI command script execution, those EMS Users would be able to execute legacy CMI command scripts.6.4 Command Manager Interface Enhancements - Controlling Access to Individual EAGLE 5 Systems (EMS 41.0)
- Send Command
- Create Script
- Modify Script
- Execute Script
If an EMS User attempts to access an EAGLE 5 system to which they have not been granted access, an error message is displayed and the access is denied.
6.5 Command Manager Interface Enhancements - User Activity Logging (EMS 41.0)
- Current Logs:
User activities of the last 24 hours are accessed in Current Logs. Each entry contains the following information about a specific EMS User activity within the CMI:
- Date and Time of activity
- Name of EMS User performing activity
- Activity Area of activity (e.g., login, run script, script management, administration)
- Type (indicates whether the activity affected an EAGLE 5 system or not)
- Description of the action
- Log Files:
User activities older than those presented in Current Logs and newer than 15 days old, are accessed in Log Files. Two separate files are saved for each date:
- EAGLE Affecting Logs
These logs contain records of EMS User activities that affect EAGLE 5 systems, including sending commands and running scripts.
- User Action Logs
These logs contain records of EMS User activities within the Command Manager Interface that do not directly affect EAGLE 5 systems, such as logging in to the CMI, creating and executing CMI Command Scripts, and CMI administrative activities.
Each entry contains the following information about a specific EMS User activity within the CMI:- Date and Time of activity
- Name of EMS User performing activity
- Activity Area of activity (e.g., login, run script, script management, administration)
- Description of the action
This information is presented as a flat file in chronological order of the activities.
- EAGLE Affecting Logs
After 15 days, Log Files are archived.
6.6 Enhanced SNMP Northbound Interface (EMS 41.0)
The Enhanced SNMP Northbound Interface enables EAGLE 5 EMS to process all of the alarms it receives and forward them to a registered Network Management System as SNMPv1 (Simple Network Management Protocol, version 1) traps. Additionally, a new mechanism is provided for resynchronizing all open alarms between the Network Management System and the EAGLE 5 EMS system on request from the Network Management System.
- Halt normal forwarding of alarms to the requesting network management system and queue all incoming alarms for later forwarding.
- Send all existing open alarms to the network management system, along with an indication that they are part of a resynchronization operation.
- Forward alarms that were queued beginning in Step 1.
Enhanced SNMP Northbound Interface Performance
The expected throughput of the Enhanced SNMP Northbound Interface, based on the number of EAGLE 5 systems, is shown in Table 6-1.
Table 6-1 Enhanced SNMP Northbound Interface Expected Load
| EMS Tier | Number of EAGLE 5 Pairs | Forwarding Throughput (Alarms/Second) |
|---|---|---|
| 1 | Up to 2 pair | 16 |
| 2 | Up to 6 pair | 48 |
| 3 | Up to 10 pair | 80 |
| 4 | Up to 14 pair | 112 |
6.7 Enhanced SNMP Northbound Interface (EMS 42.0)
The Enhanced SNMP Northbound Interface enables EAGLE 5 EMS to process all of the alarms it receives and forward them to a registered Network Management System (NMS) Additionally, a mechanism is provided for resynchronizing all open alarms between the Network Management System and the EAGLE 5 EMS system on request from the Network Management System.
- Support of SNMP v2 traps
- The number of simultaneous resynchronizations is configurable.
- Reason code added to resynchronization request reject Trap.
- Reason code added to resynchronization request stop Trap.
- When a secondary EMS server becomes the primary, the new primary EMS server transmits a notification trap to all northbound NMS. This trap can be used by each new primary NMS to trigger a resync operation, thus ensuring that the NMS is aware of all the current outstanding alarms.
- The ResyncStop trap has been realigned to allow the NMS to recognize the end of outstanding alarm resynchronization and the beginning of autonomous alarm transmission.
6.8 Fault/Communication Agent (EMS 43.0)
The Fault/Communication Agent manages all required communication between EAGLE 5 systems and the EAGLE EMS system.
This enhancement provides extended idle timeouts for selected EAGLE 5 commands, in order to accommodate EAGLE 5 processing time required for those commands.
rtrv-seculog, rtrv-log, and chg-db).
Note:
If required, please contact for assistance in changing timeouts for other EAGLE system commands.6.9 Historical Event Viewer (HEV) (EMS 43.0)
The use of a GENERAL type terminal with minimum group setting allows EAGLE 5 UIMs to be captured by the EAGLE EMS and displayed in the Historical Event Viewer. The user is able to apply HEV filters to view only selected UIMs based on the filter selection of the named titles in the event.
UIMs are considered transient and are not persisted in the events database .
6.10 HTTPS Access for EAGLE EMS CMI (EMS 44.0)
The HTTPS Access for Eagle EMS CMI feature provide HTTPS access through secure port 3443 as an option for connecting with the EAGLE EMS Command Manager Interface (CMI). Currently EAGLE EMS CMI is accessed through HTTP on port 3000, which is not secure.
HTTPS uses encryption to secure Internet traffic and protect Internet traffic from snooping or tampering by others on the network. HTTPS uses Secure Sockets Layer (SSL), which is used to encrypt the data stream between the Web server and the Web client ( browser). This will improve security and secure the traffic running over internet. A Secure Sockets Layer (SSL) certificate must be installed on the server to increase the security and authenticate the communicating party.
6.11 Link Utilization Interface (EMS 42.0)
The Link Utilization interface collects and stores link capacity information about EAGLE 5 signaling links into the EAGLE EMS database. That capacity data is used by the EAGLE EMS to create informative Measurement Reports about the utilization of links for which the EAGLE 5 is an endpoint.
- Link Capacity data shall be persisted for a configurable amount of time (default 30 days).
Note:
This will support the production of per-link capacity trend reports, historical capacity reports, and historical utilization reports created by mating persisted measurement data with historical capacity reports. - Link Utilization Crystal Reports
- Link Utilization Report: contains utilization and erlang values for Links for which EAGLE 5 is an endpoint
- Linkset Utilization Report: contains utilization and erlang values for Linksets for which EAGLE 5 is an endpoint
- Card Utilization Report: contains utilization values for EAGLE 5 cards
6.12 LUI Measurements Thresholding (EMS 44.0)
The LUI Measurements Thresholding feature is an enhancement of the existing LUI module by providing alarm thresholds based on the percent occupancy of links during each reporting period configured on EAGLEs. The LUI Measurements Thresholding feature provides thresholding functions on the Link Utilization Interface (LUI) performance management indicators. These thresholding functions include the configuration of breach and abatement thresholds, the monitoring and comparison of percent utilization values to configured thresholds, and the performance of specified actions upon crossing configured thresholds, including the generation and clearing of threshold alarms.
EAGLE EMS receives performance data from EAGLEs at regular intervals. The Performance Reporting Agent (Measurements Platform) collects the performance data. The collected performance data is parsed and stored in the EAGLE EMS database table TEK_MEAS_COMP_LINK. The EAGLE EMS LUI module gathers and calculates link, linkset, and card capacity information from EAGLEs and stores this information in the EAGLE EMS database table TEKELEC_SLK_CAPACITY.
Using this capacity information along with the measurements gathered from EAGLEs, the LUI Measurements Thresholding feature calculates percent utilization for all the entities of the type link, linkset, and card. LUI Measurements Thresholding allows configuration of thresholds by link, linkset, and card measurement types. For each measurement type, the threshold alarm value, alarm severity, and threshold clear value can be configured independently from the other measurement types.
Figure 6-1 LUI Measurements Thresholding Configuration
