[Fed-Talk] Re: Macs and OSX in DoD Space
[Fed-Talk] Re: Macs and OSX in DoD Space
- Subject: [Fed-Talk] Re: Macs and OSX in DoD Space
- From: Dalton Hamilton <email@hidden>
- Date: Fri, 14 Apr 2006 10:55:05 +0200
Because of this email, I've had multiple people ask me what I use my
OSX systems so they can possible write justifications for more Macs.
Here is a very brief summary of what I use my systems for:
y way I can.
The most important thing I do with my Powerbook when I'm traveling is
the inspection of Medical networks. My inspections are for medical
networks in which we have to test the network to make sure it is
ready to run a new application the Docotors(Providers) use called
CHCSII or AHLTA.
Others were using Windows systems and it took many hours of going to
each wiring closet and testing latency and access to server processes
running on certain ports both at the local hospital data center and
the main patient data repository in the States. When I started doing
this, I decided to write a custom OSX Cocoa application to do this.
It takes about 30 seconds to test 40 of 50 IP addresses and sockets
to make sure Latency (RTT) and layer 4 connectivity is adequate and
provides a text based report. If this could be of use, I could
rewrite it to be generic -- which is something I've been thinking of
doing. In this way, anyone could use it by filling in a description
field of what they are testing, an IP address, and a list of ports.
Then provide the ability to enter 40 or so of these and save them.
This way, when you start the NRA (Network Readiness Assessment) tool,
it is already loaded with everything you need to test. It already
has the ability to create and save different sites, because each site
I go to has a certain set of specific settings. It is a beautiful
application but I don't want to send out a copy as-is because it
defaults to all our IPs and ports for DoD (Navy, Airforce, and Army)
Medical applications which is classified.
Another role I have as the Senior Network Engineer for Europe, is to
monitor all WAN circuits at all the medical hospitals. To do this, I
use a few tools. One is MRTG for OSX -- which is very instrumental.
MRTG can be found at: http://oss.oetiker.ch/mrtg/. Of course I
don't have MRTG running on my Powerbook, though I could. I have it
running on our OSX Server PowerMac G5. I wanted the server close to
my office so I didn't get an Xserve but the PowerMac instead --
though the XServe is a better choice. Our other Navy sites are
purchasing Xserves.
Another tool I use and is the BEST networking monitoring application
I've used - hands down - is InterMapper, http://
www.intermapper.com/. I HIGHLY recommend this software. It is
extremely easy to setup and use yet provides very strong monitoring
of Cisco routers and switches. I use it mainly for monitoring IOS
based Cisco routers at the edge of all of our European sites. It
does a great job of displaying relevant information relating this
data to the admin by using different colors, and different types of
lines, etc. It provides the ability to graph many MIB variables over
extended amounts of time and put multiple variables on one graph. It
monitors many critical variables by default -- like CPU, input
errors, output errors, memory, octets in and out, etc. It also
provides email alerts. Also provides Remote InterMapper client
ability where you can have engineers in the field connect back to the
console InterMapper Server and see certain maps that you've given the
access to. This may sound time consuming or hard but it isn't. It
takes literally no time to set this up and is so Intuitive, I don't
think I used any documentation.
The only problem with InterMapper type tools is to get the most out
of them, you have to be sitting at your system. It doesn't provide
any reporting ability to give you how many outages happened over a
given amount of time, broken down by site, etc. To solve this
problem, I wrote an application called NetCheck, http://
www.scriptsoftware.com/netcheck/. This app is awesome. It lets you
define email groups and then define devices to be monitored by ICMP
pings, define services (applications) running on given ports, provide
dependencies (per device) to check before generating an alert and log
event, and provides excellent reporting -- which is something I have
to do to many divisions in Europe and the US -- including each site
rep. The alerts are fully customizable. This application is a
Universal App.
Another tool I use which I also wrote is called MountWatcher. This
automatically mounts all my drive mappings (SMB and AFP). I wrote
this to keep me from having to continue to mount many different
mounts manually and especially comes in handy when I travel with my
Powerbook. I've really only been using this software myself and
letting some engineers at Navy sites in Europe use it along with some
friends in the States. However, everyone likes it so much, I'm
making it available at this address next week. http://
www.scriptsoftware.com/mountwatcher
Anther very valuable tool that I use is NTOP. NTOP is one of those
tools that few people use because they don't know why to use it.
There is no free version of NTOP for Windows. Cisco devices support
the ability to send out traffic statistics using a protocol called
NetFlow. On the Cisco device, when you configure NetFlow to report
data, you need to specify which destination IP addresses the
statistics should be sent to and on what UDP port. To be able to
understand these statistics, you need an application that can
understand the NetFlow format. NTOP does that along with the ability
to understand other format from other vendors (like Foundry). These
statics show you details of converstions, like who the top talkers
where, what ports/applications they were using, and provides much
more. NTOP provides the ability to monitor multiple NetFlow traffic
flows by allowing you to create multiple NetFlow interfaces within
the software. Each interface reads a different UDP port so you would
have each remote router report on a different port. NTOP can be
found at http://www.ntop.org
Of course, I use tcpdump a lot. I use the built-in features of tftp,
ssh and sftp, Apache and TomCat, and Zterm.
I also use iWork extensively -- specifically Pages. I produce all my
reports using Pages and the export as PDF to send to Government reps
that need my reports. Pages is awesome.
I will soon be producing video courses for training of certain
hardware under our control. These videos will be produced using a
new OSX system we just purchased.
That is all I have time for. Hope this helps.
Dalton Hamilton
On Apr 13, 2006, at 9:21 AM, Dalton Hamilton wrote:
As more and more people are introduced to OSX, this grass-roots
explosion will also include Government representatives with
decision authority. I think of these as a younger more technically
knowledgeable group. I see this happening weekly. As this happens
and as Microsoft's problems continue, our day will come. I travel
to sites all across Europe. I take only my Powerbook - provided to
me by DoD because they asked me what I needed to do the job and I
told them. When I show up at a given site and do network
inspections and presentations using my Powerbook, I more and more
frequently run into Mac and OSX advocates. Included in these
groups are Commanders and GS personnel in decision making roles.
These people have told me they converted at home and they love Macs
and OSX. They say they would not have a problem purchasing Macs if
the opportunity presented itself. It is my opinion that this
belief rings true more times than not and most sites want to put
the right tools in place to do the job.
Through a little discussion and understanding, they say to simply
present the proposal to them showing an XServe or iMac (or
whatever) is the right tool for the job, present the cost, and they
will make it happen. I've helped sites do this over and over here
in Europe and where they have budget, it is happening and where no
budget exists yet, they want it to happen and have it on the
horizon as a project they want to fund.
Yes, I focus on my job but while I'm doing this, I do what I can to
make a difference and when the two meet, I focus on building
relationships with those that are pro-Mac and discuss upcoming
projects to try to help them see where Macs and OSX can fit --
mostly projects that my group has nothing to do with. I then help
these engineers and department heads realize that the Government
doesn't mandate Microsoft and that their Commanders want them to
have the right tool for the job. On an ever-increasing basis, OSX
is the right tool.
Presented the correct way, purchases are happening and solutions
are being designed around OSX.
Don't give up the fight.
Dalton Hamilton
On Apr 12, 2006, at 9:04 PM, Michael Pike wrote:
Here is the part that sux... all of this research is being done on
my own systems because our division won't order any more Macs..
niiiiiiiiiiiiice.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden