02 OS90512EN15GLA0 Architecture

NetAct Architecture
NetAct Architecture
Content
NetAct Architecture 1
1 NetAct 15 Platform 3
1.1 NetAct Platform Components 5
1.2 Virtualization 7
1.3 Standard Deployments 12
1.4 NetAct 15 Hardware 17
1.5 Software Environment 24
1.6 Components Overview 26
2 NetAct Reliability 29
2.1 System Reliability 30
2.2 High availability in the virtual infrastructure 32
2.3 Load balancing 36
2.4 DCN 36
2.5 DNS 37
2.6 Backup 38
2.7 System Self-Monitoring 40
2.8 Preventive Health Check 42
2.9 NetAct Disaster Recovery 44
3 Interfaces 47
3.1 Mediations and Adaptations 48
3.2 NetAct Interfaces 48
3.3 Southbound interfaces 50
OS90512EN15GLA0
Copyright ©2015 Nokia Solutions and Networks.
1
NetAct Architecture
3.4 Northbound interfaces 54

4 NetAct Security 73
4.1 NetAct Security 74
5 Exercises 81
Exercise 1 83
Exercise 2 85
Exercise 3 87
OS90512EN15GLA0
2
NetAct Architecture
1 NetAct 15 Platform
OS90512EN15GLA0
3
NetAct Architecture
OS90512EN15GLA0
4
NetAct Architecture
1.1 NetAct Platform Components

The hardware platform of NetAct consists of three main parts, namely servers,
storage devices and network equipment, such as switches and routers. NetAct
utilizes x86-64-based servers with multicore processors and supports blade
solutions. NetAct operating environment is fully virtualized.
NetAct’s software architecture is three-tiered: the tiers are
 Presentation tier
 Business logic tier and
 Data tier.
Business logic and Data tiers are separated from Presentation tier by firewalls and
reside inside the secure domain.
Presentation tier hosts client applications. The client applications access Business
logic tier and reside typically on a user workstation, for example, a laptop or a
desktop computer. The recommended workstation is an office PC with either
Windows or Linux operating system.
Business logic tier hosts the business logic and data access specific for NetAct. Data
tier hosts NetAct data storages, that is, the database and directory servers. Both
Business logic tier and Data tier utilize virtual machines running on one or more host
servers dedicated to NetAct.
OS90512EN15GLA0
5
NetAct Architecture
NetAct 15 Platform
Components
1 © Nokia Solutions and Networks 2014
Fig. 1
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.2 Virtualization
With NetAct 15, we are stepping into a virtualized environment. In a virtualized
infrastructure (VI), software is set up in such a way that it can operate independently
from the underlying hardware. The physical resources of multiple machines are
shared across the whole infrastructure, and they act as a resource pool. In a VI, the
physical hardware resources are divided into smaller units, virtual machines (VMs)
that have their own allocated virtual CPU and memory.
The virtualization layer (HW virtualization capability) is provided by the VMware
hypervisor. Servers simply add I/O, CPU and RAM computing resources to the HW
pool and virtualization provides a logical view of data, computing power, storage
capacity and other server resources.
Compared to the previous NetAct releases, there are no longer dedicated hardware
roles. Instead, NetAct applications, mediations, and services running on a number of
VMs are powered by a hardware resource pool. Each VM is dimensioned and
optimized for the service or services running in it. In this way, the same NetAct
functions can be provided but with better high availability and scalability options.
OS90512EN15GLA0
7
NetAct Architecture
NetAct 15 Platform
Virtualization
Fig. 2
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.2.1 Benefits of virtualization in NetAct

Virtualization in NetAct brings the following benefits:
 Reduced CAPEX and OPEX by consolidation, for example, improved HW
utilization, and the possibility to co-locate NOKIA products.
 Near zero downtime upgrade: Upgrade can be performed by cloning the system
within the virtualized infrastructure. Upgrades are performed on the clone side and
then after upgrade testing, the clone system becomes the live system.
 Zero downtime hardware maintenance and capacity can be added without
business impact.
 Efficient high availability and disaster avoidance solutions by using shared
redundancy resources.
 All HW resources are in efficient use: No more fixed amount of physical servers or
standby nodes as virtual machines are distributed by load. In addition, decoupling
NetAct and 3rd party HW/SW makes HW planning more flexible.
 Increased elasticity, in other words, scalability in a virtual environment.
OS90512EN15GLA0
9
NetAct Architecture
NetAct 15 Platform
Virtualization Components
NetAct services and applications Virtual machines (VMs) running NetAct

services and applications
Bare-metal ESXi hypervisor enabling full

virtualization of each x86 server,
Virtual Infrastructure abstracting the physical hardware from
the NetAct services and applications
HP x86 G8 blade servers with 10G

interfaces and Virtual Connect Flex 10
Ethernet Modules in blade chassis.
Cisco, Juniper or HP - DCN
Fiber channel SAN connecting the

SAN SAN
blade chassis to the storage.
EMC/HP physical storages containing

the ESXi hosts root disks, VM root
disks, DB disks and global shares.
NEs
Fig. 3
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.2.2 Scalability in virtualized infrastructure

Scalability is an important feature of the virtual NetAct environment since there are
software components that can be located on more than one VM, and conversely, one
VM can contain more than one software component.
If the load increases beyond a virtual machine’s ability to handle the load, then the
software component and/or virtual machine must be scaled to cope with the
increased demand. However, not all software components scale in a similar way:
 Some software components are designed to scale horizontally, which means that
additional virtual machines need to be provisioned in order to enable the software
component to distribute its load. Horizontal scalability is enabled by placing
software components behind load balancers.
 Other software components scale better vertically, which means that additional
resources (CPU and memory) need to be allocated to the virtual machine where
the software component is hosted.
OS90512EN15GLA0
11
NetAct Architecture
1.3 Standard Deployments

NetAct is available in small (S), mainstream (M), and large (L) configurations, where the
number of VMs, the size of the hardware resource pool, and the capacity they generate as a
whole vary.
Please use the next picture as a reference while interpreting the content of figures for the
different configurations presented right after.
Special VMs:
 vCSA – vCenter Server Appliance
 VDP – Virtual Data Protect, used to take backups of VMs
 CAM – Optional VM for ‘Cloud Application Manager’ that will have software to
manager Liquid Core
 Node Manager – Windows VM hosting Element Managers like BTS Site
Manager.
OS90512EN15GLA0
12
NetAct Architecture
1.3.1 Small Configuration

This configuration consists of four G8 HP servers each providing 16 vCPUs (1p8c and
hyperthreading in use) and 48 GB vRAM to HW resource pool. Total number of virtual
machines in use: 23.
1.3.2 Mainstream Configuration

This configuration consists of six G8 HP servers each providing 24 vCPUs (2p6c and
hyperthreading in use) and 64GB vRAM to HW resource pool. . Total number of virtual
1.3.3 Large Configuration

This configuration consists of six G8 HP servers each providing 32 vCPUs (2p8c and
hyperthreading in use) and 128 GB vRAM to HW resource pool. . Total number of virtual
OS90512EN15GLA0
13
NetAct Architecture
NetAct 15 Platform
VM Nodes Configuration: Small
Fig. 4
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
14 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
NetAct 15 Platform
VM Nodes Configuration: Mainstream
Fig. 5
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
NetAct 15 Platform
VM Nodes Configuration: Large
Fig. 6
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
16 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.4 NetAct 15 Hardware

NetAct 15 system provides the following Hardware Units:
 Cabinet and Console Solution
 Servers
 Storage
 DCN: Switches, Routers and Optional Firewall
 Backup Solution
OS90512EN15GLA0
17
NetAct Architecture
1.4.1 Cabinet and Console Solution

Product Model Notes
Cabinet 1,2m HP10622G2 with 2x16Amps Max two blade chassis per
PDUs cabinet *)
alternatives
1,6m HP10636G2 with 4x16Amps Max two blade chassis per
PDUs cabinet *)
2m HP 10642G2 with 4x16Amps Max two blade chassis per
PDUs cabinet*)
HP seismic cabinet Only on request
Customer’s own 19” industry Open Cabinet concept
standard, full deep cabinet
Console HP TFT7600 flat panel Common console solution
DVD External 16xSATA DVD-ROM drive USB connection
in StorageWorks 1U USB rack
In the figure below there is an example of the rack mounting for NetAct:
OS90512EN15GLA0
18
NetAct Architecture
NetAct 15 Platform
Hardware: Rack Mounting
Storage solution:
Backup Storage solution
(space depends on model)
Primary + Backup
(4 EIA) storage
Primary Storage solution
(space depends on model)
(7 EIA) Console solution:
Flat panel + DVD
Flat panel (1 EIA)
DVD drive – (1-2 EIA)
Router (2-3 EIA)

DCN solution:
Router (2-3 EIA)
L2-Switch (1 EIA)
2x external LAN +
L2-Switch (1 EIA)
2x routers
HP C7000 blade chassis
( 10 EIA)
Blade Solution:
Blade chassis with
Rack 42U Blade servers
*) recommendation
1 © Nokia 2014
Fig. 7
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.4.2 Servers and Storage

Hardware used with new deliveries: Servers
 HP BL460c Gen8 with E5-2620, E5-2658, or E5-2670 (with NEBS configurations)
processors
Storage equipment
 EMC VNX5200, EMC VNX5100 (backup storage)
 HP 3PAR 7200, HP MSA 2040 (backup storage)
Other supported hardware: Servers

 HP BL460c G6 with E5540 processors
Storage equipment
 HP P6300, HP P6350
 EMC CX4-120, EMC CX4-240
 EMC VNX5300
 Open SAN concept
NetAct Server Model No. of Storage System

Configuration Blades
HP BL460c Gen8 1p8c 48GB VNX Small:
Small – 23 1x Intel E5-2658 eight core processor
4 VNX5200: 3x100GB SSD SSF +
VMs 48GB memory 9x600GB SAS SFF + 13x1TB
2x300GB 15K SAS internal disks NL_SAS SFF
2x10GbE LAN; fc controller (8G) VNX Backup:
VNX5100: 6x2TB NL-SAS LFF
HP BL460c Gen8 2p6c 64GB VNX Medium:
Mainstream 2x Intel E5-2620 six core processor
– 32 VMs 64GB memory 13x600GB SAS SFF + 19x1TB
HP BL460c Gen8 2p8c 128GB VNX Large:
Large – 40 2x Intel E5-2658 eight core processor
VMs 128GB memory 17x600GB SAS SFF + 27x1TB
OS90512EN15GLA0
20
NetAct Architecture
NetAct 15 Platform
Hardware: Server Blades
HP C7000 blade chassis with blade servers

Front Back
SAN blade switch

LAN blade switch
Blade chassis
Blade chassis Power units Blade servers
C7000, 16 slots BL460c
1 © Nokia 2014
Fig. 8
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.4.3 DCN
 Switches: HP 5500-24G-4SFP; HP 5900 (NEBS compliant); open DCN solution
 Router: Cisco 2951
 Firewall: Available with the customization project
DCN external switches

 HP Procurve 2810G-24
 Catalyst 2960G-24TC-L (GigaEthernet)
 Catalyst 3750G-24TS-1U (GigaEthernet)
OS90512EN15GLA0
22
NetAct Architecture
NetAct 15 Platform
Hardware: DCN
• Switches (min two for redundancy)

- L3 switch 1GbEth HP 5500-24G-4SFP
- Option: 2-port 10GbEth module
- L3 switch HP 5900 (only for NEBS cases) L3/L2 switch
cluster
• Firewalls (min two for redundancy)
- Customized solution – contact product Highly available
line Firewall-1/VPN-1
• Routers (min two for redundancy)
- Cisco2951 (optional) Redundant
WAN routers
- Note: router is required only for OSI
elements
• Open DCN concept
- Possibility to use customer’s own DCN
- All devices should support 1GbE LAN
1 © Nokia 2014
Fig. 9
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.5 Software Environment

If any third-party software is needed, the required licenses are provided by Nokia.
NOTICE:
The Oracle 11g version includes several optional extra-cost Enterprise Manager
features. Only Oracle Diagnostic Pack, Oracle Tuning Pack, and Oracle Advanced
Compression licenses are included in NetAct. Other optional extra-cost features may
not be used.
The following tables list the operating system and the major third-party software
components used in the current release.
Function Software Used

Operating System RedHat Enterprise Linux (RHEL) version 6.5 on NetAct VMs, SuSe Linux for VCA and
VDP and Windows Server 2008 for Node Managers.
Database Oracle Enterprise Edition Version 11R2
Application Server WebSphere Application Server (WAS) version 8.0
Load Balancer LINUX Virtual Server (LVS) provided by RHEL
Business Logic J2EE Version 1.4
JBI Server Apache ServiceMix 3.4
Java JRE Version 7 for apps and JRE 1.5 for WAS
Virtualization VMware vSphere Enterprise Plus 5.5 and VMware vCenter Server Standard for vSphere
5.5
Perl Version 5.8
Authentication/ LDAP Version 3 / RedHat Directory Server provided by RHEL 6.4

Directory Server
File System NFS Version 3 provided by RHEL 6.4
OSI Stack Marben
IP Connectivity FTP, NFS, SSH, HTTP, SNMP, NTP, BIND and DNS protocols, provided by RHEL
OS90512EN15GLA0
24
NetAct Architecture
NetAct 15 Platform
Software Environment
Application Server: IBM WebSphere version 8.0
Business Logic: JBI Server: Perl:

J2EE version 4 Apache Service Mix 3.4 Version 5.8.8
Java: JRE 6 for applications & JRE 1.5 for WebSphere
Database: Oracle Enterprise Edition 11G R 11.2.0.3.0
Operating System: RHEL 6.5

Load Balancer: LINUX Virtual Server (LVS) File System: NFS version 3
Windows Server:
IP Connectivity: FTP, NFS, SSH, HTTP, SNMP, NTP, BIND and DNS protocols 2008R2
Directory Server: RHDS 9.0
Virtualization components
vSphere: VMware vSphere Enterprise Plus 5.5
vCenter: VMware vCenter Server Standard for vSphere Plus 5.5
Hypervisor: ESXi Linux: SuSe

Fig. 10
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
1.6 Components Overview

NetAct comprises a common computing platform, an adaptation and mediation layer
and an application layer.
NetAct computing platform provides preconfigured 3rd party hardware and
software to support the operation of the upper layers. 3rd party software includes
components for virtualization infrastructure.
Adaptation and mediation layer provides the interface through which data
originating from network elements enters NetAct and can be handled by NetAct
applications. It also provides the application layer with services which are not specific
to any network management operation, for instance access control and logging.
Application layer contains the applications for common management tasks, such as
fault management, configuration management, performance management and
network optimization. Applications are accessible via user workstations. Depending
on the operator’s installation, the tools allow management of part or all of the network
domains.
Computing Platform
Hardware – Servers, network equipment and storage devices
IT Software – Operating System, J2EE Server, J2SE/JRE, JBI Server, Perl,
Authentication, Database, Directory Server, File System Access, IP Connectivity,
Start-up, Scheduling, Backup and Restore, Process Supervision, OSI Connectivity,
CORBA Connectivity, Messaging Backbone and System Deployment
OSS Application Platform
System Services – Authorization, Credential Access, Certificate Access, Data
Access, Data Logging, License Access, Scheduling, Documentation Access,
Preferences, Java UI Framework, Web UI Framework and Common Message Bus.
Common OSS components

Fault Management: Event collecting, Event processing, Event monitoring, Event
post-processing, Event forwarding, FM administration.
Configuration Management: Basic CM, NE hardware management, NE software
management, NE license management. NE remote backup.
Performance Management: Measurement collecting, Measurement processing,
Measurement visualization, Measurement post-processing, Measurement
forwarding, Measurement administration, PM administration.
Security Management: User account management, User group management, User
permission management, NE account management, NE access control, User activity
monitoring.
OS90512EN15GLA0
26
NetAct Architecture
System Management: System monitoring, On-line documentation GUI, Time

management, Backup and restore GUI
Mediations: Fault management, Configuration management, Performance
management, Security management.
Adaptation Management: Generic adaptation deployment interfaces.
Mediation Framework: Common tools and definitions for mediation implementation.
OSS Applications
Domain-specific application - Applications and adaptations for Core and Radio
networks.
Domain-agnostic applications - Service Management applications.
OS90512EN15GLA0
27
NetAct Architecture
NetAct 15 Platform
Product Structure
System components
OSS Applications
Domain-agnostic Applications Domain-specific Applications
Common OSS Components

Fault Configuration Performance Security System Mediation
Management Management Management Management Management Tools
Common CM Services
Adaptation Management
OSS Application Platform

System Services
Computing Platform
IT Software
Hardware
Fig. 11
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
28 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2 NetAct Reliability
OS90512EN15GLA0
29
NetAct Architecture
2.1 System Reliability

System reliability refers to all features included in NetAct platform that facilitate high
availability and disaster avoidance of the NetAct system. The following sub-chapters
explain the concepts and solutions in more detail.
High availability aims to eliminate single points of failure (power supply, disk space,
CPU, software or connectivity) by introducing redundancy of in software and
hardware components.
Connections between any two servers and inside the storage system are built to
incorporate redundancy, that is, there always are two independent paths between
any two components in a virtualized cluster. The same principle applies also to
routers and firewalls. High availability guarantees that critical resources are available
for NetAct operations even in failover situations.
Load balancing concerns other server configurations than single server configuration.
In multi-server configuration, load balancing ensures that server load is distributed
among the servers in an application server cluster. Automatic load balancing is not
used on the data tier, but balances traffic on the application.
OS90512EN15GLA0
30
NetAct Architecture
NetAct 15 Reliability
High Availability in the NetAct Implementation
Blade chassis 1
Service availability
within virtual
machine via
1 watchdog
2 2 Watchdog availability
via virtual manager
Virtual Infrastructure
3
3 Virtual machine
4 availability via
hypervisors
4 Server and network

2 x VC Flex10 2 x Brocade 8/24 interface availability
8G 8G8G 8G via redundancy
1/10G 1/10G
5 DCN availability via

1G 6
5 1G 1G 1G redundancy
8G 8G
Storage area network
6 availability via redundant
connections
1 © Nokia 2014
Fig. 12
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.2 High availability in the virtual infrastructure

With virtualization in the NetAct architecture, the physical hardware resource pool
and the virtualization layer (enabled by the hypervisor installed in each server) are
configured to optimize the use of computing resources in a given NetAct deployment
configuration.
NetAct provides high availability (HA) in three dimensions: it provides hardware
redundancy, virtual machine availability, and service monitoring. Hardware
redundancy is built into the virtual infrastructure (VI) at various levels. Connections
between physical servers and the storage are designed in a redundant way: at least
two independent paths exist between physical servers and the storage. Routers and
firewalls are also configured in a redundant way. Redundancy guarantees that
resources are available for the essential NetAct operations (for example, fault
management event flow, performance management transfer, and MMI access to the
network elements) and for any failover scenario.
The virtual infrastructure takes care of virtual machine (VM) availability. It monitors
the hardware and each virtual machine’s operating system for failures. For example,
if a server fails, the virtual infrastructure management software restarts the affected
VMs in an active host with sufficient computing resources.
In the VI, a virtual manager (vManager) monitors the NetAct VMs for any failed
service. Service Monitoring, on the other hand, checks the services inside the VM so
that if a service fails, it tries to restart the affected service for a configured number of
times. If the service still does not start, then Service Monitoring places the service in
the failed state. If the failed service is marked critical, then the virtual manager
requests the virtual infrastructure management software to reboot the whole VM.
These mechanisms ensure that virtual machines and the services running in them
are always available to provide the operating environment to manage network
elements.
The following lists the virtualization HA mechanisms in use in NetAct:
 Virtual Machine (VM/guest) availability monitored by Virtual Infrastructure Manager
 Service availability monitored on guest System by Watchdog
 Automatic restart of failed application or virtual machine in case of application or
guest failure
 Priorities and VM startup order
 Redundant HW components: Running NetAct node (VM) can be relocated to
another physical server online
There is no service interruption for end users
OS90512EN15GLA0
32
NetAct Architecture
2.2.1 High Availability: Failure in ESXi host case

1. One physical server (ESXi host) fails
2. VMware high availability notices that one ESXi host has gone down
3. VMware restarts the virtual machines on top of another ESXi host based on available
resource information in the virtual infrastructure
High Availability in the Virtual Infrastructure: ESXi Host Failure
• VMware HA monitors VMs to

detect OS and HW failures
• Restarts VMs on other
physical server in the HW
resource pool automatically
when server failure is
detected
• It also protects from
VM OS failures
1 © Nokia 2014
Fig. 13
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
33
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.2.2 Service Monitoring

Service monitoring is divided into two levels:
• Each VM has a Service Monitor that manages service(s) inside the VM

• vManager manages the Service Monitor in VMs
Monitoring Workflow:
1. Services are started/stopped/monitored by services’ own /etc/init.d/<service> -

scripts
2. When there is a problem with the service, it will be restarted by local Service
Monitor
3. If the local Service Monitor cannot restart the service and the service is critical,
vManager restarts the VM in the same host or relocates the VM to another host
OS90512EN15GLA0
34
NetAct Architecture
High Availability in the Virtual Infrastructure: Services Monitoring
status
status
status
status status
restart VM status restart status

LDAP Proxy
restart
status
DNS LB LB NFS NFS
vCenter
restart VM
1 © Nokia 2014
Fig. 14
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.3 Load balancing

In NetAct, both the traffic and computing capacity are load-balanced. Load balancing
is provided through the following:
 Distributed Resource Scheduler (DRS)

 Linux Virtual Server (LVS)
 WebSphere Application Server (WAS) workload manager
The NetAct system contains load balancers dedicated to different kinds of traffic.
Load balancers distribute load between certain VMs or clusters assigned to them.
LVS and WAS are among those used to improve system response time, optimize
resource utilization, and promote higher throughput.
The Distributed Resource Scheduler (DRS) is used in NetAct for balancing the
computing capacity load of the hosts and virtual machines. DRS functions within one
cluster: it monitors the use of CPU and memory resources, and when required,
migrates virtual machines from one host to another. When a virtual machine is
enabled, DRS places the virtual machine on the most suitable host having sufficient
computing power (CPU and memory resources).
2.4 DCN
The DCN configuration on a NetAct site consists of the VMware virtual network and
the DCN backbone. With no single point of failure, the DCN backbone includes
integrated and redundant Ethernet switches and routers. Switches provide the
necessary downlinks to the NetAct chassis and uplinks to the customer network.
Switches are Layer 3 capable, and they perform IP forwarding between NetAct and
the customer network. Switches also serve as the first hop gateway for NetAct.
Routers provide a large variety of WAN interfaces and are used for CLNS forwarding
between NetAct and 2G network elements.
OS90512EN15GLA0
36
NetAct Architecture
2.5 DNS
Domain Name System (DNS) is a distributed database system containing IP address
and naming information on network services, network elements, and name servers. It
provides the service of converting domain names to IP addresses and vice versa.
The DNS is a critical service of any IP-based network.
The NetAct DNS solution provides the following:
 a centralized place for managing the host names of network elements and
NetAct.
 the ability to distribute relevant zones from NetAct into the respective network
elements.
 a service for NetAct-related components for converting the host names into IP
addresses.
In the NetAct DNS solution, the name server is running on the VMs hosting a DNS
service. There are two DNS servers in NetAct: the primary DNS server called DNS-
Master and the secondary DNS server called DNS-Slave. The DNS-Master server is the
source for the NetAct domain configuration and contains the domain configuration
files. The DNS-Slave server duplicates the domain configuration from the DNS-Master
server to provide increased availability. These name servers are authoritative for the
NetAct DNS domain.
High availability is provided by a combination of NetAct virtualization and distribution
of the service across physical servers. NetAct virtualization ensures that the DNS
VMs are always running, while service distribution provides high availability even
when one of the physical servers is down.
OS90512EN15GLA0
37
NetAct Architecture
2.6 Backup
NetAct offers both an online backup and an offline disk-based backup of the file
system and databases. Online backups are taken while the system is up and running
and are automatically scheduled. Offline backup is taken when the database is not
running, typically after the installation of the database or when changes requiring a
shutdown have been performed, also before an upgrade. The backup disk can either
be part of the online disk storage or located on separate backup disk storage.
NetAct’s open backup interface enables operators to build their own or use a third-
party backup solution. However, using a custom-made or a 3rd party backup solution
requires that the chosen solution is compatible with the other software components
installed on the NetAct cluster and does not interfere with NetAct integrity.
Furthermore, it must be ensured that there is enough processing capability and data
storage available for the custom-made or 3rd party backup solution.
OS90512EN15GLA0
38
NetAct Architecture
Backup and Recovery Management
VMWare vSphere Data

Protector (VDP)
Disk Based Used to create image
Solution backups of the virtual
machines
Backup and NetAct Backup Tool

Recovery
Solutions To execute backups of
oracle database and
global file systems
Open Backup
Solution
1 © Nokia 2014
Fig. 15
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.7 System Self-Monitoring

NetAct monitors its own performance and processes, both in the hardware and
software. System self-monitoring processes and forwards performance management
(PM) and fault management (FM) data collected from the NetAct system to NetAct
itself. The results of the self-monitoring process can be seen in performance
management reports for PM data and as alarms for FM data.
The solution is based on the O&M Agent software, which is installed on all NetAct
virtual machines and which starts to function immediately after installation. O&M
Agent provides the central functionality for the system self-monitoring: it raises
alarms and cancels them when the fault situation has been resolved. O&M Agent
contains the Integration Framework and Core components, and it also has an internal
database for active self-monitoring of FM and PM data.
The self-monitoring data flow proceeds as follows:
1. NetAct monitors its own software and hardware and collects FM and PM data.
2. HP SIM collects the alarms associated with the NetAct hardware, such as
servers, data communication network (DCN) equipment, and storage hardware
and sends these data to Integration Framework.
3. O&M Agent further processes FM and PM data and forwards the data back to
NetAct itself as events and measurements using the NE3S/WS southbound
interface.
4. FM and PM pipes transfer alarms and measurements to the database, from
which the FM and PM tools (Monitoring Desktop and Performance Manager,
respectively) can retrieve the needed data for processing or for reporting. The FM
and PM pipes also transfer the data to NetAct’s northbound interface, where self-
monitoring information can be forwarded to other network management systems
for further processing.
Monitoring of NetAct hardware
The monitored NetAct hardware is integrated to HP SIM during NetAct installation.
HP SIM monitors server hardware, DCN routers and switches, firewalls, and storage
devices.
HP SIM collects fault management (FM) data from the hardware in the managed
system and forwards these to O&M Agent for further processing. Critical and
important hardware faults that require attention are interpreted by the HP SIM
service, which categorizes the alarms into three groups: server hardware faults, DCN
hardware faults, and storage hardware faults. In addition to displaying the alarms in
the HP SIM GUI, the HP SIM service sends notifications to O&M Agent, which in turn,
forwards them to NetAct Monitor. If there is a need to find out more about a particular
hardware alarm, it is possible to check the information from HP SIM.
OS90512EN15GLA0
40
NetAct Architecture
System Self Monitoring
HW HP SIM NB Interface
SW Performance
Database Manager
FM data PM data Monitoring
Collection Collection Desktop
O&M Adaptation
Agent
O&M Agent Core PM pipe FM pipe

Data Processing
NE3S/WS SB Interface Mediation
1 © Nokia 2014
Fig. 16
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.8 Preventive Health Check

Preventive Health Check (PHC) is a command-line tool that is used to check the
current state of the NetAct system through the summary report it generates and the
logs that it collects. The tool can give the system administrator helpful insights about
the system, especially when troubleshooting so that it is best to execute it in the
following scenarios:
• after every NetAct deployment
• when there are failures within NetAct
• when there is a need to monitor the NetAct system at regular intervals
The tool is modular and covers test cases for both RHEL and NetAct. The RHEL
module test cases perform the operating system and hardware-related tests. NetAct
test cases are grouped into the following sub-modules:
• Configuration management
• Fault management
• High availability
• NetAct system information
• Performance management
• Websphere Application Server
You can run the tool from one VM using the mhcf user, which is automatically
created with the installation, and as a result, get the status of all the VMs. Every tool
execution creates a new folder that contains the summary of all the findings. The
reports generated are available in .html, .log, and .xml file formats. All logs
collected are saved in a .tar file.
For more information, see Preventive Health Check User Manual under the
Troubleshooting category.
OS90512EN15GLA0
42
NetAct Architecture
Preventive Health Check
PHC is a command-line tool that is used to check the current state of the NetAct
system through the summary report it generates and the logs that it collects.
PHC gives the administrator insights PHC covers test cases for both RHEL
about the system, especially when Operating System and NetAct. NetAct
troubleshooting. It is best to execute it test cases are grouped into the
in the following scenarios: following sub-modules:
• Configuration management
• after every NetAct deployment
• Fault management
• when there are failures within
• High availability
NetAct
• NetAct system information
• when there is a need to monitor the
• Performance management
NetAct system at regular intervals
• Websphere Application Server
1 © Nokia 2014
Fig. 17
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.9 NetAct Disaster Recovery

NetAct Disaster Avoidance is an optional functionality and is based on virtualization.
NetAct Disaster Recovery solution in NetAct 15 provides an insurance mechanism,
which ensures that main functions of NetAct works correctly and all user data is
stored properly when critical and major disruptions occur during system operation
process. It is also applicable if the maintenance and upgrade operations are
performed on Primary Site (SITE-A).
The following figure demonstrates the general working concept of Disaster Recovery
solution.
Disaster Recovery replication
Two types of replication process can be run in current Disaster Recovery solution:
File system replication
You can use this process to replicate all necessary data located in external volume
groups from the active site to the standby site. The latest DNS and LDAP data on the
active site are synchronized to the standby site through the file system replication.
Oracle DataGuard replication
You can replicate all the changes in database from the active site to the standby site.
OS90512EN15GLA0
44
NetAct Architecture
Disaster Recovery
NetAct Disaster Recovery solution comprises such key components as Network

Connectivity(DCN) and Disaster Recovery replication. These key components
play important roles in Disaster Recovery operations to avoid the data loss in
any disaster scenario
1 © Nokia 2014
Fig. 18
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
2.9.1 Disaster Recovery operations

Four types of operations are provided in current Disaster Recovery solution:
Switchover
This operation is performed mainly for testing or maintenance purposes. It switches
the production process from Primary Site (SITE-A) to Disaster Recovery Site (SITE-
B) without triggering a failure or disaster. It can be used when only a part of NetAct
system is not operational, a maintenance task is needed to be performed, or a
verification that the Disaster Recovery functions properly needs to be performed.
Whether to perform the switchover operation depends on various factors, such as the
regulating repair, and the decision to perform this operation is made by operators.
After the switchover operation is performed, Primary Site (SITE-A) is the standby site,
and Disaster Recovery Site (SITE-B) is the active site.
Switchback
This operation is performed after the switchover operation is performed. When
Primary Site (SITE-A) is available to work, Disaster Recovery Site (SITE-B) can be
switched back to be the standby site again.
After the switchback operation is performed, Primary Site (SITE-A) is the active site
and takes over all the productions and resumes all the operations, and Disaster
Recovery Site (SITE-B) is the standby site.
Failover
This operation is performed on Disaster Recovery Site (SITE-B) when a severe
failure occurs on Primary Site (SITE-A). It switches the functions of NetAct from
Primary Site (SITE-A) to Disaster Recovery Site (SITE-B) when Primary Site (SITE-
A) cannot be restored within a reasonable time interval. The decision to perform this
operation is made by operators.
After the failover operation is performed, Primary Site (SITE-A) is in outage, and
Disaster Recovery Site (SITE-B) is the active site.
Failback
This operation is performed after the failover is performed on Disaster Recovery Site
(SITE-B). It switches the functions of NetAct from Disaster Recovery Site (SITE-B) to
Primary Site (SITE-A) when Primary Site (SITE-A) is recovered from the disaster.
After the failback operation is performed, Primary Site (SITE-A) is the active site, and
Disaster Recovery Site (SITE-B) is the standby site.
Note:
In any Disaster Recovery operation, certain transition period is expected to
synchronize the database and global file system between the active site and standby
site
OS90512EN15GLA0
46
NetAct Architecture
3 Interfaces
OS90512EN15GLA0
47
NetAct Architecture
3.1 Mediations and Adaptations

The support for network elements is divided into mediations and adaptations.
Mediations are responsible for the conversion of the network element interface to the
NetAct internal format. Mediations are, in most cases, network technology
independent. Mediations hide different network element interfaces from applications.
Applications can thus concentrate on processing relevant data, and do not need to
take into account different protocols (for example SNMP, http, or Q3) and data
formats (for example ASCII, or XML).
An adaptation is software that adapts NetAct System applications for a certain
vendor’s network technology. Technically, an adaptation configures the user
interfaces, database, mediation, business rules, etc. Adaptations introduce all the
information to NetAct that is specific for a certain network element type and release.
3.2 NetAct Interfaces

In NetAct, interface-related issues are very important, since dependencies are
controlled via interfaces, and controlled dependencies are a key enabler of
modularity - an important property of the NetAct 15 architecture.
NetAct can be integrated into external systems via northbound interfaces. External
systems are employed for similar monitoring, reporting and network planning tasks as
NetAct, but at a higher abstraction level. These higher-level systems can be either
NOKIA or third-party management systems.
Lower-level systems or network elements can be integrated into NetAct via
southbound interfaces. Again, these lower-level systems can be either NOKIA or
third-party element management systems.
Mediations are responsible for the interworking or conversion between the protocols
or data formats used in the lower-level or higher-level systems and the protocols or
data formats used in the NetAct system.
Protocols used in the lower-level or higher-level systems are, for instance, SNMP,
SOAP or HTTP, and data formats are, for instance, ASCII or XML
OS90512EN15GLA0
48
NetAct Architecture
NetAct 15 Interfaces
Northbound and Southbound Interfaces
Integrate NetAct with

Higher-level Systems
Service Management
systems
Higher-level systems can Northbound Interfaces

be either NSN or 3rd party
Network Management NetAct 8 Northbound Mediations
Systems
NetAct Applications and Services
Southbound Mediations
Lower-level systems can

be either NSN or 3rd party
Element Management Southbound Interfaces
Systems or Mediators
Lower-level Systems / Network Elements
1 © Nokia 2014
Fig. 19
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.3 Southbound interfaces

NetAct supports a set of transport and application protocols as well as provides
Integration SDK to integrate and manage 3rd party network elements and element
management systems (EMS). Integration to a 3rd party network element or EMS
involves the creation of mediation and adaptation. The mediation converts the
interface protocol and data model exposed by the 3rd party system to the NetAct
internal data model and the adaptation models the resources of the 3rd party system.
The transport and application protocols supported by NetAct for integrating with 3rd
party systems are UDP, SSH, FTP, SFTP, HTTP, SNMP (v1, v2c, v3), CORBA, EJB,
JDBC, and SOAP. In the next tables there is a description of the supported
functionalities and Network Elements.
Southbound Interface Description Used for Supported Network

Interface Type Elements
NE3S/WS Proprietary This interface is used for  AoM  Flexi NG 3.0

integrating network
elements or element  Audit Trail  Flexi NS
managers to Net-Act using
the NE3S/WS mediation.  Basic  MGW
The distribution of NE3S/WS Configuration
Management  NEBR
change notifications and
operation status responses (topology)
 NT HLRFE
from agents to appropriate
 CM
manager(s) is supported on  One-NDS
this interface.
 FM
 Open MGW
 HW Management
 PCS-5000
 PM
 SW Management
 User Management
OS90512EN15GLA0
50
NetAct Architecture

NE3S/WS Proprietary This interface is used for  AoM  Flexi NG 3.0

integrating network elements
or element managers to Net-  Audit Trail
 Flexi NS
Act using the NE3S/WS  Basic CM
mediation. (topology)  MGW
The distribution of NE3S/WS  CM  NEBR
change notifications and
operation status responses  FM
 NT HLRFE
from agents to appropriate
manager(s) is supported on  HW Management
 One-NDS
this interface.  PM
 Open MGW
 SW Management
 User Management  PCS-5000
NE3S/SNMP Proprietary This interface is used for  AoM  CMD

integrating network elements
and element managers to  FM  FIU 19E
NetAct using the
NE3S/SNMP mediation  PM  Flexi ISN
 Flexi NG 2.0
 Flexi NG 2.1
 FTFA
 LIG
 NBG / Flexi Content

Optimizer
 PowerHopper Vario
 Q1 Agent
 Tellabs SR5.0
 Traffica
OS90512EN15GLA0
51
NetAct Architecture

NWI3 Proprietary Connects network  AoM  AXC

management systems or
element managers with  Certificate
management  Femto BTS
network elements. Uses
CORBA for management  CM  Flexi Direct
communication, and (S)FTP
and HTTP(S) for bulk data  FM  Flexi LTE BTS
transmission
 HW Management
 Flexi WCDMABTS
 Integration Data
Upload  McRNC
 License  NEMU
Management
 OMU
 PM
 SW Management  RNC
 System Level  Ultra BTS

Trace (events)
 User log
Management (audit
Trail)
 User
Management
Q3/MML mediation System  AoM
Q3 Standard Component (SC) implements  BSS
Open south mediation interfaces to  Audit Trail
Interface an OSI based network  Flexi NS
 Backup and
element. Restore
 Flexi NS SGSN
In addition to that this  CM
mediation is also used to
support different fragments  Element
for IP based network Management
elements.
 FM
Q3/MML mediations are
mainly developed on top of  License
Mediation Framework and Management
are designed to be adaptable  Network Element
to multiple OSS Systems. User Management
 PM
 SW Management
 System Level
Trace (events)
 Time
Management
OS90512EN15GLA0
52
NetAct Architecture

3GPP Corba Standard 3GPP CORBA south bound  Basic Configuration

Open interface mediates Management
Interface management operations and (topology)
notifications between
element management  FM
systems (applications such
as Radio commander,
Switch Commander) and
NetAct.
NX2S Standard NE3S/FTP XML Solution Integration data

Open Suite Southbound Interface Management
Interface (NX2S SBI) provides a well
defined interface based on
the extensible markup
language (XML) which
supports FTP file-based
processes
XoH Standard XoH (XML over HTTP)  FM  CDS

Open southbound interface uses
Interface XML as data encoding and  PM
 HLR
HTTP/HTTPs as the transfer  System Level Trace
protocol. It uses simple Management  MSC
object access protocol
(SOAP) in operations
requested by NMSs from
network element or element
management subsystem.
SNMP Standard This interface is used for  Basic Configuration  Cisco IOS
Open integrating NSN network Management
Interface elements, element (topology)  Cisco XE
management systems or
multivendor tools to NetAct  FM  Cisco XR
using the SNMP mediation.
 PM  Infoblox DNS
 Juniper JUNOS
 LIG
 NetViewer
 TP5000
OS90512EN15GLA0
53
NetAct Architecture
3.4 Northbound interfaces

Northbound interfaces provide a means to integrate NetAct to 3rd party upper level
management systems. Many of the interfaces can be utilized equally well with NetAct
and umbrella management system tools.
The 3GPP Rel6 CORBA FM northbound interface is a 3GPP standard compliant
interface used for exchanging topology and alarm information.
The SNMP northbound interface provides SNMP v2c and SNMP v3 based alarm
forwarding and alarm uploading functionality with filtering capabilities. Cancel and
acknowledge operations of alarms can be invoked from upper level management
systems. The interface supports both network alarms and NetAct internal alarms.
The ASCII Alarm Forwarding interface provides the capability for continuous alarm
information forwarding from NetAct to external systems in ASCII format using
common TCP/IP and UNIX services. The ASCII Alarm Forwarding interface supports
all alarms collected by NetAct as well as the alarms generated by the NetAct self-
monitoring application.
The XML (OMeS) Based Measurement Data Export interface is a solution for
publishing performance management data in OMeS format for upper level
management systems. OMeS is an XML based NOKIA proprietary format for
specifying measurement data.
The 3GPP XML Format PM Northbound interface exports raw measurement data in
3GPP formatted XML files to external systems. FTIRP is supported, and FTP or
sFTP can be used for transferring performance management files. The interface is
applicable for all PM supported network elements managed by NetAct.
The OSS/J Trouble Ticket Client interface can be used to integrate 3rd party trouble
ticket systems with NetAct. After the integration it is possible to create, modify, view
or close trouble tickets from NetAct Monitor desktop.
The 3GPP Rel6 BulkCM Northbound interface is a 3GPP compliant interface for
configuration management data upload, download and configuration management
operations. The interface supports WCDMA and LTE.
The TMF615 Unified User Management interface is a standard solution for
integrating NetAct to external central user management systems. It centrally
facilitates management of users and their access rights for all OSS systems.
The XML Based Inventory Data Export interface exports hardware inventory data in
XML formatted files to be transmitted to external systems. 3GPP FTIRP is supported,
and FTP or sFTP can be used for transferring performance management files.
The XML/CSV Planning Data and Hardware Inventory Data File interfaces are
solutions for exporting configuration management planning data and hardware
inventory data in XML/CSV formatted files.
The Email Alarm Forwarding NBI is an interface for forwarding alarm events to
external systems in specific e-mail format.
OS90512EN15GLA0
54
NetAct Architecture
NetAct Interfaces
Northbound
FM northbound interfaces: Inventory northbound interface:

• 3GPP Rel6 CORBA FM NBI • XML Based Inventory Data
• ASCII Alarm Forwarding NBI Export
• SNMP NBI
Other northbound interfaces:
• OSS/J Trouble Ticket Client
PM northbound interfaces: Interface
• XML (OMeS) Based • Email Alarm Forwarding NBI
Measurement Data Export
• TMF615 Unified User
• 3GPP XML Format PM NBI Management Interface
CM northbound interfaces:
• 3GPP Rel6 CORBA BulkCM NBI
• XML/CSV Interface for Planning
Data
1 © Nokia 2014
Fig. 20
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.1 3GPP Rel6 Corba FM and PM interface

The 3GPP CORBA Northbound interface is part of the NetAct open interfaces
concept. This northbound, 3GPP-compliant interface is used for exchanging alarm
information and performance information between NetAct and external systems, for
example, a third-party system. The interface complies with 3GPP Fault Management
requirements v6.0.0, Performance measurement XML file format definition v10.0.0
and File Transfer (FT) Integration Reference Point (IRP) v10.0.0.
In addition to fault management and performance management, this interface also
supports basic configuration management. It provides the following functionality in
detail:
 Alarm upload for alarm synchronization.
 Spontaneous alarm notifications for new alarms, acknowledged alarms, and
cleared alarms.
 Alarms can be acknowledged through the open interface by the external system.
 Flexible alarm filtering capabilities for alarm upload.
 Configurable filter for notifications set by external system at subscription time.
 Query information about the available PM XML files ready to be uploaded.
 Receiving notifyFileReady notification when at least one new PM data file is ready
for uploading.
 Receiving notifyFilePreparationError notification in case an error occurs during the
PM data file preparation.
 External systems can use FTP (secure File Transfer Protocol) or sFTP (security
File Transfer Protocol) to upload the available 3GPP compliant PM XML files
through this interface.
OS90512EN15GLA0
56
NetAct Architecture
NetAct Interfaces
3GPP Rel6 CORBA FM NBI
• Interface for forwarding alarm event notifications to external
Alarm Notification
systems via CORBA interface
• Functionality covers alarm upload, alarm notification and co-

Alarm Upload
operative alarm acknowledgement
• NetAct internal alarms are supported Alarm Ack/Cancel

• Basic CM (topology / containment upload and object lifecycle
notifications) functionality is also covered Topology Notification
• Alarm event notifications can be filtered

Topology Upload
• Supports communication surveillance between the NetAct
CORBA agent and the external NMS manager
Flexible Filtering
• Supports multiple client NMSs
• Compliant to 3GPP Fault Management release 6 (TS32.111-3) Multi-NMS Support
and relevant references
1 © Nokia 2014
Fig. 21
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
OS90512EN15GLA0 . . . . . . . . . . . . . . . . . . . . . . . . .
. . ©2015
Copyright . Nokia
. . Solutions
. . and. Networks.
. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
NetAct Interfaces
3GPP Rel6 CORBA PM NBI
• Interface for transferring measurement data to external

systems. File Based
• Applicable for all PM supported Network Elements

XML (3GPP) Format
managed by NetAct
• Comply with 3GPP file naming convention File Transfer IRP
• File transmitted using FTP or sFTP
3GPP Rel6 CORBA Bulk CM NBI

• For WCDMA / LTE (and TD-LTE) technology CM Upload
• Support for all CM parameters CM Download

• Interface implementation based on (and compliant with)
3GPP Bulk CM standard release 6, CORBA solution set CM Activation
• Information model adapted to respective 3GPP release 6 Other CM
1 and release
© Nokia 8 standards
2014 Operations
Fig. 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
58 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.2 ASCII Alarm Forwarding

ASCII Alarm Forwarding Northbound Interface (ASCII Alarm Forwarding NBI) is a
solution for sending alarm information from Nokia NetAct to external system in ASCII
format using TCP/IP.
It provides the following functions:
 Alarm notifications for multiple external systems.
 Alarm upload for multiple external systems.
 Filtering capability for alarm notifications and alarm upload.
 Configurable alarm format.
OS90512EN15GLA0
59
NetAct Architecture
NetAct Interfaces
ASCII Alarm Forwarding NBI
• Socket interface for forwarding alarms event notifications

Alarm Notification
to external systems in ASCII format
• Alarms from all network elements supported by NetAct Alarm Upload
are forwarded
• NetAct internal alarms are forwarded Filtering
• Retry – re-establish in case of socket connection loss
• Format of forwarded alarms is configurable Multi-NMS Support
• Filtering rules can be defined to specify the kind of alarms

forwarded
• Supports alarm upload operation by re-sending all active
alarms (activated from user interface)
• Supports multiple client NMSs
1 © Nokia 2014
Fig. 23
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
60 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.3 SNMP Northbound Interface

SNMP Northbound Interface is an interface for mediating fault management data. It
facilitates an easy integration of NetAct and 3rd party equipment in a multi-vendor
environment, and provides a unified network management view of interface
technologies.
The main purposes of the interface are:
 Supporting fault management related supervision of network elements in different
domains and technologies.
 Supporting request and response interaction for the management information.
 Supporting spontaneous event notifications.
 Identifying the physical or logical fault network resource of a generic, domain, and
technology independent alarm in the entire managed network.
OS90512EN15GLA0
61
NetAct Architecture
NetAct Interfaces
SNMP NBI
• Interface for forwarding alarm events to external systems
via SNMP traps Alarm Notification
• Functionality covers alarm notification, alarm

synchronization and alarm cancel operation. Alarm Upload
• NetAct internal alarms are supported

Alarm Ack/Cancel
• Support of forwarding notifications to multiple upper-level
Network Management Systems Filtering
• Capability of setting and updating filtering criteria for the

alarm notifications forwarded. Multi-NMS Support
• Event reporting reliability (including lost trap retrieval)

Trap Retransmission
• Compliant with SNMP v2c and SNMP v3
1 © Nokia 2014
Fig. 24
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
62 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.4 PM North Mediation Interface

PM NMI (Performance Management North Mediation Interface) is a solution for
publishing PM (Performance Management) data in OMeS (Open Measurement
Standard) format. With PM NMI, it is possible to transfer PM data to an external
system. In OMeS, data export and file transfer are based on an advanced XML
format.
The main advantages of the interface are:
 The OMeS file format exported through the interface allows the use of universal
tools with XML support. This enables easy and cost-effective integration of any
external system to NetAct.
 The rule-specific filtering function avoids transferring irrelevant PM data to the
external system.
Third-party integrations do not cause extra load on the performance database. The
capacity of NetAct is thus ensured in all circumstances.
OS90512EN15GLA0
63
NetAct Architecture
NetAct Interfaces
PM North Mediation Interface: XML (OMeS) Measurement Data Export
• Interface for transferring raw measurement data to

external systems File Based
• Performance data is exported in OMeS formatted XML (OMeS) Format

XML files
• Network technology independent Filtering
• Filtering supported to specify PM data to be exported Multi-NMS Support
• File transmitted using FTP or sFTP
Open Measurement Standard (OMeS) is a Nokia Solutions Networks

standard. According to OMeS, the files are transferred in XML format.
In NetAct, the PM data is transferred over the north and south
mediation interfaces in OMeS format.
1 © Nokia 2014
Fig. 25
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
64 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.5 XML Interface for Configuration Management Data

This interface is used for exchanging network configuration data with other planning
systems. The file format is a markup language for configuration management, RAML,
which is based on XML. The current supported versions of the mark-up language are
RAML/CM2.0 and CM2.1.
Nokia provides schemas for validating RAML/CM2.0 and CM2.1 files. However, the
schemas can only be used to check the generic file structure. They cannot be used to
validate parameter names and values.
The managed objects and parameters that need to be imported with the XML file or
exported to an XML file are defined with a profile. Nokia provides ready-made
profiles, for example, for site creation and adjacency management tasks. The user
can also create own profiles using an external text or XML editor.
There are four different types of configuration data files that can be transferred over
the interface:
Actual configuration
An actual configuration contains the actual configuration of a certain network area.
Actuals are transferred to the planning system to make sure that the future plans are
based on the actual network configuration.
New configuration
A New configuration contains a new configuration plan which is planned to be
provision into the network.
Reference
A reference configuration contains all objects and parameters of the network in their
intended optimal configuration, as well as modifications planned for the (immediate)
future.
Template
Templates define a collection of parameter values for a particular managed object
class. They are used for two purposes:
They define managed object parameters for new planned (CREATE) managed objects that
define how the object should behave. Parameter values in plans override the corresponding
value provided by the assigned template.
They identify the object’s type: for example, pico, micro, and macro for BTS. This can be
used as object classification or assigning templates for related managed objects. For this
purpose, the template can be assigned both for new planned (CREATE) and existing actual
managed objects.
OS90512EN15GLA0
65
NetAct Architecture
There are two types of templates:

System templates
There is a single system template supporting the latest network element version for
each managed object class. The system template values are defined according to the
latest release of the network element. Versioning of templates is not supported in
system templates. These templates are provided as part of NetAct Configurator and
they cannot be edited by users.
User templates
A managed object class can have multiple user templates or no user template. A
user template only contains values that differ from the system template, as the
system template is always automatically used under the user template to provide all
missing values.
3.4.6 CSV Interface for Configuration Management Data

This interface is used for exchanging network configuration data with other planning
systems. The format of the configuration data is CSV (comma-separated value). A
CSV file is an ASCII (that is, plain text) representation of spreadsheet data. In NetAct
Configurator, a CSV file contains data that represents the managed objects in the
network. Data in CSV format can be used in exporting actual configurations,
importing and exporting plans and site information.
The managed objects and parameters that need to be imported with the CSV file or
exported to a CSV file are pre-defined in an open, well-described fixed format.
There are four different types of configuration data files that can be transferred over
the interface: Actual Configuration, New Configuration, Reference Configuration and
Templates. Please refer to the section for XML Interface for Configuration
Management Data for details on these configurations.
OS90512EN15GLA0
66
NetAct Architecture
NetAct Interfaces
XML/CSV NB Interface for Planning Data
• Interface for transferring planning data in XML or File Based

CSV format via HTTP(S) or (S)FTP from NetAct
Configurator XML/CSV Format
• Upload of actual configuration data from NetAct
Configurator includes network configuration and CM Upload
topology
CM Download
• Download of planning data from an external system
to NetAct Configurator includes tuning of the current
network configuration and new object integration
• Download of default sets from the external system
includes managed object class-specific default
configuration
• Hardware Inventory data is supported
1 © Nokia 2014
Fig. 26
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.7 XML Based Inventory Data Export

The XML inventory data export interface is a proprietary open XML interface used for
integrating with a higher level inventory management system. Inventory data is
managed in NetAct 15 via the CM tools.
XML Based Inventory Data Export provides the following functions:
 Export the original inventory data from NetAct.
 Transform the original inventory data to XML format and name inventory data files
according to 3GPP defined file naming rules.
 Export delta inventory data once every day.
 Notify all subscribed NMS when new inventory files are ready.
 Provide listAvailableFiles operation to check the existing inventory files.
This object-oriented interface is compliant with 3GPP Technical Specifications (TS)
listed in Referenced 3GPP technical specifications, such as Information Service (IS) and CORBA
solution sets documents, which are relevant to a CORBA-based solution. The
framework of these specifications is the Integration Reference Point (IRP) concept,
which defines the following basic principles. For more information, see 3GPP TS
32.101 and TS 32.102.
Top-down, process-driven modeling approach
The purpose of each Integration Reference Point (IRP) is automation of one specific task
related to enhanced Telecommunication Operation Map (eTOM) proposed by
TeleManagement Forum (TMF).
Technology-independent modeling
Based on the requirements, an interface technology independent model is specified in the
“Information Service” and “Network Resource Model” documents.
Standards-based technology-dependent modeling
The purpose is to create one or more interface technology dependent models from the
technology-independent model. This is specified in IRP Solution Set(s), such as CORBA
solution sets.
The NetAct lower management interfaces towards Element Management
Systems/Network Elements (EMSs / NEs) might be manufacturer-dependent.
Provisioning of NBI makes possible an easy integration of multi-vendor equipment
and to offers unified management ability for the entire mobile network. To fulfill these
requirements, the NBI implements an “IRPAgent”, which can convert the
management information from the NetAct internal format to the information required
at NBI.
OS90512EN15GLA0
68
NetAct Architecture
3.4.8 OSS/J Trouble Ticket Interface

The Trouble Ticket Interface is based on J2EE/EJB technology. The Trouble Ticket
Client tool supports the trouble resolution process in NetAct. The main benefits of
using the J2EE/EJB-based interface are a manageable UI for the basic trouble
ticketing tasks, interworking with Monitoring Desktop tools, for example, Network
View or Alarm List, and a fast and easy way to access alarm-related or alarming
object-related information.
Data exchange with a trouble ticketing system is enabled using a standardized
OSS/J (OSS Through Java™ Initiative) compliant interface. The interface offers
services for transferring alarms and managed object information to a third-party
trouble ticket system as well as real-time functionality to show alarms and managed
objects attached to trouble tickets in certain monitoring tools.
The Trouble Ticket List and Trouble Ticket Details tools are the front-end clients to
the OSS/J Trouble Ticket Interface. User queries started in the UIs are exchanged
over the standard OSS/J interface to the Trouble Ticket server. However, the server
itself is not contained in the NetAct system.
As the interface is OSS/J compliant, each server implementing the standard OSS/J
interface can be used, after the necessary integration to the NetAct system.
OS90512EN15GLA0
69
NetAct Architecture
NetAct Interfaces
XML Based Inventory Data Export
• Interface for exporting inventory data in XML files. File Based
• Hardware Inventory data is supported in NetAct8.
File Transfer IRP
• Provides 3GPP File Transfer IRP.
OSS/J Trouble Ticket Client Interface

• NetAct™ provides the client side of the interface to Ticket Creation
integrate with external trouble ticket system
• Create, query, update, close, cancel and escalate
Attach/Detach Ticket
trouble tickets
• Interface and mechanism for trouble ticket notification
management Ticket Modification
• XVT profile over JMS supported
1 © Nokia 2014
Fig. 27
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
70 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
3.4.9 e-mail Alarm Forwarding

The E-mail Alarm Forwarding Interface is designed to send e-mails for multiple e-mail
recipients using external e-mail sender programs. This interface sends e-mails
directly using an external mail server configured via the preferences.
The alarm forwarding system in NetAct forwards alarms to e-mail accounts using a
specific e-mail format. The e-mail alarm format specified in this interface is the same
to all the recipients. NetAct sends each alarm notification in a separate mail.
This interface does not specify how NetAct fetches event information and does not
describe the format of e-mail rules.
3.4.10 TMF – 615 Unified User Management Interface

NetAct (User Manager System-Lower UMS-L) can be integrated into a remote User
Management system (UMC-C) through TMF 615 northbound interface. NetAct
provides TMF 615 northbound web service interface for a TMF 615 web service client
on the remote UMS-C. The UMS-C can use this interface, for example, to propagate
user data administered on the UMS-C to the NetAct user repository.
When integrating a remote UMS-C, a secure communication must be established
between the UMS-C and NetAct. This comprises of the following steps:
On NetAct
 Install license for TMF 615 northbound interface
 Enable HTTPS on the TMF615 northbound interface
 Create a user account for the remote UMS-C and grant proper access rights.
On the remote UMS-C
 Enable HTTPS communication to the TMF615 northbound interface
 Configure user ID and password for authentication.
 Update of the TMF615 client password.
OS90512EN15GLA0
71
NetAct Architecture
NetAct Interfaces
Email Alarm Forwarding NBI
• Interface for forwarding alarm event notifications to external Alarm
system via formatted Emails Notification
• Email forwarding rules are created to specify the alarms to be

Filtering
forwarded
• A separate mail is sent for each alarm notification
TMF615 Unified User Management Interface TMF615 Compliant

• Provides the means to integrate NetAct to external central
user management system Unified User
Management
• Facilitates management of users and their access rights
centrally for all OSS systems
• TMF615 interface is the standard interface for User
Management System – Central (UMS-C) and User
Management System – Local (UMS-L) communication
1 © Nokia 2014
Fig. 28
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
72 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
4 NetAct Security
OS90512EN15GLA0
73
NetAct Architecture
4.1 NetAct Security

Security helps keeping the data contained in NetAct confidential, ensures data
integrity as well as availability. Security features help keeping information safe: Data
is only available for authorized users/parties, and it is accurate and consistent.
NetAct security is guarded on different levels and consists of user, data, software,
and network security. The NetAct security solution is based on Nokia Solutions and
Networks’ security policy and guidelines consisting of customer requirements and
international security standards.
User security controls and logs access to the system. User authentication happens at
log in and authorization ensures that a certain user can only access applications and
perform tasks admitted to him through user account and role permissions. NetAct
Audit Trail and NetAct Monitor are used for monitoring user access and security
related actions in the system.
Permission management, that is allocation of user access rights to specific NetAct
applications, is handled with Group Explorer, Role Explorer, Scope Editor and
Network View Scope Editor. These tools provide functions such as creating and
deleting user groups, assigning roles to and removing them from a group, creating
new roles or configuring operation permissions for a selected role.
Data security in NetAct means protecting the data in the file system and databases. It
is guaranteed by access control, encryption, and different integrity protection
methods. Data encryption is used for ciphering the most sensitive information, such
as user account and permission data, certificates, and user event logs. Passwords,
for example, are encrypted with hash functions and the encryption keys are stored to
secure key storage. Integrity protection mechanisms, such as checksums, are in
place to ensure that data content and structure remain intact.
In software security NetAct verifies that operating system and third party software
updates and patches as well as the related processes do not impede system
operation. Virus protection, integrity checks and signing of Java files are software-
error preventive actions recommended for NetAct.
Network security includes traffic access control, encryption, integrity protection,
separation and filtering. In networks where NetAct is used the traffic is protected by
using different encryption protocols that can be enabled through security hardening.
The use of encryption protocols such as SSL/TLS, IPsec and SSHv2, traffic
separation, filtering and the use of firewalls is recommended to ensure network
security.
OS90512EN15GLA0
74
NetAct Architecture
Security in NetAct
Main functionality
• Secure management: user management, security information and event

management, security Administration, security hardening
• Secure control:
 User Security: User authentication and authorization, event logging /
alarming
 Network Security: traffic access control, encryption and integrity
 Data Security: data access control and encryption
 Software Security: signing, upgrade and patching, software vulnerability
monitoring
Benefits
• Avoid potential security threat and risk

• Protect NetAct system security against misuse or violations
Fig. 29
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
OS90512EN15GLA0 . . . . . . . . . . . . . . . . . . . . . . . . .
. . ©2015
Copyright . Nokia
. .Solutions
. . and.Networks.
. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
4.1.1 User security

User security controls and keeps logs of system access. Users are authenticated
upon logging into the system and authorization ensures that a certain user can only
access applications and perform tasks which he is authorized to according to his user
profile and user role permissions. NetAct Audit Trail and NetAct Monitor are used for
monitoring user access and actions performed by the users in the system.
Permission management, that is, the allocation of user access rights to specific
NetAct applications, is handled with Group Explorer, Role Explorer, Scope Editor and
Network View Scope Editor. These tools provide functions such as creating and
deleting user groups, assigning / removing roles to/from a group, creating new roles
or configuring permissions for a selected role.
4.1.2 Data security

NetAct data security refers to all actions taken to protect the data in the file system
and databases. Data security is protected by user access control, data encryption as
well as various data integrity protection methods.
Data encryption is used for ciphering the most sensitive information, for example,
user account and user permissions, certificates, and event logs. Passwords are
encrypted with hash functions and the encryption keys are stored to secure key
storage.
Integrity protection mechanisms, for example, checksums, are in place to ensure that
data content and structure remain intact.
4.1.3 Software security

NetAct software security verifies that the operating system and 3rd party software
updates as well as the related processes do not interfere with system functionality.
Recommended methods to prevent software errors in NetAct are, among others,
virus protection, integrity checks and signing of Java files.
4.1.4 Network security

Network security includes traffic access control, encryption, integrity protection,
separation and filtering.
Data traffic is protected by using different encryption protocols that can be enabled
through security hardening. The use of encryption protocols such as SSL/TLS, IPsec
and SSHv2, traffic separation, filtering and the use of firewalls is recommended
methods to ensure network security.
OS90512EN15GLA0
76
NetAct Architecture
NetAct Security
Solutions
Security management Fraud management

Operator
security Security policies Fraud policies
mgmt
PKI Unified User Mgmnt
User management
Security information Security Security hardening
Security and event administration
Account mgmnt TMF615
management
mgmt Security hardening
solution Permission mgmnt settings
DCN security
NetAct Audit Trail
mgmnt
NE access control
NetAct Monitor
PKI support
Centralized NE user mgmt
Security
control User security Network security Data security Software security
Fig. 30
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
4.1.5 Operator Security Management

The operator is responsible for the Management functionalities and capabilities for
security with regards to:
 Control: setup, configuration of security

 Security policies: e.g. user password policies, password expiration, etc
 PKI: pre-shared key infrastructure
 Unified user management: NSN unified user management solution to
customer, with industry standard user management interface,TMF615
 Fraud policies: failed password login avoid brute force password guessing
4.1.6 Security Management Solution and Controls

The Security Management Solution and its corresponding controls covers all
strategies implemented on OSS (NetAct 15) to guarantee the Security of the network
and NetAct itself. It consists of:
 User Security: user management applications, user authentication &

authorization, user logs etc
 Network security: secure file transfer, encrypted traffic, e.g. https, sftp
 Software security: security patches update; important file integrity test, e.g.
kernel checksum (tool: aide);
 Data security: e.g. file permission
OS90512EN15GLA0
78
NetAct Architecture
NetAct Security
Components
User management • User account management
• User permission management
• Network element access control
• Unified User Management – TMF615
• Centralized NE user management
Security information and • User event log storing and analysis with
event management Audit Trail
Security administration • DCN security management

• System security management
• Key management
Security hardening
Security hardening instructions
1 © Nokia 2014
Fig. 31
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
NetAct Security
Controls
• User authentication and authorization

User security • User event logging
• User event alarming
• Traffic access control, encryption and

Network security integrity protection
• File system and database access control,

Data security encryption and integrity protection
• Secure log permissions
• Software signing, upgrade and patching

processes
Software security
• Software vulnerability monitoring
1 © Nokia 2014
Fig. 32
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OS90512EN15GLA0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
80 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetAct Architecture
5 Exercises
OS90512EN15GLA0
81
NetAct Architecture
OS90512EN15GLA0
82
NetAct Architecture
Exercise 1
Title: NetAct Platform
Objectives: Describe the functionality of the Platform components in NetAct

15 Regional cluster.
Identify the benefits of the virtualization
Pre-requisite: none
Query
1. List the Components of the NetAct 15 Platform. Explain the main functionality of
each component.
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
2. Describe in general terms the virtualization environment for the NetAct 15

architecture.
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
3. What is the difference between a virtualized system and a traditional Platform?

What are the advantages that you can find in the virtualized environment?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
83
NetAct Architecture
4. List the Hardware Components of the NetAct 15. Explain the main functionality
of each component
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
5. List the three configuration types of NetAct 15. How the system is scaled taking
into account the virtualization?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
6. What is the DCN Open Solution?

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
84
NetAct Architecture
Exercise 2
Title: NetAct Reliability
Objectives: Describe the functionality of the high availability in the

virtualized platform.
Explain how the virtualized infrastructure responds to different
the different failure scenarios.
Describe the purpose of the backup solutions implemented in
NetAct.
Describe the information obtained by the Self Monitoring
Functionality.
Explain the purpose of the Stretched Cluster
Pre-requisite: None
Query
1. Explain how high availability is implemented in the virtualized environment?
Which components of the virtualized environment provide the high availability
functions?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
2. In the virtual environment, what happens when a server is broken? How the
NetAct system will react to this kind of failure with regards to the availability of the
applications and functions?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
85
NetAct Architecture
3. Describe the backup implementations and solutions available in NetAct.

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
4. What types of information is possible to obtain with the Self Monitorig

functionality? Where can you see in NetAct this information?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
5. What is the purpose of Disaster Recovery?

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
86
NetAct Architecture
Exercise 3
Title: NetAct Interfaces
Objectives: Explain the concepts of Northbound and Southbound

Interfaces
Describe the functionality of the available interfaces in NetAct
15
Pre-requisite: None
Query
1. What is the purpose of an interface in NetAct?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
2. What is the difference between a Southbound Interface and a Northbound

Interface?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
3. List the southbound interfaces and the network domains that are connected
through them.
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
87
NetAct Architecture
4. List three Northbound interfaces that provide: FM support and PM support.

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
OS90512EN15GLA0
88

02 OS90512EN15GLA0 Architecture

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

02 OS90512EN15GLA0 Architecture

Caricato da

Copyright:

Formati disponibili

NetAct Architecture

3.4 Northbound interfaces 54

1.1 NetAct Platform Components

1 © Nokia Solutions and Networks 2014

1 © Nokia Solutions and Networks 2014

1.2.1 Benefits of virtualization in NetAct

NetAct services and applications Virtual machines (VMs) running NetAct

Bare-metal ESXi hypervisor enabling full

HP x86 G8 blade servers with 10G

Cisco, Juniper or HP - DCN

Fiber channel SAN connecting the

EMC/HP physical storages containing

1.2.2 Scalability in virtualized infrastructure

1.3 Standard Deployments

1.3.1 Small Configuration

1.3.2 Mainstream Configuration

1.3.3 Large Configuration

1 © Nokia Solutions and Networks 2014

1 © Nokia Solutions and Networks 2014

1 © Nokia Solutions and Networks 2014

1.4 NetAct 15 Hardware

1.4.1 Cabinet and Console Solution

Router (2-3 EIA)

1.4.2 Servers and Storage

Other supported hardware: Servers

NetAct Server Model No. of Storage System

HP C7000 blade chassis with blade servers

SAN blade switch

DCN external switches

• Switches (min two for redundancy)

1.5 Software Environment

Function Software Used

Database Oracle Enterprise Edition Version 11R2

Application Server WebSphere Application Server (WAS) version 8.0

Load Balancer LINUX Virtual Server (LVS) provided by RHEL

Business Logic J2EE Version 1.4

JBI Server Apache ServiceMix 3.4

Perl Version 5.8

Authentication/ LDAP Version 3 / RedHat Directory Server provided by RHEL 6.4

File System NFS Version 3 provided by RHEL 6.4

OSI Stack Marben

Business Logic: JBI Server: Perl:

Java: JRE 6 for applications & JRE 1.5 for WebSphere

Database: Oracle Enterprise Edition 11G R 11.2.0.3.0

Operating System: RHEL 6.5

Directory Server: RHDS 9.0

vCenter: VMware vCenter Server Standard for vSphere Plus 5.5

Hypervisor: ESXi Linux: SuSe

1.6 Components Overview

Common OSS components

System Management: System monitoring, On-line documentation GUI, Time

Common OSS Components

OSS Application Platform

1 © Nokia Solutions and Networks 2014

2.1 System Reliability

4 Server and network

5 DCN availability via

2.2 High availability in the virtual infrastructure

2.2.1 High Availability: Failure in ESXi host case

• VMware HA monitors VMs to

2.2.2 Service Monitoring

• Each VM has a Service Monitor that manages service(s) inside the VM

1. Services are started/stopped/monitored by services’ own /etc/init.d/<service> -

restart VM status restart status