Here are my answers to the questions David posed:
On Thu, 2013-12-05 at 20:27 -0600, David Farmer wrote:
> 1. Should the list archive be public?
Yes.
> 3. What graphs and statistics should be collected?
The traffic graphs, plus I think error graphs should be added.
> 4. Who should have access to what graphs and statistics?
Whoever is delegated by the Board to administer Cacti has full access to
Cacti. Whoever is delegated by the Board to administer the switches has
read access to all graphs.
Graphs are public, unless that network has asked to opt-out. If a
network has opted-out, the graph is hidden from the public ("guest")
user account.
The aggregate graph (the one from the home page) is public, but should
not separate traffic by colors or otherwise. That graph shall not show a
"Current" or "Last" value. No other aggregates shall be public without
further discussion. (A graph of a port facing a remote switch is not an
"aggregate" graph for this purpose; it's a "network" graph.)
> 5. What is the proper security for the graphs and statistics?
Reasonable passwords for the non-public Cacti accounts.
A randomly-generated password for SNMP between Cacti and the
switches, ideally changed whenever someone is removed from the switch or
Cacti delegations.
--
Richard
########################################################################
To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
