TNMS-V15 Installation Manual Windows

TNMS NCT
15.11
Coriant TNMS NCT

Installation Manual (IMN, Windows)
Issue: 1 Issue date: November 2015
A50023-K4045-X040-01-76D1
Coriant is continually striving to reduce the adverse environmental

effects of its products and services. We would like to encourage you as
our customers and users to join us in working towards a cleaner, safer
environment. Please recycle product packaging and follow the recom-
mendations for power use and proper disposal of our products and their
components.
The information in this document is subject to change without notice and describes only the
product defined in the introduction of this documentation. This documentation is intended for the
use of Coriant customers only for the purposes of the agreement under which the document is
submitted, and no part of it may be used, reproduced, modified or transmitted in any form or
means without the prior written permission of Coriant. The documentation has been prepared to
be used by professional and properly trained personnel, and the customer assumes full respon-
sibility when using it. Coriant welcomes customer comments as part of the process of contin-
uous development and improvement of the documentation.
The information or statements given in this documentation concerning the suitability, capacity,
or performance of the mentioned hardware or software products are given "as is" and all liability
arising in connection with such hardware or software products shall be defined conclusively and
finally in a separate agreement between Coriant and the customer. However, Coriant has made
all reasonable efforts to ensure that the instructions contained in the document are adequate
and free of material errors and omissions. Coriant will, if deemed necessary by Coriant, explain
issues which may not be covered by the document. Coriant will correct errors in this documen-
tation as soon as possible.
IN NO EVENT WILL CORIANT BE LIABLE FOR ERRORS IN THIS DOCUMENTATION OR
FOR ANY DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, DIRECT, INDIRECT,
INCIDENTAL OR CONSEQUENTIAL OR ANY LOSSES, SUCH AS BUT NOT LIMITED TO
LOSS OF PROFIT, REVENUE, BUSINESS INTERRUPTION, BUSINESS OPPORTUNITY OR
DATA,THAT MAY ARISE FROM THE USE OF THIS DOCUMENT OR THE INFORMATION IN
IT.
This documentation and the product it describes are considered protected by copyrights and
other intellectual property rights according to the applicable laws.
Other product names mentioned in this document may be trademarks of their respective
owners, and they are mentioned for identification purposes only.
Copyright © Coriant 2015. All rights reserved.
f Important Notice on Product Safety

This product may present safety risks due to laser, electricity, heat, and other sources
of danger.
Only trained and qualified personnel may install, operate, maintain or otherwise handle
this product and only after having carefully read the safety information applicable to this
product.
The safety information is provided in the Safety Information section in the "Legal, Safety
and Environmental Information" part of this document or documentation set.
The same text in German:
f Wichtiger Hinweis zur Produktsicherheit

Von diesem Produkt können Gefahren durch Laser, Elektrizität, Hitzeentwicklung oder
andere Gefahrenquellen ausgehen.
Installation, Betrieb, Wartung und sonstige Handhabung des Produktes darf nur durch
geschultes und qualifiziertes Personal unter Beachtung der anwendbaren Sicherheit-
sanforderungen erfolgen.
Die Sicherheitsanforderungen finden Sie unter „Sicherheitshinweise“ im Teil „Legal,
Safety and Environmental Information“ dieses Dokuments oder dieses Dokumentations-
satzes.
2 A50023-K4045-X040-01-76D1
Table of Contents
Table of Contents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1 Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.1 Intended audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.2 Structure of this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 Symbols and conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.4 TNMS NCT documentation set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
1.5 Other documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
1.6 History of changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.1 Checking the delivered components . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.2 Hardware requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Supported Operating Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.4 Prerequisites by component . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.5 Configuring the BIOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3 Initial system configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3.1 Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2 Audit policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.3 FTP configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.3.1 Installing the FTP Server in Windows Server 2008 . . . . . . . . . . . . . . . . 19
3.3.2 Configuring the FTP Service in Windows Server 2008 . . . . . . . . . . . . . 19
3.3.2.1 Additional configurations required by NEs connecting through FTP . . . 20
3.3.3 Installing the FTP Server in Windows Server 2012 . . . . . . . . . . . . . . . . 20
3.3.4 Configuring the FTP Service in Windows Server 2012 . . . . . . . . . . . . . 21
3.3.5 Installing the FTP Server in Windows 7 . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.3.6 Configuring the FTP Service in Windows 7 . . . . . . . . . . . . . . . . . . . . . . 22
3.4 Domain Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.5 System Hosts configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6 Dynamic Port range configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.7 Power management options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4 Software prerequisites installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

4.1 User Account Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.2 Oracle Express . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.2.1 Hardware prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.2.2 Installation and configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.2.3 Uninstalling Oracle Express. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.3 OSI Stack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.3.1 Installing OSI Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
A50023-K4045-X040-01-76D1 3
4.3.2 Configuring OSI stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

4.3.3 Uninstalling OSI stack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.4 CopSSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
4.4.1 Installing CopSSH. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
4.4.2 Configuring CopSSH. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4.4.3 CopSSH Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.5 Antivirus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
5 TNMS NCT installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

5.1 TNMS NCT Full installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.2 TNMS NCT Client installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
6 Final configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
6.1 Handling logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
7 TNMS NCT uninstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
4 A50023-K4045-X040-01-76D1
List of Figures
Figure 1 Local Security Settings - Audit Policy window . . . . . . . . . . . . . . . . . . . . 18
Figure 2 ASCII characters.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
A50023-K4045-X040-01-76D1 5
6 A50023-K4045-X040-01-76D1
List of Tables
Table 1 Structure of the manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Table 2 List of symbols and conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Table 3 History of changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Table 4 Minimum hardware requirements for new installations of TNMS NCT . 13
Table 5 Operating System recommendations for Full and Client installation . . 14
Table 6 TNMS NCT software prerequisites and their installation sequence . . . 14
Table 7 User Account Control Policy Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 25
A50023-K4045-X040-01-76D1 7
8 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Preface
1 Preface
This Installation and Upgrade Manual contains a complete description of the installation,
upgrade and initial configuration of TNMS NCT.
1.1 Intended audience

This document is intended for commissioners of TNMS NCT.
1.2 Structure of this document

This document is structured as follows:
Chapter Title Subject

Chapter 1 Preface Provides an introduction for this document.
Chapter 2 Preparation Provides a guide of the hardware and software required for the instal-
lation.
Chapter 3 Initial system configuration Describes the configurations of the operating system required for
TNMS NCT correct functioning.
Chapter 4 Software prerequisites Describes how to install and configure all software prerequisites of
installation TNMS NCT.
Chapter 5 TNMS NCT installation Describes how to install TNMS NCT in your operating system.
Chapter 6 Final configuration Describes all post-installation configurations and actions.
Chapter 7 TNMS NCT uninstallation Describes how to uninstall the current TNMS NCT release.
Abbreviations Contains a list of all acronyms and their long form used in TNMS
NCT.
Glossary Contains a definition of the most important technologies referred in
the TNMS NCT documentation.
Index Contains the index entries for this document.
Table 1 Structure of the manual
g Some features described in this documentation may not be available. To identify the
features released for the product, see the Customer Release Notes delivered together
with the product.
A50023-K4045-X040-01-76D1 9
Preface Installation Manual (IMN, Windows)
1.3 Symbols and conventions

The following symbols and mark-up conventions are used in this document:
Representation Meaning
f DANGER! A safety message indicates a dangerous situation where

personal injury is possible.
f WARNING! The keywords denote hazard levels with the following meaning:
f CAUTION! DANGER! - Indicates a hazardous situation which, if not
avoided, will result in death or serious (irreversible) personal
injury.
WARNING! - Indicates a hazardous situation which, if not
avoided, could result in death or serious (irreversible) personal
injury.
CAUTION! - Indicates a hazardous situation which, if not
avoided, may result in minor or moderate (reversible) personal
injury.
w NOTICE: A property damage message indicates a hazard that may result

in equipment damage, data loss, traffic interruption, and so on.
g A note provides important information related to the topic, for

example, not obvious exceptions to a rule or side effects.
t A tip provides additional information related to the topic which is

not essential in the context, but given for convenience.
Bold ವ All names of graphical user interface (GUI) objects, such as
windows, field names, buttons, and so on.
Example: Select the Full Screen check box and press OK.
ವ Terms and abbreviations which are linked to an entry in the
glossary and list of abbreviations respectively.
ವ Important key words.
Italic ವ Files, folders, and file system paths.
Example: /usr/etc/sbin/ftpd.exe
ವ Emphasized words.
typewriter ವ Input to be typed in a command line or a GUI field.
Examples:
ping -t 192.168.0.1
Enter World in the Domain field.
ವ Output from a command, error messages, content of a status
line, and so on.
ವ File content, such as program sources, scripts, logs, and set-
tings.
<angle brackets> Placeholders, for example as part of a file name or field value.
Examples:
<picture name>.png or <ip address>:<port number>
Table 2 List of symbols and conventions
10 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Preface
Representation Meaning
[square brackets] A key to be pressed on a PC keyboard, for example [F11].
Keys to be pressed simultaneously are concatenated with a “+”
sign, for example [CTRL]+[ALT]+[DEL].
Keys to be pressed one after another are concatenated with
spaces, for example [ESC] [SPACE] [M].
> The greater than symbol “>” is used to concatenate a series of
GUI items in order to depict a GUI path. This is an abridged pre-
sentation of a procedure to be carried out in order to perform an
action or display a window or dialog box.
Examples:
A simple menu path: File > Save as
A more complex GUI path:
> Main window > File menu > Change Password command >
Change Password dialog box
x For convenience, card names are sometimes listed with a lower
(in card names) case x variable, in order to concisely represent multiple cards.
Example:
I01T40G-x (is to be interpreted as I01T40G-1 and I01T40G-2)
(parentheses) For convenience, card variants are sometimes listed with a
section of their name between parentheses, in order to concisely
represent both card variants.
Example:
CCEP-3(/S) (is to be interpreted as CCEP-3 and CCEP-3/S)
Table 2 List of symbols and conventions (Cont.)
Screenshots of the graphical user interface are examples only to illustrate principles.
This especially applies to a software version number visible in a screenshot.
A50023-K4045-X040-01-76D1 11
Preface Installation Manual (IMN, Windows)
1.4 TNMS NCT documentation set

See the Documentation Guide for a complete and updated list of all TNMS NCT related
documents and their descriptions.
For your convenience, the operational documents are available via the TNMS NCT help
menu, while all others are stored in the help folder of your TNMS NCT Client installation.
1.5 Other documents

Legacy products and Network Elements
This manual concerns TNMS NCT only. For more detailed information on other legacy
products or the managed network elements (NEs), see the corresponding documenta-
tion.
Release notes
Where applicable, contains installation hints, patch descriptions, list of supported NEs,
list of supported cards and any relevant last-minute information.
1.6 History of changes

This chapter describes the main changes for the current document and since the last
version.
Issue Issue date Remarks

A50023-K4045-X040-01-76D1 November 2015
Chapter 3.7 Power management options was
added.
Chapter 4.3.2 Configuring OSI stack was updated.
Table 3 History of changes
12 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Preparation
2 Preparation
2.1 Checking the delivered components

Before installation, make sure that:
ವ The delivery is complete and in accordance with the delivery units specified in the
delivery note (hardware, software, licenses and documentation).
ವ The components are not damaged in any way.
2.2 Hardware requirements

The table below provides an overview of the hardware recommendations for installing
TNMS NCT; running TNMS NCT may require different specifications depending on
parameters such as network architecture (number of TNMS Clients) or operation poli-
cies. The final hardware specifications and configuration must be planned specifically
for each customer. Ask Coriant Technical Sales for more information.
Table 4 provides an overview of the hardware recommendations for TNMS NCT.
Components Hardware configurations

Software Hardware
TNMS NCT Server CPU Intel® Xeon® E5-2420 (6C/12T, 1.90 GHz)
(optional TNMS RAM 12 GB
NCT Client)
HDD 500 GB SATA, 6 GB/s,
TNMS NCT Client CPU Intel® i5-3470
or
Intel® Xeon® E3-1220v2 4C/4T 3.10 GHz 8 MB
RAM 8 GB DDR3 1600 GHz
HDD HD SATA 3G 500GB 7.2K
or
HD SATA 6G 500GB 7.2K HOT PL 3.5" BC
Table 4 Minimum hardware requirements for new installations of TNMS NCT
A50023-K4045-X040-01-76D1 13
Preparation Installation Manual (IMN, Windows)
2.3 Supported Operating Systems

The following table provides the supported operating systems.
Full / Server Installation Client

Microsoft Windows Server 2008 R2 SP1 Microsoft Windows Server 2008 R2 SP1
(x64)1) (x64)1)
Microsoft Windows Server 2012 R2 Microsoft Windows 7 Professional SP1
Standard Edition (x32/x64)
Microsoft Windows 7 Professional SP1
(x32/x64)
NTFS mandatory
Table 5 Operating System recommendations for Full and Client installation

1) Both the Microsoft Windows Server 2008 R2 SP1 (x64) Enterprise Edition and the
Standard Edition are supported. However If the machine has more than 32 GB of
RAM you must install the Microsoft Windows Server 2008 R2 SP1 (x64) Enterprise
Edition, as the Standard Edition cannot allocate more than 32 GB of RAM.
Throughout this and the following chapters the designation of the several operating
systems is often abbreviated to allow for better readability. Always refer to the table
above for the exact versions supported for TNMS.
2.4 Prerequisites by component

The following table describes which software is required for each component. Attend to
the fact that the table also shows the order in which the components should be installed.
After installing the operating system, the system should be commissioned as follows:
Software Full / Server Client

Installation
Oracle Express Mandatory -
OSI Stack 2.1.2.9 Mandatory for hiT 7500 / -
hiT 7070 NEs
CopSSH 4.9.4 Mandatory -
Table 6 TNMS NCT software prerequisites and their installation sequence
g A dedicated Java JRE installation is not mandatory given that the TNMS Software
already includes its own JRE versions. However you can manually install another Java
JRE if required by other software. For your convenience Coriant distributes a Java JRE
package in the prerequisites folder of the TNMS installation media. However Coriant
does not guarantee that this is the latest update of Java JRE available at the time you
are performing the installation. So, if the update included is not the latest, use the latest
update instead.
For additional information refer to the Oracle Java documentation.
14 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Preparation
2.5 Configuring the BIOS

This chapter describes the recommended configurations for the system’s BIOS.
w The instructions in this chapter refer to HP machines and may differ depending on
hardware configurations.
To access the BIOS, boot the machine and press F9 at the startup screen.
ವ Disable the network:
Go to System Options > Embedded NICs > NIC # Boot Options and set to Dis-
abled. Where # represents the network interface card number.
ವ Processor options:
ವ Go to
System Options > Processor Options > Intel Virtualization Technology
and set to Disabled.
ವ System Options > Processor Options > Intel VT-d, and set to Disabled.
ವ Power management options:
ವ Go to
System Options >Power management options > HP Power Profile
and set to Maximum performance.
ವ Go to
System Options > Power management options > HP Power Regulator
and set to HP Static High Performance Mode
A50023-K4045-X040-01-76D1 15
Preparation Installation Manual (IMN, Windows)
16 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Initial system configuration
3 Initial system configuration
3.1 Before you begin

Complete the following steps before installing:
ವ Check the system requirements.
ವ Determine the components to install.
ವ The machine where the TNMS NCT Server is installed should use NTFS, as it
provides extra security for the Oracle database files.
ವ Know how the network, IP addresses and TCP/IP name management will be
handled.
ವ Ensure that the host IP addresses are static, that is, do not use DHCP dynamic
addresses.
ವ Disable “Hibernate” in the machines where the TNMS NCT Server is installed, by
running the following command as administrator:
powercfg.exe /hibernate off
3.2 Audit policy
g Proceed to configure the Audit policy only if your network has legacy, NEC-interfaced
NEs, that is, other than hiT 7300 or hiT 7100.
To enable auditing locally in the installed OS:

Open the Local Security Policy settings via Start > Control Panel > Administrative
tools > Local Security Policy icon.
In the tree pane, expand the Local Policies and click Audit Policy.
A50023-K4045-X040-01-76D1 17
Initial system configuration Installation Manual (IMN, Windows)
Figure 1 Local Security Settings - Audit Policy window
In the details pane double-click the following policy settings to open the properties
window:
ವ Audit Account Logon Events, to track user’s logon and logoff - select the
check boxes ‘Success’ and ‘Failure’.
ವ Audit Account Management, to report changes to user account - select the
check boxes ‘Success’ and ‘Failure’.
ವ Audit Directory Service Access, to report access and changes to the directory
service - No auditing (no check box selected).
ವ Audit Logon Events, to report success/failure of any local or remote access-
based logon - select the check boxes ‘Success’ and ‘Failure’.
ವ Audit Object Access, to report file and folder access - select the check boxes
‘Success’ and ‘Failure’.
g The auditing configuration for the individual object (file or folder) must be set
within its properties.
ವ Audit Policy Change, to report group policies changes - select the check boxes
‘Success’ and ‘Failure’.
ವ Audit Privilege Use, to report when permissions (read, write...) are used -
select only the check box ‘Failure’.
ವ Audit Process Tracking, to report when process and programs fail (not security
related) - No auditing (no check box selected).
ವ Audit System Events, to report standard system events (not security related) -
select the check boxes ‘Success’ and ‘Failure’.
18 A50023-K4045-X040-01-76D1
3.3 FTP configuration

The following chapter provides you guidance through the needed component services
configuration.
w Only perform this configuration if legacy or Embargo NE versions, which only support
FTP, are to be managed by TNMS NCT.
3.3.1 Installing the FTP Server in Windows Server 2008

To install the FTP server proceed as follows:
Open Start > Administrative tools > Server Manager > Roles.
Click Add Roles to open the Add Roles Wizard and click Next.
In Server Roles, select Web Server (IIS) and click Next.
In Web Server (IIS) click Next.
In Role Services, select the top end following services from the tree:
ವ Management Tools
ವ IIS Management Console
ವ FTP Server (optional - only if legacy NEs, which only support FTP, are to be
managed by TNMS)
ವ FTP Service
ವ FTP Extensibility
Click Next.
In the Confirmation step, click Install.
In the Results step, select Close.
Reboot your computer.
3.3.2 Configuring the FTP Service in Windows Server 2008

To configure the FTP Service/Server, follow these steps:
Start > Administrative Tools > Internet Information Services (IIS) Manager.
In the left pane tree, expand the Default Computer > Sites.
Right click the Default Web Site and select Remove.
g This default site does not have the correct settings and there might be configuration
conflicts if you add new FTP sites without removing this one.
In the right pane tree, select Add FTP Site. This opens the Add FTP Site window.
Enter the FTP site name.
In Physical Path, change the folder to “C:\inetpub\ftproot”, click OK and
Next.
In the Binding and SSL Settings step, configure the IP Address or leave as default.
In SSL, select Allow SSL. Click Next.
A50023-K4045-X040-01-76D1 19
In the Authentication and Authorization Information step, select Authentication

as Basic.
In Authorization allow access to “All users”, permissions “Read” and “Write”.
Click Finish.
3.3.2.1 Additional configurations required by NEs connecting through FTP

Configure the FTP connection time-out (local or Domain Controller FTP user)
Go to Start > Control Panel > Administrative Tools > Internet Information
Services (IIS) Manager.
In the Connections pane, expand the tree: Default Computer > Sites.
Click the <FTP site name> node to select it.
In the Actions pane click Advanced Settings.
In the Advanced Settings dialog box, expand Connections and specify Control
Channel Timeout: 400 seconds or higher and Data Channel Timeout: 400
seconds or higher.
click OK.
3.3.3 Installing the FTP Server in Windows Server 2012

Open Control Panel > Administrative tools > Server Manager.
In the Server Manager window, open Manage > Add Roles and Features.
In the Before you begin window, click Next.
In the Installation Type leave the default option (Role-based or feature-based
installation) and click Next.
In the Server Selection leave the default option (Select a server from the server
pool) and click Next.
In Server Roles, select Web Server (IIS).
Click Add Features.
Click Next.
In Features select .NET Framework 3.5 (includes .NET 2.0 and 3.0). Click Next.
In the Web Server Roles (IIS) click Next.
In Role Services, select the following services from the tree:
ವ Management Service
ವ FTP Server (optional - only if legacy NEs, which only support FTP, are to be
managed by TNMS)
ವ FTP Service
Click Next.
20 A50023-K4045-X040-01-76D1
In the Confirmation step, click Install.

In the Results step, select Close.
Close all windows and reboot your computer.
w For security reasons unselect File and Storage Services (selected by default) if you are
not planning to use these roles.
3.3.4 Configuring the FTP Service in Windows Server 2012

To configure the FTP Service/Server, follow these steps:
Control Panel > Administrative Tools > Internet Information Services (IIS)
Manager.
Next.
In SSL, select Allow SSL and select the certificate WMSVC. Click Next.
as Basic.
In Authorization allow access to “All users”, permissions “Read” and “Write”.
Click Finish.

Configure the FTP connection timeout (local or Domain Controller FTP user)
Click the Server Manager button on the taskbar to open it.
On the Server Manager window, from the top right corner, click Tools and then click
Internet Information Services (IIS) Management.
In the Internet Information Services (IIS) Management window, in the Connec-
tions pane, expand the tree: Default Computer > Sites.
In the Advanced Settings dialog box, expand Connection Limits, and specify
Control Channel Timeout: 400 seconds or higher and Data Channel Timeout:
400 seconds or higher.
click OK.
A50023-K4045-X040-01-76D1 21
3.3.5 Installing the FTP Server in Windows 7

Open Start > Control Panel and click Turn Windows features on or off.
Click Add Roles to open the Add Roles Wizard and click Next.
In the Windows Features window, expand Internet Information Services and
select the following services from the tree:
ವ FTP Server (optional - only if NEs, which connect by FTP, are to be managed
by TNMS NCT)
ವ FTP Service
Click OK.
Reboot your computer.
3.3.6 Configuring the FTP Service in Windows 7

Create a Windows user for the FTP service to use:
Go to Start > Control Panel > Computer Management > Internet Information
In the tree on the left pane go to Server Manager > Configuration > Local Users
and Groups > Users.
Create a new Windows user account that you will use for the FTP service.
Configure the FTP Service/Server:

Start > Administrative Tools > Internet Information Services (IIS) Manager.
Next.
In SSL, select Allow SSL. Click Next.
as Basic.
In Authorization allow access to “Specified users” and enter the name of the
Windows user you created above.
22 A50023-K4045-X040-01-76D1
Select permissions “Read” and “Write”.

Click Finish.

Configure the FTP connection time-out (local or Domain Controller FTP user) -
Windows 7
Go to Start > Control Panel > Administrative Tools > Internet Information
In the Connections pane, expand the tree: Default Computer > Sites.
In the Advanced Settings dialog box, expand Connections and specify Control
Channel Timeout: 400 seconds or higher and Data Channel Timeout: 400
seconds or higher.
click OK.
3.4 Domain Verification

Check if a network domain exists. Use the following windows steps:
Go to Control Panel > System.
In Computer name, domain, and workgroup settings, check the Domain infor-
mation.
ವ If a network domain does not exist, then:
ವ You may skip this configuration, but then you will not have Single Sign On
capabilities in TNMS NCT.
ವ Contact your network administrator to provide you information details on
how to configure the domain since domain details are specific for your
network.
3.5 System Hosts configuration

Since TNMS NCT uses a static IP address configuration, it is mandatory that the
system's "hosts" file is properly configured with at least "<Server IP> <FQDN>" and
"127.0.0.1 localhost".
ದ Edit Windows’ hosts file (typically, C:\Windows\System32\drivers\etc\hosts) and for
each server insert a line like
xx.xx.xx.xx <full computer name>
where xx.xx.xx.xx is the static IP of the server in question, and full computer name
follows name.domain.com as found in Control Panel > System Properties >
Computer Name > Full computer name of the server in question.
w The TNMS NCT installer will check if the hosts file is correctly configured. In case the
server belongs to a domain, make sure FQDN matches the domain.
If no domain exists and the hosts file is not configured, the installation will not proceed.
A50023-K4045-X040-01-76D1 23
3.6 Dynamic Port range configuration

The default dynamic port range configuration for Windows Server 2008, Windows
Server 2012 and Windows 7 starts at port 49152 and ends at port 65535. This complies
with the Internet Assigned Numbers Authority (IANA) recommendation. Proper installa-
tion of TNMS NCT requires the default port range to be used.
g TNMS NCT enforces this setting during its installation. However, to avoid warnings while
installing TNMS NCT, configure the dynamic port range before the installation (required
for Server and Netserver machines), as described below.
Execute the following procedure to ensure the correct configuration of the Server and
Netserver machines:
Open the command line (cmd) as Administrator.
Execute the command:
netsh int ipv4 show dynamicport tcp
If the reported start port is not 49152, then execute the command:
netsh int ipv4 set dynamicport tcp start=49152 num=16384
persistent
Windows is now prepared concerning dynamic port range configuration.
3.7 Power management options

Disable all power management options for network adapters in machines running TNMS
Server and/or TNMS Netserver.
24 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Software prerequisites installation
4 Software prerequisites installation

This chapter describes the installation and configuration of all prerequisites in the
recommended installation sequence.
Refer to Table 6 TNMS NCT software prerequisites and their installation sequence to
know which prerequisites are required for each TNMS NCT component.
4.1 User Account Control

When applicable, Windows User Account Control must be disabled in order to continue
with the installation. According to your windows version, the procedure may vary. Typi-
cally, it can be disabled under Control Panel > User Accounts > Change User
Account Control Settings > Never Notify.
For Windows Server 2012, perform the following actions:
Go to Control Panel > Administrative Tools > Local Security Policy.
In the Local Security Policy window, expand Local Policies and click Security
Options.
Scroll down to find the items labeled as “User Account Control” and set them as
follows:
Policy Security Setting

Admin Approval Mode for the Built-in Administrator account Disabled
Allow UIAccess applications to prompt for elevation without Disabled
using the secure desktop
Behavior of the elevation prompt for administrator in Admin Elevate without
Approval Mode prompting
Behavior of the elevation prompt for standard users Prompt for cre-
dentials
Detect application installations and prompt for elevation Enabled
Only elevate executables that are signed and validated Disabled
Only elevate UIAccess applications that are installed in Enabled
secure locations
Run all administrators in Admin Approval Mode Disabled
Switch to secure desktop when prompting for elevation Disabled
Virtualize file and registry write failures to per-user locations Enabled
Table 7 User Account Control Policy Settings
Restart the machine after performing this change.
A50023-K4045-X040-01-76D1 25
Software prerequisites installation Installation Manual (IMN, Windows)
4.2 Oracle Express

This section describes the installation of Oracle Database Express Edition 11g
Release 2 (64-bit) for Microsoft Windows x64.
4.2.1 Hardware prerequisites

To successfully install and run TNMS NCT the following hardware requirements must
be met:
ವ At least 7GB of free disk space must be available in the destination machine
before installing the Oracle database.
ವ At least 1GB of RAM:
ವ For the remaining hardware, follow the recommendations described in
2.2 Hardware requirements. Note that the values in this table are recommended and
may vary according to the network dimension and the used hardware.
4.2.2 Installation and configuration

Uncompress the TNMS NCT software to your machine.
From the uncompressed TNMS NCT software folder, go to
<TNMS NCT software>\TNMS_Prerequisites\Oracle\installation.
Right-click Exec_TNMS_oracle_install.bat and select Run as administrator.
A new terminal window opens.
Enter the Oracle installation directory or accept the default by pressing [ENTER].
The requirements check is executed, verifying the available disk space and free
memory.
If the requirements are not met, a warning is displayed such as, for example:
Free Memory: Required: [1 GB]. Available: [0,9 GB]. Failed.
g Make sure you have enough disk space and memory before continuing.
Enter TNS Port number or accept the default by pressing [ENTER].

Enter MTS Port number or accept the default by pressing [ENTER].
Enter HTTP Port number or accept the default by pressing [ENTER].
Enter the password for the default database administrator users SYS and SYSTEM.
Both passwords must have between a minimum of 5 and a maximum of 30 charac-
ters. Also, refer to Figure 2 for the valid characters.
If the Oracle software is not located in default location (<TNMS NCT software>\
TNMS_Prerequisites\Oracle\software), enter the Oracle installer's setup.exe path.
Oracle software installation and configuration starts. At the end of a successful execu-
tion the following message is displayed:
Oracle Installation finished with success.
Log of this session is available at
c:\temp\TNMSOracleInstall_<timestamp>\installation.log
Press any key to exit.
26 A50023-K4045-X040-01-76D1
4.2.3 Uninstalling Oracle Express

To uninstall the TNMS NCT database and the Oracle software:
Execute the Oracle installer from <TNMS NCT software>\TNMS_Prerequisites\
Oracle\software\OracleXE112_Win64\DISK1\setup.exe.
The install wizard begins.
On the Select Maintenance Option step select Remove and click Next.
The Oracle software and the TNMS NCT database will be removed.
4.3 OSI Stack

If your network contains hiT 7500 or hiT 7070 NEs you must install an OSI stack on the
NetServer PCs before installing the NetServer software.
g If you have the version 2.1.2.7 installed, you must first uninstall it, reboot your system
and then install version 2.1.2.9.
After the new version is installed a new reboot is required.
4.3.1 Installing OSI Stack

To install an OSI stack, proceed as follows:
In the software DVD, go to the OSI_Stack directory, right-click setup.exe and select
Run as administrator.
A welcome window is now displayed. Click Next to continue.
In the Choose Destination Location window which is now displayed, a default
installation directory is offered for the OSI stack. Click Next to continue.
In the Please select: window, select the NSAP address option best suited to your
company’s network and click Next.
In the Getting NSAP window, enter the NSAP address. For example, if you selected
the option NSAP should be derived from MAC address of my ethernet card on
step 4, enter the MAC address of the network card and click Next.
In the Start Copying Files ensure that the settings displayed are correct, and if so,
click Next to continue.
A setup status window is now displayed, showing the progress of the OSI stack
installation.
In the InstallShield Wizard Complete window select the option for restarting the
computer and press Finish to complete the OSI stack installation.
4.3.2 Configuring OSI stack

Once the OSI stack installation finishes and the computer is rebooted, you need to
proceed with the following set of configurations:
Go to the Start menu and run cmd.exe.
In the console window run the following command:
ipconfig /all
A50023-K4045-X040-01-76D1 27
In the output of this command identify the MAC address of the network interface card
you will configure OSI Stack to bind.
Open OSI stack as administrator via Start > Control Panel > OSI Stack, right-click
OSI Stack and select Run as administrator.
You may need to switch to the classic view or click “View as small icons” or use the
search field for OSI Stack.
In Bind to Network Interface Card select the network interface card identified with
the correct MAC address (step 2).
By default the OSI Stack is configured as end system (ES) and, due to this configu-
ration, is only allowed to bind to one Network Interface Card. If run as intermediate
system (IS) the OSI stack can bind to more than one network interface card. If, for
this reason you need to set the OSI Stack to IS, do as follows:
D In the OSI Stack Configuration window, press [CTRL]+[i] to open the IS-IS con-
figuration window.
Select Enable IS-IS.
Click OK.
E (Optional) In the OSI Stack Configuration window, click ES-IS.
Disable Enable emission of ES hello.
Click OK.
If you require the OSI stack to run as IS press [CTRL]+[i] to open the IS-IS configu-
ration window and select Enable IS-IS. In this case you can, in the OSI Stack Con-
figuration window, click ES-IS and disable Enable emission of ES hello.
Exit the OSI Stack Configuration window and either restart the OSI Stack service
or reboot the machine in order to reset the variables.
If you need to check the environment variable OSIPIPE:

Go to Start > Control panel > System and Security > System.
Open the Advanced system settings > Advanced tab.
Click Environment variables.
In the lower list (user variables), search for the OSIPIPE variable.
The OSI stack configuration is finished.
g If you want to connect hiT 7500 3.60 and 3.70 NEs with secure connection, you must
download and install the “SecPack_Strong.zip” secure package after you install and
configure the OSI Stack.
You can obtain the secure package in the Coriant Customer Portal:
https://coriant.force.com/customer.
After you install the package, reboot the system.
4.3.3 Uninstalling OSI stack

To uninstall the OSI stack, follow the next steps:
28 A50023-K4045-X040-01-76D1
Open Start > Control Panel > Administrative Tools > Services.
Select the OSI stack service and click Stop.
Open Start > Control Panel > Add/Remove Programs.
Select the OSI stack from the software list.
Click Uninstall.
Click Finish and restart your computer.
4.4 CopSSH
CopSSH is a Secure Shell (SSH) File Transfer Protocol (SFTP) and Secure Copy (SCP)
server used for transferring data to and from some types of NEs.
Using SFTP / SCP is recommended since these protocols are more secure than FTP.
In order to support SFTP or SCP transactions via the LCT, you must install and config-
ure CopSSH in TNMS.
w Some Embargo NE versions only support FTP. These NEs require an FTP server.
CopSSH installation is required for netservers if there are hiT 7100, hiT 7300 or ADVA
NEs in your network.
4.4.1 Installing CopSSH

To install CopSSH 4.9.4 proceed as follows (same procedure for all supported operating
systems):
In the software DVD, go to the CopSSH directory, right-click the Copssh_4.9.4_x-
86_Installer.exe file and run it as administrator.
The setup wizard’s Welcome window is shown. Click Next.
In the License Agreement window click I Agree.
Enter an Installation folder or accept the default by clicking Next.
Enter the service account credentials.
You must select the user that will be used for the CopSSH account service manage-
ment, by choosing one of the following options:
ವ Keep the default CopSSH user: SvcCOPSSH (the installer generates a random
password). If you choose this option, keep that password for the future (recom-
mended).
Or
ವ Select a new user (must be different from existing local machine users). In this
case you must provide a username and a password that matches the following
requirements:
- The username must be at least four characters in length.
- Passwords cannot contain the user’s account name or parts of the user’s
complete name exceeding two consecutive characters.
- Passwords must be at least six characters in length.
- Passwords must contain characters from three of the following four categories:
ವ English uppercase characters (A through Z).
A50023-K4045-X040-01-76D1 29
ವ English lowercase characters (a through z).

ವ Base 10 digits (0 through 9).
ವ Non-alphabetical characters (for example: !, $, #, %).
Click Install.
Click Close to finish the installation.
Proceed to Update bash against Shellshock vulnerability.
Update bash against Shellshock vulnerability

Go to Start > Programs > CopSSH, opposite-click on CopSSH Control Panel and
click Run as administrator.
In the Status tab, click the green button to stop the CopSSH service.
In the software DVD, go to the CopSSH directory and open bash-4.1.13.zip.
Copy the files contained in the x86 folder inside bash-4.1.13.zip to <CopSSH instal-
lation folder>/bin/ (default is C:\Program Files (x86)\ICW\bin) and accept to replace
the original files in the folder.
Go to CopSSH Control Panel, Status tab and click the red button to start the
CopSSH service.
CopSSH is registered as a service in Windows registry as an unquoted path. To avoid
malware to be executed by a privileged program, resulting in privileged escalation, the
file path in Windows registry should be enclosed in quotes.
Click Start, type regedit in the search box and press Enter.
The Registry Editor opens.
Locate:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\OpenSSHServer
Edit the field ImagePath.
The value data should be quoted:
“C:\Program Files (x86)\ICW\bin\cygrunsrv.exe”
“C:\Program Files (x86)\ICW” represents the CopSSH default install directory.
4.4.2 Configuring CopSSH

Configuring users in CopSSH:
As a security measure, CopSSH’s default user cannot be used to access the machine.
Therefore, new users must be created.
Create a user with limited privileges in the operating system. This user will be used
to perform the SFTP / SCP.
Grant the user write privileges on the C:\Program Files (X86)\ICW folder. Go to
Properties, add the user created and give the user modify permissions.
In the Status tab, check if the service is running (green button). If not, click on the
red button to start it.
Go to Users tab and click Add.
30 A50023-K4045-X040-01-76D1
Click Forward to begin the CopSSH User Activation wizard.

Choose the current machine for domain and the user you created earlier. Click
Forward.
Select Shell access type “Linux shell and Sftp”.
In the Home Directory make sure that the path is C:\Program Files (X86)\ICW\home\
<user>, where <user> is the user selected in step 7.
In the three options available, only “Allow password authentication” must remain
checked. Uncheck the other two options “Public key authentication” and “Allow
TCP forwarding”.
Click Forward.
Click Apply to activate the user.
Changing the default number of simultaneous sessions

The following mandatory procedure is required in order to support multiple NE requests:
In the Status tab, click the green button to stop the CopSSH service.
Edit the file C:\Program Files (x86)\ICW\etc\sshd_config
Below is a sample sshd_config file (after the CopSSH Control Panel has been run
for the first time):
Port 22
Compression delayed
LogLevel INFO
TCPKeepAlive yes
LoginGraceTime 120
Protocol 2
MaxAuthTries 6
MaxSessions 10
Subsystem sftp internal-sftp -l ERROR
Match User copuser
PasswordAuthentication yes
PubkeyAuthentication no
AllowTcpForwarding no
MaxSessions 10
# Catch All
Match User *
MaxSessions 0
PasswordAuthentication no
Change both MaxSessions values (lines 8 and 13) to 100.

Add the line MaxStartups 150 after line 8 to control the number of open unau-
thenticated sessions. This avoids an overload of the SSH daemon.
A50023-K4045-X040-01-76D1 31
Below is the sample above after the changes:
Port 22
Compression delayed
LogLevel INFO
TCPKeepAlive yes
LoginGraceTime 120
Protocol 2
MaxAuthTries 6
MaxSessions 100
MaxStartups 150
Subsystem sftp internal-sftp -l ERROR
Match User copuser
PasswordAuthentication yes
MaxSessions 100
# Catch All
Match User *
MaxSessions 0
PasswordAuthentication no
Save the sshd_config file.

Go to CopSSH Control Panel, Status tab and click the red button to start the
CopSSH service.
g Note that, if you run the CopSSH's Control Panel after the procedure above, all the
changes to the sshd_config file will be reset. In order to keep your changes, for further
CopSSH restarts use the “Openssh” service through the Windows services.
4.4.3 CopSSH Troubleshooting

Go to Start > Programs > CopSSH > CopSSH Control Panel and in the Status tab,
check that the CopSSH service is running (green color). If not:
Go to (Windows) Control panel > Administrative tools > Services.
Opposite-click the service "Openssh SSHD" and select Properties.
In the Log On tab, select Local System account.
Click OK.
Start the Openssh service.
Check if the SFTP user is added to the password file:

Edit the file C:\Program Files (x86)\ICW\etc\passwd.
It must contain the details of the SFTP user that was created and activated. For
example, if the user name is “FTPUser”, the file will include the following line:
32 A50023-K4045-X040-01-76D1
FTPUser:unused:10001:545:U-VMTNMSIV120\FTPUSER,S-1-5-21-1360065861-1024548484-
1154038739-1012:/cygdrive/c/program files (x86)/icw/home/FTPUser:/bin/bash
If the password file does not contain the details of the SFTP user, grant write access
to the ICW folder to the Windows user that is used to install COPSSH.
4.5 Antivirus
To protect TNMS NCT against viruses, refer to the software release notes to see the cer-
tified antivirus.
A50023-K4045-X040-01-76D1 33
34 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) TNMS NCT installation
5 TNMS NCT installation

This chapter describes the TNMS NCT installation.
Before you install TNMS NCT be sure to read and follow the directions below. Failing
to comply will result in a failed installation.
w You must run the TNMS NCT installation packages from the target machine since TNMS
NCT installation from a network drive is not supported.
5.1 TNMS NCT Full installation

To install TNMS NCT Server and Client in the same machine (full installation):
Login on the operating system with a user that has administrative rights.
Extract the TNMS NCT software to a directory in your machine.
Go to the TNMS_Installer folder, within the directory where the TNMS NCT software
files were extracted to, right-click TNMS.exe and run it as administrator.
Click Next on the Introduction step.
On the License Agreement step, select
I accept the terms of the License Agreement and click Next.
On the Choose Install Set step, select Full to install all components in the machine.
Click Next.
On the Choose Components step select the LCTs to be installed.
Click Next.
Select the Network Elements to be installed.
Click Next.
In the Oracle database connection enter a set of database connection parame-
ters:
ವ Database IP Address: the Oracle host IP address, that is empty by default.
ವ Database port: the Oracle server port number. The default value is 1521.
ವ Database username: the user scheme of the database to be created.
g Using the same user / password in all installations is recommended since it

ensures that the database is restorable in any machine. However another user
/ password can be used for security reasons, as long as you keep these data for
future reference and you use the same user / password in the system where you
perform the backup and the system where you restore it.
ವ User password. Enter a password for the DB user that complies with the
Password complexity rules.
ವ Re-enter user password.
ವ Database name (SID): the name of the Oracle database you created earlier (DB
instance), which, by default, is xe (see 4.2 Oracle Express).
ವ User ‘sys’ password: fill in with the password defined in 4.2 Oracle Express for
the Oracle default database administrator user SYS.
Click Next to continue
A50023-K4045-X040-01-76D1 35
TNMS NCT installation Installation Manual (IMN, Windows)
On the Installation Folder step enter the path for the TNMS NCT installation folder,
the TNMS NCT Data folder (see note below) and the LCT installation folder. Default
paths are provided.
Click Next to continue.
g Make sure that the TNMS NCT Data folder is empty. If not, backup and remove the
data or select a different folder.
In the Choose Shortcut Folder step configure the options of the icons and short-
cuts to be created during installation.
Decide whether to have Coriant’s as your default desktop wallpaper.
A summary of the installation settings is given in the Pre-Installation Summary
step. If the settings are correct, click Install to start the installation.
The results of the installation are presented in the Installation Results step.
Click Done to finish the installation.
g A warning message may be displayed stating that the firewall is enabled. However,
if you use the Windows Firewall, in some cases, the firewall window displays the
disabled status. Such contradiction arises due to the TNMS NCT Installer use of the
netsh adv commands to check the firewall status which can return a different
status from that presented in the GUI.
To configure the firewall refer to the Administration Manual, Security Hardening
chapter.
Reboot the machine to complete the installation.

After the TNMS NCT Server has been installed and started, the system can be immedi-
ately operated by selecting the server name and using the default user name and
password (refer to the Administration Manual for more information about logging in).
g It is recommended that you store all logins and passwords of the database, CopSSH
and TNMS NCT for any future re-installation or upgrade/updates.
Password complexity rules

The passwords are validated by the system according to the rules below:
ವ The password must have between 8 - 32 valid characters.
ವ The password must not contain the username, the reversed username nor a circular
shifted version of the username.
ವ The password must not contain sequences of three or more characters of the user
name.
ವ The password must not contain more than three repeated characters of the same
type, either lower or upper-case, for example aAaA.
ವ The password must not contain more than three consecutive characters in ascend-
ing or descending order, either lower or upper-case, for example aBcD.
ವ The password must not contain a sequence of two or more repeated characters, for
example a12b12.
36 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) TNMS NCT installation
ವ The password must not begin nor end with a space.

ವ The password must include at least three of the following four specifications: one
lower case alpha character, one upper case alpha character, one numeric character
and one special character.
Figure 2 ASCII characters.
Figure 2 displays the valid characters for the password (white background):
- the first two rows display ASCII control characters (not valid);
- the remaining characters are ASCII printable characters;
- additional characters not displayed in this table are not valid.
5.2 TNMS NCT Client installation

To install TNMS NCT Client only you must follow the steps below:
Login on the operating system with a user that has administrative rights.
Extract the TNMS NCT software to a directory in your machine.
Go to the TNMS_Installer folder, within the directory where the TNMS NCT software
files were extracted to, right click TNMS.exe and run it as administrator.
Click Next on the Introduction step.
On the License Agreement step, select
I accept the terms of the License Agreement and click Next.
On the Choose Install Set step, select Client.
Click Next.
On the Choose Components step select the LCTs to be installed.
Click Next.
On the Installation Folder step enter the path for the TNMS NCT installation folder,
the TNMS NCT Data folder (see note below) and the LCT installation folder. Default
paths are provided.
g Make sure that the TNMS NCT Data folder is empty. If not, backup and remove the
data or select a different folder.
In the Choose Shortcut Folder step configure the options of the icons and short-
cuts to be created during installation.
A50023-K4045-X040-01-76D1 37
TNMS NCT installation Installation Manual (IMN, Windows)
Decide whether to have Coriant’s as your default desktop wallpaper.

A summary of the installation settings is given in the Pre-Installation Summary
step. If the settings are correct, click Install to start the installation.
The results of the installation are presented in the Installation Results step.
Click Done to finish the installation.
g A warning message may be displayed stating that the firewall is enabled. However,
if you use the Windows Firewall, in some cases, the firewall window displays the
disabled status. Such contradiction arises due to the TNMS NCT Installer use of the
netsh adv commands to check the firewall status which can return a different
status from that presented in the GUI.
To configure the firewall refer to the Administration Manual, Security Hardening
chapter.
Reboot the machine to complete the installation.

After the TNMS NCT Server has been installed and started, the system can be immedi-
ately operated.
38 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Final configuration
6 Final configuration
w If you decide to harden the system’s security, you must do it before starting TNMS NCT
in a production environment. See TNMS NCT Administration Manual for instructions.
Information about the login is also described in the Administration Manual.
After installing TNMS NCT, there is a set of configurations which you can perform at any
point and are therefore described in the Administration Manual.
After the first installation TNMS NCT has a trial license of 30 days. During this period
you have permissions to access all TNMS NCT features.
After the 30 days expire you need to acquire and install license keys.
Refer to the Administration Manual for more information on how to manage licenses.
6.1 Handling logs

TNMS NCT keeps GM NE logs at C:\Coriant\TNMS\nelogs.
Three instances of JBoss run simultaneously: one for TNMS NCT’ common functions,
another for GM and MVM. They keep their logs too:
ವ C:\Coriant\TNMS\logs\bicnet
ವ C:\Coriant\TNMS\logs\gm
ವ C:\Coriant\TNMS\logs\mvm
g The C:\Coriant\TNMS is the default directory. Make sure you use actual path names.
A50023-K4045-X040-01-76D1 39
Final configuration Installation Manual (IMN, Windows)
40 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) TNMS NCT uninstallation
7 TNMS NCT uninstallation

To uninstall TNMS NCT, do as follows:
Go to Start > Control Panel > Programs and Features.
In the list, right-click TNMS NCT and select Uninstall.
Restart the machine once the uninstallation finishes.
g When the application is uninstalled the TNMS NCT data folder is kept on the system.
A50023-K4045-X040-01-76D1 41
TNMS NCT uninstallation Installation Manual (IMN, Windows)
42 A50023-K4045-X040-01-76D1
Installation Manual (IMN, Windows) Abbreviations
Abbreviations
These abbreviations are intended for the entire TNMS product range and may not apply
to this document in particular.
ACS Actual Creation State
ALS Automatic Laser Shutdown
ASON Automatic Switched Optical Network
ASAP Alarm Severity Assignment Profile
BFD Bidirectional Forward Direction
BSHR Bidirectional Self Healing Ring
CAM Common Array Manager
CBS Committed Burst Size
CC Cross Connection
CDM Cross-domain Manager
CIR Committed Information Rate
CFM Connectivity Fault Management
CLI Console Interactive
CLFI Common Language Facility Identification
CORBA Common Object Request Broker Architecture
CPU Central Processing Unit
CSPF Constrained Shortest Path First
CST Central Standard Time
CSV Comma-Separated Values
DA (Oracle’s Sun Storage) Disk Array
DB Database
DCN Data Communications Network
DHCP Dynamic Host Configuration Protocol
DNS Domain Naming Service
DSR Dynamic Source Routing
DWDM Dense Wavelength Division Multiplexing
ELP Ethernet Linear Protection
EM Element Manager
EML Element Manager Layer
A50023-K4045-X040-01-76D1 43
Abbreviations Installation Manual (IMN, Windows)
EM/NE Element Manager/Network Element object management
EON Embedded Optical Network
FA-LSP Forwarding Adjacency LSP
FEC Forward Error Correction
FTP File Transfer Protocol
GBE Gigabit Ethernet
GCT GUI Cut-Through
GFPG Generic Framing Procedure Group
GM Generic Mediator
GmbH Gesellschaft mit beschränkter Haftung (Company with limited liability)
GMPLS Generalized Multi-Protocol Label Switching
GMT Greenwich Mean Time
GNE Gateway Network Element
GPS Global Positioning System
GUI Graphical User Interface
HW Hardware
IMA Independent Management Architecture
IMN Installation Manual
IP Internet Protocol
JRE Java Runtime Environment
LACP Link Aggregation Control Protocol
LAG Link Aggregation
LAN Local Area Network
LAPS Linear Automatic Protection Switching
LE Load Equivalent
LCT Local Craft Terminal
LDAP Lightweight Directory Access Protocol
LO Low Order
LoQ List of Quantities
LoM List of Materials
LSP Label Switched Path
LSR Label Switch Router
44 A50023-K4045-X040-01-76D1
MDI Multiple Document Interface
MIB Management Information Base
MLO Multi-Layer Optimization
MPLS-TP Multiprotocol Label Switching Transport Profile
MSDE Microsoft SQL Server Desktop Engine
MSP Multiplex Section Protection
MTOSI Multi Technology Operations System Interface
MVM Multi-Vendor Mediator
NBI Northbound Interface
NE Network Element
NEC NE Controller
NG Next Generation
NIC Network Interface Card
NMS Network Management System
NNI Network to Network Interface
NTFS (Microsoft’s) New Technology File System
NTI Northbound TMF Interface
NTP Network Time Protocol
NW Network
OAM Operation, Administration and Maintenance
OCH Optical Channel
ODU Optical Data Unit - transport technology
OM Optical Manager or Optical Management
OMS Optical Multiplex Section
OMT Object Model Template
OS Operating System
OPU Optical Payload Unit - transport technology
OTN Optical Transport Network
OTS Optical Transport Section - transport technology
OTU Optical Transport Unit - transport technology
PBS Peak Burst Size
A50023-K4045-X040-01-76D1 45
PC Personal Computer
PCEP Path Computation Engine Protocol
PDF Portable Document Format
PIR Peak Information Rate
PMP Performance Measurement Point
PT Physical Trail
PTC Planning Tool Connector
PTP Physical Termination Point
RAID Redundant Array of Independent Disks
RE Route Element
RNE Remote Network Element
SBI Southbound interface
SCP Secure Copy
SCSI Small Computer System Interface
SDH Synchronous Digital Hierarchy
SEL System Event Log
SFTP Secure File Transfer Protocol, or Secure Shell File Transfer Protocol
SLA Service-Level Agreement
SNC SubNetwork Connection
SNCP SubNetwork Connection Protection
SNMP Simple Network Management Protocol
SONET Synchronous Optical Networking
SPC Soft Permanent Connection
SQL Structured Query Language
SRLG Shared Risk Link Group
SSH Secure Shell
STP Spanning Tree Protocol
SVID Service Virtual Local Area Network Identifier
SW Software
TC Topological Container or TransConnect
TCP/IP Transport Control Protocol/Internet Protocol
TL1 Transaction Language 1
46 A50023-K4045-X040-01-76D1
TE-Link Traffic Engineering-Link
TMN Telecommunications Management Network
TN TransNet
TNMS Telecommunications Network Management System
TNMS NCT Telecommunications Network Management System Network Craft Terminal
TP Terminal Point
USB Universal Serial Bus
UMN User Manual
UNI User-to-Network Interface
UNI-S User-to-Network Interface-Service
UNO Universal Network Object
UPS Uninterruptible Power Supply
UPSR Unidirectional path-switched ring
VC Virtual Container
VLAN Virtual LAN
WAN Wide Area Network
WLAN Wireless LAN
XC Cross Connection
X-NE Cross-NE
XML eXtended Markup Language
A50023-K4045-X040-01-76D1 47
48 A50023-K4045-X040-01-76D1
Glossary
Glossary
These glossary entries are intended for the entire TNMS product range and may not
apply to this document in particular.
@CT @CT is a web-based craft terminal (that is, element manager) software which provides
web access to hiT 7300 network elements (NEs) in the customer network without the
use of a management system. It communicates via SNMP with the NEs and uses the
FTPS for upload/download of software or other data configuration (for example, log
files).
3DES Triple DES is the common name for the Triple Data Encryption Algorithm (TDEA or
Triple DEA) symmetric-key block cipher, which applies the Data Encryption Standard
(DES) cipher algorithm three times to each data block.
Actual Creation Is the current state of the path which results from the accumulation of the actual creation
State (ACS) states of the path’s route elements.
Advanced Encryp- Is a specification for the encryption of electronic data. AES is based on a design principle
tion Standard (AES) known as a substitution-permutation network, and is fast in both software and hardware.
Alarm An alarm is a management mechanism intended to inform the user that there is a
standing fault condition in the system.
Alarm log An alarm log provides a list of the alarms associated with a managed object, and
provides the following information about each of the alarms:
ವ the identification of the affected object
ವ the identification of the failed NE or the NE in which the failed unit resides
ವ the alarm severity
ವ the time the event occurred
ವ the indication whether the alarmed event is service affecting or not
ವ the location and the affected traffic
Alarm severity Each failure is assigned a severity. The following values are used:
ವ indeterminate
ವ critical
ವ major
ವ minor
ವ warning
ವ cleared alarms
ವ not Existent
ವ not Alarmed
Element Manager (EM) can configure the severity which is assigned to each fault cause
by an alarm severity assignment profile. In addition, EM can specify that a fault cause
shall not be alarmed. These fault causes will be blocked, hence do not lead to any LED
alarm indications, log entries or alarm reporting.
Alien wavelength A wavelength that does not originate from a transponder or muxponder card, but is still
allowed to be multiplexed into the aggregate line signal for transport as an optical
channel by the system.
Issue date: November 2015 49

Glossary
Automatic Laser Is a technique used to automatically shut down the output power of the transmitter in
Shutdown (ALS) case of fiber break. This is a safety feature that prevents dangerous levers of laser light
from leaking out of a broken fiber, provided ALS is provisioned on both ends of the fiber
pair.
Alarm Severity The Alarm Severity Assignment Profile is a feature that allows the management of Alarm
Assignment Profile Severity profiles in TNMS and also at the NE side. .
(ASAP)
Automatically- ASON domains are built on the VC4 layer of hiT 7065, 7070 or 7080, and on OCh layer
Switched Optical of hiT 7300 and on ODU2 layer of hiT 7100, which have a Control Plane. The Control
Networks (ASON) Plane uses network-generated signaling and routing protocols to set up or release a
connection, and can restore one when it fails. ASON domains can be built up as part of
the transport network. They provide the benefit of easy end-to-end provisioning, and
fault and protection management. Soft permanent connections (SPCs) connect both
endpoints (NE1 and NE2) within an ASON domain. If a path fails, an alternative path is
automatically used.
ASON Call A Call is a Soft Permanent Connection between two end-points (inside the same domain
or between different domains) and defines the type and attributes of the connection. The
establishment of a Call leads to having a path (and/or multiple alternative paths) con-
necting the end-points that respect the constraints and attributes defined in the Call.
Bidirectional Self- Is a telecommunications term for loop network topology, a common configuration in tele-
healing Ring (BSHR) communications transmission systems, this loop or ring is used to provide redundancy.
The system consists of a ring of bidirectional links between a set of stations. In normal
use, traffic is dispatched in the direction of the shortest path towards its destination. In
the event of the loss of a link, or of an entire station, the two nearest surviving stations
"loop back" their ends of the ring. In this way, traffic can still travel to all surviving parts
of the ring, even if it has to travel "the long way round".
Capacity Planning Capacity planning is the process of determining the capacity needed by a system to
meet future needs.
Card A card is a plug-in unit that occupies one (or multiple) shelf slots. Cards perform specific
electrical and/or optical functions within an NE.
Each card has a faceplate with information LEDs and, in most cases, several ports for
interconnection of optical fibers and/or optical interfaces.
Card slot A card slot is the insertion facility for a card in a shelf. Each card slot is designed for one
or several particular card types.
Mechanical coding elements make sure that each card can be fully inserted only into a
card slot that is suitable for the given card type. Therefore, fundamental shelf equipping
errors (which might cause hardware damage or fatal malfunctions) are impossible.
Ethernet Connectiv- Is an end-to-end perservice Ethernet layer OA&M protocol. IEEE 802.1ag CFM is a
ity Fault Manage- service level OA&M protocol that provides tools for detecting and isolating connectivity
ment (CFM) failures in the network. This includes proactive connectivity monitoring, fault verification
and fault isolation for large Ethernet Metropolitan Area Networks (MANs) and WANs.
Committed Informa- Is the guaranteed average rate (in Mbit/s) at which the information units are transferred
tion Rate (CIR) through the port over a measurement interval.
CLFI CLFI Codes provide a standard, mnemonic naming scheme to uniquely identify cable
50 Issue date: November 2015

Glossary
and transmission facilities between two standardized locations within a network. It

comprises facility designation, facility type, channel/pair/time slot, location of facility
terminal A and location of facility terminal Z.
Commissioning Commissioning an network element (NE) is the process of taking an installed NE and
bringing it in to an operational state. The NE commissioning phase is performed after
the NE is installed and powered-up.
Controller card NE controller cards provide the central monitoring and controlling functions of the
system, as well as the MCF to operate the Q and QF Ethernet interfaces.
The controller card performs the following main functions: Fault Management, Perfor-
mance Management, Configuration Management, Security Management, Equipment
Management, Communication Management, Software Management (performing all
software downloads, uploads, and software integrity functions) and controlling the NE
alarm LEDs.
Data Communica- Data Communications Network is a management network for telecommunication trans-
tion Network (DCN) port systems.
A DCN domain interconnects several NEs for the purpose of network management. The
communication is established via the Optical Supervisory Channel (OSC) of the optical
links and an Ethernet/L2 switching network implemented by the NEs.
Dense Wavelength In fiber-optic communications, wavelength-division multiplexing (WDM) is a technology

Division Multiplex- which multiplexes a number of optical carrier signals onto a single optical fiber by using
ing (DWDM) different wavelengths (colors) of laser light, that is, simultaneously places a large
number of optical signals (in the 1550 nm band) on a single optical fiber. This technique
enables bidirectional communications over one strand of fiber, as well as multiplication
of capacity.
Data Encryption Is a widely-used method of data encryption using a private key. DES applies a 56-bit key
Standard (DES) to each 64-bit block of data. The process can run in several modes and involves 16
rounds or operations.
Dynamic Host Con- Is a standardized networking protocol used on IP networks that dynamically configures
figuration Protocol IP addresses and other information that is needed for Internet communication. DHCP
(DHCP) allows computers and other devices to receive an IP address automatically from a
central DHCP server, reducing the need for a network administrator or a user from
having to configure these settings manually.
Domain TNMS allows you to restrict user groups to operate only a set of NEs or DCN subnets
instead of the entire network. This partitioning is called a “Domain” and limits the oper-
ation on nodes outside of their partitions by assigning user groups to domains. Further,
you can also assign policies to domains for further control and security, limiting the user
groups to specific menu entries and actions.This arrangement is required, for example,
in network centers that are responsible for maintaining only a subset of the nodes. The
main purpose is security: it avoids that a login to the system grants access to the entire
network.TNMS now supports the creation, modification or deletion of multiple domains,
granting or restricting their accesses. By default, all NEs belong to the GLOBAL domain
which cannot be modified or deleted.
Ethernet Linear Pro- Is a protection scheme defined in the ITU-T G.8031 standard designed to protect point-
tection (ELP) to-point Ethernet paths such as VLAN based Ethernet networks. To achieve protection
ELP uses two disjointed paths, a working path and a protection path, traffic is carried

Glossary
firstly on the active path (working path) andin case of failure, traffic is switched to the
protection path. Both paths can be monitored using OAM protocols like CFM.ELP
provides 1:1 bi-directional protection switching with revertive mode capabilities.ELP
must first be configured at the NE side via the LCT, only then they are visible in TNMS
so that you can use it in the E-LAN and E-Line service creation via the New Ethernet
Service wizard.ELP is supported in specific network elements and cards only. Refer to
the NE dedicated documentation fore more information.
Element Manager Network elements enable the user to perform operation, administration and mainte-
(EM) nance tasks with the NE system in a GUI environment.
Ethernet Ethernet is a family of frame-based computer networking technologies for LANs. It

defines a number of wiring and signaling standards for the physical layer, through
means of network access at the MAC/Data Link Layer, and a common addressing
format.
Fault management Fault management reports all hardware and software malfunctions within an NE, and
monitors the integrity of all incoming and outgoing digital signals.
Forward Error Cor- Forward Error Correction (FEC) or channel coding is a technique used for controlling
rection errors in data transmission over unreliable or noisy communication channels.
File Transfer FTP is a network protocol used to transfer files from one computer to an NEand vice-
Protocol (FTP) versa through the network.
Frequency Frequency is a physical attribute of a wave (for example, an optical wave), defined as
the number of wave cycles per time unit. The frequency is directly related to the wave-
length.
Generalized Multi- Is a protocol suite extending MPLS to manage further classes of interfaces and switch-
Protocol Label ing technologies other than packet interfaces and switching, such as time division mul-
Switching (GMPLS) tiplex, layer-2 switch, wavelength switch and fiber-switch.
Internet Protocol (IP) Is the principal communications protocol in the Internet protocol suite for relaying data-
grams across network boundaries. Its routing function enables internetworking, and
essentially establishes the Internet.
Internet Protocol Is a connectionless protocol for use on packet-switched networks. It operates on a best
version 4 (IPV4) effort delivery model, in that it does not guarantee delivery, nor does it assure proper
sequencing or avoidance of duplicate delivery. These aspects, including data integrity,
are addressed by an upper layer transport protocol, such as the Transmission Control
Protocol (TCP).
Job A schedule load that must be processed by the system.
Link Aggregation Within the IEEE specification the Link Aggregation Control Protocol (LACP) provides a
Control Protocol method to control the bundling of several physical ports together to form a single logical
(LACP) channel. LACP allows a network device to negotiate an automatic bundling of links by
sending LACP packets to the peer (directly connected device that also implements
LACP).
Link Aggregation Allows a bridge to treat multiple physical links between two end-points as a single logical
(LAG) link, referred to also as a port-channel. The feature can be used to directly connect two
switches when the traffic between them requires high bandwidth and/or reliability, or to
provide a higher bandwidth connection to a public network. For this purpose, all the

Glossary
physical links in a given port-channel must operate in full-duplex mode and at the same
speed.If a physical port or the related link of a LAG fails, the traffic previously carried
over the failed link automatically is switched to the remaining link(s) of the LAG (rapid
reconfiguration). Bandwidth degradation is an obvious impact if the sum of throughput
of the two/multiple aggregated links are higher than the throughput of the remaining
link(s). Be aware that certain link failures are not always visible to both ends of a link.
Link Aggregation Control Protocol (LACP) and Automatic Laser Shutdown (ALS)
enabled, guarantees that both ends of a link properly detect all failures and perform the
correct response.LAG groups must first be created at the NE side via the LCT, only then,
they are visible in TNMS so that you can use it in the E-LAN and E-Line service creation
via the New Ethernet Service wizard. LAG is supported in specific network elements and
cards only. Refer to the NE dedicated documentation fore more information.
Laser A laser is a device that generates an intense narrow beam of light by stimulating the
emission of photons from excited atoms or molecules.
Laser safety Laser safety rules are a group of mechanisms and actions necessary to protect all users
from harmful laser light emissions.
Local Craft network LCT is a client-based craft terminal (that is, element manager) software which provides
(LCT) access to network elements (NEs) in the customer network without the use of a man-
agement system.
Lightweight Direc- Is an application protocol for accessing and maintaining distributed directory information
tory Access Protocol services over an Internet Protocol network.
(LDAP)
Line interface A line interface is a transponder interface that faces the line side of the link. Contrast
with “client interface” which faces the client equipment side of the link.
Long Haul (LH) hiT 7300 LH segment is a DWDM application characterized by a reach of more than 500
km and up to 1200 km.
Label Switched Path Is a path through an MPLS network, set up by a signaling protocol such as LDP, RSVP-
(LSP) TE, BGP or CR-LDP. The path is set up based on criteria in the forwarding equivalence
class (FEC).
Label switch router Sometimes called transit router, is a type of a router located in the middle of a Multipro-
(LSR) tocol Label Switching (MPLS) network. It is responsible for switching the labels used to
route packets. When an LSR receives a packet, it uses the label included in the packet
header as an index to determine the next hop on the Label Switched Path (LSP) and a
corresponding label for the packet from a look-up table. The old label is then removed
from the header and replaced with the new label before the packet is routed forward.
MD5 Message-digest algorithm is a widely used cryptographic hash function producing a

128-bit (16-byte) hash value, typically expressed as a 32 digit hexadecimal number
Maintenance Associ- Are points at the edge of the domain that define the boundaries and sends and receives
ation End Points CFM frames through the wire side (physical port) or relay function side.
(MEP)
Management Infor- Is used for backup purposes where you can plan automatic upload jobs.
mation Base (MIB)

Glossary
Multiprotocol Label Multiprotocol Label Switching (MPLS) is a mechanism in high-performance telecommu-

Switching nications networks that directs data from one network node to the next based on short
path labels rather than long network addresses, avoiding complex lookups in a routing
table. The labels identify virtual links (paths) between distant nodes rather than end-
points.
MX Juniper MX Series Universal Edge Routers are Ethernet-centric services routers that
are purpose-built for demanding carrier and enterprise applications (font: Juniper web-
site).
NetConf Network Configuration Protocol (NETCONF), is an IETF network management protocol.

NETCONF provides mechanisms to install, manipulate, and delete the configuration of
network devices. Its operations are realized on top of a simple Remote Procedure Call
(RPC) layer. The NETCONF protocol uses an Extensible Markup Language (XML)
based data encoding for the configuration data as well as the protocol messages. This
in turn is realized on top of the transport protocol.
NetServer A set of TNMS Mediation sub-systems that runs in a machine.
Network Craft NCT is a network management craft terminal (that is, element manager) software which
Terminal (NCT) is used for either local or remote network management.
Network Element A network element (NE) is a self-contained logical unit within the network. The NE can
(NE) be uniquely addressed and individually managed via software.
Each NE consists of hardware and software components to perform given electrical and
optical functions within the network.
Network Manage- The network management layer includes all the required functions to manage the optical
ment network in an effective and user-friendly way, such as the visualization of the network
topology, creation of services, and correlation of alarms to network resources.
Network topologies A topology of a network is defined by the list of NEs included in the network and the list
of links that connect those NEs (for example, point-to-point, chain, ring, and so on).
Network to Network Is an interface which specifies signaling and management functions between two net-
Interface (NNI) works. NNI circuit can be used for interconnection of IP (e.g. MPLS) networks.
Optical Channel A predefined wavelength that can be used to transmit a bit stream by means of a mod-
ulated light signal.
Optical Network An ONN is an NE where the incoming channels are either dropped or routed to a line in
Node (ONN) a different direction, outgoing channels can also be added locally. Apart from multiplex-
ing and demultiplexing an ONN NE implements optical or 3R signal regeneration and
dispersion compensation.
Optical path The path followed by an optical channel from the first multiplexer to the last demulti-
plexer.
Path Computation Implements, sets up and manages PCEP, while also notifying OM when PCEP is avail-
Engine Protocol able or unavailable to send/receive PCEP Route messages.
(PCEP)
Performance man- Performance monitoring and signal quality analysis provide information for detecting
agement and alerting, a cause that could lead to a degraded performance before a failure is
declared.

Glossary
Peak Information Is a burstable rate set on routers and/or switches that allows throughput overhead.
Rate (PIR) Related to Committed Information Rate which is a committed rate speed guaran-
teed/capped. For example, a CIR of 10 Mbit/s PIR of 12 Mbit/s allows you access to 10
Mbit/s minimum speed with burst/spike control that allows a throttle of an additional 2
Mbit/s.
Pseudo-Random Is a known sequence of bits that can be used as a test signal to measure transmission
Binary Sequence delay and bit error rate of a channel. In this test, one port inserts the PRBS signal in the
(PRBS) channel (source port) and another detects if the sequence was received correctly (sink
port). This kind of test is traffic affecting since the test sequence is inserted into the
OPUk until the test is stopped.
Physical Trails (PT) Trails are represented as Physical Trails (PTs). They connect two Physical Termination
Points (PTP) on a physical layer rate, but can also contain non-physical layers.
Planning Tool Con- Interfaces Coriant TransNet/Intelligent Optical Control DWDM network planning tool.
nector (PTC)
PMP A Performance Measurement Point is a metric represented by a set of counters for a

specific point in the network. It provides data for monitoring the performance and avail-
ability of the network.
PTX Juniper Packet Transport Routers are Converged Supercore platforms that deliver
powerful capabilities based on the Junos Express chipset and forwarding architectures
optimized for MPLS and Ethernet, with integrated, coherent 100GbE technology (font:
Juniper website).
Qualitative System Quality System Requirements are non-functional requirements that must be meet by a
Requirements System such as Reliability, Availability, Performance, Scalability, Security, Maintainabil-
ity, Portability, etc.
Required Creation Is the desired state of the path, which is set by the user upon creation.
State (RCS)
Optical Signal to OSNR is the ratio of an optical signal power to the noise power in the signal.
Noise Ratio (OSNR)
Ring network A ring network is a network topology in which each NE connects to exactly two other
NEs, forming a circular optical path for signals (that is, a ring).
Synchronous Digital Is a standardized protocol that transfer multiple digital bit streams over optical fiber using
Hierarchy (SDH) lasers or highly coherent light from light-emitting diodes. At low transmission rates data
can also be transferred via an electrical interface. The method was developed to replace
the Plesiochronous Digital Hierarchy system for transporting large amounts of telephone
calls and data traffic over the same fiber without synchronization problems.
Security manage- Security Management controls the individual access to particular NE functions via the
ment network management system and/or via a craft terminal, using a hierarchical security
management user ID, and password concept.
State Event Machine In computation, a finite-state machine is event driven if the transition from one state to
(SEM) another is triggered by an event or a message.
Service Provisioning Provisioning mode in hiT 7300.

via NMS

Glossary
The core equipment is provisioned by downloading and swapping NCFs, while

services are manually provisioned via the NMS.
When adding new services or expanding an existing network, the relevant line cards,
cross connections and internal port connections between line cards and multiplex-
ers/demultiplexers are provisioned via the NMS.
Secure Hash Algo- Is a family of cryptographic hash functions that takes an arbitrary block of data and
rithm (SHA) returns a fixed-size bit string, the cryptographic hash value, such that any (accidental or
intentional) change to the data will (with very high probability) change the hash value.
The data to be encoded are often called the message, and the hash value is sometimes
called the message digest or simply digest.
Simple Network SNMP is used in network management systems to monitor network-attached devices for
Management conditions that warrant administrative control. It consists of a set of standards for
Protocol (SNMP) network management, including an application layer protocol, a database schema, and
a set of data objects.
Software manage- Software management performs all software downloads, uploads, and software integrity
ment functions.
Secure Shell (SSH) Is a cryptographic network protocol for secure data communication, remote command-
line login, remote command execution, and other secure network services between two
networked computers that connects, via a secure channel over an insecure network, a
server and a client (running SSH server and SSH client programs, respectively).
Subsystem A subsystem is a set of shelves and cards in multicontroller NE that is controlled by a

subagent. All subagents within a multicontroller NE are controlled by the master agent.
Subsystem is defined for the HW only. In software, the concept is different. A major com-
ponent of a system. It is made up of two or more interacting and interdependent compo-
nents. Subsystems of a system interact in order to attain their own purpose(s) and the
purpose(s) of the system in which they are embedded.
Synchronous Synchronous Optical Networking and Synchronous Digital Hierarchy are standardized
Optical Networking protocols that transfer multiple digital bit streams over optical fiber using lasers or highly
(SONET) coherent light from light-emitting diodes.
Throughput Throughput measures the number of work units performed in a given time unit.
Topological Con- Defines a containment relationship between other topological container and/or NEs.
tainer (TC) This means they can contain NE symbols and other TCs. The network map is always
associated with one TC, which corresponds to a network view.
Tandem Connection TCMs are configurable parameters (via Element Manager) of the transponders. They
Monitoring (TCM) provide a Performance Management of all the Optical Transport Network (that is, end-
to-end connection) or specific sections only and implement an Optical channel Data Unit
(ODU) termination provisioned to support up to six TCM levels.
Transmission Is one of the core protocols of the Internet protocol suite (IP), and is so common that the
Control Protocol entire suite is often called TCP/IP. TCP provides reliable, ordered, error-checked
(TCP) delivery of a stream of octets between programs running on computers connected to a
local area network, intranet or the public Internet. It resides at the transport layer.
TL1 Transaction Language 1 (TL1) is a widely used management protocol in telecommuni-

cations. It is a cross-vendor, cross-technology man-machine language, and is widely

Glossary
used to manage optical (SONET) and broadband access infrastructure in North

America. TL1 is used in the input and output messages that pass between Operations
Systems (OSs) and Network Elements (NEs). Operations domains such as surveillance,
memory administration, and access and testing define and use TL1 messages to
accomplish specific functions between the OS and the NE.
TNMS Telecommunications Network Management System - is a standalone application that

provides a full range of network-management functions, from the transport network’s
physical structure and its NEs to those required for Automatically-Switched Optical
Networks (ASON), SW management (also referred to as X-NE or Cross-NE), Optical
Management and Ethernet Management.
TNMS Core TNMS Core is an integrated solution designed for large, medium and small size net-
works. It supports NEs with DWDM, OTH, SDH, PDH, Ethernet in line, star, ring and
mesh network configurations. TNMS Core can be used to manage networks in the
access, edge, metro, core and backbone levels.
TNMS CT TNMS CT is a transparent software platform for SDH and DWDM NEs using QD2, QST,
QST V2, Q3 or SNMP telegram protocols. It supports line, star, ring and mesh networks
and provides access to NEs via Ethernet interface or via a serial line interface (RS232).
TNMS DX TNMS DX is a telecommunications network management system to operate, administer

and maintain hiT 7300 NEs. It allows remote operation and control of these network ele-
ments.
TNMS NCT TNMS NCT is a lighter version of TNMS for smaller networks. It uses GM or MVM-based
mediations and includes the basic functionalities for network management.
TransNet Planning of a hiT 7300 network is done by the Coriant TransNet tool. Coriant TransNet
is a sophisticated software simulation tool developed specifically for designing and/or
upgrading optical DWDM networks with hiT 7300. It runs on PCs using Microsoft
Windows operating systems.
Trail Trace Identifier TTI is a transponder card parameter (configurable via Element Manager) of which is
(TTI) used to verify correct cabling or correct Tandem Connection Monitoring (TCM) configu-
ration. The basic principle is that specific overhead bytes are reserved for Trace
Messages of the user's choosing. By specifying the Actually Sent (transmitted) and the
Expected (received) trace messages, the system can automatically verify that fiber con-
nections have been made as intended. This is accomplished by comparing the expected
Trace Message to that actually received. If they differ, an alarm is raised, alerting per-
sonnel of the incorrect connections.
Transponder card A transponder card receives an optical input signal and converts it to an optical output
signal suitable for DWDM multiplexing and transmission.
Transponder Loopbacks are diagnostic tests that can be activated via Element Manager. Loopbacks
loopback return the transmitted signal back to the sending device after the signal has passed
across a particular link. The returned signal can then be compared to the transmitted
one. Any discrepancy between the transmitted and the returned signal helps to trace
faults.
User Datagram Is one of the core members of the Internet protocol suite (the set of network protocols
Protocol (UDP) used for the Internet). With UDP, computer applications can send messages, in this
case referred to as datagrams, to other hosts on an Internet Protocol (IP) network
without prior communications to set up special transmission channels or data paths.

Glossary
UDP uses a simple transmission model with a minimum of protocol mechanism. It has
no handshaking dialogues, and thus exposes any unreliability of the underlying network
protocol to the user's program. As this is normally IP over unreliable media, there is no
guarantee of delivery, ordering or duplicate protection. UDP provides checksums for
data integrity, and port numbers for addressing different functions at the source and des-
tination of the datagram.
Ultra Long Haul hiT 7300 ULH segment is a DWDM application characterized by long path lengths of up
(ULH) to 1600 km.
User-to-Network Is a demarcation point between the responsibility of the service provider and the respon-
Interface (UNI) sibility of the subscriber. This is distinct from a Network to Network Interface (NNI) that
defines a similar interface between provider networks.
Universal Network Universal Network Objects are software NEs that can be configured and used to repre-
Object (UNO) sent network elements which are not supported by TNMS. UNO also supports devices
with restricted functionalities, for example, without supervising interfaces.
They are also used to represent network services between third parties and TNMS net-
works.
Virtual Local Area In computer networking, a single layer-2 network may be partitioned to create multiple
Networks (VLAN) distinct broadcast domains, which are mutually isolated so that packets can only pass
between them via one or more routers; such a domain is referred to as a Virtual Local
Area Network, Virtual LAN or VLAN.
Wavelength Wavelength is a physical attribute of a wave (for example, an optical wave), defined as
the distance between corresponding points of two consecutive wave cycles.
The wavelength is directly related to the frequency of the wave.
Wait to restore time The time in minutes that TNMS waits until it tries to switch to the working path again,
(WTR) assuming the Revertive option is selected.
workload Model Representation of the typical load to be processed by the system.
eXtensible Markup Is a markup language that defines a set of rules for encoding documents in a format that
Language (XML) is both human-readable and machine-readable. The design goals of XML emphasize
simplicity, generality, and usability over the Internet. It is a textual data format with strong
support via Unicode for the languages of the world. Although the design of XML focuses
on documents, it is widely used for the representation of arbitrary data structures, for
example in web services.

Index Oracle 26
template files 26
Uninstalling 27
A OSI Stack 27
Antivirus 33 configure 27
Audit policy 17 install 27
OSI stack
Installation 27
B uninstalling 28
BIOS 15
P
C Password
Component delivery 13 complexity rules 36
Component Services 19 Power management 24
CopSSH Prerequisites 14, 25
configure 30
install 29
S
troubleshooting 32
System Hosts configuration 23
D
T
Domain Verification 23
Dynamic Port range 24 Template files 26
Third-party software
OSI stack 27
H TNMS NCT 35
Hardware 13 installation 35
client 13 unistallation 41
large configuration 13 TNMS NCT Client
medium configuration 13 installation 37
netserver 13
requirements 13
U
server 13
Uninstallation 41
User Account Control 25
I
Installation
W
CopSSH 29
full 35 Windows Server 2008 19, 20, 22
Hardware 13 FTP 19
OSI stack 27 Windows server 2012
TNMS NCT Client 37 FTP 21
J
Java
JRE 14
JRE 14
L
Log
TNMS NCT 39
O
Operating Systems 14
A50023-K4045-X040-01-76D1 59
60 A50023-K4045-X040-01-76D1
A50023-K4045-X040-01-76D1 61
62 A50023-K4045-X040-01-76D1

TNMS-V15 Installation Manual Windows

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

TNMS-V15 Installation Manual Windows

Uploaded by

Copyright:

Available Formats

TNMS NCT

Coriant TNMS NCT

Issue: 1 Issue date: November 2015

Coriant is continually striving to reduce the adverse environmental

f Important Notice on Product Safety

The same text in German:

f Wichtiger Hinweis zur Produktsicherheit

3 Initial system configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

4 Software prerequisites installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

4.3.2 Configuring OSI stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

5 TNMS NCT installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

7 TNMS NCT uninstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

1.1 Intended audience

1.2 Structure of this document

Chapter Title Subject

Table 1 Structure of the manual

1.3 Symbols and conventions

f DANGER! A safety message indicates a dangerous situation where

w NOTICE: A property damage message indicates a hazard that may result

g A note provides important information related to the topic, for

t A tip provides additional information related to the topic which is

Table 2 List of symbols and conventions

Table 2 List of symbols and conventions (Cont.)

1.4 TNMS NCT documentation set

1.5 Other documents

1.6 History of changes

Issue Issue date Remarks

Table 3 History of changes

2.1 Checking the delivered components

2.2 Hardware requirements

Components Hardware configurations

Table 4 Minimum hardware requirements for new installations of TNMS NCT

2.3 Supported Operating Systems

Full / Server Installation Client

Table 5 Operating System recommendations for Full and Client installation

2.4 Prerequisites by component

Software Full / Server Client

Table 6 TNMS NCT software prerequisites and their installation sequence

2.5 Configuring the BIOS

3 Initial system configuration

3.1 Before you begin

3.2 Audit policy

To enable auditing locally in the installed OS:

Figure 1 Local Security Settings - Audit Policy window

3.3 FTP configuration

3.3.1 Installing the FTP Server in Windows Server 2008

3.3.2 Configuring the FTP Service in Windows Server 2008

 In the Authentication and Authorization Information step, select Authentication

3.3.2.1 Additional configurations required by NEs connecting through FTP

3.3.3 Installing the FTP Server in Windows Server 2012

 In the Confirmation step, click Install.

3.3.4 Configuring the FTP Service in Windows Server 2012

3.3.4.1 Additional configurations required by NEs connecting through FTP

3.3.5 Installing the FTP Server in Windows 7

3.3.6 Configuring the FTP Service in Windows 7

Configure the FTP Service/Server:

Select permissions “Read” and “Write”.

3.3.6.1 Additional configurations required by NEs connecting through FTP

3.4 Domain Verification

3.5 System Hosts configuration

3.6 Dynamic Port range configuration

3.7 Power management options

4 Software prerequisites installation

4.1 User Account Control

In the Authentication and Authorization Information step, select Authentication

In the Confirmation step, click Install.

Enter TNS Port number or accept the default by pressing [ENTER].

Click Forward to begin the CopSSH User Activation wizard.

Change both MaxSessions values (lines 8 and 13) to 100.

Below is the sample above after the changes:

Save the sshd_config file.

Reboot the machine to complete the installation.

Decide whether to have Coriant’s as your default desktop wallpaper.

Reboot the machine to complete the installation.