The VMPS Server Interface System (VSIS), also know as VMPS Registration and Management Server, is a simple web based interface to manage the nightmarish files for the Cisco VMPS Service.
Summary | History|How it works | Installation Documentation | Forum | Downloads
Summary
Cisco's VMPS technology is great for port level security. However management for it boils down list a bunch of mac addresses mapped to vlans in a, sometimes ginormous, text file. VSIS tries to reduce the carpal tunnel and security breaches by implementing a web based interface that can map the mac address to a more freindly name or description, as well as vlans, and provide a more pleasing experience with VMPS altogether.History
This project, as do many, arose from a need to provide a basic form of security for a network with thousands and thousands of network ports, in more than 200 seperate sites. Nodes included everything from workstation, printers, VoIP phones, terminal servers, lab equipment, factory equipment and timeclocks to name a few. Being that things moved around often as well. This was not an easy problem. However, having a pretty much homogenous Cisco network allowed us to use the VMPS services to make all the network access ports assign themselves to vlans dynamically based on thier mac address. Great! That wasn't so bad! Wait, this text file has 4,000 mac addresses in it and I have no idea what they are... what vlan does 00:12:f3:d5:67:0a belong in? Ok, this is not going to work. Enter stage left, VSIS, or what was known first as the VMPS Registration and Management Server.How it Works
How this software works is really very simple. Essentially, its a database that gets exported to a text file, that's it. So, yes, essentially there are about 11 different ways to do this. several of which require nothing but a text editor... However, this software has a few more interesting features. To really understand the value of these, there needs to be a basic understanding, of vlans, mac addresses, port level security and the value that VMPS adds to that. Then, implementing vmps using the text editor option will be helpful in appreciating the value of this software.&tbspNow, with that said, and the the understanding of basic switching knowledge we can proceed with how this software makes life easier. This software is a web based application, written in php that provides an interface to a database. The php is setup with several html forms that allows information about vlans and network nodes to be entered into this database. So the information in the database is updated in realtime as the user(s) make changes, additions, and deletions. Now, not all the information in the database is used for the VMPS server, in reality, most of the database records are there for easing the management of vlans and nodes, and for providing a secondary management tool for that information.
&tbspOk, how does this all work with the VMPS server you ask? Well, it's really simple. As you know, the VMPS server reads it
s configuration from a text config file, and that file resides on the switch that has been enabled to act as the VMPS server. With this management software, that doesn't change. What the software does, by way of another html form, is:
1) Generate a text file containing the pertinent information from the database (mac address and vlan).
2) Send a signal to trigger the VMPS server (switch) to download, via tftp, the config file and reload VMPS.
Pretty simple. We simply use the DBI in php to select out the info, right to a file, then using SNMP, send a set on the right OID to the switch acting as the server.
VMPS Service Interface System
A Cisco(c) centric VMPS Server interface. A web based (PHP) interface to manage host registration for Dynamic VLAN policys. Also provides configuration change management for the VMPS configuration.
http://sourceforge.net/projects/vmps-srv/
