A VNS3:MS is a single dashboard to manage and monitor VNS3 networks plus all underlying cloud VLAN network components (CIDR, subnets, route tables, ACLs, security groups, etc.).
VNS3:ms Network Domain Model
VNS3:ms Monitors VNS3 Controllers and Cloud VLANs
This document assumes you have either a VNS3 deployment or Cloud VLAN you would like to manage and monitor via VNS3:ms.
See the specific instructions for your cloud setup and instance launch on our Product Resources page.
Please review the VNS3 Support Plans and Contacts before sending support inquiries. If you need specific help with project planning, POCs, or audits, contact our professional services team via firstname.lastname@example.org for details.
- You have a cloud account that Cohesive can use for enabling your access to the VNS3:ms images.
- Ability to open the required hypervisor firewall rules to allow your VNS3:ms instance to access your VNS3 Controller instances
- Ability to create and add cloud API credentials to allow your VNS3:ms instance to access your cloud account.
- VNS3:ms currently only support the “underlay” (cloud network) view in AWS at this time. Support for Azure and Google is underway.
- Minimum of 2GB memory
- Persistent Storage (EBS-backed at AWS or similar in other cloud environments)
- Minimum of 30GB storage
- VNS3 Controller version 3.5 or later for devices that will be monitored and managed by VNS3:ms (3.0 and earlier are usable but not fully supported)
VNS3:ms instances use the following TCP ports:
- VNS3:TCP port 80 or 443: Inbound HTTP/HTTPS access on the VNS3:ms instance is required for the admin UI and/or API. TCP port 80 or 443 must be accessible from the hosts where you want to want to manage and monitor your virtual networks.
- TCP port 8000: Port used to access the individual VNS3 Controller instance via the VNS3 API. Each VNS3 Controller that will be added to the VNS3:ms system must have inbound TCP port 8000 access open from the VNS3:ms instance’s public IP.
- TCP port 22: Only needed in support situations where you have requested Cohesive support staff to access your VNS3:ms instance to diagnose/troubleshoot an issue.
Note that TCP 22 (ssh) is not required for normal operations.
VNS3:ms has that same multi-party/multi-factor authentication system for Remote Support that all VNS3 products utilize. Each VNS3:ms instance is running a restricted SSH daemon, with access limited only to Cohesive Networks for debugging purposes controlled by the user via the Remote Support toggle and key exchange generation.
In the event Cohesive Networks needs to observe runtime state of a VNS3:ms instance in response to a tech support request, we will ask you to open Security Group access to SSH from our support IP range and Enable Remote Support via the Web UI. Cohesive Networks will send you an encrypted passphrase to generate a private key used by Cohesive Networks Support staff to access your Controller. Access to the restricted SSH daemon is completely controlled by the user. Once the support ticket has been closed you can disable remote support access and invalidate the access key.