Issue
02
Date
2012-04-12
Notice
The purchased products, services and features are stipulated by the commercial contract made between
Huawei and the customer. All or partial products, services and features described in this document may not
be within the purchased scope or the usage scope. Unless otherwise agreed by the contract, all
statements, information, and recommendations in this document are provided "AS IS" without warranties,
guarantees or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied .
Website:
http://www.huawei.com
Email:
support@huawei.com
Contents
1 Overview......................................................................................................................................... 2
2 Basic Features (WOFD-100000) ................................................................................................... 3
2.1 Platform ............................................................................................................................................................ 3
2.2 Fault Management .......................................................................................................................................... 15
2.3 Configuration Management ............................................................................................................................ 27
2.4 Performance Management .............................................................................................................................. 34
2.5 Security Management ..................................................................................................................................... 40
2.6 Topology Management ................................................................................................................................... 52
2.7 NE License Management ............................................................................................................................... 54
2.8 Hardware and Software Management ............................................................................................................ 56
2.9 Network Monitoring and Analysis ................................................................................................................. 59
2.10 FARS ............................................................................................................................................................ 67
2.11 Base Station Commissioning Management .................................................................................................. 73
Issue 02 (2012-04-12)
Overview
This document describes the basic features provided by Huawei M2000 V200R012. This
document helps users understand the M2000 features.
The network elements (NEs) in this document refer to the network devices managed by the
M2000. The M2000 manages eWBB based on Long Term Evolution (LTE), .
The M2000 manages the following eRAN NEs:
The M2000 manages the following evolved packet core (EPC) NEs:
Issue 02 (2012-04-12)
2.1 Platform
WOFD-000100 Basic M2000 Service
Availability
This feature was introduced in M2000 V200R003.
Summary
This feature provides hardware and software platforms and basic functions required for the
proper operation of the M2000. Basic functions include system operating-status monitoring,
online help, and remote maintenance.
Benefits
The M2000 centrally manages LTE network. Based on common software and hardware
platforms, the M2000 provides various network management application services such as alarm,
performance, security, and configuration management. These functions improve the M2000's
working efficiency, reduce operation and maintenance (O&M) costs, and therefore minimize
telecom operators' investments.
Description
This feature provides the following functions:
Issue 02 (2012-04-12)
Online help
The M2000 provides online help information that supports functions such as hotspot help,
full-text search, and offline browse. Online help includes the following items:
Users can switch to Help information about the MML commands, alarms, performance
counters, and configuration objects and parameters from the command-line interface
(CLI), alarm, performance, and configuration management windows.
Users can create, edit, delete, and manage remarks on any Help pages. Remarks
management functions include querying, importing, and exporting.
System status information that can be monitored includes the server, service and
process status, database and disk partition space, and component information. When a
fault occurs on the hardware, the M2000 generates an alarm.
Function control items: authorized optional M2000 features controlled on the basis of
functions.
Resource control items: authorized M2000 features that are controlled by the number
of resources, manageable resource capacities, and number of used resources of these
features. The M2000 generates an alarm if the number of network resources managed
by a resource control item exceeds the number specified by the license. Users can
manually clear the alarm.
Invalidating a license
The M2000 allows users to invalidate a license on the client and generates an invalid code.
According to the invalid code, Huawei technical support personnel apply for a new license.
This significantly improves the efficiency of updating licenses in cases such as expansion,
incremental sales, electronic serial number (ESN) replacement, and version upgrade.
Issue 02 (2012-04-12)
updates the client software to the matching version according to the user confirmation.
This improves the efficiency of changing client versions and reduces maintenance costs.
Workbench management
The M2000 provides a workbench for function and application shortcuts. Users can create
function and application shortcuts on the workbench, which simplifies operations and
improves operation efficiency. Users can also customize the names, description, and icons
of workbench shortcuts. The M2000 provides default workbench shortcuts to certain
functions such as centralized MML CLI, centralized task management, system monitoring,
and topology management.
Enhancement
Invalidating licenses
Issue 02 (2012-04-12)
Summary
The M2000 supports file transfer between the M2000 server and the M2000 client, between the
M2000 and NEs, and between the M2000 and a third-party system by using File Transfer
Protocol (FTP).
To ensure data transmission security, the M2000 supports FTPS- and SFTP-based file transfer.
For details, see the optional feature WOFD-210100 Encrypted Transmission.
Benefits
This feature ensures effective file transfers between the M2000 server and the M2000 client,
between the M2000 and NEs, and between the M2000 and a third-party system.
Description
FTP is a standard protocol, which specifies that file transfer between network nodes can be
implemented by setting up control channels and data transfer channels. Complying with the
RFC 959 FTP standard protocol, the M2000 supports file transfer and management. It transfers
files between the M2000 server and the M2000 client, between the M2000 and NEs, and
between the M2000 and a third-party system. The data to be transferred is as follows:
Performance data, log, and configuration data files collected from NEs or sent to a
third-party system by the M2000
NE version, configuration data, and patch files downloaded from the M2000 by NEs
License and NE version files transferred between the M2000 client and server
According to the application scenarios, the M2000 can function as an FTP server or client. For
example, when transferring files to a third-party system, the M2000 can be either an FTP server
or client based on user requirements. When upgrading NEs, users need to upload the software
version from the M2000 client to the M2000 server. In such a case, the M2000 server functions
as an FTP server, while the M2000 client functions as an FTP client.
The M2000 manages parameters related to file transfer. For example, it allows users to set file
transfer between NEs and the M2000 server and between the M2000 client and server, disable
plaintext transfer, and set a transfer server and a third-party FTP server.
Generally, FTP and File Transfer Protocol over SSL (FTPS) use default service ports, which
may cause security risks. To improve system security, the M2000 allows users to customize
FTP and FTPS service ports.
Enhancement
The function of customizing FTP and FTPS service ports is added to M2000 V200R012C00.
Issue 02 (2012-04-12)
Dependency
None.
Summary
The application management platform supports centralized management of iSStar script
applications and other applications. The iSStar is an enhanced script development platform
provided by the M2000. With the application management platform, the M2000 manages
application shortcuts by category and manages iSStar script applications.
The iSStar script applications are classified into local script applications and remote script
applications. Local script application files are stored and executed on the M2000 client. Remote
script application files are stored and executed on the M2000 server.
Benefits
This feature brings about the following benefits:
Using this feature, users do not need to pay attention to the implementation of the iSStar
script. After the script is released, users can run it and obtain the execution results through
the shortcut on the application management platform.
The application management platform can also manage other applications to implement
the uniform management of scripts and other applications.
Description
The application management platform is used to manage the iSStar and other applications. This
feature allows users to categorize application shortcuts and manage the remote iSStar
applications, including management for workspaces, application shortcuts, remote applications,
and iSStar tasks.
Workspace management
A workspace is a management platform for categorizing application shortcuts. The
applications of the same category can be managed by one workspace. Users can categorize
applications based on their preferences and manage these applications on different
workspaces. Users can create or delete workspaces and change the workspace names.
Issue 02 (2012-04-12)
Task management
The M2000 provides a GUI for managing local and remote iSStar script tasks, including
tasks started through application shortcuts or through the iSStar development platform.
Users can check task information such as script file path and name, NE, progress, start
time, end time, status, task creator, and IP address of the client where a local task is
executed. Users can also create, copy, start, suspend, resume a task, delete tasks in batches,
and check task execution results.
Description
The M2000 provides communication agents for local maintenance terminals (LMTs) to
maintain NEs. When an NE and its LMT are located on different network segments, the LMT
can connect to the NE through the agent provided by the M2000 to maintain the NE.
Along with the development and spread of the Web LMT, M2000 can also be a communication
proxy for the Web LMT.
LMTs can still set up connections to NEs through SSL or HTTPs to ensure transmission
security when using the M2000 as an agent.
Summary
The M2000 supports the NTP/SNTP network time synchronization protocols so that it can
synchronize time with the time server of a third-party system and provide synchronization time
sources for NEs. This ensures that the time between the M2000 and the NEs is synchronized.
In addition, according to the security policy of the telecom operator, the M2000 uses MD5
encrypted algorithm defined in the NTP V3 in time synchronization.
Benefits
This feature ensures that the time of NEs on the entire network is synchronized. In addition, it
supports adopting the encrypted authentication to enhance the security of network time
synchronization.
Description
If the NTP server provided by a customer network cannot communicate with the mobile
communication devices managed by the M2000, the M2000 server can function as an
intermediate NTP server. The M2000 server obtains the reference time from the NTP server
provided by the customer and sends time synchronization signals to NEs to ensure the
consistency between the time of all NEs and the time of the time source. The M2000 monitors
Issue 02 (2012-04-12)
the operating status of the NTP service in real time and generates an alarm after detecting any
exceptions in the NTP service or a synchronization failure with the upper-level time source.
The NTP protocol supports two authentication modes: unauthenticated and encrypted
authentication. Customer can determine the authentication mode according to security
requirements. If the upper-layer NTP server provided by the telecom operator uses the
encrypted authentication mode, the M2000 server synchronizes time with the time of the
upper-layer NTP server in encrypted authentication mode. After NEs send a time
synchronization request to the M2000, the M2000 allows NEs to synchronize time with the
M2000 server time in encrypted authentication mode.
This feature requires customer to provide a top-level clock source server. If customer requires a
top-level clock source server from Huawei, they need to purchase Huawei entire-network time
synchronization solution. For details about the solution, see the feature WOFD-540100
Network Time Synchronization Solution.
Enhancement
The following functions are added to M2000 V200R011C00:
The M2000 generates an alarm after detecting any exceptions in the NTP service or a
synchronization failure with the upper-level time source.
Dependency
None
Description
For some countries that use the Daylight Saving Time (DST), there are two time switchovers
every year. Some countries cross multiple time zones. Therefore, the time of NEs in different
time zones must be different.
This feature ensures that the M2000 adapts to DST shifts on NEs and allows users to set time
zone information. For example, users can choose whether to display server time or local NE
time in the alarm browsing window. If the area where an NE is located is using DST, the M2000
displays DST in MML messages.
Issue 02 (2012-04-12)
Description
Centralized task manager is a task management mechanism of the M2000. It manages and
controls all the scheduled tasks in the M2000 system through a centralized task management
window.
The tasks managed centrally are classified into system-scheduled tasks and user-scheduled
tasks. There are two types of tasks: one-time tasks and periodic tasks. Users can create
user-scheduled tasks and select one-time tasks or periodic tasks as required. All
system-scheduled tasks are periodic tasks and cannot be created by users.
Users can view information about all tasks on the task list provided by the M2000. The task
information includes task name, execution period, type, creator, status, execution progress,
execution result, and last execution time. Users can also perform specific operations on the
tasks, such as start, delete, suspend, copy, or resume the tasks. In addition, users can modify
task parameters.
System-scheduled tasks are as follows:
Data export
Synchronization
Only users in the administrator group can manage and view system-scheduled tasks.
System-scheduled tasks cannot be copied or deleted, and only some parameters can be
modified.
NE license backup
NE backup
Software download
Dependency
None
Issue 02 (2012-04-12)
10
Description
This feature supports two triggering modes, customizing menus to trigger scripts and automatic
triggering.
Customizing menus to trigger scripts: This function allows users to customize the menus for
script triggering. Users can add, delete, modify, or query user-defined menus. When adding a
user-defined menu, users can select the script and set script execution parameters. The
user-defined menus are used to trigger scripts stored on the M2000 client.
Automatic triggering: The M2000 allows users to set script triggering conditions and specify
the scripts. Triggering conditions include validity time range, script type, execution period, and
alarm ID. The M2000 automatically checks whether script triggering conditions are met. If the
conditions are met, the corresponding script is automatically triggered.
The automatically triggered scripts are scripts stored on the M2000 server. Currently, HSL
scripts and the following Shell scripts can be automatically triggered:
Bourne shell
C shell
Z shell
Korn shell
TC shell
Enhancement
The following function is added to M2000 V200R008:
Description
The M2000 automatically assigns IP addresses to BTSs through the DHCP protocol. The
M2000 extends the DHCP protocol based on the standard protocol to support the required
functions, and automatically assigns IP addresses to Huawei BSs on IP networks based on the
extended DHCP protocol. The DHCP Server service provides the following functions:
Issue 02 (2012-04-12)
The M2000 extends protocols based on the DHCP protocol and assigns IP addresses based
on specific configuration information such as the BTS name, BTS ID, IP address, and
electronic serial number (ESN).
11
The M2000 allows users to add, delete, or modify the binding relationships between
specific NE configuration information and IP addresses on the M2000 client. It also allows
users to import the information about the binding relationships into a file.
The M2000 allows users to view the assignment information about IP addresses. To
facilitate information browse, it also allows users to filter IP address assignment records
by fields such as BTS ID, BTS name, and ESN.
Enhancement
The following function is added to M2000 V200R011C01:
Allowing users to filter IP address assignment records by fields such as BTS ID, BTS
name, and ESN
Description
The user profile setting provides the user-defined settings based on M2000 users. Therefore,
multiple maintenance terminals can share the user-defined user settings. The M2000 provides
default settings for all M2000 users. The supported profile setting options are as follows:
Display styles of parameter settings on the M2000 client, such as area setting, metrology
setting, LMT prompt setting, agent server setting, MML client setting, file transfer
parameter setting, alarm sound and colors, time mode, system lock time, data display
modes, system login modes, display of alarm states in the topology view, and display of
the performance module interface.
Environment setting of function interfaces, such as the topology view, activated subnets
and filter criteria in the topology view, filter criteria for querying alarms, and alarm query
templates.
Description
The local disks of the M2000 support the RAID 1 backup mode (1+1 disk mirroring).
Availability
This feature was introduced in M2000 V200R002.
Issue 02 (2012-04-12)
12
Summary
The M2000 provides the backup and restore solutions for M2000 application data including
M2000 application and service data.
Benefits
This feature brings about the following benefits:
The M2000 provides cost-efficient backup and restore solutions for the O&M network.
Description
This feature provides the following functions:
Dependency
This feature is supported when implement using Sybase database.
Availability
This feature was introduced in M2000 V200R002.
Summary
The M2000 supports backup and restore of key NE data. If NE data is missing due to a fault,
users can use the backup data to restore the NE data on the M2000.
Description
Generally, key NE data (such as NE configuration data and logs) is stored on NEs.
Key NE data is backed up and restored on the M2000. The data can be backed up manually or
automatically on a scheduled basis. The M2000 centrally manages and schedules backup tasks
Issue 02 (2012-04-12)
13
by using the feature WOFD-071200 Centralized Task Manager. The M2000 backs up the data
based on the preset period and time.
Data must be restored manually because it may lead to NE restart. After users start restoring NE
data, the M2000 downloads backup NE data to the NE and runs data restoration commands for
the data to take effect. Users must upload the NE data that was downloaded and stored on the
M2000 client to the M2000 server before restoring the data.
NE logs cannot be modified or replaced, and the restore of NE logs may result in invalid modification of
the NE logs. Therefore, the M2000 does not provide the function of restoring NE logs.
Summary
The M2000 supports the function of automatically uploading the northbound configuration files,
performance files, inventory files and alarm files to the specified FTP server by using FTP.
To ensure data transmission security, the M2000 supports SFTP-based file transfer with the
third-party system. For details, see the optional feature WOFD-210100 Encrypted
Transmission.
Benefits
Description
This feature provides the following functions:
Users can create a directory on the server for the M2000 to save uploaded files.
Alternatively, the M2000 can create a directory for saving the files. The directory structure
is the same as that of the M2000 export file directory.
Issue 02 (2012-04-12)
14
Users can automatically re-transfer the files that failed to be transferred according to the
configuration parameters.
The valid duration for re-transferring the files is 1 hour. The system cancels the transfer
of the files that exceed the valid duration.
The system transfers the files again three times. The system records the files that are
re-transferred more than three times, to the logs.
Managing faults
If a file fails to be uploaded to a system because the FTP service of a third-party system is
not enabled or the network is disconnected, the M2000 generates an alarm.
Dependency
This feature is used with the following features to implement automatic file upload and cannot
work independently:
Description
The M2000 centrally collects the alarm information about all the entities (including the M2000
itself) of managed networks and stores the alarm information in the database. The fault
management module of the M2000 can manage alarms and events. Alarms are classified into
ADAC alarms and ADMC alarms. Unless otherwise stated, alarms mentioned in this document
do not include events.
Event: An event is a notification that is generated and needs to be sent to users when the system
is running properly. For example, the notification can be the deletion, modification, or status
change of an object.
Fault: A fault occurs when the system is running improperly. The fault may affect the operation
capability or backup capability.
Alarm: An alarm is a notification that is generated when the system detects a fault.
Based on the detection capability, alarms are categorized as ADAC alarms and ADMC alarms.
ADAC (Auto Detected Auto Cleared) alarm: An ADAC alarm is generated and cleared when
specified conditions are met. When a fault occurs, an alarm occurrence notification is generated.
After the fault is cleared, an alarm clearance notification is generated.
ADMC alarm: An ADMC alarm is generated when specified conditions are met, but it cannot
be cleared automatically. When a fault occurs, an alarm occurrence notification is generated.
An alarm clearance notification, however, is not sent. O&M personnel need to check that the
fault is cleared and manually clear the ADMC alarm.
Issue 02 (2012-04-12)
15
After receiving the alarm and event reported by an NE, the M2000 preprocesses the alarm and
event and stores them in the centralized mode. The information serves as the reference for
future browse, collection of statistics, and query.
The M2000 records each alarm or event as one log. The database stores alarm or event logs for
a maximum of 90 days. Users can change the period. If the M2000 alarm database does not
meet the standard configuration or the network size exceeds the management capacity of the
server, users may not be able to store the logs for 90 days. When the M2000 reaches the end of
the storage period or disk capacity limit, the M2000 automatically dumps event logs and logs
for acknowledged and cleared alarms to files.
Summary
This feature allows users to view the alarms and events of NEs and the M2000 in real time.
Based on the browse results, users can also perform operations such as saving and printing
alarm information, viewing detailed alarm information, and locating alarms in the topology
view. Users can set conditions for filtering alarms or save the filter criteria as a template for
future use.
In addition, users can customize the colors and properties of alarms and events displayed in the
browsing window. Users can also set the uncleared alarms to be highlighted.
Benefits
This feature brings about the following benefits:
The M2000 allows users to browse alarms on the entire network in real time. It also allows
users to set various filter criteria to focus on key network faults.
The function of customizing display styles helps users to personalize working interfaces.
Description
This feature is described as follows:
Alarm/Event browse
The M2000 displays the alarms that meet the preset filter criteria in the alarm/event
browsing window. Multiple browsing windows can be opened concurrently to display
alarm logs, event logs, and alarm lists. Users can set filter criteria in each browsing
window.
The alarm list displays important alarms that users must focus on or handle. If an alarm has
duplicate alarm records, only one record is displayed in the alarm list. During routine
maintenance, O&M personnel need to monitor only the alarm list. By default,
acknowledged and cleared alarms are not stored in the alarm list. Users can store these
alarms after setting a storage period.
Users can set the following filter criteria: alarm source including NE types, NEs, MOs,
MBTSs, object groups and topology maintenance areas, severity, type, and name. Events
do not need to be cleared or acknowledged. Therefore, log browse does not support
status-related filter criteria such as clearance status and acknowledgment status.
Issue 02 (2012-04-12)
16
QoS alarm
Internal alarm
In addition, the M2000 supports the browse of alarms based on alarm categories. Users
can browse alarms according to alarm severities or alarm statuses in the same window.
Alarms statuses are unacknowledged and uncleared, unacknowledged and cleared,
acknowledged and uncleared, and acknowledged and clear.
In the event browsing window, users can query event details, locate an event on the
corresponding NE in the topology view, mask the event, or send a remote event
notification. In the alarm browsing windows, users can perform more operations, such as
acknowledging, unacknowledging, and clearing alarms.
Template
Users can save common filter criteria as a template so that they can use the template to set
filter criteria when browsing alarms or events. The M2000 filters the browse results
according to the conditions set in the template. Alarm templates are saved by user.
The owner of a template is the user who creates the template. Such users can share their
templates with other users. Administrators can manage and use all templates. Common
users can manage and use their templates and shared templates.
The M2000 provides a centralized template management window. Users can manage their
templates, for example, viewing, creating, deleting, modifying, and renaming templates.
Issue 02 (2012-04-12)
17
Enhancement
The following functions are added to M2000 V200R009:
The M2000 allows users to open the device panel of the NE that generates the selected
alarm when users locate the device panel in the alarm viewer.
The M2000 supports alarm/event groups and object groups. Users can perform operations
such as viewing, querying, and collecting the statistics on alarms and events based on
alarm/event groups and object groups.
Summary
The M2000 supports the real-time notification of alarms in the forms of sound, light, blinking,
and display of statistical results. Alarms are notified through alarm boxes, alarm boards, tool
tips, and real-time statistics.
Benefits
The M2000 supports the real-time alarm notification in multiple modes. This ensures that users
can learn about the generation and clearance of alarms in real time to take corresponding
troubleshooting measures, reducing the impacts on network services.
Issue 02 (2012-04-12)
18
Description
This feature is described as follows:
Alarm box
The M2000 notifies users of audible and visual alarms through an alarm box. The alarm
box is connected to the M2000 client through a serial port. The M2000 client sends the
alarms that meet the preset conditions to the alarm box in real time. Then, the alarm box
generates sound and the corresponding alarm indicators blink according to the alarm
severities. Users can filter alarms based on alarm severities or by using a query template.
The filter criteria set in a query template are the same as the filter criteria in the feature
WOFD-010300 Alarm Viewer.
Tool tip
After users set the alarm indication in the topology view, the NE icon is identified in the
color of the alarm of the highest severity when alarms in the same status exist on an NE.
The alarm states that can be selected are unacknowledged and uncleared. In addition, users
can set whether to display the current number of alarms of the highest severity on NEs.
Description
After the connection between the M2000 and NEs is restored, the M2000 automatically
synchronizes the data between the M2000 and NEs to obtain the alarm data generated during
the disconnection. This feature ensures that the alarm data on the M2000 and NEs is consistent.
When NEs report alarms to the M2000, the M2000 automatically checks whether the alarm data
on the M2000 is consistent with that on NEs. If the data is inconsistent, the M2000
synchronizes the alarm data on the M2000 with that on NEs.
Issue 02 (2012-04-12)
19
Description
Generally, after an alarm is generated on an NE or the M2000, the alarm is automatically
reported to the M2000 in real time. The M2000 supports manual and scheduled alarm
synchronization modes. Therefore, alarms can be synchronized in the following scenarios:
The M2000 supports manual alarm synchronization and scheduled alarm synchronization.
In manual synchronization mode, users manually synchronize the alarm data on the M2000
with that on NEs through the M2000 client.
Scheduled synchronization tasks are managed and scheduled by using the feature
WOFD-071200 Centralized Task Manager. In scheduled synchronization mode, the M2000
synchronizes the alarm data on the M2000 with that on NEs according to the preset period and
time. Users can change the synchronization period and time. The unit of the synchronization
period is day. The default synchronization period is one day.
Summary
Alarm pre-processing on the M2000 refers to processing the new alarms and events received by
the M2000 before they are saved to the database. Alarm pre-processing involves alarm masking,
alarm severity redefinition, and alarm correlation analysis.
Benefits
The M2000 provides flexible functions of masking alarms and customizing the rules for
analyzing alarm correlations. This helps in sharing the maintenance experience of O&M
personnel, reducing the number of alarms, and improving work efficiency.
Description
This feature provides the following functions:
Issue 02 (2012-04-12)
20
and alarm/event types. Users can also set the time segment for alarm masking conditions
to take effect.
Delayed alarm/event processing: If the duration of an alarm/event is shorter than the
threshold set in the alarm/event masking criteria, the M2000 discards the alarm/event after
analyzing toggling alarms. When the duration of an alarm/event reaches or exceeds the
preset threshold, the M2000 delays processing the alarm/event. The delay time equals the
preset threshold of alarm/event duration.
Users can obtain the details about alarm sources in masking conditions by referring to the feature
WOFD-010300 Alarm Viewer.
Analyzing correlations
Correlation rules are classified into default and user-defined rules.
Default rules are provided by the system and can be instantiated by users. These rules are
used for analyzing alarm or event occurrence frequency, intermittent alarms, repeated
events, and duration of acknowledged and uncleared alarms.
Associated concepts are described as follows:
Alarm or event occurrence frequency: If the number of repeated alarms or events exceeds
a preset threshold within a specified period, the M2000 considers that these alarms or
events are correlated and performs one of the following operations, which have different
threshold ranges:
Intermittent alarm: The M2000 generates an intermittent alarm if the interval for reporting
the clearance alarm of an alarm is within a specified period. The M2000 displays only the
first intermittent alarm and discards other ones. If the number of intermittent alarms
exceeds a preset threshold within a specified period, the M2000 generates a
high-frequency intermittent alarm. When intermittent alarms are generated at a lower
frequency than the threshold, the high-frequency intermittent alarm is automatically
cleared.
Repeated event: The M2000 generates a repeated event if the interval for reporting an
event is within a specified period. The M2000 displays only the first repeated event and
discards other ones. If the number of repeated events exceeds a preset threshold within a
specified period, the M2000 generates a high-frequency repeated event.
With the correlation analysis function, users can create rule instances for analyzing
alarms/events frequency, intermittent alarms, and repeated events. If alarms/events meet
the preset conditions, the M2000 deals with the information about redundant
alarms/events according to the preset policy. This prevents the M2000 from generating or
clearing the same alarms, enhancing system reliability.
Issue 02 (2012-04-12)
21
The purpose of analyzing the duration of acknowledged and uncleared alarms is to prompt
users to clear these alarms in time. If certain alarms are already acknowledged but are not
cleared for a long time, the M2000 sets the severity of these alarms to a higher level.
The M2000 allows users to define alarm correlation rules by setting root alarms, correlated
alarms, handling methods, handling conditions, analysis periods, and priorities through
the creation wizard.
Users can delete or modify alarm correlation rules.
After users apply advanced correlation rules, the M2000 discards the alarms/events that
meet the correlation rules. It can also redefine the severities of these alarms or set them to
correlative alarms. Therefore, the number of unnecessary alarms/events is reduced and
non-root alarms/events are not considered. Therefore, users can handle key alarms/events
to quickly locate and rectify related faults.
Advanced correlation rules support the following functions:
The main property values in the alarm locating information can serve as correlation
conditions.
Enhancement
The following functions are added to M2000 V200R011C01:
The M2000 generates a summarized parallel alarm when the number of alarms meeting
the requirements exceeds Set Threshold.
The M2000 clears the summarized parallel alarm when the number of alarms is smaller
than Clear Threshold.
The M2000 generates a toggling alarm in analyzing alarm or event occurrence frequency.
A wizard for creating advanced correlation rules is added, which improves the usability of
this feature.
Issue 02 (2012-04-12)
22
Description
Alarm severity redefinition on NEs allows users to change the severities of alarms and events
on NEs. After severities of alarms and events are redefined, NEs report alarms and events
according to the new severities, and the M2000 displays the alarms and events according to the
new severities.
Description
Alarm masking on NEs allows users to set masking conditions on the M2000 and send the
conditions to NEs so that NEs do not report the alarms and events that meet the masking
conditions. Therefore, the masking for alarms and events is implemented on NEs.
The M2000 masks alarms and events according to alarm/event names and severities. When
setting conditions, users can sort NE objects according to NE types and sort alarms and events
according to alarm/event types and severities. This facilitates alarm/event selection.
Summary
To monitor NE environments, the M2000 supports the settings of environment alarms.
Benefits
Users can customize environment alarms to learn about the faults in the equipment room
environment and remotely monitor the environment centrally. This helps ensure the normal
equipment operation.
Description
Based on the actual situations, users can set environment alarms of NEs through the M2000
client, and bind the alarms with an NE port. In addition, users can mount an environment
monitoring device on the port so that NEs can generate alarms and report the alarms to the
M2000 in real time when the environment monitoring device detects environment faults.
Issue 02 (2012-04-12)
23
Enhancement
The functions of importing and exporting environment alarms are added to M2000
V200R012C00.
Summary
In alarm post-processing on the M2000, the M2000 allows users to perform a series of
operations on the alarms stored in the database, such as acknowledging alarms,
unacknowledging alarms, and collecting the statistics of alarms.
Benefits
The M2000 collects the statistics on alarms based on different conditions and displays the
statistical results on the GUI so that users can directly learn about the alarm distribution on
the network.
Description
This feature provides the following functions:
Users can unacknowledge the alarms that are acknowledged but not cleared. After an
alarm is successfully unacknowledged, its status automatically changes to
"Unacknowledged."
Issue 02 (2012-04-12)
24
The M2000 records the information about the time and the user who performs the related
operations.
Description
When the fault on an NE or on the M2000 is rectified, the NE reports a cleared alarm and the
M2000 sets the status of the corresponding fault alarm to "Cleared."
Description
On the M2000 client, users can manually clear specified alarms. After an alarm is cleared, the
M2000 changes the status of this alarm to "Cleared" and instructs the related NE to change the
alarm status to "Cleared." This feature is used to clear the alarms that cannot be automatically
cleared or the alarms that do not exist according to user confirmation.
Description
This feature allows users on the M2000 client to check whether the status of a specified alarm is
consistent on the M2000 and on NEs. If the status is inconsistent, the M2000 updates the alarm
status.
Issue 02 (2012-04-12)
25
Summary
This feature is used for classifying NE alarms into root alarms and correlative alarms,
depending on alarm generation causes. This feature allows O&M personnel to focus on root
alarms in the case of excessive alarms. Generally, multiple correlative alarms may result from a
root alarm. If a root alarm is cleared, most of its correlative alarms are cleared automatically.
Benefits
Device O&M personnel can clear root alarms first so that most of the correlative alarms can be
cleared automatically. Therefore, manual operations are reduced and maintenance efficiency is
improved.
Description
This feature provides the following functions:
Enhancement
The following functions are added to M2000 V200R011C01:
Dependency
This feature applies to eRAN1.0 and later versions.
Issue 02 (2012-04-12)
26
Description
This feature allows users to record the explanations of alarms or events and the troubleshooting
experience in the alarm information base through the M2000 client. The M2000 keeps the
records in terms of the alarm/event ID. To facilitate maintenance experience sharing, the
M2000 allows users to export the alarm information base as an XML, CSV, TXT, XLS, HTML,
or PDF file. It also allows users to import an external alarm information base as an XML file to
append to or replace the original alarm information base on the M2000.
The M2000 supports fuzzy search of maintenance experience information based on the names
of alarms and events or keywords of maintenance experience information in the alarm
knowledge library. The search criteria can be the names of alarms and events, keywords of
maintenance experience information, or the combination of the names and keywords. This imp
roves the efficiency of querying maintenance experience information.
Users can also add comments to alarms and events to record the operations performed on the
alarms and events. The change history (including the user, change time, and contents), is
automatically saved in the comments.
Enhancement
In M2000 V200R009, the M2000 supports fuzzy search of maintenance experience information
based on the names of alarms and events or keywords of maintenance experience information.
Description
If the configuration of an NE is modified, the NE reports a modification notification to the
M2000. Then, the M2000 updates the NE configuration data in the database according to the
notification. This implements the automatic synchronization of configuration data and ensures
the consistency of the configuration data between NEs and the M2000.
Users can view the information about the latest automatic configuration data synchronization of
each NE. The information contains the start time and end time of the synchronization,
synchronization types, synchronization results, and result details.
Enhancement
The function of browsing the information about automatic data configuration synchronization
is added to M2000 V200R008.
Issue 02 (2012-04-12)
27
Summary
To ensure that the configuration data between the M2000 and NEs is consistent, the M2000
supports manual and scheduled synchronization of configuration data. Users can view the
information about synchronization tasks.
Benefits
The M2000 provides manual and scheduled configuration data synchronization. The two
synchronization modes enable users to control the synchronization progress and ensure
that the configuration data between NEs and the M2000 is consistent.
Description
This feature provides the following functions:
Issue 02 (2012-04-12)
28
Enhancement
The function of browsing the information about manual and scheduled configuration
synchronization tasks is added to M2000 V200R008.
Dependency
None
Summary
The M2000 provides a window for viewing configuration data. It supports the functions of
searching for and exporting NE configuration data.
Benefits
The M2000 displays NE configuration data in a navigation tree and a table so that users can
easily view the logical relationships between configuration objects and detailed configuration
information.
Description
The M2000 displays NE configuration data in an interface that contains a navigation tree in the
left pane and a table in the right pane. The navigation tree displays NE configuration objects
and their logical relationships. The table displays the details about selected configuration
objects. The M2000 allows users to search for NE configuration data based on the keywords
contained in configuration object names. It also allows users to locate the search results on the
corresponding nodes in the navigation tree.
In the window for viewing configuration data, users can select an NE to export its configuration
data. The exported data can be saved as CSV and XML files.
In addition, the M2000 displays the common configuration data of some objects as labels in the
topology view. The common configuration data includes NE names, NE types, IP addresses,
current version information, link names, link types, and names of the NE nodes at both ends of
a link.
Description
The M2000 displays the information about and status of hardware and software resources on
the GUI, which allows users to learn about the network status in real time. Users can set the
Issue 02 (2012-04-12)
29
range of the objects whose status is to be monitored. They can also add, delete, suspend, and
resume monitoring tasks. The M2000 supports sorting the monitoring results by the statuses
and names of NEs and objects.
Table 2-1 describes the resources and resource statuses that can be monitored by using this
feature.
Table 2-1 Object management status
NE Type
Object Type
Management Status
eNodeB
Cell
eNodeB
Board
Description
The device panel provided by the LMT of an NE displays the subracks, boards, configuration,
and alarms of NEs on the GUI. On the boards, users can perform common operations such as
querying board statuses and resetting boards.
After starting the LMT of a specified NE in the M2000 topology view and starting the device
panel, users can check the hardware status in the topology view or perform routine maintenance
of devices through shortcut menus.
To ensure security of data transmission between LMTs and NEs, LMTs based on the iView
platform support SSL-encrypted transmission, and web LMTs support HTTPS-encrypted
transmission.
Issue 02 (2012-04-12)
30
Dependency
This feature is implemented on the LMT. If the NE LMT is based on the iView platform, users
must install the NE LMT on the M2000 client before using this feature. If the NE supports a
Web LMT, users do not need to install the NE LMT.
Summary
The M2000 provides the centralized device panel function and graphically displays subracks,
boards, and the status and alarm information about subracks and boards. On the device panel,
users can perform common operations such as querying board states and restarting boards.
Benefits
The graphical display of devices allows users to maintain NEs easily and improves the usability
of the M2000. By using this feature, users can directly view the hardware status of devices and
perform common operations on the device panel.
Description
The M2000 implements centralized device panel management, which allows users to switch
device panels of different NEs on the same GUI.
The device panel graphically displays the physical locations and states of racks, subracks, and
boards. In addition, the states can be updated in real time. The M2000 displays the following
board states: null, unknown, uninstalled, unconfigured, inconsistent, starting up, power off,
blocked normal, blocked faulty, faulty, active normal, standby normal, and abnormal
active/standby. The states are identified in different colors on the device panel. In addition, on
the device panel, users can learn about the running status of boards according to the indicators
of board states, fault bar, and the indicators of active alarms.
Users can right-click a board and perform common O&M operations through shortcut menus,
such as querying board status, alarms, CPU usage, inventory information, and resetting or
blocking the board. Board status varies according to the board type, and shortcut menus
supported by boards are slightly different.
The device panel provides shortcut menus for common maintenance, such as querying board
status, alarms, CPU usage, and inventory data, and resetting or blocking boards. The shortcut
menus vary according to board states.
If a BTS is configured with RRUs, the M2000 displays the physical topology relationships
between RRUs and between RRU and BBU ports by displaying the RRU device panel, RRU
chains, and CPRI connections. The physical network topology can be updated in real time,
showing the connection status and the device status on the topology.
Enhancement
The following functions are added to M2000 V200R011C00:
Issue 02 (2012-04-12)
31
Dependency
This feature applies to eRAN1.0 and later versions.
Summary
The M2000 provides the NE report, core network resource report, NE statistics report, link
report, and RAN configuration report. Users can view the basic NE information, port resource
information, NE version information, link information, base station configuration information,
and cell configuration information presented by these reports through GUI. Users can also save
the reports to a local PC or print the reports.
In addition, the M2000 can periodically generate the configuration reports through centralized
task management.
Benefits
The M2000 provides various configuration reports according to configuration data types and
O&M scenarios. Therefore, users can easily learn about the NE information, port resource
information, link information, base station configuration information, and cell configuration
information. This improves O&M efficiency.
Description
The M2000 provides reports such as the RAN configuration report. Users can view these
reports through the GUI. In addition, users can save the reports as XLS, CSV, TXT, PDF, or
HTML files. They can also print the reports.
The configuration reports can be generated periodically through centralized task management.
Users can set the report generation period in the unit of day.
The data in each report is as follows:
NE report
An NE report contains basic NE information, such as NE names, types, versions, IP
addresses, physical locations, vendors, districts, maintenance areas, status of the
connection with the M2000, and capacity. The report also provides the total number of
NEs and the number of disconnected NEs by NE type.
Issue 02 (2012-04-12)
NE statistics report
32
An NE statistics report allows users to query the version information about multiple NEs.
The version information includes the NE type, NE versions involved in each type of NE,
and number of NEs corresponding to each version.
Enhancement
The following function is added to M2000 V200R012C00:
Information about NE maintenance areas and connection status with the M2000 are added to
an NE report.
The following functions are added to M2000 V200R009:
Summary
This feature allows users to concurrently send MML commands and MML scripts to multiple
NEs on the M2000 client.
Description
The centralized command line feature allows users to send MML commands to multiple NEs of
the same type on the M2000 client. The CLI provides a command navigation tree organized by
function, supports the predictive input technique and help information, and records executed
commands. It also allows users to filter, search for, and sort NEs. Before executing a command
that may have severe negative effects, the M2000 displays a message, informing users of the
possible execution results. The M2000 executes the command only after users confirm the
operation.
The M2000 displays the execution results of MML commands on a GUI in real time. It also
provides a result redirection function so that users can directly save the command execution
results in a file.
MML commands can be processed in batches. To implement this, users edit the MML
commands to be executed in MML scripts, import the scripts to the M2000, and create a
centralized task to deliver the scripts to NEs. After a script is executed, the M2000 provides
statistics about the execution, including the number of successfully executed MML commands,
number of unsuccessfully executed MML commands, and list of unsuccessfully executed MML
commands.
Issue 02 (2012-04-12)
33
The M2000 centrally manages and schedules script tasks by using the feature WOFD-071200
Centralized Task Manager. When creating a task, users need to specify a script and set the
execution mode (immediate execution or scheduled execution), running mode, redirection of
the script result and NEs. According to the preset time, the M2000 sends the MML commands
in sequence in the script to the selected NE or multiple NEs of the same type. If required, user
can cancel the task during its execution.
Enhancement
The following function is added to M2000 V200R011C00:
The M2000 displays a message, which indicates the possible execution results before
executing an MML command that may have severe negative effects.
The M2000 provides the statistical information about the task execution after an MML
script task is completed.
Summary
Based on the measurement settings, the M2000 can obtain the measurement results of
performance counters from NEs and save the results in the M2000 database. Users can adjust
the measurement settings and use a template for the measurement settings. They can also view
the measurement status, perform measurement data synchronization, and view the
synchronization status.
Benefits
The user-friendly GUI simplifies operations and facilitates the monitoring and viewing of
the measurement status of an object.
By default, the M2000 collects and stores the measurement results of common object
counters. This can meet the data requirements in multiple O&M scenarios without any
user setting.
Description
This feature provides the following functions:
Setting measurements
The M2000 collects the data of network measurement counters and stores the data in the
M2000 database. Measurement objects, counters, and periods are three required elements
for performance data collection.
Issue 02 (2012-04-12)
34
Issue 02 (2012-04-12)
35
To ensure the consistency of performance measurement data between NEs and the M2000,
the M2000 provides manual and automatic measurement data synchronization modes.
Manual synchronization is performed when users detect exceptions on performance data.
When an NE is disconnected from the M2000 or when the M2000 performance service is
stopped, the M2000 detects that NE performance data is missing. In this case, the M2000
starts automatic supplementary collection. If no results are reported after the automatic
supplementary collection is complete, the M2000 generates an alarm, indicating that the
performance measurement results are missing.
The M2000 also allows users to manage the status of performance data synchronization
tasks. The M2000 provides a window for users to view all the ongoing performance data
synchronization tasks. On the interface, users can also perform operations such as filtering,
sorting, canceling, and retrying synchronization tasks, and resetting their priorities.
Enhancement
Performance data synchronization task management is added to M2000 V200R008.
Dependency
None
Summary
Users can query the performance data imported into the database on the M2000. The M2000
displays the query results in a table, line chart, or column chart. The M2000 also allows users to
print and save the query results, query data by template, query missing data, and subscribe to
performance data.
Benefits
This feature brings about the following benefits:
The M2000 allows users to set search criteria to easily query data based on fixed
conditions and customize search criteria. Multiple data display modes facilitate the
viewing of performance data.
The M2000 allows users to analyze causes of performance result loss in most application
scenarios. This improves efficiency in locating and solving performance result loss
problems.
Description
This feature provides the following functions:
Querying data
The M2000 supports data query by condition and displays the query results in a table, line
chart, or column chart. The supported search criteria are measurement objects,
measurement counters, measurement period, sort mode, and time ranges.
Issue 02 (2012-04-12)
36
The line chart displays the information about multiple counters of an object, or displays
the information about multiple objects of a counter. Line charts and column charts can be
saved as JPEG images.
Users can print the query results, and all the data in the active window is printed. They can
also save query results as TXT, HTML, XLS, or CSV files.
Query templates
The M2000 allows users to use templates for query. The templates consist of the default
templates and user-defined templates.
A default template is a predefined template provided for some NEs to facilitate the query
of common performance counter data. All the M2000 users can use the default template.
Users can create templates by copying default templates.
Users can save preferred performance data search criteria as a user-defined template.
Templates are saved according to users.
The M2000 allows users to import, export, cut, paste, copy, delete, rename, and view
user-defined templates, delete the templates in batches, and collect template usage
statistics.
When users use a template to query performance data without any modifications of the
conditions, the M2000 does it according to the default conditions of the template. Users
can also reconfigure the search criteria based on the template.
A diagnosis report provides causes of performance result loss, and suggestions and
procedures for handling the problems. Users can set criteria for analyzing performance
result loss, which are the same as the result search criteria. Users can also analyze causes
of performance result loss for specified performance query results.
Enhancement
The following function is added to M2000 V200R012C00:
Issue 02 (2012-04-12)
37
Users can collect statistics about performance query template usage and delete the
templates in batches.
Description
This feature allows users to define new performance counters based on the raw counters
provided by default and based on the existing user-defined counters. This meets the
requirements of performance counters that exceed the range of raw counters in the network
operation and maintenance. The supported calculation rules are +, , x, /, (,) and {and}, where
{and} is used to define constants. Users can create, modify, or delete user-defined counters.
Users can create, modify, and delete user-defined counters, which include the counter name,
unit, measurement set, function unit, formula, and description information. In addition, users
can export and import user-defined counters as XML files.
Enhancement
The following function is added to M2000 V200R010:
The M2000 allows users to create, modify, and delete the description of user-defined
counters.
Description
This feature allows users to set performance alarm thresholds for measurement counters. When
a counter value exceeds the threshold, a performance alarm is generated. When the counter
value is within the normal range, the alarm is automatically cleared.
This feature consists of threshold definition and threshold management.
Threshold definition:
The M2000 allows users to set multiple alarm thresholds for a counter. The alarm
thresholds can be set according to objects, time segments, periods, and trends. Different
thresholds can be set for the same counter according to objects, time segments, periods,
and trends.
Combined thresholds are supported. The triggering conditions for generating and clearing
threshold alarms are condition expressions. An expression can contain multiple counters.
The supported calculation rules are +, , x, /, AND, OR, =, !=, >=, >, <, (and), {and},
where {and} is used to define constants.
Issue 02 (2012-04-12)
38
Thresholds can be set for cell groups. The M2000 summarizes the counter results of all the
cells in a cell group, determines the threshold conditions, and generates performance
threshold alarms for the results that meet the conditions for triggering threshold alarms.
Users can customize the threshold alarm names. After a threshold task is bound with a
user-defined alarm name, the alarms that meet the threshold conditions are reported with
the user-defined alarm names.
The M2000 supports the dynamic change of alarm severities. If alarms of the same
severity are generated consecutively, the severity of this alarm can be changed to a higher
severity. Users can set the times for generating an alarm of the same severity for raising the
alarm severity.
The M2000 generates an alarm only when the times for triggering alarms that meet the
conditions reach a certain threshold. Users can set the threshold.
After an alarm is generated, it is cleared only when the performance counter monitoring
results do not meet the condition that the times of alarm conditions reach a certain
threshold. Users can set the threshold.
Threshold management
The threshold query is supported. Users can filter thresholds according to threshold names,
NEs (or objects under NEs), periods, triggering time segments, and threshold directions.
They can also query thresholds by combining multiple conditions.
The batch activation, suspension, copy, and paste of thresholds are allowed.
Enhancement
The following function is added to M2000 V200R009:
Threshold management
Threshold query
Suspension of NE thresholds
Dependency
None
Summary
After the devices on the live network are upgraded, users need to verify that the services can run
normally after the upgrade. The remote service upgrade validation feature allows users to verify
services remotely from the network management center. Therefore, users do not need to verify
the services through site dialing tests. This reduces network maintenance cost and improves
Issue 02 (2012-04-12)
39
efficiency. In addition, the remote service upgrade validation can be performed on all types of
NEs.
Benefits
This feature allows users to perform the verification remotely after an NE upgrade to avoid or
reduce manual dialing tests on site, reducing upgrade costs and workload.
Description
In the traditional O&M mode, after radio devices are upgraded on the communication network,
local manual dialing tests are required to check whether the services are normal. In this case, the
efficiency is low. Currently, NE upgrades are performed at the network management center
instead of on site to reduce upgrade costs and to improve O&M efficiency.
In this case, the remote service upgrade validation feature is developed. Users can use this
feature to check whether the services of NEs are normal after an upgrade by comparing the key
traffic counters before and after the upgrade. This feature is service-oriented, comprehensive,
precise and measurable, time-based, and object-based. Therefore, it can be used to verify NE
upgrades.
The M2000 verifies the upgrade after an NE upgrade is complete. When verifying the upgrade,
the M2000 obtains raw counters from the NE, calculates KPIs based on the raw counters, and
compares the best KPIs with the standard and historical reference values. Then, the M2000
provides the verification results. Users can save the verification results as an HTML, CSV,
XML, PDF, or TXT file.
Service upgrade verification is performed on a task basis. The M2000 manages and schedules
the tasks by using the feature WOFD-071200 Centralized Task Manager.
Enhancement
This feature applies to eNodeBs since M2000 V200R010.
Dependency
This feature applies to eRAN2.0 and later versions.
Summary
The M2000 centrally manages and authenticates O&M users on a network. The M2000
provides functions such as user account management, authority assignment, and user
authentication.
Issue 02 (2012-04-12)
40
Description
Managing O&M users is the most important aspect of the security management function in the
OSS environment. The M2000 centralized user management and authentication provide
support to harden the access security of the system. The M2000 allows administrators to create,
delete, and change O&M user accounts of both the M2000 and NEs, and assign rights to the
O&M users. The M2000 supports a maximum of 500 M2000 users, including the default
superuser.
The M2000 supports role-based user group management. A user group consists of a set of users
who have the same operation permissions. Operation permissions vary according to user groups.
Basic and rights information is required for creating user accounts and groups. Basic
information includes user or user group names and types. Rights information includes
management domains, operation rights, rights rules, and bound NEs.
The M2000 assigns user rights to users in either of the following modes:
The M2000 directly assigns rights to users by copying existing user rights information.
This simplifies the process of assigning rights.
The M2000 assigns rights to user groups and then to users based on the binding
relationships between user groups and users. The M2000 can assign rights to a user group
by copying rights information about another existing user group. This improves working
efficiency. A user can belong to multiple user groups and has the rights of all the user
groups it belongs to.
The M2000 provides five default user groups: Administrators, Operators, Guests,
Maintenance, and SMManagers. Telecom operators can create other user groups and assign
rights to the user groups as required. The Administrators user group has all rights except
security management rights. The SMManagers user group has only security management
rights. Users in this group can query security logs and perform security management operations,
for example, creating new users and user groups, granting permissions to users and user groups,
and changing the permissions of users and user groups. Users in other groups do not have
security management rights. The rights of Administrators and SMManagers groups cannot be
changed.
The M2000 provides a default superuser, user admin. The default superuser can perform all
operations on the M2000. User Admin belongs to both the Administrators and SMManagers
user groups, and its user group properties cannot be modified.
All the O&M users are authenticated by the M2000. When a user logs in to the M2000 through
an M2000 client or logs in to an NE through the LMT, the M2000 authenticates the login based
on the user name and password. Only the authorized user can log in to and operate the system.
In addition to that, the M2000 authenticates operations performed on an M2000 client or the
LMT. Therefore, users can perform operations with the most restrictive authority.
The M2000 provides a tool for importing and exporting basic user and user group information
and binding relationships between users and user groups. This tool transfers user information
among multiple M2000 systems.
Enhancement
The following function is added to M2000 V200R012C00:
Importing and exporting basic user and user group information and binding relationships
between users and user groups
Issue 02 (2012-04-12)
41
Dependency
Security data is imported and exported only among M2000 systems of the same R version.
Description
This feature allows users to set security policies for the M2000 system based on the
requirements of different security levels. For example, users can set global user password and
account policies, single user password and account policies, access control lists (ACLs),
database password policies, and security-related alarms.
To ensure service data security, the M2000 encrypts stored passwords and tracing data (except
the data collected by using the Trace Server) and data transmitted using USB flash drives. By
default, tracing data is not encrypted because the complicated encryption algorithm affects the
M2000's operating efficiency.
USB flash drives are required for transmitting data to NEs in many application scenarios. The
M2000 provides a tool to prevent key data from being stolen or tampered with. The tool
encrypts data, allows encrypted data transfer using USB flash drives, and protects data integrity.
NEs verify the data integrity and decrypt the data. The tool supports the DES3_CBC,
AES192_CBC, and AES256_CBC encryption algorithms and HMAC_SHA1 and
HMAC_SHA256 integrity algorithms.
The global password policies apply to the passwords of all M2000 users. The policies are as
follows:
Duration for which a password cannot be reused (months): The default value is 0.
Max. valid duration for password (days): The default value is 180.
Min. valid duration for password (days): The default value is 10.
Number of days in advance a warning is given before a password expires: The default
value is 10.
Min. character difference between new password and old password: The default value is 3.
Issue 02 (2012-04-12)
42
Max. number of same consecutive characters between user name and password: This
policy is disabled by default.
Password cannot contain any word given in password dictionary or any hacker language
(For example, one or several letters in a word cannot be replaced by a numeral or
numerals.) This policy is disabled by default.
Password cannot be the full user name or the reverse of user name: This policy is disabled
by default.
Password cannot contain any repeated string: Users can set both the number of characters
contained in a string and the number of times a string repeats in a password. This policy is
disabled by default.
Similarity between a new password and history passwords: Both the number of history
passwords and the number of consecutive characters that cannot be repeated between a
new and history passwords can be set. The values are set to 24 and 1, respectively. This
policy is disabled by default.
The M2000 allows users to set password policies for a single user, and the settings take effect
on only this user:
Max. valid duration for password (days): The default value is 180.
The M2000 provides the following password policies for database users:
Oracle database: An Oracle database user password must contain at least eight characters,
including at least one letter and one number.
The M2000 allows users to set global user account policies, and the settings take effect on all
M2000 users:
Lockout Duration: Specifies the number of minutes an account remains locked when the
number of failed login attempts exceeds the specified threshold. The default value is 30.
Users can also lock a user account permanently.
Delay in case of login failure or unlocking failure (seconds): refers to the wait time in case
of re-login and re-unlocking. The default value is 3.
Max. number of user login attempts: When the number of user login attempts reaches the
maximum, the user is automatically locked. The default value is 3.
Inactive user policy: If a user does not log in for a specified period, the user account is
hibernated or deleted. By default, the user account is hibernated if a user does not log in for
60 days.
Automatic client locking: After automatic client locking is enabled, the M2000 client is
locked if no operation is performed on it within the specified time. The default setting is 3
minutes.
The M2000 allows users to set user account policies for a single user, and the settings take
effect on only this user:
Issue 02 (2012-04-12)
43
Automatic idle user logout: After automatic idle user logout feature is enabled, the user
who does not perform any operation on the M2000 client within a specified time range is
automatically logged out. This policy is disabled by default.
Max. number of online users with the same user name: If the number of online users with
the same user name exceeds the preset number, the M2000 does not allow this user to log
in any longer. This policy is disabled by default.
Inactive user policy: If a user does not log in for a specified period, the user account is
hibernated or deleted. This policy is disabled by default.
Login time restriction: A user can log in to the M2000 only within a specified time range.
This policy is disabled by default.
ACL:
The M2000 provides ACLs for users. After an ACL is set, users can log in to the M2000
only by using a specified IP address or network segment. The default superuser is
authorized to set ACLs for all M2000 users. Users in the security management user group
are authorized to set ACLs for all M2000 users except the default superuser.
Security alarms:
The M2000 and NEs generate security-related alarms. These alarms are centrally monitored by
the M2000 fault management system. NEs of different types support different alarms.
As defined in the 3GPP specifications, the M2000 and NEs support the following
security-related alarms:
Integrity violation
Operational violation
Physical violation
Security violation
Encrypted storage of passwords and tracing data (except data collected by using the Trace
Server)
Enhancement
The following password and security policies are added to M2000 V200R010:
A password cannot contain any hacker language. For example, one or several letters in
a word cannot be replaced by a digit or digits.
The following password and security policies are added to M2000 V200R009:
Issue 02 (2012-04-12)
44
Max. number of the adjacent characters that can be the same in the user name and
password.
The numerals and letters in a password cannot be in the interval sequence of numerals or
letters.
The minimum number of characters different in the new password from the old password.
ACL.
Description
The online NE user monitoring feature allows users to monitor the session status and operations
performed by all NE users. On the session status browsing window, information about session
status, such as NE name, user name, user type, and login IP address. On the user operation
monitoring window, information about user operations, such as NE name, user name, user type,
login IP address, user operations, operation time, and execution results is displayed. All the
information about session status and user operations is monitored and displayed on the
monitoring interface in real time.
This feature also allows users to kick out specified users.
Issue 02 (2012-04-12)
45
Summary
The M2000 records the information about system running status in logs. Users can query,
export, and collect the statistics of logs. Logs help users to monitor and audit the running status
and executed operations of the M2000.
Description
Logs record the information about the running status of the M2000. Logs are categorized into
operation logs, system logs, and security logs.
Operation logs record the information about operations performed by users on the M2000
client.
Running logs record the operating information about the M2000 system.
Security logs record the following security-related events:
System events such as system startup and shutdown or events that affect system security or
system logs
Querying logs
The system allows users to query logs according to the preset conditions and displays the
query results. The M2000 provides various types of search criteria. Therefore, users can
easily view the required log information and save the query results in HTML, PDF, CSV,
or XML files. Users can save search criteria as a template.
Search criteria vary according to log types.
The search criteria for operation logs are terminals, operations, operated objects (NEs),
time, users, and operation results.
The search criteria for running logs are sources, severity, and time.
The search criteria for security logs are event severity, users, terminals, security events,
time, objects (NEs), and operation results.
Issue 02 (2012-04-12)
46
Exporting logs
This function allows users to export log information in the database to files. Log export
tasks are managed and scheduled by the centralized task manager.
The log export function contains two sub-functions, the latest data export and expiry data
export.
The latest data export function exports the log data that is generated recently to files for
analysis. Users can set the conditions of data export, such as task names, execution periods,
task valid time, file formats, and save paths. The exported log data is not deleted from the
database.
The expiry data export function exports the log data that are generated before a preset time
to files. After the data is exported, it is deleted from the database. Users can set the
conditions of data export, such as task names, task valid start time, storage duration of log
data (days), file formats, save paths, and whether to compress the file.
Both export modes support exporting log data to an XML, HTML, TXT or CSV file.
Enhancement
Logs can be exported to HTML and TXT files in M2000 V200R011C00.
Summary
This feature allows users to query and collect the statistics on the logs stored in the database.
The logs contain NE operation logs, NE security logs.
NE operation logs record operations performed by NE user, which help users to locate faults
caused by manual operations.
NE security logs record the security-related events such as logging in to the local maintenance
terminals (LMTs) of NEs, changing NE user rights, and adding NE users. These logs help users
to monitor the running status of NEs.
Description
This feature provides the following functions:
Issue 02 (2012-04-12)
47
limit, the M2000 automatically dumps NE logs to TXT files. NE log data dumping is
disabled by default because it affects the M2000's performance.
Synchronizing logs
By synchronizing the log information about the M2000 with that about NEs, the M2000
ensures the consistency of log information. The M2000 supports manual and automatic
synchronization. Both manual and automatic synchronization are performed through tasks.
Manual synchronization is triggered by users, and automatic synchronization is
automatically triggered through preset M2000 parameters. Automatic synchronization
tasks are managed and scheduled by using the feature WOFD-071200 Centralized Task
Manager. Users can set task parameters such as task start time, execution period, and NEs.
Users can also view the status and progress of a synchronization task.
Querying logs
The system allows users to query logs according to the preset conditions and displays the
query results. The M2000 provides various types of search criteria. Therefore, users can
easily view the required log information and save the query results in TXT, HTML, CSV,
PDF, XLSX, or XLS files. By default, the query results are saved in XLS files. Users can
save search criteria as a template.
Search criteria vary according to the log type.
The search criteria for NE operation logs are user names, user types, terminals, NEs, and
operation results and time
The search criteria for NE security logs are time, users, user types, security levels,
terminals, operation results, and NEs.
All the NEs that support NE log management support NE operation logs.
Exporting logs
The M2000 exports NE log data generated within the latest time range to TXT files and
provides the files for other systems or users to analyze. Users can set data export criteria
such as task names, execution periods, valid time, file formats, and save paths. The
exported log data is not deleted from the database.
WOFD-000500 OS Hardening
Availability
This feature was introduced in M2000 V200R009.
Summary
This feature enhances the security of the M2000 operating system by disabling unsecured
operating system services, restricting access to files and directories, securing user accounts and
passwords, and adjusting kernel parameters.
Issue 02 (2012-04-12)
48
OS hardening policies enable the M2000 to display a warning banner when users log in to the
M2000 through FTP or SSH. In addition, the hardening policies provide system logs related to
Inetd, FTP, cron tasks, and daemon process for users to tracing and audit the operations
performed on the operating system.
Before delivery, the M2000 performs security hardening on SUSE Linux operating systems
according to default hardening policies. Some hardening policies must be manually
implemented in certain scenarios. For example, users must manually disable the remote login of
user root, set TCP Wrappers, and disable FTP services.
Benefits
The hardening policies protect operating systems against malicious attacks and enhance the
security of the M2000 system. These policies include hardening the security of application,
controlling the access to files and directories, adjusting kernel parameters, tracing and auditing
logs, and securing user accounts and passwords.
Description
The default hardening items are as follows:
Application hardening
This function lowers the system security risks by restricting the use of system services and
disabling unsecured and unnecessary services.
SUSE hardening policies include deleting unnecessary daemon processes, enabling the
Initd service, Xinet service, SSH encryption algorithm, SSHD accounts, secure SSH
authentication, and FTP security configuration, and limiting FTP users.
Issue 02 (2012-04-12)
49
All applications and data in the Linux systems are stored as files. A directory that contains
files is also regarded as a file. Therefore, the security of files and directories is of great
importance to the Linux systems. This function enhances the security of operating systems
by setting rights for all the directories and files except the /proc directory.
The policies for the SUSE operating system include restricting access to system
directories, files, and executable files, setting files and directories that have no owners,
restricting the use of the crob command, restricting the access to the PATH directories
(only user root is authorized to access the PATH directories), and setting ro mounting.
Warning banners
Warning banners are the messages displayed when users log in to the system through FTP,
or SSH. The messages indicate the penalties for unauthorized access to the system. This
policy also hides system version information to protect the system against attacks.
Enhancement
The following function is added to M2000 V200R011C00:
Dependency
None
Summary
This feature enhances Oracle database security by restricting the access to files and directories,
adjusting database parameters, locking unnecessary default user accounts, and preventing
common users from accessing system tables.
Before delivery, the M2000 performs Oracle database hardening based on default hardening
policies.
Benefits
This feature combines database and operating system hardening to protect the M2000 against
external attacks and enhance M2000 system security.
Description
Oracle hardening items are as follows:
Issue 02 (2012-04-12)
50
This function reduces database security risks and improves database service security by
restricting access to files and directories and preventing unauthorized users from accessing
or modifying database files and directories.
Summary
Main risks that threaten OSS security include viruses, worms, and spyware. To prevent OSSs
from being attacked by these threats, Huawei provides antivirus solutions for Windows and
SUSE Linux operating systems by deploying third-party software.
Benefits
This feature protects M2000 and Citrix clients and servers from being attacked by viruses,
worms, and spyware and enhances the system's antivirus capability.
Description
OfficeScan 8.0 is deployed to provide antivirus protection for M2000 and Citrix clients and
servers that run on the Windows operating system.
ServerProtect for Linux 3.0 and Control Manager are deployed to provide antivirus protection
for M2000 servers that run on the SUSE Linux operating system.
Enhancement
The antivirus solution applies to the ATAE cluster solution in M2000 V200R012C00.
Dependency
ServerProtect for Linux 3.0 provides antivirus protection only for ATAE-based M2000 servers.
OfficeScan 8.0, ServerProtect for Linux 3.0, and Control Manager are commercial antivirus
software and must be purchased individually. Third-party software and hardware configured for
the antivirus solution apply to OSS products such as the M2000, PRS, and Nastar after being
Issue 02 (2012-04-12)
51
deployed one time. Therefore, users do not need to purchase the software and hardware for each
product.
Summary
Topology management provides a complete overview of the M2000 network topology. The
topology view displays the networking and running status of devices. After an NE topology
object is created, it is added to the M2000 topology.
Benefits
Providing a system portal, through which users are given direct access to NEs, which
improves system usability.
Using subnets to represent the network hierarchy, which improving visibility. Working
with the feature WOFD-040100 Centralized User Management and Authentication, the
topology management feature allows users to operate and maintain NEs based on regions
and NE hierarchy.
Description
The topology management module displays objects such as NEs, links, and subnets in charts
and navigation trees. It also provides functions of viewing configuration, alarms, and
performance data, starting the MML clients and LMTs, and synchronizing logs, configuration,
and alarm data
Topology view
In the topology view, the M2000 uses icons to identify different types of NEs. The
topology view consists of a navigation tree in the left pane and a chart in the right pane.
The navigation tree displays topology objects and their logical hierarchy. The navigation
tree shows each topology object and the hierarchy. The topology map in the display pane
shows all the topology objects and their basic information on the existing subnet,
relationship between the objects, alarm status of the objects, and KPIs.
Users can use the fuzzy search function to find and locate a topology object by using the
following keywords: object name, IP address, version, vendor, and position, cell name.
Users can create, add, and delete a topology object in the topology view. Users can create,
add, and delete a topology object in the topology view. In the topology view, different
icons represent different NEs and users can select an icon based on its size. The length of
the topology object name displayed in the topology view can be set. The settings take
effect only on this client. Users can change the background of the topology root view and
subnet view. The M2000 supports the background image in JPG or GIF format.
Issue 02 (2012-04-12)
52
Administrators can export information about the root node, links, devices, and subnets to a
CSV file. Then, the M2000 provides this file for a third-party system to re-create a
topology.
Topology object
NE
If the device can be managed by the M2000, it is termed physical NE. If the device
cannot be managed by the M2000, it is termed virtual NE.
The M2000 is a special NE in the topology view.
Link
In the topology view, links are used to represent the physical or logical connections
between NEs.
Links are categorized into physical links and virtual links. Physical links refer to the
links connecting physical NEs. Virtual links are created by users. They are used to
represent the connections between NEs in the topology view. Currently, the M2000
supports links of the following types: M3UA, H248, BICCSCTPLNK, DATALINK,
MTP3, MTP3B, and Fiber Link. M3UA, H248, and BICCSCTPLNK links are created
automatically and cannot be created manually. DATALINK, MTP3, and MTP3B links
need to be created manually.
Subnet
In the topology view, subnets are used to categorize NEs. In this way, a large network is
divided into several small subnets. Each subnet can contain a maximum of 500 NEs.
When creating objects, users need to set the properties of objects, such as name, IP address,
version, vendor, position, region, description. The properties vary according to objects.
The M2000 allows users to quickly create and delete NE objects in batches in the topology
view. In addition, the M2000 allows users to modify the longitude and latitude information
about NEs in batches in a file and import the file to the M2000 to implement the batch
modification.
The M2000 supports subnets. A well-designed physical subnet structure cannot only
picture the actual topology of the network, but also facilitate routine operation and
maintenance. The M2000 classifies a network into physical subnets by region, NE type, IP
address, and maintenance personnel.
Enhancement
The following functions are added to M2000 V200R012C00:
The M2000 allows users to quickly view the status of cells under eNodeBs and provides
shortcuts to facilitate operations on cells
The length of the topology object name that can be displayed can be set. The settings take
effect only on this client.
In the topology view, users can select an icon based on its size.
Issue 02 (2012-04-12)
53
Modify the longitude and latitude information about NEs in batches by importing the file
to the M2000.
The M2000 allows users to export topology relationship data to a CSV file. The file is
provided to a third-party system for re-creating topology.
Dependency
The KPI values displayed in the topology view are provided by the feature WOFD-190100
Real-Time Performance Monitoring. If this feature is unavailable, the topology view does not
display KPI values.
Description
The eNodeB automatic detection is implemented during eNodeB automatic deployment
(WOFD-280400 eNodeB Auto-Deployment LTE). Therefore, it is not included in this feature.
The M2000 can automatically detect the CORE ATCA NEs of the specified CGPOMU on the
physical topology view. After CGPOMU is created successfully, the CGPOMU automatically
searches for its sub-NEs. The detected sub-NEs are displayed in the topology view. If the
communication between the CGPOMU and its sub-NEs is abnormal, the sub-NEs fail to be
automatically found. In such a case, user can manually trigger the Search CORE NE function of
the CGPOMU to search for the sub-NEs.
Description
The NE license management feature includes common NE license file management and
eNodeB license management.
The common license management functions are as follows:
Issue 02 (2012-04-12)
54
The M2000 provides the following functions for implementing these procedures:
After delivering a license file to an NE, the M2000 automatically backs up the license file
to the backup directory.
2.
Invalidating a license
The procedure for invalidating an eNodeB is similar to that for invalidating a NodeB
license. Before updating the license information about an eNodeB, users must invalidate
the existing license to obtain an invalidity code, which is mandatory for applying for a new
license.
Enhancement
The following functions are added to M2000 V200R012C00:
Managing license information about BSC6900 UMTS, BSC6900 GSM, and BSC6900
GU
Issue 02 (2012-04-12)
55
Dependency
By integrating with the feature WOFD-210200 Automatic File Upload, the northbound
license file interface provided in this feature allows the M2000 to upload alarm files to the
third-party and other systems.
Summary
This function allows the M2000 to centrally manage the software, patches, OS patches, and
data files of NEs. Users can upload, download, load, activate, and synchronize the software,
patches, and data files, and confirm the software loading. The software upgrade can be
performed in stages.
The system supports the following upgrade modes:
Benefits
This feature brings about the following benefits:
The M2000 provides a user-friendly GUI, which simplifies maintenance operations and
improves work efficiency.
Remote management is required for users to copy and operate software locally, reducing
maintenance costs.
The batch upgrade reduces a large amount of repetitive work and improves upgrade
efficiency significantly. In addition, errors caused by manual operations are reduced.
Description
NE software management allows users to manage different files of NEs. The file types are as
follows:
Software: indicates the software of the NE, including cold patches.
The patches of NE software are categorized into hot patches and cold patches. After cold patches are
loaded, NEs need to be restarted. After hot patches are loaded, NEs do not need to be restarted. Cold
patches are managed as special software.
Issue 02 (2012-04-12)
56
eNodeB
IP Clock Server
NE software management includes file management and software upgrade management. File
management allows users to perform certain operations on the files stored on the M2000 and
NEs to upgrade NE software. NE upgrade management provides various NE upgrade modes,
including wizard-based upgrade, task-based upgrade, software upgrade expert, and external
upgrade. These upgrade modes enable users to easily upgrade NEs. File management:
NE files can be stored on the M2000 file server for centralized management. Users can
browse and delete NE files and upload and download these files between the M2000 client,
server, and NEs. Users can create various file transfer tasks in a window for transferring
files in different directions and for different NE types and file types. In a file transfer task,
files of the same type can be transferred in one direction for the same type of NE.
Before uploading NE software from the M2000 client to the M2000 server or from the
M2000 client to the NE, the M2000 verifies the integrity of the software version according
to the digital signature in the version package. If the verification fails, users are prompted
to determine whether to continue the upload.
The M2000 allows users to perform various operations on the files stored on NEs. For
example, users can check the version information and version package status of NEs. They
can also upload files to the M2000 file server, and load, activate, deactivate, synchronize,
uninstall, and confirm the files. The supported operations vary according to the file type.
File management allows users to upgrade NE software. To implement this, users first
download the NE software of the target version from the M2000 client or server to an NE,
and load, activate, and synchronize the software.
NE software upgrade:
Task-based upgrade allows users to upgrade and roll back NE software and patches of
third-party software in batches.
Issue 02 (2012-04-12)
Providing the eNodeB and IP Clock Server with the batch upgrade task. Users can
upgrade NEs of the same type concurrently. A maximum of 600 NEs can be upgraded
at a time. To minimize the impact of the upgrade on other services, the M2000
upgrades the NEs in batches, where 60 NEs are upgraded at a time. Users can configure
both upgrade steps and modes. Upgrade modes can be set to instant tasks, manual tasks,
or scheduled tasks. The M2000 allows users to perform health check on the eNodeB at
pre- and post-upgrade stages. By comparing the pre-upgrade health check report with
the post-upgrade health check report, users can detect the impacts of the software
upgrade on devices. For details about the check items, see the feature WOFD-240100
Network Health Checking. Pre- and post-upgrade health checks are optional.
57
The M2000 rolls back the versions and patches of eNodeBs in batches. It uses the
specified software version saved in the main control board on the NE side to perform the
rollback without loading or activating the versions and patches. The M2000 provides the
software management expert to manage the software upgrade process of the eNodeB. This
function integrates operations such as upgrade preparations, checks during the upgrade,
and checks after the upgrade into a process that meets O&M requirements. In this way,
O&M personnel can upgrade a NodeB by performing simple operations. The M2000
manages the upgrade process as a project.
The project has three phases: upgrade preparations, upgrade, and upgrade verification.
Upgrade preparations involve checking preparation information, feasibility, risks, and
pre-upgrade health. During the upgrade phase, NEs are upgraded in a mode similar to task
mode. Users create tasks to upgrade NEs in batches and in different time ranges. During
the upgrade verification phase, the M2000 performs a health check on upgraded NEs and
compares the pre- and post-upgrade check results. For details about the supported check
items, see the feature WOFD-240100 Network Health Checking describes.
When O&M personnel plan the upgrade of a version, they create an upgrade project, set a
target version, add the NEs that need to be upgraded to the same target version to the
project, and import a package for upgrade risk check to the project. The upgrade risk check
package determines the check items required for feasibility and risk checks, such as the
upgrade path, version mapping, and upgrade risks. This function allows O&M personnel
to flexibly control the upgrade process of each NodeB in the upgrade project. For example,
they can repeatedly check the upgrade preparations of the BTS that fails to be upgraded.
They can also check a BTS that has not been checked and upgrade the BTS that meets the
upgrade requirements.
After upgrading an eNodeB in task mode or using the software management expert, users
can view the reports on the comparison of pre- and post-upgrade alarms and cell status in
CSV format on the M2000 client. This facilitates upgrade result analysis and verification.
When a user creates an NE upgrade task, the M2000 performs a self-check on the CPU
usage. If the CPU usage is high, the M2000 prompts the user to choose other time for the
upgrade. Users can stop and retry upgrade tasks in batches.
Enhancement
The following functions are added to M2000 V200R012C00:
Viewing pre- and post-upgrade cell status comparison reports after an eNodeB is upgraded
Providing reports for wizard- and task-based upgrade and software management expert
58
Providing integrity check and policy-specific upgrades for eNodeB software versions
Performing health checks on the eNodeB at the pre-upgrade and post-upgrade stages
Description
The LMTs of NEs provide the interface tracing function, which traces signaling messages and
single UE signaling messages. The LMTs trace these messages in real time. Users can save the
messages as TXT or TMF files for offline browsing.
After starting the LMT of a specified NE in the M2000 topology view, users can monitor
network status in real time, and detect and locate problems in time by creating interface and
signaling link tracing tasks.
To ensure security of data transmission between LMTs and NEs, LMTs based on the iView
platform support SSL-encrypted transmission, and web LMTs support HTTPS-encrypted
transmission.
Dependency
This feature is implemented on the LMT. If the NE LMT is based on the iView platform, users
must install the NE LMT on the M2000 client before using this feature. If the NE supports a
Web LMT, users do not need to install the NE LMT.
Description
The LMT of the NE provides the function of monitoring the status of NE in real time. The
results can be displayed in charts or through data. The running status of ongoing services and of
the M2000 system can be monitored. In addition, this feature supports exception analysis and
device maintenance.
Issue 02 (2012-04-12)
59
After starting the LMT of a specified NE through the topology view of the M2000, users can
create real-time status monitoring tasks.
The monitoring function varies according to the NE type. The CPU usage of all NEs can be
monitored. The other items that can be monitored are as follows:
eNodeB monitored items: include cell performance, user performance, RRU performance,
and transmission performance.
To ensure security of data transmission between LMTs and NEs, LMTs based on the iView
platform support SSL-encrypted transmission, and web LMTs support HTTPS-encrypted
transmission.
Dependency
This feature is implemented on the LMT. If the NE LMT is based on the iView platform, users
must install the NE LMT on the M2000 client before using this feature. If the NE supports a
Web LMT, users do not need to install the NE LMT.
Summary
The M2000 allows users to manage the lifecycle of NEs by setting maintenance modes for NEs.
In this way, users can perform appropriate maintenance on the NEs according to their
maintenance modes. For example, users can distinguish common alarms and maintenance
mode alarms that are generated in scenarios such as network setup, expansion, and upgrade.
This reduces the impacts of maintenance mode alarms on monitoring common alarms and
improves maintenance efficiency. In addition, users can focus on the alarms that affect services.
Description
NE maintenance policies vary according to scenarios such as NE deployment, upgrade,
commissioning, capacity expansion, and normal operation. To meet maintenance requirements
in different scenarios, the M2000 provides a flexible mechanism so that users can adopt
different maintenance policies to maintain NEs based on NE maintenance modes. For example,
during deployment, upgrade, and commissioning, NEs will generate a large number of
unnecessary alarms. The statistics about the live network indicate that the ratio of the
unnecessary alarms to all generated alarms is greater than or equal to 85%. If these alarms are
not differentiated from common alarms, maintenance engineers may fail to identify important
alarms in time.
Users can set NE maintenance modes on the M2000. When the network is in a specified state,
users can set the status of an NE to the corresponding state on the M2000. The M2000 regards
NE maintenance modes as a type of index. Users can filter various NE data by maintenance
mode in scenarios such as processing maintenance mode alarms and filtering NEs in a topology
view.
Issue 02 (2012-04-12)
Maintenance mode management: Currently, the default maintenance modes are normal,
initialization, upgrade, expansion, and commissioning. To meet specified user
requirements, the M2000 allows users to set 10 extended maintenance modes based on the
60
five default modes. Users can customize a maintenance mode by setting the name of an
extension mode. Users can define alias names for NE maintenance modes on the M2000,
set and query maintenance modes, and export them to CSV files.
Maintenance mode alarms: Alarms generated in other NE modes, except the "normal"
mode, are regarded as maintenance mode alarms. After the maintenance mode settings
take effect, the M2000 handles alarms based on the maintenance mode identities in the
alarms reported by NEs. By default, the M2000 does not monitor maintenance mode
alarms. After receiving a maintenance mode alarm, the M2000 does not display the alarm,
generate an audio or visual alarm message, send an alarm notification, or forward the
alarm to a third-party system. In the alarm monitoring window, users can browse, query,
and collect statistics on maintenance mode alarms by maintenance mode. This meets the
requirements in specified scenarios.
Topology filtering: The M2000 allows users to query the maintenance modes of NEs in a
topology view and allows users to filter NEs by maintenance mode.
Enhancement
The following functions are added to M2000 V200R012C00:
The M2000 supports filtering NEs based on maintenance modes in the topology view.
Dependency
This feature applies to eNodeBs in eRAN1.1 and later versions.
Summary
An excessive voltage standing wave ratio (VSWR) reduces communication distances, and the
power amplifier pipe may be burnt because the reflected power returns to the transmit power
amplifier. This affects normal communication. To solve this problem, the M2000 provides the
function of VSWR query, which allows users to remotely monitor base station VSWR.
This feature applies in the following scenarios:
Issue 02 (2012-04-12)
61
In the early stages of base station deployment, Huawei GTS personnel use this feature to
test the project quality of the cooperation partner.
During the delivery of the entire network, users use this feature to test the project quality.
To improve O&M efficiency for RFs on the air interface, the M2000 introduces the functions of
detecting intermodulation interference.
Benefits
Compared with the traditional method of using measurement instruments to monitor BS
VSWRs, this feature allows users to remotely monitor BS VSWRs on the M2000 and therefore
reduces maintenance and labor costs.
The functions of detecting intermodulation interference simplify the troubleshooting process
for customers based on the experience of RF experts. They have unique values for improving
network O&M efficiency.
Description
The VSWR query feature consists of the VSWR query and threshold settings. Currently
VSWR query applies to the eNodeB.
VSWR query: Users can select one or multiple eNodeBs in the query window to view the
VSWR of theeNodeBs. They can save or print the query result. The query result is saved in a
CSV file.
Threshold settings: Users can divide VSWRs into multiple value ranges and set a display color
for each value range. After the colors are set, the M2000 displays the value ranges of the query
result in the user-defined colors.
Enhancement
The following functions are added to M2000 V200R011C00:
Dependency
The VSWR query function applies to eNodeBs in eRAN2.1 and later versions.
The intermodulation interference detection function is supported by DBS3900 series eNodeB.
Issue 02 (2012-04-12)
62
Summary
The M2000 monitors the current network resource usage in real time through key counters,
such as CPU usage, GPRS user-plane traffic volume, and link status. The monitoring results are
displayed in charts. By using this function, users can learn about the device performance status
and system running status in real time.
Benefits
The M2000 supports various types of monitoring, which applies to various O&M
scenarios.
This feature allows users to learn about the device status in real time, and identify and
rectify faults in time, reducing the impacts of faults.
Description
Currently, the M2000 supports the real-time resource monitoring for eRAN NEs.
, describes the monitored items supported by the M2000.
Table 2-3 Monitored items of eRAN supported by the M2000
Monitored Item
Description
CPU usage
RRU performance
monitoring
Cell performance
UE performance
Issue 02 (2012-04-12)
63
Monitored Item
Description
Transmission
performance
Clock quality test collects raw phase data about the clock algorithm of
the current NE clock source, facilitating onsite troubleshooting and
maintenance.
IP clock data collection helps users to analyze the clock jitter model on
the live network, facilitating algorithm optimization.
The M2000 implements various types of monitoring functions by performing various tasks.
Users can control the monitoring process by creating, starting, stopping, or deleting tasks. The
M2000 supports a maximum of 30 concurrent monitoring tasks.
After a user selects a monitored item and set the required task parameters, the M2000 sends a
command to NEs to start a monitoring task. NEs report the monitoring results to the M2000 in
real time. Then, the M2000 parses the monitoring results and saves the parsing results in the
database.
The M2000 displays monitoring results in a list or a chart. In the list, users can view the details
of each monitoring result. In the line chart, users can view the history status and trend of
counters.
Users can view the monitoring results through playback. After this playback function is enabled,
the M2000 dynamically displays the monitoring results in the receiving sequence. During the
playback, users can perform the stop, pause, forward, or backward operation and set the refresh
frequency.
With this function, users can view and analyze messages without manually dragging.
Enhancement
The functions of monitoring CPU usage, RSSI interference detection, and DL RSRP/RSRQ for
eNodeBs .
Real-time centralized resource monitoring for eNodeBs is added to M2000 V200R011C00.
Issue 02 (2012-04-12)
64
Summary
This feature allows users to inspect NE devices, analyze alarms, and check the M2000 system
status. It also allows users to export check reports.
Benefits
This feature can implement the total check of the devices on the live network. Therefore,
users need to view only the check report to identify hidden device problems and take
preventive measures to ensure the normal operation of devices and improve the quality of
service.
Users can set a scheduled task to check the network in non-busy hours to reduce the
impacts on network services.
Description
Network health check is performed on the basis of tasks. Users can customize health check
tasks according to the actual requirements. Users can perform operations such as creating,
copying, manually performing a task, enabling the automatic task execution, and viewing the
task status. After a health check task is complete, a check report in HTML or DOC format is
generated.
To meet the requirements in different scenarios, the system provides the following preventive
maintenance and check items:
If the CPU usage exceeds the threshold, the M2000 does not conduct preventive
maintenance and periodically checks the CPU usage.
If the CPU usage is lower than the threshold, the M2000 starts preventive maintenance.
This function prevents a CPU usage decrease during device preventive maintenance.
Health check reports are in HTML or DOC format. The M2000 supports the comparison
of device preventive maintenance results. The NEs that support this check item are
eNodeB, IP Clock Server, and the M2000 itself. Each type of NE supports different
preventive maintenance items:
Issue 02 (2012-04-12)
65
The check items include versions of the operating system and of the patches, version of
the database, M2000 version, NTP server status, system time zone, disk status and
partition usage, available memory, cluster status, and status of the M2000 services.
Alarm check
Both the M2000 and NEs support the alarm check function. Alarm check reports are in
HTML format. Supported check items include alarm trend, alarm TopN, alarm
comparison, alarm statistics, statistics about unacknowledged and uncleared alarms, and
statistics.
Enhancement
The network health check for the eNodeB is added to M2000 V200R008.
The following functions are added to M2000 V200R009:
Availability
This feature was introduced in M2000 V200R009.
Summary
This feature can be used to check the running status of NEs and the network. By viewing health
check reports, users can detect potential faults in devices and take preventive measures to
ensure the normal running of the network.
Benefits
This feature brings about the following benefits:
This feature can implement the total check of the devices on the live network. Therefore,
users can detect potential device faults by viewing the check report and take preventive
measures to ensure the normal operation of devices and improve the quality of service.
After a fault occurs on the network, maintenance engineers can perform NE health check
to quickly identify the causes of the fault.
Before and after an NE is upgraded, maintenance engineers need to use the health check
function to check the NE status and check whether the result is correct after upgrade.
Maintenance engineers can also use this function to check the result of NE patch upgrade
and NE preventive maintenance.
Description
eCNS supports the network health check. For the details about the NEs that support this
function, see the feature list.
Issue 02 (2012-04-12)
66
The health check items include hardware status, NE version, and patch information, interface
status, link status, circuit status, route and sub-route status, OMU status, basic configuration
data, office data configuration, and alarm information.
To facilitate the implementation of the function, the M2000 supports the health check by
scenarios. NEs and NE check items are classified into scenarios. The check items vary
according to scenarios, such as the upgrade scenario and the capacity expansion scenario.
Network health check is performed through tasks. Users can customize health check tasks
according to the actual requirements. Users can perform operations such as creating, copying,
manually performing a task, enabling the automatic task execution, and viewing the task status.
After a health check task is complete, a check report in HTML or DOC format is generated.
Network health check is performed through tasks. When configuring a task, users need to only
select a proper scenario and NEs to be checked, but do not need to specify check items. This
helps to check NEs in specified scenario. For example, when creating a task, users can select a
type of NEs or a specified NE, and set the running time of the health check task. The M2000
supports instant tasks, scheduled tasks, and periodic tasks.
After a task is completed, users can download task running report that contains the check results
for all check items.
The M2000 supports the function of comparing reports for users to learn the comparison of
check results. This function can be used to compare the check results before and after NE
upgrade.
Dependency
None
2.10 FARS
This function can be used to quickly locate and resolve problems. Normally there is no way to avoid that some user
data such as IMSI, MSISDN will be used during the troubleshooting. However, this function provides an
anonymous data processing method. Operators are obligated to take considerable measures, in compliance with the
laws of the countries concerned and the user privacy policies of your company, to ensure that the personal data of
users is fully protected.
Summary
This feature provides tracing task management and task browsing functions. The task
management function allows users to create, start, and stop tracing tasks. The task browsing
function allows users to browse, explain, filter, play back, and store tracing messages.
The M2000 provides subscriber information anonymous policy management to encrypt IMSI,
IMEI, and MSISDN during signaling tracing. This protects subscriber data from being
disclosed.
Issue 02 (2012-04-12)
67
Benefits
This feature provides the following benefits:
Description
This feature supports signaling tracing in task mode and provides task management functions.
This feature allows users to control the tracing procedure by viewing information about all
tracing tasks and performing operations such as task creation, startup, stopping, and deletion.
The information about each tracing task includes the task name, tracing type, creator, status,
start time, end time, network element, exception cause, and data source.
The M2000 supports a maximum of 100 concurrent subscriber tracing tasks. These tasks
include LTE subscriber tracing tasks.
The M2000 supports a maximum of five concurrent non-subscriber tracing tasks, including
detail subscriber tracing tasks and the non-subscriber tracing tasks of all technologies, such as
cell tracing tasks and interface tracing tasks. A maximum of one detail cell tracing task is
supported.
After a tracing task is started, NEs report traced messages to the M2000. Then, the M2000
analyzes these messages and saves analysis results to the database.
The M2000 supports the following functions on the traced messages:
Message browse
The analysis results for a tracing task are displayed in a list. The contents in the list include
message SN, report time, tracing type, message type, message direction, and message
contents. Users can set message colors according to the message direction and type.
Message explanation
Message explanation is to translate a binary message into a protocol frame structure,
which is displayed as a tree diagram. Users can view the message explanation.
Message filtering
Users can filter tracing messages by message field, message byte, or information element.
Supported fields include message type, message direction, time, and interface type. An
information element is a node carrying service messages in the message tree generated
during message explanation. An information element is identified by a path.
Message export
Users can export the data about a selected tracing task to a TMF file. Messages in the TMF
file can be imported into the M2000 again.
Issue 02 (2012-04-12)
Message comparison
68
Users can compare messages after the M2000 translates messages into protocol frame
structures. Signaling in two messages is highlighted in different colors.
Message summarization
The M2000 displays the summary about a tracing task, including tracing type, task name,
creator, traced NE, start time and end time, total number of messages, and total number of
MRs.
Message playback
Users can view collected tracing messages using the playback function. After the playback
function is enabled, the M2000 displays tracing messages according to the sequence they
are received. During the playback, users can stop, pause, rewind, or fast forward messages.
In addition, users can set intervals for refreshing messages.
With the playback function, users can view and analyze messages without manually
dragging messages.
Enabling or disabling the anonymization policy: Users can enable or disable the subscriber
information anonymization policy on the entire network. After this policy is enabled, the
M2000 and NEs automatically encrypt the IMSI, IMEI, and MSISDN used in creating
tracing tasks and in messages to prevent subscriber data from being disclosed.
Updating cipher keys: After a new cipher key is delivered and takes effect on the M2000
and NEs, the M2000 and NEs use the new cipher key to encrypt IMSI, IMEI, and
MSISDN.
Checking consistency: Users check the status of the cipher keys and anonymization
switches on the M2000 and NEs and synchronize the status based on the check results to
ensure that the status is consistent between the M2000 and NEs.
Enhancement
The following function is added to M2000 V200R012C00:
Message playback
Dependency
This feature applies to all the tracing features in section 2.10 "FARS" except for the feature
WOFD-191700 Mass Trace Collection LTE.
Users can use this feature only after they have purchased the optional tracing features.
Issue 02 (2012-04-12)
69
Summary
By using this feature, the M2000 can trace and display the interface messages and the link
messages to provide the effective data support for routine maintenance, commissioning, and
fault localization of devices.
The LTE provides the following interface tracing tasks:
Tracing tasks of transport network layer protocol messages: SCTP tracing, PPP tracing,
LACP tracing, 802.1X tracing, OAM3AH tracing, GTPU tracing, MP tracing, IKE tracing,
CFM, CMPV2 tracing, and IP tracing.
By using this feature, the M2000 collects tracing data on interfaces such as the S1 and X2
interfaces in tasks. This helps users trace data and monitor task status.
This feature provides a user-friendly GUI, which allows users to quickly locate call faults
and solve problems related to device interconnection.
Benefits
Description
The maximum duration of an interface tracing task is 12 hours. Users can specify the start time
and end time. After a tracing task is started, NEs trace the messages of a specified object or of a
specified interface and report the messages to the M2000. The M2000 parses these messages
and saves the parsing results in the database.
In addition to the functions provided in the feature WOFD-081400 Tracing Task Management
and Data Browse, the M2000 also provides the function of extracting messages based on
information elements. In many scenarios, users need to export the counters or fields generated
during a call into a report and submit the report to a third party. To meet the requirements in
these scenarios, the M2000 provides message extraction based on information elements. An
information element is a node carrying service messages in the message tree that is obtained
through message explanation. An information element is identified by a unique path.
Message extraction is performed on the basis of tracing tasks. Before extracting messages,
users need to specify a tracing task and template. The template specifies the information
elements based on which message extraction is performed. After starting message extraction,
the M2000 extracts the values of all information elements specified in the template from each
message and displays the extraction results in the message list. The message list displays all
message fields, and a column is added for each information element to display the value of the
information element recorded in each message. Message extraction results can be exported to
XLS, HTML, TMF, PDF, TXT or CSV files.
Enhancement
The following function is added to M2000 V200R012C00:
Issue 02 (2012-04-12)
70
Tracing of transport network layer protocol messages: PPP tracing, LACP tracing, 802.1X
tracing, OAM3AH tracing, GTPU tracing, MP tracing, IKE tracing, CFM, and CMPV2
tracing.
Dependency
None
Summary
The subscriber tracing refers to tracing the signaling messages of all the calls of a specified UE
(for example, a VIP UE) on the network within a certain period. By collecting and analyzing
statistics of the call signaling messages, users can locate call faults.
This feature supports subscriber tracing across multiple eNodeBs. After the subscriber tracing
is triggered on the core network, the eNodeB where the traced UE resides reports the call
message to the M2000. Then, the M2000 collects and displays the subscriber tracing messages
of multiple eNodeBs.
Benefits
This feature brings about the following benefits:
The user-friendly GUI makes operations more convenient. This helps O&M personnel
locate call faults effectively and helps telecom operators reduce O&M costs.
Real-time subscriber tracing allows O&M personnel to learn about the call messages of
VIP UEs and drive test UEs in real time. This helps O&M personnel detect and locate
faults more effectively and therefore improves user satisfaction.
The M2000 supports UE signaling tracing across multiple NEs. This allows users to trace
all the signaling of a call by creating a task.
Description
Before creating a subscriber tracing task, users need to start the subscriber tracing, obtain the
tracing reference number from the CN, and enter the tracing reference number on the M2000 to
create the tracing task. After the tracing task is started, NEs trace the call messages of a
specified UE and report the messages to the M2000. The M2000 parses these messages and
saves the parsing results in the database. The duration of a subscriber tracing task is one day by
default, and the maximum duration is seven days. Users can specify the start time and end time.
Issue 02 (2012-04-12)
71
In addition to the functions provided in the feature WOFD-081400 Tracing Task Management
and Data Browse, the M2000 also provides the function of extracting messages based on
information elements.
In many scenarios, users need to export the counters or fields generated during a call into a
report and submit the report to a third party. To meet the requirements in these scenarios, the
M2000 provides message extraction based on information elements. An information element is
a node carrying service messages in the message tree that is obtained through message
explanation. An information element is identified by a unique path.
Message extraction is performed on the basis of tracing tasks. Before extracting messages,
users need to specify a tracing task and template. The template specifies the information
elements based on which message extraction is performed. After starting message extraction,
the M2000 extracts the values of all information elements specified in the template from each
message and displays the extraction results in the message list. The message list displays all
message fields, and a column is added for each information element to display the value of the
information element recorded in each message. Message extraction results can be exported to
XLS, HTML, TMF, PDF, TXT or CSV files.
Enhancement
The following function is added to M2000 V200R010:
Dependency
None
Summary
Cell tracing is a process of tracing the call signaling of UEs that are live in one or multiple
specified cells. The M2000 collects the cell tracing data to provide data source for users to
evaluate the performance of the live network or diagnose network faults.
The cell tracing feature applies to the following scenarios:
Sampling and analyzing network performance to optimize the network or identify and
rectify network faults
Benefits
The user-friendly GUI simplifies operations and helps O&M personnel to effectively identify
and rectify call faults. It also helps telecom operators to reduce O&M costs.
Issue 02 (2012-04-12)
72
Description
Using the centralized cell tracing feature, users can collect call signaling tracing messages
generated in one or multiple cells within a specified period. In addition, users can collect radio
measurement data during calls. Signaling tracing messages include standard messages specified
by the 3GPP specifications and traced at the application layer over S1, X2, and Uu interfaces.
Radio measurement data includes MRs for Uu interfaces.
Centralized cell tracing allows users to collect data at three levels specified by the 3GPP
specifications: minimum, medium, and maximum. Users can collect MRs only at medium and
maximum levels. The maximum duration for a tracing task is seven days. Users can set start
time and end time for a task. In addition, users can specify the period for collecting periodic
events on the M2000.
Enhancement
The following function is added to M2000 V200R012C00:
Supporting the data browse function in the feature WOFD-081400 Tracing Task
Management and Data Browse.
Dependency
None
Summary
The M2000 provides an eNodeB deployment wizard, which implements eNodeB self detection,
eNodeB self configuration, and self RET commissioning according to the eNodeB deployment
list and deployment data.
The M2000 allows users to monitor the process of eNodeB deployment in real time. As a result,
users can learn about the progress, status, and execution reports of the deployment.
Issue 02 (2012-04-12)
73
Benefits
The deployment wizard simplifies the eNodeB deployment and reduces human errors,
improving the efficiency of deploying eNodeBs. The M2000 works with NEs to implement
automatic eNodeB deployment in batches, reducing manual interventions, improving the
capability of network deployment.
Description
This feature applies to eNodeB deployment, capacity expansion, and reparenting. This feature
implements end-to-end eNodeB deployment. During the deployment, the M2000 automatically
monitors eNodeB status and performs health check, which simplifies manual operations.
The following preparations must be made before eNodeB deployment:
The target software version, commissioning license, and configuration data of the eNodeB
are uploaded to the M2000.
Automatic eNodeB deployment involves the following procedures, which can be customized
based on application scenarios:
Issue 02 (2012-04-12)
74
During the whole eNodeB deployment process, engineers can obtain the deployment report at
any time. The report records the information such as operation results and unsolved problems.
Enhancement
The following functions are added to M2000 V200R011C00:
Supporting the O&M IP pool function: After users set the network segment of the O&M IP
pool, the M2000 automatically assigns O&M IP addresses to eNodeBs.
Dependency
None
Issue 02 (2012-04-12)
75
Numerics
3GPP
A
ACL
ALD
ATAE
C
CORBA
D
DST
E
ESN
eSAU
F
FDN
FTP
G
GPS
Issue 02 (2012-04-12)
76
GSM
GUI
H
HTTP
I
ICIC
L
LDAP
LTE
M
MD5
MDT
Minimization of Drive-Tests
MLB
MML
man-machine language
MOCN
MR
measurement report
MRO
N
NTP
O
O&M
OPEX
operating expense
OSMU
OSS
P
PC
Issue 02 (2012-04-12)
personal computer
77
R
RAN
RAT
RLF
S
SAIC
SNMP
SNTP
SSH
Secure Shell
SSL
SSO
single sign-on
T
TCP
U
UDP
UMTS
V
VPN
VSWR
W
WCDMA
Issue 02 (2012-04-12)
78