View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
Agenda• The State of the Industry• Why ANM?• A Practical Approach • Discover • Organize • Configure • Analyze • Optimize• Where to go for more information
Hi-profile network outages underscore the importance of network management 2008 2009 Average cost of downtime is $70,000 per minute* 8-Day IT Outage Would Cripple Most Companies**Sources: * Aberdeen; ** Gartner (2008)
What is Driving the Need forAutomated Network Management? Incident Management• Alert Floods• Unnecessary escalations 75% of IT costs Change & Compliance Management are labor 1• Manual and error-prone change• No audit trails ANM can save 50%+3 Task Automation• Lack of processes for complex tasks such as 40% of policy compliance problems found by customers 2 Virtualization Management• Inconsistent management of physical and virtual infrastructure Sources: 1 Forrester; 2Aberdeen; 3case studies at hp.com/go/ANLM
Legacy Approaches aren’t Enough Managing Networks Today Missing automation, ineffective point tools, lack of integrations, silo’d, manual → errors, disruption and costExisting disparate network management products stop short of providing a solution What’s needed is an intelligent and integrated approach to managing networks.
Automated Network Management (ANM)Complete control of your infrastructure Network Node Manager i iSPI Perf Metrics Fault and availability monitoring NNMNNM iSPI iSPI for Traffic Improve network availability with a model Performance Traffic Overview based network management solution iSPI Perf QA Change, configuration & compliance Comprehensive network automation spanning tasks from provisioning and change mgmt. to compliance enforcement and reporting iSPI Perf Traffic Network Automation Performance monitoring Increase operator productivity and efficiency and reduced MTTR iSPI NET Engineering Toolset Automate common network engineering and network tool administrators tasks
ANM CapabilitiesComplete control of your infrastructure Node Discovery & Unified Fault Configuration & Deploy Changes & Maintain Compliance Diagnostic Automation Detection Performance Monitoring Workflow Automation Auto-discover network Monitor network device Automate changes and Automate common tasks devices and capture audit and interface metrics enforce, audit and report and processes for network trail of all device changes on compliance engineers Dynamic discovery for Single poller for fault, Configuration and Automate the process of model based availability and software changes capturing diagnostic management performance monitoring information Enforce best practices Snapshot and store Contextual launch from and security standards Trap analytic capabilities device configuration incident to performance information reports Easily remediate Export discovered violations topology into Visio Real-time change Navigation between Metric, QA and Traffic data
Best Practice Cycle Discover Organize Configure Analyze Optimize
Before You Start Discovery Discover– How many nodes are supported by your NNMi licenses?– How do you want to use these licenses: network infrastructure only, servers, printers, ….?– How many geographic areas do you want to poll? Does a centralized poller meet your needs?– What’s the general addressing scheme for the network?– How much of this network is SNMPV2, how much is SNMPV3?– How much is IPV4, how much is IPV6?– Where should the management station connect into the network for best visibility?– Set up subnet-local DNS or local hosts
What’s on my Network? Discovery Discover– NNMi discovery is controlled by rules– IP Address ranges– Types of Devices– Cards & Ports • Watch out for DNS performance • Be consistent when identifying devices
Global and Single-Server Discovery Discover– Great single NNMi server scalability: • Up to 25,000 nodes • 1 MILLION discovered interfaces and 200,000 polled • Unmatched TCO– Global/Regional management • Available to meet hierarchical management structure requirements (regional level requiring different scopes and survivability for independent management). • Can be used to avoid polling over expensive WAN links (ie: WW distributed polling). • To meet needs for consolidated view of extremely large enterprises: can scale up to ~65,000 nodes in the GNM. • Efficient communication: SSL with 3 ports allows polling thru firewalls.13
Setup: SNMP Discover– Supports SNMP V1, V2, & V3– Set appropriate timeouts for expected response time– Can global or range-specific– Coordinates with Network Automation
Setup: An Auto-Discovery Rule Discover Priority for applying rules Rule specific Ping Sweep Range with wildcard
Setup: Carrier Connections Discover– Devices that are on either side of a Service Providers network or WAN– Subnet Connection Rules for subnets with prefix lengths between 28 and 31
Setup: Seed Nodes Discover– You must specify seed nodes to start the discovery process.– Best practice: Start with your management system’s gateway router, and expand outward 1 “ring” at a time– Discovery of a seed happens immediately. You will know right away if the SNMP communication is working.
Make Discovery Faster Discover– Issue: − Discovery makes a lot of DNS calls − We want to avoid slow DNS response, and minimize DNS network traffic– Options − Run a local DNS mirror on the management system, or on a system on the same subnet − Exclude “problem” hostnames and addresses • hostNoLookup.conf (FQDN or wildcards) • ipNoLookup.conf (IP addresses or wildcards)
Discovery Results Discover– Routers and Switches– Containment hierarchy of nodes (CPU, memory, interfaces, etc.)– L2 and L3 connections– VLANS– HSRP/VRRP (NNMi Advanced)– Port Aggregation (NNMi Advanced)– Other SNMP devices (if configured)– Other non-SNMP devices (if configured)– Virtual Machine Hosts and Guests
NNMi Advanced Features Discover– HSRP/VRRP– Port Aggregation– RAMS Stations/Integration
Before You Do Anything Else Discover– Back up your network devices with a Network Automation Snapshot • Set up login rules in NA • Import NNMi devices with nnmimport.bat • Discover device drivers • Select all devices in Inventory • Back up the device configurations
Discovery Summary DiscoverGeneral Basic Steps– Nothing is discovered by default. 1. Configure SNMP community– Spiral Discovery never ends. strings– Discovery includes inventory discovery and layer 2 connectivity 2. Configure discovery rules with discovery. IP addresses & OIDs– Seeds start the discovery or 3. Configure interface discovery could be used to load a complete rules set of nodes. 4. Specify seed nodes– Back up your devices before proceeding!
Node Group Visualization Configure– All customizations are done in Node Group Map Settings in the Configuration workspace. Remember these node groups?
Customizing Node Group Maps Configure One of the existing node groups L2, L3, or NoneOrder in theTopology Mapworkspace Who can save map layout changes Blank, or an existing interface group Default refresh time = NN minutes If there’s a serious problem on a Allow node, make that node’s icon connections bigger from nodes to node groups
Preserving User Layouts– Role-based permissions must be set by an Configure Administrator for each node group.– An operator simply presses the Save Layout button.
Enable Incidents & Notification Configure– Decide which incidents should be passed on to operators– Enable schedules & remote notification with AlarmPoint– Enable integration into OM or 3rd party apps
Network Monitoring:Fault & Performance Metrics Polling Configure• Set up appropriate fault polling policies for each of your node and interface groups• Policies may be based on: • Importance • Bandwidth • Device capabilities• NNMi includes Component Health polling
Network Monitoring:Custom Polling Configure• Configure “custom” polling for network devices• Good candidates: • Power supplies • Environmental monitors
Network Monitoring:Performance Metrics Thresholds Configure– Configure high and low thresholds for device and interface metrics– Threshold violations generate incidents. These incidents integrate with other BSM & 3rd party tools
WAN Monitoring – Network device configuration Configure • Most of the configuration is done in the routers • The QA SPI will discover the information in these configurations LosAngeles46
Enable Flow Monitoring Configure– Use Network Automation to configure Traffic flow monitoring For devices, specify Leaf Collectors For each monitored interface, enable flow info
Configure Policy Compliance ConfigureChecks for: • Security settings, such as ACLs • Console, telnet, ssh, and login/password rules • Checks for devices with vulnerable versions of IOS • Downloads security policies via a subscription model
Network Link Discovery:Switches & APs Analyze– Look for Security problems like cascaded switches and rogue Wireless Access Points …but suspicious in Things look fine an L2 view in an L3 view…
NNMi Root-Cause Analyze– NNMi does a lot of the hard work for you– NNMi’s conclusions are aided by the polling policies that you configured– NNMi polls devices in the neighborhood of a suspected fault to perform true RCA– Your Incident Processing rules customize the results
Real-Time Line GraphsActions -> Graphs Analyze– Graphs provided for • Nodes • Interfaces • Incidents • Custom Polled Instances • MIB Expressions– Some Line Graphs are specific to a vendor or object type– Accessible from tables or maps– Test MIB Expression with Graph62
Graph of Interface Utilization Analyze– If node selected, all interfaces will be included on graph – up to 2063
View Performance Metrics Analyze Device Metrics • Analyze the CPU, memory, & buffer utilization on your network devices • Start with a “Top N” report to find busiest devices Interface Metrics • Analyze the traffic volume, utilization, throughput, errors, and discards • Again, start with a “Top N” report
Dissect the Network Traffic Analyze– Use Performance Metrics for volume, and then Performance Traffic for content analysis– Analyze by source, destination, and application Email Web Bittorrent
Traffic Top N Options Analyze– Interface ID – Source Port– Interface Name – Destination Port– Qualified Interface Name – Source Host Name– Node Name – Destination Host Name– Flow Version – Src Host Application & Destination Host– IP Protocol – Destination Host & Application– IP TOS – Collector Name– Application Name
Monitor WAN Performancewith QA SPI Analyze Network Performance between sites LosAngeles Bejing Latency Loss Jitter67
Monitor Custom Polled Info Analyze Examples: • Power spikes & drops • UPS battery capacity • Temperature & Humidity
Look for Patterns AnalyzeUse Calendar, Line Chart, and Heat Chart
Check for Policy Compliance Analyze– Understand which devices in compliance with your security, content, & performance policies– Prepare & deploy corrective policies
Optimize Optimize– Improve the performance & availability of business- critical services– Configure infrastructure for real-time applications such as voice & video– Identify the most troublesome devices and most frequent events– Drive down costs
Tools for Optimization OptimizeMetrics DashboardPerformance Charts with Volume & Errors
Tools for Optimization Optimize– Traffic Analysis: Top N and High Traffic Hosts • Find the bandwidth hogs! • Identify business vs. non-business traffic • Identify when abuses are happening • Use tools like Heat Chart to find recurring patterns • Drill down into specific ports and addresses
Tools for Optimization Optimize – Traffic Enforcement • Implement rules on firewalls • Enable priority queuing of business-critical and real-time traffic • Enable blocking or throttling of non-business traffic − Define permitted source, destination, port, and other attributes − Create corresponding Access Control Lists
Where to go for more information– Add items Here76 HP CONFIDENTIAL - ENABLEMENT ONLY, NOT FOR CUSTOMER USE
Continue the conversation with your peers at the HP Software Communityhp.com/go/swcommunity