Professional Documents
Culture Documents
Establishing Best
Practices for
Network Management
Session 804
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 2
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 1
Agenda
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 3
Introduction to
Best Practices
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 4
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 2
Network Downtime is Costly
Infonetics Cost of WAN
• The Internet and Downtime ’98
e-commerce has 8
significantly 7
increased the $3.6M
6
Productivity
Productivity
availability stakes… 5 Loss
Loss
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 6
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 3
Lots of Practices—Some Truths
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 8
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 4
Congratulations!
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 9
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 10
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 5
Preparing the Network
for Management
Best Practices
1. Selecting the “right” tools
2. Preparing the devices
3. Preparing the tools
4. Building a baseline
5. Maintaining “management”
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 11
?
• How do I select the “right” set of
management applications?
Understand the technologies and buzzwords
Understand your network and end-user
requirements
Implement company standards
Many choices evaluate and choose
what’s right for your environment
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 12
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 6
Platforms and Vendor Specific
Management
• NMS
SNMP-based, status map, and trap receiver
HP Openview, Tivoli Netview, CA UniCenter, SNMPc, etc.
MicroMuse, Seagate, Concord, Enterprise Pro, and MRTG
• Vendor Specific
Geared towards managing a specific vendors devices only
Optivity, Transcend, CiscoWorks2000
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 13
Integrating Enterprise
Management
Application
Application DBMS
DBMS Server
Server Network
Network Desktop
Desktop User
User
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 14
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 7
Understand Your Organization
• Roles and
responsibilities
• Escalation policy
• Help desk vs.
operations
• Planners vs.
administrators
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 15
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 16
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 8
Securing the Devices
aaa new-model
aaa authentication login test tacacs+ line Tacacs+
aaa authentication enable default tacacs+ enable
access-list 8 permit 161.44.34.157 SNMP Community ACL
logging 161.44.34.157
logging source-interface Loopback0 Syslog
snmp-server community public RO
snmp-server community bitbuck RW 8
snmp-server contact Paul L. Della Maggiora SNMP gets and sets
snmp-server chassis-id 071293
snmp-server system-shutdown
snmp-server trap-source Loopback0
snmp-server trap-authentication SNMP traps
snmp-server host 161.44.34.157 public frame-relay
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 18
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 9
Security Access Changes
Notification
• SNMP Traps
Critical for NMS
notification
• Syslog
Cisco-specific
notification
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 20
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 10
Sample Notification Configuration
aaa new-model
aaa authentication login test tacacs+ line Tacacs+
aaa authentication enable default tacacs+ enable
access-list 8 permit 161.44.34.157 SNMP Community ACL
logging 161.44.34.157
logging source-interface Loopback0 Syslog
snmp-server community public RO
snmp-server community bitbuck RW 8
snmp-server contact Paul L. Della Maggiora SNMP gets and sets
snmp-server chassis-id 071293
snmp-server system-shutdown
snmp-server trap-source Loopback0
snmp-server trap-authentication SNMP traps
snmp-server host 161.44.34.157 public frame-relay
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 21
Building a Baseline
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 11
Building a Baseline
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 23
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 24
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 12
Layer 2 Autodiscovery
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 25
Layer 3 Autodiscovery
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 26
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 13
Inventory
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 27
Inventory
• Items of interest
System information
Chassis information
Chassis cards
Interfaces
Storage and memory
Serial numbers
• All information available
via IETF and Cisco MIBs
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 28
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 14
Configurations
• Collection repository
Useful for staging new configs
Version control helps with space
and documentation
• How to automate
Scheduled backup
Watch Syslog
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 29
Maintaining Management
An Ongoing Process!
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 30
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 15
Change Management
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 31
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 16
Some Facts
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 34
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 17
Change Management Defined
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 35
Best Practices
1. Implementing a
change control process
2. Planning for change
3. Implementing change
4. Monitoring change
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 36
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 18
Change Control Process
Validation Implementation
Close Work Order or
• Change verification • Net admin
Resubmit If Problems
• Audit • Engineer/tech.
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 37
Examples
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 38
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 19
Planning
• Hardware
Pre-configure, test prior to upgrade
• Software
Research release, defect support, new
feature set, and device compatibility
• Configuration
Test prior to deployment
• Have a back-out plan
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 39
Implementing
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 20
Monitoring
• Identifying change,
who, what, when
• Audit trail
• Fault notification
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 41
Planning
SWIM—Defect,
SWIM—Defect,
image
image analysis
analysis
CWSI—Layer
CWSI—Layer
2/Layer
2/Layer 33 topo
topo
Netsys—Impact
Netsys—Impact
of
of change
change
Deployment Monitor
CAS—Change
CAS—Change audit
audit
SWIM—Download
SWIM—Download and
and reporting
reporting
software
software images
images service,
service, logs
logs
CWConfig—Deploy
CWConfig—Deploy software,
software, config
config
config
config changes
changes and
and hardware
hardware
CiscoView—Switch
CiscoView—Switch changes
changes
config
config changes
changes CWSI—Topo
CWSI—Topo and and
user
user tracking
tracking
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 42
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 21
Change Scenario
1. User telnets into device
and makes a config
change (shutdown int)
Syslog
Poll Transport
Change
Fault Management
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 44
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 22
Scenario
• Virginia building-003
network goes down
• Your boss has
bad breath
• Multiple people
making changes
• Resolution takes
nine hours
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 45
Scenario
• Result:
Network was down additional four hours
due to conflicting changes
No one seems to know how the problem
occurred or how it was resolved
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 46
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 23
Best Practices for
Fault Management
Best Practices
1. Preventive Measures
2. Coordination
3. Reacting to Faults
4. Escalation Policy
4. Become Proactive
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 47
Preventive Measures
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 24
Preventive Measures
Coordination
• Communication
is KEY...
Understand roles
and responsibilities
Place phones in
closets; use cell
phones, pagers
Publish policies Say What You Do,
and procedures Do What You Say
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 50
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 25
Coordination
Determination of Faults
• Notification via:
NMS status change
Trap and event logs
Help desk
ALARM
Phone call from tech
(“whoops...”)
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 52
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 26
Determination of Faults
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 53
Reacting to Faults
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 27
Reacting to Faults (Severe)
• Determine
escalation timeline
Criteria and time limits
to escalate to next level
Opening a case with
the TAC
Identifying the point of Is It Time to Hit the
drastic action Big Red Switch?
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 55
• Coordinate, communicate,
and document
• Debrief
Determine source of fault
Evaluate recovery efforts
Document resolution for continuous
improvement process
In order to learn, avoid CYA environment
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 56
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 28
Moving from Reactive to Proactive
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 57
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 29
Fault Management Tools
Planning
CiscoView—
CiscoView—
Real-time
Real-time time
time monitoring
monitoring
RME—Availability,
RME—Availability,
Syslog
Syslog and
and CCO
CCO tools
tools
CWSI—User
CWSI—User tracking,
tracking, traffic
traffic
director
director and
and topo
topo
Monitor
Deployment
Availability—
Availability—
SWIM—
SWIM— Monitor
Monitor key
key resources
resources
Defect
Defect analysis
analysis Syslog—Reporting,
Syslog—Reporting,
CCO/TAC—
CCO/TAC— automated
automated recovery
recovery
Case
Case tracking
tracking tools
tools 24-Hour
24-Hour Reports—
Reports—
Stack
Stack Decoder—
Decoder— Monitor
Monitor reloads,
reloads, Syslog,
Syslog,
Crash
Crash analysis
analysis and
and change
change
Traffic
Traffic Director—RMON
Director—RMON
config
config and
and report
report
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 59
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 30
For More Information
• SNMP FAQ
http://www.cis.ohio-state.edu/hypertext/faq/usenet/
snmp-faq/part1/faq.html
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 61
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 62
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 31
Please Complete Your
Evaluation Form
Session 804
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 63
804
1066_05F9_c2 © 1999, Cisco Systems, Inc. 64
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
1066_05F9_c2.scr 32