Skip to main content

Network Configuration Management

The other areas we are looking at around the network tools are the Opnet suite for engineering (which is a serious investment for a tool), and the configuration management areas.

We have gotten several demos, and sent our 4 RFPs. Out of the 4 we sent out, we got 3 back. We are trying to get it down to 2 vendors for a POC. This is slightly different than the server side, because I have a much larger team to work with on the POC and the work needed to get it down to a great tool for us. Here is the criteria extracted from the RFP, there will be more on this as we move forward narrowing down the field of 3 (HP OVNCM, Opsware NAS, Alterpoint DeviceAuthority:

Requirement

Sub Facts

Company Viability and History



Customers of specific product


Revenue Growth FY 05-06


Total Revenue FY 05

Install Base



Financial Customers


Largest Install

Technologies



Windows


Linux


Java


Perl


Native Eclipse, Visual Studio, or other native IDE


XML


MSSQL


Oracle


Mysql


X64

Extensibility and Robustness



Portal


Web Services API


NET Java Perl API


CLI


Open CMDB


DR/HA


Active Directory, TACACS, RADIUS


Granular permissioning

Device Support



Nortel, Cisco, F5, Checkpoint


telnet, ssh, rlogin, snmp, oob


Auto discovery of devices


De-Duplication of devices


Dynamic grouping

Configuration and Usage



Ease of Installation


Reporting (PDF, XML, HTML, DOC, CSV)


Report Delivery


Modeling and Visio support


Support for Perl, Expect, and Shell


Syntax checking


No java or plugin client


Upgrade IOS with verification of hardware support

Change Tracking



Comparison Live to Snap


Change notification to run collection (syslog, snmp)


Generate SNMP traps for changes


Enforcement of peer review before implementation


Complaince templates (SOX, GLBA, etc) with weighted application


Keystroke logging


Tracking of CPU, Memory, Users per device

Asset Management



Contract management


Integration with Cisco Contract site

Cost and Community



Maintenance Fees


List Price


User group meetings


Online user groups


Free development licenses

Comments

Popular posts from this blog

Misunderstanding "Open Tracing" for the Enterprise

When first hearing of the OpenTracing project in 2016 there was excitement, finally an open standard for tracing. First, what is a trace? A trace is following a transaction from different services to build an end to end picture. The latency of each transaction segment is captured to determine which is slow, or causing performance issues. The trace may also include metadata such as metrics and logs, more on that later.
Great, so if this is open this will solve all interoperability issues we have, and allow me to use multiple APM and tracing tools at once? It will help avoid vendor or project lock-in, unlock cloud services which are opaque or invisible? Nope! Why not?
Today there are so many different implementations of tracing providing end to end transaction monitoring, and the reason why is that each project or vendor has different capabilities and use cases for the traces. Most tool users don't need to know the implementation details, but when manually instrumenting with an API, t…

F5 Persistence and my 6 week battle with support

We've been having issues with persistence on our F5's since we launched our new product. We have tried many different ways of trying to get our clients to stick on a server. Of course the first step was using a standard cookie persistence which the F5 was injecting. All of our products which use SSL is being terminated on the F5, which makes cookie work fine even for SSL traffic. After we started seeing clients going to many servers, we figured it would be safe to use a JSESSIONID cookie which is a standard Java application server cookie that is always unique per session. We implemented the following Irule (slightly modified in order to get more logging):
http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&postid=1171255 (registration is free)
when HTTP_REQUEST {
# Check if there is a JSESSIONID cookie
if {[HTTP::cookie "JSESSIONID"] ne ""}{
# Persist off of the cookie value with a timeout of 2 hours (7200 seconds)
persist…

NPM is Broken

As someone who bought and implemented NPM solutions, covered them as an analyst, and now watches the industry, one cannot help but notice that NPM(D) is broken. According to Gartner themselves, the data center is rapidly changing, the data center is going away, maybe not as quickly as Capp states, but it’s happening. This is apparent by the massive public cloud growth posted by Amazon, Microsoft, and Google in their infrastructure businesses. This means that traditional appliance-based NPMD offerings will not work, nor will traditional ways of collecting packet data. Many of the flow offerings do not handle the new types of flows which these services generate, but most importantly they do not understand the internet, which is the most important part of assuring services in cloud hosted environments.
The network itself is not just moving to overlay a-la NSX and ACI, it's moving inside of orchestrated containers, and new proxy/load balancing systems typically built off components or …