Sorry, this is sort of a double post. I mistakenly posted to the Blog entry the first time.
Any chance to Windows GUI search feature will be ported to the web console? And perhaps a more automated way to set up realtime change alerts :)
We are indeed working on bringing global search to the integration module (it's only in the standalone website right now). I think that is the search you are referring to? On the real-time change alerts - that's definitely in the plan, but it's a little lower in the priorities. We know it's a pain to set those up though, so we'll be addressing that soon.
--Christine
What do you mean by "Multiple Config Types"?
If you means support for multiple contexts (Cisco ACE, ASA and FWSM), I will be eager to see that.
There might be workaround available, however it is not native and actually a lot of work to setup for each contexts per device. We are using context extensively and it is not quite practical to use the workaround.
Yes, that's what we mean. We're working on making that a lot easier.
What is the work around? I searched around the forums for a bit, but I didn't see any workarounds for this. We have an ACE as well, and I was wondering how to do this.
Sorry, I don't really have a workaround for you right now, but that feature is coming up very soon.
--Christine
By "Improved inventory management", does that include the ability to store more than one inventory's worth of data?
For example, I want to search for a MAC address. If that machine wasn't connected at the time of the inventory (or, more specifically, still in the MAC table of the device), it won't show up.
I run inventories at night. I tried running multiple inventories, but the last one run simply overwrites the previous.
It makes it difficult to see where users/ devices are (i.e. a user goes on vacation and turns off PC/ takes laptop with).
By "Improved inventory management", does that include the ability to store more than one inventory's worth of data?
For example, I want to search for a MAC address. If that machine wasn't connected at the time of the inventory (or, more specifically, still in the MAC table of the device), it won't show up.
I run inventories at night. I tried running multiple inventories, but the last one run simply overwrites the previous.
It makes it difficult to see where users/ devices are (i.e. a user goes on vacation and turns off PC/ takes laptop with).
This is very important for us as well.
Our top 2 would be MAC address searching, and auto config downloading and alerting on a change.
Hi All - these inventory management improvements are on the road map. I don't know if they will make them into the next release, but they are high priority and should be coming up very soon.
--Christine
Hi Dfairles - will real time change detection accomplish what you are trying to do? And on MAC address searching - that's on page 44 of the admin guide - or am I not understanding your use case?
--Christine
Can we get 3DES encryption for SNMP v3 added? Many of my devices (cisco ASA firewalls) support this encryption.
Thanks.
Dclick - I added it as a feature request - for internal users it's FB#21526.
--Christine
Thanks.
Being able to do most of the funcitons on the Web-Interface instead of having to login to the server and run the application would be a huge plus - ie - adding/removing devices.
Hi Don - moving more functionality to the web is definitely our long-term goal. We'll have more and more functionality ported with each release. The policy reporter improvements we're working on now will all be web-based - so look for that soon!
--Christine
Will the next version have more flexibility to configure devices via the web interface, instead of me having to give FULL console access to someone that doesnt need it for any other softwar we use?
I'd like to have a LLDP inventory similar to the CDP inventory. Someone posted a script to add interface descritpions based on CDP results. I'd love to do that with LLDP since we are not a big Cisco shop
I'm trying to import some devices from Orion to Cirrus,
Running the import wizard...
1. Import wizard does not remember your database credentials. That's a pain. Please allow saving credentials
2. Select import rows screen...
Thanks Smartd - Enhancing this part of NCM is on the roadmap. You bring up some excellent points. Internal viewers - I'm tracking this at FB24859.
If you have seen any of my Config Change Template questions, this function needs some more quality time. It just barely works:
1. There is no way to get real-time feedback from the CLI, such as to test for successful command execution. I'd also like to be able to set an exit errorlevel so that the template would flag execution errors. You have to check each execution output file for errors manually.
2. It's not documented if you can use NCM system variables in templates. Getting the date, the name of the login user, etc would be helpful.
3. The template editor has no syntax checking. Checking for pairs of curly brackets would be most helpful. Colored syntax checking (like the VIM editor has in Linux has) would be very helpful. A lookup for variables to insert would also be helful.
4. The validate option doesn't seem to do much. Validation really comes when you try to run the template, and it doesn't give line numbers or anything to debug.
5. Is there a way to stop the Web UI from timing out? I have lost work on scripts several times with the Web UI logs out and I have to log back in. Don't see a way in the Admin settings.
Missed twol
#6 When you go to execute a CCT, the dialog for picking devices to apply it to has no way to filter or sort. I need AT LEAST the IP address listed.
7. I'm having a hard time figuring out which devices I've applied the template to and which I have not. I'd sure like to be able to sort devices by which template were applied, or at the least the date last updated.
Ok Smartd - It took me a little time but I have answers - comments to all your questions.
1. The issue with feedback on whether a script worked or not is that we don't know what kind of error message the device might return. That being said, I'm tracking this as a feature request for scripts in general, and I will here as well.
2. You can easily use NCM macros in the script. The only thing is that NCM macros contain ‘{}’ brackets. These brackets are used by the templates as well. So, in order to avoid collision – macros can be used in the following way:
string @macros='${date}'
CLI
{
show @macros
}
3 & 4. The syntax check - That's your "validate" button. The syntax check is also performed automatically when you try to execute a template.
5. Are you getting a session timeout here? You say it happens a lot? I will look into this one a bit more.
6&7 - I got those entered as feature requests.
All in all - we haven't had just a lot of feedback on the CCT - so this is really good stuff. Please let me know if you have more ideas or let me know if you any comments on my comments!
--Christine
Can we get Cisco Switch VTP information added as part of the config backup / inventory?
Hi Christine,
I assume user tracking will not make it into the next release?
Hi Questionario - it's not currently being worked on, but it is on the road map with very high priority. So I wouldn't look for it in the next release, but it will be something we work on very soon.
--Christine
:(
was hoping for it to be in the 6 already, its quite a useful feature to give to helpdesk personnel in order to quickly find a certain pc/phone.
Questionario - we do have it, but I assume you meant that you're looking for what user is logged in. You've seen the "discovered links" report in Orion yes? (reports->topology reports->discovered links). What user is logged in is coming up on the road map.
--Christine
no, i didnt mean which user is logged in...
I actually meant the exact same thing that is already implemented, except also for nodes that are not implemented in orion (I wouldnt want to monitor every single phone and PC...)
Well see - now that's what I get for assuming. As far as monitoring every phone and PC - you just have to monitor the interfaces they are attached to. But when you are working with devices that are wirelessly connected - you will see them without incrementing your license.
--Christine
Actually, I do have every single interface monitored... we do it to see errors on user ports as well... havent been able to see any users connected though...
I tried again with Orion 10.0 SP1 but ever since I installed SP1, I got more problems than before...
Just noticed that I cant even seem to be able to run that report anymore... but I would think that a search box where like the one for IPAM would be much nicer :)
anyhow I might end up going back to pre-SP1 to even be able to browse the orion website....
couldnt edit my post so here is a new post...
I can run that report (mistook it for another report), however I still only see nodes managed by Orion.
Christine,
I still don't quite understand why you don't just use the TCL Expect language in your product for doing config updates and device templates. You could choose to not implement "spawn", but using an existing Expect language means all programming docs and tutorials are already covered on the internet AND you could use modifications of existing RANCID scripts in Cirrus. Just expose the database variables and we could automate anything. Adding a tool like AutoIT to automate HTTP interfaces would complete the toolset for web-only interfaces.
CatTools had this phobia as well, requiring script changes to be compiled and encrypted by the Kiwi folks.
-=Dan=-
>>Improved inventory management – we are working on making this process easier and the reports even more useful.
This is great!
The ability to create compliance rules from the web browser would be great.
Also, being able to deploy config snipets to specific devices that are found to be compliant/not compliant from the compliance manager view in the web site.
For instance when you get the warning state of the device you can currently drill down into that device for more information. It would be nice to either have an option to deploy a configuration from that site or to right click on the warning indication.
Hi Johnmad - I think you're going to like what we've been working on!
--Christine
Hi Chris - I can't give you dates because of our public company rules (such a drag), but I can speak in vague terms - so vaguely - I can say - in the next months. We're already doing customer walk-throughs of some of the features, so it's moving right along.
--Christine
Will NCM be able to support user groups?
This question was previously asked and we were told "this is on our roadmap for our next major version release"
I still can not deploy NCM to local "field" engineers because there is no capability to limit device views to specific groups of AD authenticated users.
Thanks
Hi everyone - the RC is now ready. If you are interested in participating, please send me a message with your SWID.
--Christine
What is new in the RC? We're likely interested in checking it out, but I'll need to make sure our network geeks know what to go play with. :)
Hi Damien - pretty much everything we were working on made it in to the RC. Here is an overview:
Hey Christine,
the improved policy reporter sounds interesting, what kind of improved inventory reports are you talking about?
I hope something like this: Serial number report
will be possible natively (that report is the only useful report we use from NCM).
Looking forward to the GA release (we dont do the RCs in production environment)!
PS: can you tell if the GA-release is planned together with APM4?
Hi Questionario - the inventory reports improvements are mainly around the web UI and performance. We didn't actually add any new reports in this RC. We do have a Cisco inventory report with serial numbers in the product though - what were you needing in the report that you sent?
There's no intentional syncing between APM and NCM GA dates. We just started our RC with NCM.
--Christine
Hi Christine,
I tried the built-in serial report in NCM which is practically useless unless you put a lot of work in it everytime you export it into excel, it lists items that don't even have a serial.
The report I linked I would guess is what everybody would be looking for, perfect to send on which items you need a smartnet contract or something similar for. it lists basically everything you can exchange in your hardware.
I would also like to note that the way NCM presents reports on the web look nice but are not too practical for most larger reports, there should be an option to show the whole report like it does in NPM.
Hi Questionario - thanks for the input. I'll enter this in our tracking system as something we should incorporate into a release. Makes sense!
--Christine
Hi Christine,
We are interested in recieving the RC.
Customer ID: SW368246
If you need anything else let me know.
Adam
Support for HP "A" series switches
Also a filter option on import jobs from NPM so we can be selective in wha goes into NCM. For example we have to moinitor APC UPS used with all of the routers but the import job pulls them into NCM so i have to create filters on the backups jobs to keep them from appearing as errors in the logs
Support for HP "A" series switches
Also a filter option on import jobs from NPM so we can be selective in wha goes into NCM. For example we have to moinitor APC UPS used with all of the routers but the import job pulls them into NCM so i have to create filters on the backups jobs to keep them from appearing as errors in the logs
Been back to working with policy manager a bit and have a few features I'd love to see...
1) Add a "copy" function to managing rules/policies. We're trying to produce our policies to match the written policies of our security team, so we have several rules that are very similar with just minor changes because they are different written rules. It would be much easier to copy the rules rather than having to put them in each time. Plus, if you're working on modifying or enhancing a rule, rather than working on the original it would be nice to make a copy and play with that.
2) You can test rules against live configs in your database, however - if you want to test against things it should be failing on you might not want to have to modify your configs with the things your testing to make sure they fail, save the config, update the database and then test. So, I propose a text box you can paste a config snippet into and then "test" your rule to see if it works/fails. I would think this would be awesome for debugging rules.
3) When working with rules I tend to need to see what rules are already there, or want to only see the rules I created. This is pretty easy to do by using the "search" box, which quickly filters down the rules to only what you want to see. The problem is, that search box gets cleared when doing just about anything and your back to having the whole list of rules up there again. How about either changing the search box so it is a "filter" box instead which is persistent, or adding a separate filter box or something?
4) On the same line as the one above, if I'm managing my rules and have the list up, I might want to sort by "Folder" rather than "Rule Name". Easy to do by just clicking on that column, however, once again it clears when you do just about anything. How about making this persistent, or allowing us to customize the view? Maybe have the ability to take out columns if you don't want them. Or even maybe allow you to only view rules that are assigned to a report. See lots of potential "usability" in this...
Hi cnorborg,
#2 is already implemented in NCM 6.1, I used this feature just a few minutes ago ;-)
Wow, how did I miss that, we are running 6.1 but my eyes just never noticed that in there before!! That's the quickest implementation of a feature I've ever seen!! :-)
Apoloagies if this has already been mentioned but is their any plan to move away from Scheduled Tasks for job creation ?
This feature is being disabled as a enterprise standard shortly.
Hello achrich,
Can you elaborate on this request?
Are you talking about NCM's "Scheduled Tasks" function?
Can you explain what will not fit you enterprise standard shortly.
Thank you.
Are you talking about NCM's "Scheduled Tasks" function?
yes - the abillity to schedule configuration changes / backups etc
Can you explain what will not fit you enterprise standard shortly.
I`m not a Windows expert but I believe they have a "Group Policy" which prevents the use of it applied.
I appreciate this is probably not on any roadmaps but I`m obliged to ask anyway !
Thanks
Not sure if already mentioned but is there plans on NCM backing up Cisco UCS configs?
Hi cnorborg,
Nice usability requests.
I recorded 1, 3 and 4 (51740) since #2 is in 6.1 already (tks Questionario for pointing this out)
Great idea to have a thread like this.
I assume feature requests are not out of line here. This is a big one that I haven't seen mentioned. I'm going to post a request for the same thing in the IPAM topic.
MSP support (multitenancy).
You guys are already on track with NPM and the EOC. Taking ALL data and putting it into a customer context, and making the server architecture work in a distributed fashion accordingly. I want all your products (especially IPAM and NCM at the moment) to function the same way. That might mean a LOT of redesign from the ground up, so you may decide that demand doesn't justify the overhaul. Either way, if you could indicate whether or not this feature is under discussion and/or where it stands, that would help me decide whether or not to buy NCM right now.
Keep this in mind. If you DO modify the server application to be multi-tenant aware, avoid this pitfall. In many cases, it might make sense to have a dedicated "Polling/NCM node" for each customer. However, where small customers have 1-5 routers, a full blown installation can't be justified. Thus, a lightweight remote-poller version of the application with an SSL tunnel back to the central server is the ideal strategy. Even then, the ability to have multiple customers on some polling nodes is also ideal. Same with NPM and APM.
This comes from broad experience in the MSP sector, with many applications having varying degrees of support, and strategies for supporting multi-tenancy. This type of strategy has licensing implications, but it would be wise to create a totally separate license approach for MSP's anyway.
Regards,
Jerry
Hey there,
I was wondering if NCM would start supporting the Cisco WAAS devices any time soon? Since I have 100 of them I'd love to see NCM able to back up the configs.
Thanks,
Dan Goodale - Network Engineer II
Triwest Healthcare
Hi
1: I would like to see improvements in the access to config change templates, meaning a ability to restrict users to certain CCT. As if you wanted to create a helpdesk user account and then create a change template that allowed them to add a port into a certain VLAN for instance, but you did not want them to be able to see any of the other types of templates you created.
2: more roles defined in NCM as well as AD group functionality
3: More import DB options as if you want this tool to be enterprise class it needs access to other types. like Oracle or MYSQL and POSTGRESQL. many companies have a CMDB now and want to feed that info into a product like this. Also have the ability to have filters on the import data sources as well, so not just for certain import types but for all import types. so I want to only filter on Cisco devices or multiple vendors in my import datasource , whether it is a file or a database.
4: EOL/EOS type functionality, so an ability to enter this data youself and then to be able to alert and report on it.
Thanks
James
I'm testing NCM for use in my company for managing configurations on Cisco devices and like what I see so far. I would like to know if there are improvements coming soon for this product;
1. Increased functionality on the web interface so I don't have to keep going to the server application.
2. More flexible reporting. More dynamic manipulation of reports like sorting by columns, rearranging or hiding columns, prompting for an argument.
In looking at this forum I see there hasn't been an update from Solarwinds for one year. Is this product going away? Where is the current "What we're working on..." list for this product?
