7 Replies Latest reply on Feb 17, 2018 11:55 AM by rschroeder

    Using NCM to automate a wr memory / copy r s

    exit12

      Hello,

       

      Is it possible to use NCM to automate a "save" of the running config at a specified time? We have backups of configs being done successfully via Orion but would like to automate a save of the running config also.

       

      Thanks

        • Re: Using NCM to automate a wr memory / copy r s
          sja

          myserver/Orion/NCM/Resources/Jobs/JobsList.aspx

           

          make a new job that run every day

          with wr

           

          3 of 3 people found this helpful
            • Re: Using NCM to automate a wr memory / copy r s
              wluther

              exit12 While NCM can definitely do this task, as sja has pointed out, don't overlook the importance of knowing what was changed, who did it, and why they didn't save the changes. We ran into this issue several years ago, when we first started using NCM. While we found the issue was mostly just user error, we also found actual issues too, so we ended up choosing not to auto-write/save all configs. Instead, we worked on our user process, and started building towards awareness and accountability. Now, we use a combination of change reports, and real time notifications, which provides a very useful window into our network, via the configs. Each shop is different, but I figured I'd throw in my two cents as well.

               

               

              Thank you,

               

              -Will

              1 of 1 people found this helpful
                • Re: Using NCM to automate a wr memory / copy r s
                  rschroeder

                  Will, how many folks do you have with read/write/change permission on your devices, compared to how many total employees and total network switches/routers you have that those users manage?

                   

                  I'm imagining your environment has to be pretty big, with lots of switches/routers and lots of people who have permission to make changes on them.  Which would explain how some would not be on board with writing memory or notifying your team what they did and why they chose not to write memory.

                   

                  Or am I reading too much into this?

                   

                  I have 58,000 active devices on the network, and five guys with access to switches & routers.  We're big enough that consistent write memory is important, and small enough that if someone doesn't write mem for a reason, they Skype or e-mail the other four guys to explain what they're thinking.

                    • Re: Using NCM to automate a wr memory / copy r s
                      wluther

                      rschroeder We don't really have that many devices, but I suppose the ratio of folks to devices we have, that COULD make changes, is higher. We probably have somewhere between 15 to 30 folks who would have access to virtually the same set of ~1400 devices, give or take. Unfortunately, while everyone has the minimum level of experience to know the basics (CCNA), not everyone has the same attention to detail, or thought process. It was really more of a checks and balances type of thing, for the personnel/management dynamics. If you have made all of your changes, and your work should be complete, then you are expected to close it out by saving/writing to mem. We just wanted to make sure everyone was following ALL of their steps.

                       

                      We use realtime change notifications now, along with better processes in general, so not really much of an issue, as we know when anyone is doing something to anything. But, we had a couple times in the past, before we were using the correct tools in the correct ways, where changes had been saved when they should not have been saved, which caused some unpleasant issues when a few accidents happened.

                       

                      Just out of curiosity, having 58k nodes, how many interfaces are you monitoring. (And, if you don't mind me being nosy, what is your Min/Max/Avg poll times for interface status & statistics?)

                        • Re: Using NCM to automate a wr memory / copy r s
                          rschroeder

                          I don't mind.  Sadly (?) I'm not at work, so I don't have accurate info to share with you.  But I'm running five pollers, all complete all of their tasks on time using the default timers.  NPM, NCM, NTA, UDT, IPAM, VNQM.

                           

                          A few interfaces we poll every ten seconds, most are only polled every 120 seconds, and I monitor ALL interfaces, physical and virtual, on all our switches, routers, and firewalls, which gets the most out of the NAM licensing for up to 100K elements/nodes/volumes, etc.  Plus it really puts the right data where it needs to be for IPAM and UDT and NTA.

                           

                          I use Prime for managing 3000 AP's, and for heat maps--it's the right tool for the job.

                           

                          Dependencies are a VERY good thing for keeping unnecessary NPM alerts to a minimum.

                           

                          I have about a hundred hospitals and clinics across Wisconsin, Minnesota, and North Dakota, all tied together via VPLS and MPLS.  I couldn't ask for much better, outside of what you'd expect:

                           

                          • Lower WAN prices and bigger pipes would be nice.  Some of my rural sites can only get 5 Mb/s, and that's not enough to run O365 and GUI EMHR's.
                          • Better opportunities for WAN diversity--at least one more, and preferably two or three more, MPLS/VPLS providers--that would help eliminate some single points of failure.
                          • I haven't implemented HA yet--I can't get buy-in from other teams due to silos and other preferred management tools--so there's not enough demand to put HA into effect yet.  However, my Network team lives & dies by NPM for letting us know the status of the network, and if it were down we'd be driving blind.  Unfortunately it doesn't offer real HA through upgrades, and doesn't deal with Orion SQL database HA needs either.
                        • Re: Using NCM to automate a wr memory / copy r s
                          sja

                          58,000 that quiet a number...it’s sounds like  a case study for “SD-Wan” ?

                          Those that can integrate with services like Zscaler could be interesting...

                          In that way you get second generation firewall over everything +better WAN control and OOB fail over and load balancer?

                          https://m.youtube.com/watch?v=UyBcaOEwKQo

                           

                          SD-WAN Security Partners | Zscaler