Embed Size (px)
Citation preview
Netzwerkmanagement
©2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice
Thomas Böttge, Solution Architect, HP Networking – [email protected]
Disclaimer
– This presentation contains forward looking statements regarding future operations, product development, product capabilities and availability dates.
– This information is subject to substantial uncertainties and is subject to change at any time without prior notification.
– Statements contained in this document concerning these matters only
2 4 June 20102
– Statements contained in this document concerning these matters only reflect HP Network’s predictions and / or expectations as of the date of this document and actual results and future plans of HP Network’s may differ significantly as a result of, among other things, changes in product strategy resulting from technological, internal corporate, market and other changes.
– This is not a commitment to deliver any material, code or functionality and should not be relied upon in making purchasing decisions.
Agenda
– Einführung• Was ist Netzwerkmanagement
• Kosten sparen durch Netzwerkmanagement
• Ratschläge für effektives Netzwerkmanagement
– Netzwerkmanagement mit HP Networking• ProCurve Manager Plus (E-PCM+)
iMC – Intelligent Management Center
3 4 June 20103
• iMC – Intelligent Management Center
– Einfacher als gedacht• Installation von PCM+ als Beispiel
– Live Demo• PCM+
• iMC
NetzwerkmanagementEinführung
4 4 June 2010
Definition Netzwerkmanagement
– Unter Netzwerkmanagement versteht man die Verwaltung, Betriebstechnik und Überwachung von IT-Netzwerken und Telekommunikationsnetzen. Der englische Fachbegriff für diese Tätigkeiten lautet OAM, Operation, Administration and Maintenance. (Wikipedia)
– Netzwerkmanagement ist die Bezeichnung der Gesamtheit aller
5 4 June 20105
– Netzwerkmanagement ist die Bezeichnung der Gesamtheit aller Funktionen und Komponenten zur Überwachung und Steuerung von Netzwerken. (Lexikon IT-Administrator.de)
– Netzwerkmanagement ist der Prozess des Überwachen und Steuern eines Datennetzwerks, um dessen Effizienz und Produktivität zu optimieren oder zu maximieren. (Hochschule Fulda)
Definition NetzwerkmanagementDie ISO (International Organization for Standardization) definiert fünf
Funktionsbereiche für das Netzwerkmanagement (das FCAPS-Modell):
– (F) Fault Management / Fehlermanagement: Erkennen, Protokollieren, Melden und Beheben von auftretenden Fehlerzuständen
– (C) Configuration Management / Konfigurationsmanagement: Erfassung aller Komponenten (Configuration Items), die überwacht werden müssen
– (A) Accounting Management / Abrechnungsmanagement: Erfassen der
6 4 June 20106
– (A) Accounting Management / Abrechnungsmanagement: Erfassen der Benutzung des Netzes, so dass Rechnungen gestellt werden können
– (P) Performance Management / Leistungsmanagement: Verkehrswerte/Leistungsdaten sammeln und Statistiken führen, Grenzwerte festlegen
– (S) Security Management / Sicherheitsmanagement: Authentifizierung von Benutzern, Autorisierung von Zugriff und Nutzung
NetzwerkmanagementKosten senken mit Netzwerkmanagement
7 4 June 2010
Anforderungen an ein NetzwerkmanagementBusiness Network Operations
Kostenreduzierung
Hohe Effizienz
Reduzierte Übernahme und Support Kosten, Erhöhte
Produktivität der IT
Zuverlässiges und schnelles
8 4 June 20108
Hohe Effizienz
Schutz von Firmenwerten
Zuverlässiges und schnellesNetzwerk
Aufrechterhaltung derNetzwerk Sicherheit und
Firmen-Richtlinien, Dokumentation
Kosten senken:
9 4 June 20109
Kosten vermeiden:
10 4 June 201010
NetzwerkmanagementRatschläge für effektives Netzwerkmanagement
11 4 June 2010
Fehleinschätzungen:
12 4 June 201012
Ratschläge:
13 4 June 201013
Proaktives Netzwerkmanagement:
14 4 June 201014
Netzwerkmanagement mit HP NetworkingE-PCM+ (ProCurve Manager Plus)
15 4 June 2010
PCM+ Merkmale
16 4 June 201016
Depth of Management Features andBreadth of HP Device SupportHP ProCurve Manager v3
Breath of suppor t for a l l E -Series and most A-Ser ies devices
Depth of Features:– Auto-discovery, mapping, polling
HP N
etw
ork
ing
17 4 June 201017
– Auto-discovery, mapping, polling– Event management– Event-driven policy actions– Policy-based device management– Configuration management– Traffic management– Network Analysis / Diagnostics– Flexible and automated reporting– Integration capabilitiesSupport:– HPN E-Series– HPN A-Series– Many Cisco Devices
HP Confidential
Depth of feature
s fo
r HP N
etw
ork
ing
devices
Systemvoraussetzungen (minimum)
18 4 June 201018
Systemvoraussetzungen (empfohlen)
19 4 June 201019
HP ProCurve ManagerPlatform Support
ProCurve Manager has been certified to support several new* platforms (v3.10 and newer)
Windows Platforms
– Windows Server 2008 R2 (64-bit)*
– Windows Server 2008 (32-bit and 64-bit)
Virtual Servers
– Microsoft Hyper-V*
– VMware ESX v4*
20 4 June 201020
– Windows Server 2008 (32-bit and 64-bit)
– Windows Server 2003 (32-bit)
– Windows XP (32-bit)
PCM Client also supported on
– Windows 7*
– Windows Vista (32-bit)
Geräteunterstützung:
Bis zu 2000 Geräte pro Server/1200 Geräte pro virtuellem Server
– VMware ESX v4*
– VMware ESX 3.5
HP ProCurve Manager v3Distributed Management the Value of Agents
Agents are flexible
– Deploy centrally – increase scalability
– Distribute regionally/globally – correspond to network
Agents are secure
– SSL session is established between agent and server
– No SNMP, telnet, etc across the WAN PCM Server
PCM Agent
PCM Agent
21 4 June 2010
Agents are reliable
– Continue to manage if connectivity to server is lost
Agents reduce management impact
– Discovery and polling is closer to the devices
– Significantly reduced WAN traffic• Discovery, Traffic Monitoring, Device Monitoring, etc
Agents Support Network Security
– Firewall traversal to manage secure remote sites
– Supports service provider model – multiple customers from a single management station
PCM Server
PCM Agent
PCM Agent
ProCurve Network Management Suite
HP ProCurveIdentity Driven Manager
Policy-basednetwork access control
and monitoring
HP ProCurveMobility Manager
Wireless LAN planning, deployment,
management and
HP ProCurveNetwork Immunity Mgr
Network threat monitoring and management
22 4 June 201022
HP ProCurve Manager PlusNetwork management server platform providing
centralized and unified monitoring and management of a wired and wireless LAN
environment
Centralized console and interface for all ProCurve management tools
management and monitoring
Network Management– Fault management– Configuration management–Accounting management– Performance management– Security management
Identity Driven Manager (E-IDM):PCM+ Plug-In’s
Key features:
– Policy- and identity-based network access rights
– Provides appropriate access to network resources
– Dynamically configures security and performance
– Resilient architecture promotes high availability
23 4 June 201023
– Resilient architecture promotes high availability
– Integrates with MS Network Access Protection
Identity Driven Manager is a powerful tool that allows network
administrators to efficiently manage the users and devices connecting to
their network.
Network Immunity Manager (E-NIM):PCM+ Plug-In’s
Key features:
– Intrusion detection
– Intrusion response
– Security Management, including Security Dashboard
– Policy Management based on event source, location, time and action
24 4 June 201024
– Policy Management based on event source, location, time and action
– Centralized Management of HP TMS zl Module
– Reporting
HP Network Immunity Manager detects and automatically responds to
internal network threats such as virus attacks.
Mobility Manager (E-MM)PCM+ Plug-In’s
Key features:
– Real-time performance monitoring of MSM devices
– Dashboard of APs, rogues, neighbors, and clients
– Rich set of wireless services usage graphs
– Centralized configuration maintenance through PCM
25 4 June 201025
– Centralized configuration maintenance through PCM
– Site planning tool and heat map features
HP ProCurve Mobility Manager (PMM) is a software module that monitors
wireless networks, aids in RF visualization, and leverages HP ProCurve
Manager Plus tools in the management of mobility devices
HP ProCurve Manager v3.20ProCurve ONE Module Management
Simplifies the deployment of ProCurve ONE modules and applications
– Discovers ProCurve ONE Modules in the network
– A wizard steps users through the process of:• Installing a ONE application on the module
• Activating the ONE application
26 4 June 201026
• Activating the ONE application
– Enables the uninstall a ONE application from a module in order to deploy a different ONE application
– Can be used to easily deploy the ProCurve Manager Plus Agent application on a ProCurve ONE module
HP ProCurve Manager v3.20Custom Script Wizard
Enables secure user-defined extensions to the ProCurve Manager Plus platform
– Secure• Only authorized PCM+ users can invoke scripts on devices
• PCM+ maintains credentials so they are not in external scripts
Uses secure protocol such as SSH when available on device(s)
27 4 June 201027
• Uses secure protocol such as SSH when available on device(s)
– Easier to use• Script wizard handles device interactions such as login and prompts … allowing script to focus on control logic
– Integrates with PCM• Can be triggered by events or automation policies within PCM+
• Allows for passing information via command line parameters
PCM+ Agent with ONE zl Module …is compatible with ProCurve Manager v3.20
28 4 June 2010
PCM+ Agent with ONE zl Module
– What is it?
29 4 June 201029
PCM+ Agent functionalityrunning on a
ProCurve ONE Service zl Module!
HP Confidential
Why? … Reduced TCO
– Simplified processes• Acquisition – the module can be ordered along with other network equipment and is considered a network device, therefore does not require interactions with a server team to deploy a PC server
• Deployment – the module is pre-loaded with the PCM+ agent software, simplifying the deployment process at remote sites where technical expertise may be lacking
• Management – the module includes the PCM+ agent software and the operating system, removing the on-going management of a PC server
30 4 June 201030
removing the on-going management of a PC server
– An integrated and tested solution• Reduced footprint – the module form-factor reduces the number devices in a rack or at a site
• Proven interoperability – the hardware and software have been tested together, minimizing the chance of integration issues while ensuring a single point of contact for any support issues
PCM+ Agent with ONE Services ModuleBundle Components
HDD with PCM+ Agent PCM+ AgentApplication Registration
CardHP ProCurve Manager Plus Agent
ONE Module Label
31 4 June 201031
ONE Services Module w/o HDDStartup Guide
– Also available as a ProCurve ONE Application which can be loaded onto the HP ProCurve ONE Services zl Module (J9289A)
Product Release InfoProCurve Manager v3.20
32 4 June 2010
ProCurve Manager Plus v3.20Product Availability and Licensing
HP ProCurve Manager Plus v3.20
– Availability – web download available July 12, 2010
– Licensing• Same product structure as PCM v3.00 release for new customers
• Free update for customers with who registered PCM v3 license within last 12 months
33 4 June 201033
• Free update for customers with who registered PCM v3 license within last 12 months
• Purchase of extended maintenance SKU is required for customers who activated more than 1 year ago, enables
• update and extended phone support− J9630A HP ProCurve Manager Plus v3 Platform 50-device License Additional
− 1-year Maintenance
− J9631A HP ProCurve Manager Plus v3 Platform Unlimited-device License
− Additional 1-year Maintenance
HP ProCurve Manager PlusNetwork Management Suite
Target Customers
– Medium to Large networks ranging from 10 up to 3500 network devices
– Primarily ProCurve networks
Solution Benefits
34 4 June 201034
– Broad management capabilities from a single management platform
– Reduced TCO – tiered pricing, minimal time-to-value, reduced management overhead
– Secure management for distributed networks
– Integrates with HP Network Management Center tools for deeper management of ProCurve devices
Licensing Model
– HP PCM+ (NIM, MM)• Comes with support for 50 devices (Device = IP address)
• IDM starts with 500 devices
– Extra Node Licenses can be purchased• Add in steps of 100 devices or unlimited
IDM: add in steps of 1000 devices or unlimited
35 4 June 201035
• IDM: add in steps of 1000 devices or unlimited
– Download Evaluation version from HP web site• Will run as full version for 60 days, after 60 days as limited PCM version
Netzwerkmanagement mit HP NetworkingiMC (intelligent Management Center)
36 4 June 2010
What is IMC and why is it different?
– IMC is our next generation management platform for A Series networks• HP IMC Enterprise & HP IMC Standard
– Unique Highly Integrated Single Pane Management• Integrated management of Resources, Service and Users
Single platform for managing Cisco and HP networks
37 4 June 2010
• Single platform for managing Cisco and HP networks
• Supports Cisco, HP (E-Series/ProCurve), H3C, 3Com, and 3rd party devices
• Ideal for managing through vendor transition or introduction
• Single interface and application to manage entire network
• Delivers full FCAPS solution
– Rich portfolio of Modules extend functionality as needed• UAM/EAD deliver power full NAC
• Wireless, QoS, SLA etc..
Enterprise Network Management Problems
“I have too many tools”
“My network is unstable due to changing configurations”
“I’ve no visibility or control of what's
Every vendor, every technology is requiring its own management interface.There is a need to “Do more … with less”
Change accounts for 69% of network downtime and degradation. How do I handle, secure, and audit change?
38 4 June 2010
“I’ve no visibility or control of what's happening on my network”
“I need to control who has access to what”
audit change?
Who is doing what on my network? How are my business critical applications and services running? Is my network optimized to deliver services for my users
Who has access, What and When do they have access, but also What are they doing once they have access
Minimum System Requirements
39 4 June 201039
System Requirements
40 4 June 201040
Highly Resilient & Scalable Deployment
Resource management
Alarm management
Performance management
UAM
EAD ACLM
WSM
NE management
MVM
Slave 1 Slave 2 Slave 3
Resource management
UAM
EAD
Performance management
ACLM WSM
MVM
Slave n
...
41 4 June 2010
Distributed deploymentCentralized deployment
management
MasterAlarm management NE
management
management
Browser Browser Browser
……
Number of supported devices only limited by Server Hardware !
IMC Platform Portfolio
HP IMC Enterprise– Hierarchical top level
– Supports 200 nodes
– Unlimited Node support
– Platforms
HP IMC Standard– Can be slave
– Supports 100 nodes
– Unlimited Node support
– Platforms• Linux / Oracle / MySQL
42 4 June 2010
• Linux / Oracle / MySQL
• Win Server 2003 / MS SQL 2005
• Win Server 2008 / MS SQL 2008
– Includes NTA module
– No integrated DB
• Linux / Oracle / MySQL• Win Server 2003 / MS SQL 2005• Win Server 2008 / MS SQL 2008
– Integrated DB• MS SQL Express
Additional incremental node licenses 100, 500, 1000, 5000 & UnlimitedSome features only with iMC v5.0 Release available November 2011!
HP IMC Standard Service
Components
43 4 June 2010
iMC Platform Platform
ACL Manager
Service
Components
Intelligent ConfigurationCenter
Device Manager Security Control Center
HP IMC Enterprise Service
Components
44 4 June 2010
iMC Platform Platform
ACL Manager
Network Traffic AnalysisService
Components
Intelligent ConfigurationCenter
Device Manager Security Control Center
HP IMC Enterprise & HP IMC Standard
User Access Management
MPLS VPN Manager
Service
Components Wireless Management
EPON Management
QoS Audit Component
Security Management Component
……
IPSec VPN Manager
45 4 June 2010
iMC Platform Platform
Endpoint Admission Defense
ACL Manager
Network Traffic AnalysisService
Components
Behavior Audit ComponentIntelligent Configuration
Center
Device Manager Security Control Center
EPON = Ethernet Passive Optical Network used for Fiber-to-the-building
iMC Features
46 4 June 201046
Powerful Administration Control
– Multi User Role based management
– Administrator controls who can manage what
– Full audit trails of operator actions
47 4 June 2010
Rich Resource Management
– Powerful Discovery and Topology• Full Inventory of network infrastructure
• Layer 2, Layer 3 and VLAN Topologies
– Organise and visualise network via Customer Views
– Integrated Element Management
48 4 June 2010
– Integrated Element Management
Powerful Performance Management
– Maximise network availability through powerful monitoring of• CPU, memory and bandwidth utilization, device response times & availability and much more
– TopN statistics highlight most loaded area & devices
– Threshold based alarming quickly highlight issues
– Customizable Alarm filters stops information overload
49 4 June 2010
– Customizable Alarm filters stops information overload
Efficient Fault & Event Management
– Allows in dept correlation and analysis of alarms • IMC, Trap and Syslog
• Helps efficient trouble shooting
– Experience capture ensures lessons are shared
50 4 June 2010
Flexible Reporting
– Analysis of network trends and capacity planning
– Predefined and Custom reports
– Schedulable and flexible delivery options including email
51 4 June 2010
Simplified VLAN Management
– Simplifies the deployment and management of VLANs• View current VLAN configuration
− Including VLAN topology
• Bulk deploy VLANs across the network
52 4 June 2010
Comprehensive Configuration Management
– Fast efficient roll out of network changes• Bulk configuration
– Lock down network configuration• Scheduled Backup & restore
• Baselining and notification of network changes
53 4 June 2010
– Flexible Agent Administration• Running or standby deployment
ACL Management
– Simplified definition and deployment of ACLs
– Enables network based security and QoS
– ACL rule optimisation ensure efficient use of ACL resources
54 4 June 2010
Network Traffic Analysis
– Unlock the power of –sFlow, NetFlow and NetStream
– Allows greater visibility and control of network usage–Enables User based traffic flows and network usage
55 4 June 2010
usage
– Including fault and SLA analysis,
– Easy to understand reports based on traffic, application and session baseline and trend of network traffic
55
IMC Cisco Support
– Comprehensive support of Cisco• Discovery / Topology
• Monitoring / Performance Management
• Events / Traps
• Configuration Backup / Restore− Configuration comparison
56 4 June 2010
− Configuration comparison
− Baselining and change notification
• Bulk Configuration
– Single management solution for mixed HP/Cisco Network• Ideal for product migration
Licensing Model
– HP IMC Enterprise and HP IMC Standard• Comes with support for 100 devices (Device = IP address)
• 200 devices with Enterprise Edition with iMC 5.0
– Extra Node Licenses can be purchased• Add incrementally 100, 500, 1000, 5000 or unlimited
– Download Evaluation version from HP web site
57 4 June 2010
– Download Evaluation version from HP web site• Will run for 60 days
• 50 node limit for evolution
• Enterprise requires a database− Can use Windows XP & MS SQL Express for evaluation only
New Features in HP IMC 5.0
– Dynamic B/S Architecture
– Custom Homepage
– IP/Network Topology (STP/MSTP Topology, Visio Export)
– Datacenter Topology (with 3D !)
– VMWare Management
58 4 June 2010
– VMWare Management
– Performance Enhancement
– Enhanced Cisco Support including Software upgrades, VLAN Management, Network Traffic Analysis
NetzwerkmanagementInstallation PCM+ als Beispiel
59 4 June 2010
ParameterPhysikalisch:
Hardware: 2.5 Ghz Quad-Core AMD Phenom CPU
4 GB Arbeitsspeicher
1 TB Festplatte
Software: Windows 7 (32 Bit)
VMWare Workstation 6.5.3
60 4 June 201060
Virtuell:
Hardware: 1 Prozessor für VM
2 GB Arbeitsspeicher
100 GB Festplatte
Software: Windows XP Professional Service Pack 3
Start installation
61 4 June 201061
Introduction
62 4 June 201062
License Agreement and Read Me First
63 4 June 201063
Auto detection of current configuration
64 4 June 201064
Auto detection of current configuration (2)
65 4 June 201065
Choose Install Set
66 4 June 201066
For inital installation, it is recommended to install PCM without Plug-In’s !
Choose Install Folder
67 4 June 201067
Make sure you have enough free space on your harddisk !
Pre-Installation Summary
68 4 June 201068
Installing...
69 4 June 201069
...takes some time...
NNMi Integration
70 4 June 201070
Configure User Settings
71 4 June 201071
Make sure you remember your passwords !!!!!!!!!
PCM Administrator Password
72 4 June 201072
Make sure you remember your passwords !!!!!!!!!
Initial Discovery Setting
73 4 June 201073
Set SNMP parameters
74 4 June 201074
Set CLI parameters
75 4 June 201075
Set Proxy parameters
76 4 June 201076
Automatic Update parameters
77 4 June 201077
Done !!!
78 4 June 201078
First Start of PCM+
Connect to server
(Localhost)
79 4 June 201079
Login (if you still know your
password...)
Here we go...
80 4 June 201080
Found some devices automatically ☺
81 4 June 201081
NetzwerkmanagementLive Demo‘s
82 4 June 2010
Outcomes that matter.
83 4 June 2010
