Teneo !!!

Aaron’s blog on Networking, and Enterprise Technology

Category Archives: Network Management

HP Les Stuart Interview

Video of me interviewing Les Stuart of HP ESSN (Enterprise Server, Storage, Network) management group.  Unfortunately, we could not get a “quiet room” in time, so we had to do this on the “Interop Floor”.  So, there is alot of background noise.  Sorry.  Hope you can hear it.


Interop 2011 finishes – Systems Mgmt

Came back from Interop Las Vegas yesterday. What a blast! I met so many great people from Twitter and HP Networking team, I can’t name everyone. But, you know who you are!!

The first day Interop started, I got put into “systems management” mood. Dunno why, but I just wanted to know everything that dealt with systems management.

I stopped by the ManageEngine booth to see their latest offerings (I already use ServiceDesk, and have used OpManager before). It was good. OpManager is a good product. However, their Netflow reporting module isn’t as integrated into their product suite as I would have liked.  It can send events as “emails” to the helpdesk system, but you lose asset information, and other things.

I did not see SolarWinds there, as I would have liked to have talked to them about their Orion product and modules.

Firestorm from BreakingPoint won the Best of Interop 2011 category of “management and monitoring”, but I didn’t talk to them. Downside of making Interop so big.

However, I did get to chat with the HP Networking team in detail on IMC (Intelligent Management Center), which, was also used to manage and monitor the entire Interop NOC.

This system is just too cool! I’ve been an OpenNMS guy for years, and this system takes the cake. With a proven production system actively monitoring, managing, and collecting on over 200,000 devices, it can scale.

What is it’s coolest feature? The ability to manage over 2600 different devices (1000 of them are Cisco alone). As of next month’s service pack, it will be over 3000.  Now, that’s neat, but the coolest part, is that you configure them all the same.  The differences lie under the code that you don’t see.  So, if you want to create another VLAN and you do not use VTP, just create the VLAN, and all the different commands will be sent to each switch.  It will also track your configuration changes.

To quote Dave Donatelli on his press release Monday, “….. we manage Cisco better than Cisco….”.  After seeing the interface, there is no doubt.  Features like central ACL’s (no, no ASA support just yet…. I already asked), VPN management, User Authentication (RADIUS and TACACS), QoS policies, etc, can all be managed from the same interface no matter what the vendor is.  Some are extra modules that you add on.

Other modules include their NTA (Network Traffic Analyzer), which is their NetFlow/sFlow collector and reporting tool, and MPLS VPN management.  You can even see your VMWare environment and kickoff vMotion from here.

In talking to Bob Suhay in the Enterprise HP Networking Group, he explained to me that this system was meant to prevent “swivel chair” syndrome, as you change between different monitors to do different things.

IMC is a really cool product, and I, for one, will include it into my bids next year for a possible replacement.

HP’s Network Management with FlexNetwork Architecture

During Interop, I’ve had the pleasure to discuss, in detail, HP’s ideas and plans for a “Single-Pane” management interface, coming from Les Stuart, Distinguished Architect.

It should come as no surprise, that HP is the *KING* of applications.  Their product line is very diverse.  Some would even say, “too excessive”, and each device has it’s own management application.  Not only that, but there is also additional software to manage multiple applications/devices.  From Proliant Servers (Insight Manager) to Procurves (Procurve Manager).  And from storage networks (StorageWorks) to data networks (Network Node Manager and IMC), just to name only a few.  Confusion comes from determining which application to use for what.

Now that HP has publicly addressed the need for a single architecture called FlexNetwork, they have a few hurdles to overcome, to say the least.  But to Les Stuart, he sees opportunity, not challenges.  His passion to bring everything together makes one believe that not only is it possible, but it’s already underway.

“There has already been significant investment in the developing of the current applications for our product line….. and they’re GOOD.  Why re-invent the wheel?  We would rather keep those existing platforms, and [roll-up] the data into a single-pane interface for the personnel to use, seeing only the parts that they need”, says Stuart.  “[Drilling-down] to the device will simply open it’s respective application for details”.

However, it does not stop there.  Stuart’s vision for the FlexNetwork is not just managing and monitoring.  It includes provisioning.  “We want our software to not only manage those devices, but add [automation] so that if an administrator wants to ‘spin-up’ a new server, we can assign the VLAN, build the firewall policies, carve out storage, and assign the network access-lists”, Stuart goes on.

Do you want integration into your already existing management system? No problem, says Stuart.  Using existing standards and models like Netconf, Openflow, and Openstack, and following the FCAPS model, HP wants to make it easy to integrate into existing platforms.  “It’s not just an application, but a framework to build upon.”

HP wants to give you the starting tools to do what you need.  However, if you want to do more, you can.

HP will not be releasing a full-featured product like this anytime soon.  However, you can expect to see a “link launcher” as Stuart calls it, sooner than later.  A single point of access for all your HP tool needs.  I, for one, will be watching closely to see how HP handles this.  If it’s as good as Les Stuart is excited that it can be, it will be a fantastic and missing feature that admins are missing.

Network Management: What is it?

What does it mean to manage a network?  In today’s world, network management is a marketing term used to target professionals aimed at network systems.  To me, its much like using “Cloud”…. you ask 10 people, and you’ll get 10 different answers.

I’m going to attempt my thoughts and opinions on what Network Management really means.

To some, “Network Management” is just having the ability to remotely administer switches and routers.  In that context, network management is localized to your ability to control a single entity.  Others may think it is only SNMP gets and traps.  This is what marketing has sold us.  But “Network Management”, to me, is so much more.

Network Management skills is the ability to analyze and identify metrics in such a way to answer questions like, “When do I need to upgrade my WAN links”, “Are my switches performing efficiently and below thresholds”, and “Are my QoS configs doing what they are supposed to be doing”.

Full “Network Management” should be able to identify the categories defined as FCAPS:

  • Fault Management – Identify and notify on faults and alarms.  Possibly even build automation systems to alleviate or resolve those faults.
  • Configuration Management – Maintain configurations.  Could be as simple as plain text configs, to the advanced Versioning and Workflow
  • Accounting – Tracking statistics for the possible billing or identifying usage of subsystems.
  • Performance Management – Track how well things are performing, whether it’s processing, memory, or link performance.
  • Security Management – This could be as simple as identifying and tracking logins, to advanced Intrusion Protection Systems.

Most systems that I’m aware of, usually cannot do them all from one application, and those that claim to, usually will sacrifice one to enhance the other.  There are certain advantages to having a single system managing all aspects of your network.  1 single repository and reporting system makes it easy to maintain and use.  It is up to you to identify which.

From what I can see, there is only one company that sponsors a “Network Management” certification.  SolarWinds, I’m told, has a good, well-rounded certification.  And while they claim that the majority of the certification is not based on their product, the name alone implies to employers of a ‘branded’ exam.  Cisco had a certification once, but expired it in 2005.  Still, it’s a good start, and am waiting on other vendors to create a more “standard” exam.  It will be necessary as we see this convergence into network protocols, and the management of those systems will be increasingly critical.

I read once, “You cannot manage, what you cannot see”.  Network management is not easy, but once you find the right systems to help you report and identify, it will certainly help.  Once you have the right metrics, and events to correlate on, you’ll find you have more answers than questions.  Now, when someone comes to you and say, “The network is slow”, you can now say with with an assured expression, “I know”.  🙂 🙂

Finding your inner skill-set

I’m sure there are times where we all go through a period, where we just don’t know where are strengths are in our careers.  Many, are like me, just get your hands into everything.

While this is great, because it gives you a bigger picture, it left me feeling frustrated, as there wasn’t a single thing I was really interested in.  A topic that trumped the rest.  Something I can pride myself on as to knowing more than others.

It has taken me 10 years in the IT industry to finally figure out what that is.  “Network Operations Monitoring and Management”.

This fits well with me, because it still allows me to have some hands-on skills on all network operations, such as Domino/Exchange servers, network equipment, VoIP, web security, firewalls, programming, etc.  Because a management system needs to understand ALL of these systems, and correlate numerous metrics to identify a particular problem.

I’m actually kind-of excited, because I have finally answered the question I’ve been asking myself for so long.

May you also answer the lingering questions, that you still have unanswered!

Styx being reborn – SQL Netflow Collector

Okay, after my last post about whether I should get back to rebuilding my netflow collector, Styx….. I finally made a decision.  I’m going to push on.

The main reason is because there really isn’t anything out there to give you the data you want.  Yes, there are some really great products out there, but you are limited to the graphs and data exports that the programming company *want* you to see.

Styx is different.  Yes, it will have the same kind of graphs, but puts you back in the driver’s seat.  The way I see it….. if you are saavy enough to know that you need netflow data, then you are competent enough to know what data you want to see.

Styx has an OLAP engine that will allow you to drill-down to see the data you need.  You can do all the “data-mining” you want.  Of course, I’m still building it, so it’s more like a fantasy than real life… but it IS in progress:  http://styx.javaforge.com

It’s built on SQL, so you can use your favorite reporting package.  Of course, on high-traffic networks, you could be analyzing millions of records, so to be efficient is a major challenge.  But, one that I’m willing to overcome.

Thanks to everyone for your comments on my previous post, as well as, the many emails I received.  I appreciate your feedback, advice, and confidence in me.

Once this package is available to use, I would love to have your help in letting me know what’s most important to you.

Until then, I will continue coding……. java-style!!