When NetMRI performs Discovery on devices in the network for the first time, they're organized into Device Groups and Interface Groups, using common-sense networking terms.
Device Groups and Interface Groups are the primary organizational units in NetMRI. You can create device groups in a nested structure, with some device groups subordinate to other device groups. You can apply device group membership criteria in the same ways with nested device groups as for device groups from earlier releases of NetMRI, which used a flat data structure and enforced all device groups as existing on the same peer level. You can now create a hierarchical list of device groups, comprised of top-level groups, with child device groups subordinate to them, with child device groups further subordinate to their parent groups. For information, see Creating Device Groups.
NetMRI uses device groups to organize device discovery results, generate separate scorecards, filter issues and to manage polling and processing for each device in the network. Device groups also offer control of Switch Port Management processes, including the ability to immediately carry out Switch Port polling in a device group.
Device groups can also be used for suppression of Issue reporting across sets of devices, and to modify the thresholds used by NetMRI for raising chosen issues. The use of Device Group suppression removes the need for manually suppressing undesirable issue instances and allows for instances that have yet to be raised to be suppressed before they are raised.
You create device groups to organize devices according to business needs. Devices can belong to more than one group, and different sets of groups can be used for different purposes.
For example, you might create a collection of groups named North, South, East and West that organize devices geographically, while creating another set of groups named Accounting, Sales and Engineering that organize devices along departmental lines. This allows you to manage devices across different dimensions, using similar mechanisms. With the groups described above, for instance, you can generate separate scorecards for all devices in the West or all devices used by Engineering. You decide on the organization, and NetMRI properly sorts everything.
...
The NetMRI appliance functions as a Telnet and SSH session proxy for users to communicate by command line with devices on the network, including devices that the system sees and can reach, but does not manage. This functionality extends to Telnet or SSH sessions with NetMRI devices themselves.
The Telnet/SSH proxy also provides full VT100 emulation for systems and devices that need it. NetMRI provides a hard limit of ten concurrent SSH or Telnet sessions from any NetMRI instance to other devices. (Example: if one user has seven Telnet sessions open on a NetMRI instance, all other users are limited to a total of three additional terminal sessions.)
...
For any Telnet or SSH session, administrative users can define user CLI credentials for other NetMRI user accounts. The location for configuring is Settings icon –> User Admin –> edit User –> CLI Credentials tab. (Accounts that can modify CLI credentials for themselves and other users include SysAdmin, UserAdmin and ChangeEngineer High.) Without User CLI credentials, other users can still log in to devices using their own device-specific credentials. This is particularly handy for devices that are not directly managed by NetMRI, such as Linux systems, but for which a user has a specific account. Some devices that are detected and/or managed by NetMRI may not provide the same level of Telnet or SSH as NetMRI. This is an advantage of the Telnet/SSH proxy.
Some NetMRI user accounts, such as ChangeEngineer Low, will not be able to start terminal configuration sessions using the Telnet/SSH proxy. System credentials can also be used for Telnet/SSH sessions. See Creating Admin and User Accounts for more information.
All session activity is logged. See User Audit Logs for more information.
...
You can configure an SSH connection to automatically connect to a managed device using SSH environment variables. Using this feature, you can save shortcuts to the devices to which you frequently connect.
You can use the following environment variables to set up the automatic connection:
...
When you display a single audit log entry, a complete screen dump of the entire session is shown in text format. Session audit logs are kept by the appliance for a rolling 30-day time window. Audit logs are available at two levels: system-wide (under Settings), and for individual devices (in the Device Viewer). Error events you see here are normally associated with credential guessing operations by NetMRI and user-initiated SSH/Telnet sessions to individual devices.
For CLI Credential guessing and Telnet/SSH session attempts, you will see messages for the following phenomena:
...
The Device Audit Log (Device Viewer–> Settings & Status–> Device Audit Log) provides a device-specific list of events related to the device's management by NetMRI. You can expect to see messages such as LicenseAdd, indicating when the device was added to NetMRI management into a Device Group for purposes of Switch Port Management or other licensing requirements; and DiscoveryDelete, a case where a device with a particular management port IP address was removed from NetMRI management due to another device being managed through the same IP.
A second Device Audit Log, in Settings icon –> Notifications–> Device Audit Log, provides a listing for all Discovery and Licensing messages for all devices managed by NetMRI.
When devices are removed from the license count for NetMRI or ACM, related event messages will appear.
...
Device groups are a fundamental organizing tool in NetMRI. You use device groups to gather devices with similar attributes and similar categories together, to perform device management tasks, or because you want to organize a set of devices into a group to perform specific processing tasks or to prevent processing tasks from being performed. Device groups are divided into two types: Basic device groups, which provide only basic categorization and processing features to limit processing loads on member devices; and extended device groups, which provide the full set of NetMRI device processing features on member devices (for more information, see Controlling NetMRI with Device Groups ).
The default set of device groups in NetMRI appears as a hierarchical list and includes the following:
...
The main Dashboard, Network Analysis and Network Explorer pages show the Device Group Selector control on the right. Simply click a device group name in the selector to filter the contents of the main display pane. To edit a device group, right-click any device group name and select Edit Device Group, or click the Edit Device Group icon.
All top-level device groups can act as top-level device groups for nested device groups. Nested device groups can only contain devices from the parent device group. You can nest child device groups up to five levels deep in the tree. By default, child device groups automatically appear in the tree but can be hidden by clicking the (-) symbol next to the parent group.
...
All default device groups (including those listed above) in NetMRI are extended device groups, which means that they support extended processing functions. Some types of network devices warrant more processing by NetMRI, such as the collection of performance and environmental data, open ports probing, NetBIOS name probing, collecting of configuration files, analyzing for issues, and other device processing features. Some device types can be quickly excluded from complex processing tasks by simply assigning them to a basic device group. Many end host networks may fall into this category.
You can create both basic and extended device groups in your deployment. You can also convert basic device groups to extended device groups, and also the reverse, at any time.
Basic device groups limit their processing options to a minimum. Basic device groups do not contribute to NetMRI Network Scorecard calculations and significantly reduce back-end processing. You can define group membership criteria and use the Include end hosts feature for any discovered network segments that match your requirements. An example involves collecting end host network segments into a basic device group to avoid expending system processing cycles on network devices that do not require them. (For more information on group membership criteria, see the section Understanding Device Group Membership Criteria .)
Extended device groups provide a substantial collection of settings to determine how the device group processes its information. Along with defining group membership criteria, a number of option switches help determine the level and types of processing performed by the device group:
...
Through device groups, switch port management enables you to monitor and analyze the complement of Ethernet trunks and switch ports in their network. Switch port information gathering, or polling, is the key tool for doing this. Device groups can specify unique switch port management polling settings. Not all device groups will use these settings, which are located under Settings icon –> Setup –> Collection and Groups –> Groups tab, take precedence over the global settings defined in the Collection and Groups feature.
A device group can use either Periodic or Scheduled polling, or disable polling for the device group.
...
For Extended device groups, NetMRI uses Rank settings, defined for each group, to determine how and when each device is processed after it is discovered on the network. The default groups defined by from the same organize devices essentially into "network" and "non-network" devices, based on their type and assurance level. Network devices usually have SNMP and Config collection and analysis enabled, while non-network devices do not. This reduces unnecessary data collection and processing loads, allowing the appliance to work more efficiently for devices that matter most.
By selectively enabling and disabling data collection, you can fine-tune NetMRI performance, or ensure that NetMRI processes the most important devices when a Device Limit or Interface Limit, based on licensing, is exceeded. In such cases, the Rank associated with each group is used to determine which devices are within the limits (devices with the highest rank) and which are outside the limits (devices with a lower rank). In this way, the most important devices, as indicated by the group rank, are processed while others are not.
...
Discovery uses two special device groups, NAME ONLY and UNKNOWN, to identify and categorize devices as they are discovered. Newly found devices first appear in the UNKNOWN group, with SNMP collection and port scanning enabled to learn more about them.
The NAME ONLY group lists devices for which very little is known, except for their name (which usually comes initially from DNS). If more is learned, such as their SNMP community, devices disappear from these low level groups and appear in higher-level groups, where their process settings change to meet the needs of that group.
...
The table in the Device Groups side tab lists all device groups, with default sorting by Rank. Each row shows group configuration settings, with any parent groups appearing as folder icons indicating that child device groups exist as child device groups beneath them in the tree. The device groups table provides a series of columns showing status of various discovery and monitoring features that are enabled or disabled for each group.
Tooltips appear when you hover over any icon in the table, including column headers. For example, when you hover over a row's MC (Membership criteria) column, it displays the complete text of the membership criteria regular expression. Any feature column that is cleared, without a checkmark, for a device group indicates that the given feature is not enabled. (Bear in mind that individual devices of certain types can override group-level settings. For information about device-level settings, see Interpreting Discovery Table Data .) The complete list of data points provided for every device group at all nested levels, includes the following:
ARP (Refresh device caches) | Indicates whether member devices in the group will have their ARP caches refreshed before collecting discovery data. NetMRI uses ARP cache refresh to control LAN switches from which switch-forwarding data is collected. For information, see Notes on ARP, Switch Data Collection, and End Hosts . |
SNMP | Indicates whether the device group is set to enable SNMP data collection for member devices. SNMP collection can also be enabled/disabled for groups and devices. |
PS (Port Scan) | Indicates whether members of the device group will be scanned for open protocol ports. If enabled, NetMRI probes the TCP and UDP ports listed at Settings icon –> Setup –> Port List, to determine whether they are open. For information, see Defining Group Data Collection Settings . |
FP (Fingerprint) | Indicates the device group setting to use the Identify device using fingerprinting setting for member devices. (This setting is dependent on the Probe for Open ports feature.) A polling technique to identify each network device based on the response characteristics of its TCP stack. This information is used to determine the device type. In the absence of SNMP access, fingerprinting is usually the only way to identify non-network devices. For information, see Defining Group Data Collection Settings . |
C (Collect configs) | Indicates the device group setting to allow config file collection for all members in the group (Collect config files). |
CCS (CCS scripting) | Indicates the device group setting to allow CCS script file execution for all members in the group (Allow Script Execution). |
| PP (Privileged Polling) | Indicates whether the option CLI polling in privileged mode (i.e. privileged exec (enable) mode) is enabled for the group the device belongs to. You can override this setting for an individual device in the Device Viewer. |
DC (Default Credentials) | Indicates the device group setting for Test for Default Credentials, used to scan for the presence of vendor default credentials for all members in the group. |
A (Issue Analysis) | Indicates the device group setting to allow Issue analysis for all members in the group (Analyze for Issues). For information about Issue analysis, see Viewing Issues in the Network . |
CL (Config Lock) | Indicates the device group setting to collect config data but to consider all member device configs a locked and not to be changed through NetMRI (Regard configurations as 'locked'). For information, see Defining Group Data Collection Settings . |
NB (NetBIOS Scan) | Device polling method to collect the NetBIOS name for endpoint devices in the network. Device groups also enable NetBIOS scanning. For information, see Defining Group Data Collection Settings . |
DB (Discovery Blackout) | Indicates the device group setting to impose discovery blackouts. For information, see Defining Blackout Periods . |
CB (Change Blackout) | Indicates the device group setting to impose configuration change blackouts. For information, see Defining Blackout Periods . |
SPMC (SPM | Indicates the device group setting to allow switch port data collection (Switch port data Collection). For information, see Device Groups and Switch Port Management. |
SPMS (Polling Schedule) | Indicates whether the device group provides a polling interval or scheduling for switch port data collection. This setting is dependent on an enabled Switch port data Collection setting for the device group. |
MC (Membership Criteria) | Hovering the mouse over the check box in this column shows the complete regular expression for the selected device group. For information, see Understanding Device Group Membership Criteria . |
...
7. Activate the processing options for the new Extended extended group:
- Collect performance and environmental data: Enable or disable device performance and environmental information for all member devices in the group (for more information, see Changing Performance Data Collection Settings );
- CLI polling in privileged mode: Enable or disable CLI polling in privileged exec mode for the device group. You can override this setting for individual devices in the Device Viewer.
- Probe for open ports: If enabled, TCP and UDP ports listed at Settings icon –> Setup section –> Port List are probed to determine whether they are open.
- Analyze device using fingerprinting: If enabled, fingerprinting attempts to identify each device based on the response characteristics of the TCP stack being used.
- Probe for NetBIOS name: Setting to enable NetMRI to collect the NetBIOS names for endpoint device members in the device group. For more information, see Defining Group Data Collection Settings ) and is globally disabled by default to prevent unexpected scanning of the network by a new Operations Center Collector;
- Analyze for Issues: NetMRI evaluates over 250 discrete Issues, plus custom Issues defined by the admin user. Issues are discovered and reported by NetMRI based on globally set schedules. Disabling this feature for a device group disallows the group from being selectable in the Device Group Selector panel in the main Network Analysis–>Issues page For more information, see Evaluating Issues in NetMRI , and Viewing Device Issues, Configurations and Changes ;
- Test for default credentials: Allows NetMRI to test all devices in the group for the presence of vendor default SNMP credentials, which are a potential element for security breaches, but are also used for assistance in collecting device configurations. Credential default testing is also a compliance measure;
- Collect config files: When enabled, this check box allows NetMRI to collect all present configuration files for devices in the device group. to participate in the Configuration Management feature set, which allows you to view and compare differences between running-config and saved-config configuration files, and edit and manage config files on devices. For more information, see Configuration Management ;
- Regard configurations as 'Locked': Disallows editing of any collection configuration files for members of the device group;
- Allow script execution: Allows the execution of Perl and CCS scripts on member devices.
- Refresh device caches before collecting switch port data: Check box to enable refreshing of ARP caches on switches and switch-routers in the managed network before NetMRI performs polling of switch ports.
Enabling this feature will not produce an automatic ping sweep of the managed network (for information on ping sweep, see Defining Group Data Collection Settings ). The benefit of this feature is that it enables more accurate detection of all endpoint devices on switches. Without ARP refresh, some endpoint devices may not be detected. This feature is globally disabled by default. With this setting globally enabled, individual device groups can also be set to enable or disable this feature.
(For more detailed descriptions of these options, see Global tab –> Network Polling panel and Global tab –> Config Management panel.)
...
NetMRI ships with pre-defined device group definitions. These groups are based on device types and assurance levels (the probability that from the same has correctly identified a given device) and are primarily used to see what has been discovered on the network. Default device groups can be used as-is, edited to suit your needs, or removed completely (provided you have admin rights to do so).
Use caution when deleting device groups; the Routing, Switching, NIOS, Optimizers, Security, and many other groups are groups built-in with NetMRI and should never be removed without first having developed new groups with the desired functionality to take their place.
Default device groups serve as good examples of how selection criteria and process settings can be defined to organize your network devices, but you should learn how to create your own device groups to gain all of the benefits of the device groups feature.
...
Change issue thresholds and suppress issues for device groups in the Settings icon –> Issue Analysis –> Issue Group Settings icon –> by Device Groups and by Interface Groups side tabs. After selecting a group in the left panel, the Issue Settings for Group table lists all issues for the group and shows the current thresholds (if any) in the Criteria column, and whether any listed issue is suppressed.
Consult the topics Issue Group Settings and Performing Issue Suppression for more information.
...
After Discovery, you can organize all interfaces discovered on the network into collections of named groups. Similar to device groups, interface groups can be used to organize interfaces for results analysis, troubleshooting or to manage interface data collection. Interface group membership is determined periodically and stored in the database. Interface Groups have considerably narrower use in NetMRI compared to Device Groups.
NetMRI ships with a set of common-sense default interface groups that automatically organize common interfaces, such as switched Ethernet ports, VLANs and Ethernet trunk interfaces. Interface groups can be modified or copied, pasted and edited to create new ones, or you can create entirely new groups (provided you have admin rights to do so).
...
The Interface Groups page provides an Actions column, populated with a series of gear icons. Clicking each icon displays a shortcut Actions menu offering group editing features: for interface groups, View Members lists the interfaces within the group; Copy, Edit and Delete perform their respective functions on the selected group.
Use caution when deleting interface groups; the Admin Down, Trunk Ports, Active Router Interfaces and Switch Ports groups are built-in groups with NetMRI and should not be removed without first having developed new groups with the desired functionality to take their place.
You create and configure interface groups in the Interface Groups page (Settings icon –> Setup –> Collection and Groups –> Groups tab –> Interface Groups side tab). The benefits of using interface groups include:
...
Performance data consists of utilization rates, error rates and broadcast levels for the interfaces that are gathered into an interface group. You can also view the same performance data for each interface in the interface viewer.
Performance data includes configured speed, throughput, percent utilization, percent errors, percent broadcasts and percent discards. Additional information can be displayed through selections from the Columns drop-down list available via column header menus.
By default, performance data collection is disabled for most interface groups. NetMRI provides two ways to enable performance data collection:
...
Performance data collection uses interface groups to determine the data types to be collected and stored for each monitored interface. Because collection runs continuously, it needs to be informed when interface group definitions have been changed. Notification is done automatically if one or more group definitions have been changed since the last group generation process was performed (either scheduled or manual). If a definition changes while collection is taking place, the changes will not take effect until the next collection run.
At that point, interface data collection resumes collecting limited data for all interfaces to determine which should be further processed, based on the new definitions.
...