Page Comparison

...

Device Groups and Interface Groups are the primary organizational units in NetMRI. You can create device groups in a nested structure, with some device groups subordinate to other device groups. You can apply device group membership criteria in the same ways with nested device groups as for device groups from earlier releases of NetMRI, which used a flat data structure and enforced all device groups as existing on the same peer level. You can now create a hierarchical list of device groups, comprised of top-level groups, with child device groups subordinate to them, and with child device groups further subordinate to their parent groups. For more information, see Creating Device Groups. 

NetMRI uses device groups to organize device discovery results, generate separate scorecards, filter issues, and manage polling and processing for each device in the network. Device groups also offer control of Switch Port Management processes, including the ability to immediately carry out Switch Port polling in a device group.

...

• Device Viewer: Opens the Device Viewer for the selected device associated with the hyperlink.
• Config Explorer: Opens the Config Explorer for the device associated with the hyperlink.
• View Running Config: Queries the chosen device and displays the contents of its currently running configuration file.
• Changes: Displays the device's Network Analysis > Changes page in the Device Viewer.
• Issue List: Displays the chosen device's Network Analysis > Issues page in the Device Viewer. For more information, see Evaluating Issues in NetMRI. 
• Policy Compliance: Opens the chosen device's Network Analysis > Policy Compliance page in the Device Viewer, which shows the status of any Policies deployed against the chosen device.
• Topology Viewer: Opens the NetMRI Topology Viewer with the selected device as the central device shown in the map.
• Schedule Job: Opens the Job Details window, to set up a job script to run against the chosen device. For more information, see Job Management and Automation Change Manager. 
• Execute Command: Similar to Schedule Job, this option opens an Ad Hoc Command function to allow entry of a single command string to the chosen device. The command syntax needs to be compatible with the selected device like JunOS for Juniper, IOS or CatOS for Cisco, and so on.
• Open Telnet Session: Activates the Telnet/SSH proxy to start a new Telnet session with the chosen device.
• Open SSH Session: Activates the Telnet/SSH proxy to start a new SSH session with the chosen device.

...

All session activity is logged. For more information, see User Audit Logs. 

...

• Terminal: Open Session: This permits users to connect to network devices.
• Terminal: User System Creds: This permits users to use the credentials stored on NetMRI to access network devices.

For information about specifying privileges, see Defining and Editing Roles.
To connect to specific devices, users must also have permissions to the corresponding device groups to which the devices belong. Authorized users can use any SSH client to gain proxy connection using their NetMRI credentials, without the need to acquire the credentials for individual devices. With valid privileges, users can use the Connect command to connect to the devices from any SSH client. For information about the command, see Using the Connect Command. The CLI proxy feature connects only through the management interface on the NetMRI appliance. This helps eliminate the need to gain access to the user's computer through various networks, VRFs, and VLANs. Note that all connections and commands issued to any network devices through the CLI proxy are audited and logged. For information about audit logs, see User Audit Logs. 

Using the Connect Command

...

NetMRI ships with pre-defined device groups. Discovered devices are grouped based on their types and assurance levels. For more information, see Default Device Groups. 

All device groups are divided into two types:

• Basic device groups, which provide only basic categorization and processing features to limit processing loads on member devices. They are most useful for large collections of network devices that you know will not be actively managed, such as end-user network segments at the terminating end of Ethernet circuits.
• Extended device groups, which provide the full set of NetMRI device processing features on member devices. They provide network scores for the NetMRI Dashboard and enable management through user Roles and Privileges. Extended device groups also may impose a higher computation load on the appliance.

For more information, see Controlling NetMRI with Device Groups.

Default Device Groups

Default device groups serve as good examples of how selection criteria and process settings can be defined to organize your network devices, but you should learn how to create your own device groups to gain all of the benefits of the device groups feature.

...

Basic device groups limit their processing options to a minimum. Basic device groups do not contribute to NetMRI Network Scorecard calculations and significantly reduce back-end processing. You can define group membership criteria. For more information, see Understanding Device Group Membership Criteria. 

Extended device groups provide a substantial collection of settings to determine how an extended device group processes its information. Along with defining group membership criteria, a number of options help determine the level and types of processing performed by an extended device group:

• Include non-network devices: Enables collecting end-host network segments into a basic device group to avoid expanding system processing cycles on network devices that do not require them.
• Rank: For more information, see Ranking Device Groups.
• Polling Frequency: Allows you to modify the default polling frequency for all devices or for specific device groups. 
• Switch Port data collection: Enable this only for device groups with L2/L3 Ethernet switching devices as members. This allows you to enforce custom periodic or scheduled polling settings for specific groups. For more information, see Device Groups and Switch Port Management. 
• Collect performance and environmental data: Enable or disable device performance and environmental information. For more information, see Changing Performance Data Collection Settings. 
• Probe for open ports: Allows NetMRI to probe for open TCP/UDP ports on member devices.
• Identify device using fingerprinting: For more information, see Defining Group see Data Collection SettingsTechniques.
• Probe for NetBIOS name: For more information, see Defining Group see Data Collection SettingsTechniques.
• Analyze for Issues: For more information, see Evaluating Issues in NetMRI and Viewing Device Issues, Configurations, and ChangesInspecting Devices in the Network.
• Test for default credentials: Allows NetMRI to test all devices in the group for the presence of vendor default SNMP credentials, which are a potential element for security breaches, but are also used for assistance in collecting device configurations. Credential default testing is also a compliance measure.
• Collect config files: For more information, see beginning with Configuration Management.
• Regard configurations as 'Locked': Disallows editing of any collection configuration files for members of the device group.
• Allow script execution: Allows the execution of Perl and CCS scripts on group member devices.
• Enable Discovery Blackout: Define time periods when NetMRI will not communicate with devices or networks for discovery.
• Enable Change Blackout: Define blackouts for CLI interaction, scheduled or run-now job executions, Telnet/SSH proxy, and port control UI features for all devices in the group. For more information, see Defining Blackout Periods.

...

• .

You can convert basic device groups to extended device groups, and also the reverse, at any time.

...

1. In the Device Group Selector, right-click the Switching device group and select Edit Device Group. The Edit Device Group dialog opens. The Switching device group is an extended device group that provides several features designed for Ethernet switching devices management.
2. Open the Switch port data Collection dropdown. Select from the following options:
   • Use Global Settings: Enforces the use of global periodic or scheduled polling settings for the current device group. For more information see
Global Switch Port Management Polling Settings
3. • Data Collection Techniques.
   • Specify polling Interval: Defines custom regular polling time periods for the group. Choose a polling interval of 1 or more Minutes or Hours, or click Poll Now to poll all devices that are members of the device droup.
   • Specify schedule: Select an existing custom group schedule or click Add New Schedule to create a new custom schedule for recurrent polling of the group. Select a Recurrence Pattern of Once, Hourly, Daily, Weekly, or Monthly. In all cases, you must choose an Execution Time. Click Add when finished defining the new schedule. To delete a schedule from the list, click the trashcan icon in the Actions column.
   • Disable: Disables device switch port data collection for the selected device group. Disabling switch port data collection prevents NetMRI from collecting VLAN and switch forwarding data. This can affect neighbor topology for the switch and any connected devices to the switch possibly resulting in NetMRI not being able to accurately locate devices on the network. Disabling switch port data collection also prevents analysis of any VLAN-related issues for a disabled switch.

3. Click Save & Close or Save & New.

...

1. Click the Settings icon > Setup > Collection and Groups > Groups.
2. Right-click a device group and select Add > Child from the shortcut menu.
   The Add Device Group dialog appears.
3. Select either Basic or Extended. By default, Basic is selected. For more information about extended device groups, see Creating Extended Device Groups. 
4. In the Parent ID field, NetMRI automatically sets the ID of the parent group.
5. Enter a Name for the new child group. The group name is shown in all group-related displays and reports, so the group name should be meaningful without being too long.
6. Enter a Membership Criteria regular expression. For more information, see Understanding Device Group Membership Criteria. 
7. Click Save & Close or Save & New.

...

1. Click the Settings icon > Setup > Collection and Groups > Groups.
2. Click Add to create a top-level, sibling, or child extended group.
3. In the Parent ID field, NetMRI automatically sets the ID of the parent group. It is "0" for a top-level or sibling group.
4. Enter a Name for the group. The group name is shown in all group-related displays and reports, so the group name should be meaningful without being too long.

5. Define a Membership Criteria regular expression.

   Note
   title Note
   Infoblox recommends using regular expressions for refining the membership in device groups. The topic Understanding Device Group Membership Criteria provides the information you need to understand and define regular expressions for device groups.

   If you want the

   
   

6. If you want the device group to include collections of discovered non-network devices, select Include non-network devices. Leaving this setting unselected prevents non-network devices from occupying valuable licensing space.
7. Next to Type, click Extended.
8. Rank: Displays the Ranking value as the default sort order. For more information, see Ranking Device Groups. Ranking value is used as the default sort order for all group-related tables, with the highest rank shown first. Rank is also used to determine the individual device settings controlling processing for each device.

9. Polling Frequency: Allows you to slow down or speed up the device polling frequency. 

10. For Switch Port data Collection, choose from the following:

    • Use Global Settings: Select this to enable the device group to inherit global settings for switch port data collections. To find the global settings, click the Settings icon > Setup > Collection and Groups > Global > Switch Port Management.
    • Specify Polling Interval: Overrides the global polling interval with a custom polling interval for the current device group. You can define an interval of 1-60 Minutes or 1-24 Hours in the fields that appear.
    • Specify Schedule: Overrides the global scheduled polling setting with a custom schedule for the current device group. Existing schedules may appear in the list or, click Add New Schedule to create a new polling schedule instance. Choose a Recurrence Pattern of Once, Hourly, Daily, Weekly, or Monthly. In all cases, you must choose an Execution Time and select at least one day of the week check box.
    • Poll Now: Click to execute switch port polling on the device group right after it is created.

    • Disable: Completely disables switch port polling for the device group. The polling frequency modifier described in the previous step does not affect settings for switch port data collection frequency.

11. Activate the processing options for the new Extended extended group:
    • Collect performance and environmental data Enable or disable device performance and environmental information for all member devices in the group. 
    • CLI polling in privileged mode: Enable or disable CLI polling in privileged exec mode for the device group. You can override this setting for individual devices in the Device Viewer.
    • Probe for open ports: If enabled, TCP and UDP ports listed at Settings icon > Setup section > Port List are probed to determine whether they are open.
    • Analyze device using fingerprinting: If enabled, fingerprinting attempts to identify each device based on the response characteristics of the TCP stack being used.
    • Probe for NetBIOS name: Setting to enable NetMRI to collect the NetBIOS names for endpoint device members in the device group. It is globally disabled by default to prevent unexpected scanning of the network by a new Operations Center Collector.
    • Analyze for Issues: NetMRI evaluates over 250 discrete Issues, plus custom Issues defined by the admin user. Issues are discovered and reported by NetMRI based on globally set schedules. Disabling this feature for a device group disallows the group from being selectable in the Device Group Selector panel in the main Network Analysis –> Issues page. 
    • Test for default credentials: Allows NetMRI to test all devices in the group for the presence of vendor default SNMP credentials, which are a potential element for security breaches, but are also used for assistance in collecting device configurations. Credential default testing is also a compliance measure.
    • Collect config files: When enabled, this check box allows NetMRI to collect all present configuration files for devices in the device group. To participate in the Configuration Management feature set, which allows you to view and compare differences between running-config and saved-config configuration files, edit, and manage config files on devices. 
    • Regard configurations as 'Locked': Disallows editing of any collection configuration files for members of the device group.
    • Allow script execution: Allows the execution of Perl and CCS scripts on member devices.
    • Refresh device caches before collecting switch port data: Check box to enable refreshing of ARP caches on switches and switch-routers in the managed network before NetMRI performs polling of switch ports.
      Enabling this feature will not produce an automatic ping sweep of the managed network. The benefit of this feature is that it enables more accurate detection of all endpoint devices on switches. Without ARP refresh, some endpoint devices may not be detected. This feature is globally disabled by default. With this setting globally enabled, individual device groups can also be set to enable or disable this feature.
      For more detailed descriptions of these options, see Global –> Network Polling and Config Management.

...

1. Select the Enable Discovery Blackout check box and click its Scheduling icon. The scheduling options appear

...

1. :
   1. In the Recurrence Pattern dropdown, choose how often you want to execute the blackout period. You can select Once, Daily, Weekly, or Monthly.
2. If you choose Once:
Choose
3. 1. Based on the duration you select, choose an Execution Time from the drop-down list.
   2. Enter the date of the blackout, in the Day_of_ field.
Specify
4. 1.  Specify the Duration: 10 or more
Minutes
5. 1. minutes,
Hours
6. 1. hours, or
Days.

c. If you choose Daily, click either Every Day or Every Weekday:

1. • • Choose an Execution Time from the drop-down list.
     • Specify the Duration: 10 or more Minutes, Hours, or Days.

d. If you choose Weekly, complete the following:

1. Choose an Execution Time from the drop-down list.
2. 1. days.
   2. Check the check boxes for one or more days from Sunday through Saturday.
3. Specify the Duration: 10 or more Minutes, Hours, or Days.

e. If you choose Monthly, complete the following:

Choose an Execution Time from the drop-down list.
1. 1. (If you choose Weekly)
   2. Schedule the day of the month: A discovery blackout can be executed monthly on a specific day, or blackout instances can be executed more than one month apart on a specific day, in the Day of every month(s) field.
2. Specify the Duration: 10 or more Minutes, Hours, or Days.
3. 1.  (If you choose Monthly)

13. If necessary, select the Enable Change Blackout check box and click its Scheduling icon. The scheduling options appear. Follow steps 12a through 12e to define the change blackout schedule.

...

Device Groups also determine how its member devices will be interacted with by NetMRI. For example, if SNMP Collection or Config Collection are disabled for the highest ranking group containing a given device, then no SNMP data collection or Configuration file collection is performed for that device (beyond the initial collection needed to detect its existence). You use the same processes and settings to define Interface Groups (described in Creating Interface Groups.) The . The process for Device Groups is straightforward.

...