NetMRI uses the concept of Issues to quantify and report problems and events across the network.

Note: The main Network Analysis –> Issues page provides both the Network Scorecard and the Select Device Groups list. To quickly narrow down possible sources of the largest numbers of Issues, simply click a device group in the page. The Scorecard and the Issues table refresh to show only the Issues contents for the chosen device group. As an example, one device group, such as Network Management, might have an Overall Score of 10.0, indicating no problems, while the Routing device group might have an Overall Score of 8.8, indicating a substantial number of Issues in that layer of the network.

The system classifies Issues in three severity levels, along with a fourth scripting-related classification:

• Errors are important Issues that may affect the smooth operation of the network. Generally, such Issues are clear signs that something is wrong.
• Warnings are intermediate level problems that should be addressed after the errors have been corrected. A warning may not be a real problem, depending on the design and operation of the network.
• Info Issues are provided for information, and typically alert you to minor things that may or may not indicate a problem.
• CCS issues are directly related to the execution of a CCS script. CCS uses the Issues page for notification after a script executes; an example is Invalid User Account, which lists the non-Admin user accounts for a selected device or device group.

Issues are so important in NetMRI that a specific administrator user account is defined to manage them. For information, see Understanding Users and Roles.
The Issues pages are probably the most frequently used of all NetMRI features, designed to quickly and conveniently monitor the overall health of the network. In the Network Analysis –> Issues tab, the Network Scorecard shows the results of the daily analysis process and all issues generated for the latest time period. Issues can also be filtered.

Note: NetMRI evaluates over 250 discrete Issues, plus custom Issues defined by the admin user. You can find a description of all Issues supported by NetMRI by opening the Comprehensive Issue List under Additional Documentation in online Help. Issues are listed alphabetically.

NetMRI performs analysis of collected data during specified periods or in real-time. For issues processed during an analysis period, the system analyzes all network data collected since the last analysis process, looking for anything that might indicate an issue. For real-time analysis, NetMRI checks for issues while it collects data from the device. If an issue is found, it is raised immediately. As a result of analysis activity, NetMRI generates a collection of issues that summarize the type of problem discovered and all the devices or interfaces associated with that issue. Issues are automatically closed every night just before the new analysis processing is performed. If the same problem persists, NetMRI generates a new issue.

Issues and the Network Scorecard

Note: The Network Scorecard appears in both the Dashboard and in the Network Analysis –> Issues page.

The Network Scorecard (Network Analysis tab –> Issues tab) provides a high-level performance metric for the managed network. NetMRI measures the network's daily stability and correctness and calculates the normalized Scorecard value based on a statistical analysis of all issues discovered for that day. Counts of the three primary Issue types (Info, Warning and Error) also are shown.
The Network Scorecard shows the scorecard value for the current day, and a two-color graph showing the stability and correctness values over the selected time period, which by default is the last day's measurement.
Stability and correctness values are two data sets that cumulatively add up to the Overall Score in the Scorecard. Each data set has a maximum value of 5.0.
Stability issues are caused by events such as excessive spanning tree topology changes, unstable links, congestion and excessive CPU/memory utilization. Correctness issues are derived from configuration or design errors such as duplicate VLAN ID/name pairs or inconsistent routing protocol timers. Stability and correctness are measured across a variety of functional areas of the network.
The Network Scorecard table shows correctness and stability values by component area (hover over an indicator rectangle to see the numerical values). Stability and correctness "penalties" associated with each issue depend on the type and severity of the issue. Stability and correctness penalties for all components of the network combine to create the overall Network Scorecard value, expressed as the Overall Score in the upper right corner of the Scorecard.

Note: Select a device group in the right pane of the Issues page; the Network Scorecard adjusts to show the score and the Issues for that device group.

The value in the Network Scorecard indicates trends, for the entire network, for a selected device group or for one of nine distinct Issue types. To make historical comparisons, the scorecard value is plotted in the Scorecard History chart. The scorecard value varies somewhat from day to day, but the desired trend over time should be rising, not falling. After two or three weeks of operation, the variability of the scorecard value should become evident.

Viewing the Issue List

The Issues page provides several different views based on the type of data you wish to view. Click the down-arrow menu for Issues and select from Issues by Type with Scorecard, Issues by Type, Issues by Device with Historic Chart, or Issues by Device. The Issues by Type page displays the currently active Issues list in a table sorted by priority — Errors, Warnings and then Info. Issues by Device is helpful when you want to isolate issues appearing on a specific device.

The Issues by Device with Historic Chart view provides an adjustable view of Issue trends for any selected device group. The time period resides on the horizontal X axis, and the measurement, in number of issues, is on the vertical Y axis. Click the Time Selector drop-down menu to change the X-axis time period for the Historic chart.

The Historic chart displays up to four data sets: Adds, indicating the quantity of new Issues for each time period, Same, indicating Issues the time period that remain from the preceding time period; Cleared, indicating Issues that have been cleared from the system due to administrative remediation or other causes; and Suppressed, which shows the relative quantity of Issues that have been suppressed due to admin configuration of Issues that may be deemed to produce excessive notifications in each time period. Issue counts for each time increment appear as stacked bars in the chart. Move the mouse over any colored bar section to view the count for that Issue type.
To see a longer description of any issue, hover over the hyperlink in the Title column. Columns that are displayed by default include the following:

Data columns that can be chosen for the Issues display but that are hidden by default include the following:

The data set shown in the Issues page can be filtered in the following ways:

• Clicking one of the nine Component links at the bottom of the Scorec ard;
• Clicking the Filters button at the top right of the Issues list, and choosing the columns and values to match against;
• Click the Display button and choose one of the drop-down menu options: All, Current, New, Cleared or Suppressed;
• Use the Search box at the top left of the Issues table to search for a characteristic phrase or word that appears as part of an issue title.

Other methods for filtering and reorganizing Issues data are discussed in Using the Issue Viewer.
The Device Viewer also provides a substantial Issues page, which reports Issues specifically for a single device. See Viewing Device Issues, Configurations and Changes for more information.

Viewing Issue Summaries

Note: In the main Issues page (Network Analysis –> Issues), click the Issue link in the Title column. The Issue Viewer appears in a separate browser window. Consider that the data fields displayed for the Issue Viewer will provide more detail for an individual Issue then the main page.

The Issues page (Network Analysis tab –> Performance tab –> History section –> Issues) summarizes the number and severity of issues, and shows historical trends over the last 30 days. The Issue Summary panel shows the total count of Error, Warning and Info issues for the current day, and the change in counts from the previous day. The Issue Diff Summary panel breaks down issues by change type (adds, same, drops). Generally, most networks will have at least a couple of issues generated each day.

• The Issue Summary table lists the total number of issues by severity for the reporting period, and differences from the previous reporting period. The Issue History chart shows the number of issues for the 30 days before the selected date.
• The Issue Diff Summary table shows the number of differences by difference type for the reporting period, and the difference from the previous reporting period. The Issue Diff History chart shows the number of differences for the 30 days before the selected date.

Click the export CSV icon at the top left of the Issues table to open the current Issues list in a spreadsheet-formatted file.

Viewing Details of an Issue

View an issue's details by clicking the issue title hyperlink. The Issues Viewer opens in a separate browser window, which lists the network components affected by the issue along with any relevant details. (Many Issue details appear in this window that do not appear in the main Issue table or in summaries.) You use the Issue Viewer toolbar to suppress or unsuppress an Issue; schedule a job to address an Issue type; send an email summary; and other operations.
Click a component's IP address hyperlink to open the corresponding Device Viewer for that network component.
The Issue Viewer provides a History chart for the specific issue instance, indicating the number of components affected by the issue over the past 30 days. (The chart measurement timeline can be adjusted to the standard Daily, Weekly, Monthly, 7-Day and 30-Day increments. Click the Time Selector drop-down menu to change the X-axis time period for the Issue Viewer. (Similar Issue information is also found for individual devices, under Device Viewer –> Network Analysis –> Issues.) The History chart is useful for determining how often this issue occurs and how much of the network is affected.
Issue details include how the issue has changed since the last run:

• Adds: new instances of the issue, discovered by NetMRI.
• Same: instances still present since the last NetMRI polling cycle.
• Drops: instances no longer present, determined as such during the last NetMRI polling cycle.
• Suppressed: instances that are suppressed, presumably to prevent excessive Issue notifications from display in the user interface.

See Using the Issue Viewer for more instructions on working in this window.

Defining Issue Thresholds

You can control the thresholds NetMRI uses on certain device and interface related issues. Through the use of Device Groups and Interface Groups, you can modify the thresholds for any one of these issues to control when the issue is raised. This capability means th at the same issue can be raised for different devices, but each device can have a different threshold for the issue.

Note: Specific Issue types can be set to fire only on specific device groups and on specific interface groups.

Set thresholds using the Criteria property available in the Settings icon –> Issue Analysis –> Issue Group Settings –> Device Groups side tab and Interface Groups side tab.
Click the Comprehensive Issue List under Additional Documentation in online Help for more detailed Issue listings to assist in decisions on which issues to isolate to specific device groups or interface groups.

Managing Issue Notification s

Issues generated by NetMRI are strong indicators of potential serious problems with the network. As such, you may want to be informed whenever certain issues are generated. The Issue Notification feature is provided for such purposes, allowing you to request one or more notifications to be sent via various protocols to various destinations. All notification messages can be fully customized and multiple delivery protocols are supported.
Issue notifications are listed and created, in the Settings icon –> Notifications section –> Subscriptions page. Notifications can be sent in one of three ways:

• E-mail. E-mail notifications can be sent to one or more network personnel.
• Syslog message. Syslog messages enable integration with other network management tools, and allow NetMRI issues to be logged with other network activities. A syslog notification is a single formatted text line sent to a syslog server using UDP (usually to port 514).
• SNMP traps. SNMP notifications are sent as SNMP traps, which are fixed formatted SNMP messages defined by a corresponding SNMP MIB. In this case, the MIB defines the format of the notification trap because NetMRI is generating the trap.

The Settings icon –> Notifications section –> Defaults page enables users with appropriate privileges to define the settings used for all new notifications. Generally, the formatting defaults provided by NetMRI are sufficient, but the default servers and destinations are network-specific.

Note: A valid SMTP Server name or IP address must be entered before anyone can create an e-mail notification.
Further, the SMTP Server must be configured to accept incoming e-mail messages from NetMRI for them to be relayed to the appropriate destinations.

Using the Issue View er

The Issue Viewer appears in a new window when you click any issue hyperlink. By default, the Issue Viewer displays all issues of the selected type in a table, that occur across all NetMRI-managed devices. You can also filter the issue instances that appear in this window. Below the table, two important tabs appear.
The History tab provides a chart showing recent activity for the issue. The Issue Viewer is not device-specific: it is Issue-specific, which means that all devices that exhibit the issue may be listed in the Viewer, in the Components Affected by Issue table. (The instance shown to the left lists a single device, but this will not be the case for many Issue instances.) Devices are listed by their IP address and device name. The Issue Viewer's Components Affected by Issue table also shows a set of data columns crafted to match data reporting for the specific Issue.
History displays the stacked bar chart showing the four data sets Adds, showing new instances of the specific Viewer issue, Same, reflecting issue instances still present since their first appearance; Drops, instances no longer present and Suppressed, instances that are suppressed. The time span for the History chart can be adjusted as for other chart instances.
The Description tab explains the issue. The Description is taken from the Comprehensive Issue List. To filter issues displayed in the Issue Viewer:
From the In list (in the page header), select the Device Group. All instances of the specific Issue across all related devices in the Group will be listed in the Issue Viewer.

Note: In the following instructions, you can check multiple check boxes to simultaneously perform the action on multiple devices.

To filter the issue instances table by activity type, do the following:

1. Open the Display menu (above the column headers).
2. In the drop-down menu, click the activity type you want to see in the table. Choices include:
   • All displays all instances during the selected time period. For example, if a device goes down, then comes back up, then fails again, All shows both Device Down instances (Current, on the other hand, would only show a single Device Down instance).
   • Current (default) displays all issue instances open for today, or all issue instances open at the end of a given time period if before today.
   • New displays all new instances during the selected time period.
   • Cleared displays all instances that have cleared instances during the selected time period.
   • Suppressed displays all Issue instances that have been suppressed during the selected time period.

To suppress an issue type for a device: click the check box for that device, then click Suppress Issues below the table.
To unsuppress an issue type for a device: Uncheck the check box for that device, then click Unsuppress Issues below the table.

Note: Some Issues may be suppressed according to organization policy. For example, NetMRI automatically reports the OSPF Authentication Disabled issue when appropriate. Some organizations may choose not to run authentication on particular dynamic routing protocols such as OSPF. In such cases, issue suppression is warranted. In other cases, you may see frequent warnings for particular events that are deemed trivial, and wish to prevent most instances from appearing. Also see Performing Issue Suppression.

To schedule a job (i.e., run a script) for a device, do the following:

1. Click the check box for the device.
2. Click Schedule Job below the table. The Edit Job dialog appears.
3. Enter a Job Name.
4. Select a Script Name.
5. (Optional) Enter a Description.
6. Click Edit Schedule..., then specify the job schedule.
7. To run the job against other devices or device groups: Click the Edit Groups/Devices... button, then select other devices and/or device groups.
8. Click Save. (The job is listed at Config Management–>Job Management–>Job History tab.)

To execute a command or commands on a device, do the following:

1. Click the check box for the device.
2. Click Execute Command below the table.
3. In the Run Configuration Command Script dialog, enter one or more valid configuration commands.
4. Click OK.

To send a notification about this issue: click the Notifications button.

Note: You can automate the notification process in the Settings icon –> Notifications section –> Subscriptions page.

Creating Custom Issu es

Note: NetMRI automatically clears all custom Issue instances from the Network Analysis –> Issues page precisely 24 hours after each of the Issues appear, as the result for the executed jobs or scripts run by the administrator. Following the erasure of the Issue instance, the Issue associated with the job will appear again only when the job executes.

Create and manage custom issues from the Config Management tab –> Job Management –> Custom Issues page.
Perl and CCS Scripts can reference custom issues to bring attention to conditions discovered during script processing. Check the Comprehensive Issue List under Additional Documentation in online Help for more detailed Issue listings; it is possible that an Issue already exists for script reporting purposes.
To create a new custom issue, do the following:

1. At the top right of the page, click New. The Add Command Script Issue window opens.
2. Enter a unique Issue ID. Spaces are not permitted within this field. Underline characters are permissible. This value appears in the Issue ID column of the Custom Issues table.
3. Enter a Name for the issue.
4. Enter a Description for the issue. (This text will appear in a pop-up when the cursor hovers over the issue's name where it appears in a table.)
5. Select a Component to which this issue applies.
6. Specify an optional penalty by enabling Correctness and/or Stability. (If enabled, this issue is included in analysis calculations for the specified Component.)
7. In the Detail Columns field, specify the name(s) and type(s) of columns that will appear in the details table for the issue.
   Enter one column name and type per line, delimited by a comma (e.g., Host, integer. Do not insert any spacebar characters between the column name and type, or you will receive an invalid type message from NetMRI). Column names are referenced by the script (via the Issue-Details attribute) to specify the information to include in the details table. Valid types are string and integer.

To copy a custom issue, do the following:

1. In the Actions column, click the icon and choose Copy from the menu.
2. In the Copy Custom Issue dialog, enter a unique custom ID (spaces not permitted) for the copy, then click OK. To edit a custom issue: In the Actions column, click the icon and choose Edit from the menu.

To delete a custom issue: In the Actions column, click the icon and choose Delete from the menu then confirm the deletion.

Adding a Device Viewer Hyperlink to a Custom Issue

1. In the Detail Columns field of the Add Command Script Issue dialog (see above), enter IP Address, string.
2. In the Issue-Details section of the CCS script, add "IP Address" $ipaddress (including the quotation marks). The resulting CCS issue contains the IP address with a hyperlink to the Device Viewer.

Creating Custom Issue Help file s

Custom issue help files provide NetMRI users with organization-specific information for individual issues. All issue help files associated with an issue are accessed via hyperlinks in the See Also section of the Issues Viewer. Multiple help files can be associated with an issue.
Help files can be stored in any format (e.g., .pdf, .doc, .txt, .jpg, etc.) that can be rendered by the web browser. Also, help files can be written in any language supported by NetMRI, enabling the user to view them in the language defined for the console.

Custom Issue Help File Storage

Issue help files are stored in the Backup/IssueHelp directory as a collection of subdirectories, with each subdirectory devoted to a single issue. This allows multiple help files to be associated with each issue, and allows help files to be written in multiple languages.
The subdirectory name associated with each issue consists of the issue title with all non-alphanumeric characters removed. For example, the help files associated with the "Cisco Running Config Not Saved" issue would be stored in the CiscoRunningConfigNotSaved subdirectory, while the help associated with the "Bad Telnet / SSH Password" issue would be stored in the BadTelnetSSHPassword subdirectory.
All the help files stored in the subdirectory associated with a given issue are displayed as hyperlinks in the list. Each hyperlink label is derived from the name of the issue help file it references, and includes any spaces and special symbols.
Issue help file names must conform to the Unix file name convention, which does not allow certain characters, notably "/".

Help File Multi-language Support

Multiple languages are supported for issue help files in two ways:

• Translation of hyperlink labels based on current language, and
• Display of help file based on current language.

This enables help file authors to install different sets of help files for different languages when a system is deployed, while allowing users to choose their preferred language when accessing the system.
By default, the issue help file name is used as the hyperlink label displayed in the Issue Viewer. To display a different hyperlink label, one or more link translation files can be stored in the IssueHelp\LINKS directory. A link translation file maps an issue help file name to a hyperlink label.
Example. Suppose there are two help files associated with the "Cisco Running Config Not Saved" issue:

• 01Information.txt
• 02SavingConfig.doc

The link translation file for English, en_US.txt, contains these entries:

• 01Information=Additional Information About Saved Configurations
• 02SavingConfig=Procedure for Saving Cisco Configuration

The link translation file for Traditional Chinese, zh_TW.txt, contains these entries:

• 01Information=
• 02SavingConfig=

In these examples, the file names are pre-pended by an index number, which specifies the order in which the hyperlinks are displayed in the See Also list.
The link translation files define how the issue help file names should be displayed in the hyperlink labels based on the user's current language selection. NetMRI will automatically use the appropriate link translation file, if one is defined. If NetMRI doesn't find a link translation file, the issue help file name is shown as the hyperlink label.

Note: Even when displaying in English, you may want to define an English link translation file (en_US.txt) so that the hyperlink labels can be specified independently of the file names used.

Issue help files and the issue link translation files in this example are organized in the following manner: NetMRI uses the contents of the zh_TW directory if that is the language selected by the user. If no subdirectory exists for the current language, then the files in the CiscoRunningConfigNotSaved directory are used.

Installing Custom Issue Help Files

The InstallHelpFiles command performs a series of checks to ensure that the issue help directory names are properly formatted, that all link translation files are properly formatted and that there is an entry for each issue help file in the corresponding link translation file.

1. Copy the issue help files into the proper directories in the NetMRI Administrative Shell account. The Administrative account can be accessed using any SSH-based client application, such as WinSSH, WinSCP, PuTTY, etc.
2. Execute the InstallHelpFiles command in the Administrative Shell account. This verifies the correctness of the files, installs them in the NetMRI runtime environment, and restarts the NetMRI server.

After successful installation and server restart, hyperlinks to the help files will automatically appear in all corresponding issue details displays, and the help files are displayed when a user clicks those hyperlinks.

Issue Analysis in NetMRI

Pages in the Issue Analysis section (Settings icon –> Issue Analysis) enable you to cross-check issues for device groups and interface groups, review issue suppression status, adjust reporting threshold values, and suppress issues that NetMRI can safely ignore.

Issue Group Settings

The Issue Group Settings pag e (Settings icon –> Issue Analysis –> Issue Group Settings) shows the relationships between issues, device groups and interface groups. Group settings for Issue reporting or Issue suppression can be organized in three ways: By Issue, By Device Groups and/or By Interface Groups. These three groups are represented in side tabs under Settings icon –> Issue Analysis –> Issue Group Settings.

• By Issue: Issue reporting is organized into functional categories such as Configuration, Devices, Routing and Security. Individual Issues can be singled out within each category in the Group Settings for Issue: pane.

Note: You may need to maximize the Settings window to get a full view of the Group Settings for Issue: pane for individual Issue settings.

• By Device Groups: Issue reporting is organized into the defined Device Groups in the NetMRI system. By default all issue types are associated within all device groups. Suppression of issues within specific groups has some utility here; Many Issue types do not appear on certain device types and do not need to be suppressed.
  Nested device groups will inherit all of the Issue processing settings of their parent. Each nested device group can override its Issue Group settings locally. You may need to pay attention to Issue settings for device groups with highly specific focus, such as suppressing Cisco-specific Issues that are inherited by a device group dedicated to Juniper routers.

• By Interface Groups: Issue reporting is organized per network interface group. As with Device Groups, Issue suppression can be a granular and time-consuming activity.

To determine groups associated with an issue:

1. Click the by Issue side tab.
2. In the Issues panel, expand the tree and choose the issue of interest. Associated groups are listed in the Group Settings for Issue table.
3. To edit a group's settings for that issue: Click Edit for the group.

To determine the issues associated with a group:

1. Click the by Device Groups or by Interface Groups side tab as appropriate.
2. In the left panel, click the group name. Associated issues are listed in the Issue Settings for Group table.
3. To edit an issue's settings for that group: Click Edit for the issue.

Performing Issue Suppressio n

Issue suppression enables users with Issues: Modify Suppression Parameters privileges to indicate which issues should be ignored by NetMRI for purposes of reporting and scorecard generation. Suppressed issues are still analyzed internally (because the associated analysis may be looking for multiple issues), but they are not displayed (by default) or used to compute scorecard values.
Issue suppression status is listed at Settings icon –>Issue Analysis section –>Suppression. The table in this page lists all issues defined in the system, and the analysis and penalties associated with that issue. The check box at the left end of each row indicates suppression status: if checked, the issue is suppressed.
To suppress an issue: Click the check box for that issue. Settings are committed automatically.
To see a full description of an issue and review suppressed instances: Click the hyperlink in the Issue Name column. To view analysis task details: Click the hyperlink in the Analysis Task Name column.

Note: It is possible to suppress all issues, which ensures a perfect score. Infoblox does not recommend this practice. Click the Component column header to sort Issue Names by their respective categories.

Details of Issue Suppress ion

Note: Group-based Issue Suppression settings recognize Device Group priority settings. NetMRI suppresses an Issue for any device if the Issue Suppression is enabled for the highest-ranking device group to which the device belongs. For example, consider a device that belongs to two device groups: Firewalls and Routing. Under Settings–> Issue Analysis–> By Device Groups, you will see that Firewalls is the highest-ranking device group. Should a particular Issue be suppressed in that device group, all devices participating in that group will have that Issue suppressed, regardless of the suppression settings in any lower-ranked device group to which the device(s) belong.

Suppressed issues continue to be analyzed internally (because the associated analysis may be looking for multiple issues) but they are not automatically displayed or used to compute scorecard values.
NetMRI supports two styles of issue suppression: full and partial.

• Fully suppressed issues will not appear in any issue list, nor will they be used in any network or group scorecard calculation. A specific issue can be suppressed in the Settings icon –> Issue Analysis section –> Suppression page.
  Doing so suppresses reporting for that issue throughout the NetMRI system.
• Partially suppressed issues are suppressed on specific devices using check boxes in the Issue Viewer. issues can be partially suppressed through Device Groups and Interface Groups at Settings icon –> Setup section –> Collection and Groups –> Groups tab. For groups, issue instances can be suppressed before issues are even raised for a device or interface, because group settings are dynamic and dictate which issues should be suppressed.

Partially suppressed issues appear in issue lists and are used in all Scorecard calculations containing at least one unsuppressed issue detail. If all issue details are suppressed, then the issue will not appear in issue lists and will not be included in Scorecard calculations.

Partially suppressed issues can be used to temporarily ignore known problems that won’t be fixed for some time, while still tracking the problem. The issue instances are still recorded in the database and can be seen at any time by un-suppressing that instance, at which point it will appear in all past and future issues.

Note: Scorecard values are only computed once, so any issues that are either fully or partially suppressed “at the time the scorecard is generated” are taken into consideration. If an issue is subsequently suppressed, either fully or partially, the old scorecard values will not be retroactively updated.

Introducing Network Explorer

The Network Explorer tab displays everything NetMRI learns about the network. Network Explorer is a good starting point for inspecting the results of a Network Discovery process, viewing the topology of the discovered network, and obtaining information about how the network is behaving in each network segment.

Tabs within Network Explorer offer different ways to examine network data:

• The Inventory tab provides basic information about all active devices, interfaces, operating systems and models in the network, including virtual devices, which are instances of virtual routers, virtual switches and other types that are supported by selected devices from some networked system vendors;
• The Summaries tab lists routes, subnets, VLANs, HSRPs/VRRPs, route targets, network views, VRFs and ports in the network;
• The Topology tab provides an interactive viewer in which you can visually explore your network’s topology and interconnectivity;
• The Discovery tab provides detailed information about NetMRI’s discovery processes, including the ability to affect Discovery settings for individual devices, perform/repeat Discovery on a single device, set licensing for a managed device and remove a device from NetMRI management. (For more information on device-related Discovery functions, see the section Viewing Device Discovery Status and Re-Discovering a Device);
• Switch Port Management is a key feature set for compiling, monitoring and controlling the devices, ports and end hosts throughout an enterprise’s switched Ethernet network. Consult the topics under Switch Port Management for many more details.

Note: If you know exactly what you are seeking, try typing a few characters in the FindIT search box (upper right corner of the main NetMRI page).

Viewing Network Inventory

Note: Network Explorer supports the use of custom data fields for adding additional data to tables of information about network inventory. See Defining and Using Custom Fields for more information.

After Discovery runs its course, the Inventory tab shows the complete list of network devices with which NetMRI successfully communicates. The network Inventory includes the following classifications:

• Devices –The broadest information category, includes five distinct subcategories to allow for more-specific exploration: Infrastructure Devices, Device Components, Connected End Hosts (client systems connected to access ports on switches, for example), Connected IP Phones, and All Devices. Click the View All Virtual Devices link to list all virtual hosts and their respective virtual device contexts in the same table.
   All Devices tables show common elements, including the device IP Address, the Network View to which the device management IP address is associated; the Vendor, Device Name and Device Model;
• Virtual Devices – All network infrastructure devices discovered by NetMRI that possess virtualization capabilities. Each device in this category hosts one or more virtual device contexts, which are virtual machine-based switches, firewalls and routers housed by each virtual host. See Understanding Virtual Device Contexts for more information.
• Interfaces – A listing of all network interfaces, divided into four functional categories: Interface Config, Unused Down Ports, Unused Up Ports, and Recently Changed Ports. See Viewing Network Interfaces for more information.
• OSs – Counts of operating systems and OS versions from all devices discovered and catalogued by NetMRI. See Viewing Network Operating Systems for more information.
• Models – Counts of all hardware models discovered and catalogued by NetMRI. See Viewing Network Device Models for more information.

The Inventory tab (Network Explorer –> Inventory tab) provides basic information about four key categories of network elements managed by NetMRI: devices, interfaces, operating systems and device models discovered in the network. From here, you drill down to features such as the Device Viewer to inspect details about individual devices and their current states.

• To list inventoried items: Click the desired category in the left panel.
• To restrict the center panel table to a specific device group: Click the group name in the Select Device Groups panel (on the right side of the window).

Note: During initial discovery, device counts listed in the Select Device Groups panel may differ from the number of devices displayed in the center table. The table displays real-time data about the discovery process, but the Select Device Groups panel is only updated periodically.

The Devices section lists network devices, device components, connected end hosts and connected IP phones found on the network (“connected” = connected to a device in the selected group).

• To view detailed data for a device: Click the IP address hyperlink in the center panel. The Device Viewer appears, listing any current Issues associated with the selected device.

The Device Viewer is not limited to this information. Seven categories of detailed information are provided by the Device Viewer for the displayed network entity. For more, sees under Inspecting Devices in the Network.

Viewing Date-Based Data Sets

Some Network Explorer –> Inventory pages (Connected End Hosts, Connected IP Phones, Interface Config) provide Date/Period menus that enable flexible measurement and reporting for any device, interface or end host. You can go backwards in time to view data sets for any device, interface or end host phenomena.

Calendar dates shown in Green represent an immediately available data set to display in a Network Explorer –> Inventory table. The most current date in the chosen Inventory page (such as the most recent 7 days for the Daily selection) is always available by default and appears highlighted in green. Older data may require a wait for the user while NetMRI generates the requested data. After generation, the requested date appears in green, indicating the data is available.

Understanding Virtual Device Contexts

Note: NetMRI must have reachability to all virtual device contexts hosted by virtual hosts to discover and catalog them. During data collection for VDCs, NetMRI determines the existence of virtual hosts (the device hosting the virtual contexts–the virtual router, virtual switch or other device context types – via command-line access on Cisco devices and through SNMP on Juniper devices.

NetMRI supports discovery and management of Cisco and Juniper device types that offer virtualization. Similar to servers that run VMware to run multiple instances of operating systems and data services in the same physical host, some Cisco and Juniper device types support multiple instances within the same device, each running the complete suite of protocols, configurations and operating system. NetMRI calls these instances virtual device contexts (VDCs). NetMRI detects devices that support virtual device contexts and provides the same management and cataloguing features that apply to conventional switches, routers and firewalls.
The Inventory page –> Virtual Devices menu item provides a list of all VDC–supporting devices that are discovered and catalogued by NetMRI. It displays the following values:
IP Address: the IP for the virtual device;
Device Name: The name detected for the virtual device;
Collector (for OC systems only): the Collector appliance in the Operations Center that detected and manages the virtual device;
Network View: the network view for which the detected virtual device is a member.
Each individual virtual device context appears in the Device Viewer, in the Network Explorer –> Inventory page, and in other locations of the NetMRI UI. NetMRI treats virtual device contexts identically to conventional routers, switches and firewall appliances, including the ability to send commands, schedule and execute jobs, display running configurations, view change histories and issues reported from the virtual device, apply compliance policies, run traces and SNMP walks, and many other operations.
NetMRI supports detection and management of the follow ing virtual device context-provisioning devices:

• Cisco Nexus 7000 Series multiservice switches (NX-OS);
• Cisco Pix 525, 535 Security Appliances (Cisco 8.0 and up);
• Cisco ASA 5500 Series Security Appliances;
• Cisco ACE load balancers;
• Juniper M5/M10 Routers (JunOS 10.0 and up).

Note: Click the View All Virtual Devices link at the top of the Virtual Devices list to display the virtual hosts and all of their associated virtual device contexts in the Inventory.

By default, the Virtual Devices list shows the IP Address for each virtual host, their provisioned Device Name and the Count of virtual device contexts for each Virtual Host managed by NetMRI. Click the IP address for any item in the Virtual devices list and the list of virtual device instances appears in the right pane.
The Virtual Host Details pane describes the basic information for the router, switch or firewall that is hosting the virtual device contexts, including its Network View, MAC Address ID, Model, assigned device name, OS version, the device type (Firewall, Switch, Router) and Context Name if any.
The Virtual Host Details pane also shows the context list, which are the actual virtual routers or other instance types that are being run by the hosting system. Each context is shown by its assigned IP address.
The pane also lists its assigned Device Name for each context (separately defined from the name of the hosting device) and the associated Context Name.
Click any IP address in the table and the Device Viewer popup window appears for that virtual device context.
You can also right-click on any virtual device instance to display the shortcut menu. Open the Device Viewer for any context, open the Config Explorer, view the current running configuration for the context, open its associated Issues List, execute a command, select a Telnet or SSH command-line session, and other operations.
Check the Virtual Asset Inventory report (under Reports –> Standard Reports) for more information on the virtual hosts and their respective VDCs.
Virtual Hosts can act as a proxy for access. If NetMRI is unable to connect to a Virtual Device directly, or the credentials are not known, NetMRI attempts to access the Virtual Device via the Virtual Host. CLI-based operations against a Virtual Device can be successful when connectivity is blocked to the Virtual Device, but not blocked to the Virtual Host. CLI operations include Job execution, Config Collection and in-browser CLI connections.

Topology Maps and Virtual Device Contexts

The network topologies for virtual hosts (i.e. the Cisco Nexus 7000 switch, Cisco ASA firewall, Juniper router, etc.) will often bear no connectivity relationship or topology resemblance to the network topologies for the virtual device contexts maintained by the virtual host.
Cisco's ASA firewalls use the term "Admin Context" to describe a top-level container that can run one or more virtual devices (VDCs). The ASA firewall's Admin Context is termed a virtual host in the NetMRI system, and it provides the management interfaces (SSH or Telnet) into the more-detailed virtual devices. (An ASA firewall can run more than one Admin Context/Virtual Host.)
The Cisco ASA uses the term "Customer Context" as a label for all virtual firewalls with their own discrete configurations and allocated interfaces. These entities are labeled as Virtual Device Contexts in the NetMRI system. These virtual "devices" support their own distinct topologies that can differ significantly from the hosting ASA firewall.
You can use the Topology Viewer (Network Explorer –> Topology) to look at the links between the Virtual Hosts and other devices in the network. Drilling further down, you use the Topology Viewer to examine the network linkages for the virtual device contexts themselves. Their topologies will often bear no relationship to the topologies of the virtual hosts upon which they are running. See Using the Topology Viewer for more information.

Viewing Network Interfaces

The Interfaces page (Network Explorer –> Inventory –> Interfaces) lists interfaces found on the network, and provides configuration data for each. All interface table can show associated information including IP configuration, associated device name, VRF Name (if any), VLAN and trunking status, line speed (where applicable), and a Network View column.

• Interface Config: shows all interfaces being tracked by the appliance.
• Unused Down Ports: All interfaces marked administratively "down" (user configured as "off") and operationally "down" (not physically connected). This helps determine whether devices are not needed or if connections can be consolidated to eliminate unneeded hardware. Example: if there is a switch with twelve ports and two allocated, and another switch possessing eight ports with five ports fully allocated, it may be possible to move all the connections on the eight–port switch to the twelve-port switch and then eliminate the eight-port switch.
• Unused Up Ports: All interfaces that are administratively marked "up" and operationally "down." The list can help to quickly identify bad device configurations (unused ports should not be administratively "up"), failed or unplugged network cables, and badly allocated devices.*
• Recently Changed Ports: All interfaces that had status changes within the last hour. On a stable network interface, status should not change often, so the list should small or empty. If there are known connectivity problems, this list helps isolate possible problem sources.

Clicking any link in the Interface column displays the Interface Viewer for the chosen device port, with features for viewing interface settings and performance metrics, and a Settings icon –> Port Control Settings feature for setting an interface to administratively Up or Down, changing a VLAN assignment or rewriting the port description.
Clicking any link in the Network View column opens the Network Viewer window.

• To view detailed data for an interface: Click the interface hyperlink in the center panel. The Interface Viewer appears.

Viewing Network Operating Systems

The OSs section lists operating systems running on devices in the network, including routers, switches, load balancers, Infoblox NIOS systems, and other devices from numerous vendors discovered on the network.

• To list devices running a given operating system: Click the operating system in the left panel. All discovered devices running that particular operating system appear in the right panel of the Inventory page.
• To view detailed data for a device from the OSs page: Click the IP address hyperlink in the center panel. The Device Viewer appears, listing any current Issues associated with the selected device.

The Device Viewer is not limited to this information. Seven categories of detailed information are provided by the Device Viewer for the displayed network entity. For more, see Inspecting Devices in the Network.

Viewing Network Device Models

The Models section lists model names of devices in the network.

• To list devices of a given model: Click the model name in the left panel.
• To view detailed data for a device from the Models page: Click the IP address hyperlink in the center panel.

The Device Viewer opens, listing any current Issues associated with the selected device.
The Device Viewer is not limited to this information. Seven categories of detailed information are provided by the Device Viewer for the displayed network entity. For more, see Inspecting Devices in the Network.

Summarizing Network Topologies

The Summaries tab (Network Explorer –> Summaries) lists routes, subnets, VLANs, Route Targets, HSRPs/VRRP groups, ports, NIOS grids, network views and VRFs (virtual routing and forwarding instances) in the network.

• To list inventoried items: Click the desired category in the left panel.
• To restrict the center panel table to a specific device group: Click the group name in the Select Device Groups panel (on the right side of the window).
• To view details about any item in the left panel: Click the row for that item. Details appear in the center panel.

Summarizing Network Routes and Subnets

Note: Click the View All Routes link to list all VLANs in the center pane. Then apply a filter, such as an IP address, to isolate them for a device. This effectively allows you to view the routing table for a device in NetMRI.

The Routes section lists routes reported by all devices in the network, from each of their interfaces, during the last network polling cycle by NetMRI. Routes are listed by the protocol (proto), the route's IP, the VRF Name containing the interface and its VRF route distinguisher; and the Count, which is the number of devices reporting that particular route during the last polling period. All IPv4 and IPv6 routes are listed for all router and switch-router devices.

• To list devices comprising the route: Click a route in the left panel. The center panel refreshes to show the device reporting the route, the route's interface from which it was reported, the Network View for the management IP of the device reporting the route, and the route's Next Hop. The list also shows each device's Route Distinguisher. This feature can be helpful in tracing a path, and can be helpful with Path Analysis.
• To view detailed data for a device: Click the IP address hyperlink in the center panel. The Device Viewer opens.

The Subnets section lists subnets found in the network, and the Network View for the management IP of the device reporting the subnets, and its VRF Name (if any). The list of subnets is compiled from all router and switch-router devices discovered and catalogued by NetMRI, including any virtual device contexts (VDC).

• For subnets, the Count is the number of devices discovered as part of the subnet during the last polling period.
• To list all devices in the subnet: Click a subnet in the left panel.
• To view detailed data for any device in a subnet: Click the IP address hyperlink in the right pane. The Device Viewer opens. listing any current Issues associated with the selected device.

The Device Viewer is not limited to this information. Seven categories of detailed information are provided by the Device Viewer for the displayed network entity. For more, see Inspecting Devices in the Network.

Summarizing VLANs, Ports, Virtual Groups and NIOS Grids

Note: Click the View All VLANs link to list all VLANs in the center pane. Then apply a filter to isolate them for a device. Similar links are used for the Ports and NIOS Grids accordions.

The VLANs section lists VLANs found in the network.

• To list devices supporting a VLAN: Click a VLAN name in the left panel. The VLAN Viewer appears, listing the devices by IP address that are associated with the VLAN.
  The main page also displays the VLAN Root Details listing for the selected VLAN, and the table of devices associated with the VLAN, listing by IP address. (Clicking an IP address in the VLANs table also brings up the Device Viewer.)
• Also check the Topology Viewer (Network Explorer–>Topology) to see a graphic presentation of the VLAN path.

Note: Reserved VLANs are not displayed. They are included in the API.

The Ports section lists ports found in the network. This table is a superset of all the ports listed in the Switch Port Manager page; if your license is active only for Switch Port Manager, the switch ports discovered and polled by NetMRI are the only ports listed here.

• To list devices using a given port number: Click the port number in the left panel.

The NIOS Grids section lists any Infoblox NIOS Grid Masters found in the network.

• To list a Grid Master's members: Click the Grid Master in the left panel. All associated Grid member appliances appear in the center panel.

Summarizing HSRP/VRRP Groups

You can list all HSRP/VRRP Groups managed by NetMRI, or the HSRP/VRRP groups that are associated with a particular device group.
The HSRPs/VRRPGroups section lists Hot Standby Router Protocol (HSRP) groups and Virtual Router Redundancy Protocol (VRRP) groups found in the network, starting with the VirtualIP address of the group. Types are labeled in the Type column as HSRP or VRRP. The protocols are used for fault-tolerant default gateway configuration across two or more devices in case the primary gateway router becomes inaccessible.

•  To view details for an HSRP or VRRP: Click a group in the left panel. The corresponding viewer opens in a popup window. The devices participating in the group are listed in the viewer.

Summarizing Route Targets

Note: Click the View All Route Targets link to list all route targets in the center panel. Then apply a filter to isolate them for a device or a network view.

VRFs use route targets to specify how routes will be shared between different VRF networks. The typical format of a Route Target is two numeric values separated by colons, for example:

27000:100

The Route Targets summary in the left panel shows the list of Import and Export route targets that are defined in VRF-aware devices in the managed networks. The VRF RD (route distinguisher) values are listed in a separate column, and you can click on the link for each VRF's network view, which opens the Network Viewer window. This window also lists all devices forming the VRF network.
Selecting a route target causes the center panel to display all the instances where it is being used, along with details of the device and the VRF. This is helpful to understand how VRFs and particularly VRF-Lite are configured across the network.

Summarizing Network Views

To view the complete list of network views, click the View all Network Views link at the top of the list. You can list all network views containing networks managed by NetMRI, or the network views that are associated with a particular device group. Each network view listed in the left panel provides a link to the Network View window.
The Count value indicates the number of interfaces sharing the same network view. Each instance is differentiated by the interface name.
If you have a significant number of network views, you can apply a filter by clicking the Filters button at the top of the table, choosing the Network View option from the Select a New Field selector, and entering the name of the network view.
Network Views represent each network that is managed and monitored by NetMRI. For more information about network views and how to use and configure them, see Configuring Network Views and its subsections.

Summarizing VRFs

After virtual routing and forwarding (VRF) networks are discovered and mapped to network views, you can use the VRFs summary to view the complete list of VRF instances throughout the managed network. You can sort the VRF information by any data column to see the relationships between VRF instances in virtual networks.
To view the complete list of VRF instances, click the View all VRFs link at the top of the list. By default, the VRFs are listed by VRF name. Data columns include the following:
VRF Name: displays the name of the VRF instance;
VRF Description: Displays a description if the VRF instance is configured with a description on the device;
Route Distinguisher: VRFs use route distinguishers to distinguish one set of routes (one VRF) from another. The route distinguisher is a unique number pre-pended to each route within a VRF to identify it as belonging to that particular VRF. The discovered route distinguisher value is listed here if a virtual network instance uses this value. (For related information, see Summarizing Route Targets.)
Device Name: the discovered name of the device hosting the VRF instance;
IP Address: The IP address of the managed VRF-hosting device. This value is a hotlink to the Device Viewer.
Network View: The network view of the managed VRF-hosting device. This value is a hotlink to the Network Viewer window.
VRF Network View: The network view to which the VRF is assigned. This value is a hotlink to the Network Viewer window. Note that this value may differ from the Network View identifier.
If you have a significant number of virtual routing and forwarding networks, you can apply a filter by clicking the Filters button at the top of the table, choosing the VRF Name option from the Select a New Field selector, and entering the name of the VRF. You can also filter by network view in the same way, or combine the two filters to isolate all VRF instances in a specific network view.

Using the Topology Viewer

Note: Infoblox also provides a separate soft ware utility to export NetMRI topology maps of all types to Microsoft Visio-compatible graphics files for editing and printing. This utility, the Topology Visio Export Tool, works with all six of the topology views from NetMRI.

The Topology Viewer (Network Explorer –> Topology) enables you to visualize the network from several viewpoints:

• The global Network View, where you can view different parts of the network based on the network type: the aggregate, which shows all active links of every type; Link Discovery Protocols, Serial Links and Switch Forwarding, which shows only Ethernet-switched connections throughout the network;
• The L2 nHop Network Topology, showing the Layer 2 switching paths of the network;
• The L3 nHop Network Topology, showing the Layer 3 switching/routing paths of the network;
• The L2/L3 Most Likely Path Network Topology, indicating the spanning tree paths preferred by switched network traffic in the network;
• The L3 Most Likely Path Network Topology, indicating the routed paths preferred by most packet flows in the network;
• The VLAN Network Topology, mapping the paths of VLANs throughout the network;
• Path Analysis (see Performing Path Analysis), enabling L3 path visualization across the enterprise or wide-area network.

Note: Most Likely Path and Path Analysis options require the selection of a source network view.

Search, CSV Export and Refresh Grid tools appear for all lists in the left pane of the Topology page. The Search feature allows contextual search from within any list for an IP address or a string of characters within the specific list of polled information. CSV Export enables exporting the current tabular list to a tab-delimited data file suitable for opening in Microsoft Excel^TM. You can also refresh any list by clicking the Refresh Grid tool. If changes occur after a refresh, the topology will redraw.
In all topology types (L2 nHop Network Topology, L3 nHop Network Topology, and so on) clicking on a device in the left-pane list displays a Hop Count selector. This selector changes its fields based on the protocol. (The figure to the left shows an L3 n Hop selector, in which you can choose a Hop Count from 1 to 4, and the protocol to view. The protocol you choose may or may not be active for the current device.
The Hop Count selector does not apply to the Path Analysis feature.
After you generate a graph, follow the topics below to change and enhance the graph.
Devices of different types appear differently in the View. Firewalls and virtual hosts such as Cisco ASA security devices and Nexus switches will show different icons.

Using Refine View

The Refine View tool is handy for narrowing down the possibilities for path tracing, and for avoiding errors when attempting a possibly lengthy path analysis operation.
First, consider that Path Analysis is a L3 tracing feature. Before you perform any path analysis, click on Network Explorer –> Topology –> Network accordion menu –> Aggregate and click the Refine View button.
The Edit View dialog appears, displaying the Device Group tab.
Hover the mouse over the Action icon for the device group that you want to use as the basis for your path analysis. Choose Select Blue or Select Yellow from the Actions pop-up menu. The color for the Group appears under the Selections column. Click OK, and the Topology map redraws to add color markers to all devices in the map corresponding to the chosen device group. Apply colors to different device groups to help in a broader search across a large network.
Other tabs that you can use to outline parts of the network topology include the following:
VLAN – Select a VLAN form this tab, associate a color with it, and you can outline the path of a L3 switched VLAN in the network;
Network View – Select a network view from this tab, associate a color with it, and all devices participating in the network view will be labeled;
Issues – Enable the Show All Issues check box to show all devices in the network that are currently sustaining issues. Hover the mouse over the device icon to see an Issues Seen summary;
Change – Enable a checkbox, Show All Changes, to change the topology map to show an icon next to all devices that have sustained recent configuration changes. Hover the mouse over the Change icon to see a Changes Seen summary;
Policy – Enable a checkbox, Show All Policy Violations, to change the topology map to show an icon next to all devices that are currently sustaining policy violations. Hover the mouse over the Policy icon (icons are a green Pass checkmark icon or a Fail "X" icon) to view a summary of the device and its policy information;
By checking for Issues and general network connectivity characteristics, you can more easily choose the source and destination devices for a Path Analysis that have a correct L3 configuration to provide a likelihood of a successful path analysis operation.

Network Views Information in Topologies

The L2 nHop, L3 nHop, L2/L3 Most Likely Path, and L3 Most Likely Path topology menus all support the Network View data point, listing the network views in which each listed device participates. Clicking the link in this column for any device opens the Network Viewer window.

Using the Topology Shortcut Menu

Right-clicking on any device icon on the Topology pane provides a selection of device exploration features. Its contents change based on the selected device.
Device Viewer – Opens the Device Viewer for the chosen device.
Config Explorer – Opens the Device Viewer's Config Explorer page for the chosen device. You can browse the list of configs in the device and edit existing config files.
View Running Config – Displays the currently running configuration for the chosen device in a Configuration Viewer window.
Changes – Opens the Device Viewer's Network Analysis –> Changes page for the chosen device.
Issue List – Opens the Device Viewer's Network Analysis –> Issues page for the chosen device. This page lists all Error, Warning and Info issues for the chosen device.
Policy Compliance – Opens the Device Viewer's Network Analysis –> Policy Compliance page for the chosen device. The current device's status in DISA-standard security and stability levels is outlined here, with links to configuration policy analysis functions from this page;
L2 nHop – Displays the L2 nHop Network Topology in a separate window, showing the Layer 2 switching paths directly associated with the current device.
L3 nHop – Displays the L3 nHop Network Topology map in a separate window, showing the Layer 3 routed switching paths directly associated with the current device.
L2/L3 Path Viewer – Displays the L2/L3 Most Likely Path Network Topology map in a separate window, indicating the VLAN spanning tree paths directly associated with the current device.
L3 Path Viewer – Displays the L3 Most Likely Path Network Topology map in a separate window, indicating the L3 routed paths directly associated with the current device.
Schedule Job – Schedule a job script (CCS or Perl) to run on the chosen device, from the Script Run Now wizard. See Creating and Scheduling Jobs for more information about job scripting.
Execute Command – Opens the Script Run Now wizard, with the Commands to be Executed section active. Type in any configuration command.

Using Different Network Topologies

The Network view list (Network Explorer –> Topology –> Network) shows L2 and L3 network devices and their respective connections, in aggregate or a choice from several individual layer 2 link types.

• To select a network view: In the left panel, open the Network section, then click the view type.

Available network views are:

• Aggregate combines the Link Discovery Protocols, Serial Links and Switch Forwarding views. It gives you a graphical depiction of the entire network discovered and polled by NetMRI.
• Pass the mouse over any device icon in the map. A popup message appears listing the name and basic characteristics of the device represented by that icon.
• Link Discovery Protocols shows L2/L3 devices using Link Layer Discovery Protocol (LLDP) or Cisco Discovery Protocol (CDP), and their interconnections.
• Serial Links shows L2/L3 devices connected by serial links.
• Switch Forwarding shows L2/L3 devices using switch forwarding.

Adjusting the View

You can zoom into and out of the graphic view, resize the graphical view, and enable or disable visual features, such as the legend.

• To show/hide the Graph Overview, which is a thumbnail view of the entire graphical map of the network: choose Menu –> Graph Overview.
• To zoom in: Click ZoomIn, or resize the box in the GraphOverview to make it smaller.
• To zoom out: Click ZoomOut, or resize the box in the GraphOverview to make it larger.
• To fit the graph in the panel: Click the FitContent button.
• To pan the graph: Drag the box in the GraphOverview.

Viewing Data

Various methods are available to view device data in the Topology Viewer:

• To view basic data about a device: Hover the mouse over the device.
• To view detailed data about a device: Click the device. (The Device Viewer opens.)
• To view basic data about the link between two devices: Hover over the link.
• To view issues for a device: Right-click the device, then click Show issues on Device Viewer.... The Device Viewer appears.
• To view a device's configuration file: Right-click the device, then click View Configuration for....
• To generate a new graph with a device as the starting point: Right-click the device, then click Show n Hops (L2) from... Show n Hops (L3) from... Show L2/L3 path starting from... or Show L3 path starting from.

Note: Graph choices depend on what can be viewed from the selected device.

Modifying the Graph

You can change the elements shown in the topology graph in the following ways:

• To restrict devices shown in the graph: Select a device group in the Select Device Groups panel. (This feature is not available for VLAN graphs.)
• To show all devices in the graph: Select All Devices in the Select Device Groups panel.
• To modify the graph in other ways: Click the Refine View button. The Edit View dialog appears, where you can:
  • Show end hosts (by enabling the Show End Hosts option).
  • Color-code members of a device group or VLAN (in the appropriate tab, select a color).
  • Highlight devices having issues, changes and/or policy violations (in the appropriate tab, enable the option).

Printing, Exporting and Changing Topology Views

NetMRI's Topology View provides several tools for manipulating the visual map, including exporting the map as a graphic, printing it, detaching the map into a separate popup window, or refine the current view to show
more-specific parts of the map or filter the view by device group, VLAN or other specification.

• To print the graph: Menu –> Print.
• To export the graph as an image: Menu –> Export as Image. Printing or exporting the graph reproduces the entire graph, not just the portion currently shown.
• To launch a larger view of the current graph in a separate window: Menu –> Detach View.
• To show a legend at the bottom of the screen: Menu –> Legend.

Note: Only items you have chosen in the Refine View will appear on the legend. If you have no options chosen you will not be able to turn on the legend.

L2 nHop Network Topolog y

L2 n Hop (Network Explorer –> Topology –> L2 n Hop) shows devices that can be reached from a selected starting device through a chosen number of Level 2 (actually a hybrid of L1 and L2) connections.

1. In the left panel, click L2 n Hop.
2. In the left panel, click the row containing the starting device.
3. In the L2 n Hop / L2 Reach-ability dialog, select a View (i.e., connection type: CDP, Serial Links, Switch Forwarding or Aggregate).
4. Select a Hop Count (the view will show devices reachable in this number of hops or less).
5. Click OK.

Note: Setting Hop Count to All stops hops at L3 devices.

In the resulting graph, the name of the starting device is highlighted in green. Devices that cannot be reached, or that are farther away than the HopCount are not shown in the resulting view.

• • To modify the graph (View, Hop Count and other factors): Click Refine View above the graph.

Cisco Nexus switches and their virtual device contexts (VDCs) will appear in this View.

L3 nHop Network Topology

L3 n Hop shows all active devices that can be reached from a selected starting device in the network through a chosen number of routed Level 3 connections. In the resulting graph, the name of the starting device is highlighted in green. Devices that cannot be reached, or that are farther away than the Hop Count are not shown in the resulting view. The information conveyed here can be considered a superset of the Path Analysis feature, which shows the preferred L3 routed path from the selected stating device to a defined destination device.

1. In the left panel, click L3 n Hop.
2. In the left panel, click the row containing the starting device.
3. In the L3 n Hop dialog, select a Hop Count and a Protocol.
4. Click OK.

Note: L3 connections are directional; a hop to a neighboring router and back is considered two hops. If you set Hop Count to 1, you won't see any return hops to the starting device.

• • To modify the graph (Hop Count, Protocol and other factors): Click Refine View above the graph.

Juniper M5 and M10 routers that are running virtual device contexts will have their VDCs appear in this list, appearing as any other router.

L2/L3 Most Likely Path Network Topolog y

L2/L3 Most Likely Path shows the most likely path traffic would take between two devices, including both Layer 2 and Layer 3 connectivity.

1. In the left panel, click L2/L3 Most Likely Path.
2. In the left panel, click the row containing the starting device.
3. In the L2/L3 Most Likely Path dialog, select the source network view from the Network View dropdown menu.
4. In the L2/L3 Most Likely Path dialog, select the ending device. Shorten the device list by selecting a Device Group or by entering a search term.

In the resulting graph, the name of the starting device is highlighted in green, and the name of the ending device is highlighted in red.

• • To change the chart view: Click Refine View above the graph. Then, click Edit Address near the top of the dialog. The Address Table appears, listing all interfaces for the chosen destination device. From here, you choose a different IP address on the destination device as the destination for determining a path. By default the destination value is the Management IP address for the chosen device.

L3 Most Likely Path Network Topolog y

L3 Most Likely Path shows the most likely path that routable Layer 3 traffic would take between a source device and a destination device, ignoring Layer 2 connectivity between Layer 3 devices. By default, the

1. In the left panel, click L3 Most Likely Path.
2. In the left panel, click the row containing the starting device.
3. In the L3 Most Likely Path dialog, select the source network view from the Network View dropdown menu.
4. In the L2/L3 Most Likely Path dialog, select the ending device. Shorten the device list by selecting a Device Group or by entering a search term.

In the resulting graph, the name of the starting device is highlighted in green, and the name of the ending device is highlighted in red.

• To change the chart view: Click Refine View above the graph. Then, click Edit Address near the top of the dialog. The Address Table appears, listing all interfaces for the chosen destination device. From here, you choose a different IP address on the destination device as the destination for determining a path. By default the destination value is the Management IP address for the chosen device.

VL AN Network Topology

Note: Only VLANs with a spanning tree root that is managed by NetMRI can be viewed in the appliance.

In the network view menu, VLAN shows the spanning tree that a given VLAN uses on the network.

1. In the left panel, click VLAN.
2. In the left panel, click the VLAN you are interested in.

In the resulting topology chart, the root bridge is displayed at the top and the leaf nodes are displayed below. Active and disabled links are indicated in the chart. The farther the distance from the root bridge, the higher the cost in the L3 VLAN path. All possible connections are shown, including disabled ones. Spanning tree port blocking is indicated by a gray X at the end of a connection. If a port shows an error, it is indicated by a red X.

Note: VLANs can have identical names as long as the root bridge is different.

• • To modify the view: Click the Refine View button above the graph.

VLAN graphs cannot be filtered by device group names in the Select Device Groups panel.

Performing Path Analysis

Path analysis (Network Explorer –> Topology –> Path Analysis) allows tracing a L3 path across a network of any scale, subject only to the restriction that NetMRI must discover and manage both the source and destination devices. The devices forming the endpoints of the path can be any of the following:

• Routers;
• VRF instances inside routers;
• Switch-Routers, including VLANs.

In the Network Explorer pages, you can also use a drag-and-drop interface to define the source and destination values for a Path Analysis.
You can also perform path analysis for multiple paths from the same source location, and you can define the maximum number of calculated paths from a device.
Path Analysis also enables a powerful feature called Start From Device, in which the only value needed for a path trace is the destination IP address or device's FQDN. Then, choose any device in the network to start the path trace.

Note: Path Analysis does not support L3 path traces across protocols that are not directly supported by NetMRI, including MPLS, MPLS-TE and GLBP. In cases where only a partial path can be traced because it terminates in a hop that is an endpoint for one of these protocols, you can use the Start From Device feature to resume the trace from the hop where the MPLS or GLBP tunnel terminates.

NetMRI calculates paths based on collected routing table information, and are determined in the following order:

• Directly connected;
• Longest subnet prefix;
• Administrative distance.

NetMRI does not collect administrative distance from managed devices; when necessary, path calculations rely on the Routing Distance values defined in the NetMRI appliance (see Defining Path Analysis Settings for more information).
You may choose to have NetMRI calculate a path by specifying only a destination device.

To perform a basic Path Analysis, do the following:

1. Open Network Explorer –> Topology.
2. Choose a Device Group from the Select Device Groups menu in the right pane.
3. In the left panel accordion menu, click Path Analysis.
   A blank Topology Viewer panel appears in the center panel, with Source, Source Network View and Destination fields on the top.
4. Enter the Source and Destination values for the two devices whose common path(s) you want to trace. (You can press the Tab key to move between the Source, Destination and the Start button.) As you enter the IP values, NetMRI evaluates the entry to ensure the value is part of the chosen device group. If the value is correct, the device value displays in grey. If either value is incorrect for any reason, you will see an Invalid Source or Invalid Destination tooltip and the field will be outlined in red.
5. Choose the network view for the network you are tracing from the Source Network View dropdown list. If the path is known to be within the globally routed network, select the Network1 network view. If there is only one network view being managed by NetMRI, this field will not appear.
   If you choose an incorrect network view, you will receive a Path start device could not be determined error.
6. Choose Start from the drop-down menu.
   After a moment, the topology map appears for the chosen values.
7. The system saves the Path Analysis instance you just created under the Path Analysis menu.
8. After the path analysis completes, if a path does not complete because of intermediate devices that are endpoints for an MPLS encapsulated tunnel (or from other similar protocols), select the device in the path from which the VPN terminates, and continue the path analysis form there using the Continue Path Analysis From Device option. This option is similar to the Start from Device drop-down menu option in the center pane.

Simultaneous Path Calculations

In a large network, more than one possible path my exist between two devices. You can control the number of path calculations performed for the same Source/Destination pair. The default number of simultaneous path calculations is 2, with a maximum value of 10. Go to Settings icon –> General Settings –> Path Analysis and edit the Number of Calculated Paths setting. Avoid setting this value to too high a number, as multiple active path calculations can affect performance.

Resuming a Path from a Different Source Device

When performing path analysis, the path may be incomplete due to the following reasons:

• One or more devices on the path is incompletely discovered;
• A segment of the network path is comprised of an encrypted tunnel.

The Start from Device feature for Path Analysis enables the resumption of a trace from any selected point elsewhere in the network. For example, a device might appear in the network that isn't fully discovered by NetMRI; once it is, and assuming it is covered by licensing, you can resume the path analysis from that device and continue on to finish the trace. You may have to wait for a brief period before the device is fully discovered and licensed, and the device has its routing tables added to the NetMRI database.
If the network provides for two Zones separated by a VPN, you can trace up to the endpoint of the first part of the path, note the device name where the VPN tunnel terminates, and use that device to resume the trace to the same Destination device. Do the following:

1. Open Network Explorer –> Topology.
2. Choose a Device Group from the Select Device Groups menu in the right pane.
3. In the left panel accordion menu, click Path Analysis.
   A blank Topology Viewer window appears, with Source and Destination fields on the top of the center panel.
4. Enter the Source and Destination values for the two devices whose common path(s) you want to trace. In this context, the relevant Source value is the device from which you want to resume the trace.
5. Choose the Source Network View from the drop-down menu.
6. Choose Start from the drop-down menu.
   After a moment, the topology map appears for the chosen values.
7. Open the Tree page and check the path results. In cases when you see an Undiscovered Hop listing, you must ensure the device is added to the NetMRI database before the device can be applied as part of a traced path.
8. Choose Path Analysis –> Start from Device. The Select Device dialog appears.
9. Choose the Device Group from the drop-down list.
10. Click the device from which you wish to resume the path analysis.
    The Topology Viewer window refreshes to show the continuation of the path analysis. NetMRI appends the result to the end of the previous path trace attempt and the results appear in the Tree page and in the Topology page.

Other Network View Operations

Note: It may take several minutes for NetMRI to reflect the new status when changing the license status of a device in the network.

To force devices to the top of a queue, do the following:

1. Click the check box for the device(s), then click Discover Next (below the table).
2. Click the check box for the device(s).
3. Click License (below the table).
4. In the License Status dialog, select the desired license status (Automatic, Licensed or Unlicensed), then click OK.

NetMRI gives explicitly licensed devices priority in determining which devices to manage. Unlicensed devices continue to be managed by the appliance, but only basic discovery data is periodically collected from them.
To force immediate discovery of devices: Click the check box for the device(s), then click Discover Now (above the table). NetMRI will execute the processes required against a device to complete discovery. These include SNMP credential collection, SNMP data collection, device group assignment and CLI credential collection.
To delete devices from NetMRI's database, do the following:

1. Click the check box for the device(s).
2. Click Delete (below the table).
3. (Optional) In the Delete dialog, select Exclude from discovery (see below).
4. Click Yes to confirm the deletion.

If a device continues to appear in collected data, NetMRI will re-list the device unless you choose to exclude the device from discovery when it is deleted.
To un-manage devices, do the following:

1. Click the check box for the device(s).
2. Click Unmanage (below the table).
3. Confirm the operation.

Unmanaged devices remain discovered, but NetMRI will not collect data from them. The appliance will not obtain details — such as vendor, model and operating system version — because SNMP access is required to complete those processes.

Using the Interface Viewer

Note: Switch Port Management provides a more global view of the network's complement of switched interfaces. See Switch Port Management for more information.

The Interface Viewer (accessed by clicking any hyperlinked interface identifier in the Interface column of the Interface Configuration list (located in Network Explorer –> Inventory –> Interfaces –> Interface Config), displays low-level interface data and network phenomena affecting the selected interface during a specified time period. The top panel lists basic information about the chosen interface, including the Type, Speed, Status (Up or Down, along with the date the interface was discovered to be changed in state), the host device's Network View, the Device IP, its interface MAC Address; the Interface IP (if any); and Ethernet Port Fast and Encapsulation settings where applicable (this value appears only when the interface is using 802.1Q tagging).
If a physical interface also contains logical subinterfaces that are locally assigned to VRFs, the Encapsulation field will appear in the top panel of the Interface Viewer window, also listing the protocol.
When an interface is locally assigned to a Network View, the Local VRF field appears in the top panel of the Interface Viewer window.
By default, the Interface Viewer displays any neighboring interface information for the selected interface. The assumption is that the selected interface is actually administratively On and active on the network; otherwise the Interface Viewer shows a blank page.

Note: Click the icon at the top of the Interface Viewer to open the Device Viewer for the device hosting the current interface, or the Live Interface viewer for the currently selected interface. Also, to search for interfaces in the On position, type the word "on" into the search box in the Interface Config page before attempting to access the Interface Viewer.

The Interface Viewer also provides a list of Access Control Lists that are bound to the current interface. To change the date or period for data displayed in the Interface Viewer: See Setting the Date and Period.

Viewing Neighboring Interfaces

The Neighbors page (Interface Viewer –> Interface –> Neighbors) lists the MAC addresses, associated VRF Name and Neighbor VRF Name (if any), the Network View, IP addresses, interfaces and other data for neighbors of the currently displayed interface. If you select an interface that is administratively On and is active in the network, the Interface Neighbor information automatically appears. Otherwise the neighbor information remains blank.
Associated information provided includes the VLAN and/or trunk interface, the neighbor's MAC address, the neighbor type, and the Neighbor Assurance value.

Viewing Network Performance Measurements

Under Performance in the Interface Viewer, the Summary page (Interface Viewer –> Performance –> Summary) lists high-level statistics for inbound and outbound traffic for the selected interface. A table appears in the Interface Viewer, showing Counts, Rates and Percentages for Inbound and Outbound Octets, Packets, Unicast packets, Non-Unicast packets, Multicast packets, Broadcast packets, Discards, Errors, Changes, Alignment Errors, FCS Errors, and Late Collisions. These statistics cover the entire selected interface, cumulative for all subinterfaces if any.
The Rates page (Interface Viewer –> Performance –> Rates) shows inbound and outbound throughput and related rates for the interface, including Packet Rate, Broadcast Rate, Discard Rate and Error Rate;
The Percents page (Interface Viewer –> Performance –> Percents) shows inbound and outbound traffic statistics expressed as a percentage of total throughput, including % Utilization, Broadcast Percent, Discard Percent and Error Percent;
The Counts page (Interface Viewer –> Performance –> Counts) displays inbound and outbound traffic statistics expressed as counts, including columns of statistics for Octet Count, Packet Count, Broadcast Count, Discard Count and Error Count;
The Charts page (Interface Viewer –> Performance –> Charts) provides charts that show throughput, broadcasts/second, errors/second and discards/second. Use the Measure list at the tope of the page to select Rate or Percent for the charts' vertical axes.

Changing Performance Data Collection Settings

The General Settings page (Interface Viewer –> Settings –> General Settings) enables you to apply or override the parent group's performance data collection setting, under the Performance Statistics Collection setting (group settings are defined in the Settings icon –> Setup section –> Collection and Groups page –> Groups tab –> Interface Groups side tab).
To ensure collection of all performance data for the specific device, choose the Enabled option.
Choose the Use Default option if you want performance information collection to only use the parent Interface Group's settings.
Interface performance data covers a broad selection of network phenomena, including but not limited to the following: port throughput, bandwidth utilization, packet errors percentage, broadcast packet percentage, and packet discard percentage.
A second option, Sw itch Port Management Control, enables or disables the current interface from management by Switch Port Manager.

Viewing Interface Histories

Interface histories consist primarily of First Seen and Last Seen values, indicating the date and time when the interface was first seen by the appliance, and the date and time when the appliance last polled the device and interface. Other information fields in the Interface History table include, but are not limited to, the following:

• Device Name –The name of the device hosting the interface;
• IF MAC – The MAC address of the interface;
• If Oper Status – shows whether the interface is operationally Up or Down;
• If Admin Status – shows whether the interface is administratively Up or Down.

Port Control Settings

NetMRI allows administrators to control basic operational settings for managed routers and switches. Three functions are available in the Port Control page (Interface Viewer –> Settings –> Port Control Settings):

• Admin Status – Set the port to administratively Up or administratively Down;
• Interface Description – A text label describing the port;
• VLAN ID/Name – Change the VLAN assignment for a switch interface. Click Edit for any feature.
• For Admin Status, ports can be set to Up or Down from the drop-down menu.
• For VLAN ID/Name, the feature will work for switch or switch-router ports that support VLAN assignment. Choose the VLAN ID from the VLAN ID drop-down list (new values are not entered in this location) and the VLAN Name from the VLAN Name drop-down list. A port can be set to disable any VLAN assignment by enabling the No VLAN checkbox.

In all cases, click Save to commit settings.

Editing the Port Lis t

Ports listed in the Port List page (Settings icon –> Setup –> Port List) are probed when Port Scanning is enabled at Settings icon –> Setup section –> Collection and Groups –> Global tab –> Network Polling panel.
To add a port to the list, do the following:

1. In the Add Port panel, select the port's Protocol: TCP or UDP.
2. Type the Port number.
3. Type the port's Service.
4. Click Add.

To delete a port from the list: Click the Delete button for the port.

Viewing Device Collection Stat us

The Collector Status page (Settings icon –> Setup –> Collector Status) shows the internal processing being performed by NetMRI. This page is used primarily for technical support purposes.
A property group is a collection of SNMP variables that NetMRI polls from a given device type and vendor at a given frequency. The collection of SNMP variables in a property group are not visible to the user.

Using the Interface Live View er

The Interface Live Viewer allows you to view and track traffic and event trends for any chosen network interface, and save chart data and images for the results. the Interface Live Viewer displays near-real-time graphs for the following interface properties:

• Throughput in / utilization in
• Throughput out / utilization out

Throughput/Utilization graphs depend on the Display Mode setting: choosing Rate displays throughput, choosing Percent displays utilization.

• Broadcast in
• Broadcast out
• Errors in
• Errors out
• Discards in
• Discards out

To access the Interface Live Viewer, do the following:
1. Right-click any interface hyperlink, then click Interface Live Viewer in the pop-up menu.

–or– In the Interface Viewer, click the Viewer Tools icon, then click Live Viewer... in the drop-down menu.
–or– In the Interface Viewer –> Performance section –> Charts page (which displays static data), click the Live Viewer link next to the Measure field.

Within the graph:

• To see underlying data at a specific time: Hover over that time in the graph.
• To hide or show a line: Click the box to the left of the name in the legend below the graph.

If too many lines make it difficult to interpret the graph, hide lines having less value by clicking the colored check- box for any data type at the bottom of the chart window.
To hide or show data callouts within the graph, do the following: In the graph, click the line for which you want to hide/show data.

Or:
In the legend, click the name (underlined = data callout displayed, name not underlined = data callout hidden). In the Interface Live Viewer's control bar (above the graph):

• To change the time period shown in the graph: Select the time in the Display Window drop-down list.

The display window of 5 or 15 minutes is based on an ideal polling frequency as defined in the Live Interface Poll Frequency setting (at Settings icon –> General Settings –> Advanced Settings). The display window depends on the following factors: load on the device being polled, load on the appliance polling the device, and network round trip time between the device and NetMRI. Thus, the actual display window time may be longer than the value selected in the Display Window drop-down list.

• To view historical data: Click Show History at the left end of the control bar. In the Show Historical Data dialog, specify the day and time for the historical data's starting point. (Historical data is always shown in a 15 minute window.)
• To pause the display (this does not pause the underlying data collection): Click the Pause button.
• To resume playing the display (after pausing): Click the Play button.

Note: If the display remains paused after 24 hours, data collection will stop.

• To change the vertical axis units: Select the desired units in the Display Mode drop-down list.
• To export data used to create the graph: Click the CSV Export button.
• To export the graph as an image: Click the Image Export button.

Interface Live Viewer settings

Two settings for the Interface Live Viewer are provided in the Settings icon –>General Settings–>Advanced Settings page under Data Collection:

• Live Interface Poll Frequency sets the SNMP polling frequency (5 seconds to 60 seconds in 5 second increments).
• Live Interface Poller Limit sets the maximum number of interface pollers that can run simultaneously (1 to 10).

The polling engine continues to run for 15 cycles (where one cycle = Live Interface Poll Frequency) after the Interface Live Viewer window is closed. If you reopen the Interface Live Viewer before the 16th cycle, you'll see live data collected during that time. If reopened after the 15th cycle, the Interface Live Viewer will start displaying a fresh data set.