Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Migrating to netcool precision for ip networks --best practices for migrating from ibm tivoli net view sg247375
1. Front cover
Migrating to Netcool/Precision
for IP Networks
Best Practices for Migrating from
IBM Tivoli NetView
Compare capabilities and solution
architectures
Migrate IBM Tivoli Switch
Analyzer
Perform the migration and
configure the new features
Stephen Hochstetler
Donald Hart
Leslie Clark
Mathias Scharfenberg
Pádraig Byrne
Rob Clark
Bob Louden
ibm.com/redbooks
2.
3. International Technical Support Organization
Migrating to Netcool/Precision for IP Networks
Best Practices for Migrating from IBM Tivoli NetView
February 2007
SG24-7375-00
12. Trademarks
The following terms are trademarks of the International Business Machines Corporation in the United States,
other countries, or both:
Redbooks (logo) ™ Netcool® Tivoli Enterprise Console®
DB2® NetView® Tivoli®
IBM® Redbooks™ Viewpoint™
MQSeries® System p™ WebSphere®
Netcool/Omnibus® Tivoli Enterprise™
The following terms are trademarks of other companies:
IT Infrastructure Library, IT Infrastructure Library is a registered trademark of the Central Computer and
Telecommunications Agency which is now part of the Office of Government Commerce.
ITIL is a registered trademark, and a registered community trademark of the Office of Government
Commerce, and is registered in the U.S. Patent and Trademark Office.
Java, JRE, and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States,
other countries, or both.
Microsoft, Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States,
other countries, or both.
Pentium, Intel logo, Intel Inside logo, and Intel Centrino logo are trademarks or registered trademarks of Intel
Corporation or its subsidiaries in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or both.
Other company, product, or service names may be trademarks or service marks of others.
x Migrating to Netcool/Precision for IP Networks
14. implement and customize Tivoli NetView across the US and Canada over the
last fifteen years.
Mathias Scharfenberg is a Senior IT Architect in Germany. He has 10 years of
experience in networking. He holds a BSc degree in Computer Science from the
University Of Hertfordshire. His areas of expertise include networks and network
management.
Pádraig Byrne is a Netcool Specialist for IBM Australia. He has six years of
experience working with telco and network management software. Prior to
joining the pre-sales team in Australia he worked with the Precision development
team in London. He holds a degree in Mathematics from the University of
Cambridge. His areas of expertise include networks, Precision and the Netcool
suite.
Rob Clark is a software developer in the USA. He has 20 years of experience in
software development and 10 years with NetView development. He holds an MS
degree in Computer Science from Northeastern University. His areas of
expertise include software engineering, and all aspects of Tivoli NetView.
Bob Louden is a Consulting IT Specialist on the Tivoli Sales Enablement team
responsible for training and supporting worldwide sales teams on Tivoli products.
He holds a BS in Computer Science from Virginia Tech, and an MS in Computer
and Communications Science from the University of Michigan. Bob has enjoyed
twenty-four years with IBM – in roles ranging from product development, to sales,
to technical sales support, to consulting – helping clients apply technology
solutions to their business problems.
Thanks to the following people for their contributions to this project:
Special thanks to Andrew Hepburn with IBM, United Kingdom. His technical
guidance is reflected in many sections of the book. All of the authors learned
several things from Andrew.
Arzu Gucer
International Technical Support Organization, Austin Center
Jonathan Baggott, Bhrat Patel, Dave Roberts
IBM, United Kingdom
Nick Ho, Bob Louden, Raymond Sun
IBM USA
xii Migrating to Netcool/Precision for IP Networks
15. Become a published author
Join us for a two- to six-week residency program! Help write an IBM Redbook
dealing with specific products or solutions, while getting hands-on experience
with leading-edge technologies. You'll have the opportunity to team with IBM
technical professionals, Business Partners, and Clients.
Your efforts will help increase product acceptance and customer satisfaction. As
a bonus, you'll develop a network of contacts in IBM development labs, and
increase your productivity and marketability.
Find out more about the residency program, browse the residency index, and
apply online at:
ibm.com/redbooks/residencies.html
Comments welcome
Your comments are important to us!
We want our Redbooks to be as helpful as possible. Send us your comments
about this or other Redbooks in one of the following ways:
Use the online Contact us review redbook form found at:
ibm.com/redbooks
Send your comments in an email to:
redbooks@us.ibm.com
Mail your comments to:
IBM Corporation, International Technical Support Organization
Dept. HYTD Mail Station P099
2455 South Road
Poughkeepsie, NY 12601-5400
Preface xiii
16. xiv Migrating to Netcool/Precision for IP Networks
20. 1.1 IBM Service Management
Today, IT environments are under tremendous pressure. This pressure can be
traced to four key sources: complexity, change, compliance, and cost.
Businesses must be able to quickly respond to market changes in order to
maximize revenue. As businesses increasingly rely on technology to improve
their ability to deliver products and services, additional pressure is put on the IT
department to adapt their services to these changes.
1. Change - Fast-changing external and internal forces, and unpredictable
variations in workloads make meeting service levels difficult.
2. Complexity - Organizations manage complex IT environment to support
business processes.
3. Compliance - The changing global regulatory and business environment
requires security, privacy, and ongoing audit capabilities.
4. Cost - To meet business service-level expectations, infrastructure costs have
been outpaced by spending on management and administration.
For example, a new product launch and promotion may stress the order
fulfillment process, which relies on a Supply Chain Management application. The
IT department must be able to provide capacity to support the application during
this period of high demand, but purchasing additional hardware that will not be
utilized during normal periods is not the most effective solution. It is dealing with
these changes in increasingly complex environments while under constrained
budgets that truly challenges IT.
By combining the Netcool and Tivoli portfolios, IBM enables customers to take a
more comprehensive approach to aligning IT operations and processes with their
organizations' business needs - an approach that leverages best practices such
as those of the IT Infrastructure Library® (ITIL®). IBM calls this approach IBM
Service Management (Figure 1-1).
4 Migrating to Netcool/Precision for IP Networks
21. Figure 1-1 IBM Service Management
IBM Service Management includes a uniquely broad and modular set of
capabilities that help customers better manage the business of IT:
Operational management helps organizations deliver services across the
infrastructure effectively and efficiently. Tivoli operational management
products span networking, business applications, servers, devices, storage,
and security to provide an end-to-end service perspective.
Service management platform is built on IBM Tivoli Change and
Configuration Management Database (CCMDB), which standardizes and
shares information across the enterprise to help align operations with
business context and enable customers to manage change. Tivoli CCMDB
includes automated, configurable best-practice workflows for the change and
configuration processes. It also serves as a platform for integrated process
management.
Process management integrates and automates service management
processes to increase operational efficiency.
Best practices learned from thousands of successful customer
engagements serve as the foundation for IBM Service Management.
Network management is key to Tivoli's comprehensive service management
strategy. Awareness of network devices, configuration, and faults is required for
Service Deployment, Business Resilience, and Service Delivery processes. By
joining the Tivoli leadership and experience managing data center environments
with those of Netcool in the network operations center, IBM enables customers to
benefit from fully integrated management software that shares event and
performance management, visualization, and automated workflow capabilities
across the enterprise. The combined Netcool and Tivoli portfolio will help users
Chapter 1. Introduction 5
22. manage any data related to infrastructure elements such as networks, systems,
security devices, storage components, and applications to gain full visibility into
the health and performance of infrastructure-dependent services.
IBM is as committed to Netcool customers and products as it is to customers who
have invested in Tivoli solutions. The company's strategy is to enable all Netcool
and Tivoli users to protect, optimize, and extend their investments in the
combined product portfolio.
Protect: IBM seeks to protect customer investments of not only resources,
but also knowledge accumulated over years of building ever more advanced
IT operations infrastructures. As the Netcool and Tivoli product portfolios
converge, IBM intends to provide smooth upgrade paths that facilitate
adoption of the best capabilities across the combined portfolio while
preserving and unlocking customers' knowledge investments.
Optimize: IBM is helping customers leverage expanded capabilities today,
even as work progresses toward the converged Tivoli portfolio. In product
categories where the combined portfolio capabilities overlap, customers can
"trade up" to the more feature-rich product in the category. For example, IBM
Tivoli NetView and IBM Tivoli Switch Analyzer users can trade up to
Netcool/Precision for integrated Layers 2 and 3 network discovery and
management.
Extend: Whether a customer currently uses Netcool products, Tivoli
products, or both, the combined portfolio offers many additional products and
capabilities the organization can leverage. Specifically, the Netcool portfolio
offers Tivoli users a wide range of capabilities for security operations
management, performance management, and network management. The
Netcool portfolio further extends the Tivoli portfolio with next-generation
management solutions for telecommunications infrastructures.
IBM is dedicated to every customer's success. As the company works to deliver
a converged portfolio, it is taking numerous steps to enable the investments
customers have made in IBM and Micromuse products over the years to
continue to benefit their organizations. Furthermore, the smooth upgrade paths
IBM is putting in place are meant to help customers derive even greater value
from these investments moving forward.
1.2 Next Generation Networking
For years, the networking industry has been heralding the emergence of Next
Generation Networks (NGNs) - networks where new TCP/IP-based technologies
leverage extraordinary (wireless, wired, and optical) transport network
capabilities to deliver voice, video, data, and multimedia traffic across a common
6 Migrating to Netcool/Precision for IP Networks
23. networking infrastructure (and, in many cases, the Internet). NGNs are here
today, but increasing dependence upon them brings with it significantly greater
requirements for high-quality, secure, and highly-available communication
services. Likewise, network management technologies and protocols have
evolved (such as the Simple Network Management Protocol, most recently,
SNMPv3) to provide ever greater security and functional capabilities. The rate of
change in networking technologies and requirements has strained the ability of
many network management products to keep up – with the consequent inability
of network managers to see, understand, and troubleshoot problems within their
networking infrastructures.
Network management challenges for NGNs include:
NGNs are normally heterogeneous (multi-vendor), requiring broad
management support for network equipment that is vendor-specific.
NGNs normally involve a combination of network technologies for delivery,
including:
– Transport protocols such as SONET/SDH, ATM, Frame Relay, and
wireless
– Dynamic networking and high availability technologies such as OSPF,
HSRP, VRRP, and BGP
– TCP/IP transport technologies such as Voice over IP, IP Multimedia
Services, and MPLS
– Security technologies such as Virtual Private Networking, firewalls, and
Network Address Translation
NGNs often involve more complex meshed network architectures, including:
– Traffic engineering to optimize traffic flows, as well as ensuring service
availability in the event of a network failure
– Potentially overlapping IP address spaces – often due to mergers and
acquisitions
The traditional network management approach of "discover all the boxes and
ping (ICMP) the devices" no longer provides sufficient coverage to ensure
service availability. Crucial time may be spent chasing alarms that are merely
symptomatic of deeper, underlying problems. Tools, such as Netcool/Precision,
are required to enable an end-to-end view across the IP and Transmission
network components.
Chapter 1. Introduction 7
24. 1.3 Netcool/Precision
The addition of Netcool/Precision to the IBM network management portfolio
extends our network management capabilities to include extensive automated
network discovery and best-of-breed topology-based root cause analysis,
providing customers the best possible, real-time understanding of their network
infrastructures and the fastest possible resolution of network problems. Key
features of the Netcool/Precision product are the following:
Netcool/Precision's automated network discovery uses advanced techniques
to gather in-depth information about the contents and structure of the
network, including:
– Layer 2: the data-link layer, including switched networks and Virtual LANs
– Layer 3: the network layer, including dynamic routing protocols, Virtual
Private Networking, and multi-protocol label switching (MPLS) services
The network is then modeled within Netcool/Precision to create a
highly-accurate representation of the true network fabric. Collecting extensive
information directly from the network devices provides the most complete and
up-to-date details of the network assets and their connectivity. This discovery
information is maintained ("persists") across restarts of the Netcool/Precision
system, thereby eliminating the need for extensive network rediscovery after
restarts.
Netcool/Precision helps network management teams visualize and
understand the layout of complex networks and the impact of network events
and failures upon them – and, more importantly, the services delivered across
them.
Within Netcool/Precision, the topology-based event correlation engine uses
the model of the discovered network to understand the relationships between
network events based upon the connectivity and containment (various
groupings) of network devices. This enables Netcool/Precision to quickly and
accurately identify root cause events (to the node and port level) and their
associated symptoms, thereby reducing the time needed to restore the
network and ensuring that customer-facing network operations staff has
meaningful contextual information at their fingertips.
Integration with Netcool/OMNIbus allows the Netcool/Precision
topology-based event correlation engine to process events obtained from
both network devices and other management systems using a broad range of
available integrations.
Netcool/Precision easily integrates with operational support systems (OSS)
and other mission-critical workflow applications.
8 Migrating to Netcool/Precision for IP Networks
25. The Precision product will anchor future Tivoli network management offerings,
including the planned support for enhanced next-generation networks and IPv6.
The next planned release of Netcool/Precision aims to blend the capabilities of
Precision for IP Networks (Precision IP) and Precision for Transmission
Networks (Precision TN) to facilitate integrated discovery and management of all
layers of the network infrastructure. A future version of Precision is planned to
provide fast and easy problem identification and resolution for small and midsize
businesses.
1.4 NetView customer choices
While significant focus is being placed on enhancing the ease of installation and
use of coming versions of Netcool/Precision, IBM will continue to protect our
NetView customers' investments and intends to provide a smooth upgrade path
to a future converged network management product offering. Customers who do
not yet need the enhanced device discovery and layer 2 support offered by
Precision, and who are concerned about disrupting their environment, can
continue to use NetView 7.1.4. Customers who need enhanced SNMP support,
duplicate IP address support, or NetView monitoring capabilities, can upgrade to
NetView 7.1.5. Customers who have an immediate need for the deep discovery
(including layer 2 support), advanced protocol support, and topology-based root
cause analysis offered by Precision IP, can upgrade immediately to Precision IP.
1.5 The purpose of this book
This book was written primarily for customers who are thinking about upgrading
to Netcool/Precision. We have established a team of experts from NetView
Development, Network Management Services, Netcool Services, and IBM
Services. Together, we have documented the best practices for upgrading
customer environments from NetView to Netcool/Precision.
This book will help you identify the additional features that Netcool/Precision
brings to your environment to help you determine which strategy is better for you.
Chapter 1. Introduction 9
26. 10 Migrating to Netcool/Precision for IP Networks
28. 2.1 Overview
The Tivoli NetView users often centers their activity around the topology maps
from where they can see status changes and access diagnostic tools and device
information. To make this task easy, many users customize the maps to organize
the information visually and to make navigation easier. Events offer useful
information including status changes, but to do any serious event management,
NetView users typically integrate with Tivoli Event Console (TEC) and manage
the events from there. From the TEC event view they can launch the NetView
topology maps via the Web Console to access network-related information and
visual orientation.
With Netcool, the components focus on contributing events or enriching events.
Netcool/Precision discovers and monitors the network devices. It contributes
topology information to the events and uses this for further enrichment by
topology-based Root Cause Analysis (RCA). The GUI uses the network topology
information to construct network views based on object attribute criteria and hop
views based on connectivity information. Because the event management is
central to the Netcool suite, operators tend to watch the filtered events and can
navigate seamlessly to the maps for contextual information or orientation.
Tivoli NetView’s single-server architecture makes it simpler to administer and
generally has GUIs for routine maintenance. Netcool/Precision, on the other
hand, gains much of its scalability and flexibility from the multi-tiered architecture,
and low-level access to data as well as program controls in the form of SQL
tables and scripting. It is closely integrated with the other Netcool products as
discussed in Chapter 4, “Solution architecture” on page 61. The trend in recent
releases is to provide more GUI control to administrative tasks, as seen in the
discovery configuration GUI in Precision 3.6.
This low-level control also makes it possible to customize the product in the field
to handle unique devices or unique network management requirements, things
which often require a new release of Tivoli NetView.
2.2 Discovery
This section provides an overview of network discovery with Tivoli NetView and
IBM Tivoli Switch Analyzer (ITSA), followed by a comparison with
Netcool/Precision.
12 Migrating to Netcool/Precision for IP Networks
29. Tivoli NetView
Tivoli NetView discovers and monitors at the layer 3 OSI level using largely
standard MIBs (management information bases). This is a relatively simple
discovery process that builds a network representation based on IP hierarchy.
The discovery is fast and continuous: a new node discovery poll, by default, runs
every 15 minutes. The main NetView process that handles layer 3 discovery is
netmon.
Tivoli NetView supports specific technologies such as Cisco HSRP, ISDN
failover, Cisco PIX Firewall failover, and unnumbered serial links. The netmon
daemon automatically creates objects for subnets, segments, nodes, and
interfaces in both the Object database (ovwdb) and the Topology database
(ovtopmd). The subnet and segment container model is automatically based on
IP addresses and the corresponding subnet masks. Netmon issues SNMP traps
for all topology changes on each object.
You can scope the Tivoli NetView network discovery based on IP address,
hostname, and device type. For SNMP access, you can either provide a list of
alternate community names for netmon to try during discovery, or configure the
community names per node or IP address range. Tivoli NetView maintains an
SNMP configuration database that is used by other Tivoli NetView applications
for SNMP queries.
IBM Tivoli Switch Analyzer (ITSA) is a closely integrated product used to
discover, monitor, and visualize the layer 2 level. Layer 2 requires a
sophisticated process to build the layer 2 connections and model the VLANs.
ITSA has basic support for switches through the standard Bridge MIB and
provides VLAN support for Cisco devices. ITSA holds the layer 2 topology in
memory, which requires a full layer 2 discovery on every restart. ITSA
reschedules a full layer 2 discovery typically on a daily or weekly basis.
Tivoli NetView can also discover and monitor services available on the network,
based on port sniffing or custom tests using the Servmon daemon. This
capability is not in Netcool/Precision, but monitoring network services can be
addressed with Netcool/OMNIbus Application Service Managers (ASM) and
Tivoli Application Dependency Discovery Manager.
Netcool/Precision
Netcool/Precision itself is the approximate equivalent to netmon in Tivoli
NetView. It discovers the network devices, queries for layer 2 and 3 information
(including specialized technology information), and then builds the connections
between objects, both intra-node and network connections. Depending on the
device, Netcool/Precision can gather a wide variety of information primarily by
SNMP, but telnet/ssh can also be used. Netcool/Precision’s discovery time is
Chapter 2. Product review 13
30. therefore more comparable with ITSA than Tivoli NetView’s layer 3 only
discovery.
Netcool/Precision’s discovery process consists of regularly scheduled full
network discovery passes along with the ability to incrementally add new nodes
later triggered by SNMP traps received, such as Warm Start/Link Up. With IBM
Tivoli Switch Analyzer (ITSA) the application does not generate status events
while ITSA is processing a layer 2 topology discovery. Unlike ITSA, however, the
layer 2 topology of Netcool/Precision remains in use by the application until the
next full discovery has completed, whereupon the new discovery information
becomes available.
As with Tivoli NetView, you can scope the discovery by IP address and further
filter devices by SNMP sysObjectID. Netcool/Precision can use ping spray to find
nodes within subnets, or use a list of seeds, or both. You can configure the
Netcool/Precision discovery to try a set of alternative community names and
associate the list by IP address range, or associate specific community names
per IP address.
Netcool/Precision supports a much wider range of devices and technologies than
Tivoli NetView does, as the list in Figure 2-1 shows. In addition to supporting
Cisco, Juniper, Nortel, and Alcatel for layer 2, it also supports technologies such
as MPLS, ATM (ILMI & PNNI), Cisco Frame Relay and static NAT. There are
some technologies Tivoli NetView supports that Netcool/Precision does not at
this time, specifically unnumbered serial links and Cisco PIX firewall failovers out
of the box.
14 Migrating to Netcool/Precision for IP Networks
32. By default Netcool/Precision does not send events for topology changes in the
network like Tivoli NetView does, but you can configure it to send events when
new nodes are found.
Just like ITSA, Netcool/Precision’s topology-based Root Cause Analysis (RCA)
needs to know the path back to the Point of Reference, normally the
Netcool/Precision server. If there is an undiscovered router or undiscovered
WAN network along that path, topology-based RCA will be affected due to the
gap created by the undiscovered devices. Tivoli NetView is able to use a custom
link to bridge the gap for ITSA and similarly with Netcool/Precision you can
create an artificial link.
2.3 Monitoring
This section compares how network device monitoring is done on
Netcool/Precision and Tivoli NetView. This includes polling, availability status,
root cause and impact determination.
Tivoli NetView
Tivoli NetView actively polls all managed network interfaces at regular intervals.
The intervals can vary based on IP address or SmartSet. The poll can be ICMP
or SNMP (adminStatus and operStatus from the Interface table). The IP Status
attribute for each interface is set depending on the result of the poll. Status for
higher order objects, such as node, segment, and subnet, are propagated from
the interface and are persistent.
Netmon issues SNMP traps for each status change on an object to inform both
the network management operator and other applications, such as the maps.
Tivoli NetView calculates root causes. At the layer 3 level, Tivoli NetView’s
Router Fault Isolation (RFI) algorithm determines the root cause and issues a
trap for the causal router or node. If the problem is with a router, the Tivoli
NetView program issues a Router Status trap and calculates the impact. Subnets
and routers in the impacted partition are set to the Unreachable status by
netmon. Netmon has an option to suppress generating critical events for nodes
in unreachable areas (the default). However, some users consider those critical
events important so they can do their own event correlation in TEC for impacted
services and trouble ticket prioritization.
ITSA provides layer 2 monitoring and root cause. ITSA can monitor the switch
ports actively and also listens for status traps from Tivoli NetView, which prompt
it to begin the algorithm to determine the root cause at the layer 2 or 3 levels.
Tivoli Switch Analyzer discovers the ports of layer 2 devices and integrates this
16 Migrating to Netcool/Precision for IP Networks
33. information into the known layer 3 topology, creating a complete layer 2 and
layer 3 network topology. In addition, Tivoli Switch Analyzer creates a network
segment for each port to represent the connection between the port and the
devices connected directly to it. This means that correlation can be to a switch
port, rather than a device downstream from that port. The Tivoli Switch Analyzer
correlator is a process that uses this integrated topology to determine the root
cause of a network outage, either confirming the Tivoli NetView RFI result (at
layer 3) or identifying a layer 2 root cause. ITSA issues SNMP traps to alert the
system management operator of root cause changes. Tivoli NetView changes
the maps to reflect port status changes on switches. Note that the ITSA root
cause algorithm and events are independent from the netmon RFI algorithm.
This can result in redundant events, which can then be correlated in Tivoli
Enterprise™ Console or Netcool/OMNIbus.
Completely separate from availability monitoring, Tivoli NetView can monitor
SNMP MIB variables for threshold triggers using the SNMP Data Collector
(snmpcollect). Threshold and Rearm SNMP traps are issued, but do not
contribute to the map status for the object, unlike in Netcool/Precision.
Netcool/Precision
Netcool/Precision has a highly integrated monitoring capability coupled with
topology-based Root Cause Analysis (RCA) that does a nice job of signalling the
problem events versus the symptom events from any suitable source based on
the discovered layer 2 network topology and intra-device containership.
The Netcool/Precision IP component AMOS performs topology-based Root
Cause Analysis (RCA). It does this by correlating events with each other, and
with the network topology, to determine which ones are the root causes, and
which are symptoms that disappear when the root cause is resolved. Because
AMOS knows how devices in the network are connected, it can use a technique
called downstream suppression to determine which devices are temporarily
inaccessible due to other network failures. It suppresses the events on these
temporarily inaccessible devices. Suppressed events are still visible to the user;
however, they are marked as symptomatic, rather than root cause.
Active monitoring consists of defining pollers, which can be ICMP or SNMP.
SNMP pollers are configured to trigger events when a threshold is exceeded.
The pollers and the polling intervals are assigned to classes of devices based on
the Active Object Class structure. This is sufficiently different from how you set
up polling frequencies and types in Tivoli NetView that it will require a complete
reconfiguration for Netcool/Precision.
Passive polling consists of listening for SNMP traps (Link Down and others) and
syslog events. These events are automatically enriched with topology
Chapter 2. Product review 17
34. information and feed into topology-based RCA just like the active monitoring
events.
The color of map symbols represents the severity of problem events for the
device or devices represented by the symbol. Because events represent more
than just availability problems, this is a useful state of health indication. There are
six severity states based on the events, with the most severe being propagated
up to the container object.
Unlike Tivoli NetView, Netcool/Precision does not maintain status fields for
objects. Instead, current and historical status can be seen by clicking the object
to see a filtered list of events providing you with the current state of the device.
Because of the richness of the events, operators typically create filtered event
lists to cover the environment they are interested in. This is analogous to the
SmartSet submaps in Tivoli NetView. From these event lists the operator can
easily jump to the topology map views in context to examine the environment of
the problem and the possible impact.
You can create Netcool GUI Foundation (NGF) views, complete with background
maps, that consist of symbols representing, for instance, each of the data
centers. These symbols, including artificial connection symbols, reflect the most
serious status represented by filtered events for that symbol.
There are no diagnostic tools, equivalent to NetView’s demandpoll, that query
the SNMP MIB on the device and update the management database with
changed information. However, there are many real-time tools that allow the
operator to learn the current state of a device and its underlying technologies for
diagnostic purposes, such as Ping, Trace Route, Whois, DNS, and Cisco and
Juniper tools.
There is no capability to unmanage devices from the GUI out of the box. This can
be achieved by running an OQL command to update the polling.suspended
table.
2.4 Network visualization
This section compares the typical map usage in Tivoli NetView and
Netcool/Precision.
Tivoli NetView
By default, NetView displays a hierarchical set of submaps for the IP layer 3
network. The symbols can differentiate device types by their shape and image.
See Figure 2-2 on page 19 for an example. The symbol color represents one of 9
18 Migrating to Netcool/Precision for IP Networks
35. status states of that symbol. Status from the interfaces is propagated up the
hierarchy depending on context and the algorithm you select.
Figure 2-2 NetView IP Network hierarchy
In addition to the IP Internet hierarchy, there are submaps to visualize dynamic
SmartSets. The SmartSets consist of a set of objects that match boolean
expressions based on object fields. The SmartSet becomes an object that can
also be used in other parts of NetView to define SNMP parameters and SNMP
data collections, and for event filtering.
The user can also create custom submaps consisting of objects and
connections. Typically these ad hoc submaps are manually constructed as
physical representations of the network per site, or a custom collection of devices
and objects meaningful to the operator.
When ITSA is installed, the layer 2 views are available on the Web console only.
You can navigate from the regular layer 3 views to the layer 2 views in context.
Chapter 2. Product review 19
36. The layer 2 views consist of a physical hop view, point to point view, and a VLAN
membership list.
There are a number of contextual options available to navigate around the
network, perform diagnostics on devices, trigger updates on devices, view details
for a device, and observe current status for the device and all its interface
objects. This rich source of information available from the map compared with,
for example, the event display, is why users often customize heavily and rely on
the maps for daily operations.
Netcool/Precision
Netcool/Precision uses NGF/Webtop for visualizing the network and hosting the
MIB Browser. All functionality is controlled by the Security Manager with user
accounts, groups, and roles.
There are two types of topology views: network views and hop views. Both are
available from event lists and topology views in context. When multiple views are
available, you are prompted for a selection. Alternatively, you can select from the
tree view of all the network views you have created.
Network views
Network topology views can be created via filters on any attribute. You can
partition the network automatically on some attribute, which will create container
objects for each variation. Drill into each container to see the devices with the
common attribute. For instance, let’s say all devices have a location attribute and
fall into one of two locations: New York and Texas. Auto-partitioning on location
would yield two container objects, one for each of the locations, as shown in
Figure 2-3 on page 21.
20 Migrating to Netcool/Precision for IP Networks
37. Figure 2-3 Auto-partitioning views
Drilling into the New York container will show all the devices with the location
value of New York. Any connections that exist between devices will be drawn.
This feature allows the network to be partitioned automatically, or you can create
a custom filter for a single view. This is equivalent to the dynamic SmartSet
submaps in Tivoli NetView.
For example, you could create the following:
An auto-partition based on location
A single view based on technology - MPLS or OSPF devices per autonomous
region
A view based on a combination, such as core Cisco switches (based on OID)
in New York
Chapter 2. Product review 21
38. Any attribute can be used for partitioning or filtering purposes. Unlike SmartSets,
these views will show any connections that exist between objects.
These views are basically filters, so new devices are automatically added to the
appropriate views and little map maintenance is required.
Hop views
The Hop view, shown in Figure 2-4, shows the selected device and all devices
connected to it within a configurable number of hops. It is useful for viewing the
impacted area of an outage or state of each network connection on a core
network device, for instance.
Unlike NetView, Netcool/Precision does not show symbols for interface objects
with their status. Instead, the interfaces of a selected device appear in a frame
under the Hop view.
You can choose to show a layer 2 Hop View or a layer 3 Hop View.
22 Migrating to Netcool/Precision for IP Networks
39. Figure 2-4 Hop view showing interfaces
2.5 Event management
This section describes event management in Tivoli NetView and Tivoli Event
Console (TEC) and contrasts the capabilities in the Netcool suite.
Chapter 2. Product review 23
40. Tivoli NetView
While NetView has a complete event management feature set, TEC is often used
as a central manager of managers (MOM) because of its stronger feature set for
historical analysis, correlation rules, and event grouping and filtering per
operator. TEC ships with a ruleset that has basic correlation of NetView and
ITSA events preconfigured into the ruleset.
NetView can receive SNMP traps from the network and also generate internal
events based on status changes, topology changes, and configuration changes.
NetView processes these traps and events using the same standard SNMP
format. Each event can be configured with additional information such as
severity, category, formatted description, and actions. If NetView is installed
within a Tivoli Framework environment, the events can be exported to a
relational database. Users sometimes build custom applications or tools to parse
the trapd.log as a convenient way of processing traps further.
Within NetView you can view events, correlate them using complex rulesets,
trigger actions, and forward them as SNMP traps to other managers, such as
TEC. Events are persisted on disk and NetView can receive SNMP traps from
other network devices. However, users typically forward important events to a
central TEC server where event management is stronger. In TEC, you can
correlate events against those from other products, group and filter events per
operator, automatically clear events, automate notifications and other actions.
From TEC you can also launch the NetView Web console to view devices in
context with the event to get more details on the device and perform diagnostics,
and view other devices in the vicinity to determine the cause and impact.
NetView has a single configuration file for handling SNMP traps. Here you can
specify additional information such as severity and category, format the event
description to include varbind information, trigger actions and notifications, and
whether to forward to other event managers, including TEC.
NetView has a graphical ruleset builder that you can use to build complex
rulesets based on correlation and time sequencing. A default ruleset filters
events and forwards them to TEC.
Netcool/OMNIbus
Netcool/Precision is one management application among several that feed
events to Netcool/OMNIbus. Each application is called an event source. Your
solution may include many event sources, including a number of Netcool suite
components such as Netcool/OMNIbus Internet Service Monitors (ISM),
Application Service Monitors (ASM), and System Service Monitors (SSM);
Netcool/RAD; and other Event Management Systems. Other Netcool
components exist to enrich events received by Netcool/OMNIbus, such as
Netcool/Precision’s topology-based Root Cause Analysis (RCA), which adds
24 Migrating to Netcool/Precision for IP Networks
41. topology information and calculates root cause information to classify events into
either problem or symptom categories. Netcool/Impact is another product that
enriches events with information potentially from any existing data source, as
shown in Figure 4-1 on page 62.
Each Netcool/OMNIbus installation must have at least one ObjectServer to store
and manage alert information.
The events are viewed in event lists in Webtop according to the configuration
and filtering for each user. Since the current status of devices is reflected in the
event database, you can construct event lists to monitor the health of specific
areas, mimicking the functionality of Tivoli NetView’s SmartSet submaps.
The event lists are a central place for the operator to access a rich source of
information. A right click takes you to any topology view in context, where you
can see the relationship of the device in the network, access a wealth of stored
information about the device, and use a wide variety of real-time focused SNMP
tools to diagnose the problem further.
Probes connect to an event source, detect and acquire event data, and forward
the data to the ObjectServer as alerts. Probes use the logic specified in a rules
file to manipulate the event elements before converting them into fields of an
alert that is sent to Netcool/OMNIbus. The mttrapd probe receives and feeds
unsolicited traps from the network into Netcool/OMNIbus. Using
Netcool/OMNIbus, you can configure the same actions on traps that were set in
Tivoli NetView, such as E-mail/pager notifications and executing scripts.
During the transition period, if you have a TEC server, you may want to continue
using it for central event management if you are moving network management to
the Netcool suite while maintaining a Tivoli server management solution. Just
like Tivoli NetView, Netcool/OMNIbus can forward events to TEC. There is a
white paper and configuration files for Tivoli and Netcool Event Flow Integration
available in the IBM Tivoli Open Process Automation Library:
http://catalog.lotus.com/wps/portal/topal
2.6 SNMP tools
This section describes SNMP data collection capability in Tivoli NetView and
contrasts the capabilities in the Netcool suite.
Tivoli NetView
NetView provides a set of SNMP tools. These tools all use the central SNMP
configuration database for community names (with the exception of the Web
Chapter 2. Product review 25
42. console MIB Browser). NetView 7.1.4 supports SNMPv1 for all functions except
the MIB browsers, which support SNMPv2 as well, while version 7.1.5 has a new
SNMP library that extends support to SNMPv2 in general.
SNMP data collection
Tivoli NetView includes an application that can be configured to collect SNMP
data, store it, and trigger threshold events. The data is typically stored in
proprietary flat files and users often write custom applications to access this data
to augment reporting. Users can view the stored data in both tabular and
graphical format from the NetView native console. If NetView is installed in a
Tivoli Framework environment, the data can be exported to a relational database
for easier custom access and reporting.
NetView can store collected data in Tivoli Data Warehouse (TDW) v1.3, if it is
installed. However, it is left to the user to create reports from TDW.
You can configure each data collection to store the data, or evaluate against
threshold and rearm values, or both. If a threshold is triggered, the snmpcollect
daemon issues a NetView threshold event.
SNMP data can be collected and displayed in a real-time graph that is useful for
diagnosing or evaluating an ongoing network problem.
NetView 7.1.5 introduced a new SNMP Collector that stores data in DB2® and
can handle SNMPv2 including 64-bit counters.
SNMP MIB browser
In NetView 7.1.4, there are two native MIB browsers – one for SNMPv1 and the
other for SNMPv1/v2. Each has its own MIB loader. These browsers can be
launched in context from the map, and will use the centralized SNMP
configuration data for access. The Web console has a Java™ MIB browser
(SNMPv1/v2) that has a built-in loader on startup. It does not share the
centralized SNMP configuration.
SNMP MIB Application Builder
NetView also includes a graphical tool to create small custom applications that
collect and display specific SNMP MIB variables or tables. These SNMP MIB
Application Builder applications are then available from the native console menu
to be run in context with selected devices.
SNMP command line tools
The standard snmpwalk, snmpget, snmpgetnext, snmpset, and snmptrap
commands are available from the command line. These commands, if not
overridden, will use the community names from the centralized SNMP
26 Migrating to Netcool/Precision for IP Networks
43. configuration. In NetView 7.1.5 an additional set of equivalent commands are
available that also support SNMPv2.
Netcool/Precision
During discovery Netcool/Precision determines and stores the SNMP community
names for each device, including any SNMPv3 authentication settings. These
settings can then be used transparently by the SNMP MIB Browser in the
Netcool GUI Foundation (NGF) or overridden if necessary.
The MIB Browser is available as a Netcool/Precision application in NGF. It uses
the SNMP access data provided centrally by Netcool/Precision and you can
perform SNMP walks, SNMP gets, and SNMP get tables (no SNMP sets). The
MIBs are loaded automatically; there is no separate process to load them once
they reside in the MIB directory. Netcool does not provide command line versions
of the SNMP tools.
There are custom MIB Browser diagnostic tools available from the topology
maps. These tools are equivalent to Tivoli NetView’s MIB Application Builder
tools. They gather and display specific MIB data in context and can be extended
to include custom tools.
As we saw in the Monitoring section, Netcool/Precision incorporates threshold
monitoring as an integral part of its network polling.
The Netcool/Proviso product is designed for heavy duty performance metric
collection and analysis - Netcool/Precision does not have an equivalent function
to gather and store SNMP data or a real time graph for MIB variables at this time.
2.7 Diagnostic tools
This section describes the diagnostic tools available in Tivoli NetView and
contrasts the capabilities in the Netcool suite. These tools typically access data
in real time rather than rely on previously collected data. They enable you to
quickly explore connectivity, configuration, and performance information while
diagnosing a problem.
Tivoli NetView
The Tivoli NetView native console has a number of menu-driven options in
context for diagnosis:
Connectivity tests using ping, Quicktest/Demandpoll, Locate Route
UNIX® commands such as netstat
Custom SNMP MIB-based graphical or tabular reports
Chapter 2. Product review 27
44. In addition, you can create custom reports based on command line output shown
in the appmon display window, or using the SNMP Application Builder.
The Web console includes the following options:
Connectivity tests using ping, Quicktest/Demandpoll, Locate Route
Canned SNMP MIB-based tabular reports on system and networking data,
including basic MPLS data and layer 2 forwarding data
Custom reports can be added using HTML or text-based output from applications
or commands run on the NetView server.
Netcool/Precision
Netcool/Precision has a wide variety of diagnostic tools and reports available
from right-click menus, as shown in Figure 2-5 on page 29. These WebTools
include:
Ping, including a subnet ping
Traceroute
DNS lookup
Whois lookup
A set of Cisco tools
A set of Juniper tools
The Cisco and Juniper reports require telnet access to the devices and run
native commands to display information such as routing, BGP, OSPF, MPLS,
ISIS, Cisco ping, and so forth.
Custom menu items can be added that use a cgi-based script. As an example,
we added the SNMP MIB browser similar to the NetView SNMP Application
Builder.
28 Migrating to Netcool/Precision for IP Networks
45. Figure 2-5 Right click diagnostic tools
2.8 User consoles
This section describes the consoles available in Tivoli NetView and contrasts the
capabilities in the Netcool products.
Tivoli NetView
NetView supports two different consoles: an X-based native console on the
NetView server and a Web-based Java console for remote access.
Chapter 2. Product review 29
46. Native console
Tivoli NetView has a native console with full functionality for the operator and
administrator. The administrator can optionally enable the native security system
and implement NetView user security roles for user groups and individuals. The
native console can be distributed to other machines as heavy X-based clients.
Web console
The Web console, as shown in Figure 2-6 on page 31, is an HTTP-based Java
console that can run either as a Java application or as an applet in a browser.
The proprietary Web server supports users, roles, and scopes, which are
independent from the security system of the native console.
The Web console is basically an operator or help desk console; it does not
provide the administrator functions to control the maps, discovery, or other
NetView configuration tasks. It contains the following components:
Submap Explorer
Here you see the network topology in tabular or graphical form with a
right-hand tree frame for navigation.
Object Properties
This is a central place to view attribute and event information for an object.
Diagnostics
This component provides a set of real-time displays for ICMP and SNMP
data.
MIB Browser
This MIB Browser is different from the one available in the native console.
Event Browser
Read-only display of filtered events.
30 Migrating to Netcool/Precision for IP Networks
47. Figure 2-6 Tivoli NetView Web console
Netcool suite
Netcool/Precision uses the Netcool GUI Foundation (NGF) for a Web-based
console. The NGF uses the Netcool Security Manager for single sign-on user
accounts for authorization and authentication across products using the NGF.
The security system supports users, groups, and roles. For authentication, it can
use the native ObjectServer, NIS, or LDAP.
The NGF is a common GUI for the Netcool products within a Web browser.
TopoViz provides the Netcool/Precision relevant views for NGF, which consist of:
Hop views
Network views
Chapter 2. Product review 31
48. MIB Browser
Configuration wizard for discovery
Discovery progress and status views
Webtop provides the event views, consisting of:
Active Event Lists based on customized filtering
Light Event Lists based on customized filtering (read-only)
Custom portal views (URL-based)
At the top there is a drop-down box (Figure 2-7) that contains a list of roles
available for the account you logged in under. These roles cover administration
tasks and desktop views. For each account you can create home pages with the
views for that user.
Figure 2-7 NGF roles available for current user
2.9 Product administration and configuration
Tivoli NetView
The initial setup and configuration of Tivoli NetView is done via the installation.
After installation the user can expect the product to be running, the initial
discovery underway, configuration completed for databases including Tivoli Data
Warehouse, if installed, and connection to TEC, if installed. After installation, it
may be necessary to modify the best practices applied out of the box for
discovery, monitoring, event management, and daemons' configurations, using
the GUIs mentioned in this section.
32 Migrating to Netcool/Precision for IP Networks
49. Tivoli NetView provides a complete set of GUIs and some property files to
manage the on-going changes to the product, including:
Discovery - Discovery scope changes, SNMP settings, SmartSet definitions
Monitoring - Monitor policies
Databases - Clear databases, plus CLI utilities for querying and maintenance
Daemons - Daemon control and configuration
Events - Define varbinds, attributes, actions. A graphical rule builder for
correlating traps and taking actions.
Maps - Map properties, add/delete/manage/unmanage/acknowledge objects
Web Console Security - Set up user accounts and roles
Native Security - Set up user accounts and roles
Tools are available from the command line to make it easy and safe to perform
various administration or setup tasks, including:
Dump or query the various data or configuration stores in Tivoli NetView.
Register/deregister daemons.
Configure traps from MIBs.
Netcool/Precision
Due to the multi-server architecture possible with Netcool/Precision,
Netcool/OMNIbus, and NGF, including the ability to enable hot failover, the
installation and deployment needs more planning and design than Tivoli
NetView. An understanding of the Netcool architecture, data flow within the
product and script programming knowledge of the various rules and configuration
files is necessary for a successful deployment.
Important: It is recommended that personnel with the proper
Netcool/Precision experience and education perform the initial installation,
customization, and mentoring of other personnel. Due to the solution’s
flexibility, many choices will be made during initial customization that can best
be done by experienced, trained personnel.
2.10 Integration with other products
This section describes the typical products that are used with Tivoli NetView and
the APIs available to 3rd party integrators and compares this with
Netcool/Precision.
Chapter 2. Product review 33