Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
418
Views
0
Helpful
3
Replies

Proactive Networks

Go to solution
switched switch
Level 1
Level 1

‎05-11-2016 07:15 AM - edited ‎03-05-2019 03:59 AM

Hi All,
Recently I took some time to travel and I am settling back into a full time roll as a network manager, its been a number of years (approx 6) where I have been full time in networks. The company is a mid size ISP and the ISP is still growing and quite greenfields so alot of projects to be completed.

Current tools:
Network Backups: RANCID
Network Monitoring: Solarwinds
IPAM: custom one developed in house.
Network Auth: TacPlus

Projects still needed:
Visualization of traffic: Netflows? Is this still current, and what front end is used to visualise and drill down into the traffic to determine source/destination IPs or protocols?
DDOS protection: Noting in play. Any suggestions?
Network Logging: Elastic maybe?
Security Logging: Elastic?
Network Templates: ????

Can anyone provide any suggestions on the projects and tools to be completed? Is there any other essential network tools we should be looking at implementing that might not be listed?
Currently the business really struggles with proactive management, its a very reactive approach so I would like to implement solutions to give us depth in troubleshooting providing detailed information for issues and troubleshooting. We utilise alot of open source tools within the business, so where possible if we need to develop and build we would take that approach.
Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎05-11-2016 09:00 AM

Hi

one of the things we use that's very useful but not open source but would still cover a lot is Cisco Prime but only 3.0 and up as that contains compliance , PSIRT/EOL/EOX , network templates for configs and management , its good for proactive management as it alerts on issues it sees in configs and provides best practice templates and other options , and everything can be alerted to diff devices and syslogs , its flexible

Prime does not do netflow though , we use CA products for that either UIM or NetQos you get as granular as you want there very good and  can handle thousands of flows

Unfortunatly none of these products are cheap , regarding DDOS none of the above do that we use tipping point

Just some options anyway

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎05-11-2016 09:00 AM

Hi

one of the things we use that's very useful but not open source but would still cover a lot is Cisco Prime but only 3.0 and up as that contains compliance , PSIRT/EOL/EOX , network templates for configs and management , its good for proactive management as it alerts on issues it sees in configs and provides best practice templates and other options , and everything can be alerted to diff devices and syslogs , its flexible

Prime does not do netflow though , we use CA products for that either UIM or NetQos you get as granular as you want there very good and  can handle thousands of flows

Unfortunatly none of these products are cheap , regarding DDOS none of the above do that we use tipping point

Just some options anyway

0 Helpful

Go to solution
switched switch
Level 1
Level 1
In response to Mark Malone

‎05-23-2016 03:48 AM

Hi mark,

thanks for the feedback. I haven't used prime before although my SE once tried to convince me to purchase a while back. There wasn't a lot of feedback in those days and didn't have time to do a POC.

maybe I should run up an instance and try.

what is your solution for syslogs?

whats your opinions on UIM vs NetQos?

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to switched switch

‎05-23-2016 04:50 AM

I think Cisco gives out a free Prime with limited number of devices like 20 for testing or else it was certain length of time like an evaluation copy so you can try before buying , to be honest few years back it was crap i would not recommend it but it has come along way and the road map for its integration with ACI and IWAN and other features like compliance and PSIRT are very good , its worth testing anyway but it is purely for Cisco devices

syslogs theres only 1 would say without a doubt  its splunk that i would recommend the ability to drill into it is very good , again though not cheap but can be purchased per amount of syslogs you send so can be controllable ,

At the minute were on NetQos its good but does have its issues , we have lost data etc in certain periods or parts of flows which can be frustrating when troubleshooting but other than that its granular and easy to use,UIM is the next version of NetQos i have only been through a poc so far, we are deploying it this year so i will know more then if its better but CA stated they have fixed the issues we ran into previously in UIM so fingers crossed , i suppose the netflow requirements depend on how many devices you will have using it, we have around 1000 network devices so you need something thats able to handle that amount of traffic and CA at the time were the only real option out there that were well known and had the support behind them if something went wrong

0 Helpful
Customers Also Viewed These Support Documents