Part 1 – Cisco Prime Infrastructure 3.0
Introduction
Cisco Prime Infrastructure 3.0, just released on August 31, 2015, is Cisco’s latest iteration of their network management software. It follows in the footsteps of CiscoWorks, Cisco Prime LMS/NCS, and previous editions of Cisco Prime Infrastructure software packages.
As a young IT technician in the mid 2000’s at a university who used CiscoWorks to monitor their Cisco network, the first feature of that program that impressed me was the network topology map. I thought it was clever to have that full network map showing green where devices and links were good and red where they were bad or did not exist. As I have gained experience designing, managing and troubleshooting customer networks, I have learned that network management is more than just monitoring the status of the network links and devices. It requires managing the entire lifecycle and performance of your wired and wireless networks.
Since my in-depth experience with Cisco Prime Infrastructure (PI) began earlier this year on version 2.2, I will spend less time discussing new features of version 3.0 and more time highlighting some of the features I immediately took advantage of as a first time user. This blog post will focus primarily on the wired network management. I have deployed Cisco Prime Infrastructure 3.0 internally and we are a Meraki wireless shop. I will show what information we can get from Meraki APs within PI, which is not a ton. In a traditional Cisco wireless LAN controller based wireless network, PI excels in bringing wired and wireless under a single pane of glass for management.
With that being said, one of the biggest (and best) differences between Prime Infrastructure 2.2 and 3.0 is the upgrade in user interface. PI 3.0 uses an HTML 5 based GUI and removes any dependence on Flash. Another major difference in PI 3.0 is the user’s ability to create custom alarms and events through a trap event or syslog entry. For example, I created a custom alert that would be raised anytime a duplex mismatch syslog entry was logged by a switch.
Easy Out of the Box Uses
PI has a very large feature set that, if explored completely, would turn this blog post into a novel. So instead, I am going to focus on some easy wins. If there is a particular area you would want me to explore further, contact me and let me know as I plan a follow up post looking at some more advanced PI topics.
After installation, the first thing you want to do is configure user access and bring in your devices. PI will grab just about everything there is to know about your device, whether added manually or through a scan of your network using SNMP, ssh, telnet and http(s) for discovery.
By successfully adding PI to inventory, you already achieved the benefit of a backup of the device configuration. From this point, you can schedule PI to periodically grab backups from your devices and store them in the configuration archive.
This allows you to compare configurations to other revisions of the configuration on the same device OR a completely different device. For example, say you made a configuration change that caused some unforeseen issue, but the issue did not rear its head for a week or so after. Instead of attempting to remember the changes made, you can simply have it show the differences between your last archive and the current running configuration.
Another feature of PI is software image management. Without a management tool similar to PI used in a growing network, the odds of all devices in that network having the same software image are probably slim. PI allows you to look at a device and let Cisco provide recommended software versions. You can then download and import the image into the software image repository within PI. Once there, you can schedule a deployment of that image out to all non-compliant devices that are compatible with that image. This works for switches, routers, WLCs and autonomous APs.
A Little Bit More Advanced
One thing all IT administrators want is a consistent and repeatable configuration for multiple identical devices anywhere in their infrastructure. The obvious advantage is the ability to ensure consistent behavior across the enterprise in regards to things like MTU, STP and QoS. PI makes this very easy by allowing for the creation of configuration templates. You can create these as static CLI configurations (e.g. NTP settings) or you can create a form based template to configure settings that would vary from device to device, such as IP address. Once created, these templates can be deployed across all compatible devices.
PI can take this a step further by using its Plug and Play functionality. This features allows a new device to boot up and get its initial software image and configuration from PI. This works either locally or through the Internet using a Plug and Play Gateway and an application running on an iPad or Windows laptop.
Dashboards!
One of PI’s biggest strength’s is its ability to give you a lot of information in a small amount of real estate. Cisco crams in so much information that I found navigation to be the greatest learning curve of the whole software package. Cisco could probably do a better job of helping the newbie learn where everything is located.
Having spent a great deal of time learning where everything is located, the next thing I did was customize the home page to show the particular dashboards I wanted to see. Of course, front and center (well actually top left), I have the topology dashboard so I can see the immediate status of our internal network devices. But, I also have the dashboards for the top N CPU, RAM, TX and RX usage stats.
These dashboards can be customized and saved so that each time you come in to PI, you see only the information you want and in the format you want.
Conclusion
Although I have barely scratched the surface on what Prime Infrastructure can do, I focused on some basic features which will be immediately useful to the first-time user. Prime Infrastructure provides an entire feature set around wireless network management, application performance (netflow) and integrations with other products such as the Cisco Network Analysis Module. Keep an eye out for future posts around some of the more advanced features of Cisco Prime Infrastructure 3.0.
For the next installation in this series, we will focus on Cisco Identity Services Engine software product. In doing so, we will explore some simple use cases and discuss how it integrates with Cisco Prime Infrastructure to provide a view of the network from wire to device and from user to application.
For more information or questions in the meantime, contact David Rice at drice@ddaftech.com or 859-425-7735.Cisco Prime Infrastructure Product Page