What’s New in

NetBrain® Enterprise Edition 6.0

Version 6.0 | Last Updated 10.14.2015 Copyright ©2015 NetBrain Technologies, Inc. All rights reserved.

NetBrain Technologies 15 Network Drive Burlington, MA 01803

+1 800.605.7964 [email protected] www.netbraintech.com

Highlights 1

Improved Qapp™ Visual Programming Environment

2

Enhanced Thin Client

o

Introduction

o

Introduction

o

How it Works

o

Overview Map

o

Use Cases

o

Search

o

Writing a Qapp

o

Topology Map

o

»

Choosing a Template

o

Map Center

»

Defining Qapp Logic

o

Path

»

Run Qapp

o

Inventory Report

»

Debug Qapp

o

Other

»

Launch Qapp Task

»

Qapp Recommendation

Writing a Monitor Qapp

3

Other Enhancements

»

Define monitor Qapp

o

Server Benchmark Enhancement

»

Run monitor Qapp

o

Multi-AS (Automation Server)

»

Monitor Qapp Task

o

TACACS+ Authentication Integration

o

L2 Topology Support for VPC

o

Nexus FEX Support

o

Other

2 | NetBrain® Enterprise Edition 6.0

Release Notes

Qapp Overview NetBrain Apps, called Qapps™ can be used to automate network analysis and diagnostic tasks. A Qapp collects live data from the network which can then be exported to a CSV file or displayed directly on a dynamic network map (Qmap™). NetBrain includes dozens of built-in Qapps and, more importantly, is a platform for writing custom apps through a Visual Programming Environment – no scripting required.

Sample App: Monitor QoS Health

3 | NetBrain® Enterprise Edition 6.0

Release Notes

Writing Qapps (Overview) NetBrain EE 6.0 includes significant improvements to the Visual Programming Environment for writing Qapps. This environment includes built-in templates for writing a variety of apps. You can identify data you'd like the app to collect and analyze through sample CLI output, SNMP, or directly from a config file. With this “Network Aware” framework and API, users can directly apply “Neighbor” and “Path” concepts in the programming logic, which traditional scripting cannot support. The visual nature of programming Qapps in this environment significantly reduces the barrier for customized automation.

Write Your Own App – Choose a Template 4 | NetBrain® Enterprise Edition 6.0

Release Notes

Qapp – How it Works A Qapp takes a group of devices as input (from a Qmap or table) and performs a set of analyses on them in order to create a specific output (alert messages, monitored data, reports, etc.). An improved graphical user interface (GUI) is used to define the logic for each Qapp.

Define Qapp Logic via

Output

Visual Programming Environment

Alert Message

Input

Auto-created Map

Live Map

Qapp Execution Table Collect Live Data

Network 5 | NetBrain® Enterprise Edition 6.0

Release Notes

Monitor ‘HeatMap’ Report

Qapp Visual Programming Environment In EE 6.0, the Qapp programming environment leverages a Sample/Table driven interface which engineers can use to customize automation for virtually any type of network task: o Specific for the network tasks »

Topology-Aware: The device queue can include a pair of device neighbors (physical or logical)

»

Traffic Path-Aware: An app can analyze performance and configuration on devices along a specified A/B path.

o Sample and table driven »

Define a sample of live network data and parse fields of interest based upon the sample output

»

Supports typical table operations: neighbor join, delta, filter and merge.

o Visual interfaces »

Drag and drop the elements (canvas, IF condition, dialog) to define the execution flow

»

A simple to define the conditions for multiple branches such as multi-vendor

6 | NetBrain® Enterprise Edition 6.0

Release Notes

Qapp Use Cases – “Automate Virtually Any Network Task” Whether you leverage NetBrain’s built-in Qapps or write your own, you can automate and accelerate many common network analysis tasks:

Category

Example Use Case

1. Troubleshooting

You have 10 hub routers and each hub router has 50 spoke neighbors. You want to check EIGRP neighbor states of each hub router and its spoke neighbors, in batch.

2. Neighbor Check

Check whether the Speed and Duplex of inter-connected Ethernet interfaces (for any pair of neighbor devices) are consistent. If not, the Qapp generates an alert message and marks the misconfigured interfaces with notes.

3. Application Check

Along a path, check whether the QoS configuration at each hop is consistent - export results to a CSV file.

4. Verification

Import a CSV file to define multiple routers and a target IP list to each router. The requirement is to ping each IP in the target IP list from one router and export ping result to CSV file.

5. Monitoring

Monitor interface errors on a map and check the delta of errors at a defined frequency. Generate an alarm if errors are increasing.

6. Report

Check every switch on a map to determine whether the version information contain super ‘engine III’. Export the version information to a CSV.

7. Compliance Check

Check for ACL configuration consistency across designated devices (e.g. on the map). For example, check whether ACL 100 on R1 and R2 is consistent.

7 | NetBrain® Enterprise Edition 6.0

Release Notes

Writing a Qapp – Choose a Template NetBrain provides five built-in templates (beyond the General template) for automating common tasks: o Monitor: Periodically retrieve live data and display the results on the Qmap. (use case 5) o Inventory report: Generate a customized inventory report. (use case 6) o Path Analysis: Analyze the configuration or running status along a path. (use case 3) o Highlight Map: Highlight devices or interfaces according to the analysis result, including a legend on the map. (use case 1, 4, 7) o Neighbor Check: Analyze configuration, running status or other checks for consistency between neighbor devices. (use case 2)

8 | NetBrain® Enterprise Edition 6.0

Release Notes

Writing a Qapp – Define Execution Flow The Qapp execution flow can now be defined with a new Flow Chart Graphical User Interface (GUI), containing the following components: o Input »

Device input: Defines which types of devices the Qapp will run on. This can be a single device, a device group, or a traffic path.

»

Table input: Defines a table the Qapp will import to use as input.

o Canvas: A key component, used to retrieve, parse, and analyze data from the network devices. o Dialog: Used to retrieve input from the user during run time. o If Condition: Defines an If-statement for the execution logic.

9 | NetBrain® Enterprise Edition 6.0

Release Notes

Writing a Qapp - Canvas The Canvas is used to define the primary run-time logic of the Qapp. This is where you indicate how to retrieve, parse, and analyze the desired data from the live network. A Canvas can have the following components: o Device Queue (DQ): Build a group of devices for the Qapp to run on. o Device Selector (DS): Based on rules defined in the Device Selector, each Device in the DQ decides which branch to follow in the flowchart (e.g. for a multi-vendor Qapp). o Command and Parser: Defines how to retrieve data from live devices, and the rules to parse the data, and convert it into variables. o Device Data Table (DDT): Stores the data parsed from a device for further analysis. o Global Data Table: A global table to store all device data for further analysis. o Output: Defines how to present the Qapp execution results, such as “Alert Message”, ”Highlight map”, “Monitor Data” and so on.

10 | NetBrain® Enterprise Edition 6.0

Release Notes

Define Canvas: Command & Parser The Command and Parser node defines the method to retrieve data from each device (e.g. via CLI command, Configuration file, Ping, Traceroute , or SNMP). The Parser defines variables from the output which are stored in the Device Data Table for further analysis.

11 | NetBrain® Enterprise Edition 6.0

Release Notes

Define Alerting (Monitor Qapp Only) For Monitoring Qapps (which collect data periodically) you can define alerting thresholds and conditions (e.g. an error count is increasing). When defining an alert you can customize the alert message and indicate a color scheme for the alert (i.e. Red = Error, Orange = Warning).

Item Alert

Color Scheme

12 | NetBrain® Enterprise Edition 6.0

Release Notes

Debug Qapp The new “Debug Qapp” function is used to execute a Qapp node-by-node to check whether the procedures are running correctly. During Debug, you can check the correctness of any table data visually by clicking any canvas node.

13 | NetBrain® Enterprise Edition 6.0

Release Notes

Highlights – Enhancements to Thin Client 1

Improved Qapp Visual Programming Environment

2

Enhanced Thin Client

o

Introduction

o

Introduction

o

How it Works

o

Overview Map

o

Use Cases

o

Search

o

Writing a Qapp

o

Topology Map

o

»

Choosing a Template

o

Map Center

»

Defining Qapp Logic

o

Path

»

Run Qapp

o

Inventory Report

»

Debug Qapp

o

Other

»

Qapp Task

Writing a Monitor Qapp »

Define monitor Qapp

3

»

Run monitor Qapp

o

Server Benchmark Enhancement

»

Monitor Qapp Task

o

Multi-AS (Automation Server)

o

TACACS+ Authentication Integration

o

L2 Topology Support for VPC

o

Nexus FEX Support

o

Other

14 | NetBrain® Enterprise Edition 6.0

Release Notes

Other Enhancements

Thin Client (Overview) NetBrain v5.4G1, was the first NetBrain release to offer client functionality through a web browser, including limited Search, Mapping, and Inventory Management. NetBrain EE 6.0 significantly enhances NetBrain’s Thin Client functionality to include many dynamic mapping and network analysis capabilities found in the Rich Client – accessible from any PC with access to the network server.

15 | NetBrain® Enterprise Edition 6.0

Release Notes

Thin Client - Overview Map Upon login to the Thin Client interface via a Web Browser, the Network Overview Map is shown by default. 1. From the Hierarchy View, the Overview Map indicates the parent-child relationships of all sites in the network. 2. Click

to switch to the Topology View, which shows the relationships between all leaf sites in the current network.

3. Click

to adjust the layout and

16 | NetBrain® Enterprise Edition 6.0

to update the Overview Map once the network site structure is changed.

Release Notes

Thin Client - Search The new Single Search option combines NetBrain’s Visual Search option with the A/B Path option from a single location. Search any hostname, IP address, mask, config file etc. Or map between two endpoints instantly.

1

1. Intelligence for Search 2. Entry for Path & Site pane

2

Search Examples: hostname, IP address , IP/MASK, any string from a config…

17 | NetBrain® Enterprise Edition 6.0

Release Notes

Thin Client - Search The new Thin Client interface supports the same on-demand mapping functionality as the Rich Client. You can generate a dynamic network map directly from the Search results.

Click to create map

18 | NetBrain® Enterprise Edition 6.0

Release Notes

Topology Map - Create dynamic L3/L2 Map You can also “drag and drop” devices from the site pane to create a new topology map. Similar to the NetBrain Rich Client, you can extend neighbors dynamically to expand the map.

Select a device on the map, click

or

to

show the Neighbor dialog.

19 | NetBrain® Enterprise Edition 6.0

Release Notes

Topology Map – View Device Data You can view detailed device information for any device on the map. Select a device to see information about device properties, configuration, CLI commands, and more.

20 | NetBrain® Enterprise Edition 6.0

Release Notes

Topology Map – View L2 Map of LAN From a Layer-3 map, you can select a LAN icon to access the Layer-2 map.

21 | NetBrain® Enterprise Edition 6.0

Release Notes

Map Center - Browse Existing Maps The Map Center provides a shared repository for storing and sharing dynamic network maps through a web browser. The Map Center also supports the conversion of Qmaps created by the Rich Client (workstation).

22 | NetBrain® Enterprise Edition 6.0

Release Notes

Map an A/B Path Using the Single Search bar, you can switch to the Path option. Using this feature, you can map the flow between two endpoints and see the execution log as the dynamic path is being processed.

23 | NetBrain® Enterprise Edition 6.0

Release Notes

Inventory Report You can access complete and customized Inventory Report Data from the web browser.

24 | NetBrain® Enterprise Edition 6.0

Release Notes

Highlights – Other Enhancements 1

Improved Qapp Visual Programming Environment

2

Enhanced Thin Client

o

Introduction

o

Introduction

o

How it Works

o

Overview Map

o

Use Cases

o

Search

o

Writing a Qapp

o

Topology Map

o

»

Choosing a Template

o

Map Center

»

Defining Qapp Logic

o

Path

»

Run Qapp

o

Inventory Report

»

Debug Qapp

»

Qapp Task

»

Qapp Recommendation

Writing a Monitor Qapp »

Define monitor Qapp

»

Run monitor Qapp

»

Monitor Qapp Task

25 | NetBrain® Enterprise Edition 6.0

3

Other Enhancements

o

Server Benchmark Enhancement

o

Multi-AS (Automation Server)

o

TACACS+ Authentication Integration

o

L2 Topology Support for VPC

o

Nexus FEX Support

o

Other

Release Notes

Server Benchmark Enhancement In EE 6.0, the Server Benchmark module has been redesigned for improved stability. The system is now able to directly correlate the cause of Server Benchmark failures, including the ability to: o View which devices fail in the Benchmark o Export benchmark failure device logs o Delete outdated summary and device logs in a batch, or let the system automatically delete logs older than several days

26 | NetBrain® Enterprise Edition 6.0

Release Notes

Server Benchmark Enhancement – Details Several new error types have been added to the summary log: o “Invalid license” and “full disk space” errors that may occur when EE starts a benchmark o “No AS” error when EE starts the benchmark and finds no AS configured o Record logs on live data o Record the corresponding device list in the device when one device’s data packets fail to upload. o Errors that occur on building L3/L2 topology o Network Server failure error: Access failure and service down o Automation Server/Network Server and Workspace Server Version inconsistency errors o Errors when the AS/NS are unable to access the Workspace Server o “Build topology” conflict error that occurs when two benchmark tasks are both processing

27 | NetBrain® Enterprise Edition 6.0

Release Notes

Multiple Automation Servers As network tasks executed by NetBrain increase, along with complex computations, the Automation Server may become strained. To improve system performance, it may be necessary to add multiple Automation Servers to balance the load. With distributed processing across Automation Servers, users can expect quicker discovery, search, and mapping. This distributed load capability is new in EE 6.0.

Workspace Server (load balance)

Workspaces

WS runs load balance algorithm

Register (ALL AS) AS1

AS2

AS3

(Discovery)

(Map)

(Search)

…..

ASN

Tasks executed on multiple AS (join load sharing)

Example Deployment of Automation Servers

28 | NetBrain® Enterprise Edition 6.0

Release Notes

TACACS+ Authentication Integration In order to simplify maintenance and operation, NetBrain’s improved authentication backend supports customers’ existing authentication systems. Customers who already have an existing TACACS+ authentication service can integrate it with NetBrain without adding a separate NetBrain login authentication service.

29 | NetBrain® Enterprise Edition 6.0

Release Notes

L2Topology Support for Virtual Port Channel (VPC) NetBrain can now display VPC Peer-Links on a Layer-2 Qmap. This information is collected by the system through parsing of devices’ configuration. NetBrain discovers devices in the same VPC domain, confirms the keepalive destination IP address, and then displays the VPC peer-link with a corresponding legend on the map.

RDENET5596P01:

RDENET5596P02:

vpc domain 100

vpc domain 100

role priority 1000

role priority 2000

system-priority 1000

system-priority 1000

peer-keepalive destination 192.168.0.2

peer-keepalive destination 192.168.0.1 source 192.168.0.2

source 192.168.0.1

peer-gateway

peer-gateway

ip arp synchronize

ip arp synchronize

interface port-channel10

interface port-channel10

switchport mode trunk

switchport mode trunk

spanning-tree port type network

spanning-tree port type network

vpc peer-link

vpc peer-link

interface Ethernet1/17

interface Ethernet1/17

switchport mode trunk

switchport mode trunk

channel-group 10 mode active

channel-group 10 mode active





interface mgmt0

interface mgmt0

vrf member management

vrf member management

ip address 192.168.0.2/30

ip address 192.168.0.1/30

no ip port-unreachable

no ip port-unreachable

30 | NetBrain® Enterprise Edition 6.0

Release Notes

Nexus Fabric Path Extender Support - FEX NetBrain can now determine whether there is a Nexus 2000 connected to other Nexus devices as well as display FEX information as a module in the Device Properties pane. The FEX module information (e.g. model type serial number, etc.) can be exported to the Asset Report.

31 | NetBrain® Enterprise Edition 6.0

Release Notes

Duplicated IP Manager Improvements NetBrain now allows you to manually enable an interface for a duplicated IP address and discard other interfaces which have the same IP address. Additionally, a VRF column has been added to the Duplicated Address Manager to support MPLS networks. The logic for managing duplicated IPs has also been improved, for intelligent and automatic detection.

32 | NetBrain® Enterprise Edition 6.0

Release Notes

Performance Improvements The backend and server automation logic has been greatly enhanced in this release to increase the network scale supported by NetBrain while decreasing processing times for common NetBrain tasks. Below is a table indicating a sample of performance improvements.

Operation

Sample

Pre-6.0

With 6.0

20,000+ Devices

10+

30+

10 Devices

3.8 sec

1.2 sec

30 Devices

4.4 sec

1.2 sec

500 Neighbors

20 sec

1 sec

150 Devices

34+ min

2.5 min

5. Time to Switch from Site Pane to Workspace Pane

20,000 Devices

10 sec

5 sec

6. Time to Display Icons in Search Result

20,000 Devices

~5 sec

~2 sec

88 minutes

41 minutes

11 minutes

1 minute

1. Maximum Concurrent Login Sessions

2. Time to Save a Qmap 3. MPLS Cloud to Blank Map 4. Time to Map Link Group

7. Optimize L2 Topology Building

8. Optimize Load Balancing Path Calculation

33 | NetBrain® Enterprise Edition 6.0

28,000 Devices 7,800 LAN Path through 15 devices

Release Notes

Miscellaneous Improvements Below is a list of other improvements included in this release: o Support to show/hide SNMP location information under a device o Non-privileged users can modify an individual device’s settings if that user has the admin password o Enhancements to Multi-Vendor Support:

New Multi-Vendor Support

Design Reader Support

Path Support

» Avaya Switch

» Nexus

» Checkpoint: Policy and NAT

» Alcatel OmniStack Switch

» Juniper

» Brocade Vyatta vRouter

» Fortinet Fortigate Firewall

» Palo Alto: Policy, PBF, NAT, IPSec VPN

» Juniper QFX System

» Alcatel Lucent Service Router

» Cisco WAAS

» Alcatel OmniSwitch

» Fortinet FortiGate: Policy, PBF, NAT

» MikroTik RouterOS

» NetScreen: Policy, PBF, NAT, IPSec VPN

» Tellabs Switch

» Juniper IPSec VPN

34 | NetBrain® Enterprise Edition 6.0

Release Notes