Cisco Prime Network User Guide, 3.9 - Cisco Prime Network Client Overview [Cisco Prime Network]

Table Of Contents

Cisco Prime Network Client Overview

Basic Prime Network Terminology

Prime Network Security: Permissions, Roles, and Scopes

Prime Network Vision

Prime Network Events

Cisco Prime Network Client Overview

Cisco Prime Network (Prime Network) provides a suite of GUI tools that offer an intuitive interface for managing the network and services, and for performing required system administration activities. The Prime Network client application suite comprises Prime Network Vision, Prime Network Events, and Prime Network Administration.

The following topics provide an introduction to Prime Network terminology and client applications:

•Basic Prime Network Terminology

•Prime Network Security: Permissions, Roles, and Scopes

•Prime Network Vision

•Prime Network Events

Note For information about the Prime Network Administration application, see the Cisco Prime Network 3.9 Administrator Guide.

Basic Prime Network Terminology

Table 1-1 provides a brief explanation of the terms used in the Prime Network clients and documentation.

Table 1-1 Definitions

Term

Description

aggregation

A user-defined collection of network elements. For example, an aggregation can contain devices, links, VPNs, and other aggregations.

alarm

Sequence of event notifications that share the same source, cause, or fault. For example, if a single port goes up and then down, these two events in a related sequence may result in a single alarm. An alarm is stateful and is opened when a fault is first detected. Event notifications may be added to the alarm, and it is archived when it is fixed.

association

A relationship between the following types of network elements:

•A logical (protocol-oriented) network element and a physical network element

•A logical network element and another logical network element

•An existing association and anything else

An example for a VPN would be an association between the physical IP interface and Virtual Routing and Forwarding (VRF) table, which is the associated routing table. An association is not considered a topological link.

business element

Construction or organization of certain network elements and their properties into a logical entity, to provide the ability to track them in a way that makes sense from a business perspective.

A virtual private network (VPN) is a business element, which represents a set of interconnected sites that form a single network over a public network. Prime Network organizes the business elements in a way that creates a containment hierarchy that reflects the VPN structure.

business tag

A string that is meaningful to the business, and that can be used to label a component of a network element for use in Prime Network screens and reports.

There are three types of business tags: subscriber, provider, and label. Business tags are stored in the Prime Network gateway database.

event

In the context of network management, a discrete activity that occurred at a specific point in time.

link

A physical or logical connection between:

•Two devices in the network

•A device and an aggregation

•Two aggregations

logical link

An association between two network elements (based on a chain of physical links between the elements); for example, a tunnel.

managed element

A network element that is managed by Prime Network; for example, a device, cloud, or Internet Control Message Protocol (ICMP) VNE.

network element

Any physical component or device in the network that can be managed through an IP address.

physical link

A link between physical network objects; for example, a connection between two physical ports.

provider

The party providing a service.

subscriber

The party receiving a service.

ticket

Object that represents an attention-worthy root alarm whose type is marked in the registry as "ticketable." A ticket has the same type as the root alarm it represents, and it has a status, which represents the entire correlation tree. A ticket can be acknowledged by the user.

Both Prime Network Vision and Cisco Prime Network Events display tickets and allow you to navigate down to view the consequent alarm hierarchy.

From an operator's point of view, a fault is always represented by a complete ticket. Operations such as Acknowledge or Remove are applied to the whole ticket.

virtual cloud or unmanaged network

Network, or part of a network, that is not managed by Prime Network. An unmanaged network is often represented in network diagrams by a cloud symbol or image.

VLAN

Virtual local-area network (LAN). Group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

VPN

Virtual Private Network. Enables IP traffic to travel securely over a public TCP/IP network by encrypting all traffic from one network to another. A VPN uses tunneling to encrypt all information at the IP level.

Prime Network Security: Permissions, Roles, and Scopes

Prime Network provides enhanced security when working with and managing the Prime Network system. Users are assigned permission levels for an operational scope, enabling them to perform only the functions assigned to the scope and defined security level. A user can be assigned more than one security level.

Permission

The user's ability to perform certain tasks. There are two types of permissions: GUI-related and element-related.

•GUI-related—Applies only to the activities that are related to GUI functionality, and not the activities related to network elements. For example, a user with the default permission Viewer can view maps and the element list. For more information, see the Cisco Prime Network 3.9 Administrator Guide.

•Element-related—Enables the administrator to group a collection of managed elements (in Prime Network Administration) to allow the user to view and manage the elements based on the user's role or permission. After the user is allocated a scope (group of elements) and a role, the user can then perform various activities on the allocated elements, such as viewing maps or generating reports on the elements using Report Manager. For more information, see the Cisco Prime Network 3.9 Administrator Guide.

Roles

Prime Network implements a security engine that combines a role-based security mechanism that is applied on scopes of network elements granted per user. The system supports:

•User account creation

•Network element scope definition

•A set of five predefined roles for security and access control that allow different system functions. The roles, listed from the lowest security level to the highest security level, are:

–Viewer—Have read-only access to the network and to nonprivileged system functions.

–Operator—Configure business tags and perform most day-to-day operations.

–Operator Plus—Fully control alarm life cycle and create maps.

–Configurator—Activate services and configure the network.

–Administrator—Manage the system configuration and security.

Note Viewer is the lowest security level, and Administrator is the highest. A user with a higher security level can perform all the Prime Network functions assigned to a user with a lower security level.

Each user is assigned a permission level for an operational scope, which enables the user to perform certain tasks. Every user has a private username and password. A user can log in from any workstation with their own set of permissions and operational scope. When a user does not have the required permission level to perform a function, the appropriate menu option or button is disabled.

The administrator is responsible for defining the types of activities that the user can view and perform using Prime Network Administration. For more information about user security and defining operational scopes, see the Cisco Prime Network 3.9 Administrator Guide.

A user's role (their default permissions) applies only to the activities that are related to GUI functionality, not the activities related to network elements (which are controlled by scopes). Default permissions control Prime Network functions.

Scopes

A scope is a named collection of managed network elements that have been grouped together to allow a user to view or manage the network elements, based on their access role. Grouping can be based on geographical location, network element type (such as DSLAM, router, or software), network element category (such as access or core), or any other division according to the network administrator's requirements.

For example, using Prime Network Vision, a user who has been assigned a scope can view or manage the network elements within this scope, according to the role assigned to the user for that scope. The user cannot view any information regarding network elements that are outside their scope, including basic properties, inventory, and alarms.

Prime Network Vision

Prime Network Vision is the main GUI application used to visualize the network through network and service maps, to view element physical and logical inventories and connectivity, and to manage device configuration and software images. It provides total visibility for multiple-tier, multiple-technology networks, and supports fault and configuration functionality. The highly optimized, customizable GUIs enable constant, system-wide surveillance of the network and service states, down to the node level.

Prime Network Vision supports the creation of multiple network maps to represent specific network views. Views can cover specific network segments, customer networks, or any other mix of network elements desired. Once the maps have been created, they are available for all connecting clients (with support for fine-grained access privileges).

Prime Network Vision enables you to:

•View network inventory and multiple-layer connectivity.

•Troubleshoot, monitor, and manage network elements.

•Model and view network maps, maintaining up-to-date topological information on connections, traffic, and routes.

Prime Network Vision maps based on Prime Network's representation of VNEs provide a graphic display of active faults and alarms, and serve as an easy access point for activation of services. Prime Network provides rich functionality for displaying and managing network maps by providing:

•Multiple concurrent maps per user.

•Easily customizable hierarchy of nested submaps, aggregations, and business tags with easy navigation up and down the hierarchy.

•Dual views of the network in a hierarchical tree, as well as in topological maps, including all network connections.

•Network elements and links using color cues and graphic symbols to indicate status and alarms.

•Mouse point-and-click drill-down from every element (either from the tree or map), providing detailed internal physical and logical inventory information.

For details on using Prime Network Vision when working with specific technologies, see the following topics:

•Carrier Ethernet services—Chapter 12 "Monitoring Carrier Ethernet Services"

•Carrier Grade NAT properties—Chapter 13 "Monitoring Carrier Grade NAT Properties"

•Dense wavelength division multiplexing (DWDM) services—Chapter 14 "Monitoring DWDM Properties"

•Ethernet Operations, Administration, and Maintenance (E-OAM) tool properties—Chapter 15 "Viewing Ethernet Operations, Administration, and Maintenance Tool Properties"

•IPv6 and 6VPE technologies—Chapter 16 "IPv6 and IPv6 VPN over MPLS"

•Multiprotocol Label Switching (MPLS) services—Chapter 17 "Monitoring MPLS Services"

•Mobile Transport over Packet services—Chapter 18 "Monitoring MToP Services"

•Session Border Controller properties—Chapter 19 "Viewing SBC Properties"

Prime Network Vision is also the launch point for:

•Cisco PathTracer

•Prime Network Soft Properties Manager

•Prime Network Command Builder

•Prime Network Report Manager

•Prime Network Change and Configuration Management

•Prime Network Activation

Cisco PathTracer

Cisco PathTracer enables you to perform end-to-end route tracing with pertinent performance information displayed simultaneously for the multiple networking layers. Upon receiving a path's starting point and end point, Cisco PathTracer visually traces the route through the network. For more information about Cisco PathTracer, see Chapter 11 "Using Cisco PathTracer to Diagnose Problems."

Prime Network Soft Properties Manager

The Prime Network Soft Properties Manager enables you to manage soft properties and threshold-crossing alarms (TCAs).

The Prime Network Soft Properties Manager allows you to extend the set of supported properties for each network element by adding soft properties to the VNEs. These properties extend the Prime Network Information Model Object (IMO) and are available through the client GUI as well as through the Broadband Query Language (BQL) API.

Soft properties are retrieved from the network element using Simple Network Management Protocol (SNMP), Telnet, Secure Shell Protocol (SSH), or Transaction Language One (TL-1).

In addition, alarm thresholding enables you to constantly monitor selected properties and generate an alarm each time they cross a user-defined threshold or violate a condition.

The Prime Network Soft Properties Manager tool is typically used by integrators or other users who want to manage the soft properties and TCAs that are executed within the Prime Network platform.

For more information on the Prime Network Soft Properties Manager, see the Cisco Prime Network 3.9 Administrator Guide.

For more information about using BQL with Prime Network, see the Cisco Prime Network 3.9 Integration Developer Guide.

Prime Network Command Builder

The Prime Network Command Builder enables you to execute a programmable sequence of SNMP or Telnet command lines. These command lines can include data properties taken from the Prime Network information model (built-in) or user-defined input parameters entered during runtime.

The Prime Network Command Builder is launched from a managed element (Prime Network-modeled VNE) such as a port, typically from the Prime Network Vision inventory window. The managed element is then used to develop and test the command. Once the command has been completed, you can publish it and attach it to a wider scope of managed elements.

For more information on the Prime Network Command Builder, see the Cisco Prime Network 3.9 Customization User Guide.

Prime Network Report Manager

The Prime Network Report Manager enables you to generate, customize, view, and export a variety of reports about events, traps, tickets, syslogs, software versions, elements, and network services. The Report Manager, available from Prime Network Administration, Prime Network Vision, and Prime Network Events, provides out-of-the-box reports for events, inventory, and networks services.

The Report Manager enables you to:

•Produce reports on demand.

•Save generated reports in PDF, CSV, HTML, XLS, or XML format.

•Customize reports for your environment.

•Generate reports for the nonactionable events that are not displayed in Prime Network Events.

For information about reports and Report Manager, see Chapter 10 "Working with Reports."

You can also retrieve reports using BQL. For more information, see the Cisco Prime Network 3.9 Integration Developer Guide.

Cisco Prime Network Change and Configuration Management

Prime Network Change and Configuration Management provides tools that allow you to manage the software and device configuration changes that are made to devices in your network. Device configuration management tools are provided by the Configuration Management (CM) function, and software image management tools are provided by the Network Element Image Management (NEIM) function.

For more information on Prime Network Change and Configuration Management, see the Cisco Prime Network 3.9 Change and Configuration Management User and Administration Guide.

Cisco Prime Network Activation

Prime Network Activation is a GUI client that you can use to create Activation wizards. Activation wizards are GUI wizards that are added to the Prime Network Vision GUI client. Operators can launch these wizards to create, modify, and delete activations on network devices. The Activation Wizard Builder (AWB) provides a user-friendly interface for creating wizards according to the needs of your network. For more information, see the Cisco Prime Network 3.9 Customization User Guide.

Prime Network Events

Prime Network Events is the interface used by administrators for viewing system events and tickets that are generated within the Prime Network system.

Prime Network Events is a GUI application that serves as a browser for viewing and retrieving detailed information about the different types of system events and tickets that are generated. Monitoring with Prime Network Events helps predict and identify the sources of system problems, which in turn assists in preventing future problems.

You can configure Prime Network Events to display the following information:

•Number of events per page.

•Number of events to be exported to a file.

•Previous dated events (in weeks).

•Filter options.

•The information that appears in Prime Network Events tabs, such as the Audit tab.

System managers or administrators periodically review and manage the events list using Prime Network Events. In addition, when an event occurs in the Prime Network system, the details become available in Prime Network Events.

All administrator activities in Prime Network Administration are logged and available in Prime Network Events. For more information on Prime Network Administration, see the Cisco Prime Network 3.9 Administrator Guide.