o Wider technology support - NetBrain» Analyze MPLS and MPLS VPN » Analyze L2 Connectivity ... Path crossing the VRF Lite on Cisco IOS devices and Juniper devices Path crossing inter

What’s New in

NetBrain OE 5.2

• NetBrain Technologies, Inc.

• 65 Network Drive

• Burlington, MA 01803

• Phone: +1 781 221 7199

• Email: [email protected]

• Website: www.netbraintech.com

o More powerful & customizable automation

o Deeper path analysis

o Wider technology support

NetBrain Technologies, Inc. New Feature Guide: Operator Edition v5.2 2

New Features Overview

1. New Qapp for Network Automation

Designed to replace in-house scripting, a Qapp can be customized to automate network analysis tasks by collecting any network data and displaying it live on the Qmap. Data collection can occur one-time or recurring at a specified interval.

2. Deep Application Flow Analysis

The underlying A/B Path Discovery framework has been rebuilt for deeper visibility. Path mapping is more flexible and can be extended to support new network technologies.

3. Large Workspace Support

Customers with very large networks can now more easily manage them within a single workspace.

4. New Live Network Access Method - SSHv2 Public Key Authentication

Now support SSHv2 Public Key Authentication for accessing the live network

5. Usability Improvements

» Visual Search Improvements – Advanced Search filtering and improved Search results presentation

» Multi-Workspace – Open a shared workspace on any workspace server that is connect to the same Customer License Server

6. Functional Enhancements

» System Update - Ability to update entire OE system online

» Topology Stitching - Designed to resolve topology related issues such as Duplicated IP/subnets and IPSec/VPN Tunnel Connectivity.

» Extended Vendor Support - Vendor support has been added for 6 new devices and extended for 6 existing vendors

» Extended API Support - API support has also been extended with seven data import APIs

» Map Layout Enhancements - Compact L2 maps, auto-alignment, highlight selected link on map, etc.


1 | New Qapp for Network Automation

A Qapp is a customizable group of NetBrain functions used to automate network analysis and diagnosis.

The underlying technology is NetBrain Procedures (introduced in OE 5.0).

o Qapps can be easily categorized into Qapp Groups based on their

function (e.g. MPLS, multicasting, QoS, etc.)

o Within a single Qapp Group there are four typical Qapps Categories

used to perform various kinds of network analysis:

» Map – Used to draw or annotate a customized map centered on a particular technology

» Configuration – Used to highlight device configuration pertaining to a particular technology

» Monitor – Used to continuously monitor and update the map with live data collected from the CLI

» Compare – Used to detect config and performance changes pertaining to a particular technology

o A Qapp provides a simple user interface for network analysis. The output of a Qapp can be displayed on

the Qmap.

Example Qapp Group (Analyze OSPF)


Interactive Qapp – Using Qapp

OE v5.2 includes a set of built-in Qapps designed to automate network analysis or troubleshooting

tasks associated with routing, switching, multicasting, QoS, and more:

To use Qapp:

1. Select an available Qapp Group from the drop-down menu.

The available Qapp Categories will change dynamically

2. Select a Qapp Category (i.e. Map, Configuration, Monitor,

Compare)

3. Select the Qapp you want to run

4. The results will be shown on the Qmap and/or output as a

message.


Interactive Qapp – Built-in Qapp Groups

Below is a list of built-in Qapp Groups included with OE 5.2:

» Analyze BGP Neighbors and Routes

» Analyze OSPF Neighbors and Routes

» Analyze IS-IS Neighbors and Routes

» Analyze EIGRP Neighbors and Routes

» Analyze Default Routing

» Analyze Multicast

» Analyze MPLS and MPLS VPN

» Analyze L2 Connectivity

» Analyze QoS


Interactive Qapp – Create new ‘Quick Qapp’

A simple ‘Quick Qapp’ user interface allows users to create

their own custom Qapp without a scripting/programming

requirement:o Step 1: Define execution frequency (one time or recurring)

o Step 2: Define CLI command and retrieve sample data, use parser to get interesting data from output and convert the

relevant data to variables.

o Step 3: Modify the variable position on the map and define analysis condition to trigger alert messages.

*New to 5.2c, a simplified Quick Qapp programming interface

2

21

3


Quick Qapp – Define Keyword Parser (5.2c Enhancements)

Select the relevant CLI output, click Define Variable, the system will pre-define a variable for that data

and auto-detect the variable type (int, string, double)

Auto Fill-in

If the CLI output is presented in paragraphs (e.g. show interface) or in a table format (e.g. show ip eigrp

neighbor) the system will automatically detect and help you create variables (new to 5.2c)


Qapp –Step 3: Define Analysis & Color Logic

Add variable to the Device-Level or Interface-Level which will be displayed on the map

Define condition which triggers an alert message

Define color coding scheme and conditions to trigger color changes


Enhanced Qapp Monitoring Features

Use enhanced hover-over window to see recent history

o View Live and Recent Data

Live monitor data is displayed directly on the map in

‘HeatMap’ view, just like traditional monitoring. To see a

graph of recent history, hover the mouse over the data to

display a pop-up window.

o View Historic Data (Re-Analyze)

The new ‘Re-Analyze’ feature allows you to run analyses

(in the form of Qapp or Procedure) against historical

monitoring data which may align with a time-frame that

a problem occurred. Historical monitoring data is stored

in the Map Data Pane.

While a Qapp is running, monitoring data is recorded and automatically saved to the map.


Monitoring Enhancements (new in 5.2c)

Cumulative event counts (alerts) are displayed on device and timeline


Monitoring Enhancements (new in 5.2c)

NetBrain can now send error/warning notifications via Email

Customize Email

Notification


Interactive Qapp – Manage Qapps

The new Qapp Center houses all the Qapps and

components (e.g. Procedures). You can categorize, manage,

and share Qapps in the Qapp Center.

o Group Qapps into ‘Categories’

Group new Qapps by identifying the Qapp

‘category’ and individual tasks you want to

include via the Qapp Properties window.

» You can assign built-in NetBrain

functions, Procedures, or Qapps to a

specified Qapp Group

» You can also define your own Procedures

and Qapps and build a new Qapp Group.


User Input Dialog

Other Qapp Enhancements – Writing Procedures

Several usability and performance improvements were made to procedures, the underlying technology of

Qapp, including:

o Input Dialog

You can now write interactive procedures that request user input via new Input Dialog

o Procedure Structure Change

New Probe Block which contains multiple probes and input dialogs

o Usability Enhancements for Procedure Editor

» IntelliSense improvements

» Regex improvements

» Interface name translation from short name to long name

o API Enhancements

» Highlight neighbors and devices with multiple colors

» Draw and delete interface notes

» Delete map note

» Smart note with more properties definitions

» Compare text with two input strings


2 | Deep Application Flow Analysis

The underlying A/B Path Discovery framework has been improved. Get deeper visualization into the traffic

flow between a source and destination address by analyzing traffic forwarding decisions at each hop,

covering technologies from Layer-1 through layer-7. The analysis logic can be dynamically extended for new

network technologies that may impact the flow of your application

o Analyze Application Traffic at the

Port Level

Now see how technologies like ACL, QoS,

or NAT impact the flow.

o Deeper Protocol Visualization

Support for L3 & L4 protocol definition

(and port number) for path definition.

o Deeper Traffic Forwarding

Visualization

Visibility down to the packet level at each

hop


Prior to v5.2, NetBrain had limited capabilities when using A/B path mapping on networks with network

technologies such as PBR, NAT, MPLS, QoS, etc. In v5.2, Path Discovery, real traffic behavior is visualized

to show how a flow is impacted by the following technologies and protocols:

» ACL–based packet filter on inbound & outbound

interfaces

» Policy-Based Routing (PBR)

» MPLS core network( PEPPE )

» NAT (improved to cover extended ACL in NAT

configuration)

» Layer 4 TCP/UDP port

Deep Application Flow Analysis - Enhancements

Example Flow Impacted by ACL

You can now specify L3 & L4 protocols during

path definition. If the protocol selected is TCP/UDP,

you can further define the port number.


Deep Application Flow AnalysisACL Packet Filtering

Access-control lists are designed to impact the flow of traffic. For example, a server may be accessible via

a web browser (port 80/443) but telnet traffic (port 23) to the server might be denied. Now, NetBrain helps

visualize traffic filtering at each hop.

Before 5.2Path goes through, even

when ACL denies the

traffic

New in 5.2Correct ACL-based

packet filtering logic is

applied with detailed log

on forwarding decisions


Deep Application Flow AnalysisPolicy-Based Routing Support

In addition to dynamic routing, some networks may leverage PBR (policy-based routing) to route

application traffic based on additional metrics. NetBrain now understands PBR logic and can map the path

across PBR-enable network hops.

Before 5.2PBR Policies are not

taken into consideration

in path calculation

New in 5.2PBR Policies are applied

during path calculation


Deep Application Flow AnalysisPath Across MPLS Core

Modern service provider networks often include MPLS at their core. Using NetBrain, traffic flow across

both single and multiple MPLS domains can now be analyzed side-by-side with traditional routing and

switching technologies.

Before 5.2Path is mapped only

between PE devices

New in 5.2Entire path across MPLS

core network is mapped

with both PE and P

devices included


Deep Application Flow AnalysisOther supported Technologies

Path crossing Virtual Server on F5 load balancer and Netscaler load balancer

Path crossing single AS MPLS VPN on Juniper devices

Many other technologies are supported ‘out-of-the-box’. Leveraging NetBrain Procedures, users can now customize application flow analysis for other technologies and vendors.


Deep Application Flow AnalysisSupported Technologies

Path crossing the VRF Lite on Cisco IOS devices and Juniper devices

Path crossing inter AS MPLS VPN (including option A, B, and C) on Cisco IOS devices and Juniper

devices


Deep Application Flow Analysis Deep Packet Forwarding Logic Visualization

Path Discovery Log provides detailed information hop-by-hop

In addition to mapping an A/B path at the topology level, the new Path Analysis Framework provides

deeper visualization into the traffic forwarding logic at each hop including:

o Checking conditions/configuration on the current device

o Displaying relevant forwarding information on the current device

e.g. routing table, ACL, MPLS forwarding table, etc.

o Recording traffic related technology at each hop to help troubleshoot the application problem

e.g. QoS


Deep Application Flow Analysis - Traffic State View

A Traffic-State is made up of 3 parts: Packet Header, State Information, and Special info:

o Packet Header

This includes L2 Header, L3 Header, and L4 Header.

o State Information

This is used to record information related to forwarding decisions on the current packet (e.g. In Interface, out Interface, next hop

IP, next hop device etc…)

o Special info

This is a field that you can use to record additional details (e.g. QoS class-map name, Routing Protocol, etc…)

Path Log


3 | Large Workspace Support

Customers with very large networks can now more easily manage them within a single workspace:

o Easier to manage big networks up to 50K network devices

Performance improvements enable users to manage a large networks within a single workspace. Users can search, discover paths, view hierarchical site maps of entire workspace without switching workspaces.

o Workstation is lighter to run on PC/laptop

Heavy computing is moved from the workstation to the new Automation Server, including indexing & search service, and schedule discovery service.

o Better overall performance

Key system performance has been significantly improved - especially concurrent operations. Key improvements include:

» Speed up the first-time initialization and subsequent synchronization of workspace by 2X– 3X

» Speed up Map Center Synchronization by more than 10 times

» Run live Monitor more efficiently

New Architecture


4 | Live Network Access with SSHv2

SSHv2 Public Key Authentication is now supported for accessing the live network

o Import Private Key

o Added Login Credential with SSH Public Key Authentication

Available In Live Network Settings Login CLI non-Privilege Mode tab

o Added Jumpbox with SSH Public Key

Authentication

NetBrain allow user to add Jumpbox with SSH Public Key authentication to support the deployment scenario where workstations are not allowed to connect to devices

Supported Key Type

• SSHv1 RSA key

• SSHv2 RSA key

• SSHv2 DSA key

Supported Key Format

• ssh.com

• openssh

• ppk


5 | Visual Search Improvements

The Visual Search functionality has been enhanced and now encompasses:

o Search scope and Advanced search

Customizable search scope and advanced search criteria support provides greater granularity.

o Current map view

New “Preview map” allows you to see the connection of the target device with devices on an open active map.

o Observer integration

Observer view is now accessible from within search results.

o General usability enhancements

» Group selection

» Floating context window for follow up actions


6 | Multi Workspace

A new login window enables users to open a shared workspace on any workspace server that is connect to

same Customer License Server. This is ideal for Managed Service Providers that manage multiple

networks, and require multiple shared workspaces. This new capability eases the burden of remembering

which workspace belongs to which server.

New Login Window


7 | Update Entire OE System Online

The entire OE system can now be updated from the NetBrain website (only the workstation could be

updated online in previous editions).

o One click to update all servers

OE system updates are more efficient with just one click from the CLS (Customer License Server). The system can deliver new updates to the entire system (servers and clients) automatically and concurrently.

o Update OE workstation without local admin

privileges

This enables network engineers to easily update the workstation without system administration assistance.

o Admin view of hierarchical deployment

Admins can see detailed deployment information of all servers in the current OE system. This information can be exported to html file. Info includes:

» IP addresses

» Current software version

» Last updated time

o Viewable update history

All updated history information is saved and can be viewed.

One-Click Update to All Servers

Viewable Update History


8 | Topology Stitching

The new Topology Stitching framework is designed to resolve topology related issues such as Duplicate IP,

Duplicated subnets, and IPSec VPN Tunnel Connectivity.

o Define additional topological relationships

Users can define topological relationships between the devices through a set of pre-defined APIs, such as Add Device, Add Interface, Add Link, etc.

o Generate topology automatically or manually

Users can either use Topology Procedure to automatically generate connectivity or add topological connectivity manually through the Topology Stitching UI.

One-Click Update to All Servers

Previous OE Versions OE 5.2

In previous versions, connectivity between devices using IPSec Tunnel couldn’t be made.

OE5.2 uses topology procedures to automatically create IPSec Tunnel connectivity between Cisco IOS Router, PIX and ASA Firewall.


9 | Extended Multi Vendor Support

Vendor support has been added for 6 new devices and has been extended for 6 existing vendors:

o New Vendor Devices Supported

» IP addresses Xirrus Wireless Array

» Hirschmann

» Huawei switch

» Alcatel Lucent Service Router

» Rugged Swtich ROX2

» Alcatel OmniSwitch

o Extended Support for Existing Vendor Devices

» Palo Alto

» Dell Force 10

» Check Point

» Cisco IOS Switch

» HP ProCurve

» Nortel ERS Switch

Extended Multi Vendor Support in version 5.2c:

About 26 driver changes in 5.2c, list the major items below:

F5 Load Balancer - support more login cases, and parse the floating IP as virtual IP

Checkpoint firewall – enhance parser for Checkpoint SPLAT, support Checkpoint Gaia newly

Cisco Nexus switch - support LLDP, Use “show run all” to retrieve the configuration file to fix the issue with Nexus topology

Cisco IOS-XR - support LLDP and EIGRP routing protocol

Cisco ASA firewall – Identify virtual firewall by parent hostname and context name

Cisco ACE – support alias IP configuration under interface (similar to HSRP) for path

And more…


10 | Extended API Support

API support has been extended. There are now 7 data import APIs supported. More APIs will be defined in

the future.

o Web service API for importing data from 3rd party systems

» Add_Device_By_Config

Add device into NetBrain by importing configuration files.

» Add_Device_By_IP

Add device to NetBrain database for future data collection.

» Set_Device_Attribute

Set device attribute/metadata to import custom attributes into NetBrain device database.

» Get_Device_Attribute

Extract device attributes out of NetBrain database.

» Create_Device_Attribute

Create new attributes for devices.

» Delete_device

Remove device from NetBrain database and clean

up all dependent data.

» Rebuild_workspace

Explicitly rebuild workspace after device import.

Documents

o Wider technology support - NetBrain» Analyze MPLS and MPLS VPN » Analyze L2 Connectivity ... Path crossing the VRF Lite on Cisco IOS devices and Juniper devices Path crossing inter