d-view 7 introduction 2014 july, bdpm@hq. d-view 7 outline architecture features highlight license...
TRANSCRIPT
D-View 7 Introduction
2014 July, BDPM@HQ
D-View 7 Outline
• Architecture
• Features Highlight
• License & Software
• D-View 6 vs D-View 7
• Appendix
Networks DiscoveryReal-time Dashboard Inventory ManagementMonitor - Device ViewMonitor- Topology ViewMonitor- Rack ViewBatch Config - Template / ScriptAdministrative TasksDevice Alert/ System EventsNMS Virtualization
D-View 7 Website
Overview
D-View 7 is a web-based network management system designed to effectively manage device monitoring, configurations and troubleshooting.
Web-based Design D-View 7
Intranet (LAN)
Users can access D-View 7 from anywhere and anytime
No client installation needed for remote access
Branch B
Branch A
Internet
D-View 7 Architecture
Traditional NMS Issues
Devices behind NAT - Connectivity issue1
Require VPN connected to NAT environment for device management
Trouble dealing with devices behind double NAT environment
Vulnerability exposure due to firewall setup - Security issue3
Require certain ports (ex. SNMP, Trap..) open in Firewall
Traffics between NMS and devices are vulnerable for intrusion
Traffic congestion - Scalability issue2
The more devices being managed, the more small packets back to NMS
D-View 7 Architecture
Based on Server & probe architecture
Built-in local probe for discovery and monitoring of devices
Local Probe
Collect & store data from probe(s) Analyze & compile data Dispatch commands from admins
What Server will DO : Discover networks local or remote sites
Monitor and collect data from devices Execute commands on devices
What Probe will DO :
Traditional Issue - NAT
NMS
Double NAT Environment
NAT Environment
Devices behind NAT - Connectivity issue1
Require VPN connected to NAT environment for device management Trouble dealing with devices behind double NAT environment
Router
Router
D-View 7 for NAT Issue
Deploying a probe on each NAT network
Probe discover local network and communicate with D-View server
Double NAT Environment
NAT Environment
Probe
Probe
Router
Router
Traditional Issue - Scalability
Direct communicate with devices causing traffic congestion2
The more devices being managed, the more small packets back to NMS
NMS
Traffic Congestion
D-View 7 for Scalability Issue
Deploying a probe on each subnet to isolate traffic domain
Traffic reduced to one connection per subnet
Probe Probe Probe Probe Probe
Traditional Issue - Security
Vulnerability exposure on firewall setup - Security issue3 Require certain ports (ex. SNMP, Trap..) open in Firewall Traffics between NMS and devices are vulnerable for intrusion
SNMP , Trap traffics allowed on Firewall
Potential networksecurity breach!=
Firewall
Managed Network
SNMP
SNMP Trap
Syslog
NMS
D-View 7 for Security Issue
D-View 7 only leverage port 443 for probe communication
Networksecurity intact
Probe
HTTPs
Managed Network
Firewall
Communicate via TCP 443
Firewall Settings - Traditional NMS
Firewall settings - Security issue3 Require certain ports (ex. SNMP, Trap..) open in Firewall Traffics between NMS and devices are vulnerable for intrusion
SNMP , Trap traffics allowed on Firewall
Potential networksecurity breach!=
Firewall
Managed Network
SNMP
SNMP Trap
Syslog
NMS
Firewall Settings – D-View 7
Networksecurity intact
Probe
HTTPs
Firewall settings - Security issue3
Only needs outgoing TCP 443 for D-View 7 connection
Managed Network
Firewall
Communicate via TCP 443
Feature Highlights
Networks Discovery
Discover devices at background with timely update
Discover devices within NAT/ double NAT environment
3rd-party devices supported
Local Probe
Probe C
NAT Environment 3rd-party devices
D-Link devices
Dashboard
Real-time graphical monitoring, i.e. TOP N templates Separate dashboards for wired and wireless devices
Pie Chart Line Chart
Bar Chart
Customized Dashboard
Granular settings on data source and representation User-defined information type on selected device
Target : Data Type :
Interval :
DAP-2360WLAN Client 1 Minute
AP Congestion Status
10
20
Switch Uplink Traffic Status
Target : Data Type :
Interval :
DES-3018Port Traffic1 Minute
Inventory Management
Overview updated status on all managed devices Quick links to device page or device web GUI for further
management
New York London
Inventory – Device Labels
Tag devices with label for better inventory management Apply multiple labels for the same device from different mgt.
perspectives
RD Team
RD Team RD Team
US Office
US Office
US Office
US Office
UK Office
UK Office
UK OfficeUK Office
D-View 7 Managed Devices
Monitor – Device View
More device specific information categorized by product type
Customize info column for “Monitor-device” table
Radio Status Managed Mode Managed by DHCP SSH Auth. ClientsAccess Point
5GHz On DWC-1000 On 12OffManagedDWL-6600AP
+
2.4GHz On N/A On 5OffStandaloneDAP-2360
Access point specific info
Spanning Tree LACP DHCP LLDP PoE SSH Stacking RMONSwitch
On On On N/A On OnOffOffDES-3200-28
On Off On N/A Off OnOnOnDGS-3120-52
Switch specific info
+Select Table Columns for Switch
Model name
Total Flash
HW Version
Series Number
Stack Status
Event
Uptime
SNTP/ NTP
Spanning Tree
LACP
Trap Status
DHCP Status
SSH Status
LLDP Status
RMON Status
Vendor
FW Version
Label
POE Status
Device
Working Information
Monitor – Device Page View
Show details of device related information - events, logs, tasks, and panel setting
DGS-3200-10
Monitor – Topology
Visual relationships between devices with real-time status
Troubleshoot different subnets directly from topology
W
I
C
W
I
W
I
W
I
C
DGS-1210-10172.18.190.171 DGS-1100-08
172.18.190.66
W
I
C
DES-1100-10172.18.190.11
DES-3528172.18.190.20
DES-3528 172.18.190.88
DGS-3820-24T172.18.190.10
DGS-1210-10172.18.190.171
W
C
Site C192.10.10.200
Site A172.168.1.1
W
I
C
I
C
Simulate virtual topology & links
Site B10.10.1.100
C
Monitor – Custom Topology
Monitor selected devices across different networks in one place
Site A172.168.1.x/24 Site B
10.10.1.x/24
Site C192.10.10.x/24
Select devices from different sites
Define & draw virtual link
Monitor – Rack View
Real time monitor for status of devices, ports and events
Group devices of interest into virtual rack
Simulate rack management in data center
Start Time
Group of Devices
Execution
Config Template
Batch Template Practices
Batch Configuration - By Template
Save time for group settings with various templates Schedule batch configuration one-time or periodically
Change SSID1 to D-Link
Selected Access Points
Immediately
One time job
Batch Config 1
Reboot system
Switches in Room A
4:00 am, Jun-12-2013
Every Sunday
Batch Config 2
Batch Configuration - By Script
Built-in script engine to dispatch CLI commands to a group of devices at once
Use command variables to make script more flexible
Scenario– Hospitality Practices
① Change SSID of APs in each room with room number
② Change SSID encryption to “WPA personal”
AP 1@ Room 1
AP 2@ Room 2
AP 3@ Room 3
AP 4@ Room 4
set interface wlan1 ssid %ssid%
set interface wlan1 security wpa-
personal
Batch Script configuration
Administrative Tasks
1 Set up Tasks
Firmware upgrade Config backup Batch configuration
When to perform One-time or
repetitive perform
Schedule Tasks2 Task results Historical tasks &
results
3 Check Results
Simplify administration jobs by setting up tasks
Schedule one-time or periodical tasks
Device Alert Events
Alert events generated by pre-defined thresholds Customize alert rules by setting monitoring parameters and
thresholds
Monitor Parameter Trigger Threshold Events Type
Error Packet > 5Mpps Warning
CPU Utilization Critical> 90%
Traffic Packet
Memory Utilization > 80% Warning
Info> 10Mpps
System Events
Detailed log activities on D-View 7 system
Track operation history when troubleshooting networks
Know “WHO” does “WHAT” to Prevent Misconfigurations
WHO
Bob
WHEN
Apr-20-2014 17:52
WHAT
Change VLAN settings
WHERE
DGS-3120-24T(172.17.22.1)
Workspace 2 Workspace 3Admin Workspace
Simulate multiple virtual DV7 systems with different scopes
Different workspace for different teams (Multi-tenancy)
Independent environment settings ( Dashboard, Topology, Label…etc) in each workspace
NMS Virtualization - Workspace
Software & License
License Model
Purchase licenses as needed
License is on a “Node and Probe” basis
Every device (i.e. Switch, AP…etc.) is deemed as one node
Probe License
Number of Probe to discover devices in different subnets / locations
Node License
Number of device can be managed by D-View 7
License Tiering
Model Name Probe #
DV-700-P5-LIC 5
DV-700-P10-LIC 10
DV-700-P25-LIC 25
DV-700-P50-LIC 50
DV-700-P100-LIC 100
Model Name Node #
DV-700-N25-LIC 25
DV-700-N50-LIC 50
DV-700-N100-LIC 100
DV-700-N250-LIC 250
DV-700-N500-LIC 500
DV-700-N1000-LIC 1,000
Node License Probe License
License Calculation
License can be accumulated
There is no expiration date on license
Model Name Q’ty # of Node
DV-700-N25-LIC 1 25
DV-700-N250-LIC 1 250
License Purchase Example: How should I purchase license when I need to manage 290 nodes?
D-View 7 comes with free 25 nodes and additional purchase as below needed
Software Edition
D-View 7 Trial Version
25 Nodes
Full feature set included
No expiration date
Available in 3 languagesPurchase licenses to manage more nodes
2 Probes
• English
• Traditional Chinese
• Simplified Chinese
D-View 6 vs D-View 7
D-View 7D-View 6Professional
Stand-alone Application
Windows Server ($$$)
Architecture
Min. Operation System
Server & Probe Base
Windows 7 ($)
Database
License Type
SQL Server ($$$)
Flat Rate
MongoDB (free)
Purchase as Needed
Software Installation
Remote Access
Multiple Packages
-
One Installation Wizard
By Browsers
Major Differences (I)
Multi-tenant Support
Multi-language
-
- English, Traditional Chinese, Simplified Chinese
Major Differences (II)
D-View 7D-View 6Professional
-Background Discovery
-Discovery Behind NAT
Inventory Management Limited
Real-time Dashboard -
Custom Topology View Limited
Rack View -
User Privilege -
Virtual NMS - Workspace
Appendix
D-View 7 Portal
A website with all-need-to-know product information • Product Overview
• Feature Highlights
• License Info
• Software Download ( Free trial/ software patch/ release note )
• Support Center ( Knowledge base/ F.A.Q./ Submit request )
Replace current D-View 6 portalBeta launch for D-Linkers in Q3/2014