cc/td/doc/product/rtrmgmt/ism/ism_v2r2
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table Of Contents

Overview of CiscoWorks Blue ISM

How Does ISM Work?

New Features in ISM V2R2

ISM Features Available from a NetView Console

ISM Functions

Router Management

Interface Monitoring

Security Management

Performance Monitoring

Overview of CiscoWorks Blue ISM


CiscoWorks Blue Internetwork Status Monitor (ISM) Version 2 is an application that runs on an MVS mainframe and is integrated with NetView, IBM's network management platform. Now you can manage Cisco routers and other related resources from the NetView console. ISM combines the world of mainframe network management with distributed-router management in LAN and WAN topologies.

This chapter provides an overview of how ISM Version 2 works and describes its features and benefits, including the following sections:

How Does ISM Work?

New Features in ISM V2R2

ISM Features Available from a NetView Console

ISM Functions

How Does ISM Work?

Designed for large SNA and IP networks, CiscoWorks Blue ISM provides NetView operators with full visibility into a Cisco router network from NetView domain, regardless of whether the network is routing SNA traffic. With ISM, a NetView operator can monitor and manage Cisco resources and their interfaces, DSPU resources, Cisco TN3270 servers, Cisco Mainframe Channel Connections (CMCCs), and SNASw resources. ISM operates like a standard NetView application, and works in conjunction with many of NetView's components.

ISM offers you presentation methods:

Standard NetView 3270 presentation services, for those accustomed to operation using 3270-like screens

A Web browser interface, available with NetView 1.2 or later

ISM provides visibility of the router network through the Virtual Telecommunications Access Method (VTAM), and enables management of routers through a NetView console. To manage routers from NetView, a VTAM connection must be established for each router, and the appropriate service point must be defined in the configuration file of each router using Cisco IOS SNA interface commands. The ISM management environment is established via the service point interface integrated into Cisco routers.

ISM enables you to use SNMP to monitor resources, such as Cisco routers that do not have a service point interface. ISM accesses SNMP via TCP/IP installed on the MVS system.

You can use a remote NetView console to issue Cisco IOS router commands, which are usually entered at a local router console. ISM converts these commands to RUNCMDs for communication with the router. The router's service point interface accepts the RUNCMDs issued from a NetView console and transports responses and alerts from the router to the mainframe.

The router responds to the RUNCMDs in the form of network management vector transports (NMVTs), and ISM displays these responses to the mainframe operator in its full-screen panel interface. In addition to responses to RUNCMDS, NMVT alerts are also transported from the router to the mainframe, where ISM provides a connection to the NetView Problem Determination Application (NPDA), NetView's hardware monitor.

For more information on configuring a VTAM connection and verifying the SNA service point of a router, see Chapter 2, "Configuring the Mainframe-to-Router Link," in the CiscoWorks Blue Internetwork Status Monitor Installation Guide.

New Features in ISM V2R2

This release of ISM includes the following new features and enhancements:

SNASw Monitoring

Router CPU and memory utilization by SNASw

SNASw link status monitoring

SNASw port status monitoring

Interface Monitoring Enhancements

Option to bypass monitoring of subinterfaces

Interface reliability logging

Enhanced Frame-Relay support

ISM Features Available from a NetView Console

ISM V2 provides the following features from a NetView console:

Cisco router management and performance monitoring.

ISM Status Summary panel and Resource Status panel showing the status of all network resources being monitored. These status panels provide the following features:

Color-coded status, where the color of the service point name of the resource indicates the status of the resource

Similar to the NetView STATMON display panel

Drill-down interface to other related ISM panels

An options menu that provides easy access to the most commonly used router diagnostic commands

An extended summary view that flags routers with performance problems. This flag indicates the source of the problem and allows you to quickly diagnose the problem.

Security management through operator profile management. Operators are authorized on an individual basis to use both the display and configuration functions of ISM, or limited to using the display-only functions.

Event correlation. Events sent by routers through ISM are correlated with the routers being managed by ISM so you can view the alerts that apply to a specific router.

DSPU, TN3270, CMCC, and SNASw management assistance. Cisco IOS commands typically used to diagnose DSPU, TN3270, and CMCC problems are available via a full-screen interface, simplifying management of these devices.

Command-line interface. NetView operators can connect to a router and issue commands they would normally issue in a Telnet session. This command-line interface does not require TCP/IP at the mainframe.

Filters that allow exception viewing. The routers displayed on the Resource Status panels can be grouped by status or logical group criteria.

Interface performance monitoring. Performance data is collected for routers and interfaces at user-defined monitoring intervals. This data is accessible from a variety of ISM panels.

Router and interface statistics archiving. ISM logs router and interface statistics in virtual storage access method (VSAM) for performance analysis. Performance statistics are logged to VSAM data sets and to SMF. These statistics are available for operator viewing, and are used to analyze performance.

SNA session and RIF data archiving. ISM collects and archives session data for routers connected to VTAM via switched SNA sessions.

Control of all ISM rules and variables, including:

Poll interval settings by router or router group

Management of CPU usage, necessary for monitoring routers, by changing poll intervals by individual router (such as critical network routers)

Terminal Access Controller Access Control System Plus (TACACS+) support, including:

Maintaining a secure router environment when you issue commands from ISM

Requiring a user ID and password to send privileged-mode commands to the router when implementing TACACS+ on a router

Enhanced CMCC management, including:

Automatic discovery of CMCCs and their status

Performance monitoring

Channel monitoring

CMCC and channel connectivity diagram

Support for the following monitor interface types:

ASYNC

ATM

Channel

Ethernet

Fast Ethernet

FDDI

Gigabit Ethernet

HSSI

IBM CLAW

ISDN

Loopback

Multiprotocol (MPC) Point-to-Point

Serial

Token Ring

TUNNEL

Ability to configure CPU and memory thresholds for an individual router (or all routers) and CMCCs.

Monitoring of generic ISM alerts and alarms using NetView's NPDA. ISM alerts you about any of the following events:

Router CPU threshold exceeded

Router memory usage exceeded a threshold

Resource unavailable

Interface unavailable

CMCC CPU threshold exceeded

CMCC memory usage exceeded a threshold

TN3270 free LU threshold exceeded

Usability enhancements. From the NetView console you can perform the following tasks:

Highlight changed values in statistical displays

Filter routers by status, group name, or wildcard referencing in the router name

Control summary and status displays with a user profile setting

Event logging. You can monitor events tracked internally by ISM, including router status changes and operator audit trails, that record changes to ISM management definitions. Event logging provides the following capabilities:

Search variables

Events recorded to SMF

Two data sets for the active and inactive log

Router memory dump. ISM captures the usage of router memory to a VSAM data set, which you can browse using NetView.

ISM Functions

This section describes the following major ISM functions:

Router Management

Interface Monitoring

Security Management

Performance Monitoring

Router Management

The router's management function provides dynamic status information for routers that have been defined to, or discovered by, ISM. Discovery can be either by SNMP traps, or by NMVT alerts sent to MVS.

You can use ISM to perform the following tasks:

Display a list of all the routers in your network that are being monitored by ISM

Display a list of the interfaces by router

Access details about the status of a Cisco router

Access details about interfaces enabled in a router

Set CPU and memory performance thresholds for routers

Set monitoring intervals for routers and interfaces

Discover routers automatically through detection of generated alerts

Display a list of alerts generated by a router and forwarded to NetView

Issue commands to a router

Collect the current configuration of a router, and access a list of archived configuration files that can be used for disaster recovery

View performance history

Interface Monitoring

ISM's interface monitoring function allows you to monitor the interfaces enabled in the routers in your network. You can configure the ISM management environment to specify the types of interface you want to monitor and the interval at which you want them monitored. Additionally, you can monitor interfaces on a per-router basis, display the details about a specific interface, and obtain interface history and performance data.


Note When ISM is monitoring interfaces, it automatically begins monitoring any new supported interfaces that it discovers.


You can monitor the following types of interfaces:

Asynchronous

Asynchronous Transfer Mode (ATM)

Channel

Ethernet

Fast Ethernet

Fiber Distributed Data Interface (FDDI)

Gigabit Ethernet

High-Speed Serial Interface (HSSI)

Integrated Services Digital Network (ISDN)

IP over Claw

Loopback

Multiprotocol (MPC) Point-to-Point

Serial

Token Ring

Tunnel

See "Monitoring Interfaces," for more information on monitoring interfaces, and see Chapter 3, "Enabling the ISM Environment," for more information on configuring the ISM management environment.

Security Management

In addition to the standard security features offered by NetView and the Cisco IOS software, ISM provides the following security features:

Operator management—ISM can define authority levels that dictate the ISM actions an operator can perform.

Transparent support of router security--ISM passes all security required by the router to the ISM operator. If TACACS security is implemented in the router, ISM also requires a user ID and password to communicate with the router.

Password suppression—ISM suppresses all passwords entered by operators who issue commands that require passwords.

Command logging—ISM logs each command issued from ISM. ISM also logs the name of the operator who issued the command. The ISM event log records operator actions that result in router state changes.

Under SNMP, ISM supports only the GET and GETNEXT commands.

Do not bypass ISM by issuing RUNCMDs directly to a router. Bypassing ISM creates the following security issues:

If an authorized user logs in to a router in enabled mode, all operators can issue authority-level commands to the router.

Without the ISM interface, there is no queue scheduling. This could allow any operator to receive data that is being sent in response to a command issued by another operator.


Caution ISM does not prevent you from using security features provided by your system, or by NetView. If you are concerned about operators issuing RUNCMDs directly, you can alter NetView to prevent specific operators from issuing specific RUNCMDs and ISM commands.

NetView security features used by ISM include operator registration and passwords, and command facility security.


Note For more information on NetView security features, refer to the appropriate NetView manual.


Cisco IOS software security features used by ISM include the enable password feature and TACACS+.

Performance Monitoring

You can use ISM to define router CPU and memory performance thresholds that, when exceeded, alter the status of the router on the ISM status panels. ISM provides data that you can use to evaluate the performance of the routers, interfaces, DSPU and CMCC resources in your network.

You can use the following methods to monitor the performance of these resources:

Define CPU and memory performance thresholds for routers and CMCCs, and view the exceptions.

View real-time collected performance data for routers, interfaces, and CMCCs.

Log the performance of an interface or router (at user-defined intervals), and measure the results using the archived performance data.

View the details of archived performance data.

Log data to SMF.


hometocprevnextglossaryfeedbacksearchhelp

Posted: Wed Oct 13 00:38:32 PDT 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.