This chapter provides an overview of the CiscoWorks Blue Native Service Point (NSP) Release 2 program and its functions and benefits.
This chapter provides information on:
Designed for customers with large Systems Network Architecture (SNA) networks, CiscoWorks Blue NSP enables NetView operators to have full visibility of a Cisco router network from a single NetView console regardless of whether that router network is routing SNA traffic.
NSP provides visibility of the router network to the virtual telecommunications access method (VTAM), enabling management through a NetView console. Commands traditionally entered at the router console can be issued from a NetView console. These commands are then converted to RUNCMDs by NSP. The router responds to the RUNCMD in the form of network management vector transports (NMVTs) and these responses are displayed to the mainframe operator as a full-screen panel response. In addition to responses to RUNCMDS, NMVT alerts are also transported from the router to the mainframe where they are displayed by the NetView event display features.
The NSP suite of applications enable a NetView operator to monitor and manage Cisco routers, downstream physical unit (DSPU) resources, and Cisco Channel Interface Processors (CIPs) from a NetView console.
The NSP management environment is established via the service point interface that is integrated into Cisco routers. This service point interface accepts the RUNCMDs issued from a NetView console and transports responses and alerts from a router to the mainframe.
To manage routers from NetView, a VTAM connection must be established for each router and the appropriate service point must be defined in the configuration file of each router using Cisco Internetwork Operating System (Cisco IOS) software SNA interface commands. For more information on configuring a VTAM connection and verifying the SNA service point of a router, see the "Preparing to Install Native Service Point" chapter.
NSP provides the following from a NetView console:
- Cisco router management and performance monitoring
- NSP displays a summary of all the routers being monitored by NSP via the service point function. The color in which the service point name of a router displays indicates the status of the router. Statuses include up, down, connect, performance degraded, interface down, and alert received. This status panel also includes a command pop-up menu, which makes some of the most commonly-used router diagnostic commands easily accessible to a mainframe operator.
- NSP also provides an extended summary view that displays flags next to a router that is experiencing performance problems that indicate the source of the problem. This feature enables operators to quickly diagnose the performance problems a router may be experiencing.
- Security management via operator profile management
- Added security support allows operators to be individually authorized to use either the display only functions of NSP or to use both the display and configuration functions.
- Events sent by routers through NSP are correlated with the routers being managed by NSP to enable operators to easily view those alerts that apply to a specific router.
- DSPU and CIP management assistance
- Cisco IOS software commands that are typically used to diagnose CIP and DSPU problems are available via a full-screen interface to make management of these devices simpler.
- NSP provides a command line interface that enables NetView operators to connect to and issue any commands to a router that they would normally issue via telnet session to the router. This command line interface does not require TCP/IP at the mainframe.
- Filters that allow exception viewing
- The routers displayed on the Router Status panels can be grouped based on status or logical group criteria.
- Interface performance monitoring
- Performance data is periodically collected for routers and interfaces at user-defined monitoring intervals and is viewable from a variety of NSP panels.
- Router and interface statistics archiving
- NSP logs router and interface statistics in virtual storage access method (VSAM) for performance analysis. Performance statistics for both the routers and the interfaces enabled in those routers are logged to VSAM data sets that can be used later for performance analysis.
- Routing information field (RIF) archiving
- If CiscoWorks Blue SNA View Release 1.1 is installed, operators can display route information for sessions that pass through the routers being managed by NSP.
With NSP, you can monitor the performance of Cisco routers from your NetView console as well as monitor the performance of the interfaces enabled in your routers. You can view a list of alerts generated by these devices and sent to NetView. You can also control the functions an NSP operator can perform.
Specifically, you can use NSP to:
- View a list of routers in your network.
- Monitor and view status information for routers and the interfaces configured in the routers.
- Logically group routers (for example, by region, department, or device type).
- Filter routers by status.
- Connect to and issue commands to a router via a command line interface.
- Collect the current configuration of a router as well as obtain a list of archived configuration files that can be used for disaster recovery.
- Create profiles for NSP users that dictate the functions they can perform using NSP.
- Define and monitor DSPU resources.
- Monitor CIPs.
- If running CiscoWorks SNA View, view SNA View routing information history.
NSP has four main functions:
The following sections briefly describe the benefits of the NSP functions.
The router management function of NSP provides dynamic status information for routers that have been defined to or discovered by NSP.
You can use NSP to:
- Display a list of all the routers in your network.
- Display a list of the interfaces enabled in each router.
- Access details about the status of a Cisco router.
- Access details about interfaces enabled in a router.
- Set CPU and memory performance thresholds for routers.
- Set monitoring intervals for routers and interfaces.
- Receive automatic router discovery via NSP detection of generated alerts.
- Display a list of alerts generated by a router and forwarded to NetView.
- Issue commands to a router.
- Collect the current configuration of a router and access a list of archived configuration files that can be used for disaster recovery.
The interface monitoring function allows you to monitor the interfaces enabled in the routers in your network. When you configure the NSP management environment, you can specify what types of interfaces you want to monitor and the interval at which you want the interfaces monitored.
You can monitor interfaces by type or on a per-router basis. You can also display the details about a specific interface as well as obtain interface history and performance data.
Note During interface monitoring, any new interfaces discovered by NSP are added.
The types of interfaces you can monitor are:
- Ethernet
- Fiber Distributed Data Interface (FDDI)
- Async
- Token Ring
- Serial
- Loopback
- Channel
- High-Speed Serial Interface (HSSI)
For more information on monitoring interfaces, see the "Monitoring Routers" chapter. For more information on configuring the NSP management environment, see the "Configuring NSP" section of the "Installing and Configuring Native Service Point" chapter.
In addition to using standard security features offered by NetView and the Cisco IOS software, NSP also provides the following security features:
- Operator management--NSP provides the ability to define authority levels that dictate the actions an operator can perform using NSP.
- Password suppression--NSP suppresses all passwords entered by operators issuing commands that require passwords.
- Command logging--NSP logs each command issued from NSP. NSP also logs the name of the operator who issued the command.
If an operator bypasses NSP by issuing RUNCMDs directly to a router, the following security issues are created:
- If an authorized user logs in to a router in enabled mode, all operators can issue the authority-level commands to the router.
- Without the NSP interface, there is no queue scheduling. This results in the possibility of any operator receiving data that is being sent in response to a command issued by another operator.
| Caution NSP does not preclude you from using any security features provided by your system or NetView. If there is a concern about operators issuing RUNCMDs directly, operator command authorization can be altered in NetView to keep specific operators from issuing specific RUNCMDs and NSP commands. However, the granularity to which operator command scoping can be done may vary depending on the NetView release. |
NetView security features utilized by NSP include:
- Operator registration and passwords
- Command Facility security
For more information on NetView security features, refer to the appropriate NetView manual.
Cisco IOS software security features used by NSP include:
- The enable password feature
NSP enables you to define router CPU and memory performance thresholds so that when the thresholds are exceeded the status of the router on the Router Status panels is altered. NSP provides data that enables you to evaluate the performance of the routers, interfaces, and DSPU and CIP resources in your network.
You can monitor the performance of these devices by:
- Defining CPU and memory performance thresholds for routers and viewing exceptions
- Viewing real-time collected performance data
- Logging, by user-defined intervals, the performance of an interface or router and measuring the results using the archived performance data
- Viewing the details of archived performance data