NetBrain In Action
Real World Use Cases:
© 2004-2012 NetBrain Technologies Inc. All rights reserved
Troubleshoot Slow Applications
Step 1 »
Map Application Flows.
Identify the source and destination of a slow
application and enter them into the traffic
path wizard.
Step 2 »
 Lack of documentation and
historic data for
applications
 Difficult to visualize network
slowness
Monitor From the Map.
Click the “Monitor” button in the map’s
floating menu, and launch performance and
connectivity diagnosis.
Step 3 »
Challenges:
Analyze the History.
Click the “Compare” button to discover
what’s changed in configuration and routing
for the relevant devices.
Solutions:
 Use Dynamic Diagram to
map out application
flows
 Diagnose from a map
Common Causes:
 Congested WAN links
 High CPU/Memory
utilization of routers
 Unstable routing
 Asymmetric flows
 Speed/duplex mismatch
Performance metrics for an application are visualized in real-time
Troubleshoot Network Connectivity
Step 1 »
Challenges:
Map L3 Connectivity.
 No up-to-date documents
about servers’ physical
and logical connectivity
Enter the IP address of a server in the
“Search” dialog, and click the “Map” button
in the search results.
Step 2 »
Map L2 Connectivity.
Click the red “+” sign near the switch icon
and extend the neighboring switches and
routers in the same VLAN.
Step 3 »
Solutions:
 On-demand document
automation
Launch Diagnostic Monitoring.
Click the “Monitor” button in the map’s
floating menu, and launch performance and
connectivity diagnosis.
Common Causes:
A L3 Heat Map
A L2 Heat Map
 Broken cable
 Switch port in disabled
mode by spanning tree or
error-disable
 Server plugged into wrong
port
 Gateway Router not
functioning
 Misconfiguration
 Link down/flapping
Troubleshoot Route Flapping
Step 1 »
Challenges:
Map Out Core Network.
 Route flapping is transient
in nature – difficult to
catch and pinpoint root
cause
Search the core devices by name and group
them into a device group. Map the device
group via the right-click menu.
Step 2 »
Discover Flapping Routes.
Benchmark the routing tables of all core
devices. Then compare new routing tables
against the baseline. Discover modified
routes by smallest age.
Step 3 »
Solutions:
 Use routing table
analyzer
Trace to the Source.
Drag-and-drop the route entry to the Qmap, and trace to the source of instable
routes hop-by-hop.
Common Causes:




Drag-and-drop the entry to a Q-map
Link flapping
Router CPU overload
Routing peer reset
Network worm attack
Troubleshoot Packet Loss Across MPLS
Step 1 »
Drag-and-drop an MPLS cloud into a map
and extend key devices around the cloud.
Step 2 »
Challenges:
Map a MPLS Cloud Network.
 No visibility into a service
provider’s MPLS cloud
Monitor From the Map.
Click the “Monitor” button in the map’s
floating menu, and launch performance and
connectivity diagnosis.
Step 3 »
Detect Packet Loss via IPSLA
Solutions:
 Map-driven IPSLA
Toolkit
For advanced performance diagnosis, rightclick on hub routers and select the IPSLA
menu.
Common Causes:




QoS classification errors
Physical errors at Demac
Congested MPLS core
Mismatch of CE-PE
configuration
Troubleshoot Bandwidth Hogging
Step 1 »
Map Problem Area
Identify the source and destination of a slow
application and enter them into the traffic path
wizard.
Step 2 »
Monitor to Identify Over-utilized Links.
Click the “Monitor” button in the map’s floating menu,
and launch performance and connectivity diagnosis.
Step 3 »
Drill-Down the Top-Talkers
Challenges:
 Difficult to pinpoint
congested links
 Time-consuming to setup
probes to track down
bandwidth-hogging devices
Solutions:
 Heat Map along with IP
Accounting
Right-click on the utilization label, and select “IP
Accounting” to discover the top-talkers (assuming IP
accounting is turned on in the router).
Common Causes:
 Unauthorized network
use
 Looping traffic caused by
misconfiguration
 Virus attack
Plan Network Migration
Step 1 »
Map the Existing Network.
Document automation dialog
 Very time-consuming to
document the network
before migration
 No visual help to plan
network migration
Search devices to be modified and drag them into
a map. Right-click on the map’s “Auto Link” menu
to connect all devices.
Step 2 »
Model the Future Network By
Importing Configuration Files
Solutions:
Drag new or modified device configuration files
into a map to model and visualize the future
network design.
Step 3 »
Challenges:
 Model network
migration based on
configuration files
Document the Design
Click the “Document” button in the map’s floating
menu and build an automated design document in
Word format.
Related Features:
 Analyze new network
design with Design Reader
 Highlight routing to
visualize design
New
Add a new network device
QA Network Changes to Prevent Outages
Step 1 »
Map the Change Area.
Search devices to be changed and drag
them into a map. Extend all neighbors of
the devices.
Step 2 »
Benchmark Network Before
and After Changes
Click the “Benchmark” button, and collect
routing, configuration and L2 data before
and after changes.
Step 3 »
Verify the Impacts
Click the “Compare Config & Routing”
button, and compute routing table and
config changes for all devices.
Detect routing changes after configuration modification
Challenges:
 A small change may cause
major impacts across the
entire network, but it is
difficult to check all
changes manually
Solutions:
 Automate impact
verification after each
network change
When to Use:
 The comparative analysis
of routing, configuration
and traffic path should be
run after most network
changes – because 3 out
of 4 network outages are
caused by seemingly
benign changes
Document a Data Center Network
Step 1 »
Discover a Data Center.
Enter a seed router’s IP address in the discovery
dialog and execute a data center discovery.
Step 2 »
Map Device Groups by Automation
By combining dynamic search criteria, routers,
switches and servers can be grouped in many ways
to map a data center automatically.
Step 3 »
Build Diagrams and Inventory
Reports
Challenges:
 It takes weeks or months to
discover and document a
data center with tracing
cables, show commands
and Visio
Solutions:
 Advanced discovery and
document automation
Click the “Export to Visio” and “Asset Report”
buttons in the menu bar, and create Visio
diagrams and inventory reports.
When to Use:
 Before and after a data
center upgrade
 Data center assessment
Assess a Network for VoIP Readiness
Step 1 »
Challenges:
Map Key VoIP Traffic Flows.
 VoIP is very complex and
depends on many
advanced technologies to
work properly
Enter IP addresses of IP-phones and voice
gateways into the traffic path wizard, and
map out L3 and L2 traffic flows for VoIP.
Step 2 »
Measure Delay, Jitter and
Packet Loss Along Paths
Launch IPSLA from the map to measure
advanced performance metrics.
Step 3 »
Analyze QoS Design
Launch “Design Reader” from the map to
decode QoS and VoIP configuration.
IPSLA Measurement
Solutions:
 Automate the analysis
of network design and
performance
Related Features:
 Apply diagnostic
monitoring to VoIP paths
 Automate documentation
for VoIP assessment
Map VoIP traffic path instantly
Merge Two Independent Networks
Step 1 »
Discover Each Network
Independently
Build two workspaces – one for each network by
importing configuration files or through
discovery. Create two asset reports.
Step 2 »
 Two networks were built
without knowledge of the
other, and everything has
to be reevaluated to avoid
conflicts
Analyze Overlap
Compare the asset reports to find overlapping
subnets and overlapping routing protocols. Build
maps to describe each conflict.
Step 3 »
Challenges:
Merge Two Networks Virtually
Solutions:
 Plan the network merge
in a virtual environment
Use one workspace as the base, open each Qmap created in step 2 and design migration steps
one map at a time.
Related Features:
 Analyze the new
network design with
Design Reader
 Use Search to find the
information needed
Compare the inventory data of two networks
Defend Against Network Attack
Step 1 »
Challenges:
Identify the Offending Hosts
 Network attacks can come
from anywhere, and they
are difficult to visualize
Get the top-talkers from Netflow, IP
accounting or intrusion-detection
software.
Step 2 »
Map Out the Attack
Use A/B path mapping or one-IP table to
map out the attack flow, whether it is
from the inside or outside.
Step 3 »
Monitor the Traffic Flow
Launch the diagnostic monitoring on the
map and visualize the attack pattern.
Solutions:
Map the attack from the inside
 Use Dynamic Diagram to
map out attacks and
take defensive action in
real-time
When to Use:
 To visualize a denial-ofservice attack to the
network and servers
 To analyze suspicious
traffic from a vague host
 To isolate virus-infected
end hosts
Map the attack from the outside
Become Cisco Certified - CCIE/CCNP/CCNA
Step 1 »
Use NetBrain for Practice Labs .
Use NetBrain to automatically document practice labs
step-by-step. It’s easier to learn new skills in a mapdriven environment.
Step 2 »
Review Essential Skills Through a Map
Along the journey towards certification, users can
review details of past labs without re-building them.
Step 3 »
Form a Visual Study Group
Form a study group to share practice labs through Qmaps so that everyone can save time. Visit networkdiagram.com for examples.
Challenges:
 It takes a long time to
become Cisco certified.
People can forget things
learned if not reinforced
properly
Solutions:
 Use NetBrain to
document practice labs
automatically and review
past labs visually
When to Use:
 To prepare for CCIE
 To prepare for CCNP
 To prepare for CCNA