NetBrain In Action Real World Use Cases: © 2004-2012 NetBrain Technologies Inc. All rights reserved Troubleshoot Slow Applications Step 1 » Map Application Flows. Identify the source and destination of a slow application and enter them into the traffic path wizard. Step 2 » Lack of documentation and historic data for applications Difficult to visualize network slowness Monitor From the Map. Click the “Monitor” button in the map’s floating menu, and launch performance and connectivity diagnosis. Step 3 » Challenges: Analyze the History. Click the “Compare” button to discover what’s changed in configuration and routing for the relevant devices. Solutions: Use Dynamic Diagram to map out application flows Diagnose from a map Common Causes: Congested WAN links High CPU/Memory utilization of routers Unstable routing Asymmetric flows Speed/duplex mismatch Performance metrics for an application are visualized in real-time Troubleshoot Network Connectivity Step 1 » Challenges: Map L3 Connectivity. No up-to-date documents about servers’ physical and logical connectivity Enter the IP address of a server in the “Search” dialog, and click the “Map” button in the search results. Step 2 » Map L2 Connectivity. Click the red “+” sign near the switch icon and extend the neighboring switches and routers in the same VLAN. Step 3 » Solutions: On-demand document automation Launch Diagnostic Monitoring. Click the “Monitor” button in the map’s floating menu, and launch performance and connectivity diagnosis. Common Causes: A L3 Heat Map A L2 Heat Map Broken cable Switch port in disabled mode by spanning tree or error-disable Server plugged into wrong port Gateway Router not functioning Misconfiguration Link down/flapping Troubleshoot Route Flapping Step 1 » Challenges: Map Out Core Network. Route flapping is transient in nature – difficult to catch and pinpoint root cause Search the core devices by name and group them into a device group. Map the device group via the right-click menu. Step 2 » Discover Flapping Routes. Benchmark the routing tables of all core devices. Then compare new routing tables against the baseline. Discover modified routes by smallest age. Step 3 » Solutions: Use routing table analyzer Trace to the Source. Drag-and-drop the route entry to the Qmap, and trace to the source of instable routes hop-by-hop. Common Causes: Drag-and-drop the entry to a Q-map Link flapping Router CPU overload Routing peer reset Network worm attack Troubleshoot Packet Loss Across MPLS Step 1 » Drag-and-drop an MPLS cloud into a map and extend key devices around the cloud. Step 2 » Challenges: Map a MPLS Cloud Network. No visibility into a service provider’s MPLS cloud Monitor From the Map. Click the “Monitor” button in the map’s floating menu, and launch performance and connectivity diagnosis. Step 3 » Detect Packet Loss via IPSLA Solutions: Map-driven IPSLA Toolkit For advanced performance diagnosis, rightclick on hub routers and select the IPSLA menu. Common Causes: QoS classification errors Physical errors at Demac Congested MPLS core Mismatch of CE-PE configuration Troubleshoot Bandwidth Hogging Step 1 » Map Problem Area Identify the source and destination of a slow application and enter them into the traffic path wizard. Step 2 » Monitor to Identify Over-utilized Links. Click the “Monitor” button in the map’s floating menu, and launch performance and connectivity diagnosis. Step 3 » Drill-Down the Top-Talkers Challenges: Difficult to pinpoint congested links Time-consuming to setup probes to track down bandwidth-hogging devices Solutions: Heat Map along with IP Accounting Right-click on the utilization label, and select “IP Accounting” to discover the top-talkers (assuming IP accounting is turned on in the router). Common Causes: Unauthorized network use Looping traffic caused by misconfiguration Virus attack Plan Network Migration Step 1 » Map the Existing Network. Document automation dialog Very time-consuming to document the network before migration No visual help to plan network migration Search devices to be modified and drag them into a map. Right-click on the map’s “Auto Link” menu to connect all devices. Step 2 » Model the Future Network By Importing Configuration Files Solutions: Drag new or modified device configuration files into a map to model and visualize the future network design. Step 3 » Challenges: Model network migration based on configuration files Document the Design Click the “Document” button in the map’s floating menu and build an automated design document in Word format. Related Features: Analyze new network design with Design Reader Highlight routing to visualize design New Add a new network device QA Network Changes to Prevent Outages Step 1 » Map the Change Area. Search devices to be changed and drag them into a map. Extend all neighbors of the devices. Step 2 » Benchmark Network Before and After Changes Click the “Benchmark” button, and collect routing, configuration and L2 data before and after changes. Step 3 » Verify the Impacts Click the “Compare Config & Routing” button, and compute routing table and config changes for all devices. Detect routing changes after configuration modification Challenges: A small change may cause major impacts across the entire network, but it is difficult to check all changes manually Solutions: Automate impact verification after each network change When to Use: The comparative analysis of routing, configuration and traffic path should be run after most network changes – because 3 out of 4 network outages are caused by seemingly benign changes Document a Data Center Network Step 1 » Discover a Data Center. Enter a seed router’s IP address in the discovery dialog and execute a data center discovery. Step 2 » Map Device Groups by Automation By combining dynamic search criteria, routers, switches and servers can be grouped in many ways to map a data center automatically. Step 3 » Build Diagrams and Inventory Reports Challenges: It takes weeks or months to discover and document a data center with tracing cables, show commands and Visio Solutions: Advanced discovery and document automation Click the “Export to Visio” and “Asset Report” buttons in the menu bar, and create Visio diagrams and inventory reports. When to Use: Before and after a data center upgrade Data center assessment Assess a Network for VoIP Readiness Step 1 » Challenges: Map Key VoIP Traffic Flows. VoIP is very complex and depends on many advanced technologies to work properly Enter IP addresses of IP-phones and voice gateways into the traffic path wizard, and map out L3 and L2 traffic flows for VoIP. Step 2 » Measure Delay, Jitter and Packet Loss Along Paths Launch IPSLA from the map to measure advanced performance metrics. Step 3 » Analyze QoS Design Launch “Design Reader” from the map to decode QoS and VoIP configuration. IPSLA Measurement Solutions: Automate the analysis of network design and performance Related Features: Apply diagnostic monitoring to VoIP paths Automate documentation for VoIP assessment Map VoIP traffic path instantly Merge Two Independent Networks Step 1 » Discover Each Network Independently Build two workspaces – one for each network by importing configuration files or through discovery. Create two asset reports. Step 2 » Two networks were built without knowledge of the other, and everything has to be reevaluated to avoid conflicts Analyze Overlap Compare the asset reports to find overlapping subnets and overlapping routing protocols. Build maps to describe each conflict. Step 3 » Challenges: Merge Two Networks Virtually Solutions: Plan the network merge in a virtual environment Use one workspace as the base, open each Qmap created in step 2 and design migration steps one map at a time. Related Features: Analyze the new network design with Design Reader Use Search to find the information needed Compare the inventory data of two networks Defend Against Network Attack Step 1 » Challenges: Identify the Offending Hosts Network attacks can come from anywhere, and they are difficult to visualize Get the top-talkers from Netflow, IP accounting or intrusion-detection software. Step 2 » Map Out the Attack Use A/B path mapping or one-IP table to map out the attack flow, whether it is from the inside or outside. Step 3 » Monitor the Traffic Flow Launch the diagnostic monitoring on the map and visualize the attack pattern. Solutions: Map the attack from the inside Use Dynamic Diagram to map out attacks and take defensive action in real-time When to Use: To visualize a denial-ofservice attack to the network and servers To analyze suspicious traffic from a vague host To isolate virus-infected end hosts Map the attack from the outside Become Cisco Certified - CCIE/CCNP/CCNA Step 1 » Use NetBrain for Practice Labs . Use NetBrain to automatically document practice labs step-by-step. It’s easier to learn new skills in a mapdriven environment. Step 2 » Review Essential Skills Through a Map Along the journey towards certification, users can review details of past labs without re-building them. Step 3 » Form a Visual Study Group Form a study group to share practice labs through Qmaps so that everyone can save time. Visit networkdiagram.com for examples. Challenges: It takes a long time to become Cisco certified. People can forget things learned if not reinforced properly Solutions: Use NetBrain to document practice labs automatically and review past labs visually When to Use: To prepare for CCIE To prepare for CCNP To prepare for CCNA