Partner Support Service 303
Installed Base Management Deployment for
Partner Operations and Technical Staff
July 2013
© 2013 Cisco and/or its affiliates. All rights reserved.
About this presentation
Audience
• Partner Operations and Deployment
• Cisco Engagement Managers
Prerequisite
• PSS 101
Goal
• Understand technical implications of PSS installed base management capabilities
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
Review: Partner Support Service
Develop and deploy services based on both foundational & smart capabilities
Smart
Capabilities
IB Management
Alert Reporting
Device
Diagnostics
Software Updates
Advance Hardware
Replacement
Online Technical Resources
Partner Access to Cisco
TAC
Foundational
Capabilities
Smart
Interactions
- Smart Bonding
- Smart Portal
- Smart APIs
- PSS Support
Community
Combining visibility
to end customer devices
and networks with Cisco
intellectual capital
Drive Incremental Services Revenue
Improve Operational Support Margins
Increase Customer Loyalty
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
Review: Partner Support Service delivery flow
Knowledge Base
Customer
Partner
Back-office Systems
Business Systems
Delivery Systems
PSS Capabilities
Web Services
Network Operations
Partner’s Services
Business Systems
Analytics
Call Home Messages / Alerts
Network Information (Inventory, HW/SW, Configs)
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
Review: Installed Base Management and Alerts
Effective management of entitlements,
contracts, inventory, and RMAs
Smart
Capabilities
IB Management
Alert Reporting
Software Updates
Advance Hardware
Replacement
Online Technical Resources
Partner Access to Cisco
TAC
Foundational
Capabilities
© 2013 Cisco and/or its affiliates. All rights reserved.
Device
Diagnostics
Smart
Interactions
- Smart Bonding
- Smart Portal
- Smart APIs
- PSS Support
Community
• Opens up new revenue
opportunities
• Reduces cost of (renewal) sales
• Simplifies business operations
• Increases operational efficiency
Cisco Confidential
7
Partner Challenges
Reside-at
Location
EOX
Uncovered
Stability
Serial Number
Over Coverage
Under
Coverage
Patch
Management
Ship-to
Location
Unknown
Inventory
Inventory
OS
Config
Entitlement
Contract
Renewal
RMA
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
Partner Challenges + PSS
Inventory Report
Product Alerts
Installed Base
Management & Alerts
Delta Report
Exception Report
Contract
Entitlement
Inventory
Renewal
Ship-to Location
RMA
Consistency
Serial Number
Reside-at Location
Over & Under
Coverage
SLA
Unknown
Bill-to Location
Uncovered
Software
Configuration
EOX
Vulnerability
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
Discovery and Collection Process
Overview
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
© 2013 Cisco and/or its affiliates. All rights reserved.
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Cisco Confidential
12
Discovery and Collection Process
Information Collected
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Collects:
Needs:
•
•
•
•
•
•
•
Device PID
Serial #
Config Info (optional)
Hostname (optional)
IP Address (optional)
© 2013 Cisco and/or its affiliates. All rights reserved.
Device PID
Serial #
Cisco Confidential
13
Discovery and Collection Process
Cisco Collector
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Common Services Platform Collector is the network data collector for PSS
CSP-C is a software package
•
•
•
Has quick installation and configuration
Has superior performance
Has separate client offering intuitive user interface
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
Discovery and Collection Process
Cisco Collector
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Server
Admin Interface
•
•
•
•
•
•
•
•
Discovers the devices on the network
Does the “collecting” from devices and the
packaging and uploading to Cisco
CSP-C application
Hardened Cent OS 5.3
Admin Shell interface (Shell with limited set of CLI)
Two default user accounts (cisco/cisco, admin/admin)
© 2013 Cisco and/or its affiliates. All rights reserved.
Used to configure and operate the collector
Web browser access
Note: Current version of CSP-C has a “built in” web server
for Admin function
Cisco Confidential
15
CSP-C Server Hosting Platforms
Smart
Preferred
for Large Scale
Deployment
Preferred
for remote
customer
CSPC Server
Preferred
Portal
for Large Scale
Deployment
CSPC Server
VMWare
VMWare ESXi
CSPC server
Any OS that
supports VMWare
X86 Server
X86 Server
CSPC Appliance
© 2013 Cisco and/or its affiliates. All rights reserved.
CSPC Virtual Machine
X86 Server
CSPC Virtual Machine
Cisco Confidential
16
Discovery and Collection Process
Basic Workflow
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1. Configure the collector
2. Run the discovery
•
•
•
•
•
•
Download image
Install in an enviroment
Install rule set and
collector certificate
Seup backend comms
© 2013 Cisco and/or its affiliates. All rights reserved.
Use the optional seed file
Select a discovery methodology:
• SubNet/ IP Range
• Exiting Seedfile
• Known devices
• Known IPs
Cisco Confidential
17
Discovery and Collection Process
Basic Workflow
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
3. Run the collection
•
•
•
4. Upload inventory file
Leverage seed file
Device credentials
Discovery device list
•
Transmit inventory file
from collection
Can be
automated
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
Discovery and Collection Process
Basic Workflow
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1. Configure the
collector
Seedfile updates
2. Run the
discovery
Slow Cycle
Initial and significant
event, maybe Monthly,
Quarterly, Yearly
© 2013 Cisco and/or its affiliates. All rights reserved.
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
3. Run the
collection
4. Upload inventory
file
Fast Cycle
Monthly, Quarterly
Cisco Confidential
19
Collection Process
Secure Transmission
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Collector on Customer Network
- Hardened
- No root access
- Password policy enforcement
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Cisco Data Center
- Only accepts connections from registered
systems
- Secure Cisco IT lock-and-key facility
Transport to Cisco Data Center
- AES 128-bit data encryption, and HTTPS or
SSL connection
- Sensitive credentials removed before transport
© 2013 Cisco and/or its affiliates. All rights reserved.
Smart Portal
- Cisco.com credentials
- Partners can see only their data
Cisco Confidential
20
Collection Process
Supported Protocols
Customer
Network
Cisco
Collector
Secure
Transmission
Cisco
Data Ctr
Smart
Portal
SECURE
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
1001011110111011011111001101
10011100101010001101111111110
1001011110111011011111001101
Discovery protocols: SNMP, ICMP, CDP, ARP, LLDP,
Collection protocols: SNMP, Telnet, SSH, HTTP, HTTPS
Upload protocols:
© 2013 Cisco and/or its affiliates. All rights reserved.
HTTPS (443)
Cisco Confidential
21
Upload Protocols and Methods
CSP-C Collector Port Requirements for Uploads
• To ensure a successful upload from a CSP-C Collector to the Cisco backend,
the following ports and specific IP addresses need to be “allow outbound” to the internet.
• ACL’s on customer’s firewall might need to be configured to allow the CSP-C to upload.
Ports
Description
XMPP TCP 72.163.7.138; Port - 5222
- Signaling
Connection to the Cisco backend. Note: customers firewall ACL might
need to be configured to allow this port outbound from the collectors IP
address.
HTTP TCP 72.163.7.138; Port - 7337
- Signaling
Connection to the Cisco backend. Note: customers firewall ACL might
need to be configured to allow this port outbound from the collectors IP
address.
UDP 72.163.7.88; Port - 3478
- Signaling
UDP 72.163.7.88; Port - 4500
- Media
© 2013 Cisco and/or its affiliates. All rights reserved.
This is for IPSEC Tunnel endpoint
Cisco Confidential
22
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
CSP-C Deployment Checklist
Most important things to do be success with a deployment
Preinstall Checklist:
(Read and use the documentation)
Collector
• Location
• Platforms
• Collector Installation
• Make a plan for the deployment
• Know what you need from a Contract perspective
• Smart Portal User
Uploads
• Collector Registration
• Data communications requirements
• Plan your discovery subnet by subnet
• Firewall
• Discovery – SNMP Community Strings..
Quick Start Guide
(Read and use the documentation)
Collection and Device credentials
Customer Requirements:
•Reports
•Inventory
•Security
Note: Arrange a deployment engineer for the first couple of
deployments
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
24
CSP-C
Collector 1
One collector per customer, currently no multi-tenant solution
Customer
1
Customer
Network
Collector
Collector 2
Customer
2
Customer
1
Customer
2
Customer
3
Customer
Network
Customer
Network
Collector
Management
Subnet
Subnet 1
Subnet 2
Subnet 3
Customer
Network
Best place to locate the collector is the network management subnet
because it minimizes router/network ACL issues
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
CSP-C
Partner Network
Customers don’t normally like this
solution due to security concerns.
Could be workable for outsourced
solutions where there is in effect no
Customer Network
Collector
1
Collector
2
VPN
VPN
The internet
Management
Subnet
Management
Subnet
Subnet 1
Customer
Network
© 2013 Cisco and/or its affiliates. All rights reserved.
Subnet 2
Subnet 3
Subnet 1
Subnet 2
Subnet 3
Customer
Network
Cisco Confidential
26
Virtualized CSP-C Deployment Environment
VM Domains
Partners who are
outsourcing-centric
and have control of
the whole network
employ the VMWare
Server to host
several collectors
Collector
1
Collector
2
Collector
3
Partner Network
Collector
4
VPN
VPN
The internet
Management
Subnet
Management
Subnet
Subnet 1
Customer
Network
© 2013 Cisco and/or its affiliates. All rights reserved.
Subnet 2
Subnet 3
Subnet 1
Subnet 2
Subnet 3
Customer
Network
Cisco Confidential
27
Virtualized CSP-C Deployment Environment
Partner Network
Management Consoles connect via VPN to VMWare Server Domains
Hosting applications located in the customers Management Subnet
Management Console
Management Console
VPN
VPN
VM Domains
The internet
App 1
App 2
DD (SCH)
Transport
Gateway
CSPC
Collector
Management
Subnet
Management
Subnet
Subnet 1
Customer
Network
© 2013 Cisco and/or its affiliates. All rights reserved.
Subnet 2
Subnet 3
Subnet 1
Subnet 2
Subnet 3
Customer
Network
Cisco Confidential
28
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
29
Key takeaways
• Read the documentation
• Plan your initial engagement
• Use a Cisco Engagement Manager engineer the first time
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
30
Agenda
Review: PSS 101
Smart Component: Installed Base Management and Alerts
Discovery and Collection process
Collector Deployment
Key Takeaways
Resources
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
31
Documents you can’t live without
Collector:
Smart Portal:
•
•
•
•
•
•
•
•
•
•
CSP-C Preinstall Check List
CSP-C Quick Start Guide
CSP-C Multiple Customer Support Using VMware-based Collectors
CSP-C Supported Hardware and Software
CSP-C Supported Devices
PSS Seedfile Maintenance Guide
Smart Portal Online User Guide
PSS Smart Portal on-line-training
PSS IBM&A Smart Portal Report and Review
Smart Portal User Guide
PSS Security:
• PSS Security Guide
Installed Base Management and Alerts:
Other Useful Links
• PSS IBM&A Deployment Guide
• PSS Support Community (registration required)
• PSS Partner Central Website
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
32
Resources
Assistance
• SSB: Intended to be the 7x24 help desk for Smart Service
• Deployment Engineer: Intended to assist partner deployment engineers during collector deployments. Refer
to note on booking and lead time,
• Cisco TAC: Would highly recommend engaging SSB first
Notes
• Contact detail for SSB in the next slide
• Use of SSB and Deployment engineers via SSB does not carry a financial penalty for your company
• Use of Cisco TAC against a PSS contract will have financial penalty for your company
Online
• PSS Support community: https://supportforums.cisco.com/community/netpro/solutions/smart_services/pss
• Partner Central: http://www.cisco.com/web/partners/services/programs/collaborative/index.html#~ts
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
33
How To Reach the Smart Services Bureau
Contact Smart Services Bureau, 24x7
E-Mail
ask-smart-services@cisco.com
Telephone
From US and Canada:
+1-877-330-9746
From APAC:
Australia 1 800 805 227
From the rest of the world: Choose the appropriate phone number
http://www.cisco.com/warp/customer/687/Directory/DirTAC.shtml
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
34
Q.
“Do I buy the collector?”
A.
Collector software is a zero-cost item supplied as part of PSS. The hardware platform it is hosted on has to be
purchased, but if you are deploying the VMWare solution you may already have the hardware.
Q.
“Is the collector a HW device?”
A.
The collector is a software application that you can choose to deploy into a VMware domain,
or onto a dedicated hardware appliance.
Q.
“Can I control uploads?”
A.
Uploads can be manual or automated. Partner Administrators have the flexibility to configure it either way.
Q.
“Where can I learn more about this topic?”
A.
The PSS Partner Support Community or the PSS page on Cisco Partner central
Q.
“Will the collector see non Cisco devices?”
A.
The Collector sees and records all devices that respond to an SNMP ping.
Unknown and non-Cisco devices are reported in the “unprocessed” devices report in the PSS Smart Portal
Q.
“Can the collector see devices behind a firewall?”
A.
The Collector is usually located on the management subnet domain. Devices on the management subnet
domain usually have visibility thru firewalls, if this is the case, then the collector will be able to “see” the devices.
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
36
- Smart Portal data items:
- Inventory
- Covered
- Uncovered
- Expiring Coverage
- Expiring Support
- Protocol Error
- Search Function
- Export Function
- Chassis Details
- Product Alert Details
- Contract Details
- HW/SW Details
- Exception Details
- Device Config Details – Running / Startup Config / Show Command
-Reports:
- Unprocessed Devices (3rd Party and Unknown Cisco
- Inventory
- Alerts
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
37
