Cisco CCIE Security 350-701 – Network Management
1. What is Network Management
Probably in this section we’ll be discussing about network programmability and automation. Like we’ll be seeing what is network management and what are the different challenges or what are the different methods actually used for network management and the configurations. And also we’ll try to see what are the different challenges generally you will face with the traditional methods. And then we’ll also see what is the new method where we’ll be using some kind of network automation to do most of the tasks. So probably in the first section we’ll be getting into some basics like the foundations of the network automation like how and why it is actually required. So let’s get started with this.
So the first thing we need to understand like what is network management? So the common term we say network management is nothing but a process of managing your network using different tools, different automation or different tools normally or different options like Telnet, SSH, these kind of options to make sure that your network is running as per the company or the business requirements. Now, there are many things you do in that so I’m going to list out some of the options in that which includes like physical installation of your devices.
Like whenever you have some kind of requirement in your network, according to that particular requirement you need to add a specific new switch or probably you need to add a new switch to the existing network or maybe a new router you need to add on any specific remote sites. Basically the physical installation of the devices includes any of the devices added onto the network as per the requirement. It can be any of the devices like router switch or server firewall or it can be any endpoints as well.
So once we do that so once you add the devices so simply adding the devices is actually not sufficient. So apart from adding the devices you also need to make sure that you are making the changes to the configuration changes which are required on that particular device to be a part of the network or to be able to send the traffic. And that’s what we call it as the initial configuration of the equipment. Technically we call it as provisioning now, which can include like the configuration of IPR dressing or the routing configurations or implementing some kind of access list or Nat configurations so that you translate the IPS. And when it comes to switching again it may be like the VLAN configuration, the trunk link configuration, the VTP or different spanning tree options whatever you are running in your network. Or if you take an example with some firewalls, if you’re setting up a firewall maybe you need to apply some kind of security policies which must be configured either via command line or the UI.
So the basic step is like you need to set up the physical installation of the devices and also we’ll be doing the initial configuration so once the network is ready. Now this will ensure that your network is ready. So these are the two things we generally do. Apart from that, we also do something called monitoring and testing. So once the network is ready and once it is stable and it is working, you need to make sure that your network is monitored properly to ensure that it is working as per the requirements.
So we need to check whether all the devices have learned the routes. Like some of the examples are like if you are verifying some kind of routing you need to make sure that all the routers have learned the routes. Or you may want to check the reachability because sometimes you may have some reachable issues. You need to make sure that your network devices are reachable to each other. Or we can say the VLAN, let’s say you are setting up some kind of VLAN users. We need to make sure that the users within the VLAN are communicating with each other and also we need to make sure that these VLAN users are isolated or separated from other VLANs, whatever the VLAN ten should not talk to VLAN 20 as well, something like that. So we need to make sure that your applications which are running over the network are working as per the needed as per the requirements.
Which means we are also going to monitor not only that, you are going to monitor the network performance and also the server performance, these kind of things or make sure that your network is available up and running all the time. Network availability like monitoring the CPU resources or monitoring the memory utilization or the bandwidth utilization, the storage utilization, they all come into this. So when you talk about monitoring and testing these are all the things generally comes when you are dealing with all these things then this is what we generally call as network management. Here some other things like software updates like the software upgrades or upgrading the patches. Now generally software upgrades like you can take an example, this can include some kind of iOS upgrade. So let’s take an example. You are running some specific platform routers or the switches and there is a new iOS version which was introduced and you want to upgrade those particular devices.
With the new iOS it can be specific devices as well. So maybe a router switch or firewall or maybe your end user operating systems, it depends. So you may want to do some kind of software upgrades as per the requirements as our main focus will be on network side. So we take the more examples on the network side in general. Apart from that we also need to update the patches. Now patches are like generally the add on add on software or add on files. You are going to add to the existing software to fix some kind of bugs or if there are any kind of security vulnerabilities in the previous release probably that will be fixed just like releasing the new version, something like that.
Or maybe if there is any kind of improvements in the existing product or the software probably need to make sure that those add on features will be added so that it will improve the performance of that particular software or the application. So the software upgrades are kind of another thing you generally do in the network management and apart from that there is one more thing you will be doing. There is something called configuration tuning and the enhancements now configure tuning is nothing but you already have a network which is configured and you are going to make that particular network more productive like you are going to add some additional enhancements or some additional features which is going to make your network to perform more better. So that’s something what we call it as confirmation tuning and enhance.
2. Past-Present Methods of Network Mangement- PART 1
Okay, so the next thing we’ll try to discuss about the different methods which are included in managing the network. Like in the previous we have seen what is network management. Now we are going to see what are the different methods or different options we have which can be used for network management. So we’ll see one by one quickly, an overview. The first one is like the configuration for the troubleshooting or any kind of software. Updates will be using the most common ways like the CLI. So CLI where you’re going to log into any specific device. Either you do the console or you log into the remote device via Telenet or SSH and you are going to each and every individual device where you’re going to log into that particular command line interface and you are going to manage them individually. So managing includes like changing the configurations or even verifying the configurations.
Let’s say verifying the configurations even if you are doing some kind of troubleshooting or if you are trying to do any kind of updates, like maybe you want to upgrade the operating system, you can do that via command line. So this is one of the basic method, what you will be using for most of the management purposes or the past and the present methods of network management we can say. And also we’ll be using something called a notepad most of the time. So notepad is something like we’ll be using some kind of notepad files where you’re going to save some of the configurations. So generally most of your configurations you will save in the notepad files. Like I got some examples here where you may have some kind of initial configs like template, you just go and copy paste. Now this is something that I use for my initial labs.
So I do have some Notepad files where I can simply copy paste all these things. Or maybe you have some kind of configuration files where like the copy of your configurations, maybe you export your configurations or take the backup and you’re going to save those configuration files. And using this confirmation files, what you can do is if any other devices have the similar kind of configurations, probably what you will be doing is like let’s say you want to configure on multiple devices with a similar configuration. So we can use this notepad where you can copy the similar commands or copy paste those commands. Like if you take a simple configuration of VLAN configurations or STB configurations on the switches or even if you take any kind of some kind of routing advertisements.
So probably you have some kind of common configurations on multiple devices. So instead of going to each and every device and typing them, you make use of the notepad where you can copy paste most of the config like ACL configurations or Nat configurations. Okay, so most of the network images use copy paste the configurations on the remote sites even you can use this notepad in one more scenario. Like let’s say on the remote branch office, you have a network engineer, let’s say the level one engineer. And this level one engineer is like the basic engineer who will do the basic monitoring of your network. And you want to add some kind of advanced configurations like maybe some kind of BGP or OSP of routing configurations. Or you want to configure some ACL or Nat configurations on this particular device.
So one option is I can log into this device remotely and I can go and configure. Or the alternate way is I can simply make all the configurations in one notepad file. Like you can see here I got one notepad file which I generally use for my initial lapse. And you can just tell the network engine on the remote site to just you send this file and you can tell him to copy paste these configurations on the device so you can log into the device. So if you cannot access remotely, you can still log into the command line via console.
And he can do that initial configurations normally most likely you will be using a notepad. That is one more way you use for most of the configurations on multiple devices where you have similar kind of configurations. Now, apart from that, we also have some other options. Like inbuilt scripts like most of the operating systems. Like in Cisco, we do have some kind of inbuilt scripting inside the command line. Like there is something called TCL scripts or EEM embedded Event Manager. So they will provide you some kind of scripts which you can run for either the configuration or some kind of troubleshooting. Let me quickly give you an overview of this little bit. The Tshirt.
Tshirt stands for Tool command Language. Now, it is a kind of iOS script inside the operating system. Like here you can see there is one example like let’s say you want to do some kind of ping sweep like you want to every day you you enter into the company and your job is to make sure that you ping all the devices. You have to do something called ping test where you will be generating a ping request to let’s say 50 to 100 devices or 500 IP addresses.
So manually going to each and every manually typing the each and every device IP like you say ping and then type the IP address. Ping and IP address. That’s really more difficult as you’re going to do every day. Of course you can have this copy paste in a notepad and you can still use notepad for that. Instead of that, what I can do is I can run, I can build some kind of basic scripts.
Like this is one example of the basic scripts. And this basic script is going to generate an automatic ping request to all the IPS automatically. So let me show you one simple implementation of this here. Like I got one sample example here. So this is the example what I’ll be using. Now, this is my TCL script and I do have a preconfigured topology here where I got some routers pre configured with IP addresses and the OSP of configurations. And I do have the console and you can see the OSP of neighborship is up.
So I’m just trying to copy paste that particular script so that you can see how the automation options can be used. Like you can see I have copy paste the script. Now it is generating the ping request for all the IP addresses, whichever I define here. So if we just try to observe the script here. So here I’m saying I’m going to get into this TCL script mode here probably, and then for each of my address. Now this can be any name and I’m typing in all the IP addresses. I want to generate a ping request.
And then here I am saying the command that generate a ping request to all the resources which are mentioned here above. So you can see the result here. It is going to initiate a ping request to each of these particular devices. Whatever is listed, you can see that. So like that you do have some kind of complex scripts as well. So this is one option, we call it as TCL scripts where you can save a bit of time, where you can also specify multiple IP addresses which are specified inside the script. And you can let that particular script to go each and each of the individual IPS automatically. So this is something what I did, I just use this simple script as per my topology based on that. So this is one option you have where you can use some kind of inbuilt software script.
This is like inbuilt inside the operating system. So you’re not going to do any kind of coding. So generally you need to know some basic options here. So apart from that, we also have another feature. Inside the Cisco iOS, there is something called embedded. Event Manager So this is one example of embedded event manager. Now what exactly it is going to do is embedded Event Manager is a feature inside the Cisco operating system. So it is going to provide some kind of real time detectors. Like there are roughly around 20 plus detectors and detectors are nothing, but we can detect a specific log message. Like I can give an example here which I’m going to show you here, where let’s say this is my router and on this router this is my interface connected here. Now what I’m going to do is I want a script to run. So let’s say if someone shut down the interface, so whenever you shut down the interface, like in my case, let me show you this. If I go here, I’ll just quickly exit this. If I go to the global configuration mode, if I shut down, if anyone issues a shut down command, so it is going to shut down the interface. Normally it will do and apart from that it will also generate a long log message.
Now you can see this is the log message it generates. So whenever a router detect this particular log message saying that this interface at zero by zero status is change state to administrator down. That is a log message I want to detect. So I said there are around 20 plus detectors. So I’m showing you one simple basic example of that where if this log message appears, I want my device to go to the command line and automatically execute some commands scripts. Like if you see this example here, I’m creating an applet here, some name, any name, it can be Event Manager. So you will be in the Global Configuration mode. So I have not used the mode because so that I can easily copy paste the same probably on the command line to verify.
And I’m going to define the pattern. So in the pattern here, the detector will be my log message. And if the log message is equal to this one, like this is the exact copy paste of the log message, what you see here, exact copy paste. So if this is the log message, then I’m going to tell my router to take these actions. What is the meaning of this message? Which means this interface is manually shut down by someone, maybe any of my engineers by mistake or unknowingly or wantedly. If he shut down the interface, I want my router to automatically execute this command.
So whenever you shut down this is the log message appears. And whenever you detect this log message, execute these commands at the back end, like go to the enable and then Global Configuration mode and then go to the interface and simply view no shut down. So let me just quickly show you this. So I’ll copy this and what I’ll do is I’ll make the interface up before I go and verify here and I can also go and enable debug. If you just want to verify a little bit more, you can use Debug Event Manager, I think action CLI, that’s a command. And what I’m going to do is I’m going to run this script, okay? And once I execute this script now I’m going to shut down the interface to verify whether the embedded Event Manager feature is working or not because that is what I want.
So when I say shut down and I’m leaving it. So if you observe the messages here, these are the log messages what you will see in the back end. Now, the first thing you will see the interface change state to up. Why? Because whenever the log message is generated, this is a log message which is being generated. So these are the debug messages. What you will see in the back end. It has initiated the open the command line interface and executed the commands configuration mode and interface and no shutdown. The same thing what I have defined here. So this is again another example of your inbuilt scripting, the inbuilt scripting options, what you’ll find inside the iOS. So there are more than 20 plus detectors. So I’m not getting into the complete embedded event manager topic.
You can also generate an email like this example. You can even say, okay, identify the user and then send an email to this particular email address from so and so email. And this is the log message, the subject and whatever the result or output you get, you can automate these things. So this is one option. Normally, like I have discussed options here you’ve.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »