Some more features in the pipeline - Our Top 10 - What do you think?

Unanswered Question
Nov 21st, 2011

Here are some additional features we’re thinking of – what do you think? How woudl you rate the importance of these features below?

We'd love to hear your thoughts.

  1. Co-branded reports – You can upload your company’s logo into OnPlus, so reports will be created with your logo and Cisco’s.
  2. Day-0 Device Configuration Library – in OnPlus, you’ll be able to store day-0 configurations for devices that you commonly deploy. So, following an installation at a customer site, the initial firmware (already supported) and configuration could be downloaded with only a few clicks of a button, with no local copies to be made
  3. Telnet / SSH to local devices – this feature will enable your to create, through OnPlus a Telnet or SSH tunnel directly into the device you’d like to manage.
  4. For those of you that used a PSA – you’d be able to open tickets directly with Cisco Support through your PSA. OnPlus will send Cisco Support the details, so they’ll have all your case information once you give them a call.
  5. Network Assessment Reports – placing the ON100 network agent at a potential customer site and running a network assessment can give you enough information about that site, in order to give your prospective customer a proposal. This could be especially useful when using a tablet at that customer’s site.
  6. RMM Integration – we are looking closely at integrating with the RMM tools that you may already be using. Please let us know which you are using now, so we can target the right ones :-)
  7. OnPlus Recommendations – receive recommendations from Cisco OnPlus that pertain to the devices on the networks you manage – from notifications on configuration adjustments to promotions and suggestions. This could be a great way to initiate a discussion with your customer on additions, changes, replacements and much more..
  8. IPv6 - for networks that have already adopted, or are beginning to adopt IPv6 - OnPlus will deploy in an IPv6, discover, assess, manage and advise on the devices on your customer's IPv6 network
  9. Discover different subnets - if you instruct OnPlus which subnet to find - we'll find it for you.
  10. Access priviledges to your agents - when adding a sub-agent in your account on the OnPlus portal, you'd be able to assign different privileges for each agent, per customer. Meaning, if agent 'John' supports customers A, B and C, and agent 'Jane' support customers X, Y and Z; John woudl have Read-Write access to only A, B and C but Read-Only access to X, Y and Z and vice versa for Jane. It woud be up to the master agent to determine thsi allocation

What do you think of these features? Please let us know...

Also - did we miss anything? Please write to us on this community page, or directly to onplus-portal@cisco.com

Thanks,

The OnPlus Team

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
SHAWN EFTINK Tue, 11/22/2011 - 04:33

I like a lot of the top 10. Kaseya is the RMM tool we use. One truly key feature I believe should be in the top 10 is the ability to turn off monitoring on a given device/IP and/or us creating exclusion lists. OnPlus and my RMM are running into each other.

Shawn Eftink

Sent from my iPhone through Exchange

enoy Tue, 11/22/2011 - 10:19

Hi Shawn,

Thanks for your reply!

When you say that OnPlus and the RMM are running into each other - what type of behavior are you witnessing?

It sounds to me like we'd need to turn off monitoring on a device only when an RMM is present and known to OnPlus. This woudl be part of our integration with these tools. Would you agree?

BTW, you can turn off all monitors for given devices dynamically through their device windows, and manage notification rules through the Notifications menu. This might prevent some of the collision you were referencing earlier.

Thanks,

Efrat

SHAWN EFTINK Tue, 11/22/2011 - 13:49

Yes it would be nice if the RMM and OnPlus were aware of each other’s devices and could dynamically, or manually, turn off monitoring. When I say they’re running into each other, I’m referring to the fact that OnPlus, for example, is trying to monitor servers/desktops already monitored by my RMM tool, Kaseya in my case.

I’m am aware that I can turn off all monitors on a given device however, and I did open another thread about this previously, even if I turn off all credentials on a given server device, OnPlus continues to try to connect to the server and I continue to see failed auth messages in the security logs. My only option was to turn off failed auth, which wasn’t really an option anyway. That is why it would really be necessary to have the ability to manually turn off monitoring or manage an exclusion list of IPs for a given client. There’s always the possibility that they only have us monitoring/managing a select number of devices and not everything that can be monitored/managed.

Attachment: 
chrisguertin Wed, 11/23/2011 - 22:32

In regards to RMM integration:  GFI Max is the one we use and integration would be great!

We also use Autotask but I have been unable to get the OnPlus integration to work with Autotask.  It won't look up any clients, regardless of spelling, punctuation, etc.  I just haven't had time to ask about this yet...

Thanks.

enoy Thu, 11/24/2011 - 08:01

Thank you Chris for your input.

We're aware of this issue with Autotask and are working with them to resolve this quickly.

Thanks,

Efrat

Sent from Cisco Technical Support iPhone App

drenner@summits... Mon, 12/05/2011 - 08:07

My top Feature List:

1.  Add most popular Cisco products as supported templates such as

     - 3750 switches

     - 3560 Switches

     - 28XX routers

     - 29XX Routers

    

2.  Create the ability for a default SNMP RO and RW string to be input before discovery.  That way it can find out much more information on the first pass.

3.  How do I add more CCO ID's to the portal?

4.  Bandwidth reporting ( All reporting available to be co-branded or purely white labeled)

I am sure i can come up with more but this is it for now. 

Thanks,

Doug

mshikha Mon, 12/05/2011 - 09:10

Thanks Doug!

We continue to add more Cisco devices and the routers and switches you mention are definitely in the works.

As far as Bandwidth Reporting, have you checked out the NTOP Packet Monitoring under the "Apps" tab of any customer? You can read more about it

Application Note: Enabling ntop Packet Monitoring with the Cisco OnPlus Service and here.

We are working on co-branded reports and you should be seeing this feature very soon.

Thanks,

Shikha

.

adrian.lewis Tue, 01/10/2012 - 12:19

Some more ideas for you:

1. Spanning tree visualisation including MST - very handy to see what the L2 paths between switches are up to

2. Custom SNMP OIDs to monitor or trend

3. IP SLA monitoring and trending

4. CBQoS monitoring and trending

5. Being able to do a 'diff' on the routing table of a device or have an easily readable alert if a route is added or dropped on a device.

6. Having the ON100 device act as an IP SLA responder or agent

Happy to discuss if you think there's mileage in any of these.

Many thanks,

Adrian

adrian.lewis Tue, 01/10/2012 - 12:02

Hi Efrat/Shikha,

My votes would go to (in order of importance):

1. Discover different subnets - if you instruct OnPlus which subnet to find - we'll find it for you.

--> This one is fairly big for me. I would have thought that in the area between customers who don't see any value in a managed network service and those for who the OnPlus service is a bit basic, you're going to have a lot of customer sites with 2-10 VLANs, each almost always with its own subnet.

2. Telnet / SSH to local devices – this feature will enable your to create, through OnPlus a Telnet or SSH tunnel directly into the device you’d like to manage.

--> Again a big one for any network-centric service provider - CLI access is a must and having the tool to handle NAT devices between the provider and the device would be great. If the interface is going to be browser based though, I'd suggest finding something that's quick/responsive and which lets you cut and paste. Better still would be an installable browser plugin or Java applet that could fire up Putty natively on a technician's workstation and proxy the connection. This is what PacketTrap do allthough their interface is not web-based so it's a bit different. Ability to set the TCP port to use on a global/customer/device basis would be handy too.

3. Day-0 Device Configuration Library – in OnPlus, you’ll be able to store day-0 configurations for devices that you commonly deploy. So, following an installation at a customer site, the initial firmware (already supported) and configuration could be downloaded with only a few clicks of a button, with no local copies to be made.

--> not a massive one for me but I can definitely see us using this if it were available.

Thanks,

Adrian

afullfor Tue, 01/10/2012 - 14:27

Hi Adrian,

On the topic of remote connection with SSH or Telnet, that is certainly already possible using the "Generic Tunnel" feature of the Connect tab.  You do have to enter the port you want to connect to (22 for ssh, 23 for telnet). This system builds the tunnel and provides a hostname and port that you feed to the client software of your choice.  This is covered in the Onplus User Guide in section 8 in the vicinity of p146.

http://www.cisco.com/en/US/docs/net_mgmt/other_net_mgmt/onplus/portal/user_guide/onplus_portal_user_guide_v1_0.pdf

Item 3 in the original request is actually asking about trying to simplify the process by automatically launching the client application with the correct connection configuration.  Obviously that's a little tough to cover well for multiple operating systems, windowing systems, and terminal clients, so before delving into that, we're trying to figure out the demand over and above what is already supported.

What we have today gets you there, but you have to use cut/paste so it is a little ugly.

Also, I should point out that the traffic from your client application to the portal endpoint is "raw".  Not an issue for ssh, but it does mean that telnet traffic is exposed, including any passwords typed.  From the portal endpoint through to the ON100 the traffic is encrypted, and then it is exposed again for the last leg from the ON100 to the device.

Andy

adrian.lewis Tue, 01/10/2012 - 15:35

Hi Andy,

Thanks for the info. I'm in the UK and thus haven't been able to play with the OnPlus service yet. All I know about it is from the documentation and a webinar - when you don't use it you forget these details quite easily.

Thanks again,

Adrian

lokibjensen Mon, 01/16/2012 - 11:10

I like the additions especially the one allowing other people to login.  I would still LOVE to see the ability to dole out passwords for users and give them access to certain devices with the OnPlus agent holding and using the master password for said device.  That way if someone leaves your organization you don't have to change passwords for all devices.  You just turn off the users account and he will no longer have access with HIS password but the master passwords, that were encrypted and he didn't have access to, are still safe.

Another HUGE feature request for me would be to be able to set thresholds for alerts such as up/down status.  I get a LOT of false positives because an ISP may go down for a minute or two and then I get an email alert.  Seeing as I'm getting a lot of these units in the field I now receive at least 15 messages a day notifying me that a site has lost connection just for a minute and then it reconnects.  I need the ability to adjust the threshold so that I'm only alerted if the site is down for more than 10 minutes or so.  That way I'm not weeding through a lot of useless notifications.  PLEASE PLEASE PLEASE set this up.  Thanks!

enoy Tue, 01/17/2012 - 10:10

Thank you for your comments and suggestions!

Re: a master password, we are looking at logging into a device automatically, without the need to remember passwords or show them on the device window in OnPlus. Is this inline with what you were thinking, or a good alternative?

Setting a threshold is a great idea! We'll look at ways of doing this.

Thanks,

Efrat

MICHAEL KOZICKI Wed, 01/18/2012 - 09:54

I would like to see the ability to make agents that can be set on a per customer as

Read

Write

None

So if I have an agent that should only see say 3 out of the 50 devices then they only see those when they log in and perhaps they only have read access to 2 of those 3 or something like that.

The ability to add static routing would also be nice so that I can monitor both the data and voice vlan at a customer with only having 1 device located at that location.  Perhaps I am missing how that is done and I am looking now.

Customer logon option so that I can make a read only view for my customers to monitor their networks.

jiyeung Wed, 01/18/2012 - 10:20

mkozicki wrote:

I would like to see the ability to make agents that can be set on a per customer as

Read

Write

None

So if I have an agent that should only see say 3 out of the 50 devices then they only see those when they log in and perhaps they only have read access to 2 of those 3 or something like that.

The ability to add static routing would also be nice so that I can monitor both the data and voice vlan at a customer with only having 1 device located at that location.  Perhaps I am missing how that is done and I am looking now.

Customer logon option so that I can make a read only view for my customers to monitor their networks.

These are all great pieces of feedback!  We are in the works of putting together some read only views for specific customer sites that will provide you with some capabilities to provide this for customers to monitors their networks.  This is something we expect to release in the very near future, so do stay tuned! 

In terms of being able to monitor across VLANs, we typically need the use of a supported device along with the credentials being entered for us to gather additional information for the topology.  Please take a look at the discovery best practice document below, as there is a good section on cross subnet/vlan discovery.

https://supportforums.cisco.com/docs/DOC-17579

In terms of your first request and role based read/write device access, I'll definitely take this back to the team and have it posted to our feature request boards. 

Thanks for all the feedback again and please do keep it coming!

-Jimmy

enoy Wed, 01/18/2012 - 10:28

Thank you for your feedback!

We are actually looking into ways of providing subagents with privilidges on your customer accounts, as you describe.

The first stage of this development will be to provide your end customers access to their own account, so they can monitor their networks. It would be up to you to grant them the access you like - either full access with write priviledges, or just to be able to view their account (read-only). The next stage would be to apply the same logic to subagnets, but appliacble to many customer sites. So, if agent A manages customers X and Y and agent B manages customer Z, agent A woudl get read-write access to customers X and Y, but only a read-only access to customer Z.

Is this in line with what you're thinking?

To address your concern of monitoring both the Voice and Data VLANs, you can do this through OnPlus, if the device that manages those VLANs is a Cisco device that is supported by OnPlus. All you need to do is update the device's credentials to that device's window (in the 'Credentials' tab), and check the 'Allow Login Access' button. This should discover the devices on the Voice VLAN, or you can also trigger a discovery.



Please let us know if this helps!

Thanks,

Efrat

MICHAEL KOZICKI Wed, 01/18/2012 - 11:53

I reset everything and it's a 2801 router and it just does not seem to find the phones behind it.

Also I have an ASA5505 that it says the device type is unknown but if I change the driver to ASA5500 it says it's the wrong driver.

2801 also says device type is unknown and the credentials are are still at status not yet known.  It's a small network so I don't know how long it will take for this info to all show up on a scan but I will keep working with it.

Thanks

Mike

jiyeung Thu, 01/19/2012 - 00:48

mkozicki wrote:

I reset everything and it's a 2801 router and it just does not seem to find the phones behind it.

Also I have an ASA5505 that it says the device type is unknown but if I change the driver to ASA5500 it says it's the wrong driver.

2801 also says device type is unknown and the credentials are are still at status not yet known.  It's a small network so I don't know how long it will take for this info to all show up on a scan but I will keep working with it.

Thanks

Mike

Ah, I answered part of this in another thread, but I probably should have read this part too...

For the ASA5505 and other manually assigned drivers, make sure you enter in the correct credentials before selecting the driver.  As I stated in the other thread, the passwords for the ASA currently have to be simple alpha numerics without complex character.  In this case, you may want to follow the following instructions to help get the ASA driver corrected (given that you are using the simple pw):

1) On the device driver page, disable the selected device driver by  opening the drop-down and navigating all the way to the top of the list.

2) Go to the Login Access page, and check the "Delete Existing Credentials" checkbox.

3) Apply the changes, and wait one minute.

4) Now go back, enter your correct login credentials, select the correct device driver, then click Apply.

I've also PM'ed you my contact information as well.  Feel free to contact me and we can take a deeper look at what might be going on when you get a free moment.

dprzywara Wed, 01/18/2012 - 12:55

My small request is maybe to add the ability to add text to the end of the URL string on the connect tab of a device when connecting to a device.  For instance, the GUI page of a UC500 could be http://192.168.1.1/ccme.html.  The main part is you have to put in /ccme.html to get to the proper web page.  What currently works right now is to connect to the UC500 via web port 80, then add the /ccme.html text.  For example, I first connect to https://xlx-1-XXXXXX-XXXXX.XXXXXXXXX.1-dfw-xlx.cisco-onplus.com:11305/, then add https://xlx-1-XXXXX-XXXX-XXXXXXXXXXX.1-dfw-xlx.cisco-onplus.com:11305/ccme.html

Maybe add a text box on the below screen for additional URL string.

MICHAEL KOZICKI Fri, 01/20/2012 - 14:05

I have another idea that may be good.

Under the

Notifications / Delivery Contacts

When I want to add a person to get messages it would be nice if I can add a person and then have check box for say 10 different devices to get messages from rather than having to put the user in once for each one.

There are 2 reasons that I can see doing this.  1st a customer may have more than one location they want to get e-mail from and 2nd there may be a person that works for me that I want to get e-mail for more than one of my customers but not all my customers.

thanks

Mike

jamwyatt Mon, 01/23/2012 - 07:21

Hi Austen,

Yes, you can use the NTOP application. The preferred method on a PLG1000 is to acquire and use the Cisco/Linksys USB300M USB to Ethernet adapter. It is expected that others will work, but with the PLG1000 being a prototype device, we've not made any attempt to test many similar adapters. If you don't use the adapter, NTOP will configure to monitor the built-in Ethernet port on the PLG1000. Since the PLG100 is using that port for regular communications already, it is less than desirable and mostly boring.

Enjoy,

Robert

jamwyatt Mon, 01/23/2012 - 07:29

One more thing ..... you can use Netflow from an IOS capable device via the built-in port too. NTOP does a nice job of working from Netflow in the case where you can't add the second port.

Sorry I missed that one!

Robert

aclark.ccl Fri, 01/20/2012 - 17:56

Just got into the OnPlus service - in the UK

The Co-branding would be a bonus - for reporting.

Currently we have received the ThunderBolt PLG1000 - unit.

I take it this does not have all of the features of the ON100 - fro example the MON port.

Can we still use the "ntop" app?

Regards

A

adrian.lewis Mon, 01/23/2012 - 07:51

Would love to see some tools to manage & monitor Mediatrace (and/or Performance Monitor) in IOS devices.

jiyeung Thu, 01/26/2012 - 11:22

Adrian Lewis wrote:

Would love to see some tools to manage & monitor Mediatrace (and/or Performance Monitor) in IOS devices.

Hi Adrian,

Thanks for the feedback!  We're integrating much more support for the IOS based platforms in the very near future.  The ISRG2 and 2k/3k Catalyst platforms are going to be at the top of the list, and we are actively looking and investigating on ways to collect performance metrics for network health and assessment.  Mediatrace, performance monitoring, and specific IP SLA are all great ways for us to be able to integrate better visibility for network health.  For performance monitoring, are there specific data/statistics that you would prioritize? 

-Jimmy

MICHAEL KOZICKI Wed, 01/25/2012 - 07:29

I have an idea for a next generation of the hardware also.

If you could put a 2 port Ethernet switch in the device it would allow for a monitor on small customers that don't have a smart switch that can support a SPAN port.  Then you could plug the monitor port in line with say the cable modem or whatever have you.

Thanks

jiyeung Thu, 01/26/2012 - 11:13

Hi Michael,

Thanks for taking the time to chat with me today!   In addition to placing the ON100 as a bump in the line, I've noted down a few other key pieces of feedback from our conversation as well.  I'll make sure all this gets added into our overall consolidated list!

-Jimmy

Actions

Login or Register to take actions

This Discussion

Posted November 21, 2011 at 10:35 PM
By enoy
Stats:
Replies:27 Avg. Rating:
Views:1885 Votes:0
Shares:0
Tags: onplus
+

Related Content

Discussions Leaderboard