Managing 100+ of devices

Answered Question
May 25th, 2014
User Badges:
  • Bronze, 100 points or more

Hi There,

What would you recommend for managing a mix of 100+ devices across multiple sites (50+). These range from Access Layer switches, ASA, Routers, APs, WLCs.

Ideally I'd like the functionality to schedule backups of devices, possibly schedule config changes and just to have a general "one stop" view / management tool of the whole estate.

We use Cisco Prime Infrastructure for managing APs, WLCs, AP groups etc..
Is Prime also used for all of my other devices mentioned above, and is it recommended/suitable, or should I be looking at something else Cisco has to offer? 

Thanks

Correct Answer by Marvin Rhoads about 3 years 2 months ago

Yes, PI is quite suitable to do that - especially if you have already invested in it. You should (if you haven't already) upgrade to the current version (2.1 as of right now).

The functionality for managing your wired devices has increased quite a bit since the initial PI releases and it is where Cisco is putting its development resources with respect to enterprise network management.

There is a good series of PI videos on demand on by Cisco on Youtube covering how to do most high level tasks with PI. You should also take a look at the presentations from last week's Cisco Live (all available free at ciscolive365.com) for some good information on not only what PI 2.1 can do but where they are headed with 2.2/

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
Correct Answer
Marvin Rhoads Sun, 05/25/2014 - 16:31
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

Yes, PI is quite suitable to do that - especially if you have already invested in it. You should (if you haven't already) upgrade to the current version (2.1 as of right now).

The functionality for managing your wired devices has increased quite a bit since the initial PI releases and it is where Cisco is putting its development resources with respect to enterprise network management.

There is a good series of PI videos on demand on by Cisco on Youtube covering how to do most high level tasks with PI. You should also take a look at the presentations from last week's Cisco Live (all available free at ciscolive365.com) for some good information on not only what PI 2.1 can do but where they are headed with 2.2/

GRANT3779 Mon, 05/26/2014 - 00:44
User Badges:
  • Bronze, 100 points or more
Thanks guys. Seems like we already have what we need. I'll look into the licensing aspect. Where does Cisco security manager sit within this? Is that for a more specific purpose than what CPI is used for?
Marvin Rhoads Mon, 05/26/2014 - 08:49
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

CSM is specifically designed to support large deployments of security products and technologies. It's also a good log collector for the high volume of events that can arise from Cisco firewalls and IPS devices. It has a number of functions built into it that address the more specific use cases of deploying and managing policies in firewalls, VPN setup (especially DMVPN) etc.

CSM is not a general purpose network management tool. Also, it will not be Cisco's strategic platform going forward. Some functions are already being overtaken by Prime Security Manager (PRSM) - specifically with respect to management of Next Generation Firewall features (only on PRSM) and basic ASA management (recently added to PRSM). In the future, integration of the technology acquired via the Sourcefire acquisition (i.e Defense Center) will combine to make an entirely new security management system.

GRANT3779 Wed, 05/28/2014 - 08:28
User Badges:
  • Bronze, 100 points or more

Hi Marvin,

Quick question regarding CPI - does this have the ability to pull Netflow from my enabled devices and view the data within CPI?

Thanks

Leo Laohoo Sun, 05/25/2014 - 17:32
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

What would you recommend for managing a mix of 100+ devices across multiple sites (50+). These range from Access Layer switches, ASA, Routers, APs, WLCs.

That'll be a product called Cisco Prime Infrastructure (CPI or PI).  Be aware that CPI has a very convoluted licensing systems which requires someone with a masters degree in astrophysics-engineering to be able to decipher.   

 

Cisco Prime Infrastructure 2.1 Ordering and Licensing Guide

 

Marvin Rhoads Mon, 05/26/2014 - 09:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

Hey Leo,

It's not THAT hard - just different and there are a lot of upgrade path discounts and associated SKUs.

Besides the guide you linked, partners and resellers can also use both Cisco Commerce Workspace and a macro-enabled Excel spreadsheet (PI 2.x BOM Builder) the business unit has made available on the partner community. There are also some videos on the partner community that go into more detail.

If your partner isn't aware of them, direct them to communities.cisco.com and then to Cisco Communities > Partners > Cisco Prime > Cisco Prime Infrastructure. (Site requires partner level access)

Leo Laohoo Mon, 05/26/2014 - 15:24
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

If your partner isn't aware of them

Hello Marvin, 

 

LOL.  No, the partners are NFI.    laugh

Actions

This Discussion