Network Configuration Management

Started by ahd-develop, March 07, 2019, 06:26:32 PM

Previous topic - Next topic

ahd-develop

What about adding network configuration management?

I had started making my own. Below is the output of my config diff check. The only thing out there currently that is opensource is Rancid, Oxidized, rConfig, and a few others. I had used cattools before SolarWinds bought em up years ago and it was a major asset to network management and something that saved my bacon many times.

With NetXMS, Devolutions Remote Desktop Manager, and some form of network configuration management it'd be easy for a small staff to manage a very large swath of network infrastructure.


tomaskir

I would recommend checking out Unimus.

Takes literally 15 minutes to go from nothing to managing a network of 1000 devices.
Unimus has a native NetXMS connector, so you can sync your Unimus instance with NetXMS.
(no need to add devices into 2 systems)

Full config management and change management for 120+ vendors/devices.
(and full config change notification emails with a graphical diff in the email)

Also Mass Config Push for network automation.

Not FOSS however, so it might not fit your requirements if you are looking for a FOSS solution.

Tursiops

If you want full configuration management, Unimus is probably the way to go with NetXMS.

If you're just after config backups and diffs (not really management, as you're not pushing anything back), you can probably use tftp servers and git.
For example, we've configured our Ciscos to write a config backup to a tftp server on any config save. That server runs git for versioning.
For our Brocade switches, we use the configuration change traps to trigger a config backup via SNMP Write to the same tftp server. Same git.
I'm sure similar things can be done for other vendors.

It really depends on what you're after I guess.

amitayb

Hi,
any updates on NCM besides unimus?
they cost a lot per year.
any open source integration recommended?

Amitay

Millenium7

I'd like to see this implemented but its also kind of out of the scope of NetXMS IMO.
Unimus is incredibly expensive, we looked at it and its just silly
Solarwinds NCM is a far more polished and functional package and is significantly cheaper than Unimus especially as you start to get more than just a handful of devices (its once-off licence cost). We ended up going with that as there's no other system at the moment thats more cost effective for our needs

tomaskir

Quote from: Millenium7 on December 19, 2019, 07:39:54 AM
I'd like to see this implemented but its also kind of out of the scope of NetXMS IMO.
Unimus is incredibly expensive, we looked at it and its just silly
Solarwinds NCM is a far more polished and functional package and is significantly cheaper than Unimus especially as you start to get more than just a handful of devices (its once-off licence cost). We ended up going with that as there's no other system at the moment thats more cost effective for our needs

Are you sure you didn't miss-read the pricing on Unimus?
(it is yearly, not monthly payments)

Unimus is cheaper than Solarwinds NCM by far.
The feature-set of Unimus is just about the same as Solarwinds, while being much more modern, and MUCH easier to use.

amitayb

Hi,
any ideas how can I implement a backup only?
nothing else, I'de like to create a script that read the show conf and save it.

any idea how to start implement it?

Amitay

Millenium7

#7
Quote from: tomaskir on December 19, 2019, 12:22:15 PM
Quote from: Millenium7 on December 19, 2019, 07:39:54 AM
I'd like to see this implemented but its also kind of out of the scope of NetXMS IMO.
Unimus is incredibly expensive, we looked at it and its just silly
Solarwinds NCM is a far more polished and functional package and is significantly cheaper than Unimus especially as you start to get more than just a handful of devices (its once-off licence cost). We ended up going with that as there's no other system at the moment thats more cost effective for our needs

Are you sure you didn't miss-read the pricing on Unimus?
(it is yearly, not monthly payments)

Unimus is cheaper than Solarwinds NCM by far.
The feature-set of Unimus is just about the same as Solarwinds, while being much more modern, and MUCH easier to use.


Unimus is a lot cheaper if you only need to automate a handful of devices, but Solarwinds gets much cheaper as you get beyond about 250-500. I can see you've added more functionality since we were looking at Unimus but its still crazy expensive over time. Unimus pricing at this time is $4,500/year for 1000 devices. We got a Solarwinds NCM1000 licence for something like $8000 (I don't remember exactly) but its a once off lifetime licence, we have the software forever. We lose software support after it expires (which were very helpful but we don't need it now) or we can renew it at a drastically reduced price (far less than unimus pricing for a year)


I did have some issues with Solarwinds at first, like their template for MikroTik isn't quite right and should be updated to use /export terse not /export etc, and I had some garbage output I had to workaround but its now at a really good state. I did try both packages quite thoroughly. A big one for me is mass config pushing, I think this wasn't in Unimus at the time, or if it was it wasn't as capable and polished as Solarwinds
though again I had to do some workarounds, anything where the prompt doesn't return to normal i.e. running a script with { and the prompt return .. would hang for an extremely long time so I have to add ${DisablePromptDetection} which tells solarwinds to just keep pushing commands and not worry about potential error output etc, then ${EnablePromptDetection} afterwards
All just learning pains with any software. But the Solarwinds community is quite active and has been extremely helpful

Compliance reporting is massively more polished in Solarwinds. With a much easier to use interface with drop-downs for adding AND/OR and grouping statements so I can i.e. do a search in config 'if it contains A, but also contains B, then report an issue, unless it also contains either C or D then its fine'. Grouping devices with custom parameters like 'isDistributionRouter' so a different set of compliance applies to those etc

Unimus is a good software package, but IMO its priced far above a level that its currently at. If it was $1/device we'd have jumped on it and worked around some of the features missing, or a had a different pricing structure (lifetime licence) or partial licences i.e. 250 backup licences + 500x config push only devices for cheaper. As we needed the ability to occasionally push config out to hundreds of devices, but didn't want to pay for them all year long when we don't need the ability to back them up

tomaskir

#8
Quote from: Millenium7 on December 20, 2019, 12:45:08 AM

Unimus is a lot cheaper if you only need to automate a handful of devices, but Solarwinds gets much cheaper as you get beyond about 250-500. I can see you've added more functionality since we were looking at Unimus but its still crazy expensive over time. Unimus pricing at this time is $4,500/year for 1000 devices. We got a Solarwinds NCM1000 licence for something like $8000 (I don't remember exactly) but its a once off lifetime licence, we have the software forever. We lose software support after it expires (which were very helpful but we don't need it now) or we can renew it at a drastically reduced price (far less than unimus pricing for a year)


Solarwinds NCM licenses differ in pricing by region, but for US/EMEA regions, the NCM DL1000 license is $12.000.
This is with 1 year maintenance only. After that, renewing the DL1000 license when out-of-maintenance is $8.000 yearly.
(you may have different pricing in other regions, or if you already have other Solarwinds products)

You can easily verify Solarwinds NCM pricing by Googling "Solarwinds NCM DL1000 price".
Unimus is MUCH cheaper at $4.500 yearly at the 1.000 device tier.

The CHEAPEST Solarwinds NCM (DL50) license, is $2.900.
Unimus for 50 devices is $225 yearly.

In ALL cases (including Unlimited licensing), Unimus is cheaper than Solarwinds.

And while technically you can run Solarwinds without support, personally I don't think running unsupported and unpatched versions of software that is supposed to be your main configuration management over your network is a good idea. Unimus is based on a SaaS model, so you ALWAYS have support when you need it, and you are always running the latest and supported version of software. This is because telling the customer "you need to pay $8.000 to receive support" when you run upon a bug after the 1st year is really scummy (assuming the 1.000 device tier again). Unimus is also constantly adding features, with over 6 new releases each year for the last 3 years.

Not to mention Unimus will just work ootb with all 140+ supported vendors, including Config Push - no need to disable prompt matching, or fiddle with it in any way.
There is also direct NetXMS support through NMS Sync, and the device support list is more extensive than Solarwinds.