ABC of Cisco Prime : Basic overview

for beginners
Features include
Cisco Prime Infrastructure lets you manage your network more efficiently
and effectively so you can achieve the highest levels of wireless and
wired network performance, service assurance, and application-centric
end-user experience. Features include:

• Single-pane-of-glass management
• Simplified deployment of Cisco® capabilities
• Deep Application Visibility
• Comprehensive coverage of enterprise mobility
• Unified assurance across network and compute
 Cisco Prime Infrastructure 3.1 offers
many new capabilities:
 New Plug and Play dashboard
 Workflow for Software Image management
 Global variable support in configuration templates
 Global Offline Search
 Converged Access Workflow
 TrustSec Readiness Assessment
 Compliance Audit for Cisco Wireless LAN Controllers
 Site Visibility
 Routing Table Monitoring
 PfR Monitoring Improvements
 Alarm Policies
 Enhancement to the DCA template
 Syslog Viewer

Infrastructure. Prime Infrastructure logs and displays syslog’s from managed

devices only. For more information about Cisco Prime Infrastructure, visit
http://www.cisco.com/go/primeinfrastructure
Agenda

Scenario 1: Dashboard
Scenario 2: Visualizing the Network
Scenario 3: Ensuring Services
Scenario 4: Configuration
Scenario 5: Reports
Scenario 1: Dashboard
Login
Scenario 1. Dashboards
• Overview. Provides summary information and includes tabs specific to
alarms and events, clients, network devices, network interfaces, and service
assurance.
• Wireless. Provides wireless information about Security, Mesh, CleanAir, and
ContextAware.
• Performance. Provides a summary of performance metrics and includes
tabs specific to sites, devices, access points, interfaces, applications,
voice/video, end user experience, and WAN optimization.
• Network Summary. Provides an overview summary of your network
including status metrics and a tab specific to incidents which includes alarm
and event type graphs and critical, major, and minor alarm counts
• Data Center. Provides information about Data Center and includes tabs
specific to Compute and Host.
ICMP Reachability Status
Scenario 2. Visualizing the Network
 Network Topology Maps
 Cisco Prime Infrastructure provides a visual map that allows you to view the physical
network topology, including the network devices and the links that connect them.
 The topology maps have indicators that show the current alarm status of network
devices and links. By using the network topology maps, you can easily monitor your
network by viewing alarms and viewing the interconnection between the devices.
 Prime Infrastructure topology maps are based on Location and User Defined groups.
Topology maps show the devices in the group as well as any links between the devices.
 The links between devices are discovered using the Cisco Discovery Protocol (CDP)
when available.
 If Prime Infrastructure is unable to discover some links, for example, if CDP is disabled on
an interface, you can manually add the link to the topology map, and the associate
the link with a specific interface on the appropriate managed device.
Go to Maps > Topology Maps > Network Topology.
Expand the All Locations device group, and then select the Expand
Using Wireless Site Maps
Navigate to Maps > Wireless Maps > Site Maps.
Scenario 3. Ensuring Services
There are various Services available within Prime Infrastructure 3.X.
These include Network Services, Router Virtual Containers, Mobility
Services and Application Visibility & Control.
 Network services
 Prime Infrastructure positions the IWAN wizard workflow mostly for green field
customers where the IWAN services need to be enabled for the first time. The
enabled IWAN service cannot be modified for brown field customers.
 You can use Prime Infrastructure to design, configure, and monitor the IWAN
services for an enterprise. Cisco IWAN requires the configuration of DMVPN,
PFR, AVC and QOS as part of enabling IWAN services on different devices.
 The Converged Access workflow simplifies, automates and optimizes
deployment of various enterprise-class next generation wireless deployment
models for campus and branch networks.
 Cisco Prime Infrastructure can automate the converged access deployment
of wireless networks using converged access components such as Catalyst
3650, 3850, 4500 SUP 8-E switches, and Cisco 5760 Wireless LAN controller
(WLC). The catalyst switches can be deployed as Mobility Agent (MA),
Mobility Controller (MC), and Guest Anchor controller (GA).
 Services > Network Services > IWAN Enablement.

Click IWAN Enablement to explore the IWAN Enablement workflow

Application Visibility and Control
(AVC)
Application Visibility and Control (AVC) can recognize 1000+ applications and
categorize them. It can then compute the application performance and finally help
shape or control the traffic. AVC leverages multiple core technologies found in the
Cisco Aggregation Services Routers:

• Flexible NetFlow to show traffic statistics

• NBAR2 which is a Deep Packet Inspection (DPI) technology that can identify over
1300 applications
• Performance Agent which is used to collect ART metrics
• Medianet to collect voice and video statistics

One-click AVC is useful when you would like to turn on AVC for a particular supported
device with all the AVC configuration options included in the pre-configured
template.
From the Prime Infrastructure main menu, go to Services > Application Visibility &
Control > Interfaces Configuration.
Select ALL in the Port Group list and select AVC Capable from the filter.
Applications and Services / Service
Health
Services > Application Visibility & Control > Applications and Services.
In the Business Critical field, type Yes. The list of applications will be filtered
to show applications that have been configured as Business Critical.
• Traffic identified as Business Critical is tracked for Service Health.
Go to Services > Application Visibility and Control > Service Health.
Scenario 4. Configuration
Cisco Prime Infrastructure provides multiple options to manage, maintain,
deploy and audit configurations for the entire network.
From the Configuration > Network > Network Devices page, you can view
all devices and device configuration information.

You can add, edit, delete, sync, and export devices, add and delete
devices from groups and sites, and perform a bulk import.
Select one of the devices from the list and click Edit.
Device Compliance
 The Compliance Services feature allows you to run Cisco PSIRT security and EOX
obsolete-device compliance reports.

 You can also establish baseline device configuration standards, and then audit
field configurations against these standards to identify devices that are non-
compliant and how their configuration differs from the standards.

 Compliance Services are available only on the Professional virtual appliance and
on the Cisco Unified Computing System (UCS) Gen 2 physical appliance.
Configuration > Compliance > Profiles

See the Cisco Prime Infrastructure 3.1 User Guide for more information on how to
create and use policies and profiles to audit network devices.
http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-
1/user/guide/pi_ug/compliance.html
Viewing Device Security
Vulnerabilities
You can run a report to determine if any devices in your network have
security vulnerabilities as defined by the Cisco Product Security Incident
Response Team (PSIRT).

You can also view documentation about the specific vulnerability that
describes the impact of vulnerability and any potential steps needed to
protect your environment.

1. Go to Reports > PSIRT and EoX.

2. Click the Device PSIRT tab to view PSIRT information.
3. In the PSIRT Title column, click the hyperlink to view the full description of
the security vulnerability.
This will open a separate window where you can read details of the
vulnerability and next steps.
You can download the PSIRT report in PDF and CSV formats.
Viewing End-of-Life Reports
You can run a report to determine if any Cisco device hardware or software in
your network have reached its end of life (EOX). This can help you determine
product upgrade and substitution options.
1. Click each of the following EOX tabs to view the report information specific to
that tab: • Device Hardware EOX
Device Software EOX
Viewing Field Notices for Devices

You can run a report to determine if any Cisco devices that are managed and have
completed a full inventory collection have any field notices.

Field Notices are notifications that are published for significant issues, other than
security vulnerability-related issues, that directly involve Cisco products and typically
require an upgrade, workaround, or other customer action.

1. Click the Field Notice tab to view field notice information.

2. Click on the information icon in the Vulnerable column to view more information
on cisco.com.
Software Image Management

 Manually upgrading your devices to the latest software version can be error
prone and time consuming. Cisco Prime Infrastructure simplifies the version
management and routine deployment of software updates to your devices by
helping you plan, schedule, download, and monitor software image updates.

 You can also view software image details, view recommended software images,
and delete software images. The software image management page provides
a consolidated view of the various aspects of image management such as
software image management lifecycle widget, software image summary, and
job details.

 Prime Infrastructure stores all of the software images for the devices in your
network. The images are stored according to the image type and version.
Before you can upgrade software images, you must configure your devices with
Telnet or SSH credentials. Also SNMP read-write community strings that match the
community strings entered when the device was added to Prime Infrastructure
must be configured.
The Software Image workflow includes easy to follow steps for managing
software images. Each quadrant of the workflow image provides useful
information about adding, distributing, activating and optionally committing
software images.
1. Click the Add/Import section to see how to add or import software images.
In the right frame, there are links to other useful tasks related to image
management.
Scenario 5. Reports
 Cisco Prime Infrastructure reporting is necessary to monitor the system and
network health as well as troubleshoot network problems.

 A number of reports can be generated to run on an immediate or a

scheduled basis. Reports can also be combined to form composite reports.
Each report type has a number of user-defined criteria to aid in defining the
reports.

 The reports can be formatted as a summary, tabular, or combined (tabular

and graphical) layout. After they have been defined, the reports can be
saved for future diagnostic use or scheduled to run on a regular basis.

 Reports are saved in the these formats:

• CSV
• PDF format and are either saved to a file on Prime Infrastructure to be
downloaded later or emailed to a specific email address.
 Report categories are:

• Current—Provides a snapshot of data that is not time-dependent.

• Historical—Retrieves data from the device periodically and stores it in the

Prime Infrastructure database.

• Trend—Generates a report using aggregated data. Data can be

periodically collected from devices and a schedule can be established for
report generation.

• Top N—Generates reports based on top utilization.

 With Prime Infrastructure, you also have the ability to export any report that
you can view, sort reports into logical groups, and archive for long-term
storage.

 The Reports menu provides access to all Prime Infrastructure reports as well
as currently saved and scheduled reports, which includes:

• Report Launch Pad—The hub for all Prime Infrastructure reports.

 From this page, you can access specific types of reports and create new
reports.

• Scheduled Run Results—Allows you to access and manage all currently

scheduled runs in Prime Infrastructure, and to access and manage on-demand
exports as well as emailed reports.

Saved Report Templates—Allows you to access and manage all currently

saved report templates in Prime Infrastructure.
Steps
1. Choose Reports > Report Launch Pad.
Reports > Report Launch Pad
 Choose a category from the left sidebar menu to see the report types for
each report category, click New corresponding to the appropriate report
in the main area of the Report Launch Pad.

 In the Report Details page, complete the fields as described in the Report
Launch Pad > Report Type > New section. See “Field Reference for Cisco
Prime Infrastructure Reports” in Related topics.

 The parameters shown in the Report Details will vary with the report type.
With some reports, you will need to customize the report results.

 If you plan to run this report later or as a recurring report, enter Schedule
parameters as described in the Report Launch Pad > Report Type > New
section. See “Field Reference for Cisco Prime Infrastructure Reports” in
Related topics.

 Run the report.