Site icon IT World Canada

Interface can make configuration friendly

Trite but true: Your company’s data is its most important asset. This applies to your databases, data files, e-mail stores and yes, even router configurations. The infrastructure device settings you’ve meticulously and painstakingly programmed into your routers, switches and firewalls deserve as much careful management as your databases.

Austin, Texas-based Uplogix Inc. says its Envoy network appliance automatically collects, saves and restores configuration settings for some popular routers, switches and firewalls. The appliance also can maintain, apply and roll back device operating system upgrades, the vendor says. The Envoy appliance also can monitor devices for connectivity and reboot a router, switch or firewall to re-establish broken network pathways.

To evaluate these claims, we tested an Envoy in our lab. Although the Envoy appliance did manage our device configurations successfully, it left us hungry for a better user interface, better reports, smarter monitoring and the ability to audit and analyze device configurations before applying those settings.

Like Cisco’s Router and Security Device Manager (SDM) and other Cisco router configuration software tools, an Envoy can save and restore a device’s configuration settings and manage IOS version upgrades. Unlike SDM, an Envoy can work with popular models of Nortel, Juniper, TippingPoint (now 3Com) and Tasman routers, switches and firewalls, in addition to Cisco devices.

The Envoy lacks SDM’s ability to analyze and report on a router’s configuration, but its direct connection to each device’s serial port gives the Envoy immediate feedback regarding the device’s health, without the need to poll a router, switch or firewall (SDM lacks any monitoring capability).

Envoy’s looking through router or switch log entries for statistics and announcements worked well. Its monitoring strategy is more like screen scraping (via each device’s console port) than the SNMP- and ping-based approaches that typical network monitoring tools use.

The appliance is a lightweight, 1U rack-mountable unit that can monitor as many as four network devices through four serial and four Ethernet ports. It also has a console port, Ethernet management port, modem (serial) port and power control port. Out of band, via a VPN-supported dial-up modem port, we could send commands to the Envoy and query its health.

Envoy has an optional mode in which it can automatically make configuration changes to a monitored device, based on the log statistics gathered via the device’s serial interface.

However, try as we might to “detune” a router by setting its configuration to something we thought the Envoy would change, we noted no Envoy-initiated changes in our tests.

When it detected a problem (based on the simple thresholds we set), the Envoy sent e-mail notifications over the network or out of band (if the problem was a network outage). The simple outage- and traffic saturation-based thresholds were not sophisticated enough to let us specify, for example, that 70 per cent network utilization was acceptable at 10 a.m. and 2 p.m. each day, but that 50 per cent utilization at 9 a.m. was not acceptable.

However, for network outages, the appliance quickly and correctly diagnosed the problem and sent us prompt e-mail notifications. The Envoy also can send SNMP alerts (traps), but not pager notifications. A separate Uplogix product, the Envoy Management Server (EMS), offers a Web-based GUI that makes the Envoy configuration simpler, but it still doesn’t let you set sophisticated thresholds or prepare a range of useful reports.

Envoy offers an interesting approach to router, switch and firewall configuration, and an unusual method of monitoring for outages and performance problems. We’d like to see Uplogix improve the user interface, allow for more sophisticated thresholds, offer pager notifications, produce more reports and provide Envoy with a decent device configuration audit and analysis feature.

QuickLink: 062503

–Nance is the author of Introduction to Networking, 4th Edition and Client/Server LAN Programming. He runs Network Testing Labs and can be reached at barryn@erols.com.

Exit mobile version