Skip navigation
Share This:

I am glad to announce the release of new version of TrueSight Network Automation version 20.02. The new release brings a fresh, new user interface for the product.

In addition, it introduces new dashboard as well.  Following widgets are available as part of the dashboard:

  • Discrepancies – Displays the number and percentage (%) of online devices with and without discrepancies on a pie chart. Drilling down on the pie chart displays the devices and their realms.
  • Compliance violations – Displays the number and percentage (%) of online devices with and without compliance violations on a pie chart. Clicking on the pie chart displays the devices and their realms.
  • Devices with most compliance violations – Displays the devices with the greatest number of violations and the number of rules violated by the devices. When you click a device link, a pop-up window displays the rules violated by the device, the rule set to which the rule belongs, and the violation severity.
  • Recently failed jobs – Displays the job IDs of the recently failed jobs, the actions performed via those jobs, the users who initiated those jobs, and status of those jobs. When you click a job ID, the pop-up window displays the Job Details report.

 

Dashboards.png

 

Along with that, we are making the product more and more secured and you will see a lot of changes in the product related to the same.

 

Also, a highly voted idea: Active Directory to Role Mapping is also available as part of this release. Thank you to the Community for your continued input and participation.

 

And these are just the highlights!  Check out the page below for the comprehensive list of what is in 20.02:

 

TrueSight Network Automation 20.02

 

I would like to take this opportunity to thank you for all your support and I look forward to hearing your feedback.

Share This:

We are pleased to announce the release of our new reporting solution for TrueSight Network Automation. TrueSight Network Automation Reporting replaces BMC Decision Support for Network Automation.

This solution uses the following:

  • TrueSight Network Automation - Data Warehouse — A Network Automation component that works as the ETL engine and the data warehouse. This product also provides out-of-the-box reporting content.
  • TrueSight Smart Reporting - Platform — A reporting platform that enables you to administer, create, and publish reports seamlessly. The simple drag-and-drop UI allows you to create complex reports while providing an enhanced, user-friendly look to your reports for easy consumption.

 

Here is the overview of the features delivered with the 19.11 release:

 

Out-of-the-Box Reports

This version of Network Automation Reporting offers the following out-of-the-box reports. You can use these reports as is or customize them as you see fit.

  • Action Activity
  • Change Tracking
  • Compliance
  • Configuration Drift
  • Inventory
  • Source of Change

 

FIGURE 1:  EXAMPLE OF THE DEVICE COMPLIANCE SUMMARY REPORT

 

Custom Reports

If you do not want to use out-of-the-box reports or would like to add additional columns, you can create custom reports. You can compare and analyse reports by using filters, summaries, and calculations, and change the appearance of the reports.

 

By default, Network Automation Reporting stores a set of attributes for the devices and rules that are available in Network Automation. However, you can store additional attributes for these devices and rules in custom fields by using the dynamic fields feature of Network Automation. You can add any number of custom fields, and then use them to filter report content or display them as content in reports.

 

Using reports

Network Automation Reporting enables you to:

  • Export reports in the following formats: CSV, DOC, PDF, RTF, Text, XLS. You can also print your reports.
  • Share reports with others on an ad-hoc basis. You can send a report through email or embed a report into an HTML, Wiki, or a blog page.
  • Broadcast reports. You can send a report to one or more users based on a defined schedule and set of rules.
  • Schedule reports and share them through FTP. You can select the format for the report and schedule it to be sent to an FTP location.
  • Import and export your report models and views. You can migrate your content between multiple instances, for example, from the QA to the Production instance.

 

Viewing the ETL status

Network Automation Reporting provides a built-in, Java-based engine to extract, transform, and load (ETL) data from the Network Automation operational database to the warehouse database.

A user-friendly console in Network Automation Reporting enables you to view summary of all ETL runs on a single page and easily drill-down to see the status of an individual ETL run.

 

Supported Version of TrueSight Network Automation

Version 19.11 of TrueSight Network Automation Reporting is supported with version 8.9.04.003 of TrueSight Network Automation.

Remember to upgrade TrueSight Network Automation to 8.9.04.003 to use new reporting solution.

 

Supported Version of TrueSight Smart Reporting - Platform

Version 19.11 of TrueSight Network Automation Reporting is supported with version 19.3 of TrueSight Smart Reporting - Platform.

 

Support & Documentation

As BMC Decision Support for Network Automation (BDSNA) is going to be end of life in February 2020, we encourage customers to plan their migration to the new solution without delay.

BMC is fully committed to support you for any challenges which you face during this migration.

 

For more detail, please refer to the documentation available at the following URL:

https://docs.bmc.com/docs/display/tsnadw1911

Share This:

Hello Everyone,

 

I am excited to announce the newer release of TrueSight Network Automation 8.9 Service Pack 4 Patch 1 a.k.a 8.9.04.001, which has combination of features which were critical customer's asks, important fixes including security fixes.

 

Here are the highlights for this release:

 

Added more content sync capability to Multi-Server Administration:

Earlier, you could sync combo groups & device security profiles, now, you can push the following types of additional contents from a single application server to multiple application servers:

  • Global Substitution Parameters
  • Templates

 

Capability for adding groups to a combo group in Text field:

Earlier, you could add groups to a combo group by choosing operators and groups from menus. From this release, you can add operators and groups by entering Boolean expressions in a text editor.

ComboGroupEditor.png

 

Ability to set default violation severity for a new rule:

You can now define the default violation severity that should be assigned to a new rule. This can be defined by using a new system parameter, Default Violation Severity in the System Parameters page.

 

In addition, following capabilities were added:

  • Added support for A10 Networks Load Balancer.
  • Ability to assign groups to devices while importing from CSV and assigning devices to groups while adding/editing groups.
  • Support for validating device configuration passwords using additional algorithms
  • Added following additional device type support for vulnerability management:
    • Extreme Networks
    • Hewlett Packard Enterprise (HPE) Aruba
    • Palo Alto

 

For details, please refer following documentation link:

https://docs.bmc.com/docs/TrueSightNetworkAutomation/89/8-9-04-001-patch-1-for-service-pack-4-852572250.html

 

Also, do not forget to check important issues which were fixed as part of this patch release at:

Known and corrected issues - Documentation for TrueSight Network Automation 8.9 - BMC Documentation

 

At the end, I would like to request you to please provide us feedback in the comments section below or shoot an email to mlalwani@bmc.com

Share This:

I am super excited to announce the release of a new version of TrueSight Network Automation 8.9 Service Pack 4 a.k.a 8.9.04.

Here are the highlights for this release:

 

Multi-Server Administration

We are launching a new console for syncing content & device searches across multiple instances of TSNA using a single interface. Using the Multi-Server Administration console, users would be able to sync Device Security Profiles & Combo Groups across multiple sites of TrueSight Network Automation servers. Not just that, the user would be able to search devices across different sites and launch the site from MSA portal.  The user can register all sites which need to be managed to the MSA portal.

 

This portal will be useful if you manage more than one TSNA server such as for Dev, QA, Stage or Production or if you keep a separate TSNA server per region.

 

Pushing TrueSight Network Automation events to EMS (event management software)

Now, you can push the events generated in TrueSight Network Automation to one or more syslog servers, defined as event receivers. This will allow TSNA events to be fed into log analysis solutions like TrueSight Operations Management(TSOM) or Splunk log managers.

 

Support for SAML 2.0

TrueSight Network Automation now supports SAML 2.0 (SSO) as the authentication mechanism with CA Single Sign-On as the Identity Provider (IdP) along with existing authentication mechanisms such as RADIUS, TACACS & LDAP. This means that you can launch TSNA server for SSO portals such as OKTA or CA Single Sign-On and the user would not be asked for credentials separately.

 

Support for latest version of Entuity

TrueSight Network Automation integrates with Entuity for a network monitoring solution. You can trigger TrueSight Network Automation jobs directly from Entuity to make desired changes. We have started supporting latest version of Entuity v 17.0.

 

RESTful APIs

We have expanded our RESTful APIs to now cover:

  • Device Agents
  • Discrepancy summary report
  • Dynamic Fields
  • Email distribution lists
  • Event Receivers
  • External event filters
  • External Links
  • Global substitution parameters
  • Job Approval Types
  • Remote File Servers
  • Roles
  • Security Vulnerability Importer
  • SNMP Manager Stations
  • Templates

 

As we are expanding our RESTful APIs, we suggest users migrate from SOAP API to RESTful APIs.

 

Along with this, because we are committed to keeping the tool as secure as possible, TrueSight Network Automation components (Multi-Server Administration, Application Server & Remote Device Agent) that use a bundled Java environment are shipped with Open JDK 11.

 

And these are just the highlights!  Check out the page below for the comprehensive list of what is in 8.9.04:

 

8.9.04: Service Pack 4 - TrueSight Network Automation 8.9

 

Thank you for all your support and I look forward to hearing your feedback.

Share This:

Software Defined Networking is a paradigm that separates control plane (brain or software) from the data plane (hardware) to simplify network management, by introducing:

  1. Centralized management (by decoupling control and data plane)
  2. Network programmability with APIs where network services and configurations are programmable (“software defined”) through access to the management plane via APIs
  3. Encourages use of virtualization in the data plane

 

SDN is a system that centralizes network resource management, so that administrators can manage traffic based on the need.

 

In the market, dominant players for SDN are Cisco (ACI) and VMware (NSX).

 

However, SDN comes with it’s own limitation. SDN, in itself, is not capable of configuration management, compliance and change management. In fact, security is a big challenge in SDN.

 

 

If you admire SDN solutions and want to implement it in your network, you need to address SDN's limitations first. You can use network automation solutions such as TrueSight Network Automation to manage SDN to overcome following challenges:

  1. Vulnerability Management: With SDN, new network security vulnerabilities arise, and it is very important to remediate these vulnerabilities, TrueSight Network Automation can help you to import vulnerabilities and to remediate vulnerabilities in one go.
  2. Compliance: Nowadays, compliancy is one of the mandate in most of the organizations, you will not get any exception for SDN devices either. You can use TrueSight Network Automation compliance engine to apply standards for regulatory and security rules such as SOX, PCI-DSS, HIPAA, NIST, DISA, and CIS.
  3. Configuration Management: It is important to maintain a golden copy of configuration for disaster recovery. You can implement a policy-based approach to configure SDN devices with templates based on best practices to simplify administration and ongoing maintenance.
  4. Change tracking mechanism: When network configuration changes are implemented, network engineers are required to document these changes in change management system. To automate the change tracking and documentation process, you can use TrueSight Network Automation to automatically create network change request in change management tool such as Remedy. After the change request is approved, the change is scheduled for execution in TrueSight Network Automation.

 

Not only this, automation tools give you a consistent way to seamlessly manage different networking technologies in your network and make the network audit ready.

 

TrueSight Network Automation already supports management of following SDN devices out of the box:

  1. VMWare NSX
  2. Cisco ACI

 

Also, you can develop your own device adapter if you would like to manage other SDN devices. You should be able to manage SDN devices in the same way as you used to manage your traditional devices without any overhead.

 

To summarize, SDN technology is prevailing in market and has it's own advantages, but you need an automation tools to complement the SDN technology and to manage network service delivery for multi-vendor infrastructure. You can consider leveraging TrueSight Network Automation for managing SDN devices without bothering about complexity which SDN devices bring with itself.

 

In case of any query or suggestion, feel free to comment in the section below.

Share This:

Network administrators need to manage thousands of devices across the globe and it is very hard to track end of life data for wide variety of devices such as switches, routers, firewalls and load balancers. When devices reach their end of life, the vendor stops supporting and no longer publishes patches for the devices. Continued use could lead to new and non-fixable vulnerabilities. Hence, it is critical for network admins to identify EOL’d devices and take necessary action as soon as possible.

TrueSight Network Automation can help you to identify such devices. TrueSight Network Automation can read the EOL bulletins released by Cisco and can alert network admins about EOLs of various devices in the device inventory report. You can import these EOL bulletins in advance of the EOL dates too.

 

All you have to do is run a canned predefined job called “Populate Cisco Device Board Models and their End of Life Date” and pass Cisco client credentials as runtime parameter.

Upon successful execution of the preceding steps, the End of Life column on the Devices page is populated with the EOL dates for the Cisco devices. If a device has multiple boards, the EOL date shown is the earliest EOL date amongst all device board models.

Once the EOL dates are populated you can use either Device Inventory report or Configuration Search report to view the reports as shown in Figure 1 below.

 

Figure 1

 

Another way of performing this operation would be via canned policy “Populate Cisco Device Board Models and their End of Life Date” and EOL data can be fetched and populated recursively as shown in Figure 2 below.

 

Figure 2

 

In addition, you can calculate service true-ups for products that Cisco has reached EOS during your current service period. Generate a Device Inventory report filtered by Entire Network and the PID. Calculate the difference between the contract Contract End Date and the EOS date for your service credits.

 

You can populate EOL data even when application server does not have internet connectivity using FetchCiscoEolData script.

For details refer detailed documentation at:

https://docs.bmc.com/docs/display/public/tsna89/Populating+End+of+Life+data+for+Cisco+devices

https://docs.bmc.com/docs/display/public/tsna89/Identifying+end-of-sale+and+end-of-life+hardware

 

So, let us start using this functionality and identify EOL’d devices within minutes.

Please do write your comments and suggestions and let us know your views.

Share This:

I am thrilled to announce the release of TrueSight Network Automation (formerly called as BMC Network Automation) 8.9 Service Pack 3 a.k.a 8.9.03.

Here are some of the highlights of the release:

 

Report Backgrounding

With this release, all reports (except License Usage) will be generated in the background, where you don’t need to tie up your browser session by waiting for a report to display. Instead, you make selections and send the report generation into the background. The system then stores the result in the database and you can view the report any number of times.

 

Network Security Operations (SecOps) enhancements

Support for importing vulnerabilities from NVD repository:

Now, you can import vendor-supplied security vulnerability reports for Cisco and Juniper device types from the National Vulnerability Database (NVD) repository into the system, and use them to generate compliance rules that detect vulnerable device operating systems. A canned database of NVD-based Cisco and Juniper reports is shipped with the system.

Support for Cisco CVRF XML files formatted per version 1.2:

The canned importer named "Import Cisco Advisory From CVRF XML File" includes an updated stylesheet that now supports parsing Cisco CVRF XML files in version 1.1 or 1.2 formats.

 

Improved Telnet/SSH Session popup window

The UI-based popup window that interacts with the device command line interface in a Telnet/SSH Session job has been replaced, resulting in improved performance and VT100 support. The replacement is seamless; the window looks the same as it did in previous releases and provides the same functionality.

 

MultiNICs support for Remote agent

With this release, you can use a single agent to manage multiple networks, where each network is reachable via a different network interface card (NIC) at the device agent. When the agent communicates with devices belonging to a given network, all traffic (both device action traffic and syslog traffic) pass through the NIC for that network.

 

RESTful APIs

We have expanded our RESTful APIs to now cover Users, Device Security Profiles and Security Vulnerabilities. As we are expanding our RESTful APIs, we suggest users to migrate from SOAP API to  RESTful APIs.

 

And these are just the highlights!  Check out the page below for the comprehensive list of what is in 8.9.03:

 

8.9.03: Service Pack 3 - TrueSight Network Automation 8.9

Got a question or feedback? Talk to us in the comments section below

Filter Blog

By date:
By tag: