Overview of Cisco Prime Infrastructure 3.1.0

Ok, I’m going to give this one a try, and hope all readers help me keep myself honest on this one. Initially, the title of this Post was based on CCNP Security and Cisco Prime Infrastructure Security Use Cases.
NewImage

So I have been looking for some Security use cases with Cisco Prime Infrastructure, and I think I found some based on correlation and other important things the tool has to offer.

Don’t believe me check the 300-206 Exam Objectives
NewImage

Now, enough with the chat and let’s go hit the main points on this interesting toolbox

What is Cisco Prime Infrastructure?

Based on its definition from the Marketing Cisco’s site, here is a good excerpt:

Cisco Prime Infrastructure simplifies the management of wireless and wired networks. It offers Day 0 and 1 provisioning, as well as Day N assurance from the branch to the data center. We call it One Management. With this single view and point of control, you can reap the benefits of One Management across both network and compute.

My Point of view

The tool helps you or any Network Engineer or Administrator with interesting tools that help on the day to day job, and it looks like a very slick interface. Devices like Routers, Switches, Wireless Controllers and Wireless Access Point’s along with Other Data Center infrastructure can be checked from this Application

NewImage

Features that are worth to Mention

The Network Dashboard Overview
This dashboard includes important information on Metrics related to Network reachability, alarms from the devices, Coverage areas, the Network Topology and Ton N CPU/Interface Utilization. This dashboard goes very far on showing lots of information that is very useful

IWAN Enablement
If you are familiar with an IWAN deployment or have completed a semi-IWAN solution for a client, you know that the solution is very complex (Not to say ridiculous IMO) – I’m about to think that this somehow connects with APIC-EM, or this section is stolen directly from it. But for sure I have seen this under APIC-EM
NewImage

Network Topologies
Also like with other Cisco Products, like APIC-EM, Network topologies come very handy and this particular section makes it easy to create dynamically.

Now let’s talk about Security-Related Features

So curious me, was able to find 2 nice and interesting pieces of information from the Cisco Prime Infrastructure

The PSIRT and EOX Report Tool
This was an interesting find because this actually reviews all the installed IOS images on your devices and tells you about the existing vulnerabilities and possible vulnerabilities on the code your devices use. Pretty cool ha? –> Now how is this done? This uses the Cisco PSIRT openVuln API or seems like it does because is the CIsco’s available tool to provide such information.
The DevNet page on PSIRT Openvuln API will take you in the right direction if there is any need for custom applications that need this

NewImage

Compliance Profiles and Reporting
If the previous feature was not enough, this one will be a really cool one. This one checks your devices for compliance, using profiles with the desired configuration, so that all your sites are uniform and standardized, who doesn’t want this?
NewImage

The compliance Policies Selector includes few baselines with options for you to pick from

NewImage

The Profile or Policy Selector lets you choose from different options, I think all relevant configuration settings are found there, just give it a try and play with it

What to look Forward to?

I’m having lots of fun going over the multiple Exam objectives for CCNP Security and finding things that I have never seen before, then that is a good reason for my excitement. I hope you enjoy reading this and it helps in any way.
There are many other 3rd Party tools that provide a lot or even more than Cisco Prime Infrastructure, but so far seems like a product that is maturing and it has lots of capabilities.

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

You can follow Andres using Twitter, LinkedIn or Facebook

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s