Knowing your device vendors, series, and models – H3C Technologies H3C Intelligent Management Center User Manual

33

For example, many companies prefer to separate internal corporate user traffic from external customer

traffic and use layers of firewalls to separate these zones. In addition, many corporations create zones
within zones to create secure application environments for the Web, application, and database tiers.

Tiers and zones may have specific access requirements. Understanding the management system

requirements is necessary to configure IMC to manage devices in those tiers and zones.

Knowing your device vendors, series, and models

IMC uses device vendor, series, and model information in the Configuration Center to determine whether

or not configuration and software files can be successfully deployed to devices in the network. Knowing

what you have and configuring this information when IMC cannot auto discover supports you in
managing the complex task of device configuration and software and patch management.
Make a list of all of the vendors that provide the devices and resources that are the building blocks of

your network. In addition, gather the device series and model information for every unique device type

in your environment. Take the output of an asset inventory for your network and combine it with the
device vendor, model, and series information you have gathered so that you have clear and

comprehensive details for all devices in your network. Comparing asset inventories to IMC database of

devices provides a gap analysis of what you have versus what IMC knows about your network.
Identifying device vendor, series, and model information enables you to more easily identify and
research vendor specific enterprise MIBs that contain objects, including traps, for customized and

optimized monitoring of devices. Once you have identified the MIB objects you want to poll for, you can

create user-defined global index monitors that you can apply to all devices of the same vendor series and

model type. Once you have identified the traps you want to process, you can create user-defined trap
definitions and apply them to all devices of the same type.
Having concise, usable, and consistently applied device naming standards simplifies IMC administration

and use IMC uses the MIB-2 object sysName, the administratively assigned name for a managed device,

as the Device Label or name in IMC unless an IMC administrator or operator configures a custom Device
Label.

Knowing access requirements and standards of your

organization

The two aspects to access to consider in the planning stages of an IMC deployment are:

•

Access requirements for your organization and restrictions for IMC to manage devices

•

Requirements for providing operators with access to IMC

IMC uses several methods to manage devices. First, IMC uses SNMP (v1, v2c, or v3) to poll devices for

management and monitoring data and also to receive SNMP traps from devices for proactive notification
of events on managed devices. Second, IMC uses ping or ICMP requests for status polling and

reachability statistics for devices managed by it. IMC also uses Telnet or SSH to manage devices.
You need to understand your organization's policy on the use of SNMP, ICMP, Telnet, and SSH in the

various zones and application tiers in your network in order to use IMC to manage devices in them. In

addition, IMC uses TCP and UDP ports to communicate with other IMC servers and modules and
understanding your organization's policy on permitting this traffic facilitates a successful implementation.
You need to work with the teams that manage access control lists and firewall rules to ensure that SNMP,

ICMP, Telnet, and SSH traffic are permitted for all networks, zones, and application tiers that have