Network configuration backup functionality is used to back up the configuration for the network resources. This feature will help recover from any device failures in the organization and also to identify any configuration change that happens on the device. The backup data is stored in byte format in the object store within the SaaS platform cloud. The access is restricted only from the application endpoint.
Alerts can also be defined on resource configuration changes.
Configuration files are categorized as one of the following types:
- startup configuration
- running configuration
Startup configuration
Startup configuration files are used during system startup to configure the software.
Running configuration
Running configuration files contain the current configuration of the software. The running configuration file and startup configuration may not always be the same. This may be the case when you want to change the configuration for a short period of time, you update the running configuration but you do not save the changes to the startup configuration file.
Prerequisites
Before setting up the network configuration backup:
- Verify that your resource is supported for network configuration backup.
- Verify that supported protocols are used.
- Create credentials and assign the same to the resource that needs to backup.
- Create Network job from OpsRamp (Automation > Jobs)
- When the job is created, ensure that the job type is
Network Configuration Backup
.
- When the job is created, ensure that the job type is
Permission-Based Access
For security reasons, a new permission-based access feature has been introduced for the Configuration Backup option for network devices:
- By default, the Configuration Backup option will not be visible unless the user has the necessary permissions.
- The Network Configuration tab under the resource will only be accessible to users with NCM View permissions or higher.
- The Set as Baseline option will only be available to users with NCM Manage permissions or higher.
Supported resources
Verify that your resource is supported for network configuration backup.
Supported protocols
The gateway uses the following protocols to connect to end devices.
- SSH 2.x and higher
- Telnet
Creating credentials
To create credentials and assign resources:
Select a client from the All Clients list.
Go to Setup > Accounts > Clients.
Click the client name in which the credentials should be stored.
From CLIENT DETAILS, select the Credentials tab.
From CREDENTIALS, click the Add icon to create a credential for network configuration backup.
From NEW CREDENTIAL, enter the name and description for credential.
Select credential type as Network Configuration Backup.
Enter username and configure the credential details:
- Use Policy Mapping: Enables user to integrate a Password Manager application with the credential to control the access to a device.
- Port: Provide Port number for HTTPS connection.
- Transport Type: Enables the user to determine the data transmission type: SSH or Telnet.
- Enable Password: Enter the password required to run the Enable Command after logging in to the device.
Enter connection time-out and click Save. Default connection time-out is 1000 milliseconds.
Comparing configuration types
You can compare the changes or differences between two versions of a configuration.
- Go to Infrastructure > Network Device, select the resource for which a network configuration backup job is configured.
- Click the Configuration Backup tab.
- Select the type of configuration Startup Config or Running Config.
- Select any two dates to compare the configuration between the dates and click Compare. You can view the difference between the two configurations between the selected dates.
Scenarios
A user wants to save every snapshot of configurations
Every snapshot of configuration can be saved by selecting the option All Versions for the job type Network Backup Configuration while creating a job.
A user wants to save snapshot only when configurations change
Snapshot of configuration change can be saved by selecting the option Save Versions with changes only for the job type Network Backup Configuration while creating a job.
A user wants to get alerts on configuration changes
User gets alerts when there is a change in configuration. Select Generate Alerts while creating a job to get the alerts on changes to the Startup configuration or on changes to the Running configuration.
A user wants to take a backup of a device
In this case, there is a configuration change trap (SNMP) generated on the device
A resource backup is done when you create the job. During job creation:
- Select the Network Backup Configuration job type.
- Select the Backup Trigger option.
Supporting OS and Model Devices
OS | Model |
---|---|
WL-IOS | |
FORTIOS | |
SB-IOS (or)SBIOS | |
XR-IOS | |
IOS | CSS11503 |
IOS | SG500 |
IOS | |
ASA | ASAV |
ASA | IPS |
ASA | ASA (or) Adaptive Security Appliance |
MLNX-OS | |
NXOS (or) NX-OS | UCS |
NXOS (or) NX-OS | |
CISCO UCS FIRMWARE (or) CISCO UCS | UCS |
NOS | |
FOS | SILKWORM SERIES OF FC SWITCH |
FOS | ACCESS GATEWAY (or) CONVERGE SWITCH |
FOS | |
MSS | |
JUNOS (or) JUNIPER OS | |
CATOS | |
PIXOS | |
PROCURVE | GBE2C |
PROCURVE | OFFICECONNECT SWITCH 1920S 24G 2SFP PPOE+ (185W) JL384A |
PROCURVE | |
SCREENOS | |
EOS (or) ADEOS (or) ADE-OS | |
FORCE10 (or) FORCE 10 | |
VYATTA | |
NETSCALER | |
IRONWARE | ICX7150-24-POE (or) ICX7150-C12-POE (or) ICX7150-48-POEF |
IRONWARE | |
PAN-OS (or) PANOS | |
VXWORKS | 10/100/1000 GIGABIT SWITCH |
VXWORKS | |
WAAS | |
ARUBAOS | R0X25A 6410 |
ARUBAOS | IAP-VC |
ARUBAOS | JL076A (or) JL322A (or) JL320A (or) JL357A (or) JL558A (or) JL356A |
ARUBAOS | |
ACOS | |
AEROZOS | |
EXTREMEXOS | B5 (or) BONDED SSA-T1068-0652A |
EXTREMEXOS | 1440 (or) 1480 |
EXTREMEXOS | |
SONICOS | |
COS | |
CISCOACSW | |
DELLPC | |
F5TMOS | |
MERUOS | |
ADTRANOS | |
COMWARE | 1910 |
COMWARE | 1920 |
COMWARE | 1950 |
COMWARE | JG937A (or) FLEXNETWORK 5130-48G-POE+-4SFP+ (370W) EI |
COMWARE | |
VIPTELAOS | |
BCF CONTROLLER OS | |
FXOS | FPR-2110 (or) FIRE POWER 1140TD (or) FIREPOWER 2130 SECURITY APPLIANCE (or)FIREPOWER 4110 SECURITY MODULE 12 (or) FIREPOWER 2120 (or) FIRE POWER 1120TD (or) FPR4K-SM-36 (or) FIREPOWER 9000 SECURITY MODULE 44 (or) FIREPOWER 4120 SECURITY MODULE 24 |
FXOS | |
NGOS | |
LINUX | CBS350-48FP-4G |
LINUX | MEDIANT 2600 E-SBC |
LINUX | CX7055M |
FIREWARE (or) FIREWARE XTM | |
MRV-OD | |
LINUX | IM7200 and make = OpenGear |
OS10 | |
YAMAHA OS | |
AUDIOCODES(LINUX) | M800B |
CUMULUS LINUX | |
VOSS | |
DNOS | |
ONYX-OS |