Network configuration backup functionality is used to back up the configuration for the network resources. This feature will help recover from any device failures in the organization and also to identify any configuration change that happens on the device. The backup data is stored in byte format in the object store within the SaaS platform cloud. The access is restricted only from the application endpoint.

Alerts can also be defined on resource configuration changes.

Configuration files are categorized as one of the following types:

  • startup configuration
  • running configuration

Startup configuration

Startup configuration files are used during system startup to configure the software.

Running configuration

Running configuration files contain the current configuration of the software. The running configuration file and startup configuration may not always be the same. This may be the case when you want to change the configuration for a short period of time, you update the running configuration but you do not save the changes to the startup configuration file.

Prerequisites

Before setting up the network configuration backup:

  1. Verify that your resource is supported for network configuration backup.
  2. Verify that supported protocols are used.
  3. Create credentials and assign the same to the resource that needs to backup.
  4. Create Network job from OpsRamp (Automation > Jobs)
    • When the job is created, ensure that the job type is Network Configuration Backup.

Permission-Based Access

For security reasons, a new permission-based access feature has been introduced for the Configuration Backup option for network devices:

  • By default, the Configuration Backup option will not be visible unless the user has the necessary permissions.
  • The Network Configuration tab under the resource will only be accessible to users with NCM View permissions or higher.
  • The Set as Baseline option will only be available to users with NCM Manage permissions or higher.

Supported resources

Verify that your resource is supported for network configuration backup.

Supported protocols

The gateway uses the following protocols to connect to end devices.

  • SSH 2.x and higher
  • Telnet

Creating credentials

To create credentials and assign resources:

  1. Select a client from the All Clients list.

  2. Go to Setup > Accounts > Clients.

  3. Click the client name in which the credentials should be stored.

  4. From CLIENT DETAILS, select the Credentials tab.

  5. From CREDENTIALS, click the Add icon to create a credential for network configuration backup.

  6. From NEW CREDENTIAL, enter the name and description for credential.

  7. Select credential type as Network Configuration Backup.

  8. Enter username and configure the credential details:

    • Use Policy Mapping: Enables user to integrate a Password Manager application with the credential to control the access to a device.
    • Port: Provide Port number for HTTPS connection.
    • Transport Type: Enables the user to determine the data transmission type: SSH or Telnet.
    • Enable Password: Enter the password required to run the Enable Command after logging in to the device.
  9. Enter connection time-out and click Save. Default connection time-out is 1000 milliseconds.

    Create Credential for Network Configuration
    Network Backup Configuration

Comparing configuration types

You can compare the changes or differences between two versions of a configuration.

  1. Go to Infrastructure > Network Device, select the resource for which a network configuration backup job is configured.
  2. Click the Configuration Backup tab.
  3. Select the type of configuration Startup Config or Running Config.
  4. Select any two dates to compare the configuration between the dates and click Compare. You can view the difference between the two configurations between the selected dates.

Scenarios

A user wants to save every snapshot of configurations

Every snapshot of configuration can be saved by selecting the option All Versions for the job type Network Backup Configuration while creating a job.

A user wants to save snapshot only when configurations change

Snapshot of configuration change can be saved by selecting the option Save Versions with changes only for the job type Network Backup Configuration while creating a job.

A user wants to get alerts on configuration changes

User gets alerts when there is a change in configuration. Select Generate Alerts while creating a job to get the alerts on changes to the Startup configuration or on changes to the Running configuration.

A user wants to take a backup of a device

In this case, there is a configuration change trap (SNMP) generated on the device

A resource backup is done when you create the job. During job creation:

  1. Select the Network Backup Configuration job type.
  2. Select the Backup Trigger option.

Supporting OS and Model Devices

OSModel
WL-IOS
FORTIOS
SB-IOS (or)SBIOS
XR-IOS
IOSCSS11503
IOSSG500
IOS
ASAASAV
ASAIPS
ASAASA (or) Adaptive Security Appliance
MLNX-OS
NXOS (or) NX-OSUCS
NXOS (or) NX-OS
CISCO UCS FIRMWARE (or) CISCO UCSUCS
NOS
FOSSILKWORM SERIES OF FC SWITCH
FOSACCESS GATEWAY (or) CONVERGE SWITCH
FOS
MSS
JUNOS (or) JUNIPER OS
CATOS
PIXOS
PROCURVEGBE2C
PROCURVEOFFICECONNECT SWITCH 1920S 24G 2SFP PPOE+ (185W) JL384A
PROCURVE
SCREENOS
EOS (or) ADEOS (or) ADE-OS
FORCE10 (or) FORCE 10
VYATTA
NETSCALER
IRONWAREICX7150-24-POE (or) ICX7150-C12-POE (or) ICX7150-48-POEF
IRONWARE
PAN-OS (or) PANOS
VXWORKS10/100/1000 GIGABIT SWITCH
VXWORKS
WAAS
ARUBAOSR0X25A 6410
ARUBAOSIAP-VC
ARUBAOSJL076A (or) JL322A (or) JL320A (or) JL357A (or) JL558A (or) JL356A
ARUBAOS
ACOS
AEROZOS
EXTREMEXOSB5 (or) BONDED SSA-T1068-0652A
EXTREMEXOS1440 (or) 1480
EXTREMEXOS
SONICOS
COS
CISCOACSW
DELLPC
F5TMOS
MERUOS
ADTRANOS
COMWARE1910
COMWARE1920
COMWARE1950
COMWAREJG937A (or) FLEXNETWORK 5130-48G-POE+-4SFP+ (370W) EI
COMWARE
VIPTELAOS
BCF CONTROLLER OS
FXOSFPR-2110 (or) FIRE POWER 1140TD (or) FIREPOWER 2130 SECURITY APPLIANCE (or)FIREPOWER 4110 SECURITY MODULE 12 (or) FIREPOWER 2120 (or) FIRE POWER 1120TD (or) FPR4K-SM-36 (or) FIREPOWER 9000 SECURITY MODULE 44 (or) FIREPOWER 4120 SECURITY MODULE 24
FXOS
NGOS
LINUXCBS350-48FP-4G
LINUXMEDIANT 2600 E-SBC
LINUXCX7055M
FIREWARE (or) FIREWARE XTM
MRV-OD
LINUXIM7200 and make = OpenGear
OS10
YAMAHA OS
AUDIOCODES(LINUX)M800B
CUMULUS LINUX
VOSS
DNOS
ONYX-OS