DATA

SHEET

www.brocade.com

BROCADE IRONVIEW NETWORK MANAGER

MANAGEMENT SOFTWARE
HIGHLIGHTS
Industrys first network manager to deliver unified management of wired, wireless, and MPLS services from a single application Comprehensive Fault, Configuration, Accounting, Performance, and Security (FCAPS) management across the Brocade IP networking product family Flexible, scalable architecture that can manage thousands of Brocade and third-party devices in large organizations with highly distributed environments Dashboard and thumbnail views of wired and wireless devices, current status, event and alarm summary, and network visibility for troubleshooting and analysis Comprehensive security management capabilities, including Brocade IronShield 360 Closed-Loop Security Network topology discovery with Layer 2, VLAN, IP subnet, STP/RSTP, MRP Ring, and MPLS views, as well as multiple layout and sizing tools Rapid deployment of group network and policy changes to reduce operating expenses Standards-based, highly secure network management system built on Java, SNMP, and sFlow (RFC 3176)

Reliable, Scalable, and Secure Network Management

Brocade IronView Network Manager (INM) provides organizations with comprehensive tools for configuring, managing, monitoring, and securing the Brocade family of wired and wireless network products. INM is an intelligent network management solution that reduces the complexity of changing, monitoring, and managing network-wide features such as Access Control Lists (ACLs), rate limiting policies, Virtual LANs (VLANs), software and configuration updates, and network alarms and events. Using INM, organizations can automatically discover Brocade network equipment and immediately acquire, view, and archive configurations for each device. In addition, they can easily configure and deploy group policies for wired and wireless products. INM utilizes the Brocade high-speed, secure architecture with integrated sFlow technology (described in RFC 3176) to provide hardware-based real-time network monitoring and accounting capabilities. These features provide wire-speed switching and routing performance with always-on fault and performance management, capacity planning, intrusion detection, security policing, and precise network traffic accounting.

INDUSTRYS FIRST UNIFIED NETWORK MANAGER

Brocade INM is the industrys first network management system to provide unified management for wired, wireless, and Multiprotocol Label Switching (MPLS) services for data center, campus, and service provider networks. From a single interface, organizations can monitor and manage the entire Brocade IP networking product portfolio, including the Brocade TurboIron 24X top-of-rack switch, Brocade FastIron CX Series switches, and Brocade ServerIron ADX Series of application delivery controllers. INM provides comprehensive management of MPLS services through the MPLS Manager application, supporting MPLS Virtual Private LAN Services (VPLS), Local VPLS, MPLS Virtual Leased Line (VLL), and Local VLL services with an intuitive and user-friendly interface (see Figure 1). INM also features a Representational State Transfer (REST)-based Northbound Interface, providing the capability to integrate INM with third-party Network Management System (NMS) and Operational Support System (OSS) offerings. Through this

Figure 1. The INM MPLS Manager provides comprehensive management of MPLS services.

Figure 2. The INM Dashboard presents summary information for discovered Brocade and third-party devices.

interface, client programs can retrieve inventory information about Brocade wired and wireless devices, as well as third-party devices, by using Java or Perl scripts. The ServerIron Manager provides Virtual IP (VIP) and Global Server Load Balancing (GSLB) management for Brocade ServerIron application delivery controllers, including display of physical and virtual IP addresses, physical and virtual server port bindings, and status. INM also centralizes management of the entire family of Brocade wireless products, including Brocade IronPoint 200/250 wireless access points, IronPoint switches, and the IronPoint mobility controller series. RF monitoring capabilities help identify, prevent access to, and report on rogue access points and ad-hoc client networks.

The integrated Topology Manager discovery and network mapping capability provides Layer 2, VLAN, IP subnet, STP/RSTP, MRP Ring, and MPLS views of managed devices. A powerful search tool allows organizations to quickly locate devices based on multiple search criteria. They can also import their own background maps and position each node according to its geographical location (see Figure 3). Organizations can group and filter both devices and ports in the device tree to display only specific types or operational status. Nodes are shown with detailed information, including name, IP address, trunk groups, and interface names. In addition, organizations can quickly generate detailed reports for all Brocade devices in the map. Organizations can also configure, manage, and deploy configurations to groups of wired or wireless devices through the Device Configuration Manager, greatly reducing administration overhead and simplifying management. Through this tool, they can discover and configure VLANs within the network, configure wireless access point realms, group wireless LAN switches into domains for Layer 3 mobility support, or execute CLI commands on specific devices or groups of devices to create configurations and reports. Device configuration changes can be tracked through the integrated INM Change Manager, which enables the viewing, retrieval, and restoration of configuration files (see Figure 4). Configuration backups can be performed manually or scheduled to run automatically.

A pre/post-snapshot feature issues device configuration monitoring commands before, after, or before and after a configuration change is deployed. Organizations can then compare configurations to quickly identify problems during configuration deployments, and use them to roll back to a previous configuration if necessary. Change Manager also enables software, diagnostic, and boot images to be manually or automatically imported into INM, which can store multiple versions of software that can be deployed to groups of devices. In addition, the INM Report Manager provides a rich set of predefined asset reports with detailed information about the discovered devices, including key attributes such as name, IP address, version information, product type, last scan date/time, and status. The library of predefined reports includes reports for wired and wireless devices, modules, VLANs, IP subnets, IP/MAC addresses, access point usage, and more.

SIMPLIFIED NETWORK MANAGEMENT

INM features intuitive and easy-to-use Web-based tools that greatly simplify management and reduce administration time, resulting in lower operational costs. Built on a Java-based platform, INM provides seamless control over software and configuration updates for Brocade products from anywhere in the network resulting in more effective management of midsized and large networks. The INM Dashboard presents at-a-glance summary information of all discovered Brocade and third-party devices, including inventory and event summary information used to identify problem areas and anticipate potential network downtime (see Figure 2).

INCREASED NETWORK AVAILABILITY

INM includes a powerful Event Manager to help troubleshoot network-related issues. It can receive SNMP traps, Syslog events, Snort, and security partner event messages for reporting, analysis, monitoring, and remediation. It can also provide alerts about any events that INM is configured to analyze, which helps organizations increase network availability and meet their Service Level Agreements (SLAs). The trap forwarding feature allows INM to filter SNMP traps and pass them on to third-party applications capable of managing events

Figure 3. The INM Topology Manager provides a variety of views for managed devices.

Figure 4. The INM Change Manager provides an efficient way to view, retrieve, and restore configuration files.

from multiple vendors. INM can also use the Brocade CLI configuration manager to support full closed-loop network remediation, triggering specific actions when certain error conditions are met. The INM Traffic Analyzer provides management and monitoring tools for sFlow reporting, accounting, and presentation. The INM sFlow collection capability is ideal for generating traffic reports and gaining visibility into network activity, even at the edge, where placing sensors is costly and complex. With a custom report generator, organizations can define any set of reports based on the data collected from sFlow. They can also use the Traffic Analyzer to perform network trending and analysis for network-wide troubleshooting. Moreover, INM helps organizations keep track of essential network performance information such as CPU utilization, power and fan status, and packet flow. The Performance Monitor is an advanced graphing tool that can plot any SNMP value that a Brocade or third-party device supports. Each graph can contain up to five SNMP values, and can be exported as an image or CSV file for future reference or further analysis.

enable the configuration of permit and deny functions for source and destination MAC and Ethernet type. INM also provides the capability to rapidly configure and deploy Access Control Lists (ACLs) in wired and wireless switches and routers through the ACL Manager. Using ACL Manager, organizations can replicate ACLs from an individual device or group of devices onto other Brocade devices. In addition, ACL Manager supports predefined and well-known service ACLs to simplify management while providing the flexibility to customize them by adding new TCP or UDP ports. Another key security feature of INM is the Brocade IronShield 360 Closed-Loop Security and Intrusion Detection. INM sFlow

collection capabilities can be integrated with open source Intrusion Detection Systems (IDSs), such as Snortand integrated with the INM Event Manager to provide closed-loop intrusion detection, prevention, and remediation. With IronShield 360, the sFlow collection modules within INM can convert sFlow to the open source PCAP format. The PCAP data can then be piped directly into Snort and other open source IDS software to identify accidental or malicious network activity and send alerts to INM through the IDS Event Manager. INM can then take direct remedial action on this network activity through a unique security policy manager. This powerful

IronView Network Manager

Snort Alerts

Remediation Action

event pr oc es s or

event c ol l ec t or

sflow sFlow Collector sFlow sFlow sFlow sFlow PCAP Converter sFlow Snort

Figure 5. IronShield 360 Closed-Loop Security helps INM detect and prevent network intrusions.

ROBUST SECURITY FEATURES

To increase overall security, INM contains many features to manage all the security aspects of a network. The MAC Filter Manager supports the importing, configuration, and deployment of MAC filters to/from Brocade wired and wireless devices that support them. MAC filtering capabilities

Attacks, Viruses, Threats

Attacks, Viruses, Threats

DATA SHEET
capability turns INM into a full intrusion detection and prevention solution. Because sFlow is available on all Brocade IP switches and routers, INM cost-effectively detects and prevents intrusions throughout the networkeven at the edge (see Figure 5). INM processes events and takes remedial action for a number of anomaly detection applications. By extending the event processor to handle events from IronShield 360 security partners, INM provides the industrys first closed-loop security and management solution for both signature and anomaly detection.

www.brocade.com

MAXIMIZING INVESTMENTS
To help optimize technology investments, Brocade and its partners offer complete solutions that include education, support, and services. For more information, contact a Brocade sales partner or visit www.brocade.com.

SYSTEM REQUIREMENTS
INM software and documentation are shipped on a CD-ROM. In addition to having a CD-ROM drive, the host system must meet the requirements shown below.

INM SERVER REQUIREMENTS

Windows
Supported OS Versions 2003 Server SP2, Server 2008, XP Professional Edition SP3

Linux

Solaris

Red Hat Enterprise Linux Release 4 AS, 9 and 10 SPARC ES, WS, and Desktop; Red Hat Enterprise Linux Release 5 Advanced Platform, Base Server, and Desktop 1 to 200 Devices 3.0 GHz Pentium 4, 3 GB RAM 201 to 1000 Devices Multicore Xeon Processor 3000 sequence or above (or similar AMD processor), 4 GB RAM 1001+ Devices Dual (or more) Xeon 5000 sequence or above (or similar AMD processor), 4+ GB RAM 200 GB 1 to 200 Devices Sun UltraSPARC T1 (or similar UltraSPARC processor), 3 GB RAM 201 to 1000 Devices Sun UltraSPARC T2 (or similar UltraSPARC processor), 4 GB RAM 1001+ Devices Sun UltraSPARC T2+ (or similar UltraSPARC processor), 4+ GB RAM 200 GB

Recommended CPU Speed and Memory

1 to 200 Devices 3.0 GHz Pentium 4, 3 GB RAM 201 to 1000 Devices Multicore Xeon Processor 3000 sequence or above (or similar AMD processor), 4 GB RAM 1001+ Devices Dual (or more) Xeon 5000 sequence or above (or similar AMD processor), 4+ GB RAM

Recommended HDD Space

200 GB

INM CLIENT REQUIREMENTS*

Windows
Supported OS XP Professional SP3, Vista Business, 2003 Server SP2, Server 2008 IE 7.0, IE 8.0 Firefox 3.0.x JRE-1.6.0_13

Linux
Red Hat Enterprise Linux Release 5 Advanced Platform, Base Server, and Desktop Not supported Firefox 3.0.x JRE-1.6.0_13

Solaris
10 SPARC

Internet Explorer Mozilla Java Plug-In

Not supported Firefox 3.0.x JRE-1.6.0_13

* Required to access Web-based INM applications; specifications subject to change without notice.

Corporate Headquarters San Jose, CA USA T: +1-408-333-8000 [email protected]

European Headquarters Geneva, Switzerland T: +41-22-799-56-40 [email protected]

Asia Pacific Headquarters Singapore T: +65-6538-4700 [email protected]

2009 Brocade Communications Systems, Inc. All Rights Reserved. 08/09 GA-DS-1263-01 Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their respective owners. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.