Posture or Endpoint Compliance is the way to check the health of machines before accessing our network, health could be having the latest anti-virus or having a specific application already installed or making sure no USB drive is attached to it, etc. Here is story frame by frame 🙂
Note: By saying Knowledge here, I mean how AnyConnect will know what is the latest version for a specific Anti Virus for instance and so on
I am writing BGP Zero to Hero Part 8 it will be about BGP Filtering This includes using distribute-list, Outbound Route Filtering (ORF), and filter-list using as-path-ACL . Also will explain Regular Expressions and use them with BGP AS-path filtering. All coming with Labs to practice as usual. This part will include as well Soft Reconfiguration Inbound & Maximum Prefix.
This part might be avilaible in CLN by mid of March 2022.
Understanding Databases is a must for network engineers nowadays. We should understand databases, not only relational databases such as Mysql but also nonrelational databases (aka NOSQL), which are commonly used with Big Data.
For example we are living now in the era of Streaming Telemetry and Model Driven Telemetry (MDT). Streaming telemetry is a new approach for network monitoring in which data is streamed from devices continuously with efficient, incremental updates.
Your Network devices such as a switch are the publisher, Your machine (where the application reside) that getting the data is the subscriber. One of the major benefits of model-driven telemetry is that you can define the frequency and amount of data that the network device will stream back to the collector or application.
Telemetry subscription is a subscription that is used to define the set of data that is requested as part of the telemetry data.
The telemetry subscription allows you to choose the subset of the data for which you want to receive information. There are two types of subscriptions that are used in telemetry on Cisco IOS XE Software systems: • Dynamic (also known as dial-in) using YANG and Netconf • Configured subscriptions (also known as dial-out) using YANG and gRPC
Switches, Routers support Streaming telemetry and can be configured to send data for instance, when CDP or BGP neighbors changed (on-change Telemetry publications); we can also get data about our switch CPU status in the last few minutes and keep getting these data every few minutes (periodic Telemetry publications)
All these data will be sent to your machine and stored in nonrelational databases from the type (Time-series database) such as InfluxDB
Another example, Cisco SD-WAN (Viptela) , all Statistics saved in your NMS (vManage) in nonrelational databases from the type (Document-based database) such as Elasticserach. While vManage Configuration database saved in ( Graph-based database) such as Neo4j
You should know how to query these databases and how to visualize data in it using visualization tools such as Grafana or Kibana
Common used nonrelational databases (aka Unstructured-Data DB)
• Key-value database: A travel blog on a website, which uses a key-value database. Each value (in this case, a blog post) is stored under a different key, and the keys represent URIs on which the blog is available.
• Document-based database: Suitable for a successful startup company that uses an application with fast-changing specifications. Data is saved as semistructured documents, facilitating change management.
• Column-based database: For business analysis, where huge amounts of data need to be processed, a column-based database is perfect because the data is stored in columns, instead of rows. Most of the operations are performed on only one column, so performance is much greater than with row-based databases.
• Time-series database: With the rise of smart cars and the Internet of Things (IoT), gigabytes of telemetry data are being generated each day. The data is sent back to a vendor for analysis and stored in a simple time-series database.
• Graph-based database: Social media has become very popular in the past few years. Due to a huge number of complex relations between entities, the social media application uses a graph-based database, where data is defined and traversed via nodes (entities) and edges (relations).
The Viptela REST API calls expose the functionality of Viptela software and hardware features and of the normal operations you perform to maintain Viptela devices and the overlay network itself.
In REST API terminology, each of these features or operations is called a resource.
A resource is an object with a type, associated data, relationships to other resources, and a set of methods that operate on it.
Resources are grouped into collections.
Each collection contains a single type of resource, and so is homogeneous.
In the Viptela REST API, the collection of resources is present at the top level of the API.
The Viptela REST API resources are grouped into the following collections:
•Monitoring: This collection views status, statistics, and other information about operational devices in the overlay network. Viptela devices collect monitoring information about themselves every 10 minutes. After collecting these statistics, each Viptela device places them in a zip file. The vManage server retrieves these zip files every 10 minutes or, if the vManage server cannot log in to the device, it retrieves them whenever it is next able to log in.
•Real-Time Monitoring: This collection retrieves, views, and manages real-time statistics and traffic information. Real-time monitoring information is gathered in real time, approximately once per second.
•Configuration: This collection creates feature and device configuration templates, retrieves the configurations in existing templates, and creates and configures vManage clusters.
•Administration: This collection manages users and user groups, views audit logs, and manages the local vManage server.
•Device Inventory: This collection collects device inventory information including serial numbers and system status.
•Certificate Management: This collection manages certificates and security keys.
•Troubleshooting Tools: This collection provides tools to help troubleshoot devices, determine the effect of policy, update software, and retrieve software version information.