Managing Cisco routers: Do it yourself

When it comes to managing Cisco routers, Brian Jones wants to get more than he paid for. The manager of network engineering and operations at Virginia Polytechnic Institute and State University in Blacksburg says the school's IT team discovered a way to save money and staff time, while also managing its 1,454 Cisco switches and 71 Cisco routers more efficiently.

Many vendors, including Cisco, offer tools to simplify managing the gear, but the team at Virginia Tech wrote its own software designed to track device configuration and manage frequent changes.

"You can buy those canned tools for Cisco equipment from software vendors, but then you end up with their view of your network," Jones says.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

When it comes to managing Cisco routers, Brian Jones wants to get more than he paid for. The manager of network engineering and operations at Virginia Polytechnic Institute and State University in Blacksburg says the school's IT team discovered a way to save money and staff time, while also managing its 1,454 Cisco switches and 71 Cisco routers more efficiently.

Many vendors, including Cisco, offer tools to simplify managing the gear, but the team at Virginia Tech wrote its own software designed to track device configuration and manage frequent changes.

"You can buy those canned tools for Cisco equipment from software vendors, but then you end up with their view of your network," Jones says.

Whether it's through tapping hidden features in the gear, deploying software tools or training staff, finding innovative ways to manage a large Cisco network can provide cost savings, reduce some tedious staff duties and optimize the equipment's performance. Perhaps it's because vendor equipment dominates most corporate wiring closets and data centers that several network managers have uncovered tips and tricks they're willing to share with their peers in IT operations.

Virginia Tech wrote and uses scripts that can work across Cisco interfaces, ensuring that any engineer can manage multiple devices. Jones says the scripts eliminate the need for the network administrator to be familiar with each piece of equipment and/or its interface to understand what needs to be done.

"We have so much equipment and several people making changes that if we didn't track them constantly, we'd have a real mess of a network," Jones says.

The homegrown application captures all switch and router configurations, and changes made to the devices. All the data is then stored in a repository for easy access in case a network problem occurs. Not only do the scripts ensure accuracy across equipment, they also provide some automation when configuring routers and switches, which saves the IT staff time.

Jones says Cisco made it easier for Virginia Tech to write change management software with the company's own configuration processes.

"With Cisco, it's a text-based configuration file so it's easy to store. With other vendors, there's no way to easily store that data in a repository to view later," Jones says. And he says he considered change and configuration management tools from software companies such as Computer Associates, Hewlett-Packard and IBM Tivoli, but adds that at the time, the wares couldn't track changes across different interfaces on the Cisco gear.

Jones also taps Cisco's NetFlow metering protocol on occasion to take closer looks at potential security breaches. NetFlow is part of Cisco's IOS that collects and measures data as it enters specific routers or switch interfaces, which network managers can choose to activate. The data can be used to monitor key applications, including accounting, billing and network planning, for corporate or service provider customers.

While NetFlow tends to collect volumes of log data - which potentially can slow down a network - Jones says he can spot the top network talkers by tapping the Cisco-specific feature. And he's found that the protocol can provide a bit of extra security on the network periphery because it can gather more specific application and traffic metrics than common protocols such as SNMP can. He keeps the feature turned on in Virginia Tech's edge switches.