Cisco Transport Manager User's Guide, 7.0
Chapter 2: Basic Concepts
Download this chapter
Chapter 2: Basic ConceptsChapter 2: Basic Concepts
Download the complete book
Cisco Transport Manager R7.0 User Guide (PDF version)Cisco Transport Manager R7.0 User Guide (PDF version) (PDF - 33 MB)
give_us_feedback

Table Of Contents

Basic Concepts

2.1  CTM Interfaces

2.1.1  Southbound Interfaces with NEs

2.1.2  Northbound Interfaces with OSSs

2.2  Data Communications Network

2.2.1  Proxy Server/Firewall Configurations

2.3  What is FCPS?

2.4  Fault Management

2.4.1  Using the Diagnostic Center—MGX Voice Gateway Devices

2.5  Configuration Management

2.5.1  Explorers

2.5.2  Network Maps

2.5.3  Wizards

2.5.4  Using the Configuration Center—MGX Voice Gateway Devices

2.5.5  Using the Chassis View—MGX Voice Gateway Devices

2.5.6  Inventory Management

2.5.7  Double IP Address Management

2.5.8  Provisioning

2.5.9  Link Management

2.5.10  Circuit Management

2.5.11  NE Release Management

2.6  Performance Management

2.6.1  Statistics Report—MGX Voice Gateway Devices

2.6.2  Selectable Collection of PM Data Parameters

2.6.3  PM Queries and Graphs

2.6.4  Real-Time PM Reporting

2.7  Security Management

2.7.1  Login Advisory Message

2.7.2  Network Partitioning

2.7.3  User Management and Profiles

2.7.4  NE Access Control

2.7.5  Audit Log


Basic Concepts

This chapter introduces some basic CTM and networking concepts, including:

CTM Interfaces

Data Communications Network

What is FCPS?

Fault Management

Configuration Management

Performance Management

Security Management

2.1  CTM Interfaces

This section describes the southbound interfaces that CTM uses to communicate with NEs and the northbound interfaces that CTM uses to communicate with Operations Support Systems (OSSs).

2.1.1  Southbound Interfaces with NEs

The CTM server communicates with NEs through the data communications network (DCN) by using several protocols (CORBA, HTTP, TL1, SNMP, and so on).

2.1.1.1  ONS 15216

The ONS 15216 product family consists of the following classes of products:

DWDM filters or multiplexer/demultiplexer units

Optical add/drop multiplexers (OADMs)

Optical amplifiers (OAs), which are also referred to as erbium-doped fiber amplifiers (EDFAs)

Dispersion compensation, including the Optical Supervisory Channel (OSC) and Dispersion Compensation Unit (DCU)

The ONS 15216 NEs are referred to as active or passive. Active NEs support a management interface; passive NEs do not. There is no communication between passive NEs and CTM; rather, all of the information is user-defined. You can use the Domain Explorer to manually add inventory information for passive NEs. You can use the NE Explorer to manually add specific information such as serial number. For passive ONS 15216 NEs with multiple slots (such as the DCU), you can use the NE Explorer to specify the content of each slot. All of the information that you define is maintained in the CTM database and propagated to an external OSS through CTM GateWay/CORBA.

The following table summarizes the management protocol support available for the ONS 15216 product family. It also identifies each NE type as active or passive.

Table 2-1 ONS 15216 Management Protocols 

ONS 15216 Product
Active or Passive NE?
Management Protocol

ONS 15216 100-GHz OADM1/2/4

Active

TL11

ONS 15216 EDFA2

Active

SNMPv2c1, TL1

ONS 15216 EDFA3

Active

SNMPv2c1, TL1

ONS 15216 100-GHz Red/Blue Filters

Passive

ONS 15216 200-GHz Red/Blue Filters

Passive

ONS 15216 200-GHz OADM1/2

Passive

ONS 15216 EDFA1

Passive

ONS 15216 OSC

Passive

ONS 15216 DCU

Passive

ONS 15216 FlexLayer

Passive

1 Protocol that CTM uses to manage the NE.


2.1.1.2  ONS 1530x

CTM uses SNMP as the primary management interface for the ONS 15302 and ONS 15305. CTM supports the use of Cisco Edge Craft to configure the ONS 1530x. Cisco Edge Craft is the local craft application used to manage ONS 15302 and ONS 15305 NEs.

2.1.1.3  ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, ONS 15454 SDH, ONS 15600 SONET, and ONS 15600 SDH

The ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, ONS 15454 SDH, and ONS 15600 SONET support TL1 and SNMP interfaces, as well as a CORBA interface for Cisco Transport Controller (CTC) and CTM management. The CORBA interface is a proprietary Cisco interface and is not published for use by customers or third parties. The ONS 15600 SDH does not support the TL1 interface, because TL1 is used mainly in ANSI/SONET markets.

Note TL1 support is not available for ONS 15454 SDH releases earlier than R5.0.

The ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, ONS 15454 SDH, ONS 15600 SONET, and ONS 15600 SDH also support a Cisco proprietary HTTP interface for bulk collection of performance management (PM) data. This interface is not published for customer or third-party use.

Note In general, any updates from CTC for ONS 15600-specific screens can take up to several minutes. This delay affects CTM screens that are specific to the ONS 15600 SONET and ONS 15600 SDH.

2.1.1.4  ONS 155xx

CTM uses SNMP to manage the ONS 15501, ONS 15530, and ONS 15540 NEs. For the ONS 15530 and ONS 15540, CTM also provides access to the Cisco IOS command-line interface (CLI) through Telnet. The ONS 15501 does not run Cisco IOS software.

2.1.1.5  ONS 1580x

CTM uses TL1 to manage the ONS 15800, ONS 15801, and ONS 15808 NEs. Use of the TL1 Agent requires establishing a Telnet session to the Control and Monitoring Processor (CMP) module on the ONS 1580x. The following table lists the default user IDs and passwords for the ONS 1580x. After the Telnet session opens, the first command that must be entered is the Activate User TL1 command. This command initiates the TL1 session and allows you to enter subsequent TL1 commands and receive autonomous notifications.

Table 2-2 Default ONS 1580x User IDs and Passwords 

User ID
Password
Priority Level

USER_1

USER_1

1: System administrator

USER_2

USER_2

2: Complete permission

USER_3

USER_3

3: Read-only

USER_4

USER_4

4: Partial permission

USER_5

USER_5

5: Simple permission


2.1.1.6  Cisco CRS-1, XR 12000, and Cisco Catalyst 6509

CTM uses XML/CORBA as the primary management interface for the Cisco CRS-1 and XR 12000. CTM uses SNMP to communicate with the Cisco Catalyst 6509.

2.1.1.7  Cisco MGX Voice GateWay

CTM uses SNMP and FTP as the primary management interface for the Cisco MGX Voice GateWay devices.

2.1.2  Northbound Interfaces with OSSs

CTM supports three gateway modules that provide northbound EMS-to-NMS interface mediation. Not all NE types are supported by each module. The following table shows the NE types supported by each gateway module.

Table 2-3 CTM GateWay/CORBA, SNMP, and TL1 Coverage 

NE Type
CTM GateWay/CORBA Support?
CTM GateWay/SNMP Support?
CTM GateWay/TL1 Support?

ONS 15216 EDFA2

Yes

Yes

Yes1

ONS 15216 EDFA3

Yes

Yes

Yes

ONS 15216 100-GHz OADM

No

No

Yes

ONS 15216 100-GHz Red/Blue Filters

Yes2

No

No

ONS 15216 200-GHz Red/Blue Filters

Yes

No

No

ONS 15216 200-GHz OADM1/2

Yes

No

No

ONS 15216 EDFA1

Yes

No

No

ONS 15216 OSC

Yes

No

No

ONS 15216 DCU

Yes

No

No

ONS 15216 FlexLayer

Yes

No

No

ONS 15302

Yes

Yes

No

ONS 15305

Yes

Yes

No

ONS 15310 CL

Yes

Yes

Yes

ONS 15310 MA

Yes

Yes

Yes

ONS 15327

Yes

Yes

Yes

ONS 15454 SONET

Yes

Yes

Yes

ONS 15454 SDH

Yes

Yes

Yes3

ONS 15501

Yes

Yes

No

ONS 15530

Yes

Yes

Yes

ONS 15540 ESP, ESPx

Yes

Yes

Yes

ONS 15600 SONET

Yes

Yes

Yes

ONS 15600 SDH

Yes

Yes

No

ONS 1580x

Yes

No

Yes

Not Managed/Other Vendor NEs

Yes

No

No

Cisco CRS-1

Yes

No

No

Cisco Catalyst 6509

No

Yes

No

XR 12000

Yes

No

No

MDS 9000

Yes

No

No

MGX 8830, 8850, 8880

Yes

No

No

1 CTM GateWay/TL1 supports the ONS 15216 EDFA2 only for NE Software Release 2.3 and later.

2 CTM GateWay/CORBA supports only inventory management for the passive ONS 15216 NEs and Not Managed/Other Vendor NEs.

3 CTM GateWay/TL1 does not support ONS 15454 SDH releases earlier than R5.0.


See Chapter 12, "Managing Southbound and Northbound Interfaces" for detailed information about CTM GateWay/SNMP and CTM GateWay/TL1. See also Cisco Transport Manager Release 7.0 GateWay/CORBA User Guide and Programmer Manual for detailed information about CTM GateWay/CORBA.

2.2  Data Communications Network

A DCN, also known as an Operations Support Network (OSN), is the management network that provides connectivity between a service provider's operations support center applications and the NEs that they support. The DCN supports operations, administration, management, and provisioning (OAM&P) functions such as network surveillance, provisioning, service restoration, and so on. NEs that make up the provisioned services infrastructure used to deliver services to customers include SDH, SONET, add-drop multiplexers (ADMs), optical repeaters, voice switches, digital cross-connect systems, frame relay, asynchronous transfer mode (ATM) switches, routers, digital subscriber line access multiplexers (DSLAMs), digital loop transmission systems, and so on.

The DCN establishes the link between CTM and the EMS. The DCN is important to service providers because it is a vital element in getting fast, reliable management information about the network. Service providers design the DCN as a carrier-class management solution where a single failure does not jeopardize the ability to manage the network.

2.2.1  Proxy Server/Firewall Configurations

The ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, and ONS 15454 SDH support a proxy server configuration that allows networking ONS NEs in environments where visibility and accessibility between NEs must be restricted. In a proxy server environment, NEs are designated as gateway NEs (GNEs) or end NEs (ENEs). The GNE is LAN-connected to the DCN, while the ENEs are accessed through the proxy server feature on the GNE over the Section Data Communications Channel (SDCC). The ENEs are not directly accessible by IP address; in fact, the ENE IP addresses can be in a separate, private IP address space because they are not visible on the larger DCN. The GNE must have an IP address that is valid for the DCN LAN.

2.3  What is FCPS?

CTM's strategy is to provide a common, carrier-class fault, configuration, performance, and security (FCPS) EMS.

FCPS refers to the different types of information handled by management systems. A fifth area, accounting, is often included, making the acronym FCAPS. However, CTM does not currently support accounting management.

2.4  Fault Management

Fault management (FM) detects, isolates, corrects, and reports faults for the network and service. Fault management tracks the correlation of related services; for example, reliability, availability, survivability, quality assurance, alarm surveillance, alarm management, fault localization, fault correction, testing, and trouble administration. Fault management also maximizes the availability of the network for service delivery.

The Alarm Browser, Alarm Log and Dashboard provide information on fault management. Fault management tools are described in the following table. Fault management for MGX Voice Gateway devices can be performed in the Diagnostic Center or in the Configuration Center.

Table 2-4 Fault Management Tools 

Name
Description

Alarm Management

Identifies network problems and failures. For more information, see Chapter 9, "Managing Faults."

Device Management with Chassis View

Provides a graphical view of equipment status for the operational and alarm status of each card, port, line, or trunk, each of which is represented with a predefined color.

For more information, see Using the Chassis View—MGX Voice Gateway Devices.

Diagnostic Center

Generates real-time displays of element performance and utilization using system counters repeatedly polled by SNMP, and facilitates the monitoring of activity and error rates of individual ports, lines, and trunks.

By periodically polling each NE using SNMP, real-time counters detect and display hardware failures at the card, interface, port, line, and trunk level.

Monitors statistics events to identify problems with CTM.

For more information, see Using the Diagnostic Center—MGX Voice Gateway Devices.

Alarm Browser

Displays standing alarms and conditions in the managed domain. The Alarm Browser window lists the conditions that are assigned a severity level of critical, major, minor, or warning. It also shows cleared alarms that are not acknowledged.

For more information, see Chapter 9, "Managing Faults."

Alarm Log

The Alarm Log window contains alarms that have transitioned from the Alarm Browser. Cleared alarms are transitioned when you acknowledge them or when automatic acknowledgment has been enabled (in the Control Panel > User Interface Properties pane). In addition, the Alarm Log shows a history of cleared and acknowledged alarms and all transient conditions (also known as events or autonomous nonalarmed messages).

For more information, see Chapter 9, "Managing Faults."

Dashboard

The CTM Dashboard shows useful alarm and NE information in one easily accessible location. See Figure 1-3 on page 1-6.


The FM function is responsible for the discovery and localization of malfunctions on managed NEs. CTM supports consolidated FM by way of the following functions:

Alarm collection

Alarm and event acquisition and storage

EMS alarms for loss of communication, software download failure, memory backup failure, login security violation, server monitor thresholds, and free remaining disk space

Fault synchronization after connection loss

Maintenance mode state for suppression of alarms, events, and PM collection

Alarm display

Quick-view Dashboard window for display of alarm count and unacknowledged alarm count, and launch of EMS alarm view

Alarm indication and propagation

Color and shape coding of severity for critical, major, minor, and warning alarms

Alarm acknowledgement

Flexible alarm acknowledgment—single, multiple, all, automatic

Editable notes per alarm record

Historic alarm retrieval

Alarm sorting and filtering

Visible and audible notification of alarm reporting

Reports and exporting facilities

2.4.1  Using the Diagnostic Center—MGX Voice Gateway Devices

Note For detailed information about using the Diagnostic Center, see Chapter 9, "Managing Faults."

To launch the Diagnostic Center, choose Fault > MGX Voice Gateway > Diagnostic Center. You can also launch the Diagnostic Center from the Statistics Report, Configuration Center, or Chassis View.

The Diagnostic Center consolidates all the following diagnostic operations:

Diagnostic Operations for NEs

Diagnostic Operations for Network Manageability

Diagnostic Operations for Connections

2.4.1.1  Diagnostic Operations for NEs

You can diagnose NEs; for example, networks, nodes, cards, lines, ports, paths, or trunks. By diagnosing NEs, you can:

Monitor real-time counters.

Extend support for the Node Resync process to allow for two different levels.

Configure bit error rate test (BERT) to test the integrity of physical lines, ports, and logical paths.

Conduct line and path loopback tests.

Conduct node manageability tests.

2.4.1.2  Diagnostic Operations for Network Manageability

You can monitor statistic events for network manageability to collect element management health-related statistics. In addition, you can:

Verify that all the nodes in the network are managed correctly by CTM.

Identify general network problems.

Provide success rates, failure rates, and throughput of CTM to protocols such as File Transfer Protocol (FTP) and Simple Network Management Protocol (SNMP).

Create a trouble ticket that extracts all the information from the History panel.

2.4.1.3  Diagnostic Operations for Connections

By diagnosing connections, you can:

Access fault management capabilities in the form of diagnostic tests for connections.

Perform general test operations such as up and down connections, connection loopback, and round-trip delay.

Monitor real-time statistics.

2.5  Configuration Management

With configuration management, you set and control NEs, identify resources, collect information about a resource, and manage connections between NEs. Configuration management deals not only with the state of NEs, but also with the provisioning of resources and services. Generally, configuration management involves network planning, installation, service planning and negotiation, service provisioning, equipment provisioning, status and control, and network topology. Configuration management allows you to prepare the network to deliver services.

Note See Chapter 5, "Configuring Hardware" for more information.

Examples of configuration management include:

Discovering the inventory of what is installed in the network

Configuring chassis slots for cards based on desired services

Managing intra-chassis connections between NEs

Configuring cards in protected or unprotected relationships

Configuring physical (PTP) or logical (CTP) ports to support service profiles

Creating, modifying, viewing, and deleting network topologies and connections

Downloading and activating NE software

Backing up and restoring the NE configuration

CTM provides different graphical views to support configuration management. All views can be classified into three main groups: explorers, network maps, and wizards.

2.5.1  Explorers

Explorer windows are divided into two sections: a tree and a pane. The tree organizes the resources (domain, groups, nodes, network partitions, subnetworks, and modules), which are displayed in a hierarchical format. You can access information about each resource by browsing the tree section. The pane provides specific information about the selected object. There are three types of explorers in CTM:

Domain Explorer

Subnetwork Explorer

NE Explorer

2.5.2  Network Maps

Network Map windows display how the network is partitioned graphically. The Network Map is organized into a multilevel hierarchy that corresponds with the structure of Domain Explorer and Subnetwork Explorer trees. Users with the appropriate privileges can organize their own map display.

For more information, see 1.3.7  Network Map, page 1-23.

2.5.3  Wizards

Wizards are used to simplify involved configuration management tasks such as:

A-to-Z circuit provisioning

NE user access administration

Layer 2 service provisioning

VLAN provisioning

Broadcast software download

Native equipment/facility provisioning

Topology/link management

Automatic NE memory backup, on-demand restoration

General operation on multiple NEs

2.5.4  Using the Configuration Center—MGX Voice Gateway Devices

The Configuration Center combines internal chassis connection configurations into one application.

The Configuration Center window has three main areas:

Hierarchy pane—Displays the network hierarchy as a tree of objects with real-time alarms. The tree is used to navigate from the network level down to the port level.

Configuration pane—Displays the elements of the selected object. If an object is not selected, the configuration window is empty.

Inspector View—Provides a list of detailed information for the selected NE from the hierarchy view. The Inspector View is located below the hierarchy view. Click the Show static data button to update the information in the Inspector View.

Configuring MGX Voice Gateway devices enables you to:

Communicate with individual NEs (for example, a switch or a concentrator) using Simple Network Management Protocol (SNMP).

Obtain a list of inventory data; for example, ports under a line or cards in a node.

Create templates for all NEs.

The Configuration Center enables you to view, create, modify, and delete connections. You select the desired connection endpoints and configure the connection type and class of service. The end-to-end connection is automatically established between two cards in the switch. In addition, the status for each connection is displayed from one endpoint to the other.

Configuring connections enables you to:

Provision soft permanent virtual connection (SPVC) connections for VISM, ATM, and RPM.

Configure the traffic parameters and other parameters for each end of the connection.

Configure the connection parameters for the end-to-end connection.

Add descriptors to the connections.

2.5.5  Using the Chassis View—MGX Voice Gateway Devices

The front and rear panels displayed within the Chassis View provide a real-time indication of the status of individual cards, lines, and ports for the MGX Voice Gateway device. Both card and line alarms (the LEDs) are provided for all platforms and service modules.

The Chassis View enables you to manage the graphical representations of network nodes and device objects, so that you can:

Provide status updates for nodes, cards, and lines

Display the front or rear view of the node

Perform such tasks as provisioning shelf, card, and line levels by quickly navigating to the Configuration Center

Use LEDs to display the status of each card, reflecting both standby and active states

To launch the Chassis View, you can:

Choose Configuration > MGX Voice Gateway > Chassis View in the Domain Explorer window

Click the Chassis View icon in the Statistics Report, Diagnostic Center, or Configuration Center

Choose Tools > Chassis View in the Statistics Report, Diagnostic Center, or Configuration Center

Right-click an NE and choose Tools > Chassis View in the Statistics Report, Diagnostic Center, or Configuration Center

2.5.6  Inventory Management

Inventory information is another component of configuration management. CTM provides two levels of inventory reports:

Domain NE table—A complete list of all the NEs that belong to a specific group or to the entire domain

Equipment Inventory table—A detailed list of cards and modules installed on a specific NE

Note For detailed information about inventory reports, see Chapter 11, "Managing Inventory."

2.5.6.1  Adding New NEs to the CTM Domain

The Add New NE wizard allows you to add a new NE, or to add several new NEs at once. The wizard allows you to enter multiple NE IP addresses one at a time, or enter a beginning and ending IP address and automatically add a range of NEs. See 3.5.2  Adding NEs, page 3-19.

2.5.6.2  NE Connectivity and Operational States

The operational state of an NE can have the following values:

Preprovisioned—The NE has been added to the database for provisioning but is not yet in service. CTM does not manage preprovisioned NEs.

Under Maintenance—The NE is temporarily under maintenance but requires monitoring. This state is the same as In Service except that CTM does not report alarms or events for under-maintenance NEs.

In Service—The NE is currently deployed and requires monitoring. CTM collects polling, FM, configuration management, and PM data from in-service NEs and stores the data in the database.

Out of Service—The NE has been marked Out of Service by a network administrator and does not require monitoring. The CTM database records the last known state of the NE when it was in service.

In Service-Initializing—The NE is marked as In Service-Initializing when CTM connects to the NE (Communication State is marked as Available) and the discovery process starts. The initialization process is completed when fault and inventory have been synchronized. The operational state changes from In Service-Initializing to In Service-Synch Configuration.

In Service-Synch Configuration—The NE is marked as In Service-Synch Configuration when CTM uploads a configuration for that NE. You can change the operational state of an NE from In Service-Synch Configuration to Out of Service.

The communication state of an NE can have the following values:

Not Applicable—The NE is Preprovisioned or Out of Service. The connection to the NE has not been established or has been dropped.

Available—The NE is In Service or Under Maintenance and CTM is connected to the NE. The NE is declared Available when the NE is reachable and supported by CTM (as defined in the Administration > Supported NE table).

Unavailable—The NE is In Service or Under Maintenance but CTM cannot establish a connection to the NE. When CTM loses the connection to the NE, an EMS alarm with a probable cause of Connection loss is generated.

Only Reachable—The NE can be pinged but cannot be managed. Check the NE configuration and troubleshoot any errors.

Initialization Failed—The NE cannot be initialized. Verify that the username and password used by CTM match the username and password configured for the NE.

2.5.7  Double IP Address Management

CTM supports double IP addresses to access ONS 1580x NEs through two gateways using Layer 3 routing instead of Layer 2 bridging. This requires DCN configuration using Network Address Translation (NAT).

CTM uses either the primary or secondary IP address to reach the ONS 1580x:

Active IP address—The IP address (either primary or secondary) currently used by CTM to reach the ONS 1580x NE.

Primary IP address—The IP address configured on and used during normal working conditions to gain IP access to the NE through the default gateway.

Secondary IP address—The IP address used during fault conditions to reach the node through the NAT router. If the secondary IP address is not used or configured, the address is the same as the primary IP address.

2.5.8  Provisioning

CTM supports provisioning through:

NE Explorer—Shows service-provisioning information about the selected NE.

Craft interface—Depending on the NE model, CTM provides access to NE craft interfaces such as CTC, Cisco Edge Craft, CiscoView, web browsers, and the CLI.

Note A CLI session might not have a scroll bar depending on the operating system you are using. To enable the scroll bar on Solaris, hold down the Ctrl key, click the middle button of your mouse, and select enable scroll bar.

The following table lists the available craft interfaces by NE model.

Table 2-5 Craft Interface by NE Model 

NE Model
Craft Interfaces Available from CTM

ONS 15216 EDFA2

TL1 interface

CLI

ONS 15216 EDFA3

TL1 interface

ONS 15216 100-GHz OADM

TL1 interface

CLI

ONS 15302

CLI

Cisco Edge Craft

ONS 15305

CLI

Cisco Edge Craft

ONS 15310 CL

CTC

TL1 interface

ONS 15310 MA

CTC

TL1 interface

ONS 15327

CTC

TL1 interface

ONS 15454 SONET

CTC

TL1 interface

ONS 15454 SDH

CTC

TL1 interface

ONS 15501

CiscoView

CLI

ONS 15530

CiscoView

Cisco IOS CLI

TL1 interface

ONS 15540 ESP, ESPx

CiscoView

Cisco IOS CLI

TL1 interface

ONS 15600 SONET

CTC

TL1 interface

ONS 15600 SDH

CTC

ONS 1580x

TL1 interface

Cisco CRS-1

Craft web interface

Cisco Catalyst 6509

MDS 9000

Device Manager

Fabric Manager

CLI

Cisco XR 12000

Craft web interface

Cisco MGX Voice Gateway

CLI


2.5.9  Link Management

A link is a connection between two termination points (TPs). CTM represents the physical connectivity between NEs in the domain by defining the physical links between NEs. CTM allows you to view, create, modify, and delete links. CTM also supports a link utilization table, which displays utilization information and overall consumption of bandwidth for the selected links.

CTM automatically discovers links between CTC-based and ONS 155xx NEs. For CTC-based NEs, links are autodiscovered only when the DCCs are created on both ends of the link. Autodiscovery requires configuration on ONS 15501, ONS 15530, and ONS 15540 NEs. For the ONS 15216, ONS 15302, ONS 15305, ONS 15800, ONS 15801, and ONS 15808 NEs, links are manually added.

Note Link autodiscovery is supported on CRS-1 and XR 12000 platforms when Cisco Discovery Protocol (CDP) is enabled on the router or interface.

Note For all NEs that support links, you can add manually provisioned links. For example, you can define manual and patchcord links for the ONS 15454. For detailed information, see 3.6  How Do I Build Links?, page 3-30.

2.5.10  Circuit Management

A circuit represents an end-to-end connection between two or more connection termination points (CTPs). A circuit consists of an alternating series of cross-connections and link connections. In its simplest form, a circuit consists of a single cross-connection (if the circuit is defined between two CTPs on the same NE). A circuit can be bidirectional or unidirectional, point-to-point or point-to-multipoint, and protected or unprotected.

CTM allows you to create unidirectional and bidirectional circuits for CTC-based NEs. For unidirectional path switched ring (UPSR) circuits, you can create revertive or nonrevertive circuits. These circuits can route automatically or you can route them manually. For CTC-based NEs, circuits can be viewed, created, modified, traced, and deleted. For the ONS 15530 and ONS 15540, circuits can be viewed and modified.

Note Circuit information is not available for the ONS 15216, ONS 15501, ONS 15800, ONS 15801, ONS 15808, Cisco CRS-1, XR 12000, or Cisco Catalyst 6509. For the ONS 15302 and ONS 15305, circuits can be created through CEC (Configuration > ONS 15302 or ONS 15305 > Launch Cisco Edge Craft).

CTM supports the following circuit management operations:

Find circuits

View circuits and circuit spans

Create circuits

Modify circuits

Delete circuits

Trace circuits

Display associated VLANs

Upgrade circuits

Repair circuits

Update circuits

Roll circuits

Merge circuits

Reconfigure circuits

Note See Chapter 7, "Provisioning Services and Connections" for detailed information about circuit provisioning.

2.5.11  NE Release Management

An NE added to the CTM domain is discovered and managed by CTM only if the NE software version is defined in the Supported NE table.

Note See Release Notes for Cisco Transport Manager Release 7.0 for the NE software versions that are supported in CTM R7.0. The CTM release notes are available on the documentation CD-ROM and online at http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/optnet/ctm/ctmreln/index.htm.

Caution Before updating the software image on an NE, check the CTM release notes to verify whether the NE software version is supported in this CTM release.

The following NE administration features are available for the ONS 15216 EDFA, ONS 15302, ONS 15305, ONS 15310 CL, ONS 15310 MA, ONS 15327, ONS 15454 SONET, ONS 15454 SDH, ONS 155xx, ONS 15600 SONET, ONS 15600 SDH, ONS 1580x, Cisco CRS-1, and XR 12000:

Software download

Memory backup and restore (not available for the ONS 1530x, ONS 15501, or ONS 1580x)

Job monitoring

NE Software table (used to commit or revert software images)

Note The commit or revert software images functionality is not available for CRS-1 or XR 12000 platforms.

2.5.11.1  Software Download Wizard

Use the Software Download wizard to download software to NEs. After the download is complete you can use the NE Software table to activate the software. The downloaded software becomes the active version, and the active version becomes the standby version. CTM stores two software versions, active and standby.

2.5.11.2  Memory Backup Dialog Box

Use the Memory Backup dialog box to back up configuration and provisioning information that resides in the flash memory of an NE. By default, the local CTM server automatically backs up the memory of NEs once a day for seven days and stores the backup files on the CTM server. After seven days, the oldest backup file is replaced by the current backup.

2.5.11.3  Memory Restore Dialog Box

Use the Memory Restore dialog box to restore provisioning and configuration information stored in the flash memory of an NE.

2.5.11.4  Job Monitor Table

The Job Monitor table provides information about scheduled administrative tasks such as task type, task owner, task status, task start and end time, and so on.

2.5.11.5  NE Software Table

The NE Software table displays the active and standby software versions for the NE. From this table, you can activate new software or revert software on NEs.

2.6  Performance Management

Performance management (PM) involves gathering and reporting information on the behavior of NEs, networks, and services, including quality assurance, monitoring, management control, and analysis. It also involves the system's ability to collect and store massive amounts of statistical data for network activity.

Performance management ensures that the network delivers services with the promised quality. PM data is useful for fine-tuning the performance of the device and proactively monitoring for catastrophic failures before they occur. The NEs accumulate PM statistics in 15-minute and 1-day intervals.

Note See Chapter 10, "Managing Performance" for more information.

Examples of performance management include:

Collecting, storing, and forwarding data to characterize the integrity of transmission

Determining when connections fail to meet committed integrity thresholds

2.6.1  Statistics Report—MGX Voice Gateway Devices

You can use the Statistics Report to view performance data that is collected from the MGX Voice Gateway device.

Note Before viewing performance data, you must first enable PM data collection on the MGX node. See 10.3.5  Enabling or Disabling PM Data Collection on an Individual NE, page 10-15 for more information. For MGX Voice Gateway devices, only 15-minute PM data collection is supported.

To launch the Statistics Report, choose Performance > MGX Voice Gateway > Statistics Report. You can also launch the Statistics Report from the Diagnostic Center, Configuration Center, or Chassis View.

Depending upon the report selected, you can identify certain criteria, such as network object, type of statistics, granularity, report interval, and graphical format.

The following table lists the report types that are supported for each NE from the hierarchical tree.

Table 2-6 Report Types Supported for Each NE 

NE
Report Types

Network

Raw Data Report for cards, lines, ports, and trunks in the network.

Utilization Data Report for ports and trunks in the network.

Node

Raw Data Report for all cards, lines, ports, PNNI, trunks, and paths on the node.

Utilization Data Report for ports and trunks on the node.

Card

Raw Data Report for all cards1 , lines, ports, Private Network-Network Interfaces (PNNIs), trunks, and paths on the card.

Utilization Data Report for connections, ports, and trunks on the card.

Port

Raw Data Report for ports and connections on the selected port.

Performance Data Report for ports and connections on the selected port.

Utilization Data Report for ports and connections on the selected port.

Line

Raw Data Report for the line. If applicable, additional statistics are shown for physical lines.

Paths

Raw Data Report for paths and other elements.

1 Card support is used only for AXSM cards.


2.6.2  Selectable Collection of PM Data Parameters

There are two steps to setting PM collection:

1. Enable PM collection for a given NE model (in the Control Panel > PM Service window)

2. Enable PM collection for specific NEs (in the Domain Explorer or Subnetwork Explorer > NE Properties pane > Status tab > PM Collection area)

PM data cannot be collected unless the PM Service process is running. If PM data collection is enabled on an NE but the PM Service is not running, CTM displays a warning message.

For certain NEs, you can also enable robust PM data collection at the NE level. With robust collection, CTM attempts to recover from any data collection gaps that might occur due to an outage or an extended communication failure. If CTM detects a data gap, it attempts to retrieve the missing PM data from the historical registers available on the NE.

For the ONS 15530 and ONS 15540, you can use the Cisco IOS CLI or CiscoView to enable performance monitoring on each NE and module.

You can enable or disable performance monitoring for the individual modules in the ONS 1580x system. Use the ONS 1580x NE Explorer > card slot properties pane > Identification tab > PM Collection Status field. CTM also offers a wizard to enable or disable PM on multiple modules on the same ONS 1580x NE. To launch the wizard, open the ONS 1580x NE Explorer and choose Performance > Enable/Disable PM by Module. This opens a table that lists all of the NE modules and their PM collection status.

For the CRS-1 and XR 12000, you must enter the CLI commands shown in the following table to enable PM collection on the router.

Table 2-7 CLI Commands to Configure CRS-1 and XR 12000 PM Collection 

CLI Command
Purpose

performance-mgmt resources tftp-server <IP_address> directory <directory_name>

Defines the IP address of the TFTP server and the directory location where the NE copies PM files.

performance-mgmt statistics <entity_name> generic-counters template <template_name>

sample-size 1

sample-interval 15

Defines a template for collecting a single PM sample at 15-minute intervals. One template must be defined for each entity (interface, BGP, MPLS, and node).

performance-mgmt enable statistics <entity_name> generic-counters template <template_name>

Enables PM data collection using the given sample and interval as defined in the template above. One command must be entered for each entity (interface, BGP, MPLS, and node).


Files copied to the TFTP server for CRS-1 and XR 12000 PM purposes will contain a time stamp as part of the filename, which makes them unique. For this reason the TFTP server used must support creation of files as data is transferred, without requiring users to manually create a file of the same name at the TFTP server host in advance. Some TFTP servers prevent this by default.

Note See 10.3.5  Enabling or Disabling PM Data Collection on an Individual NE, page 10-15 and 10.3.7  Enabling or Disabling PM Data Collection by PM Category for CTC-Based NEs, page 10-18 for information on enabling and disabling PM data collection.

2.6.3  PM Queries and Graphs

CTM offers two PM query wizards to view PM reports:

Query by NE Model—Allows you to filter PM data by NE model.

Query by PM Category—Allows you to filter PM data by PM category, which can span multiple NE models.

The PM Query by NE Model wizard allows you to specify:

NE model (ONS 15327, ONS 15454 SONET, and so on)

PM type (SONET Section, SONET Line, and so on)

15-minute or 1-day collection

Near-end or far-end collection

Time period

Module type, where applicable

Physical location, where applicable

The PM Query by Category wizard allows you to specify:

PM Category (SONET, SDH, DWDM, and so on)

PM type (SONET Section, SONET Line, and so on)

15-minute or 1-day collection

Near-end or far-end collection

Time period

Module type, where applicable

Physical location, where applicable

Note Performance management is not supported for the ONS 15216, Cisco MDS 9000, or Catalyst 6509.

All PM tables contain a Plot tab that you can use to plot the data in a graphical view that is stored in the CTM database. CTM plots up to three parameters in one graph for comparison. The Y axis represents the selected parameter(s); the X axis shows the time.

The CRS-1 and XR 12000 PM tables provide additional functionality that allows you to generate an HTML report based on the data in the selected PM table. See 10.4.6  Generating an HTML Report for PM Tables—CRS-1 and XR 12000, page 10-37.

2.6.4  Real-Time PM Reporting

CTM supports the ability to launch a real-time PM report from the PM Query wizard or from a single row in a PM table. This feature allows you to examine the current value of a PM parameter in granularities finer than the standard 15-minute or 1-day interval. You can view and modify the polling interval for the real-time PM reporting session. You can end a real-time PM session at any time and export the data. For more information, see 10.4.4  Managing Real-Time PM Data, page 10-34.

Note Real-time PM reporting applies only to CTC-based, CRS-1, and XR 12000 NEs.

Before you can use real-time PM reporting functions on CRS-1 or XR 12000 NEs, you must configure the templates. You can use CLI commands directly as shown below or you can use the PM Stats Configuration application. See 10.3.6  Using Templates to Set Up PM Collection—CRS-1 and XR 12000, page 10-16. You only need to configure templates for the PM data types that you will be viewing reports on. The template names must match exactly with the names shown below: 

performance-mgmt statistics node cpu template RealTimePM_NodeCPU_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics node memory template RealTimePM_NodeMemory_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics node process template RealTimePM_NodeProcess_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics interface generic-counters template 
RealTimePM_InterfaceGC_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics interface data-rates template RealTimePM_InterfaceDR_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics bgp template RealTimePM_BGP_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics mpls ldp template RealTimePM_MPLS_LDP_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics mpls interface template RealTimePM_MPLS_Interface_template

 sample-size 60

 sample-interval 1

!

performance-mgmt statistics ospf v2protocol template RealTimePM_OSPF_V2_template

 sample-size 60

 sample-interval 1

!

Note See 10.3.5  Enabling or Disabling PM Data Collection on an Individual NE, page 10-15 and 10.3.7  Enabling or Disabling PM Data Collection by PM Category for CTC-Based NEs, page 10-18 for information on enabling and disabling PM data collection.

2.7  Security Management

Security management prevents and detects any improper use of network resources and services as well as enabling recovery from security violations. Aspects of security management include prevention, detection, containment, and recovery.

Security management protects the revenue-generating assets in the network.

Note See Chapter 8, "Managing Security" for more information.

Examples of security management include:

Controlling access to network management functions

Controlling access to network logical resources

Security for the CTM system can be divided into the following areas:

CTM security domain: To log into the CTM client, a username and password are required. A user profile defines the access privileges. CTM passwords are stored using MD5 one-way encryption.

OSS security domain: OSS-to-CTM sessions are configured by the CTM GateWay EMS-to-NMS interface architectural component.

NE security domain: At the NE level, a username and password are configured to enable the user to connect directly through the console port (EIA/TIA-232), through the management port (10BASE-T), or remotely through a Telnet session. NE passwords are stored using base-64 two-way encryption.

CTM server login: You must have root user privileges to log into the CTM server workstation for debugging or changing the CTM server program. A username and password are required.

Oracle database access: Access to the Oracle database requires Oracle root user authentication, as well as CTM database access authentication. The Oracle username and password are encrypted in the server configuration file.

CTM supports the following security features:

Login advisory message

User management and profiles

NE access control

Audit Log

2.7.1  Login Advisory Message

The following is the default advisory message after logging into the CTM client: 

NOTICE: This is a private computer system. Unauthorized access or use may lead to 
prosecution.

You can customize the default advisory message, or disable it altogether. See Chapter 8, "Managing Security."

2.7.2  Network Partitioning

You can configure for network partitioning by dividing the network into logical areas. You can then access only the areas that are specified under your security profile. The nodes and elements must fall under the area or areas that fit your security profile for each CTM application.

You can:

Define the network partitions from the associated list of nodes.

Define, modify, and view the areas within your network.

Manage only the areas under your security profile.

Manage connections that originate and terminate within the assigned area(s). The domain can include multiple areas.

2.7.3  User Management and Profiles

CTM user management includes the ability to:

Manage predefined default user profiles with different access privileges. The default user types are:

SuperUser—Users who have access to all operations.

SysAdmin—System administrators who manage CTM access.

NetworkAdmin—Typically, network operations center (NOC) supervisors who perform daily network surveillance, provisioning, and PM activities on any group or NE.

Provisioner—Users who perform daily network surveillance, provisioning, and PM activities on specific NEs. Each provisioner can have only one active session. Provisioners cannot access administrative information.

Operator—Users who perform daily network surveillance and PM activities on specific NEs. Each operator can have only one active session. Operators cannot access administrative information.

Create, delete, modify, and duplicate custom user profiles with certain privileges. Custom user profiles are grouped into categories and each category has a set of operations.

Create, delete, or modify CTM users; lock or unlock user accounts; view logged-in users; and end active user sessions.

Regulate user logins, including password aging, number of failed login attempts before an account lockout, login disable period, lockout time, and logout time.

Specify a CTC username and password.

Configure the username and password used by the CTM server and CTM GateWay/TL1 to access NEs.

View, add, modify, and delete NE user accounts on one or more NEs.

Note For detailed information about user management, see Chapter 8, "Managing Security."

2.7.3.1  Locking and Unlocking the Client

A CTM client is locked automatically after a defined period of inactivity.

To manually lock the CTM client, choose File > Lock CTM Client in the Domain Explorer window. The CTM Locked window opens, indicating that the CTM client is locked. When the CTM client is locked, a minimized icon becomes available. Clicking the minimized icon brings the login dialog box to the foreground.

To unlock the CTM client, enter your password in the CTM Locked window; then, click Unlock.

2.7.4  NE Access Control

NE access control includes the ability to:

Configure the username and password used by the CTM server and CTM GateWay/TL1 to access NEs and retrieve alarms, configuration, and inventory information.

Note Each username and password specified must exist on the selected NE in order for CTM to manage it. A new or modified password takes effect at the next reconnection.

Configure the username and password on multiple NEs by using the bulk NE authentication feature. With a single operation, you can specify the same username and password for NEs that belong to the same group or are assigned to the same user.

Manage NE user accounts by using the NE User Access Administration table. This feature supports the ability to view, add, modify, and delete NE user accounts on one or more NEs.

Monitor active NE users and log out selected users.

(ONS 1580x NEs only) Modify the user password of the local craft tool and create, modify, and delete TL1 users on one or more NEs (if supported by the TL1 Agent version).

Add predefined users on a selected NE.

2.7.5  Audit Log

The Audit Log contains information about significant events (user-initiated changes and activities) that occurred on the CTM server during a specific time period for the purposes of establishing accountability. It also helps in identifying remedial actions to correct an improper activity. The Audit Log is implemented in the CTM database, where each record has a time stamp, record type, and message string.

Note See Chapter 8, "Managing Security" for a list of runtime-affecting operations that the Audit Log records for monitoring purposes.