Deployment recommendations
This topic contains recommendations for deploying BMC Network Automation.
Initial configurations
This section describes the initial configurations available in BMC Network Automation.
Configuring database backups
BMC Network Automation includes a database backup script when using the embedded PostgreSQL database. This makes database management more convenient. See Maintaining the database for location and usage instructions.
Configuring remote device agents
BMC Network Automation remote device agents are useful when network devices have overlapping IP addresses or are located in a secure location that is not accessible from the BMC Network Automation application server. Remote device agents are installed on Linux or Microsoft Windows host computers. See Installing the remote device agent on Windows and Installing the remote device agent on Linux for information about configuring them.
Configuring syslog
BMC Network Automation has a built-in syslog receiver. Syslog messages that are received can be used to trigger a snapshot of a network device, be included in change summary reports, and can be correlated with other events to trigger a job. BMC Network Automation can also be configured to receive syslog events from a relay instead of directly from the network device. This comes in handy if the customer has an existing syslog server that they want to continue using or if another layer of filtering of syslog messages is required before forwarding to BMC Network Automation.
For information about configuring syslog, see Configuring existing syslog servers to forward events.
Configuring device import
BMC Network Automation does not have an embedded means of discovering new devices on the network. The primary means of getting devices into BMC Network Automation is through device import. BMC Network Automation has a number of out-of-the-box device import adapters that enable importing from common discovery tools like BMC Atrium Discovery and Dependency Mapping, Entuity Eye of the Storm, HP Network Node Manager, and CSV. See Understanding device import formats and Managing device import tasks.
Security considerations
This section describes security considerations for BMC Network Automation.
Role-based access control
See Managing access.
Subjecting jobs to approval
Select the Enable Job Approval for Actions system parameter and then all actions that must require network operations and/or BMC Remedy Action Request (AR) System approvals. For more information, see Approving jobs.
You also must define the Job Approval Types, including BMC Remedy AR System approval, under Admin > Job Approval Types. For more information, see Managing job approval types.
Port usage
The following table describes port usage for BMC Network Automation.
Use | Default port number | Configuration details |
|---|---|---|
Syslog | 514 | The system can receive syslog events directly from the network devices on port 514 (default). You can change this default port under Admin > Device Agent. |
| TFTP | 69 | TFTP/FTP/SCP services are configured for the local (default) and any remote device agents under Admin > Device Agents. |
Telnet | 23 | This port is set in the global.properties.imported file. |
Device agent | 1099 | The device agent uses a single secure port (default 1099) to communicate with the application server. |
SCP/SSH | 22 | This port is set in the global.properties.imported file. |
HTTP | 80 | The http and https ports can be set during the application server installation in the Web Server Information panel. |
HTTPS | 443 | The http and https ports can be set during the application server installation in the Web Server Information panel. |
PostgreSQL | 15432 | Port opened by the embedded PostgreSQL database server during installation. The port number is set and used in the catalina.properties, database.properties, and pgpass.conf files, and the setenv_db script. |
SSH proxy | 4000 | Port to access application server's command line interface. The port number is set in the global.properties file. |
Comments
Log in or register to comment.