Deployment recommendations
This topic contains recommendations for deploying TrueSight Network Automation.
Initial configurations
This section describes the initial configurations available in TrueSight Network Automation.
Configuring database backups
TrueSight Network Automation includes a database backup script when using the embedded PostgreSQL database. This makes database management more convenient. See Maintaining-the-database for location and usage instructions.
Configuring remote device agents
TrueSight Network Automation remote device agents are useful when network devices have overlapping IP addresses or are located in a secure location that is not accessible from the TrueSight Network Automation application server. Remote device agents are installed on Linux or Microsoft Windows host computers. See Installing-the-remote-device-agent-on-Windows and Installing-the-remote-device-agent-on-Linux for information about configuring them.
Configuring syslog
TrueSight Network Automation has a built-in syslog receiver. Syslog messages that are received can be used to trigger a snapshot of a network device, be included in change summary reports, and can be correlated with other events to trigger a job.TrueSight Network Automation can also be configured to receive syslog events from a relay instead of directly from the network device. This comes in handy if the customer has an existing syslog server that they want to continue using or if another layer of filtering of syslog messages is required before forwarding to TrueSight Network Automation.
For information about configuring syslog, see Configuring-existing-syslog-servers-to-forward-events.
Configuring device import
TrueSight Network Automation does not have an embedded means of discovering new devices on the network. The primary means of getting devices into TrueSight Network Automation is through device import. TrueSight Network Automation has a number of out-of-the-box device import adapters that enable importing from common discovery tools like BMC Discovery, Entuity Network Analytics, HP Network Node Manager, and CSV. See Understanding-device-import-formats and Managing-device-import-tasks.
Security considerations
This section describes security considerations for TrueSight Network Automation.
Role-based access control
See Managing-access.
Subjecting jobs to approval
Select the Enable Job Approval for Actions system parameter and then all actions that must require network operations and/or BMC Remedy Action Request (AR) System approvals. For more information, see Approving-jobs.
You also must define the Job Approval Types, including BMC Remedy AR System approval, under Admin > Job Approval Types. For more information, see Managing-job-approval-types.
Port usage
The following table describes port usage for TrueSight Network Automation.
Use | Default port number | Configuration details |
|---|---|---|
Syslog | 514 | The system can receive syslog events directly from the network devices on port 514 (default). You can change this default port under Admin > Device Agent. |
TFTP | 69 | TFTP/FTP/SCP services are configured for the local (default) and any remote device agents under Admin > Device Agents. |
Telnet | 23 | This port is set in the global.properties.imported file. |
Device agent | 1099 | The device agent uses a single secure port (default 1099) to communicate with the application server. |
SCP/SSH | 22 | This port is set in the global.properties.imported file. |
HTTP | 80 | The http and https ports can be set during the application server installation in the Web Server Information panel. |
HTTPS | 443 | The http and https ports can be set during the application server installation in the Web Server Information panel. |
PostgreSQL | 15432 | Port opened by the embedded PostgreSQL database server during installation. The port number is set and used in the catalina.properties, database.properties, and pgpass.conf files, and the setenv_db script. |
SSH proxy | 4000 | Port to access application server's command line interface. The port number is set in the global.properties file. |