Professional Documents
Culture Documents
Introduction
As networks grow in both size and complexity, the need for network management increases
greatly. Many organizations, however, continue to rely on costly, repetitive, and error-prone
processes in which operators resort to the primitive technique of manually managing the
devices in the network. In today’s business environment, the Cisco network management
products—which automate these procedures—make both financial and practical sense. But
without bottom-line evidence, network managers and decision makers may be reluctant to
invest in network management products.
As with any capital expenditure, the benefits provided by CiscoWorks network management
products must outweigh the investment required. One way to provide evidence of these
benefits is to compare the cost savings of using Cisco network management products to a
traditional, manual approach.
It is difficult to provide a hard and fast algorithm to calculate exact savings, because there
are many variables involved, ranging from expertise of existing staff, current policies and
procedures, and the level of management desired. However, it is possible to calculate an
approximate value based on commonly performed network management tasks and
assumptions about some fixed variables.
The online Cisco Cost Analysis Tool attempts to bridge this gap by estimating cost savings
based on a set of assumed parameters and variables determined by the user. This paper is a
companion piece to the online Cost Analysis calculator and explains the rationale and
methodology used by the tool to produce the analysis.
Note that the calculations do not take into account the “soft” costs, such as the cost of
having an individual spend time on routine manual tasks, the savings achieved by not
requiring additional staff, or the impact of poor network performance on brand image.
Although small networks can be effectively managed by manually accessing each device and meticulously
documenting the results, the same methodology is often impractical and cost-prohibitive when applied to larger
networks. The CiscoWorks family of network management applications provides the following benefits to large
networks:
• Manual labor reduction
• Network availability enhancement, through mitigation of network downtime and/or degradation due to
device failure
Basic network infrastructure management requires the performance of many tasks, such as initial configuration,
monitoring of inventory, software upgrades, and preventive maintenance of devices. There are three principal benefits
of using CiscoWorks LAN Management Solution (LMS) for configuration management:
• Significantly reduced preparation time for a given task
• Automated distribution of tasks to allow multiple jobs to be run simultaneously
• Automated change audit records and inventory tracking
Note that Cisco network management products do not affect the planning time or the time required to process each
job by a given device. Logically planning for an audit, software upgrade, or configuration update is identical whether
performed manually or with CiscoWorks. Further, there is a physical limit to the speed at which a given device can
process a job, whether the request was generated from CiscoWorks or if it were generated through a manual process
via command-line interface (CLI). In other words, once the “What shall we do?” is defined, the differences between
manual configuration and automated configuration are demonstrated in the “How shall we do it?” phase.
While every network requires a different mix of management activity (depending on network criticality, design, use,
and so on), there are several tasks common to all managed networks: configuring password changes, distributing
software upgrades; and gathering inventory and change audit information.
Whether this is done manually or through CiscoWorks, advance planning—such as what to change the password to,
when the devices should be configured, who needs to approve the changes, and so on—must be performed. The
advance time required is identical for both the manual and automated processes, so this has not been factored into
the cost savings calculation.
To perform the password changes, the system administrator must Telnet into each applicable device, make the
requisite password change, logout, and then document the change information—a fairly straightforward process
which should require no more than a few minutes to complete.
CiscoWorks provides automatic and simultaneous distribution of multiple jobs, while automatically updating a
Change Audit database. Automation of activities such as changing passwords on all devices dramatically reduces the
time spent: Manual configuration of password changes for 800 devices may take as much as 93 hours annually.
With CiscoWorks, the same process requires only 24 minutes.
See Appendix A: Configuring Password Changes for a step-by-step walkthrough of this calculation.
Both manual and automated upgrades require several preparatory steps. System administrators should ask the
following questions before attempting an upgrade:
• Have the appropriate images containing the minimum required device configurations been located in Cisco.com?
• Have all of the prerequisites for loading the software on the device been met?
• Has the effect of the upgrade on the network and the network users been considered? (When should the upgrade
occur? In what order should the devices be upgraded?)
The cost savings of using CiscoWorks LMS on software upgrades is difficult to calculate, as it is heavily dependant
on factors such as the network administrator’s familiarity with Cisco.com, the availability of current configuration
information, and the number and variety of devices in the network. However, CiscoWorks LMS provides Change
Audit databases, which contain data pertaining to all changes made to devices (hardware and software), and
automatically compare the information to the recommendations from Cisco.com, drastically reducing preparation
time for a software upgrade.
In addition, jobs can be scheduled simultaneously, decreasing the time required for the entire network to be upgraded.
It is important to note that Cisco recommends no more than 12 simultaneous upgrade sessions be scheduled (as
opposed to 300+ for password changes). Further, note that the time required for a device to receive the download
and reboot is identical for both CiscoWorks and CLI manual procedures.
Another key benefit of using CiscoWorks for software distribution is the ability to create scheduled jobs. System
administrators can set up the job request during normal working hours, and have LMS automatically run the requests
during non-business hours. While the actual time the devices are down may not change, the administrator no longer
has to be constantly available while the upgrades are commencing, conserving valuable workday time.
See Appendix B: Distributing Software Images for a walk-through of the CiscoWorks and manual software upgrade
processes.
The sudden, inexplicable failure of a device can be costly to a company. System administrators must analyze the
device in order to discover the cause of the failure. After hardware failure, the most common cause of such failures
is a change in configuration. Perhaps an inexperienced administrator entered the wrong commands, or made
typographical errors. While solving the problem may be simple as returning the device to its original configuration,
unless meticulous records exist that detail who made what changes to which device, arriving at this conclusion and
rectifying the error could take many hours. Because manually maintaining records of every physical and logical
change applied to a given device is both impractical and time-consuming, system administrators rarely have this kind
of documentation on hand.
CiscoWorks LMS, however, automatically records every change applied to a device—whether by CiscoWorks
applications or via CLI—in the Change Audit database. This process is transparent to the administrator, and requires
no additional time or effort on his or her behalf.
Gathering inventory data using LMS is equally simple and fast. CiscoWorks LMS has the ability to simultaneously
access each managed device and obtain both hardware and software information, providing far more efficient and
accurate records than can be manually maintained or created.
For further information on the Change Audit function, see Appendix C: Gathering Inventory and Change Audit
Information.
In order to determine the level of fault management necessary, system administrators must ask how much does
network downtime or network degradation cost their company?
When determining cost of downtime or degradation, lost productivity and lost revenue must be taken into account.
A study conducted by Infonetics, Inc., an international market research company, showed that network degradations
result in an approximate 16 percent loss of networked worker productivity and a 10 percent loss in revenue, as a
result of the decreased productivity of revenue-producing employees. If the network were to be down completely,
these figures increase to 24 percent lost productivity from networked employees and revenue loss of as much as 60
percent. A company with 1000 employees and annual revenues of $200 million, as an example, could suffer losses
that easily surpass $8000 per hour. (See Appendix D: Availability Enhancement using LMS+DFM).
Fault management is a crucial component of any network management scheme to minimize or eliminate such losses.
CiscoWorks LMS (with Device Fault Manager as an add-on) can serve as a key element in such an environment.
Although LMS is a component of a comprehensive fault management system, it does not provide complete,
system-wide functionality by themselves. For example, a complete fault management scheme would monitor servers,
users, applications, links, as well as the network devices. LMS can be integrated with such comprehensive systems
by providing in-depth information on the network devices to the system management platform (such as HP
OpenView Network Node Manager).
Conclusion
The CiscoWorks product family can provide a quantifiable financial and IT benefit to an organization, through the
automation of routine labor, as well as helping to mitigate network degradation due to device failures. While it is
difficult to derive an exact figure of the true and potential cost savings for every customer situation, the Cost Analysis
Tool can provide an understanding of the scale of savings involved. At this point, the question that needs to be asked
is not “What is the cost of the product?” but “What is the cost of NOT using CiscoWorks?”
Assuming 800 devices that require quarterly password changes and a manual configuration error rate of 5 percent,
the time spent per quarter on password changes is calculated as:
Assuming that the system administrator can open up three simultaneous Telnet sessions and configure these devices
simultaneously, the process will still take 23 hours per quarter (or 93 hours per year) to complete. Although it is
possible to open up more than three simultaneous Telnet sessions, the rate of error will consequently rise as well.
Compare the time required to conduct the same procedure using CiscoWorks LAN Management Solution (LMS).
The following steps were taken in setting up LMS to conduct simultaneous password changes in batches of 300
configured devices: (Note that the product has been tested for up to 700 simultaneous batches.)
1. Log into the CiscoWorks management console.
2. Click on Resource Manager Essentials/Configuration Management/NetConfig.
8. Set job properties (such as schedule, notification, failure policy, and parallel/serial configuration jobs).
The above steps in the netconfig wizard should take an experienced operator approximately five minutes to complete.
Although an additional three minutes is required for LMS to Telnet into each device make the requisite changes, then
logout, this time is immaterial to the administrator. (Note, however, that CiscoWorks processes the device changes
simultaneously, so the three-minute-per-device configuration time is not cumulative). In other words, once the job
setup is complete and the Finish button is clicked, the operator’s work is done (unless an error message is generated
as configured in the Job Properties step).
Given these figures, using LMS to configure quarterly password changes on a 800-device network in which 300
devices are configured simultaneously, the amount of time required per year can be calculated as follows:
(800 devices/ 300 devices at once) x 5 minutes to configure = 13.3 min (0.22 hrs)/qtr
= 0.89 hrs/yr
When an password is enabled or disabled, the change information is automatically sent as an update to the
CiscoWorks inventory database. As a result, there is no need for a manual documentation to track how/when/who
concerning the password change, which saves additional system administration time.
Given the above assumptions, using CiscoWorks LMS for password changes saves:
The manual process for distributing software upgrades is extremely time-consuming, especially in the preparation
and initial research phases. A typical manual procedure for a software upgrade is outlined below:
1. Determine current device image revisions. If the administrator kept meticulous records, this step should be fairly
simple. Without these records, it is impossible to proceed with a software image upgrade. Although obtaining
device information is a simple procedure, it is still no small task to obtain a current and accurate report if a large
number of devices, or multiple device types (for example, a mix of Catalyst 6500 switches, 3600 routers, and
7200 routers) are involved, It may only take three minutes per device to get the required data, but recording the
information is a serial task when done manually.
2. Log on to Cisco.com and find the appropriate software image to determine whether an upgrade image is
available. This step requires only five to ten minutes per image, provided the system administrator is familiar with
the naming conventions of Cisco IOS Software, the Cisco.com Web site, and is familiar with the required version
number and feature sets.
3. Determine whether the destination device satisfies the minimum requirements specified on Cisco.com. If the
administrator has kept meticulous inventory records of the devices on the networks, this information should
already be available, but as mentioned above, this is rare. In addition, the amount of time required increases
greatly if there are multiple hardware device configurations and device types on the network.
4. Download the image and reboot the device. Often, to prevent downtimes from affecting network users, upgrades
are performed after business hours. While administrators may conduct the activities from a remote location
(home as opposed to office), it still requires that they be online during off hours.
5. Depending on the number of devices analyzed, within two to five minutes, the Upgrade Analysis report is
generated. This report contains individual, device-specific information indicating whether hardware upgrades are
required, and provides notes on Telnet access requirements. CiscoWorks LMS also obtains up-to-date
information on the specified device configuration. Because every change made on a device (whether via
CiscoWorks or via CLI) is recorded in the Change Audit database, the administrator is assured of obtaining the
most current snapshot of the device’s hardware and software configurations. Manual performance of this task,
performed by Telneting into a device and browsing though Cisco.com, would take substantially longer.
8. Select distribution sequence. Note that LMS does not shorten the time required for each device to process the
software upgrade. Further, each upgrade, whether done via CLI or through the LMS graphic user interface (GUI),
is performed sequentially.
9. Finally, schedule the upgrade/reboot for a time when impact to network users will be minimal.
Any changes implemented on the managed devices, whether by CiscoWorks applications or via CLI are recorded in
the Change Audit database. This information is used to generate Change Audit reports (Figure 1).
AAA Configuration
Manager
Inventory Software
All Manager Manager
Syslog
Events
Syslog
Analyzer
Change Audit
All
Syslog Database
Events
Syslog Inventory
Database Database
The Device Fault Manager, a component of LMS, provides real-time, detailed fault analysis, designed specifically for
Cisco devices. DFM actively monitors a wide range of Cisco devices. Depending on the type of device, DFM actively
monitors different conditions via ICMP polling, SNMP MIB interrogation, and SNMP trap reception, and track only
those conditions known to result in higher-level problems. When used with RTM, the DFM provides both real-time
and historical RMON and RMON2 reports, and can spot problems before they become critical and bring down the
network.
Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the
Cisco Web site at www.cisco.com/go/offices
Argentina • Australia • Austria • Belgium • Brazil • Bulgaria • Canada • Chile • China PRC • Colombia • Costa Rica • Croatia
Czech Republic • Denmark • Dubai, UAE • Finland • France • Germany • Greece • Hong Kong SAR • Hungary • India • Indonesia • Ireland
Israel • Italy • Japan • Korea • Luxembourg • Malaysia • Mexico • The Netherlands • New Zealand • Norway • Peru • Philippines • Poland
Portugal • Puerto Rico • Romania • Russia • Saudi Arabia • Scotland • Singapore • Slovakia • Slovenia • South Africa • Spain • Sweden
S w i t z e r l a n d • Ta i w a n • T h a i l a n d • Tu r k e y • U k r a i n e • U n i t e d K i n g d o m • U n i t e d S t a t e s • Ve n e z u e l a • Vi e t n a m • Z i m b a b w e
All contents are Copyright © 2002 Cisco Systems, Inc. All rights reserved. Catalyst, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, and Fast Step are registered trademarks of Cisco Systems, Inc. and/or its affiliates
in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
(0203R)
04/02 BW8219