A typical enterprise may experience thousands of IT events every day – many are urgent, but all require manual efforts, causing longer resolution times.
NetBrain is designed to continuously reduce mean time to repair, by applying automation in three phases during incident response:
A critical phase of troubleshooting is the initial response and diagnosis. Since these first steps are predictable, we believe every IT problem investigation should begin with “zero touch” or triggered automation.
By connecting NetBrain with your ITSM or Event Management solution, it’s easy to implement triggered diagnostic automation – to eliminate idle time, identify problems faster, and rule out potential problems automatically. The instant an event is detected, NetBrain Automation provides two essential functions:
By applying Triggered Automation during incident response, NetBrain closes the gap between the detection of a fault and the action of diagnosing.
Triggered by an event, NetBrain can automatically create a map of the relevant part of the network. This could be a site map or a path of an application flow. This helps to provide visualization across the infrastructure. A URL of this Dynamic Map is returned to your ITSM for quick access by anyone investing in the event.
NetBrain provides automation mechanisms to quickly scrape through reams of data such as CLI outputs, device configurations, and network telemetry. This automation is fully customizable, so you can organize common troubleshooting procedures into repeatable procedures called Executable Runbooks.
When you connect NetBrain with your ITSM or monitoring solution, you can define rules and conditions which trigger the execution of different diagnostics for different types of events. For example, a ticket for a slow application may trigger NetBrain to dynamically map the application flow and then execute a 3-step runbook which (1) collects common CLI data, (2) performs a health check at the device level, and (3) analyzes interface congestion.
Meet a solutions engineer for a demo or watch a short video to see NetBrain in action.
Interactive Automation is designed to augment an engineer’s workflow – even for complex multi-stage efforts. With NetBrain a Dynamic Map is the user interface for automation, as an alternative to a CLI.
Interactive Automation can be used at various stages across a typical incident response workflow – from when an engineer first arrives on the scene, to how teams collaborate in real time, and when a fix is rolled out to the network.
When an engineer first arrives on the scene to troubleshoot, there are a set of common questions they usually ask. NetBrain offers a set of tools to help answer these questions:
NetBrain Data View Templates put virtually any network data at your team’s finger tips. Clicking a Data View dynamically turns on and off layers of data on top of a Dynamic Map, making it easy to visualize the network from different perspectives. For example, if you’re troubleshooting BGP, turn on a BGP Data View to visualize relevant configuration, or neighbor statuses. If you’re diagnosing packet drops, visualize interface errors like input drops or CRC errors.
Data Views not only display raw data, but also flag abnormalities in that data, across thousands of parameters. For example, the Golden Baseline may indicate that a BGP router should normally have four active neighbors. If that router loses a neighbor, this would raise as an alert on the map which may be a clue to something wrong.
To guide engineers towards more advanced troubleshooting, and help minimize the need for escalation, you can also define Recommended Actions. For example, if an alert indicates a BGP neighbor dropped, the Recommended Action may be a BGP Troubleshooting Runbook.
Troubleshooting is often a team event so there is a need to get everyone looking at the same thing, at the same time, to reduce redundancy.
Contained within a single NetBrain URL is a Dynamic Map of the area under investigation and all troubleshooting steps performed against it. This troubleshooting record is documented automatically. As teams troubleshoot collaboratively, they can share this URL. This ability to get teams on the same page, facilitates better handoffs and avoids duplication of work.
Quickly restoring business services is the primary goal of incident response. But deploying a fix introduces risk of collateral damage. Its critical to effectively resolve outages while also mitigating risk during problem remediation.
From design, to implementation, to verification, NetBrain’s Change Management automates the entire change management process. You can push complex changes to multiple devices simultaneously and even integrate with Ansible, if that’s your tool of choice.
NetBrain’s Application Assurance Engine helps to quickly assess and visualize the impact of a change on the network, and the applications running on it. If any problems are discovered within the change window, you can roll back to the previous state with one-click.
Meet a solutions engineer for a demo or watch a short video to see NetBrain in action.
Triggered Automation is performed without the aid of a human, but instead triggered by a 3rd party tool or event. Interactive Automation is used as part of an ongoing human workflow during troubleshooting.
Examples of Interactive Automation include an engineer entering a source and destination IP address to automatically map between two endpoints with, A/B Path Calculator, or visualizing real time interface errors across 60 interfaces with Data View. The user interface for Interactive Automation is a Dynamic Map – designed to be intuitive and visual.
NetBrain collects data using CLI, SNMP, or APIs. The first time NetBrain is setup, you will need to provide the system with a list of read-only credentials which NetBrain will associate with each device in your network. When NetBrain needs to access data from a device, it will use the associated credentials in real time, to log in and issue CLI commands. The output from CLI commands is then “scraped” and analyzed automatically by the system.
NetBrain uses a Dynamic Map as a user interface for visualizing IT data. Since a single network device or interface may have hundreds of attributes, the data can be turned on and off dynamically – with a technology called Data View. Power users can define what kind of data is available within a Data View and which Data Views are available from a given map. For example, if a device on the map is configured with BGP, a BGP Data View will be available.
NetBrain creates and maintains a Golden Baseline across thousands of parameters for each device in your network. For example, NetBrain may learn the core router in your Boston data center has a normal CPU range between 30% and 60% and that it has 4 BGP neighbors. If you’re observing this data on a Dynamic Map, you would see these parameters as alerts if they do not match the Golden Baseline. This may provide a clue to something wrong.
NetBrain performs a recurring snapshot, called a benchmark, across thousands of parameters in your network. Then, NetBrain uses AI techniques to look for trends across that data. For example, if NetBrain sees 7 consecutive benchmarks with CPU between 30% and 60% it may “assume” that this is the Golden Baseline. Later, if the CPU is 80%, this may trigger a Golden Baseline Alert. Users also have the ability to manually create and define Golden Baseline criteria.
Data of a similar category can be grouped into a single Data View. For example, a BGP Data View may highlight the map with relevant BGP configuration for each device, the number of BGP neighbors each device has, and highlight each interface configured with BGP a certain color. Power users also have the ability to define “Recommended Actions” with each Data View so that other end users know where to look for associated data or actions.
Desiring to “do better next time”, world class teams leverage the post-mortem review - to determine how to prevent or reduce the impact of a similar problem in the future. Unfortunately, the success of such endeavors is fraught with difficulties applying these lessons at scale.
The goal of Proactive Automation is to codify lessons learned from every incident and translate them into automation tasks which can be leveraged by the broader team in the future.
With NetBrain, all diagnostic steps and data from a given incident is preserved inside a runbook for review. The task of troubleshooting and documenting the troubleshooting process occurs simultaneously and automatically. This documentation is invaluable to help teams identify how they can do better next time.
The process by which a team empowers junior engineers to minimize escalations is known as “shifting workloads left”. When engineers document their workflows and share them as Executable Runbooks, it makes this goal much more attainable.
Executable Runbooks can be shared with the team, in the form of Interactive Automation, by offering them as “Recommended Actions” during troubleshooting. The same runbooks can be shifted even further left and configured to execute with zero human touch via Triggered Automation. Either way, shifting know-how and workloads to the left frees up senior network engineers and continuously reduces MTTR.
Meet a solutions engineer for a demo or watch a short video to see NetBrain in action.