Owners Manual

ManualsBrandsDell ManualsComputer equipmentOpenManage Network Manager

491

492

493

494

495

496

497

498

499

500

Using Change Management and Compliance | Change Management and Compliance

496 OMNM 6.5.2 User Guide

Using Change Management and Compliance

The following outlines common use cases for this software, and the steps to achieve the goals of

each case:

Goal: Regularly verify configurations are compliant

Create compliance policy(ies) based on what indicates compliance. Right-click

New > Policy

in the Compliance Policies/ProScan portlet.

Specify the Name and Input source (based on Device Backup, Current Config, Configuration

Label, By Date and Adaptive CLI Results)

Add Targets > Filter Option available for selecting Equipment/Group

NOTE:

The advantage of selecting dynamic device groups is that newly discovered devices of the selected type

automatically become members of the group, so they are scanned too. A benign warning (“No

compliance policies have target group(s)”) lets you know you have not selected groups when you

execute a compliance policy without them.

Specify Compliance Criteria. Add Criteria. For example, that devices’ SNMP communities

Do not contain

the following:

snmp {

community public {

Save.

Execute or schedule your created compliance policies.

Any out-of-compliance devices throw an alarm, which you can email, or configure to trigger

other actions (see the next use case).

Goal: If devices are not compliant restore compliant configuration

In addition to the steps in the previous section:

Create an event automation rule that responds to the redcellProScanFailureNotification

event by executing the Netconfig Restore action. Typically you would select to restore the

Compliant

label. (28493)

If you have multiple device types you do not need to assign actions for each device, or even each

device type. OpenManage Network Manager supports the assigned policies, so it knows which

actions to do to that device based on which device sent the trap.

Avoiding Restoring Files for Trivial Differences

Because automated network updates, for example from NTP servers, can change configurations,

you may want to tune this to avoid restoring files that differ only insignificantly. Do this by editing,

or better overriding, the property file: ...

owareapps/netrestore/lib/nr.properties.

Alter the following property:

append.com.dorado.redcell.netrestore.backup.change.omit=

For example:

append.com.dorado.redcell.netrestore.backup.change.omit=,ntp clock-period