11.7. NCM Compliance Management

NCM Compliance management module is accessible by selecting NCM Compliance from the menu as below. It will lead you to NCM Compliance Management Module Dashboard.

Accessing NCM Compliance Management Module

Accessing NCM Compliance Management Module

11.7.1. NCM Compliance Dashboards

NCM Compliance module provide intuitive dashboard to have quick insight on the compliance status of NCM across the Network. Dashboard with appropriate rules and policies will allow admin team to easily focus on actual parameters of compliance and remediation and reduce the efforts on how to search, record and report. It also offers access to other actions and interface related NCM Compliance management.

NCM Compliance Dashboards

NCM Compliance Dashboards

It offers below widgets in Dashboard

  1. Compliance Status by Devices.

NCM Compliance by Device

NCM Compliance by Device

  1. Compliance Status by Vendors.

NCM Compliance by Vendors

NCM Compliance by Vendors

  1. Compliance Status by Device Report Category

NCM Compliance by Device Report Category

NCM Compliance by Device Report Category

4. Critical Violations Critical violation against defined rules and polivcies are listed here with below detials.

  • Device Name :- Displays Device Name

  • Report Name :- Display Report Name

  • Policy Name :- Display Effective Policy Name

  • Rule Name :- Display Enforced Rule Name

  • Config Type :- Display the Config type of the alert (i.e. Start-up or running)

  • Backup Version :- Display the Backup version of NCM Backup

  • Message :-Display the Message

  • Execution Time :- Display the execution time

List of Critical Violations

List of Critical Violations

11.7.2. Rules for NCM Compliance.

Various rules related to desired control in NCM can be defined along with categorisation as per business/functional requirement.

NCM Compliance Rules

NCM Compliance Rules

Compliance configurations related to rules is carried out at two level.

  1. Rules category:- Based on various functional requirement, User can create the Rules category to group the NCM compliance rules. For e.g. SNMP baseline, session time, password rules.

  2. Rules: - Rules are the various conditions required to verify the configuration items like passwords, port no. commands etc.

11.7.2.1. Creating Rules category

For effective management it is advisable to create appropriate Rules Category. Rule category is displayed in the Rules tab on left corner as shown below.

  1. Rule Category can be added by clicking + button on top right corner.

  2. For quick search, Category search bar can be used.

  3. Each category is listed on left side.

  4. Each category can be edited to deleted from the right-side action buttons of each category

Creating Rule Category

Creating Rule Category

Creating Rule Category 2

Creating Rule Category 2

All added Rule category can be viewed in the Rule category list on left. Please Notge : Category can be deleted only if there is No rule attached to it.

11.7.2.2. Creating Rules

Rule creation is one of the essential steps for implementing NCM compliance. A specific string must be mentioned which should be present in the Configuration of the device. NCM Engine will look for that string in the Device configuration for qualification. The rules can be added as show below.

  1. Add the rule name.

  2. Add Description Relevant to rule.

  3. Select the rule Category for this rule. All Rules related categories will be listed for selection.

  4. To Add condition for this rule, User must select appropriate condition set from here

  5. Mention appropriate string to look for in configuration here. More conditions can be added if needed

  6. Add action for this condition which will assign the appropriate severity for the output.

  7. Click add button to save this rule.

Creating Rule

Creating Rule

You should be able to see the Rules in the Rule list tab now.

11.7.2.3. Listing and Managing Rules

All Configured Rules can be seen on Rules main page as shown below. Respective action can be applied on each or multiple rules from here. All Rules are listed with below details.

  1. Rule Name: - Shows the Rule Name as per configuration

  2. Description: - Shows the Description as per configuration

  3. Severity: - Shows Severity as per configuration

  4. Creation time: - Shows Rule Creation time

  5. Policy Count: - Shows nos. of policies where the rule is used. On clicking it will open a list of policies with this rule.

  6. Report Count: - Shows nos. of Reports with this rule. On clicking, it will expand and display the list of Report in which this rule is used.

  7. Status: - Display the status of a rule as Enable/Disable

  8. Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

Listing and Managing Rule

Listing and Managing Rule

Listing and Managing Rule 2

Listing and Managing Rule 2

All the Actions like status change, Edit or delete can be carried out in single or multiple rule Action button

Listing and Managing Rule 3

Listing and Managing Rule 3

11.7.3. NCM Compliance Policy

Based on compliance requirement, User can apply the Configured Rule to devices by creating policies as needed.

NCM Policy Category

NCM Policy Category

11.7.3.1. Creating Policy Category

Compliance configurations related to Policy is carried out at two level.

  1. Policy category:- Based on various functional requirement, User can create the Policy category to group the NCM compliance Policies. For e.g. Edge Device, Cisco Access switches, Core routers.

  2. Policy:- Policy is the deployment of various rules towards set of devices on which respective rules to be applied. E.g Cisco ASR, Catalyst-Core etc.

11.7.3.2. Creating policy category

Policy categories can be created as shown below.

  1. Policy Category can be added by clicking + button on top right corner.

  2. For quick search, Category search bar can be used.

  3. Each category is listed on left side.

  4. Each category can be edited and deleted from the right-side action buttons of each category

Creating Policy Category

Creating Policy Category

Creating Policy Category 2

Creating Policy Category 2

All created policy categories are listed on the left side of the Policy tab and can be edited from the action button with that policy tab.

11.7.3.3. Creating Policy

Policy creation is requried to apply the configuration realted rules to respective devices. Policies can be created as shown below. No duplicate Rules can be selected.

  1. Add the policy name.

  2. Add Description Relevant to policy

  3. Select the policy Category for this policy. All policies related categories will be listed for selection.

  4. Select the Appropriate Config type (start-up or running) for this policy.

  5. Select the Device tag from the list of tags.

  6. Select the device from the list of devices to apply this policy.

  7. Select the Rule category from the list of Rule categories.

  8. Select the Rule to be applied from the list of rules for this Policy.

  9. Add more rule as required for that policy. (please note.. each rule can be selected only once in that policy)

  10. Click add button to save this policy.

Create Policy

Create Policy

11.7.3.4. Viewing and managing Policy

All Created policies are displayed as shown below and can be edited from here.

  1. Policy Name: - Shows the Policy Name as per configuration

  2. Description: - Shows the Description as per configuration

  3. Created time: - Shows Policy Creation time

  4. Report Count: - Shows nos. of Reports with this policy. On clicking it will expand and display the list of Report in which this policy.

  5. Rule Count: - Shows nos. of rules used in this policies. On clicking it will open a list of rules with their status.

  6. Status: - Display the status of a policy as Enable/Disable

  7. Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

View Manage Policy

View Manage Policy

View Manage Policy 2

View Manage Policy 2

All the Actions like status change, Edit or delete can be carried out in single or multiple policies using Action button also.

Policy Actions

Policy Actions

11.7.4. NCM Compliance Report

Various audit requirements for compliance adherence makes the Report Creation function an inevitable part for any compliance management solution. Motadata allows creation of various reports for the implemented policies through this interface.

NCM Compliance Report Screen

NCM Compliance Report Screen

Compliance configurations related to Reports is carried out at two level.

  1. Report category:- Based on various functional requirement, User can create the Report category to group the NCM compliance Reports. For e.g. Well known SNMP policy, common password, interface with ICMP block etc.

  2. Report:- Report is the snapshot of NCM Compliance status of deployment of policy towards set of devices on which respective rules to be applied.

11.7.4.1. Creating report category

Functional categories of the reports can be created for effective management as shown below.

  1. Report Category can be added by clicking + button on top right corner.

  2. For quick search, Category search bar can be used.

  3. Each category is listed on left side.

  4. Each category can be edited or deleted from the right-side action buttons of each category

Create Report Category

Create Report Category

Create Report Category 2

Create Report Category 2

11.7.4.2. Creating Report

NCM Compliance Management Module offers to create various reports as needed based on configured policies as shown below. By Clicking New button on the Report page new reports can be configured.

  1. Add the report name.

  2. Add Description Relevant to report

  3. Select the report Category for this report.

  4. Select the Appropriate policy category of the policy used in this report.

  5. Select appropriate policy from the list.

  6. Click add button to save this report

Create Report

Create Report

The newly created report is listed on the report page on right side tab.

11.7.4.3. View and Manage Report

All created reports are visible and can be edited from the main report page as shown below.

  1. Report Name: - Shows the Report Name as per configuration

  2. Description: - Shows the Description as per configuration

  3. Created time: - Shows Report Creation time

  4. Policy Count: - Shows nos. of policies used in this report. On clicking it will open a list of policies with its status.

  5. Rule Count: - Shows nos. of rules used in this report. On clicking it will open a list of rules with their status.

  6. Status: - Display the status of a report as Enable/Disable

  7. Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

View and Manage Report

View and Manage Report

View and Manage Report 2

View and Manage Report 2

All the Actions like status change, Edit or delete can be carried out in single or multiple reports using Action button also.

Report Action

Report Action

Motadata NCM Compliance module also provide detailed view for reports and export to CSV and pdf as shown below.

  1. Rules for each report with last three execution details.

Rule base Report View

Rule base Report View

  1. Violated, Non-Violated and total devices with detailed view for each violation per device No.

Violated-NonViolated Device View

Violated-NonViolated Device View

Violated-NonViolated Device View 2

Violated-NonViolated Device View 2

For effective usage of above reports, it is requried to create schedular for the reports created here.

11.7.4.4. Schedulling of NCM Complinace reports.

Once reports are created in NCM Complinace module create the shcdule for the same as below.

  1. Follow the scheduling process and click to add new job in the scheduler.

  2. Search for NCM related jobs. All NCM related schedulled job will be displayed.

  3. Select the NCM Compliance job as shown below.

Scheduling Report

Scheduling Report

  1. Create appropriate schedule and select the required report from the list of compliance report created under report section earlier.

Scheduling Report 2

Scheduling Report 2

Below is the sample output of the Report job execution over email.

Sample Output

Sample Output