11.7. NCM Compliance Management

NCM Compliance management module is accessible by selecting NCM Compliance from the menu as below. It will lead you to NCM Compliance Management Module Dashboard.

Accessing NCM Compliance Management Module

11.7.1. NCM Compliance Dashboards

NCM Compliance module provide intuitive dashboard to have quick insight on the compliance status of NCM across the Network. Dashboard with appropriate rules and policies will allow admin team to easily focus on actual parameters of compliance and remediation and reduce the efforts on how to search, record and report. It also offers access to other actions and interface related NCM Compliance management.

It offers below widgets in Dashboard

Compliance Status by Devices.

Compliance Status by Vendors.

Compliance Status by Device Report Category

NCM Compliance by Device Report Category

4. Critical Violations Critical violation against defined rules and polivcies are listed here with below detials.

Device Name :- Displays Device Name
Report Name :- Display Report Name
Policy Name :- Display Effective Policy Name
Rule Name :- Display Enforced Rule Name
Config Type :- Display the Config type of the alert (i.e. Start-up or running)
Backup Version :- Display the Backup version of NCM Backup
Message :-Display the Message
Execution Time :- Display the execution time

11.7.2. Rules for NCM Compliance.

Various rules related to desired control in NCM can be defined along with categorisation as per business/functional requirement.

Compliance configurations related to rules is carried out at two level.

Rules category:- Based on various functional requirement, User can create the Rules category to group the NCM compliance rules. For e.g. SNMP baseline, session time, password rules.
Rules: - Rules are the various conditions required to verify the configuration items like passwords, port no. commands etc.

11.7.2.1. Creating Rules category

For effective management it is advisable to create appropriate Rules Category. Rule category is displayed in the Rules tab on left corner as shown below.

Rule Category can be added by clicking + button on top right corner.
For quick search, Category search bar can be used.
Each category is listed on left side.
Each category can be edited to deleted from the right-side action buttons of each category

All added Rule category can be viewed in the Rule category list on left. Please Notge : Category can be deleted only if there is No rule attached to it.

11.7.2.2. Creating Rules

Rule creation is one of the essential steps for implementing NCM compliance. A specific string must be mentioned which should be present in the Configuration of the device. NCM Engine will look for that string in the Device configuration for qualification. The rules can be added as show below.

Add the rule name.
Add Description Relevant to rule.
Select the rule Category for this rule. All Rules related categories will be listed for selection.
To Add condition for this rule, User must select appropriate condition set from here
Mention appropriate string to look for in configuration here. More conditions can be added if needed
Add action for this condition which will assign the appropriate severity for the output.
Click add button to save this rule.

You should be able to see the Rules in the Rule list tab now.

11.7.2.3. Listing and Managing Rules

All Configured Rules can be seen on Rules main page as shown below. Respective action can be applied on each or multiple rules from here. All Rules are listed with below details.

Rule Name: - Shows the Rule Name as per configuration
Description: - Shows the Description as per configuration
Severity: - Shows Severity as per configuration
Creation time: - Shows Rule Creation time
Policy Count: - Shows nos. of policies where the rule is used. On clicking it will open a list of policies with this rule.
Report Count: - Shows nos. of Reports with this rule. On clicking, it will expand and display the list of Report in which this rule is used.
Status: - Display the status of a rule as Enable/Disable
Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

All the Actions like status change, Edit or delete can be carried out in single or multiple rule Action button

11.7.3. NCM Compliance Policy

Based on compliance requirement, User can apply the Configured Rule to devices by creating policies as needed.

11.7.3.1. Creating Policy Category

Compliance configurations related to Policy is carried out at two level.

Policy category:- Based on various functional requirement, User can create the Policy category to group the NCM compliance Policies. For e.g. Edge Device, Cisco Access switches, Core routers.
Policy:- Policy is the deployment of various rules towards set of devices on which respective rules to be applied. E.g Cisco ASR, Catalyst-Core etc.

11.7.3.2. Creating policy category

Policy categories can be created as shown below.

Policy Category can be added by clicking + button on top right corner.
For quick search, Category search bar can be used.
Each category is listed on left side.
Each category can be edited and deleted from the right-side action buttons of each category

All created policy categories are listed on the left side of the Policy tab and can be edited from the action button with that policy tab.

11.7.3.3. Creating Policy

Policy creation is requried to apply the configuration realted rules to respective devices. Policies can be created as shown below. No duplicate Rules can be selected.

Add the policy name.
Add Description Relevant to policy
Select the policy Category for this policy. All policies related categories will be listed for selection.
Select the Appropriate Config type (start-up or running) for this policy.
Select the Device tag from the list of tags.
Select the device from the list of devices to apply this policy.
Select the Rule category from the list of Rule categories.
Select the Rule to be applied from the list of rules for this Policy.
Add more rule as required for that policy. (please note.. each rule can be selected only once in that policy)
Click add button to save this policy.

11.7.3.4. Viewing and managing Policy

All Created policies are displayed as shown below and can be edited from here.

Policy Name: - Shows the Policy Name as per configuration
Description: - Shows the Description as per configuration
Created time: - Shows Policy Creation time
Report Count: - Shows nos. of Reports with this policy. On clicking it will expand and display the list of Report in which this policy.
Rule Count: - Shows nos. of rules used in this policies. On clicking it will open a list of rules with their status.
Status: - Display the status of a policy as Enable/Disable
Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

All the Actions like status change, Edit or delete can be carried out in single or multiple policies using Action button also.

11.7.4. NCM Compliance Report

Various audit requirements for compliance adherence makes the Report Creation function an inevitable part for any compliance management solution. Motadata allows creation of various reports for the implemented policies through this interface.

Compliance configurations related to Reports is carried out at two level.

Report category:- Based on various functional requirement, User can create the Report category to group the NCM compliance Reports. For e.g. Well known SNMP policy, common password, interface with ICMP block etc.
Report:- Report is the snapshot of NCM Compliance status of deployment of policy towards set of devices on which respective rules to be applied.

11.7.4.1. Creating report category

Functional categories of the reports can be created for effective management as shown below.

Report Category can be added by clicking + button on top right corner.
For quick search, Category search bar can be used.
Each category is listed on left side.
Each category can be edited or deleted from the right-side action buttons of each category

11.7.4.2. Creating Report

NCM Compliance Management Module offers to create various reports as needed based on configured policies as shown below. By Clicking New button on the Report page new reports can be configured.

Add the report name.
Add Description Relevant to report
Select the report Category for this report.
Select the Appropriate policy category of the policy used in this report.
Select appropriate policy from the list.
Click add button to save this report

The newly created report is listed on the report page on right side tab.

11.7.4.3. View and Manage Report

All created reports are visible and can be edited from the main report page as shown below.

Report Name: - Shows the Report Name as per configuration
Description: - Shows the Description as per configuration
Created time: - Shows Report Creation time
Policy Count: - Shows nos. of policies used in this report. On clicking it will open a list of policies with its status.
Rule Count: - Shows nos. of rules used in this report. On clicking it will open a list of rules with their status.
Status: - Display the status of a report as Enable/Disable
Action Buttons: - List of buttons allows actions like Status change, Edit or delete.

All the Actions like status change, Edit or delete can be carried out in single or multiple reports using Action button also.

Motadata NCM Compliance module also provide detailed view for reports and export to CSV and pdf as shown below.

Rules for each report with last three execution details.

Violated, Non-Violated and total devices with detailed view for each violation per device No.

For effective usage of above reports, it is requried to create schedular for the reports created here.

11.7.4.4. Schedulling of NCM Complinace reports.

Once reports are created in NCM Complinace module create the shcdule for the same as below.

Follow the scheduling process and click to add new job in the scheduler.
Search for NCM related jobs. All NCM related schedulled job will be displayed.
Select the NCM Compliance job as shown below.

Create appropriate schedule and select the required report from the list of compliance report created under report section earlier.

Below is the sample output of the Report job execution over email.