What is our primary use case?
I use it for configuration, backup, compliance, patching, and for control management. If a change has been made on a device, then it triggers notifications about who, what, and when has been changed on the network devices.
I work in three different companies. One is for the financial company, then the other one is for the government that we are in. I do A/B testing before deployment, where the network devices should be upgraded first, then deployed via the standard configuration with compliance. There are a different number of devices in each company. I also work with a healthcare company on their network configurations and compliance.
How has it helped my organization?
When it comes to job status or for completing a compliance audit, it is good. Because it has a transcript where you can see what are the commands that have been executed on the device, it's quite helpful, especially the details from device inventory capabilities, as well as the reporting.
if you are working on Cisco Smart, then inventory is quite important in the RNA of things, because it goes by the massive details of what is in the information, even in the Cisco Board. So, if you are tied up with Cisco, you can pull back this information fast by doing RNA. This is most probably the helpful security example for an organization, since it is tied up with your contract and based on your RNA. If you want to have a support for Cisco, then it's valid that you can provide this information to Cisco or your support. Because the licenses are tied up with the RNA. The DNA can also provide this information. If it is a model has its serial number, then it is helpful.
If the network operator can check drifts by using the DNA tool dashboard, then it lessens the burden.
It has improved the collaboration between our organization's IT operations and security teams based on the compliance reports that have been implemented.
What is most valuable?
From my experience, the most valuable features are the configuration changes. Also, compliance is important, because we have worked with a bank. Then, in some of the government agencies that I have work on, the server upgrade of SSD deployment.
Backup and restore configurations are helpful for a number of network devices, as you can automate them, then know what changes have been done, who made the changes, etc. So, it's quite helpful in the network management area.
With patching, If you have multiple devices and the same model, then you can deploy using this tool. It's quite helpful other than doing it manually. The tool will do it for you rather than you logging onto the device and doing the commands. For patching, it is helpful if the tool can assist on multiple devices with the same model or brand. Therefore, you just have to wait and require it to reboot based on the patch information.
What needs improvement?
I would like to see more device supported features, mostly on the new brands and models coming in. For any new version or model, it should be supported by the tool, especially the newest versions. For example, the newest devices, like Aruba Wireless, and routers need support from the tool.
For how long have I used the solution?
I have been using it around eight years.
What do I think about the stability of the solution?
It's stable. If you follow the prerequisites and design that has been on the architecture of the BMC documentation, then you are good to go.
What do I think about the scalability of the solution?
The financial institution has around a thousand devices, because it's global. For this company, there are multiple network automation tools. In Singapore, there is one application server. Then, in the UK, there is another application server, and in another location, there is another server. That is the architecture of the company.
The structure is different on a case to case basis between different clients. We need to know early on how big the environment is, how many devices have to be provisioned, and the sizing of the application server. These need to be discussed in regards to requirements.
How are customer service and technical support?
I would rate their technical support as a seven out of ten.
How was the initial setup?
The initial setup is quite straightforward. As long as you know the requirements to install the application servers, then you will be fine. It takes an hour to set up, if you have already done the prerequisites. Then, you are good to go.
What about the implementation team?
I have done the implementation five times. I know the tool. If you ask me the requirements for implementation of this tool, then I am confident enough to implement it.
The prerequisites include BMC documentation, which I provide to an organization because it is useful. The documentation is quite comprehensive.
The size of the deployment team depends on the size of the customer's or client's environment. For example, with the global bank, there were a quite number of people involved because of the collaboration between teams in different countries.
What other advice do I have?
I have been implementing the out-of-the-box compliance piece based off CIS, for example. For customized compliance, it takes some effort to implement things. If the device configuration is quite complex, then you have to do quite number of customizations in the DNA tool for out-of-the-box compliance. These regular expressions have to be modified based on the requirements of the compliance.
It has been quite helpful for configuration management and provisioning when it comes to projects. If you don't have the backups and it's not in your setup configuration, then you just have to do it manually. It is helpful if you schedule daily or weekly archiving for your config groups. Then, you can go by what are in those configuration groups, before and after, if you make changes. So, configuration management is really helpful in network management.
On the dashboard, you can see that there is an X icon in the startup, which is different from the running configuration. So, you can see from the dashboard that there is a difference between two configurations, as well as the events being provided by the device. This can be checked on the dashboard. The tool can show drifts between your compliance from your phase two standard and running config. For that, it can be helpful on a normal configuration.
I'm not really exploring the vulnerabilities side of using the tool.
If you are looking into this type of solution, you will need to have internal and external networks. I would recommend this solution.