Cisco

Five ways Cisco Network Assistant 5.2 can make your life easier


A couple of years ago, I wrote an article about using the Cisco Network Assistant ("Make configuration a snap with the Cisco Network Assistant"). Back then, the latest version was 2.x, but times have changed: The latest version is 5.2.

What's new in Cisco Network Assistant (CNA) version 5.x, and how can it help you? Let me tell you my five favorite uses for CNA.

CNA isn't a huge, expensive network management package such as CiscoWorks. However, it does offer a very helpful, time-saving GUI management application for the majority of Cisco users out there.

CNA comes packaged with most new switches and routers. Cisco registered users with a maintenance contract can also download it for free from Cisco's Web site.

What's new in Cisco Network Assistant version 5.2?

CNA groups managed devices into a community. When you first start CNA, you need to create a new community. You can choose to have CNA automatically discover devices on your network to add to the community (a very nice feature), or you can manually add devices by IP address. Figure A displays a screenshot that shows my three communities.

Figure A

Figure A

When I first attempted the discovery option, I provided my entire class B IP network and subnet mask. CNA told me that it would take up to 109 hours and 13 minutes to discover up to 65,536 IP devices. As you might imagine, that was a little too long for me, so I chose to add a few devices manually. In addition, keep in mind that CNA only supports the management of up to 40 devices in the community.

Here are some of the most interesting new features:

  • Device discovery
  • Management abilities for the following Cisco devices: 3750-E, 3560-E, 4500, Catalyst 2960 switches, PIX 501-535, ASA 5505-5540, and a number of Cisco catalyst blades -- also, added functionality for a number of supported devices (Get a complete list of supported devices.)
  • PoE management on certain switches
  • Redundant power supply support
  • Diagnostic hardware testing to verify functionality on certain models
  • Ability to monitor device health to prevent downtime
  • A tree view for devices instead of just topology view
  • Preview commands that will run on devices
  • Manage flash file systems on devices
  • Time synchronization features
  • Ability to archive configuration files from Cisco devices

What I like about CNA 5.x

So, we've established that the latest CNA version boasts a lot of great features. But which ones matter most? Here are five ways CNA can make your life easier.

#1 Visualize your network

While there are advantages to using a program such as Visio to diagram your network, CNA has an advantage over Visio: It can quickly and easily create the network map for all Cisco devices. Figure A (above) showed my sample network, and Figure B shows how you can see the front of your devices.

Figure B

Figure B

#2 Upgrade software on a variety of devices

Yes, it's nice to have a GUI that can upgrade a single device. You can do that with Cisco's Security Device Manager (SDM). But CNA lets you upgrade different types of devices -- all from a single GUI, as shown in Figure C.

Figure C

Figure C

#3 Monitor your devices' health

To prevent outages and know just what's going on with your devices, you can use CNA to view performance graphs of your network device bandwidth, CPU, and RAM, as shown in Figure D.

Figure D

Figure D

#4 Inventory your devices

Have you ever had to come up with a list of all your routers and switches, their models, and serial numbers to renew your SMARTnet contract or justify device upgrades? With CNA, you can get a quick inventory of all devices, the type of device, serial number, version number, MAC address, software version, IP address, and system uptime, as shown in Figure E.

Figure E

Figure E

#5 Configure complex features

Finally, you can use CNA to configure features that would take a much longer time to configure manually. For example, you could configure port security, VLANs, or EtherChannel on your switch, as shown in Figure F.

Figure F

Figure F

The Cisco Network Assistant is a very valuable GUI tool for managing all sorts of Cisco network devices. It can provide information that you just can't get at the command line, and it can save you time with configurations.

If you're like me and have an aversion to Cisco GUI tools, don't write off CNA just yet. There's still a place for CNA in your network management approach.

For more information, check out Cisco's Release Notes for Cisco Network Assistant 5.0 and Later and Cisco's Getting Started Guide for Cisco Network Assistant 5.1.

David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.

Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!

6 comments
ddavis
ddavis

Thank you to everyone who read and took the time to comment on this article! I appreciate your comments & thanks for supporting Techrepublic! David Davis, TechRepublic Author Personal website: http://www.HappyRouter.com

wbaltas
wbaltas

This sounds like a great tool, but it doesn't appear to work with devices where TACACS+ or Radius Authentication are used.

IT cowgirl
IT cowgirl

Thanks for bringing these tools to our attention. I would never have thought about using the CNA GUI. However, I had no idea that it had all these fantastic tools available. This is a perfect example of why we CLI only people should be more open minded. Excelent article, one again! Keep up the good work.

bdmeyer44
bdmeyer44

I was a pure CLI guy for our Cisco devices. (73 buildings to manage) I decided to impelement port-security. Naturally, your going to miss some machines, like printers go to sleep and don't show up on a scan, so later you have to figure out where the are, and what port to enable. Using SiwtchInspector and CNA 5.2 This is an easy task. First as I locked a switch down, I scan the switch with Siwtchinspector and enter the computer or device name in the desc field of cna. Anything not used, I enter as 'unused'in the desc field. Later when someone calls with a amachine down (Locked out) I just use the filter option of CNA to filter on Ports = F*, and desc = 'unused' and then change the filtered ports to 'enable.' when my ping shows the machine now is responding, I run another scan with switch inspector, which tells me which port the ip is on, and then change the desc= computername, and apply, filter as above again, and then change all the ports whose desc=unused to disabled again. 5 minute job. CNA has provedn to make a somewhere difficult job much easier combined with switchinspector. --Bruce D. Meyer

chris.green
chris.green

it does work with TACACS/RADIUS but you need to set these up for the HTTP authentication as the CNA uses this to connect and pull off information.

Editor's Picks