Figure 4-1: Overview of IMC.
IMC is a centralized network management platform that allows you to manage both your physical and virtual networks. From a single interface, you can monitor and manage network traffic and devices. HP IMC supports both HP and third-party network devices. In fact, IMC supports thousands of network devices from dozens of vendors, including Cisco.
IMC includes an auto-discovery feature, which you can invoke to locate all the devices on the network, categorize the devices into types of network devices (such as switches, routers, servers, and desktops), and map them on a network
topology. You can view the network devices based on IP address or device type (such as routers, switches, servers, desktops, and so on). You can also create custom views to make it easier to view and manage devices.
In addition, IMC allows you to establish baseline configurations and software images. You can compare configurations, track versions, and establish alerts if configuration changes are made. IMC also helps you manage virtualized machines. It discovers virtual machines and virtual switches, showing their relationship to the physical network. You can also easily migrate virtual machines to new physical servers, and IMC automatically reconfigures the associated network policies accordingly, ensuring that the policies remain tied to virtual machines and virtual workloads.
Here is a summary of the features supported by IMC:
HP Intelligent Management Center (IMC) — The solution cohesively integrates fault management, element configuration, and network monitoring from a central vantage point. With support for third-party devices, IMC enables network administrators to centrally manage all network elements with a variety of automated tasks, including discovery, categorization, baseline
configurations, and software images. IMC also provides configuration comparison tools, version tracking, change alerts, and more.
Modular architecture — With IMC's architecture, new modules can be added to enrich a network's management capabilities. Modules for user access management, VPN management, and traffic analysis can be quickly added and provide instant benefits. The architecture allows modules to share information and provide collaborative policy creation and reports.
Virtualization management — HP IMC is one of the first management tools to integrate management and monitoring of both virtual and physical networks.
IMC provides insight and management of virtual networks and reduce migration complexity by aligning and automating network policies with virtual images. Both VMware and Hyper-V are supported.
Highly flexible and scalable deployment models — IMC Standard Edition delivers an extensive set of capabilities for managing large heterogeneous networks. This self-contained solution provides scalability and high availability through a flexible distributed deployment model. With its modular design, IMC can be deployed across multiple servers to provide increased scalability and resilience.
Rich resource management — IMC provides powerful network discovery and topology, including a detailed inventory of the network and highly accurate depictions of how it is configured. Supported views include Layer 2 and 3, as well as VLAN topology and the ability to create custom views like a dashboard homepage. Customization enables administrators to organize and control the network infrastructure based on their preferred organizational model.
Flexible, centralized reporting — Centralized report management simplifies an organization's report administration. IMC software's flexible historical reports provide the information necessary for network trend analysis and capacity planning, and offer predefined reports or customization options to define parameters. Reports can be viewed in a number of formats, including .pdf and .xls, and can be sent automatically via email, or be set to run on a particular schedule.
Access control list management — IMC simplifies the definition,
deployment, and control of access control lists (ACLs) with effective policy -based control of network security and quality of service (QoS) across an organization's network infrastructure. ACL rule optimization helps ensure efficient use of the ACL device resources.
Identification and access management — With the addition of the User Access Manager (UAM) add-on module, the system implements unified and centralized access management, supporting access through authentications such as LAN, WAN, WLAN, and VPN. It supports strong authentication using smart card, certificate, and others, and supports various methods for endpoint access control and identity-based network services that efficiently integrate the management of user resources and services.
Endpoint Admission Defense (EAD) — With additional modules, IMC can be used to analyze a network endpoint's security status to locate security threats, detect security events, and carry out protective measures to reduce network vulnerabilities. EAD can determine endpoint patch level, ARP attack, abnormal traffic, and the installation and operation of illegal software.
Administrators can choose enforcement policies and remediation options that are appropriate to particular endpoints.
Network Traffic Analyzer — With the additional Network Traffic Analyzer (NTA) module, the system can also collect flow information from sflow-, NetFlow-, and Netstream-capable devices. Through traffic analysis, NTA can help identify network bottlenecks, recognize anomalous traffic, and pinpoint varying levels of bandwidth traffic for different services and applications. The correlation of traffic flows to users is available with the additional User Behavior Analysis (UBA) module.
Rev. 14.21 4 –5
Compliance center — The compliance center associates the compliance policies with devices that need to be checked. The compliance check function can promptly fix a configuration and security problems in the network.
Virtual Connect Support — IMC supports add/remove connections for
Virtual Connect Manager and displays the connect information from the device detail page.
IMC mobile application — IMC provides a new mobile application for the iPhone and Android. This allows administrators mobility by allowing them to monitor the network from anywhere.
Telnet/SSH proxy — With the Telnet/SSH proxy, an administrator can use a browser to remotely access and manage devices through Telnet/SSH, without installing a Telnet/SSH tool on the PC client used to access the device. This promotes secure and controlled access to devices while providing auditing of change on any device.
Unified Task Management and Wizard Center — The IMC Wizard Center is a section which services up many of the configuration wizards found within IMC, such as quick start, third-party device configuration wizard, etc. New to this release is Unified Task Management, which is a section which hosts all tasks within IMC.
New traffic topology — The traffic topology is based on the network's physical topology. It enables you to view the traffic conditions of various links.
Customized functions and third-party device support — IMC basic
network management platform extends device management and configuration functions. You can either extend an existing function to support third-party devices by compiling interactive scripts and XML files, or customize a function by compiling interactive scripts, XML files, and UI configuration files.
Note
This course focuses on IMC 5.2. There are two main implementations of IMC for larger networks: Standard and Enterprise. A third implementation, IMC Basic Software Platform, is designed for simplicity and ease of use, with a single pane of glass visibility to the network infrastructure, for small- to medium-sized businesses and offers many of the capabilities of the Standard and Enterprise software solutions. This course focuses on the Standard implementation.