Sie sind auf Seite 1von 4

DATASHEET

BMC BladeLogic Network Automation


BMC BladeLogic Network Automation directly addresses the problem of managing
device configurations across complex IT networks and dynamic Cloud Computing
Services. Providing the policy-driven framework for simplifying change management
and enforcing compliance in networks, BMC BladeLogic Network Automation
accelerates provisioning, manages risk and reduces IT costs.

Key Benefits

Business Challenge

Emerging virtual data centers and cloud computing environments demand agility and precision from

Rapidly provision network


services in secure zones and

network operations. Lacking visibility and control of network changes, many enterprises experience

cloud environments

unnecessary service problems and inability to respond well to dynamic business demands. In spite of
working with best practices, implementing change is a manual, time-consuming, error-prone, and costly

Reduce network outages

process. Without consistent adherence to configuration standards, network stability suffers and compliance

and incidents due to change

audits consume an inordinate amount of resources. In addition, patching and reaction to vendor security

Enforce compliance

advisories is delayed and many projects simply cannot be considered.

Improve staff productivity

The BMC Solution

Reduce IT Costs

Based on a unique architecture that integrates configuration management and compliance assurance, BMC
BladeLogic Network Automation enables IT organizations to implement policy-based automation for
managing networks with minimum effort and highest quality of service. Supported by a robust security
model, this network automation solution enables organizations to dramatically reduce operational costs,
improve operational quality, and achieve operational compliance. BMC BladeLogic Network Automation
automates common tasks of device management that improve overall productivity and service delivery:

Quick, non-disruptive configuration changes

Proactive assessment of changes and enforcement of configuration standards

Rapid deployment of devices from predefined templates

Simplify provisioning of Service Profiles with Network Containers

Document planned, unplanned, and unauthorized network changes

On-demand compliance and Key Performance Indicator reporting

Get tasks done right the first time with built-in intelligence and get started quickly with pre-built templates,
rules and profiles. BMC BladeLogic Network Automation quickly improves productivity and compliance
while laying the foundation on which to build cloud service offerings.

Configuration Management
Configuration management tasks often make up the bulk of the activities performed networks: patching,
configuring, updating, and reporting on network devices, across multiple platforms, including routers,
switches, firewalls, load balancers and wireless access points. BMC BladeLogic Network Automation
shields users from underlying complexity to enable consistency in change and configuration management
activities. At the same time sufficient detail about network devices is exposed only to appropriate staff to
ensure secure and effective network administration.

Compliance Management
Most IT organizations are required to maintain network configurations in compliance with policy governance,
whether regulatory (such as SOX, PCI, or HIPAA), security, or operational. BMC BladeLogic Network
Automation helps IT organizations achieve and maintain compliance continuously by defining and
proactively applying configuration policies. Remediation of policy violations is automatically generated and
applied in self-healing closed loop of automation that delivers continuous compliance and minimizes

Closed-Loop
Compliance

Unified with policy-driven


configuration management

windows of security vulnerability. Detailed reports available on demand characterize up-to-date network
device compliance with configuration policies.

Features
BMC BladeLogic Network Automation is a highly scalable, enterprise-class solution powered by industry-

Proactive change audit

leading technology:

Real-time detection of drift

Automatic generation of
remediation script

device without having to reboot the device

Smart ACL Management Configures access control lists (ACLs) on a network device without
exposing the device to potential security vulnerabilities

Automated Change Request


generation

SmartMerge Technology Automatically creates scripts to allow for changes to be pushed into the

Smart Syntax Scanning Checks automatically generated SmartMerge scripts against the target
device to verify that the its current operating system supports the command syntax before execution

Automated Remediation

Deep discovery of device configuration details with resource and environment validation

Trusted Configuration Provides a baseline for comparing all changes and drift management

Configuration backup, historic tracking of archive and restoral

Operating system patch and upgrade management

Automatic device grouping on multiple attributes for service-aware or group-specific action selectivity

Automatic, policy-driven job creation for individual devices or device groups

Policy-based exception handling for conditional roll-back when change jobs do not complete normally

Library of pre-built device configuration templates

Predefined rules from industry best practices: CIS, DISA, NSA, NIST, Cisco

Automatic configuration of Cisco service modules

Predefined jobs implements network configuration portion of a service provisioning workflow

SSH console proxy and syslog monitor capture non-automated changes

Multiple, customizable log trails track device events

Role-based access control (RBAC), Network Realms and sensitive data masking segregate functions

Quarantine actions to isolate problematic end-points for remediation

Operational reporting for device configuration visibility and compliance status

BMC BladeLogic Decision Support for Network Automation


This available supplementary package goes beyond snapshot status to deliver operations assessment
reports summarizing and analyzing network change activities over time. Pre-defined graphic and text
management-level reports are usable out-of-the-box. Reports may be customized and new reports may be
defined.
A key feature is pre-built full audit compliance reports for ITIL v3, PCI, SOX and HIPPA. Every rule or policy
of these governance best practices or regulations is listed with an explanation of relevance to networks and
the current status of network compliance to the rule or policy.
Key Performance Indicators (KPI) for staff productivity, compliance consistency and process maturity are
also reported. These KPIs may be incorporated into the BMC Dashboards for network operations visibility
to IT management.

Alignment with Best Practices


BMC BladeLogic Network Automation automates configuration policies based on the ITIL v3 change
management process as well as practices common across enterprises in the daily management of network
operations that are proven to result in stable and secure networks.

BMC Cloud Service


Management

Common Practices

as well as published rules from CIS, DISA, NSA, NIST, and Cisco. Network container Service Profiles

Comprehensive solution for

The library of pre-built device configuration templates is based on vendor and customer recommendations

applications, servers, storage

support Cisco reference containers for Platinum, Gold and Silver tiers out-of-the-box. The best practices for

and networks

common network operations activities validated by customers include:

Network Containers
-

Virtual Data Centers

Secure Customer
Private Networks

Group Service

Device inventory management, including Cisco SMARTnet service contract renewals as well as
planning End-of-Service and End-of-Life OS and hardware upgrades

Maintaining the Trusted configuration and configuration archive for reliable backup and recovery

Securing user access and sensitive data

Implementing and auditing configuration changes

Managing configuration compliance

Managing OS image updates

Components

Service Profiles
-

Platinum

Gold

Silver

These common practices enable rapid deployment and early benefit from BMC BladeLogic Network
Automation. These rules and practices are configurable to adjust to specific operating requirements.

Continuous Compliance
BMC BladeLogic Network Automation implements a closed automation loop from detection to automatic
script generation and change job execution to consistently maintain policy compliance at near-perfect level.
With included BMC Atrium Orchestrator components, the automation loop is extended to integrate with ITIL
v3 Service Management applications for Incident Management and Change Management. By removing
these time-consuming and mundane manual tasks, documentation of policy violation incidents and all
changes is assured. Proper handling of normal, standard and emergency changes ensures that approvals
are documented and changes do not collide or negatively impact business operations. Latent changes
accomplished without approval, but accepted in the Trusted configuration are also documented to eliminate
audit exceptions. Out-of-the-box integration with the ITIL v3 Change Management process streamlines the
change process, reducing the risk of errors and unplanned outages. Most important, the BMC solution
automatically closes the loop on all changes, keeping the change management staff apprised of the status
of changes and indicating the success or failure of change implementations.

Tie-In to BSM
BMC BladeLogic Network Automation delivers on the vision of BSM, by integrating with both BMC Atrium
CMDB and BMC Atrium Orchestrator. Bi-directional integration with Atrium CMDB is built-in. Detailed
network device configuration data is exposed in the CMDB. Service mappings are visible from the CMDB,
enabling network administrators to make service-aware operational decisions that improve business
responsiveness and reduce unplanned service outages.
Integration with BMC Atrium Orchestrator exposes BMC BladeLogic Network Automation functions for
cross-functional process automation with many other service management applications, including BMC
Remedy IT Service Management applications for Service Request Management, Change Management
and Incident Management as well as BMC ProactiveNet Performance Management for event and
performance remediation. Cross-functional process automation enables staff to work with fewer
management interfaces and reduces the overall manual task effort.

Part of a Comprehensive Solution


BMC BladeLogic Network Automation provides specialized configuration automation for network devices
that increases the speed and effectiveness of provisioning the networks underpinning virtualized and cloud
computing environments. Pursuing one element of cloud computing often creates more issues than it
resolves. BMC supports cloud computing implementations in a structured manner that leverages both
proven management solutions and new technology to create value at all points in the cloud adoption path.
By building upon these components, all the key components of a cloud infrastructure are addressed, while
the structure is tailored to meet the unique needs of each business.
BMC brings together the tools of traditional IT management, with operational excellence, automation, and

service delivery models, and merges them with the dynamic potential of cloud architectures. Thus, each
BMC solution represents a best practice approach, developed through our extensive experience both in
virtualization and cloud implementations, and in broader enterprise IT management. These solutions, taken
together or separately, comprise the foundations of a strong, flexible, and valuable cloud infrastructure that
will support IT operations and deliver exceptional service quality to the business.

Cloud Management Features for Networks

Framework for Network Containers

Provisioning actions for Data Center Switch, Load Balancer and Firewall

Support for Cisco Nexus line including 1000V software switch

Support for Cisco reference containers (i.e. Gold, Silver, and Bronze tiers)

Virtual network component provisioning (i.e. VRF, virtual firewalls, virtual load balancers)

Network Container and Service Tiers


A network container is the logical representation of a secure area of the network data center dedicated to a
particular customer often referred to as a secure zone. The network container becomes a Service Profile
when service components, like load balancers and firewalls in configurations defined to deliver customerselected service levels [i.e., Platinum, Gold or Silver]. A Service Profile can be expanded in a network
container for a customer or service and may be reused for other customers and services with changes in
address space and security parameters.
The Service Profile might define:

Dedicated or shared Web application firewalls and load balancers

Number of VLANs

Aggregate and Virtual Machine to Virtual Machine bandwidth

IDS/IPS enablement, URL filtering and file integrity monitoring

These are elements within a network container. If the cloud computing service provider gives the capability
to end users to make Service adjustments (i.e. add another VLAN) then those adjustments are made within
the container essentially, the container is a Virtual Data Center.

For More Information


To learn more on BMC BladeLogic Network Automation, please visit www.bmc.com/products.

BUSINESS RUNS ON I.T.


I.T. RUNS ON BMC SOFTWARE.
Business thrives when IT runs smarter,
faster, and stronger. Thats why the most
demanding IT organizations in the world
rely on BMC Software across both
distributed and mainframe environments.
Recognized as the leader in Business
Service Management, BMC offers a
comprehensive approach and unified
platform that helps IT organizations cut
cost, reduce risk and drive business
profit. For the four fiscal quarters ended
June 30, 2010, BMC revenue was
approximately $1.92 billion.

BMC, BMC Software, and the BMC Software logo are the exclusive properties of BMC Software, Inc., are registered with the U.S. Patent and
Trademark Office, and may be registered or pending registration in other countries. All other BMC trademarks, service marks, and logos may be
registered or pending registration in the U.S. or in other countries. All other trademarks or registered trademarks are the property of their
respective owners. 2006,2010 BMC Software, Inc. All rights reserved. Origin date: 08/2010

* 162135*