After you activate the license, complete the initial setup, and specify your network configuration options, you can customize settings for other Enterprise Manager™ features.
A benefit of using Enterprise Manager is the ability to store, or archive, the user configuration set (UCS) for each managed device in your network. A UCS archive is a compressed file that contains all of the information required to restore a managed device's configuration, and consists of:
Each time you create a new configuration for a device, Enterprise Manager also creates a UCS archive of that configuration. You can also create and store UCS archives for managed devices on demand. These UCS archives are referred to as pinned and are saved until you delete them. The third option is to create a task to save UCS archives on a specified schedule. These archives are called rotating archives.
Enterprise Manager saves multiple archives and cycles out the oldest UCS archive when it saves a new one. By default, Enterprise Manager stores ten rotating and ten pinned UCS archives in its database.
It is best practice to create a rotating UCS archive schedule so that you always have a copy of the most recent configuration for any given device. When Enterprise Manager is prompted to store a UCS archive on a schedule, it compares the UCS archive file to the current configuration at the specified interval. If there are any differences, Enterprise Manager stores a copy of the current configuration. If there are no differences, Enterprise Manager does not create an additional copy of the current configuration.
|Include||Select this option if you want the system to store private key data when it creates a configuration archive. This is the default setting.|
|Exclude||Select this option if you do not want the system to store private key data when it creates a configuration archive. Note that if you select this option, you must manually restore the keys if you restore the archive.|
When statistics data collection is enabled, Enterprise Manager™ stores the following information in its statistics database for each managed device on which the Data Collection Agent is installed:
You can use the collected statistics to display standardized reports about the health and performance of managed devices in your network. This helps you identify any systems that are not performing at full capacity and assists you in determining when you should add new devices.
To start collecting statistics, you must enable the collect statistics data feature and install the Data Collection Agent.
Each time you log on to Enterprise Manager™ a startup screen displays. By default, the startup screen is the Welcome screen, but you have the option to change this screen if you find an alternative screen more useful.
You can use this table to determine which screens are most relevant to your needs.
|Default startup screen option||Description||To access|
|Welcome||Contains links to setup, support, plug-ins, and additional downloads.||Click Overview and Welcome.|
|Performance||Displays statistics related to the Enterprise Manager system performance.||Click Overview and Performance.|
|Device List||Displays a list of all of the devices you are managing with Enterprise Manager.||Click Enterprise Management and Devices.|
|Task List||Displays a list of running and completed tasks.||Click Enterprise Management and Tasks.|
|Device Statistics||Displays a summary of statistics graphs for all managed devices.||Click Enterprise Management, Statistics, and View.|
|Custom Lists||Displays a customizable list of objects.||Click Enterprise Management and Custom Lists.|
You can configure Enterprise Manager™ to manage alerts in these ways:
Simple Network Management Protocol (SNMP) is an industry-standard protocol that gives an SNMP management system the ability to remotely manage a device on your network. You have the option to configure alerts that prompt Enterprise Manager™ to send SNMP traps to a remote SNMP server.
To send SNMP traps in this manner, you provide the SNMP agent and SNMP client access to the Enterprise Management system. As Enterprise Manager system shares the same operating system as a BIG-IP® system, you can configure SNMP on the Enterprise Manager system in the same way that you do on a BIG-IP system. For detailed information about how to configure SNMP traps, see the TMOS® Management Guide for BIG-IP® Systems. The SNMP versions that the Enterprise Manager system supports are: SNMP v1, SNMP v2c, and SNMP v3.
If you want to have a specific recipient receive an email message when an alert is triggered, you must complete specific tasks so that Enterprise Manager™ can deliver locally generated email messages.
To perform the specific tasks, you must have administrator privileges with root access for the Configuration utility.
The postfix mail server is initiated by default when you start Enterprise Manager™. You can, however, customize the configuration for email notification from the Enterprise Manager system's command line.
Enterprise Manager™ classifies the permissions for the user roles as either non-restricted or restricted. These user roles are defined as:
There are eight different types of permissions that you can specify for each restricted user role. You can specify any of these management task permissions to the Operator and Application Editor user roles.
|Manage Device Configuration Archives||Create and manage UCS archives for all managed devices|
|Browse Device Configurations||View device configuration settings using the Enterprise Manager configuration browser|
|Compare Device Configuration Archives||Compare UCS configuration files between two devices|
|Stage Changesets for Deployment from Published Templates||Create a new staged changeset from a published template|
|Deploy Staged Changesets||Deploy a staged changeset created by the user, or another user|
|Administer Device Lists||Manage device list members|
|Synchronize Device Configuration with Peer||Synchronize peer device configurations|
|Failover Devices||Initiate a failover to a peer managed device|
Enterprise Manager™ communicates with devices in your network and F5 servers through a secure HTTPS connection. You can also use a proxy server for communication with network devices to download licensing information, support information, or Application Security Manager™attack signature files and an FTP proxy to send support data in a support data collection task.