IP Fabric is a network assurance platform providing key analytics for multi-vendor environments; it automates network discovery, network topology diagram production at a protocol level, network security compliance audits and network documentation.  The platform enables an intent-based approach to network management and instant end to end path simulation over large-scale networks.

The platform collects a variety of data specific to each network device. Starting with basic inventory and protocol states and detailed protocol tables or links. To provide full transparency, all operational commands used for each vendor/platform are well documented in our Support matrix.

The IP Fabric platform collects data from the network on a regular basis to provide in-depth analytics. The output of the data collection is a digital snapshot of the entire network at the time of discovery. IP Fabric does not monitor the network in real-time like traditional monitoring tools, but provides deeper insights. It integrated with many popular monitoring tools (e.g. Zabbix, PRTG) to add key context.

IP Fabric collects data only via Command-Line Interface (CLI) with set of known operational commands on supported network devices. Read-only access is sufficient for discovery. Additionally, the platform uses API to communicate with vendor controllers (Versa, Viptela) or cloud vendors (AWS, Azure, NSX-T). IP Fabric doesn’t collect any SNMP data from active network devices.  Our CLI–based approach, via SSH, achieves a greater level of detail compared to SNMP.

Monitoring tools are still crucial to your network operations processes; raised alerts and alarms will let engineers know there is something to be assessed or investigated. IP Fabric will give you the ability to compare past states of the network, compare changes, analyze full route-cause of issues to prevent future repeats of the same issues and improve troubleshooting processes.

The product is priced per managed device and licensed on a subscription basis (including support). The only factor we account for in the license price is the number of active network devices (switches, routers, firewalls, load balancers, wireless controllers) in the target network. Wireless Access-Points are not included in the license. See Pricing.

IP Fabric must be deployed to a single, dedicated virtual machine. See Operational Requirements. IP Fabric is usually deployed as an on-premises solution. It does not require any Internet connectivity to operate or verify the license or run discovery. Alternatively, it can be deployed in the cloud and discover networks via private tunnels.

The overall impact is very low on network resources. IP Fabric is reading all data from a device with a single SSH session in a similar way as the administrator, only faster. It is very common for IP Fabric to run discovery during business hours when little to no irregularities were observed in monitoring.

IP Fabric is a powerful tool for multi-vendor, large-scale hybrid networks. The network vendor list is always expanding with new items added each release and can be found at our Support Matrix. IP Fabric can discover all supported IP-based active network devices. In general this includes switches, routers, firewalls, load-balancers, WAN concentrators, wireless controllers, wireless access-points.

One engineer is enough to handle the task of testing. For the first network discovery, IP Fabric must be deployed with the OVA image (provided on request). The platform needs to have correct credentials to access active network devices via SSH/Telnet. The security perimeter needs to enable communication from the IP Fabric platform to network devices for mentioned CLI protocols. Optionally, you can provide a single IP address as a starting point for discovery.

No. Passwords at rest in the database and techsupports are encrypted to ensure the safety of our customers' private data.

No, it isn't. It would add an unnecessary level of complexity for both IP Fabric engineers and the customers. Encryption key provisioning would need to be solved in case that filesystem or underlying block device is encrypted. This would require either passphrase prompt on every boot or integration into secret store on the deployment infrastructure side. We recommend that customers handle encryption at storage level (e.g., VMware Datastore).