Documentation forNetwork Configuration Manager
Managing network configurations is a key capability of SolarWinds Observability Self-Hosted (formerly Hybrid Cloud Observability) and is available in the Advanced edition. Network Configuration Manager (NCM) is also available in a standalone module.

Block all private addresses with an access control list

Routers connected the Internet are normally configured to discard any traffic using private IP addresses. This isolation gives your private network a basic form of security as it is not usually possible for the outside world to establish a connection directly one of your network devices using these addresses. The following procedure updates the access control list to block all private IP addresses on several devices at the same time.

Back up the running configuration

  1. Click My Dashboards > Network Configuration > Configuration Management.
  2. Select one or more nodes.
  3. Click Download > Running.

Update the access control list for a group of nodes

  1. Click My Dashboards > Network Configuration > Jobs.
  2. Click Create New Job.
  3. Name the job, and select Execute Command Script on Devices from Job Type.
  4. Specify when the job runs:

    • To run the job once or on a simple schedule, select Basic. Click the tab that identifies how frequently the job runs, and then specify the start time and (if needed) the day(s).

    • To create a more complex schedule, select Advanced and then use the five fields to create a CRON expression.

  5. Add a comment if this job relates to a business rule, and click Next.
  6. Select the nodes to target with this job, and click Next.
  7. Select an email notification option, and click Next. If you click Email Results, the default email notification and SMTP server settings are populated. These settings can be overridden in each job.
  8. Add the script to execute.
    • If you want to load a saved script, click Load Saved Script, and select a script.
    • If you want to load an existing script from disk, click Load Script from File, browse to the file, and click Open.
    • If you want to create a new script, enter your script in the text box. For example:

      ${EnterConfigMode}
      access-list 102 deny ip 10.0.0.0 0.255.255.255 any log
      access-list 102 deny ip 172.16.1.0 0.15.255.255 any log
      access-list 102 deny ip 192.168.0.0 0.0.255.255 any log
      exit
      write memory

      Where 102 is the name of the ACL. ${EnterConfigMode} is a variable that is equivalent to config terminal on Cisco devices.

  9. If you want to save a script, click Save Script, specify a location, and click Save.
  10. Select Filter Results that match a pattern if you want to see in the script output only those lines that match a specific regular expression pattern.
  11. Select Show Commands in Output to view what NCM sent to the targeted devices.
  12. Click Next.
  13. Review the settings for the job, and click Finish.

Verify success by comparing configs

  1. Click My Dashboards > Network Configuration > Configuration Management.
  2. Select one or more nodes, and click Compare Node(s) Configs.
  3. Select a config from each list.
  4. Click Compare Selected. Changes to are highlighted in red, green, and yellow.