Device Compliance

In CloudVision Portal (CVP), devices have a compliance status which indicates whether the running configuration and image of a device is different from the designed (managed) configuration and image for the device.

The possible device compliance statuses are:

  • Compliant: Devices in which the running configuration and image are identical to the designed configuration and image for the device.
  • Non-compliant: Devices in which the running configuration or image are different from the designed configuration or image for the device

When you edit running and designed configurations of provisioned devices, CloudVision automatically computes the difference and updates the compliance status in response to changes in the network. CVP provides device compliance status indicators to easily identify non-compliant devices and the functionality required to bring non-compliant devices into compliance. One process used to resolve the difference in running and designed configuration is referred to as reconciling.

Device Compliance Status Indicators

CloudVision Portal (CVP) provides device compliance status information in both the Network Provisioning screen and the Inventory screen (list view).

Network Provisioning Screen Compliance Status Indicators

The Network Provisioning screen (topology view) utilizes color coding to indicate the presence of compliance alerts on devices. A compliance alert on a device indicates that the running configuration or image is different from the designed configuration or image for the device. This feature enables you to easily see if a device has a compliance alert.

In addition to using color codes for device icons, CVP also uses color codes for container icons to indicate that a device within the container has a compliance alert. If a device within a container has an active alert, the container inherits the alert color of the device. For example, if a device within a container has a configuration mismatch, the container inherits the alert color used to indicate a configuration mismatch.

This feature enables you to easily see if a device within a container has an alert, even if the device is not visible. It also prevents you from having to open a container to see if a device within it has an alert.

Note: Containers only inherit the alert color of a device if the device is directly underneath the container in the hierarchy. If the device is not directly underneath the container in the hierarchy, the container does not show the alert notification color of the device.
For descriptions of the color codes used to indicate compliance status, see:

Representation Under Show All Devices

The image below shows the representation of device compliance status information for devices that are only visible by accessing Show all devices. The statuses shown are the same as those shown using device icons in the topology view.

Figure 1. Show All Devices display of device compliance status


Representation in List View

The image below shows the representation of device compliance status information when using the List View. The statuses shown are the same as those shown using device icons in the Topology view.

Figure 2. List View display of device compliance status


Removing Compliance Indicators

The Network Provisioning screen shows non-compliance whenever there is a mismatch between the running configuration or image and designed configuration or image of devices in the topology. To remove compliance indicators, reconcile the configuration of any devices that have a configuration mismatch.

Note: Compliance indicators are removed from the display only when there is no configuration mismatch.

Representation Under Show All Devices

The image below shows the representation of device compliance status information for devices that are only visible by accessing Show all devices. The statuses shown are the same as those shown using device icons in the topology view.

Figure 3. Show All Devices display of device compliance status


Device Icon Compliance Status Color Codes

The color of the device icon indicates the compliance status of the device. This table lists and describes the device icon color codes:

Icon Description


Gray

The compliance status is normal (no compliance alert).



Orange (no task)

The device has a configuration mismatch (the running configuration or image are different from the designed configuration or image for the device).

No task to resolve the mismatch is associated with the device.



Orange (with task)

The device has a configuration mismatch (the running configuration or image are different from the designed configuration or image for the device).

A task to resolve the mismatch is associated with the device.

See Representation Under Show All Devices for how this status is shown when using the Show All Devices option.

Container Icon Compliance Status Color Codes

The figure below shows a container that has a device within it that has an alert. In this example, the alert color is yellow, which indicates one of the following:

  • A device within the container has a configuration mismatch.
  • A device within the container has a configuration mismatch, and there is a task associated with the device to resolve the mismatch.
    Figure 4. Container showing alert color

Device Compliance Checks

CloudVision Portal (CVP) enables you to see if devices are non-compliant by performing compliance checks at the device level and at the container level.

Device Access Alerts

The Network Provisioning screen shows device access alerts whenever a device is no longer reachable by CVP. This enables you to easily identify unreachable devices in the screen. Any device that is no longer reachable is represented on the screen using a color coded device icon.

This table lists and describes the color codes used for unreachable devices:

Icon Description


Red

The device is unreachable (CVP cannot connect to the device).

Like device compliance status alerts, CVP also uses color codes for container icons to indicate that a device within the container is unreachable. If a device within a container has an access alert, the container inherits the alert color of the device (red).

This feature enables you to easily see if a device within a container has an alert, even if the device is not visible. It also prevents you from having to open a container to see if a device within it has an alert.

Note: Containers only inherit the alert color of a device if the device is directly underneath the container in the hierarchy. If the device is not directly underneath the container in the hierarchy, the container does not show the alert notification color of the device.