Professional Documents
Culture Documents
HUAWEI Esight Full Product Datasheet PDF
HUAWEI Esight Full Product Datasheet PDF
Huawei eSight Full Product Datasheet methods: simulation ow-based and real service ow-based network quality
detection.
Monitors network quality using simulation ows by integrating with devices'
Network Quality Analysis (NQA) function to diagnose and measure link
performance between network devices 24x7 and displays Quality of Service
(QoS) statistics.eSight noties administrators remotely when QoS reaches the
threshold set by administrators.
eSight SLA Manager Administrators can use the quick diagnosis function to monitor link
performance in real time and diagnose faults, which improves management
Product Overview efciency.
With the development of enterprise network applications and the expansion of network scale, a large number Implements network quality detection based on iPCA, which is the industry's
of routers, gateways, and Wireless Area Network (WLAN) devices are used on enterprise campus and branch rst multiple-input-multiple-output quality measurement technology and solves
networks. Enterprises must provide multiple mobile offices, rather than a fixed location, for their employees, the N2 connection problem in traditional point-to-point quality measurement
and support diversified services, complicating network management. They urgently need a unified network technologies. iPCA technology uses the enhanced area-based packet
management system to improve efciency and ensure normal operation of enterprise services. conservation mechanism to monitor the quality on a connectionless network
and also provides accurate fault location capabilities.
Huawei eSight is based on the following concepts: topology-centric, simplified management, and improved
Operation and Maintenance (O&M) efciency. Network administrators can gain an overall understanding of the Collects router and Layer 3 switch trafc, analyzes network trafc based on
network status by viewing the topology. eSight not only provides basic network management capabilities (alarm, NetFlow, NetStream, and sFlow protocols, and allows users to customize
topology, performance, and conguration) but also proactive warnings of potential network faults. In addition, eSight Network Trafc Analyzer reports. This helps network administrators monitor traffic and bandwidth
eSight provides abundant fault location methods to help administrators effectively locate and rectify faults. eSight usage and detect network bottlenecks in a timely manner, providing evidence
provides an all-round, open, and unied management platform, and various service components, to implement for network planning and fault diagnosis.
unied management of devices, services, and applications. Provides a platform for collecting, storing, and auditing multiple types of large-
scale logs in a unied manner.
Product Features eSight LogCenter Manager Manages logs from Huawei and other vendors'devices.
Provides industry-leading Network Address Translation (NAT) tracing and
security events analysis functions.
Provides integrated management of wired and wireless networks.
Supports wizard configuration to improve deployment efficiency of wireless
Easy to Use services.
eSight WLAN Manager Displays information about WLAN network quality, interference sources,
Easy to Use
User-friendly Graphical User Interface (GUI) and smooth operations
wireless intrusion, and access terminals.
Active monitoring and visible O&M Supports one-click diagnosis, interference source locating, and spectrum
analysis to implement highly efcient troubleshooting.
Unified Management Integrates scattered VPN information into visible management objects and
ement
Unified Manag
Multi-type
- device management displays the information using gures and graphs.
Multi-vendor device management eSight MPLS VPN Manager Provides End-to-End (E2E) service deployment and hierarchical fault diagnosis
capabilities. Administrators can easily deploy, monitor, and diagnose VPN
Smart O&M
services to guarantee quality and reliability for key services.
Smart O&M
Automatically discovers Multiprotocol Label Switching (MPLS) Traffic
Plug-and-play
-
Engineering (TE) and Label Distribution Protocol (LDP) tunnels that have been
Automatic network quality sensing eSight MPLS Tunnel Manager
deployed on the network, monitors tunnels in real time, dynamically displays
tunnel operating status, and monitors active-standby switchover and bypasses.
Automatically discovers IPSec VPN services on the hub-spoke and site-to-
site networks and provides all-round monitoring and diagnostic functions,
eSight IPSec VPN Manager
including service alarm status monitoring, service topology, performance
monitoring, service diagnosis, and historical tunnel information display.
Provides unied security services management functions for the entire network,
Product Components including Huawei firewalls, Unified Threat Management (UTM), and Access
Routers (AR).
eSight Secure Center
Provides policy redundancy analysis, risk analysis, policy matching analysis,
eSight provides a unified O&M platform and specific components to meet enterprise user and comprehensive analysis for USG series rewalls to provide basis for policy
requirements. optimization.
eSight can manage devices from different vendors and multiple resources to provide
unified management across the entire network.
Unified management of multi-vendor devices: eSight can manage devices from mainstream vendors,
including Huawei, Cisco, Juniper, Ruijie, H3C, Brocade, BDCOM, and Maipu.
Unied management of multi-type devices: eSight can manage network devices such as routers, switches,
rewalls, and WLAN devices, and IT resources such as servers and work stations.
Customized device management: eSight allows customers to customize vendor names, device types, panel
style, performance presentation, and alarms for rapid device adaptation.
Product Overview
As the network scales and the number of enterprise network applications continues to grow, more devices
are deployed. Multiple service routers, security gateways, and Wireless Local Area Network (WLAN) Access
Points (APs) are used to implement communications and collaboration services in decentralized enterprise
campus and branch ofce networks. Enterprises are using an increasing number of core and access devices
provided by multiple vendors. Each device has its own management system, creating confusion for system
and network administrators.
To alleviate the operational burden, Huawei has developed the eSight Unified Network Management
Platform, a unied network management system that provides a comprehensive view and management of all eSight provides rights-based, domain-based, and time-based authorization, and flexible
network and system resources, ensures network stability, and improves O&M efciency.
network user authentication methods.
The eSight Unied Network Management Platform provides compact, standard, and professional editions
for enterprise users. In addition to unified management of devices from various vendors, topology eSight enables rened management authorization by assigning different user names and passwords to
management, fault management, performance management, a smart conguration tool, conguration le administrators and by controlling administrator management authority, management range, time range
management, and a Simple Network Management Protocol (SNMP) northbound interface, the eSight Unied allowed to log in, and IP range allowed to log in.
Network Management Platform allows users to customize third-party devices, helping establish a network eSight supports Lightweight Directory Access Protocol (LDAP), RADIUS, and local authorization methods.
management system customized to their own needs.
The comprehensive fault monitoring system enables real-time fault diagnosis and quick
troubleshooting.
Features
eSight provides unied monitoring of alarms on the entire network and informs maintenance personnel of
The eSight Unified Network Management Platform provides compact, standard, and the alarms in the rst instance through alarm sounds, remote alarm notication (email and SMS), and the
professional editions for enterprise users. alarm panel, ensuring timely troubleshooting.
eSight supports alarm analysis and processing. eSight provides alarm locating functions to switch to NEs,
ports, and services, shield, suppress, and categorize alarms, analyze alarm correlation, redene the alarm
Edition Functions severity, and maintain the experience library, improving troubleshooting accuracy and efciency.
eSight supports customization for alarm shield, redefinition, and alarm sounds to meet specific
Supports topology management, Network Elements (NEs), links, physical resources, requirements in different scenarios.
e-labels, alarms, performance, conguration les, logs, Virtual Local Area Network (VLAN)
management, customized device management, report management, a smart conguration eSight provides visual management of the entire network topology and status monitoring.
tool, WLAN, IPSec Virtual Private Network (VPN), Multiprotocol Label Switching (MPLS)
Compact edition
VPN, Service Level Agreement (SLA), IP topology, NTA, Policy Center, MPLS Tunnel
Manager, maintenance tools, SNMP northbound interface, security management, and
device software management.
Provides database backup tool and fault collection tool.
Supports all functions of the compact edition, and Smart Reporter, SNMP north bound
Standard edition interface, SLA Manager, WLAN Manager, NTA, MPLS VPN Manager, MPLS tunnel manager,
Secure Center, LogCenter, and IPSec VPN manager.
Supports all functions of the standard edition, and hierarchical Network Management
Professional edition
System (NMS), High Availability (HA).
Convenient resource searching on the entire network helps administrators quickly locate resources and
access corresponding services.
Intelligent conguration: eSight is precongured with multiple common service conguration templates.
Users can select an appropriate template to perform the same congurations on devices in a batch or use
a le to perform congurations on groups of devices in a batch.
Conguration le management: Conguration les for multiple devices can be backed up, compared, and
restored. The backup function includes immediate backup and periodic backups, and backups triggered by
device conguration changes. When the device conguration changes, eSight can trigger alarms and send
alarm notication through email.
MIB management: eSight provides Management Information Base (MIB) compilation, loading functions
and Get, GetNext, Walk, and TableView operations.
Simple and convenient daily maintenance operations and lower technical requirements
improve work efficiency.
The customized portal allows users to receive all information on the home page. eSight can also integrate
third-party software portals with the home page.
Operating Environment
Conguration requirements for the eSight Unied Network Management Platform (compact edition) are as
follows:
Configuration requirements for the eSight Unified Network Management Platform (standard and
professionaleditions) are as follows:
eSight standard and professional editions can run on VMs. Requirements for VMs are as follows:
Disaster Recovery (DR) protection ensures service continuity and system reliability.
Sight supports two-node clusters in hot standby mode.
eSight supports the Linux operating system.
Deployment Scenarios
Ordering Information
The eSight network does not have special requirements when managed devices are connected to the eSight
server and devices support the Simple Network Management Protocol (SNMP). Table 2-1 Ordering information for eSight compact edition
eSight compact edition applies to small- and medium-sized enterprises.
Item Quantity Remarks
eSight Application Base-Compact (includes 40 device Mandatory for eSight Unified Network
1
licenses) Management Platform
VPN
Table 2-3 Ordering information for eSight professional edition
Branch Headquarters
Item Quantity Remarks
eSight Application Base-Professional (includes 60 device Mandatory for eSight Unified Network
1
licenses) Management Platform
eSight Professional NMS License (for 50 incremental One license manages 50 incremental
Optional
devices) devices.
eSight professional edition applies to ultra-large enterprises and is deployed at headquarters. eSight standard
eSight Professional NMS License (for 100 incremental One license manages 100 incremental
or professional edition is deployed at branches. Administrators at headquarters can check the network status Optional
devices) devices.
of each branch.
eSight Professional NMS License (for 200 incremental One license manages 200 incremental
Optional
devices) devices.
eSight Professional NMS License (for 300 incremental One license manages 300 incremental
eSight Standard or Professional Edition Optional
devices) devices.
eSight Professional Edition eSight Professional NMS License (for 500 incremental One license manages 500 incremental
Optional
Branch devices) devices.
VPN
eSight Professional NMS License (for 1,000 incremental One license manages 1,000 incremental
Headquarters Optional
devices) devices.
VPN
eSight Professional NMS License (for 2,000 incremental One license manages 2,000 incremental
Optional
Branch devices) devices.
eSight Professional NMS License (for 5,000 incremental One license manages 5,000 incremental
Optional
devices) devices.
Product Overview
With rapid network development and continual integration of network applications and service management,
Reports in multiple file formats apply to various scenarios.
information growth is exploding. Administrators, however, cannot extract the critical information they need
from the bulk; therefore, enterprises urgently need an information management system that can collect, eSight allows users to export report statistics into Excel, Word, or PDF les.
arrange, analyze, and display data to help improve operating efficiency. The information display mode
directly affects user understanding and provides the basis for decision making. In response to these needs,
eSight provides Smart Reporter as a powerful reporting tool.
Huawei eSight Smart Reporter provides preset report templates to meet requirements in most maintenance
scenarios and a professional report design tool for users to customize statistics reports.
Features
eSight Smart Reporter supports rights- and domain-based management and preset report
templates to meet requirements in most maintenance scenarios.
eSight provides dozens of preset report templates for various statistics elds, such as performance, alarm,
resources, WLAN, Service Level Agreement (SLA), and Quality of Service (QoS), helping users easily obtain
statistics.
Operating Environment
eSight Smart Reporter is installed on the same server as eSight Unified Network Management Platform
standard or professional edition; therefore, conguration requirements for the operating environments are
the same. eSight SLA Manager
Deployment Scenarios
Deployment scenarios for eSight Smart Reporter are the same as those for eSight Unified Network
Management Platform. Product Overviewt
Currently, most IP networks use coarse-grained bandwidth management polices and do not have quality
Ordering Information monitoring or guarantee mechanisms. Therefore, IP networks provide only connectivity and cannot ensure
good user experience. Users often experience service quality issues such as video pixelation, fuzzy voice, slow
network access, and slow response of cloud desktop. However, the networks and network administrators
Item Quantity Remarks are unaware of these issues because there is no system to monitor service quality on the entire network.
Administrators try to locate network problems only after receiving complaints from users. However, it
eSight Application Base-Standard (includes 60 often takes a long time to locate and solve a problem due to lack of real-time monitoring mechanisms and
device licenses)Or Mandatory for eSight Unified Network effective problem location methods. This problem location process is inefcient and severely affects user
1
eSight Application Base-Professional (includes 60 Management Platform experience.
device licenses)
Huawei eSight SLA Manager implements visible monitoring on network quality by combining the following
eSight Smart Reporter 1 Mandatory for eSight Smart Reporter methods: simulation ow-based and real service ow-based network quality detection.
Huawei eSight SLA Manager monitors network quality using simulation flows by integrating with the
eSight Smart Reporter-Special Services-customized
Optional Indicates the number of customized templates. devices' NQA function to diagnose and measure link performance between network devices 24 hours a
template development (per template)
day and displays QoS statistics. Administrators can set the QoS threshold, and eSight noties administrators
remotely when QoS reaches the threshold. Administrators can use the quick diagnosis function to monitor
link performance in real time and diagnose faults, which improves management efciency.
Huawei eSight SLA Manager implements network quality detection based on iPCA, which is the industry's
rst multiple-input-multiple-output quality measurement technology and solves the N2 connection problem
in traditional point-to-point quality measurement technologies. iPCA technology uses the enhanced area-
based packet conservation mechanism to monitor the quality on a connectionless network and also provides
accurate fault location capabilities.
Features
The network quality emulation test helps users discover network quality problems in
advance.
Service-oriented SLA and easy operation simplify O&M needs. Users can create an SLA service to carry
out E2E network QoS monitoring and evaluate network and service QoS based on SLA compliance. eSight
has more than 20 SLA service conguration items for video, audio, and network applications, allowing
customers to dene SLA services to meet their unique requirements.
eSight SLA Manager displays network QoS statistics and generates alarms in advance to ensure user
experience. After a user creates an SLA task, it will be executed periodically. QoS statistics are displayed
based on daily compliance. When QoS meets the threshold conditions, eSight notifies administrators
remotely, enabling administrators to diagnose faults in advance to ensure the user experience.
eSight SLA Manager provides a quick diagnosis function to narrow the fault scope and shorten fault Users can further view real-time data on devices and links as well as packet loss in a port queue or on a
diagnosis time. The quick diagnosis function helps users locate faults by link segments, narrowing the fault port with the specied MAC address.
scope.
Network-level measurement
Network-level measurement targets an area to implement visible monitoring on the area network quality.
Visible historical network data provides a basis for network optimization. In actual applications, QoS values
indicate services of different priorities. Different services on a same link can be compared, and the result
shows whether QoS on a network has taken effect and provides a basis for QoS policy adjustment.
Path hop-by-hop detection can locate the node or link where packets are lost in an area.
eSight SLA Manager provides real-time QoS monitoring, multi-dimensional data analysis,
and graphical data display.
eSight uses the unied dashboard panel to vividly display QoS information, simplifying network management.
The dashboard displays and manages various QoS information in a centralized manner to administrators,
informing them of bandwidth usage and network exception information in real time. The QoS information
includes top bandwidth usage, top discarding rate, top Peak Information Rate (PIR), and top matching rate.
Deployment Scenarios
Deployment scenarios for eSight SLA Manager are the same as those for eSight Unified Network
Management Platform. Source devices must be added to eSight, and the IP addresses of the source and
destination devices can be pinged.
Ordering Information
Product Overview
Fast and stable access speeds improve ofce work efciency, while low access speeds can negatively affect
productivity. Administrators must determine which applications consume the most bandwidth and generate
heavy trafc, and which employees use these applications, and then change the network QoS policy and
expand the network when necessary.
eSight Network Trafc Analyzer (NTA) supports NetFlow, NetStream, and sFlow. It collects trafc information
output by routers and Layer 3 switches and provides user-defined reports to network administrators for
analysis of trafc and bandwidth usage and network bottleneck detection. eSight Network Trafc Analyzer
also provides information for network planning and troubleshooting.
Features
eSight Network Traffic Analyzer supports mainstream network traffic protocols, including NetStream,
NetFlow, and sFlow.
shows the customized dashboard that displays network status.
Figure 5-1 Customized dashboard
Multiple dimensions: eSight Network Trafc Analyzer ranks the trafc on devices and interfaces, including
interface usage, application, host, session, and Differentiated Services Code Point (DSCP) trafc.
Customization: eSight Network Trafc Analyzer allows users to customize the presented content, format,
and formatting style and supports partial trafc updates without changing the Graphical User Interface
(GUI).
The interface traffic and usage rankings display interface traffic statistics, including the incoming and
outgoing rate and incoming and outgoing data packets. Clicking an interface will reveal information about
Interface Traffic Analysis
the trafc composition at different times, in multiple dimensions, including the application, host, session,
and DSCP.
Customized Applications
eSight Network Trafc Analyzer components are recognized based on the protocol and port number, and
hundreds of standard applications and common Layer 4 applications are preset. Protocols and port numbers
can also be added for unknown applications, and network administrators can add applications as required.
Users can customize applications based on the specied protocol, port number, and IP address ranges.
Users can analyze trafc on the trafc trend diagram, which displays trafc and packets, respectively, on two
coordinates.
Interface traffic analysis checks the traffic trend for a specified interface, time range, and incoming and
outgoing trafc. Based on interface trafc analysis, network administrators can identify the interfaces that are
used most frequently on the network to gain a comprehensive understanding of the entire network status.
Administrators can detect interfaces with abnormal trafc and locate faults before network performance is
affected.
When eSight Network Trafc Analyzer and eSight Unied Network Management Platform are deployed on
different servers, eSight Network Trafc Analyzer can be deployed on a VM. VM resource requirements are
as follows:
Deployment Scenarios
eSight NTA License-Incremental 2 Device Licenses Optional One license manages two incremental devices.
Government agencies and industrial organizations provide guidance and stipulations through internal control
laws and standards, which impose higher requirements on the completeness, accuracy, and effectiveness of
run logs and user logs.
eSight NTA License-Incremental 5 Device Licenses Optional One license manages ve incremental devices.
eSight LogCenter:
Provides a platform for collecting, storing, and auditing multiple types of large-scale logs in a unified
manner.
Supports log management of Huawei and third-party vendors.
Provides industry-leading NAT tracing function and security event analysis.
Features
Unified Log Management and Quick Matching Capability
eSight LogCenter supports multiple log collection modes, including Syslog, session, SFTP, FTP static le,
FTP dynamic file, and Windows Management Instrumentation (WMI). Users can collect, classify, filter,
summarize, analyze, store, and monitor logs reported from the application systems or NEs to help the
administrator manage massive logs and learn NE running status, trace network user behaviors, and quickly
recognize and eliminate security risks.
eSight LogCenter supports prompt notications of key logs. The administrator can customize keywords,
log type, and log level thresholds. When logs match customized keywords, log type, or log level, eSight
LogCenter generates alarms in real time and noties users through SMS messages or emails.
Professional NAT Tracing and Automatic Association with User information to Meet Secure
Audit Requirements
eSight LogCenter collects and analyzes logs about sessions on NAT devices to obtain NAT information,
including the IP address, destination port, NAT source IP address, and protocols. eSight LogCenter uses the
NAT information and the data source provided by the Authentication, Authorization and Accounting (AAA)
server to ensure secure audit and trafc investigation.
Centralized deployment: When performance requirements are low, eSight LogCenter can
also be deployed in a centralized way.
WLAN Manager
Product Overview
With network development, Wireless Fidelity (Wi-Fi), a low-cost and highly efcient network deployment
and maintenance mode, has been widely recognized by customers. However, Wi-Fi's high requirements on
the environment and distributed deployment of a large number of ACs and APs on WLAN networks make
maintenance costly and difcult; therefore, an easy-to-use and efcient WLAN management system is the
key to ensure enterprise E2E operations.
Huawei eSight WLAN Manager integrates the management of wired and wireless networks, supporting
wizard conguration to improve wireless services deployment efciency. It displays information about WLAN
network quality, interference sources, wireless intrusion, and access terminals. It also supports one-click
diagnosis, interference source locating, access terminal locating, and spectrum analysis at the terminal and
network side to implement highly efcient troubleshooting. Location topology: WLAN Manager can deploy APs to different areas in the physical topology and display
hotspots to help maintenance personnel discover radio signal coverage holes and channel collision areas.
It supports locating users, unauthorized devices, and interference sources, and displays historical tracks.
Features Administrators can determine whether to display or hide users of a specied area, rogue APs, unauthorized
users, and interference sources.
Unified Wired and Wireless Management
In eSight physical topology, users can monitor switches, routers, and security, IT, H3C, and Cisco devices in
a unied manner. Through centralized management of wired and wireless devices, such as ACs, Power over
Ethernet (PoE) switches, and APs, users can directly view device connections, status, and alarms on the entire
network.
Ordering Information
Item Quantity Remarks
eSight Application Base-Standard (includes 60 device licenses)
Or Mandatory for eSight Unified
1
eSight Application Base-Professional (includes 60 device Network Management Platform
licenses)
SSID statistics: Shows the number of APs, number of VAPs, and number of terminals connected to APs. One license manages ve incremental
eSight WLAN RTLS-5 AP Base Location Service Licenses Optional
Region and location statistics: Displays the total number of APs, number of online APs, and number of RTLS APs.
online STAs by region and location. One license manages 25 incremental
eSight WLAN RTLS-25 AP Base Location Service Licenses Optional
RTLS APs.
Operating Environment eSight WLAN RTLS-100 AP Base Location Service Licenses Optional
One license manages 100 incremental
RTLS APs.
eSight WLAN Manager is installed on the same server as eSight Unified Network Management Platform
standard or professional edition; therefore, the operating environment conguration requirements are the eSight WLAN Planning Tool Optional WLAN planning tool
same.
eSight WLAN Testing Tool Optional WLAN planning tool
Simple and convenient auto-discovery of services simplifies O&M.
The MPLS VPN Manager combines policies and scopes for service discovery on the entire network. Users do
not need to specify device roles. The MPLS VPN Manager can detect various types of networks, including
full-mesh, hub-and-spoke, Multi-VPN-Instance CE (MCE), HoVPN, Inter-AS VPN-Option A, and Inter-AS VPN-
Option B networks.
Product Overview
VPNs are complex, bearing various services such as data, voice, and video. Huawei eSight MPLS VPN
Manager is designed to deal with such complex scenarios as the following in routine maintenance:
Shielding complex services and allowing maintenance personnel to know the operating status of deployed
VPN services in real time and perform troubleshooting in a timely manner. Visual service management facilitates unified monitoring on the entire network and
provides real-time services operating status.
Monitoring the bandwidth usage of each service to ensure the priority of emergency command systems
and important users. The access topology view displays devices based on services currently running on them and displays alarms
Ensuring cross-regional video conferencing quality among provinces, cities, counties, and towns. and the link status of current services for quick diagnosis.
Huawei eSight MPLS VPN Manager integrates discrete VPN information on the network into visible
manageable objects and displays them in topology. Administrators can easily monitor VPN services and
diagnose faults to ensure QoS and reliability of key services.
Features
E2E wizard quickly deploys VPN services.
eSight MPLS VPN Manager provides E2E service deployment capabilities to help users quickly deploy new
VPN services, add new VPN access points, and change existing VPN services, improving service maintenance
efficiency. eSight MPLS VPN Manager supports static routes, OSPF, IS-IS, and Exterior Border Gateway
Protocol (EBGP) routing protocols between PEs and CEs on networks in full-mesh, hub-spoke, Multi-VPN-
Instance CE (MCE), and customized modes.
eSight MPLS VPN Manager interacts with report, SLA, and performance monitoring.
Intelligent interaction with performance monitoring: eSight MPLS VPN Manager allows users to customize
and view trafc statistics, Virtual Routing and Forwarding Tables (VRF) trafc statistics, and the number of
active VRF routes on the ve or ten most active access interfaces. eSight MPLS VPN Manager also provides
trafc trend charts with detailed counters.
Ordering Information
Intelligent interaction with reports: eSight MPLS VPN Manager provides interface traffic statistics and
service VRF statistics in reports, which customers can export.
Operating Environment
eSight MPLS VPN Manager is installed on the same server as eSight Unied Network Management Platform
standard or professional edition; therefore, the operating environment conguration requirements are the
same.
Deployment Scenarios
eSight MPLS Tunnel Manager automatically discovers tunnels deployed on the network to
obtain information such as the number of tunnels, tunnel types, and tunnel status.
eSight MPLS Tunnel Manager uses the automatic discovery function to discover the MPLS TE tunnels (RSVP-
TE signaling-based dynamic tunnels and CR-Static signaling-based static tunnels) and LDP tunnels that have
been deployed on the network to eSight from specied or all devices.
eSight MPLS Tunnel Manager eSight MPLS Tunnel Manager monitors tunnels in real time and dynamically displays the
tunnel running status.
When receiving an alarm, eSight MPLS Tunnel Manager noties users of tunnel status changes in a timely
manner. The tunnel topology displays tunnel status and provides entries for users to view the link bandwidth
information (such as bandwidth on outbound or inbound interfaces and maximum reserved bandwidth), link
interface information, and whether MPLS is enabled on devices, helping users diagnose faults.
When receiving an alarm, users can directly access the Tunnel Topology page from the alarm page to check
the tunnel status.
Product Overview
Tunnel technology is widely used on enterprise networks. Enterprises choose tunnels based on service
features. Generally, LDP tunnels carry services with low bandwidth and QoS requirements, and MPLS TE
tunnels carry services with high bandwidth and QoS requirements. To ensure that services run properly,
administrators must know the following tunnel information on the current network: number of tunnels,
tunnel types, path of each tunnel, tunnels with the protection function, and whether a tunnel switchover
occurs.
eSight MPLS Tunnel Manager automatically discovers MPLS TE tunnels (RSVP-TE signaling-based dynamic
tunnels and CR-Static signaling-based static tunnels) and LDP tunnels that have been deployed on the
network. It monitors the tunnels in real time and displays tunnel running status dynamically. In addition,
eSight MPLS Tunnel Manager monitors active-standby switchover and bypasses.
Features
When detecting that the active LSP is faulty, eSight MPLS Tunnel Manager performs an active-standby
eSight MPLS Tunnel Manager allows users to easily and efficiently configure tunnel policies switchover or bypasses the faulty LSP. All paths of the original tunnel before the switchover or bypass are
using a template. unavailable. The active-standby tunnel switchover status is displayed in the tunnel topology.
The smart conguration tool can be used to deliver tunnel policies in a batch, which reduces errors and
improves efciency.
When an LDP tunnel is faulty, all links in the tunnel topology are unavailable. Operating Environment
eSight MPLS Tunnel Manager is installed on the same server as eSight Unified Network Management
Platform standard or professional edition; therefore, the operating environment conguration requirements
are the same.
Deployment Scenarios
eSight MPLS Tunnel Manager works with MPLS VPN Manager to let users quickly locate
services affected by tunnel faults and check whether a service fault is caused by a tunnel
fault.
In the eSight MPLS VPN Manager service list, users can click Tunnel List to view tunnels that carry a VPN and
check whether a service fault is caused by a tunnel fault based on the tunnel status.
Ordering Information
In the eSight MPLS Tunnel Manager tunnel list, users can click View VPN to view VPNs carried on a tunnel
and learn which VPNs will be affected by a tunnel faul
Automatic Service Discovery, Simplifying User Operation
eSight IPSec VPN Manager automatically discovers all or specified IPSec VPN services on a hub-spoke or
site-to-site network. Users can view service alarm status, encrypted service data direction, and packet loss
information on the service topology. Users can also view tunnel information and historical information about
tunnel setup to help locate service faults.
Product Overview
Enterprises use the IPSec VPN network to carry service data, ensuring data security; however, IPSec VPN
technology is complex with multiple conguration parameters and commands, leading to troubleshooting Quick Diagnosis, Improving Troubleshooting Efficiency
and routine maintenance difculties. The quick diagnosis function allows users to find detailed causes for service faults, such as failure of
The eSight IPSec VPN management component automatically discovers IPSec VPN services on a hub-spoke activating services and VPN faults. The following information can be diagnosed: interface status at two ends,
or site-to-site network to provide all-round monitoring and diagnosis, facilitating troubleshooting and whether IPSec policies are applied to interfaces, whether the policies can initiate IPSec negotiation, IPSec
maintenance on the IPSec VPN network. policy integrity, Internet Key Exchange (IKE) negotiation result, and IPSec negotiation result. Users can export
diagnosis results.
Features
Various Statistics Display, Showing IPSec VPN Network Performance Status
Operating Environment
eSight IPSec VPN Manager is installed on the same server as eSight Unied Network Management Platform
standard or professional edition; therefore, the operating environment conguration requirements are the
same.
Deployment Scenarios
Currently, eSight supports two IPSec VPN networking scenarios: site-to-site VPN (point-to-point) and hub-
spoke VPN (point-to-multipoint).
Site-to-site VPN
A site-to-site VPN implements communication between LANs; therefore, it is also called LAN-to-LAN VPN or
gateway-to-gateway VPN. Typical networking is shown below:
PC PC
IPSec Tunnel
Headquarters Branch
Internet
Gateway A Gateway B
Server Server
Hub-spoke VPN
Hub-spoke VPN implements IPSec VPN communication between an enterprise headquarters and its multiple
branches. Typical networking is shown below:
Branch 1
Gateway B Product Overview
eSight Secure Center provides security policy management functions (such as unified configuration and
Headquarters
Gateway A
Internet deployment of security application policies on the entire network) for Huawei UTM, firewalls, and ARs,
helping users manage multiple security devices in a unied manner and reducing security O&M costs.
Features
Branch 2
PC eSight Secure Center supports the unified configuration of security application policies.
Gateway C
IPSec Tunnel eSight Secure Center centrally manages security application policies on multiple devices, including Huawei
UTMs, rewalls, and ARs. Users can congure device security application polices based on the user, user
group, and device.
Ordering Information
Item Quantity Remarks
eSight IPSec VPN Manager (includes 60 device licenses) 1 Mandatory. One license manages 60 devices.
eSight IPSec VPN License-Incremental 50 Device Licenses Optional One license manages 50 devices.
Trademark Notice
, HUAWEI, and are trademarks or registered trademarks of Huawei Technologies Co., Ltd.
Other trademarks, product, service and company names mentioned are the property of their respective owners.
General Disclaimer
The information in this document may contain predictive statements including,
without limitation, statements regarding the future financial and operating results,
future product portfolio, new technology, etc. There are a number of factors that
could cause actual results and developments to differ materially from those
expressed or implied in the predictive statements. Therefore, such information is
provided for reference purpose only and constitutes neither an offer nor an
acceptance. Huawei may change the information at any time without notice.