Controllers

Create/Edit controller: common settings

Only users with the Edit watches permission can save changes to controllers. Other admin users can see the edit panel but not change any details.

: Use to create a new controller in the current folder

Applicable to all controller types: Main tab

Status

Enabled or Disabled (red toggle), disabling a controller disables all associated devices and watches meaning Highlight stops collecting data.

Name

This is required and can contain a maximum of 100 characters.

Description

This is optional and can contain a maximum of 100 characters.

Alerting

Do not alert if controller uncontactable
Unchecked by default, checking this option means when this controller is uncontactable no alerts are sent for associated uplinks, tunnels, performance tests, switches or wireless access points. Note: When this is checked, the watch status card and the heat tile also do not change colour to amber or red.

Type

Options available below this field change for each supported vendor. Note: Type is set on creation and cannot be changed later.

Watch creation

Pending

Auto

Pending: Setting Watch creation to Pending on the controller sets this option to Pending on all discovered devices. Selecting this means any uplinks, tunnels, tests and switches on a device will NOT be created and are instead visible only on the Controllers Admin page. These will not gather data so cannot change the colour of a heat tile nor send an alert.
Auto: This is the default option. Selecting this means any uplinks, tunnels, tests and switches on a device will be created as enabled and start gathering data. These may change the colour of a heat tile and send an alert if a measurement is below threshold.

Find out more about Controller watch pending.

Auto create

Locations
Checked by default and, on save, automatically creates Highlight locations in the current folder based on location information in the controller, assigns each location an autodiscovered name and places discovered devices and watches in the correct location.

Locations
If unchecked, then on save, all discovered devices and watches are placed in a single default location in the current folder. This location has the autodiscovered name Devices - Controller name.

See SD-WAN locations section below for more details.

Applicable to all controller types: SD-WAN tab

Autodiscovery

Only available on edit, use to trigger a rediscovery of devices and features which may have changed on the SD-WAN network. Rediscovery normally happens every 15 minutes.

The button is disabled if

the controller is disabled
any settings on the panel have changed
recently clicked

Save any changes made.

Only available on edit, use to remove the controller from Highlight along with any previously autodiscovered locations, devices, watches and subwatches.

Discovery of watches, devices and locations can take up to 30 minutes to appear in Highlight. Any changes on the SD-WAN network, for example adding new locations/devices/watches, will also take up to 30 minutes to be synchronised to Highlight.

Changes made in SD-WAN dialogs are recorded in the Highlight Audit log.

SD-WAN locations

Autodiscovered name is auto-generated on creation of an SD-WAN controller. Autodiscovered name cannot be changed in Highlight. Autodiscovered names differ for supported vendors and use the following information:
- Cisco Meraki: Network name (these update if changed in the Meraki dashboard)
- Cisco Viptela: "Site " followed by the Site ID
- Fortinet: Device name
Location name initially matches the autodiscovered name but can be changed. The location name displays everywhere in Highlight instead of the autodiscovered name if it has been changed. Use to revert the location name to the autodiscovered name.

Create/Edit controller: Meraki

SD-WAN create or edit Meraki controller panel — Use this panel to create (left) or edit (right) a Cisco Meraki controller

API Key: This is required. The API key can be edited after creation.
: Available once an API key is entered and confirms the API endpoint is valid or shows if not. Contact your Meraki administrator to obtain your API key details and for any testing issues.
Organisation: This is required, use the Please select drop-down to retrieve a list of all available organisations. Select one and Highlight will discover devices and watches in that organisation only. Organisations are not shown in the list if their networks are inaccessible.
Note: the drop-down is shown in Create only. To select an alternative organisation once a controller has been saved, delete the controller and recreate it with the required organisation.
Discovered: X devices on Y networks. The number of SD-WAN devices/networks will auto-populate once an organisation is selected.

Dashboard

Display link

This is unchecked by default. If checked then a link icon is shown to the right of the Meraki logo at the top of the details page for any watches associated with this controller. When clicked, the device on the Meraki dashboard opens in a new tab. If not already logged in, users will need to enter their details.

Uplink bearers

None

API

SNMP

None: Do not discover any uplink bearers
API: This is the default and means Highlight determines the up/down status of uplinks via the API but traffic data is not available.
SNMP: This is an alternative option if your Meraki SD-WAN devices are accessible via SNMP. In addition to up/down status, traffic data is also available on the uplinks. To use SNMP, the agent needs to be able to reach the device by it's internet IP address.

If API or SNMP is selected, then, on save, Highlight automatically discovers and creates bearer watches for any active WAN interface in the location of the device. These options are only available when the controller is created and cannot be changed afterwards. The radio button is green on edit indicating it cannot be changed.

Meraki VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.

Set to Enabled to discover WiFi devices and access points

Switches Tab Meraki — Meraki: Switches tab

Set to Enabled to discover switch devices and switch watches

Create/Edit controller: Viptela

SD-WAN create or edit Viptela controller panel — Use this panel to create (left) or edit (right) a Cisco Viptela controller

Hostname: This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
: Ignore certificate errors
Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name: This is required and can contain a maximum of 50 characters.
Password: This is required and can contain a maximum of 50 characters.

SD-WAN Tab Viptela — Viptela: SD-WAN tab

Uplink bearers

None

API

With API selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.

Viptela VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.

Create/Edit controller: Fortinet

SD-WAN create or edit Fortinet controller panel — Use this panel to create (left) or edit (right) a Fortinet controller

Hostname: This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
: Ignore certificate errors
Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name: This is required and can contain a maximum of 50 characters.
Password: This is required and can contain a maximum of 50 characters.
Admin domain: This is required and can contain a maximum of 100 characters.

Note: The Highlight Agent will need to trust the certificate presented by the FortiManager.

SD-WAN Tab Fortinet — Fortinet: SD-WAN tab

Uplink bearers

None

WANs

With WANs selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.

Fortinet VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.