Only users with the Edit watches permission can save changes to controllers. Other admin users can see the edit panel but not change any details.
Use to create a new controller in the current folder
Applicable to all controller types: Main tab
Status
Enabled or Disabled (red toggle), disabling a controller disables all associated devices and watches meaning Highlight stops collecting data.
Name
This is required and can contain a maximum of 100 characters.
Description
This is optional and can contain a maximum of 100 characters.
Alerting
Do not alert if controller uncontactable Unchecked by default, checking this option means when this controller is uncontactable no alerts are sent for associated uplinks, tunnels, performance tests, switches or wireless access points. Note: When this is checked, the watch status card and the heat tile also do not change colour to amber or red.
Type
Options available below this field change for each supported vendor. Note: Type is set on creation and cannot be changed later.
Watch creation
Pending
Auto
Pending
Setting Watch creation to Pending on the controller sets this option to Pending on all discovered devices. Selecting this means any uplinks, tunnels, tests and switches on a device will NOT be created and are instead visible only on the Controllers Admin page. These will not gather data so cannot change the colour of a heat tile nor send an alert.
Auto
This is the default option. Selecting this means any uplinks, tunnels, tests and switches on a device will be created as enabled and start gathering data. These may change the colour of a heat tile and send an alert if a measurement is below threshold.
Locations Checked by default and, on save, automatically creates Highlight locations in the current folder based on location information in the controller, assigns each location an autodiscovered name and places discovered devices and watches in the correct location.
Locations If unchecked, then on save, all discovered devices and watches are placed in a single default location in the current folder. This location has the autodiscovered name Devices - Controller name.
See SD-WAN locations section below for more details.
Applicable to all controller types: SD-WAN tab
Autodiscovery
Only available on edit, use to trigger a rediscovery of devices and features which may have changed on the SD-WAN network. Rediscovery normally happens every 15 minutes.
The button is disabled if
the controller is disabled
any settings on the panel have changed
recently clicked
Save any changes made.
Only available on edit, use to remove the controller from Highlight along with any previously autodiscovered locations, devices, watches and subwatches.
Discovery of watches, devices and locations can take up to 30 minutes to appear in Highlight. Any changes on the SD-WAN network, for example adding new locations/devices/watches, will also take up to 30 minutes to be synchronised to Highlight.
Autodiscovered name is auto-generated on creation of an SD-WAN controller. Autodiscovered name cannot be changed in Highlight. Autodiscovered names differ for supported vendors and use the following information:
Cisco Meraki: Network name (these update if changed in the Meraki dashboard)
Cisco Viptela: "Site " followed by the Site ID
Fortinet: Device name
Location name initially matches the autodiscovered name but can be changed. The location name displays everywhere in Highlight instead of the autodiscovered name if it has been changed. Use to revert the location name to the autodiscovered name.
Location name is shown throughout Highlight if different from the autodiscovered name
Create/Edit controller: Meraki
Use this panel to create (left) or edit (right) a Cisco Meraki controller
API Key
This is required. The API key can be edited after creation.
Available once an API key is entered and confirms the API endpoint is valid or shows if not. Contact your Meraki administrator to obtain your API key details and for any testing issues.
Organisation
This is required, use the Please select drop-down to retrieve a list of all available organisations. Select one and Highlight will discover devices and watches in that organisation only. Organisations are not shown in the list if their networks are inaccessible. Note: the drop-down is shown in Create only. To select an alternative organisation once a controller has been saved, delete the controller and recreate it with the required organisation.
Discovered
X devices on Y networks. The number of SD-WAN devices/networks will auto-populate once an organisation is selected.
When enabled with the Display link checkbox, you can link from the watch details page to the device on the Meraki dashboard
Dashboard
Display link
This is unchecked by default. If checked then a link icon is shown to the right of the Meraki logo at the top of the details page for any watches associated with this controller. When clicked, the device on the Meraki dashboard opens in a new tab. If not already logged in, users will need to enter their details.
Meraki: SD-WAN tab
Uplink bearers
None
API
SNMP
None
Do not discover any uplink bearers
API
This is the default and means Highlight determines the up/down status of uplinks via the API but traffic data is not available.
SNMP
This is an alternative option if your Meraki SD-WAN devices are accessible via SNMP. In addition to up/down status, traffic data is also available on the uplinks. To use SNMP, the agent needs to be able to reach the device by it's internet IP address.
If API or SNMP is selected, then, on save, Highlight automatically discovers and creates bearer watches for any active WAN interface in the location of the device. These options are only available when the controller is created and cannot be changed afterwards. The radio button is green on edit indicating it cannot be changed.
Meraki VPN peer
None
Tunnels
Tunnels with perf tests
None
Do not discover any tunnels or performance tests
Tunnels
Discover tunnels only
Tunnels with perf tests
This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.
Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.
Meraki: WiFi tab
Set to Enabled to discover WiFi devices and access points
Meraki: Switches tab
Set to Enabled to discover switch devices and switch watches
Create/Edit controller: Viptela
Use this panel to create (left) or edit (right) a Cisco Viptela controller
Hostname
This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
Ignore certificate errors Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name
This is required and can contain a maximum of 50 characters.
Password
This is required and can contain a maximum of 50 characters.
Viptela: SD-WAN tab
Uplink bearers
None
API
With API selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.
Viptela VPN peer
None
Tunnels
Tunnels with perf tests
None
Do not discover any tunnels or performance tests
Tunnels
Discover tunnels only
Tunnels with perf tests
This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.
Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.
Create/Edit controller: Fortinet
Use this panel to create (left) or edit (right) a Fortinet controller
Hostname
This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
Ignore certificate errors Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name
This is required and can contain a maximum of 50 characters.
Password
This is required and can contain a maximum of 50 characters.
Admin domain
This is required and can contain a maximum of 100 characters.
Note: The Highlight Agent will need to trust the certificate presented by the FortiManager.
Fortinet: SD-WAN tab
Uplink bearers
None
WANs
With WANs selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.
Fortinet VPN peer
None
Tunnels
Tunnels with perf tests
None
Do not discover any tunnels or performance tests
Tunnels
Discover tunnels only
Tunnels with perf tests
This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.
Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.