Controllers

Create/Edit controller: common settings

Only users with the Edit watches permission can save changes to controllers. Other admin users can see the edit panel but not change any details.

: Use to create a new controller in the current folder

Applicable to all controller types: Main tab

Status

Enabled or Disabled (red toggle), disabling a controller disables all associated devices and watches meaning Highlight stops collecting data.

Type

Options available below this field change for each supported vendor. Note: Type is set on creation and cannot be changed later.

Name

This is required and can contain a maximum of 100 characters.

Description

This is optional and can contain a maximum of 100 characters.

Alerting

Do not alert if controller uncontactable
Unchecked by default, checking this option means when this controller is uncontactable no alerts are sent for associated uplinks, tunnels, performance tests, switches or wireless access points. Note: When this is checked, the watch status card and the heat tile also do not change colour to amber or red.

Watch creation

Pending

Auto

Pending: Setting Watch creation to Pending on the controller sets this option to Pending on all discovered devices. Selecting this means any uplinks, tunnels, tests and switches on a device will NOT be created and are instead visible only on the Controllers Admin page. These will not gather data so cannot change the colour of a heat tile nor send an alert.
Auto: This is the default option. Selecting this means any uplinks, tunnels, tests and switches on a device will be created as enabled and start gathering data. These may change the colour of a heat tile and send an alert if a measurement is below threshold.

Find out more about Controller watch pending.

Auto create

Locations
Checked by default and, on save, automatically creates Highlight locations in the current folder based on location information in the controller, assigns each location an autodiscovered name and places discovered devices and watches in the correct location.

Locations
If unchecked, then on save, all discovered devices and watches are placed in a single default location in the current folder. This location has the autodiscovered name Devices - Controller name.

See Controller locations section below for more details.

Applicable to all controller types on various tabs

Autodiscovery

Only available on edit, use to trigger a rediscovery of devices and features which may have changed on the SD-WAN network. Rediscovery normally happens every 15 minutes.

The button is disabled if

the controller is disabled
any settings on the panel have changed
recently clicked

Save any changes made.

Only available on edit, use to remove the controller from Highlight along with any previously autodiscovered locations, devices, watches and subwatches.

Discovery of watches, devices and locations can take up to 30 minutes to appear in Highlight. Any changes on the SD-WAN network, for example adding new locations/devices/watches, will also take up to 30 minutes to be synchronised to Highlight.

Changes made in SD-WAN dialogs are recorded in the Highlight Audit log.

Controller locations

Autodiscovered name is auto-generated on creation of a controller. Autodiscovered name cannot be changed in Highlight. Autodiscovered names differ for supported vendors and use the following information:
- Cisco Meraki: Network name (these update if changed in the Meraki dashboard)
- Cisco Thousand Eyes: API "countryId" tag on the device
- Cisco Catalyst: "Site " followed by the Site ID
- Fortinet: Device name
Location name initially matches the autodiscovered name but can be changed. The location name displays everywhere in Highlight instead of the autodiscovered name if it has been changed. Use to revert the location name to the autodiscovered name.

SD-WAN location — Location name is shown throughout Highlight if different from the autodiscovered name

Create/Edit controller: Cisco Meraki

SD-WAN create or edit Meraki controller panel — Use this panel to create (left) or edit (right) a Cisco Meraki controller

API Key: This is required. The API key can be edited after creation.
: Available once an API key is entered and confirms the API endpoint is valid or shows if not. Contact your Meraki administrator to obtain your API key details and for any testing issues.
Organisation: This is required, use the Please select drop-down to retrieve a list of all available organisations. Select one and Highlight will discover devices and watches in that organisation only. Organisations are not shown in the list if their networks are inaccessible.
Note: the drop-down is shown in Create only. To select an alternative organisation once a controller has been saved, delete the controller and recreate it with the required organisation.
Discovered: X devices on Y networks. The number of SD-WAN devices/networks will auto-populate once an organisation is selected.

Dashboard

Display link

This is unchecked by default. If checked then a link icon is shown to the right of the Meraki logo at the top of the details page for any watches associated with this controller. When clicked, the device on the Meraki dashboard opens in a new tab. If not already logged in, users will need to enter their details.

Note the following on discovery of Cisco Meraki SD-WAN:

Interface or Device	Status in Meraki	Highlight action on discovery
Device	Dormant	Highlight won't discover any watches on a device with status dormant.
Interface	Down, Failed or Disconnected	If watch creation is set to Pending, then Highlight discovers these watches in a pending state. Previously, there was no way to create a watch on a temporarily down interface.
Interface	Ready	The watch is created with the Dormant flag set in Highlight, contact us to disable this option.

Uplink bearers

None

Enabled

Enabled with perf tests

None: Do not discover any uplink bearers
Enabled: This is the default and means Highlight determines the up/down status of uplinks via the API
Enabled with perf tests: If selected then, on save, Highlight automatically discovers and creates uplinks in the location of the device as subwatches to the associated device and any connectivity performance tests are subwatches of their parent uplink.

If either Enabled option is selected, then, on save, Highlight automatically discovers and creates bearer watches for any active WAN interface in the location of the device.

Meraki VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after uplinks, tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new uplinks, tunnels or tests will be discovered.

Cellular Tab Meraki — Meraki: Cellular tab

Set to Enabled to discover Cellular devices and cellular watches

Set to Enabled with Cellular Clarity to discover Cellular devices and cellular watches with Cellular Clarity enabled

Set to Enabled to discover WiFi devices and access points

Switches Tab Meraki — Meraki: Switches tab

Set to Enabled to discover switch devices and switch watches

Create/Edit controller: Cisco Thousand Eyes

SD-WAN create or edit Thousand Eyes controller panel — Use this panel to create (left) or edit (right) a Thousand Eyes controller

API Key: This is required. The API key can be edited after creation.
: Available once an API key is entered and confirms the API endpoint is valid or shows if not. Contact your Meraki administrator to obtain your API key details and for any testing issues.
Account Group: This is required, use the Please select drop-down to retrieve a list of all available account groups Select one and Highlight will discover devices and watches in that account group only. Account groups are not shown in the list if their networks are inaccessible.
Note: the drop-down is shown in Create only. To select an alternative account group once a controller has been saved, delete the controller and recreate it with the required account group.
Discovered: X devices on Y networks. The number of devices/networks will auto-populate once an account group is selected.

Highlight only discovers the Performance Agent if Highlight supported tests exist. Tests currently supported are ICMP Ping and HTTP Server tests.

Dashboard

Display link

This is unchecked by default. If checked then a link icon is shown to the right of the Thousand Eyes logo at the top of the details page for any watches associated with this controller. When clicked, the device on the Thousand Eyes dashboard opens in a new tab. If not already logged in, users will need to enter their details.

Thousand Eyes Performance chart test name as a link — Thousand Eyes: Performance chart test name as a link

As shown in the image above, when Display link is checked, then the name of each performance test on the performance agent details page is also a link to that test in the Thousand Eyes dashboard.

Tests Tab Thousand Eyes — Thousand Eyes: Tests tab

ICMP Ping: None
Enabled
HTTP Server: None
Enabled
With Enabled selected then on save, Highlight automatically discovers and creates the selected test watches in the location of the device.

Create/Edit controller: Cisco Catalyst

SD-WAN create or edit Viptela controller panel — Use this panel to create (left) or edit (right) a Cisco Catalyst controller

Hostname: This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
: Ignore certificate errors
Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name: This is required and can contain a maximum of 50 characters.
Password: This is required and can contain a maximum of 50 characters.

SD-WAN Tab Viptela — Cisco Catalyst: SD-WAN tab

Uplink bearers

None

API

With API selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.
If watch creation is set to Pending, then interfaces which are down, failed or disconnected are discovered in the pending state. If these watches are later enabled, they show as red in Highlight.

Cisco Catalyst VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.

Create/Edit controller: Fortinet

SD-WAN create or edit Fortinet controller panel — Use this panel to create (left) or edit (right) a Fortinet controller

Hostname: This is required, can contain a maximum of 200 characters and either an IP address or DNS name. Optionally a port can be specified after a colon, otherwise, the default communication will be attempted on port 443.
: Ignore certificate errors
Unchecked by default, checking this option disables all certificate validation. This is a security risk and not advised.
User Name: This is required and can contain a maximum of 50 characters.
Password: This is required and can contain a maximum of 50 characters.
Admin domain: This is required and can contain a maximum of 100 characters.

Note: The Highlight Agent will need to trust the certificate presented by the FortiManager.

SD-WAN Tab Fortinet — Fortinet: SD-WAN tab

Uplink bearers

None

WANs

With WANs selected then on save, Highlight automatically discovers and creates devices and bearer watches in the location of the device.
If watch creation is set to Pending, then interfaces which are down, failed or disconnected are discovered in the pending state. If these watches are later enabled, they show as red in Highlight.

Fortinet VPN peer

None

Tunnels

Tunnels with perf tests

None: Do not discover any tunnels or performance tests
Tunnels: Discover tunnels only
Tunnels with perf tests: This is the default and, if selected then, on save, Highlight automatically discovers and creates tunnels in the location of the device as subwatches to the associated device and any performance tests are subwatches of their parent tunnel.

Note: If changed to None after tunnels and performance tests have been discovered, these will continue to work and can be manually disabled if needed. No new tunnels or tests will be discovered.