MG-SOFT NETCONF Browser Professional Edition
Main features
MG-SOFT NetConf Browser Professional Edition is powerful and user-friendly NETCONF, RESTCONF and gNMI client application that lets you retrieve, modify, install and delete the configuration of any network device that supports NETCONF, RESTCONF or gNMI protocol.
The following is a brief list of the main features in MG-SOFT NETCONF Browser Professional Edition.
Complete support for NETCONF protocol NetConf Browser is an application with a modern and intuitive graphical user interface (GUI) that lets you select commands for performing all operations defined by the NETCONF specification (RFC 6241, RFC 4741). The user interface lets you, for example, select the desired node in the YANG tree and choose the corresponding <get> or <get-config> command from the context menu to easily retrieve the value of the respective leaf, leaf-list or list data node instances or entire subtrees from the selected datastore in the remote NETCONF device. Furthermore, NetConf Browser GUI contains dedicated toolbar buttons, dialog boxes, windows and commands that let you quickly and effectively perform other NETCONF operations, such as <edit-config>,<copy-config>, <delete-config>, <lock>, <unlock>, etc. (screen shot). The software presents retrived data both in textual manner (e.g., XML) and in graphical manner (data tree) and one can switch between these views at any time. | |
Full support for Network Management Datastore Architecture (NMDA)
(RFC 8342)
MG-SOFT NetConf Browser supports all datastores specified in NMDA: operational, conventional (startup, running, candidate, intended), and dynamic datastores. The software can also automatically discover datastores supported by the NMDA server, download the YANG modules belonging to each datastore, and visualize the supported datastores in separate tabs in the YANG Tree panel, e.g., conventional, operational, etc. (screen shot). You can click the tabs in the YANG Tree panel to switch between different datastores, expand the YANG tree in each datastore separately and select relevant NETCONF operations from the context menu. NetConf Browser supports NMDA-specific <get-data> and <edit-data> operations, as well as augments to <lock>, <unlock> and <validate> operations, as specified in RFC 8526 (screen shot). | |
Complete support for RESTCONF protocol NetConf Browser implements full support for the RESTCONF protocol (RFC 8040) with both, XML and JSON data encoding. The application user interface, data validation procedures and message payload composition feature have all been extended to transparently support also RESTCONF in addition to the NETCONF protocol. NetConf Browser lets you use all standard RESTCONF HTTP methods, like GET (screen shot), POST, PUT, PATCH, DELETE, etc., invoke proprietary operations and actions, and allows receiving event notifications via RESTCONF. The software incorporates YANG-based auto-complete mechanism for composing the RESTCONF URIs (screen shot), as well as fully fledged auto-completion feature when writing RESTCONF message payloads in XML and JSON format (screen shot). NetConf Browser supports also RESTCONF extensions for NMDA, as specified in RFC 8527, including the NMDA datastore resources ({+restconf}/ds/ | |
Complete support for gNMI protocol MG-SOFT NetConf Browser incorporates full support for the gRPC Network Management Interface (gNMI) protocol (specification). The software can establish a connection to any gNMI device in the network and discover the gNMI version, YANG models, and encodings it supports by means of the Capabilities RPC. Supported are also Get (screen shot), Set and Subscribe RPC operations used for retrieving and modifying device configuration and for subscribing to telemetry streams, respectively. NetConf Browser supports all 3 types of gNMI subscriptions: Once, Poll and Stream (on-change and sampled) (screen shot) and allows receiving of telemetry data from servers by means of gNMI notifications (screen shot). NetConf Browser provides an intuitive user interface for choosing gNMI operations/RPCs, specifying paths using YANG-based auto-complete feature, setting other RPC options and sending gNMI messages to targets. Furthermore, one can also automatically generate gNMI Set request content from YANG (screen shot). | |
NETCONF version 1.1 and 1.0 over SSH The software provides full support for the NETCONF v1.1 over SSH specification (RFC 6241, RFC 6242), as well as for NETCONF v1.0 (RFC 4741, RFC 4742) for backward compatibility reasons. NetConf Browser lets you perform any NETCONF operation against the connected NETCONF server. Even if the operation is not actually available through the application's GUI, it can be issued manually by typing the appropriate XML command and sending it to the NETCONF server (screen shot). | |
NETCONF over TLS and SSH with public key authentication MG-SOFT NetConf Browser supports NETCONF over TLS (Transport Layer Security) protocol version 1.2 (RFC 7589, RFC 5539 for backward compatibility) employing the public key authentication mechanism (screen shot). In addition to TLS, NetConf Browser supports the public key authentication also with SSH2 transport protocol (screen shot). The built-in certificate manager tool lets you generate and manage digital certificates used for securing NETCONF over TLS and NETCONF over SSH with key-based authentication sessions, as well as for RESTCONF and gNMI over TLS connections. This easy-to-use tool allows you to generate new public and private key pairs wrapped in X.509 certificates in a wizard-driven fashion, quickly import certificates from external keystore files, generate certificate signing requests, export certificates, manage trusted CA certificates, etc. (screen shot). | |
Support for RESTCONF over HTTPS connections The NetConf Browser connecting capabilities have been extended to enable connecting to RESTCONF devices via the HTTP over TLS (HTTPS), using the TLS public key infrastructure (X.509 certificates) for authenticating both server and client. In addition to TLS authentication, the HTTP client authentication is also available featuring the basic and digest authentication scheme (screen shot). Besides the regular, client-initiated RESTCONF connections, RESTCONF Call Home connections that are initiated by servers are also supported. After establishing a RESTCONF session with a server, NetConf Browser automatically discovers the RESTCONF server root resource, server capabilities, data-model- specific RPC operations, event streams, and yang-library data (incl. NMDA datastores and associated modules). The software can automatically download YANG modules from the RESTCONF server and load them so one can immediately start managing the given device. | |
NETCONF Call Home and RESTCONF Call Home MG-SOFT NetConf Browser supports NETCONF Call Home over SSH and TLS, as well as RESTCONF Call Home connections over HTTPS (RFC 8071). Call Home is a method where a server is the peer that initiates a secure connection to a NETCONF/RESTCONF client (i.e., NetConf Browser). The Call Home connection method is useful in many scenarios, for example, when server devices are deployed behind a firewall and/or NAT that does not allow management access to the internal network, etc. (screen shot). | |
Support for gNMI connections over TLS and without TLS The NetConf Browser connection capabilities have been extended to enable connecting to gNMI devices via the HTTP/2 over TLS, using the public key infrastructure (X.509 certificates) for authentication and data encryption. The software supports JSON, JSON_IETF and PROTO encodings of structured data in gNMI protocol. In addition to the standard gNMI mode secured by TLS, NetConf Browser supports also insecure mode that does not involve TLS protocol and associated X.509 certificates. The latter can be used in secure environments, e.g., for testing purposes (screen shot). After establishing gNMI session with a device, NetConf Browser automatically discovers the gNMI version, YANG models, and supported encodings of the device. The software can also be configured to automatically load YANG modules so one can immediately start managing the given device. | |
Device profiles for straightforward management of network devices The software lets you configure and use profiles for managing different NETCONF, RESTCONF and gNMI-enabled devices (servers). A device profile contains parameters that describe a particular device, i.e., the device address, description, device data model (e.g., supported YANG modules) and connection type and details, optionally including user credentials (screen shot). This principle lets you configure device settings only once for each device and then re-use these settings by simply switching to the relevant device profile when you wish to manage a particular device. By default, when you switch to a device profile in NetConf Browser, the software automatically connects to the respective device and loads the relevant YANG modules, so you can start quickly managing that device using the data model, datastores, capabilities and features it supports. NetConf Browser can automatically discover the datastores supported by an NMDA device, and download the YANG modules belonging to each datastore - if device supports this (screen shot). A device profile can also be configured to load the data model from the local repository of known modules (e.g., for non-NMDA and gNMI devices). | |
Load and browse YANG and YIN modules MG-SOFT NetConf Browser lets you load any set of valid YANG 1.1 and YANG 1 modules (as well as YIN 1.1. and YIN 1 modules) and display their contents in a visual manner, where module elements are represented in a hierarchical tree structure, containing nodes on which NETCONF/RESTCONF/gNMI operations can be invoked. NetConf Browser also checks the syntax and semantics of every YANG module it loads. The hierarchy of YANG statements may be easily explored and full details about each node can be examined in the YANG Node Properties window. The software expands the YANG statement tree defined in the modules into an actual schema tree. This means that all uses statements are replaced with appropriate grouping contents and augment targets actually contain the augmented nodes (screen shot). | |
NETCONF Content Editor and Validator supporting NETCONF and RESTCONF protocol The advanced NETCONF Content Editor tool allows you to easily compose any type of NETCONF XML or RESTCONF XML or JSON instance document and validate it by using information from relevant YANG modules. The tool contains templates for composing typical NETCONF document types, like RPC requests, in particular <edit-config> and <edit-data> requests, entire configuration datastores, notifications, etc. It also integrates a RESTCONF toolbar that provides an easy way to select the desired RESTCONF method (GET, POST, PATCH, etc.) and to create a target resource URI using the resource auto-completion feature. In this tool you can edit a NETCONF or RESTCONF message payload either in:
In addition, the Visual editor lets you generate the content of a NETCONF or RESTCONF operation or document (e.g., edit-config, custom rpc/action, rpc-reply, notification, entire datastore, etc.) based on the YANG data model. One can generate the content automatically at any level, e.g., at the document root node, at filter node, or at any container or list node to create a certain subtree of data (screen shot).
By default, the tool automatically validates the content you are editing and displays an easy-to-understand error or warning message if any inconsistency is detected.
This way, you can quickly fix all syntax and semantic inconsistencies and send a valid XML or JSON message to the connected server, e.g., to modify its configuration or perform any other NETCONF/RESTCONF operation
(screen shot). The built-in message history log records all NETCONF/RESTCONF messages sent from the Editor and responses received from the connected device, allowing you to immediately view if a particular operation succeeded or resulted in error. In addition, this feature enables you to keep track of the message history, edit and re-send selected messages, copy messages to the clipboard, etc. (screen shot). | |
"sx:structure" and "rc:yang-data" based instance document validation NETCONF Content Editor now supports validating XML instance documents that utilize two standard YANG extensions - "sx:structure" (RFC 8791) and "rc:yang-data" (RFC 8040). These extensions are used to model arbitrary data that is not part of a YANG datastore. | |
The Command Quicklist panel for increased productivity
After sending any NETCONF, RESTCONF or gNMI message from NetConf Browser, you can save the message to the Command Quicklist panel for later use. You can name the message/command arbitrarily to quickly find and re-use it at any time later (also after a program restart). The Command Quicklist panel is accessible in the main window and contains a list of saved messages and a search tool that lets you quickly find the relevant messages and edit or re-send them. This way, you can create a list of important or frequently used commands/messages for ease of access and greater productivity (screen shot). | |
Compare configurations side-by-side (Diff View) The software lets you easily compare configurations of two different network devices or two different configuration datastores on one device. The retrieved (parts of) configurations are displayed side-by-side in the Diff View window (screen shot). Both, graphical comparison (tree view) and textual configuration comparison (XML view) are supported (except for gNMI). The Diff View window lets you easily find all mismatching nodes and allows you to filter the comparison view, e.g., to show only the matching nodes, only orphaned nodes, or only mismatching nodes in both configurations. In addition, the Diff View window can either present the elements of the compared configurations in the same order as returned by the queried server(s), or it can re-order the XML elements to find the best matches and compare them side-by-side. Furthermore, when using NETCONF or RESTCONF protocol, you can switch between the graphical (tree view) and textual (XML) comparison mode at any time (screen shot). | |
Generating configuration from YANG model (NETCONF, RESTCONF and gNMI) MG-SOFT NetConf Browser lets you select, e.g., a subtree node in the YANG tree and generate the payload (XML) of a NETCONF <edit-config>/<edit-data> request or the payload (XML or JSON) of a RESTCONF PUT/PATCH request, respectively (screen shot). Similarly, the software can generate the payload for gNMI Set request from YANG data model (screen shot). The generated configuration content includes at least one instance of all config=true data nodes (leaf, leaf-list, list, container, anyxml, etc.) from the given subtree. The generated leaf and leaf-list elements have dummy, yet predominantly valid values that can be easily edited as desired before sending the content to the server. This powerful feature allows you to quickly and easily create a (part of) configuration from scratch (screen shot). | |
Embedded NETCONF scripting with full NMDA support MG-SOFT NetConf Browser includes the Scripting Console window in which you can open, create, edit and run Python scripts (.py) to perform arbitrary NETCONF operations (incl. NMDA-specific operations) against remote NETCONF servers in an automated manner. The Scripting Console supports performing all standard and proprietary NETCONF RPC operations from Python code (get, get-config, edit-config, get-data, edit-data, lock, unlock, commit, confirmed-commit, get-schema, create-subscription, receive notifications, etc.). The software comes with a set of example Python scripts that illustrate how to utilize the built-in MG-SOFT NETCONF Script API (mgncstack) in order to connect to remote NETCONF devices and perform arbitrary NETCONF operations against them in an automated manner. Furthermore, the Scripting Console includes the multi-tabbed text editor with Python syntax coloring. It lets you open and edit multiple scripts, each in its own tab (upper panel). The multi-tabbed Output Console panel (lower panel) displays the output of executed scripts and the current status of scripts (running, finished, paused, ...). In addition, NetConf Browser lets you configure various settings for executing each script, like automatic repetition (loop), redirection of output to file, prompting user for input parameters, etc. All in all, the software enables performing fully automated tasks, like testing, configuring, and monitoring of of NMDA and non-NMDA NETCONF devices by using the popular and versatile Python language (screen shot). | |
Support for YANG Library
(RFC 7895, RFC 8525) MG-SOFT NetConf Browser supports the standard YANG library 1.0 and 1.1 mechanisms that enable it to identify and retrieve all YANG modules implemented by a NETCONF or RESTCONF server supporting this capability. The software can automatically download YANG modules and submodules from a NETCONF/RESTCONF server. In case of an NMDA-compliant device, NetConf Browser can automatically discover all datastores supported by the device that implements YANG Library 1.1 (RFC 8525), download the YANG modules belonging to each datastore, and visualize supported datastores in separate tabs in the YANG Tree panel. The software supports also the NETCONF <get-schema> operation (RFC 6022) for downloading YANG modules from NETCONF servers. Retrieved modules are automatically loaded and cached as a part of the device profile used for managing a particular device (screen shot). NetConf Browser compares the local cache with the YANG library data on the device and lets you retrieve a newer set of YANG modules when available (screen shot). | |
Resolve YANG module dependencies NetConf Browser automatically scans all new YANG and YIN modules for dependencies (imported and included modules) and lets you scan user-specified locations for the matching modules. The entire information about the "registered" modules and submodules is stored in a single place and can be viewed in the Known Modules window. The latter also enables loading modules that have many dependencies with a single click of a button, as well as keeping and loading different revisions of the same modules (screen shot). | |
Complete YANG 1.1 and YANG 1 Validation NetConf Browser checks the validity of all YANG and YIN modules it loads. In addition to the syntax checking, it also checks the semantics of YANG and YIN modules. The built-in YANG validation engine has been extended to fully support all YANG 1.1 syntax and semantics (besides YANG 1), including the new statements ('action', 'anydata'), new 'XPath' functions, modified rules for 'notifications', changed lexical rules and the new submodule scoping rules, to name some of the more important changes in YANG 1.1. Furthermore, MG-SOFT NetConf Browser goes beyond the 'standard' YANG validation offered by other products on the market and performs a complete validation of XPath expression syntax and semantics in YANG 'must' and 'when' statements (screen shot). | |
Support for NETCONF <commit> and <discard-changes> operations Users can quickly perform the NETCONF <commit> and <discard-changes> operations by using the main menu or the respective buttons in the application's toolbar (screen shot). | |
Support for NETCONF <confirmed-commit> and <cancel-commit> operations The software lets you easily perform the NETCONF <confirmed-commit> and <cancel-commit> operations by using the dedicated dialog boxes. The application allows you to quickly start a new <confirmed-commit> operation and prolong or commit an existing one (screen shot). | |
Support for NETCONF <get-schema> operation NetConf Browser supports the NETCONF <get-schema> operation (RFC 6022) that lets you download schema definitions (e.g., YANG and YIN modules) from remote NETCONF servers (screen shot). | |
Complete session history overview The Session History tab in the main window contains a chronologically sorted list of all NETCONF, RESTCONF and gNMI sessions and messages exchanged within these sessions. This feature allows you to quickly navigate though messages that were sent and received by NetConf Browser. Messages are presented as formatted XML or JSON documents with syntax coloring. Depending on its type, a message may be copied, reused or edited. You can resend NETCONF and RESTCONF messages or edit/check them in the NETCONF Content Editor by simply choosing the corresponding command from the context menu (screen shot). | |
Support for receiving event notifications via NETCONF and RESTCONF (RFC 5277) If a NETCONF/RESTCONF server supports the :notification:1.0 capability, you can use NetConf Browser to subscribe to and receive asynchronous event notifications from it (as specified in RFC 5277). Subscriptions are created by means of the "create-subscription" operation. Received notifications may be viewed and managed in the Notifications window, which can be either docked to the main window or displayed as a standalone window (screen shot) (screen shot). | |
Support for modern notification subscriptions and YANG Push
(RFC 8639 - RFC 8641) Besides the original NETCONF event reporting mechanism defined in RFC 5277, NetConf Browser fully supports also the modern notification subscription model defined in RFC 8639 - RFC 8641 and referred to as "YANG Push". The software lets you establish multiple dynamic and configured subscriptions to either event streams or datastore push updates on a server. Dynamic subscriptions are created by means of the "establish-subscription" operation. The subscribed information is then sent to NetConf Browser by means of the NETCONF or RESTCONF notifications, as specified in RFC 8640 and RFC 8650, respectively. In addition to event notifications, NetConf Browser supports receiving also periodic and on-change datastore push notifications that enable streaming of YANG-modeled data from server to client. NetConf Browser displays all subscriptions and all received notifications in the Notifications window, which enables effective notification monitoring, filtering and subscription management in one place (screen shot). One can view the type (dynamic, configured, or RFC5277) and state (active, suspended, terminated) of every subscription, as well as the ID and all other details of a subscription (e.g., filter, replay parameters, stop-time, etc.) (screen shot). The context menu allows you to easily terminate an active subscription or edit its parameters to modify subscription according to your preferences (screen shot). | |
Monitoring YANG Push and gNMI telemetry updates in graphical form
YANG Push mechanism enables streaming of subscribed datastore contents from server to client by means of push notifications, e.g., via NETCONF and RESTCONF protocol. Similarly, gNMI Subscribe mechanism enables streaming of configuration and state data from server to client by means of gNMI notifications. NetConf Browser can receive such server-sent notifications and maintain a corresponding image of reported datastore contents on the client side, without polling. NetConf Browser lets you take any active periodic or on-change push/stream subscription and start monitoring the reported datastore contents in graphical manner (screen shot). Datastore content is depicted in form of a data tree, containing nodes with respective icons (e.g., container, list, leaf, etc.), node names and node values in parentheses. Updates included in the received notifications are visible in the tree immediately, allowing you to keep track of the subscribed datastore contents at all times (screen shot). | |
Support for invoking proprietary RPC operations and actions (NETCONF and RESTCONF) NetConf Browser lets you select an rpc or action node type in the YANG tree and choose a command that opens the NETCONF Content Editor window and generates the corresponding RPC (NETCONF) or POST (RESTCONF) request containing all required input elements (as defined in YANG). After reviewing or editing the auto-generated operation or action content (e.g., modifying input elements), you can send it to the server with a single click of a button. This feature is particularly useful for managing proprietary NETCONF and RESTCONF devices (screen shot). | |
Session keep-alive and auto-reconnect after connection loss NetConf Browser can send periodic queries (which have minimal impact on server performance) to the server when a NETCONF session is idle. This feature aims to keep a session persistently 'alive' and detect if a connection gets broken for whatever reason. In the latter case, the software can automatically attempt to re-establish a broken connection. Both options are configurable on a per-connection basis (screen shot). | |
Dark and light theme In addition to the classic (light theme), the application graphical user interface features also dark theme using darker color tones. Dark theme offers a modern look and feel and may reduce eyestrain, especially in lower lit environments. One can switch between the dark and classic (light) mode at any time in the program preferences (screen shot 1), (screen shot 2). | |
Support for HiDPI displays NetConf Browser GUI has been revised to properly support large font sizes in order to make the application text easily readable also on modern high pixel density displays (e.g., 4K/UHD), especially when used with Java 9 or later, which properly supports HiDPI. The latter means that with Java 9+ the application windows, graphics, and text are scaled automatically according to the system settings, which makes NetConf Browser perfectly usable also with modern HiDPI displays. | |
Runs on all Java(TM) 8+ enabled platforms MG-SOFT NETCONF Browser Professional Edition has been designed and developed in Java and as such it runs on every OS that has installed Java runtime environment (V8 or later), for example, on Windows, Linux, and macOS operating systems (screen shot). |