Once upon a time, network configuration management (NCM) was relatively basic and straightforward. Between Putty, some clever Perl scripts and a well-worn Trivial File Transfer Protocol server, a typical network administrator could get decent backup coverage.
But as networks became more complex and the consequences of delayed config restoration more serious, many administrators adopted automated solutions to ensure nightly backups of all their devices. They even picked up some unexpected advanced features in the process. With a decade of maturity, today's network configuration tools are far more than nightly backup bots; network engineers rely on them more than ever to ensure reliable network operation.
NCM is like brushing your teeth: Yes, kid, you have to
Most NCM products started with the same basic premise: Back up your configs every night. It's like brushing your teeth. Sure, you can jazz up the experience with sparkly blueberry paste and an ultrasonic toothbrush that costs more than a smartphone, but eventually any routine experience becomes tedious. Admins gave up on the nightly backup chore long ago and today's tools do significantly more than keep your configs backed up and fluoridated.
Modern configuration management tools take advantage of the huge repository of data they import over time. They can analyze configurations against security policy rules, report exceptions and provide remediation recommendations. Some include inventory management features that greatly simplify the chore of tracking what's plugged into which chassis. Sure, you could paint red and white stripes on the edges of the Flash cards in your routers, walk down the aisles and play "Where's Waldo?," but that's worse than having to floss. Searching your NCM for a serial number globally, or better, running a card inventory report is a welcome relief.
In this second generation of network configuration tools, they evolved into overall network change management platforms. They provide both ongoing daily reports and dashboards of how an organization's configuration data is changing over time. But they also have real-time detection and notification of changes made outside of change policy. They enable admins to safely delegate limited network changes, reducing human error and improving reliability.
The third wave: Advanced features by osmosis
The new generation of NCM products, perhaps even accidentally, has gained powerful, timesaving features that go well beyond traditional standalone configuration management. It's a natural outgrowth of platform cohabitation with NCM's best friend, network performance monitoring.
To that end, the latest generation of products includes advanced device discovery tools, syslog and trap management and alerting, multiregulatory compliance reporting, mapping, availability monitoring and more. Once extra add-ons, admins now expect these capabilities included out of the box. Years of domain expertise have also allowed vendors to include more subtle features like device End of Life reporting and multiple IP detection.
Learn more about NCM
Making the case for security configuration management
With businesses throwing everything they can think of onto networks today, investing in a full-featured configuration and performance management tool pays immediate dividends. When problems occur, especially trouble that's more challenging to diagnose than a down interface, tools that combine configuration and performance contexts can take the headache out of troubleshooting. If an alert on a default route change includes a link to a device dashboard view with both the config history and real-time route table data, it's much easier to identify a misbegotten change. Execute a quick diff file comparison against the previous running configs to identify the error, and make the fix from the GUI. After traffic is flowing again, check your Simple Network Management Protocol trap log to uncover the rogue tech, and plug blue serial cables into unseen faraway racks.
Network configuration tools were once reserved for only the most well-funded network teams in the largest networks. Now they're affordable and more powerful than ever. There's not much we can do to reduce the increasingly disproportionate macro-level traffic/complexity/criticality-to-admin-headcount ratio, but at least we have tools to keep our configuration house in order. Next, perhaps, someone will find a way to automate the nightly chore with the toothbrush.
About the author:
Patrick Hubbard is a head geek and senior technical product marketing manager at SolarWinds. With 20 years of technical expertise and IT customer perspective, his networking management experience includes working with campus, data center, storage networks, VoIP and virtualization with a focus on application and service delivery in both Fortune 500 companies and startups in high tech, transportation, financial services and telecom industries. He can be reached at Patrick.Hubbard@solarwinds.com.
This was first published in September 2013