Basic Configuration Management Strategy

According to Enterprise Management Associates, approximately 70% of network issues are caused by configuration issues, such as typos, inability to track changes, deploying inconsistent or non-standardized configurations. Unless you implement a strategy to avoid such issues, network issues will occur more frequently, especially when device configs aren't backed up, rollbacks are not an option, and change tracking is not in place.

If you are new to managing networks, one topic that you should explore is how to increase network availability by using configuration management. There are several affordable configuration management tools on the market that can help automate the process.  A basic Configuration Management strategy would consist of three options.

Change notification-

Employing a tool that tells you when something has changed and by whom will eliminate the blame game. When network engineer's use Telnet or SSH to make changes to a remote device, you need to know. Having a notification process in place allows you to rollback the change if necessary. Some tools, such as NCM, will provide before and after config change details that can tell you who and or why the change was made, and in what context. NCM also allows you to schedule these change notifications be setup as real time change detection based on syslog traps.

Bulk changes

Use a tool that contains a bulk change mechanism. This helps eliminate CLI typos, which all humans are susceptible to making. When making bulk changes to many devices, logging is crucial. With NCM, all the commands are recorded so you can determine what went wrong when troubleshooting.

Best practices suggest you schedule the bulk changes during off hours, which is nice because you don't have to be stuck there doing it. NCM allows you to run changes on the fly as well. For example, you can make changes only to specific devices that contain a certain IOS version.

Inventory management

Do you know what devices you have out in the field? Sometimes users at remote sites may buy their own wireless access points and switches and add them.  Inventory management will help you learn if routers get moved from site to site, help with device failure swap outs, and monitor theft/loss prevention.

The NCM inventory reports will list important details which are critical for understanding device failures, such as which card or components are installed, what IOS version, etc... If devices are added frequently then you can schedule nightly network reports, which are customizable. Set it up to report about a group of devices (specific) or exclude certain things like IP Route table on your core routers.


Where these reports really come in handy is with maintenance renewals for your hardware. With Cisco devices, you'll need chassis ID, which can be pulled in any report.  Reports will also help you determine which devices are in commission or out of commission.

When you are tasked with managing routers, switches, firewalls, load balancers, VPN connectors and other network devices that typically have a text or menu based config, consider the three strategies to make the job easier.